1 /* $KAME: rtadvd.c,v 1.50 2001/02/04 06:15:15 itojun Exp $ */
4 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the project nor the names of its contributors
16 * may be used to endorse or promote products derived from this software
17 * without specific prior written permission.
19 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * $FreeBSD: src/usr.sbin/rtadvd/rtadvd.c,v 1.3.2.4 2003/04/05 10:31:58 ume Exp $
34 #include <sys/param.h>
35 #include <sys/socket.h>
38 #include <sys/queue.h>
41 #include <net/route.h>
42 #include <net/if_dl.h>
43 #include <netinet/in.h>
44 #include <netinet/ip6.h>
45 #include <netinet6/ip6_var.h>
46 #include <netinet/icmp6.h>
48 #include <arpa/inet.h>
67 struct msghdr rcvmhdr;
68 static u_char *rcvcmsgbuf;
69 static size_t rcvcmsgbuflen;
70 static u_char *sndcmsgbuf = NULL;
71 static size_t sndcmsgbuflen;
74 struct msghdr sndmhdr;
75 struct iovec rcviov[2];
76 struct iovec sndiov[2];
77 struct sockaddr_in6 from;
78 struct sockaddr_in6 sin6_allnodes = {sizeof(sin6_allnodes), AF_INET6};
79 struct in6_addr in6a_site_allrouters;
80 static char *dumpfilename = "/var/run/rtadvd.dump"; /* XXX: should be configurable */
81 static char *pidfilename = "/var/run/rtadvd.pid"; /* should be configurable */
89 int dflag = 0, sflag = 0;
91 u_char *conffile = NULL;
93 struct rainfo *ralist = NULL;
95 struct nd_optlist *next;
96 struct nd_opt_hdr *opt;
99 struct nd_opt_hdr *nd_opt_array[7];
101 struct nd_opt_hdr *zero;
102 struct nd_opt_hdr *src_lladdr;
103 struct nd_opt_hdr *tgt_lladdr;
104 struct nd_opt_prefix_info *pi;
105 struct nd_opt_rd_hdr *rh;
106 struct nd_opt_mtu *mtu;
107 struct nd_optlist *list;
110 #define nd_opts_src_lladdr nd_opt_each.src_lladdr
111 #define nd_opts_tgt_lladdr nd_opt_each.tgt_lladdr
112 #define nd_opts_pi nd_opt_each.pi
113 #define nd_opts_rh nd_opt_each.rh
114 #define nd_opts_mtu nd_opt_each.mtu
115 #define nd_opts_list nd_opt_each.list
117 #define NDOPT_FLAG_SRCLINKADDR 0x1
118 #define NDOPT_FLAG_TGTLINKADDR 0x2
119 #define NDOPT_FLAG_PREFIXINFO 0x4
120 #define NDOPT_FLAG_RDHDR 0x8
121 #define NDOPT_FLAG_MTU 0x10
123 u_int32_t ndopt_flags[] = {
124 0, NDOPT_FLAG_SRCLINKADDR, NDOPT_FLAG_TGTLINKADDR,
125 NDOPT_FLAG_PREFIXINFO, NDOPT_FLAG_RDHDR, NDOPT_FLAG_MTU
128 int main __P((int, char *[]));
129 static void set_die __P((int));
130 static void die __P((void));
131 static void sock_open __P((void));
132 static void rtsock_open __P((void));
133 static void rtadvd_input __P((void));
134 static void rs_input __P((int, struct nd_router_solicit *,
135 struct in6_pktinfo *, struct sockaddr_in6 *));
136 static void ra_input __P((int, struct nd_router_advert *,
137 struct in6_pktinfo *, struct sockaddr_in6 *));
138 static int prefix_check __P((struct nd_opt_prefix_info *, struct rainfo *,
139 struct sockaddr_in6 *));
140 static int nd6_options __P((struct nd_opt_hdr *, int,
141 union nd_opts *, u_int32_t));
142 static void free_ndopts __P((union nd_opts *));
143 static void ra_output __P((struct rainfo *));
144 static void rtmsg_input __P((void));
145 static void rtadvd_set_dump_file __P((void));
154 struct timeval *timeout;
160 openlog("rtadvd", LOG_NDELAY|LOG_PID, LOG_DAEMON);
162 /* get command line options and arguments */
164 #define OPTIONS "c:dDfM:mRs"
166 #define OPTIONS "c:dDfM:Rs"
168 while ((ch = getopt(argc, argv, OPTIONS)) != -1) {
192 fprintf(stderr, "rtadvd: "
193 "the -R option is currently ignored.\n");
207 "usage: rtadvd [-dDfMmRs] [-c conffile] "
209 "usage: rtadvd [-dDfMRs] [-c conffile] "
217 (void)setlogmask(LOG_UPTO(LOG_ERR));
219 (void)setlogmask(LOG_UPTO(LOG_INFO));
221 /* timer initialization */
224 /* random value initialization */
225 srandom((u_long)time(NULL));
227 /* get iflist block from kernel */
233 if (inet_pton(AF_INET6, ALLNODES, &sin6_allnodes.sin6_addr) != 1) {
234 fprintf(stderr, "fatal: inet_pton failed\n");
242 /* record the current PID */
244 if ((pidfp = fopen(pidfilename, "w")) == NULL) {
246 "<%s> failed to open a log file(%s), run anyway.",
247 __FUNCTION__, pidfilename);
249 fprintf(pidfp, "%d\n", pid);
254 FD_SET(sock, &fdset);
258 FD_SET(rtsock, &fdset);
264 signal(SIGTERM, (void *)set_die);
265 signal(SIGUSR1, (void *)rtadvd_set_dump_file);
268 struct fd_set select_fd = fdset; /* reinitialize */
270 if (do_dump) { /* SIGUSR1 */
272 rtadvd_dump_file(dumpfilename);
