diff options
| author | Hans Dedecker <dedeckeh@gmail.com> | 2021-01-09 21:18:45 +0100 |
|---|---|---|
| committer | Hans Dedecker <dedeckeh@gmail.com> | 2021-01-20 20:58:23 +0100 |
| commit | 753c351bc729967a691d99e27693be5aec334028 (patch) | |
| tree | 0dac76f1f5862d28ed2be02845ac611cdca19591 | |
| parent | 5e02f94411b06f192fb2a7d9be9abde3549153a8 (diff) | |
| download | netifd-openwrt-19.07.tar.gz | |
interface-ip: add unreachable route if address is offlinkopenwrt-19.07
In order to avoid a routing loop add an unreachable route for the
address prefix is the offlink flag is set for an address.
This fixes a routing loop which is currently present on point-to-point
links (e.g PPP) when the wan interface is assigned a globally unique
prefix (e.g. 2001:db8:1:0::/64) from which an IPv6 address is picked
and installed on the wan interface
(e.g. 2001:db8:1:0:5054:ff:feab:d87c/64)
The prefix route 2001:db8:1::/64 would be present in the routing table
which will route any packet with as destination 2001:db8:1::/64 to the wan
interface and would be routed back by the upstream router due to the
wan interface due to the assigned global unique prefix.
Besides not installing the prefix route 2001:db8:1::/64 on point-to-point links
adding an unreachable route is required to avoid the routing loop.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit c00c8335d6188daa326ecfe5a62da15a9b9987e1)
| -rw-r--r-- | interface-ip.c | 69 |
1 files changed, 69 insertions, 0 deletions
diff --git a/interface-ip.c b/interface-ip.c index c159e09..51dd050 100644 --- a/interface-ip.c +++ b/interface-ip.c @@ -680,6 +680,22 @@ interface_update_proto_addr(struct vlist_tree *tree, if (!(a_old->flags & DEVADDR_EXTERNAL)) { interface_handle_subnet_route(iface, a_old, false); system_del_address(dev, a_old); + + if ((a_old->flags & DEVADDR_OFFLINK) && (a_old->mask < (v6 ? 128 : 32))) { + struct device_route route; + + memset(&route, 0, sizeof(route)); + route.flags = v6 ? DEVADDR_INET6 : DEVADDR_INET4; + route.metric = INT32_MAX; + route.mask = a_old->mask; + route.addr = a_old->addr; + + clear_if_addr(&route.addr, route.mask); + + /* Delete null-route */ + system_del_route(NULL, &route); + } + } } free(a_old->pclass); @@ -704,6 +720,26 @@ interface_update_proto_addr(struct vlist_tree *tree, } if (!keep) { + if (!(a_new->flags & DEVADDR_EXTERNAL) && + (a_new->flags & DEVADDR_OFFLINK) && + (a_new->mask < (v6 ? 128 : 32))) { + struct device_route route; + + memset(&route, 0, sizeof(route)); + route.flags = v6 ? DEVADDR_INET6 : DEVADDR_INET4; + route.metric = INT32_MAX; + route.mask = a_new->mask; + route.addr = a_new->addr; + + clear_if_addr(&route.addr, route.mask); + + /* + * In case off link is specifed as address property + * add null-route to avoid routing loops + */ + system_add_route(NULL, &route); + } + if (a_new->policy_table) interface_add_addr_rules(a_new, true); } @@ -1554,12 +1590,45 @@ void interface_ip_set_enabled(struct interface_ip_settings *ip, bool enabled) if (iface->metric || addr->policy_table) interface_handle_subnet_route(iface, addr, true); + if ((addr->flags & DEVADDR_OFFLINK) && (addr->mask < (v6 ? 128 : 32))) { + struct device_route route; + + memset(&route, 0, sizeof(route)); + route.flags = v6 ? DEVADDR_INET6 : DEVADDR_INET4; + route.metric = INT32_MAX; + route.mask = addr->mask; + route.addr = addr->addr; + + clear_if_addr(&route.addr, route.mask); + + /* + * In case off link is specifed as address property + * add null-route to avoid routing loops + */ + system_add_route(NULL, &route); + } + if (addr->policy_table) interface_add_addr_rules(addr, true); } else { interface_handle_subnet_route(iface, addr, false); system_del_address(dev, addr); + if ((addr->flags & DEVADDR_OFFLINK) && (addr->mask < (v6 ? 128 : 32))) { + struct device_route route; + + memset(&route, 0, sizeof(route)); + route.flags = v6 ? DEVADDR_INET6 : DEVADDR_INET4; + route.metric = INT32_MAX; + route.mask = addr->mask; + route.addr = addr->addr; + + clear_if_addr(&route.addr, route.mask); + + /* Delete null-route */ + system_del_route(NULL, &route); + } + if (addr->policy_table) interface_add_addr_rules(addr, false); } |