280 /* timer expiration check and reset the timer */
281 timeout = rtadvd_check_timer();
283 if (timeout != NULL) {
285 "<%s> set timer to %ld:%ld. waiting for "
286 "inputs or timeout", __FUNCTION__,
287 (long int)timeout->tv_sec,
288 (long int)timeout->tv_usec);
291 "<%s> there's no timer. waiting for inputs",
295 if ((i = select(maxfd + 1, &select_fd,
296 NULL, NULL, timeout)) < 0) {
297 /* EINTR would occur upon SIGUSR1 for status dump */
299 syslog(LOG_ERR, "<%s> select: %s",
300 __FUNCTION__, strerror(errno));
303 if (i == 0) /* timeout */
305 if (rtsock != -1 && FD_ISSET(rtsock, &select_fd))
307 if (FD_ISSET(sock, &select_fd))
310 exit(0); /* NOTREACHED */
314 rtadvd_set_dump_file()
331 const int retrans = MAX_FINAL_RTR_ADVERTISEMENTS;
334 syslog(LOG_DEBUG, "<%s> cease to be an advertising router\n",
338 for (ra = ralist; ra; ra = ra->next) {
342 for (i = 0; i < retrans; i++) {
343 for (ra = ralist; ra; ra = ra->next)
345 sleep(MIN_DELAY_BETWEEN_RAS);
354 int n, type, ifindex = 0, plen;
356 char msg[2048], *next, *lim;
357 u_char ifname[IF_NAMESIZE];
358 struct prefix *prefix;
360 struct in6_addr *addr;
361 char addrbuf[INET6_ADDRSTRLEN];
363 n = read(rtsock, msg, sizeof(msg));
365 syslog(LOG_DEBUG, "<%s> received a routing message "
366 "(type = %d, len = %d)", __FUNCTION__, rtmsg_type(msg), n);
368 if (n > rtmsg_len(msg)) {
370 * This usually won't happen for messages received on
375 "<%s> received data length is larger than "
376 "1st routing message len. multiple messages? "
377 "read %d bytes, but 1st msg len = %d",
378 __FUNCTION__, n, rtmsg_len(msg));
386 for (next = msg; next < lim; next += len) {
389 next = get_next_msg(next, lim, 0, &len,
390 RTADV_TYPE2BITMASK(RTM_ADD) |
391 RTADV_TYPE2BITMASK(RTM_DELETE) |
392 RTADV_TYPE2BITMASK(RTM_NEWADDR) |
393 RTADV_TYPE2BITMASK(RTM_DELADDR) |
394 RTADV_TYPE2BITMASK(RTM_IFINFO));
397 type = rtmsg_type(next);
401 ifindex = get_rtm_ifindex(next);
405 ifindex = get_ifam_ifindex(next);
408 ifindex = get_ifm_ifindex(next);
411 /* should not reach here */
414 "<%s:%d> unknown rtmsg %d on %s",
415 __FUNCTION__, __LINE__, type,
416 if_indextoname(ifindex, ifname));
421 if ((rai = if_indextorainfo(ifindex)) == NULL) {
424 "<%s> route changed on "
425 "non advertising interface(%s)",
427 if_indextoname(ifindex, ifname));
431 oldifflags = iflist[ifindex]->ifm_flags;
435 /* init ifflags because it may have changed */
436 iflist[ifindex]->ifm_flags =
437 if_getflags(ifindex, iflist[ifindex]->ifm_flags);
440 break; /* we aren't interested in prefixes */
442 addr = get_addr(msg);
443 plen = get_prefixlen(msg);
444 /* sanity check for plen */
445 /* as RFC2373, prefixlen is at least 4 */
446 if (plen < 4 || plen > 127) {
447 syslog(LOG_INFO, "<%s> new interface route's"
448 "plen %d is invalid for a prefix",
452 prefix = find_prefix(rai, addr, plen);
456 * If the prefix has been invalidated,
457 * make it available again.
459 update_prefix(prefix);
460 } else if (dflag > 1) {
462 "<%s> new prefix(%s/%d) "
464 "but it was already in list",
466 inet_ntop(AF_INET6, addr,
467 (char *)addrbuf, INET6_ADDRSTRLEN),
472 make_prefix(rai, ifindex, addr, plen);
475 /* init ifflags because it may have changed */
476 iflist[ifindex]->ifm_flags =
477 if_getflags(ifindex, iflist[ifindex]->ifm_flags);
482 addr = get_addr(msg);
483 plen = get_prefixlen(msg);
484 /* sanity check for plen */
485 /* as RFC2373, prefixlen is at least 4 */
486 if (plen < 4 || plen > 127) {
488 "<%s> deleted interface route's "
489 "plen %d is invalid for a prefix",
493 prefix = find_prefix(rai, addr, plen);
494 if (prefix == NULL) {
497 "<%s> prefix(%s/%d) was "
499 "but it was not in list",
501 inet_ntop(AF_INET6, addr,
502 (char *)addrbuf, INET6_ADDRSTRLEN),
507 invalidate_prefix(prefix);
511 /* init ifflags because it may have changed */
512 iflist[ifindex]->ifm_flags =
513 if_getflags(ifindex, iflist[ifindex]->ifm_flags);
516 iflist[ifindex]->ifm_flags = get_ifm_flags(next);
519 /* should not reach here */
522 "<%s:%d> unknown rtmsg %d on %s",
523 __FUNCTION__, __LINE__, type,
524 if_indextoname(ifindex, ifname));
529 /* check if an interface flag is changed */
530 if ((oldifflags & IFF_UP) != 0 && /* UP to DOWN */
531 (iflist[ifindex]->ifm_flags & IFF_UP) == 0) {
533 "<%s> interface %s becomes down. stop timer.",
534 __FUNCTION__, rai->ifname);
535 rtadvd_remove_timer(&rai->timer);
536 } else if ((oldifflags & IFF_UP) == 0 && /* DOWN to UP */
537 (iflist[ifindex]->ifm_flags & IFF_UP) != 0) {
539 "<%s> interface %s becomes up. restart timer.",
540 __FUNCTION__, rai->ifname);
542 rai->initcounter = 0; /* reset the counter */
543 rai->waiting = 0; /* XXX */
544 rai->timer = rtadvd_add_timer(ra_timeout,
545 ra_timer_update, rai, rai);
546 ra_timer_update((void *)rai, &rai->timer->tm);
547 rtadvd_set_timer(&rai->timer->tm, rai->timer);
562 struct icmp6_hdr *icp;
565 struct in6_pktinfo *pi = NULL;
566 u_char ntopbuf[INET6_ADDRSTRLEN], ifnamebuf[IFNAMSIZ];
567 struct in6_addr dst = in6addr_any;
570 * Get message. We reset msg_controllen since the field could
571 * be modified if we had received a message before setting
574 rcvmhdr.msg_controllen = rcvcmsgbuflen;
575 if ((i = recvmsg(sock, &rcvmhdr, 0)) < 0)
578 /* extract optional information via Advanced API */
579 for (cm = (struct cmsghdr *)CMSG_FIRSTHDR(&rcvmhdr);
581 cm = (struct cmsghdr *)CMSG_NXTHDR(&rcvmhdr, cm)) {
582 if (cm->cmsg_level == IPPROTO_IPV6 &&
583 cm->cmsg_type == IPV6_PKTINFO &&
584 cm->cmsg_len == CMSG_LEN(sizeof(struct in6_pktinfo))) {
585 pi = (struct in6_pktinfo *)(CMSG_DATA(cm));
586 ifindex = pi->ipi6_ifindex;
589 if (cm->cmsg_level == IPPROTO_IPV6 &&
590 cm->cmsg_type == IPV6_HOPLIMIT &&
591 cm->cmsg_len == CMSG_LEN(sizeof(int)))
592 hlimp = (int *)CMSG_DATA(cm);
596 "<%s> failed to get receiving interface",
602 "<%s> failed to get receiving hop limit",
608 * If we happen to receive data on an interface which is now down,
609 * just discard the data.
611 if ((iflist[pi->ipi6_ifindex]->ifm_flags & IFF_UP) == 0) {
613 "<%s> received data on a disabled interface (%s)",
615 if_indextoname(pi->ipi6_ifindex, ifnamebuf));
620 if (i < sizeof(struct ip6_hdr) + sizeof(struct icmp6_hdr)) {
622 "<%s> packet size(%d) is too short",
627 ip = (struct ip6_hdr *)rcvmhdr.msg_iov[0].iov_base;
628 icp = (struct icmp6_hdr *)(ip + 1); /* XXX: ext. hdr? */
630 if (i < sizeof(struct icmp6_hdr)) {
632 "<%s> packet size(%d) is too short",
637 icp = (struct icmp6_hdr *)rcvmhdr.msg_iov[0].iov_base;
640 switch (icp->icmp6_type) {
641 case ND_ROUTER_SOLICIT:
643 * Message verification - RFC-2461 6.1.1
644 * XXX: these checks must be done in the kernel as well,
645 * but we can't completely rely on them.
649 "<%s> RS with invalid hop limit(%d) "
650 "received from %s on %s",
651 __FUNCTION__, *hlimp,
652 inet_ntop(AF_INET6, &from.sin6_addr, ntopbuf,
654 if_indextoname(pi->ipi6_ifindex, ifnamebuf));
657 if (icp->icmp6_code) {
659 "<%s> RS with invalid ICMP6 code(%d) "
660 "received from %s on %s",
661 __FUNCTION__, icp->icmp6_code,
662 inet_ntop(AF_INET6, &from.sin6_addr, ntopbuf,
664 if_indextoname(pi->ipi6_ifindex, ifnamebuf));
667 if (i < sizeof(struct nd_router_solicit)) {
669 "<%s> RS from %s on %s does not have enough "
672 inet_ntop(AF_INET6, &from.sin6_addr, ntopbuf,
674 if_indextoname(pi->ipi6_ifindex, ifnamebuf), i);
677 rs_input(i, (struct nd_router_solicit *)icp, pi, &from);
679 case ND_ROUTER_ADVERT:
681 * Message verification - RFC-2461 6.1.2
682 * XXX: there's a same dilemma as above...
686 "<%s> RA with invalid hop limit(%d) "
687 "received from %s on %s",
688 __FUNCTION__, *hlimp,
689 inet_ntop(AF_INET6, &from.sin6_addr, ntopbuf,
691 if_indextoname(pi->ipi6_ifindex, ifnamebuf));
694 if (icp->icmp6_code) {
696 "<%s> RA with invalid ICMP6 code(%d) "
697 "received from %s on %s",
698 __FUNCTION__, icp->icmp6_code,
699 inet_ntop(AF_INET6, &from.sin6_addr, ntopbuf,
701 if_indextoname(pi->ipi6_ifindex, ifnamebuf));
704 if (i < sizeof(struct nd_router_advert)) {
706 "<%s> RA from %s on %s does not have enough "
709 inet_ntop(AF_INET6, &from.sin6_addr, ntopbuf,
711 if_indextoname(pi->ipi6_ifindex, ifnamebuf), i);
714 ra_input(i, (struct nd_router_advert *)icp, pi, &from);
716 case ICMP6_ROUTER_RENUMBERING:
717 if (accept_rr == 0) {
718 syslog(LOG_ERR, "<%s> received a router renumbering "
719 "message, but not allowed to be accepted",
723 rr_input(i, (struct icmp6_router_renum *)icp, pi, &from,
728 * Note that this case is POSSIBLE, especially just
729 * after invocation of the daemon. This is because we
730 * could receive message after opening the socket and
731 * before setting ICMP6 type filter(see sock_open()).
733 syslog(LOG_ERR, "<%s> invalid icmp type(%d)",
734 __FUNCTION__, icp->icmp6_type);
742 rs_input(int len, struct nd_router_solicit *rs,
743 struct in6_pktinfo *pi, struct sockaddr_in6 *from)
745 u_char ntopbuf[INET6_ADDRSTRLEN], ifnamebuf[IFNAMSIZ];
746 union nd_opts ndopts;
750 "<%s> RS received from %s on %s",
752 inet_ntop(AF_INET6, &from->sin6_addr,
753 ntopbuf, INET6_ADDRSTRLEN),
754 if_indextoname(pi->ipi6_ifindex, ifnamebuf));
756 /* ND option check */
757 memset(&ndopts, 0, sizeof(ndopts));
758 if (nd6_options((struct nd_opt_hdr *)(rs + 1),
759 len - sizeof(struct nd_router_solicit),
760 &ndopts, NDOPT_FLAG_SRCLINKADDR)) {
762 "<%s> ND option check failed for an RS from %s on %s",
764 inet_ntop(AF_INET6, &from->sin6_addr,
765 ntopbuf, INET6_ADDRSTRLEN),
766 if_indextoname(pi->ipi6_ifindex, ifnamebuf));
771 * If the IP source address is the unspecified address, there
772 * must be no source link-layer address option in the message.
775 if (IN6_IS_ADDR_UNSPECIFIED(&from->sin6_addr) &&
776 ndopts.nd_opts_src_lladdr) {
778 "<%s> RS from unspecified src on %s has a link-layer"
781 if_indextoname(pi->ipi6_ifindex, ifnamebuf));
787 if (pi->ipi6_ifindex == ra->ifindex)
793 "<%s> RS received on non advertising interface(%s)",
795 if_indextoname(pi->ipi6_ifindex, ifnamebuf));
799 ra->rsinput++; /* increment statistics */
802 * Decide whether to send RA according to the rate-limit
806 long delay; /* must not be greater than 1000000 */
807 struct timeval interval, now, min_delay, tm_tmp, *rest;
808 struct soliciter *sol;
811 * record sockaddr waiting for RA, if possible
813 sol = (struct soliciter *)malloc(sizeof(*sol));
816 /*XXX RFC2553 need clarification on flowinfo */
817 sol->addr.sin6_flowinfo = 0;
818 sol->next = ra->soliciter;
819 ra->soliciter = sol->next;
823 * If there is already a waiting RS packet, don't
830 * Compute a random delay. If the computed value
831 * corresponds to a time later than the time the next
832 * multicast RA is scheduled to be sent, ignore the random
833 * delay and send the advertisement at the
834 * already-scheduled time. RFC-2461 6.2.6
836 delay = random() % MAX_RA_DELAY_TIME;
838 interval.tv_usec = delay;
839 rest = rtadvd_timer_rest(ra->timer);
840 if (TIMEVAL_LT(*rest, interval)) {
842 "<%s> random delay is larger than "
843 "the rest of normal timer",
849 * If we sent a multicast Router Advertisement within
850 * the last MIN_DELAY_BETWEEN_RAS seconds, schedule
851 * the advertisement to be sent at a time corresponding to
852 * MIN_DELAY_BETWEEN_RAS plus the random value after the
853 * previous advertisement was sent.
855 gettimeofday(&now, NULL);
856 TIMEVAL_SUB(&now, &ra->lastsent, &tm_tmp);
857 min_delay.tv_sec = MIN_DELAY_BETWEEN_RAS;
858 min_delay.tv_usec = 0;
859 if (TIMEVAL_LT(tm_tmp, min_delay)) {
860 TIMEVAL_SUB(&min_delay, &tm_tmp, &min_delay);
861 TIMEVAL_ADD(&min_delay, &interval, &interval);
863 rtadvd_set_timer(&interval, ra->timer);
868 free_ndopts(&ndopts);
873 ra_input(int len, struct nd_router_advert *ra,
874 struct in6_pktinfo *pi, struct sockaddr_in6 *from)
877 u_char ntopbuf[INET6_ADDRSTRLEN], ifnamebuf[IFNAMSIZ];
878 union nd_opts ndopts;
879 char *on_off[] = {"OFF", "ON"};
880 u_int32_t reachabletime, retranstimer, mtu;
881 int inconsistent = 0;
884 "<%s> RA received from %s on %s",
886 inet_ntop(AF_INET6, &from->sin6_addr,
887 ntopbuf, INET6_ADDRSTRLEN),
888 if_indextoname(pi->ipi6_ifindex, ifnamebuf));
890 /* ND option check */
891 memset(&ndopts, 0, sizeof(ndopts));
892 if (nd6_options((struct nd_opt_hdr *)(ra + 1),
893 len - sizeof(struct nd_router_advert),
894 &ndopts, NDOPT_FLAG_SRCLINKADDR |
895 NDOPT_FLAG_PREFIXINFO | NDOPT_FLAG_MTU)) {
897 "<%s> ND option check failed for an RA from %s on %s",
899 inet_ntop(AF_INET6, &from->sin6_addr,
900 ntopbuf, INET6_ADDRSTRLEN),
901 if_indextoname(pi->ipi6_ifindex, ifnamebuf));
906 * RA consistency check according to RFC-2461 6.2.7
908 if ((rai = if_indextorainfo(pi->ipi6_ifindex)) == 0) {
910 "<%s> received RA from %s on non-advertising"
913 inet_ntop(AF_INET6, &from->sin6_addr,
914 ntopbuf, INET6_ADDRSTRLEN),
915 if_indextoname(pi->ipi6_ifindex, ifnamebuf));
918 rai->rainput++; /* increment statistics */
920 /* Cur Hop Limit value */
921 if (ra->nd_ra_curhoplimit && rai->hoplimit &&
922 ra->nd_ra_curhoplimit != rai->hoplimit) {
924 "<%s> CurHopLimit inconsistent on %s:"
925 " %d from %s, %d from us",
928 ra->nd_ra_curhoplimit,
929 inet_ntop(AF_INET6, &from->sin6_addr,
930 ntopbuf, INET6_ADDRSTRLEN),
935 if ((ra->nd_ra_flags_reserved & ND_RA_FLAG_MANAGED) !=
938 "<%s> M flag inconsistent on %s:"
939 " %s from %s, %s from us",
942 on_off[!rai->managedflg],
943 inet_ntop(AF_INET6, &from->sin6_addr,
944 ntopbuf, INET6_ADDRSTRLEN),
945 on_off[rai->managedflg]);
949 if ((ra->nd_ra_flags_reserved & ND_RA_FLAG_OTHER) !=
952 "<%s> O flag inconsistent on %s:"
953 " %s from %s, %s from us",
956 on_off[!rai->otherflg],
957 inet_ntop(AF_INET6, &from->sin6_addr,
958 ntopbuf, INET6_ADDRSTRLEN),
959 on_off[rai->otherflg]);
963 reachabletime = ntohl(ra->nd_ra_reachable);
964 if (reachabletime && rai->reachabletime &&
965 reachabletime != rai->reachabletime) {
967 "<%s> ReachableTime inconsistent on %s:"
968 " %d from %s, %d from us",
972 inet_ntop(AF_INET6, &from->sin6_addr,
973 ntopbuf, INET6_ADDRSTRLEN),
978 retranstimer = ntohl(ra->nd_ra_retransmit);
979 if (retranstimer && rai->retranstimer &&
980 retranstimer != rai->retranstimer) {
982 "<%s> RetranceTimer inconsistent on %s:"
983 " %d from %s, %d from us",
987 inet_ntop(AF_INET6, &from->sin6_addr,
988 ntopbuf, INET6_ADDRSTRLEN),
992 /* Values in the MTU options */
993 if (ndopts.nd_opts_mtu) {
994 mtu = ntohl(ndopts.nd_opts_mtu->nd_opt_mtu_mtu);
995 if (mtu && rai->linkmtu && mtu != rai->linkmtu) {
997 "<%s> MTU option value inconsistent on %s:"
998 " %d from %s, %d from us",
1001 inet_ntop(AF_INET6, &from->sin6_addr,
1002 ntopbuf, INET6_ADDRSTRLEN),
1007 /* Preferred and Valid Lifetimes for prefixes */
1009 struct nd_optlist *optp = ndopts.nd_opts_list;
1011 if (ndopts.nd_opts_pi) {
1012 if (prefix_check(ndopts.nd_opts_pi, rai, from))
1016 if (prefix_check((struct nd_opt_prefix_info *)optp->opt,
1024 rai->rainconsistent++;
1027 free_ndopts(&ndopts);
1031 /* return a non-zero value if the received prefix is inconsitent with ours */
1033 prefix_check(struct nd_opt_prefix_info *pinfo,
1034 struct rainfo *rai, struct sockaddr_in6 *from)
1036 u_int32_t preferred_time, valid_time;
1038 int inconsistent = 0;
1039 u_char ntopbuf[INET6_ADDRSTRLEN], prefixbuf[INET6_ADDRSTRLEN];
1042 #if 0 /* impossible */
1043 if (pinfo->nd_opt_pi_type != ND_OPT_PREFIX_INFORMATION)
1048 * log if the adveritsed prefix has link-local scope(sanity check?)
1050 if (IN6_IS_ADDR_LINKLOCAL(&pinfo->nd_opt_pi_prefix)) {
1052 "<%s> link-local prefix %s/%d is advertised "
1055 inet_ntop(AF_INET6, &pinfo->nd_opt_pi_prefix,
1056 prefixbuf, INET6_ADDRSTRLEN),
1057 pinfo->nd_opt_pi_prefix_len,
1058 inet_ntop(AF_INET6, &from->sin6_addr,
1059 ntopbuf, INET6_ADDRSTRLEN),
1063 if ((pp = find_prefix(rai, &pinfo->nd_opt_pi_prefix,
1064 pinfo->nd_opt_pi_prefix_len)) == NULL) {
1066 "<%s> prefix %s/%d from %s on %s is not in our list",
1068 inet_ntop(AF_INET6, &pinfo->nd_opt_pi_prefix,
1069 prefixbuf, INET6_ADDRSTRLEN),
1070 pinfo->nd_opt_pi_prefix_len,
1071 inet_ntop(AF_INET6, &from->sin6_addr,
1072 ntopbuf, INET6_ADDRSTRLEN),
1077 preferred_time = ntohl(pinfo->nd_opt_pi_preferred_time);
1078 if (pp->pltimeexpire) {
1080 * The lifetime is decremented in real time, so we should
1081 * compare the expiration time.
1082 * (RFC 2461 Section 6.2.7.)
1083 * XXX: can we really expect that all routers on the link
1084 * have synchronized clocks?
1086 gettimeofday(&now, NULL);
1087 preferred_time += now.tv_sec;
1089 if (rai->clockskew &&
1090 abs(preferred_time - pp->pltimeexpire) > rai->clockskew) {
1092 "<%s> prefeerred lifetime for %s/%d"
1093 " (decr. in real time) inconsistent on %s:"
1094 " %d from %s, %ld from us",
1096 inet_ntop(AF_INET6, &pinfo->nd_opt_pi_prefix,
1097 prefixbuf, INET6_ADDRSTRLEN),
1098 pinfo->nd_opt_pi_prefix_len,
1099 rai->ifname, preferred_time,
1100 inet_ntop(AF_INET6, &from->sin6_addr,
1101 ntopbuf, INET6_ADDRSTRLEN),
1105 } else if (preferred_time != pp->preflifetime) {
1107 "<%s> prefeerred lifetime for %s/%d"
1108 " inconsistent on %s:"
1109 " %d from %s, %d from us",
1111 inet_ntop(AF_INET6, &pinfo->nd_opt_pi_prefix,
1112 prefixbuf, INET6_ADDRSTRLEN),
1113 pinfo->nd_opt_pi_prefix_len,
1114 rai->ifname, preferred_time,
1115 inet_ntop(AF_INET6, &from->sin6_addr,
1116 ntopbuf, INET6_ADDRSTRLEN),
1120 valid_time = ntohl(pinfo->nd_opt_pi_valid_time);
1121 if (pp->vltimeexpire) {
1122 gettimeofday(&now, NULL);
1123 valid_time += now.tv_sec;
1125 if (rai->clockskew &&
1126 abs(valid_time - pp->vltimeexpire) > rai->clockskew) {
1128 "<%s> valid lifetime for %s/%d"
1129 " (decr. in real time) inconsistent on %s:"
1130 " %d from %s, %ld from us",
1132 inet_ntop(AF_INET6, &pinfo->nd_opt_pi_prefix,
1133 prefixbuf, INET6_ADDRSTRLEN),
1134 pinfo->nd_opt_pi_prefix_len,
1135 rai->ifname, preferred_time,
1136 inet_ntop(AF_INET6, &from->sin6_addr,
1137 ntopbuf, INET6_ADDRSTRLEN),
1141 } else if (valid_time != pp->validlifetime) {
1143 "<%s> valid lifetime for %s/%d"
1144 " inconsistent on %s:"
1145 " %d from %s, %d from us",
1147 inet_ntop(AF_INET6, &pinfo->nd_opt_pi_prefix,
1148 prefixbuf, INET6_ADDRSTRLEN),
1149 pinfo->nd_opt_pi_prefix_len,
1150 rai->ifname, valid_time,
1151 inet_ntop(AF_INET6, &from->sin6_addr,
1152 ntopbuf, INET6_ADDRSTRLEN),
1157 return(inconsistent);
1161 find_prefix(struct rainfo *rai, struct in6_addr *prefix, int plen)
1164 int bytelen, bitlen;
1166 for (pp = rai->prefix.next; pp != &rai->prefix; pp = pp->next) {
1167 if (plen != pp->prefixlen)
1171 if (memcmp((void *)prefix, (void *)&pp->prefix, bytelen))
1173 if (prefix->s6_addr[bytelen] >> (8 - bitlen) ==
1174 pp->prefix.s6_addr[bytelen] >> (8 - bitlen))
1181 /* check if p0/plen0 matches p1/plen1; return 1 if matches, otherwise 0. */
1183 prefix_match(struct in6_addr *p0, int plen0,
1184 struct in6_addr *p1, int plen1)
1186 int bytelen, bitlen;
1190 bytelen = plen1 / 8;
1192 if (memcmp((void *)p0, (void *)p1, bytelen))
1194 if (p0->s6_addr[bytelen] >> (8 - bitlen) ==
1195 p1->s6_addr[bytelen] >> (8 - bitlen))
1202 nd6_options(struct nd_opt_hdr *hdr, int limit,
1203 union nd_opts *ndopts, u_int32_t optflags)
1207 for (; limit > 0; limit -= optlen) {
1208 if (limit < sizeof(struct nd_opt_hdr)) {
1209 syslog(LOG_INFO, "<%s> short option header", __FUNCTION__);
1213 hdr = (struct nd_opt_hdr *)((caddr_t)hdr + optlen);
1214 if (hdr->nd_opt_len == 0) {
1216 "<%s> bad ND option length(0) (type = %d)",
1217 __FUNCTION__, hdr->nd_opt_type);
1220 optlen = hdr->nd_opt_len << 3;
1221 if (optlen > limit) {
1222 syslog(LOG_INFO, "<%s> short option", __FUNCTION__);
1226 if (hdr->nd_opt_type > ND_OPT_MTU) {
1228 "<%s> unknown ND option(type %d)",
1229 __FUNCTION__, hdr->nd_opt_type);
1233 if ((ndopt_flags[hdr->nd_opt_type] & optflags) == 0) {
1235 "<%s> unexpected ND option(type %d)",
1236 __FUNCTION__, hdr->nd_opt_type);
1241 * Option length check. Do it here for all fixed-length
1244 if ((hdr->nd_opt_type == ND_OPT_MTU &&
1245 (optlen != sizeof(struct nd_opt_mtu))) ||
1246 ((hdr->nd_opt_type == ND_OPT_PREFIX_INFORMATION &&
1247 optlen != sizeof(struct nd_opt_prefix_info)))) {
1248 syslog(LOG_INFO, "<%s> invalid option length",
1253 switch (hdr->nd_opt_type) {
1254 case ND_OPT_SOURCE_LINKADDR:
1255 case ND_OPT_TARGET_LINKADDR:
1256 case ND_OPT_REDIRECTED_HEADER:
1257 break; /* we don't care about these options */
1259 if (ndopts->nd_opt_array[hdr->nd_opt_type]) {
1261 "<%s> duplicated ND option (type = %d)",
1262 __FUNCTION__, hdr->nd_opt_type);
1264 ndopts->nd_opt_array[hdr->nd_opt_type] = hdr;
1266 case ND_OPT_PREFIX_INFORMATION:
1268 struct nd_optlist *pfxlist;
1270 if (ndopts->nd_opts_pi == 0) {
1271 ndopts->nd_opts_pi =
1272 (struct nd_opt_prefix_info *)hdr;
1275 if ((pfxlist = malloc(sizeof(*pfxlist))) == NULL) {
1276 syslog(LOG_ERR, "<%s> can't allocate memory",
1280 pfxlist->next = ndopts->nd_opts_list;
1282 ndopts->nd_opts_list = pfxlist;
1286 default: /* impossible */
1294 free_ndopts(ndopts);
1300 free_ndopts(union nd_opts *ndopts)
1302 struct nd_optlist *opt = ndopts->nd_opts_list, *next;
1314 struct icmp6_filter filt;
1315 struct ipv6_mreq mreq;
1316 struct rainfo *ra = ralist;
1318 /* XXX: should be max MTU attached to the node */
1319 static u_char answer[1500];
1321 rcvcmsgbuflen = CMSG_SPACE(sizeof(struct in6_pktinfo)) +
1322 CMSG_SPACE(sizeof(int));
1323 rcvcmsgbuf = (u_char *)malloc(rcvcmsgbuflen);
1324 if (rcvcmsgbuf == NULL) {
1325 syslog(LOG_ERR, "<%s> not enough core", __FUNCTION__);
1329 sndcmsgbuflen = CMSG_SPACE(sizeof(struct in6_pktinfo)) +
1330 CMSG_SPACE(sizeof(int));
1331 sndcmsgbuf = (u_char *)malloc(sndcmsgbuflen);
1332 if (sndcmsgbuf == NULL) {
1333 syslog(LOG_ERR, "<%s> not enough core", __FUNCTION__);
1337 if ((sock = socket(AF_INET6, SOCK_RAW, IPPROTO_ICMPV6)) < 0) {
1338 syslog(LOG_ERR, "<%s> socket: %s", __FUNCTION__,
1343 /* specify to tell receiving interface */
1345 #ifdef IPV6_RECVPKTINFO
1346 if (setsockopt(sock, IPPROTO_IPV6, IPV6_RECVPKTINFO, &on,
1348 syslog(LOG_ERR, "<%s> IPV6_RECVPKTINFO: %s",
1349 __FUNCTION__, strerror(errno));
1352 #else /* old adv. API */
1353 if (setsockopt(sock, IPPROTO_IPV6, IPV6_PKTINFO, &on,
1355 syslog(LOG_ERR, "<%s> IPV6_PKTINFO: %s",
1356 __FUNCTION__, strerror(errno));
1362 /* specify to tell value of hoplimit field of received IP6 hdr */
1363 #ifdef IPV6_RECVHOPLIMIT
1364 if (setsockopt(sock, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &on,
1366 syslog(LOG_ERR, "<%s> IPV6_RECVHOPLIMIT: %s",
1367 __FUNCTION__, strerror(errno));
1370 #else /* old adv. API */
1371 if (setsockopt(sock, IPPROTO_IPV6, IPV6_HOPLIMIT, &on,
1373 syslog(LOG_ERR, "<%s> IPV6_HOPLIMIT: %s",
1374 __FUNCTION__, strerror(errno));
1379 ICMP6_FILTER_SETBLOCKALL(&filt);
1380 ICMP6_FILTER_SETPASS(ND_ROUTER_SOLICIT, &filt);
1381 ICMP6_FILTER_SETPASS(ND_ROUTER_ADVERT, &filt);
1383 ICMP6_FILTER_SETPASS(ICMP6_ROUTER_RENUMBERING, &filt);
1384 if (setsockopt(sock, IPPROTO_ICMPV6, ICMP6_FILTER, &filt,
1385 sizeof(filt)) < 0) {
1386 syslog(LOG_ERR, "<%s> IICMP6_FILTER: %s",
1387 __FUNCTION__, strerror(errno));
1392 * join all routers multicast address on each advertising interface.
1394 if (inet_pton(AF_INET6, ALLROUTERS_LINK,
1395 &mreq.ipv6mr_multiaddr.s6_addr)
1397 syslog(LOG_ERR, "<%s> inet_pton failed(library bug?)",
1402 mreq.ipv6mr_interface = ra->ifindex;
1403 if (setsockopt(sock, IPPROTO_IPV6, IPV6_JOIN_GROUP, &mreq,
1404 sizeof(mreq)) < 0) {
1405 syslog(LOG_ERR, "<%s> IPV6_JOIN_GROUP(link) on %s: %s",
1406 __FUNCTION__, ra->ifname, strerror(errno));
1413 * When attending router renumbering, join all-routers site-local
1417 if (inet_pton(AF_INET6, ALLROUTERS_SITE,
1418 &in6a_site_allrouters) != 1) {
1419 syslog(LOG_ERR, "<%s> inet_pton failed(library bug?)",
1423 mreq.ipv6mr_multiaddr = in6a_site_allrouters;
1425 if ((mreq.ipv6mr_interface = if_nametoindex(mcastif))
1428 "<%s> invalid interface: %s",
1429 __FUNCTION__, mcastif);
1433 mreq.ipv6mr_interface = ralist->ifindex;
1434 if (setsockopt(sock, IPPROTO_IPV6, IPV6_JOIN_GROUP,
1435 &mreq, sizeof(mreq)) < 0) {
1437 "<%s> IPV6_JOIN_GROUP(site) on %s: %s",
1439 mcastif ? mcastif : ralist->ifname,
1445 /* initialize msghdr for receiving packets */
1446 rcviov[0].iov_base = (caddr_t)answer;
1447 rcviov[0].iov_len = sizeof(answer);
1448 rcvmhdr.msg_name = (caddr_t)&from;
1449 rcvmhdr.msg_namelen = sizeof(from);
1450 rcvmhdr.msg_iov = rcviov;
1451 rcvmhdr.msg_iovlen = 1;
1452 rcvmhdr.msg_control = (caddr_t) rcvcmsgbuf;
1453 rcvmhdr.msg_controllen = rcvcmsgbuflen;
1455 /* initialize msghdr for sending packets */
1456 sndmhdr.msg_namelen = sizeof(struct sockaddr_in6);
1457 sndmhdr.msg_iov = sndiov;
1458 sndmhdr.msg_iovlen = 1;
1459 sndmhdr.msg_control = (caddr_t)sndcmsgbuf;
1460 sndmhdr.msg_controllen = sndcmsgbuflen;
1465 /* open a routing socket to watch the routing table */
1469 if ((rtsock = socket(PF_ROUTE, SOCK_RAW, 0)) < 0) {
1471 "<%s> socket: %s", __FUNCTION__, strerror(errno));
1477 if_indextorainfo(int index)
1479 struct rainfo *rai = ralist;
1481 for (rai = ralist; rai; rai = rai->next) {
1482 if (rai->ifindex == index)
1486 return(NULL); /* search failed */
1491 struct rainfo *rainfo;
1495 struct in6_pktinfo *pi;
1496 struct soliciter *sol, *nextsol;
1498 if ((iflist[rainfo->ifindex]->ifm_flags & IFF_UP) == 0) {
1499 syslog(LOG_DEBUG, "<%s> %s is not up, skip sending RA",
1500 __FUNCTION__, rainfo->ifname);
1504 make_packet(rainfo); /* XXX: inefficient */
1506 sndmhdr.msg_name = (caddr_t)&sin6_allnodes;
1507 sndmhdr.msg_iov[0].iov_base = (caddr_t)rainfo->ra_data;
1508 sndmhdr.msg_iov[0].iov_len = rainfo->ra_datalen;
1510 cm = CMSG_FIRSTHDR(&sndmhdr);
1511 /* specify the outgoing interface */
1512 cm->cmsg_level = IPPROTO_IPV6;
1513 cm->cmsg_type = IPV6_PKTINFO;
1514 cm->cmsg_len = CMSG_LEN(sizeof(struct in6_pktinfo));
1515 pi = (struct in6_pktinfo *)CMSG_DATA(cm);
1516 memset(&pi->ipi6_addr, 0, sizeof(pi->ipi6_addr)); /*XXX*/
1517 pi->ipi6_ifindex = rainfo->ifindex;
1519 /* specify the hop limit of the packet */
1523 cm = CMSG_NXTHDR(&sndmhdr, cm);
1524 cm->cmsg_level = IPPROTO_IPV6;
1525 cm->cmsg_type = IPV6_HOPLIMIT;
1526 cm->cmsg_len = CMSG_LEN(sizeof(int));
1527 memcpy(CMSG_DATA(cm), &hoplimit, sizeof(int));
1531 "<%s> send RA on %s, # of waitings = %d",
1532 __FUNCTION__, rainfo->ifname, rainfo->waiting);
1534 i = sendmsg(sock, &sndmhdr, 0);
1536 if (i < 0 || i != rainfo->ra_datalen) {
1538 syslog(LOG_ERR, "<%s> sendmsg on %s: %s",
1539 __FUNCTION__, rainfo->ifname,
1545 * unicast advertisements
1546 * XXX commented out. reason: though spec does not forbit it, unicast
1547 * advert does not really help
1549 for (sol = rainfo->soliciter; sol; sol = nextsol) {
1550 nextsol = sol->next;
1553 sndmhdr.msg_name = (caddr_t)&sol->addr;
1554 i = sendmsg(sock, &sndmhdr, 0);
1555 if (i < 0 || i != rainfo->ra_datalen) {
1558 "<%s> unicast sendmsg on %s: %s",
1559 __FUNCTION__, rainfo->ifname,
1568 rainfo->soliciter = NULL;
1570 /* update counter */
1571 if (rainfo->initcounter < MAX_INITIAL_RTR_ADVERTISEMENTS)
1572 rainfo->initcounter++;
1575 /* update timestamp */
1576 gettimeofday(&rainfo->lastsent, NULL);
1578 /* reset waiting conter */
1579 rainfo->waiting = 0;
1582 /* process RA timer */
1583 struct rtadvd_timer *
1584 ra_timeout(void *data)
1586 struct rainfo *rai = (struct rainfo *)data;
1589 /* if necessary, reconstruct the packet. */
1593 "<%s> RA timer on %s is expired",
1594 __FUNCTION__, rai->ifname);
1601 /* update RA timer */
1603 ra_timer_update(void *data, struct timeval *tm)
1605 struct rainfo *rai = (struct rainfo *)data;
1609 * Whenever a multicast advertisement is sent from an interface,
1610 * the timer is reset to a uniformly-distributed random value
1611 * between the interface's configured MinRtrAdvInterval and
1612 * MaxRtrAdvInterval (RFC2461 6.2.4).
1614 interval = rai->mininterval;
1615 interval += random() % (rai->maxinterval - rai->mininterval);
1618 * For the first few advertisements (up to
1619 * MAX_INITIAL_RTR_ADVERTISEMENTS), if the randomly chosen interval
1620 * is greater than MAX_INITIAL_RTR_ADVERT_INTERVAL, the timer
1621 * SHOULD be set to MAX_INITIAL_RTR_ADVERT_INTERVAL instead.
1624 if (rai->initcounter < MAX_INITIAL_RTR_ADVERTISEMENTS &&
1625 interval > MAX_INITIAL_RTR_ADVERT_INTERVAL)
1626 interval = MAX_INITIAL_RTR_ADVERT_INTERVAL;
1628 tm->tv_sec = interval;
1632 "<%s> RA timer on %s is set to %ld:%ld",
1633 __FUNCTION__, rai->ifname,
1634 (long int)tm->tv_sec, (long int)tm->tv_usec);
projects / dragonfly.git / blob