1 /* $NetBSD: nd6.c,v 1.51 2001/07/25 06:59:52 itojun Exp $ */ 2 /* $KAME: nd6.c,v 1.151 2001/06/19 14:24:41 sumikawa Exp $ */ 3 4 /* 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 /* 34 * XXX 35 * KAME 970409 note: 36 * BSD/OS version heavily modifies this code, related to llinfo. 37 * Since we don't have BSD/OS version of net/route.c in our hand, 38 * I left the code mostly as it was in 970310. -- itojun 39 */ 40 41 #include <sys/param.h> 42 #include <sys/systm.h> 43 #include <sys/callout.h> 44 #include <sys/malloc.h> 45 #include <sys/mbuf.h> 46 #include <sys/socket.h> 47 #include <sys/sockio.h> 48 #include <sys/time.h> 49 #include <sys/kernel.h> 50 #include <sys/protosw.h> 51 #include <sys/errno.h> 52 #include <sys/ioctl.h> 53 #include <sys/syslog.h> 54 #include <sys/queue.h> 55 56 #include <net/if.h> 57 #include <net/if_dl.h> 58 #include <net/if_types.h> 59 #include <net/if_atm.h> 60 #include <net/if_ieee1394.h> 61 #include <net/route.h> 62 63 #include <netinet/in.h> 64 #include <net/if_ether.h> 65 #include <netinet/if_inarp.h> 66 #include <net/if_fddi.h> 67 #include <netinet6/in6_var.h> 68 #include <netinet/ip6.h> 69 #include <netinet6/ip6_var.h> 70 #include <netinet6/nd6.h> 71 #include <netinet6/in6_prefix.h> 72 #include <netinet/icmp6.h> 73 74 #include "loop.h" 75 extern struct ifnet loif[NLOOP]; 76 77 #include <net/net_osdep.h> 78 79 #define ND6_SLOWTIMER_INTERVAL (60 * 60) /* 1 hour */ 80 #define ND6_RECALC_REACHTM_INTERVAL (60 * 120) /* 2 hours */ 81 82 #define SIN6(s) ((struct sockaddr_in6 *)s) 83 #define SDL(s) ((struct sockaddr_dl *)s) 84 85 /* timer values */ 86 int nd6_prune = 1; /* walk list every 1 seconds */ 87 int nd6_delay = 5; /* delay first probe time 5 second */ 88 int nd6_umaxtries = 3; /* maximum unicast query */ 89 int nd6_mmaxtries = 3; /* maximum multicast query */ 90 int nd6_useloopback = 1; /* use loopback interface for local traffic */ 91 int nd6_gctimer = (60 * 60 * 24); /* 1 day: garbage collection timer */ 92 93 /* preventing too many loops in ND option parsing */ 94 int nd6_maxndopt = 10; /* max # of ND options allowed */ 95 96 int nd6_maxnudhint = 0; /* max # of subsequent upper layer hints */ 97 98 #ifdef ND6_DEBUG 99 int nd6_debug = 1; 100 #else 101 int nd6_debug = 0; 102 #endif 103 104 /* for debugging? */ 105 static int nd6_inuse, nd6_allocated; 106 107 struct llinfo_nd6 llinfo_nd6 = {&llinfo_nd6, &llinfo_nd6}; 108 static size_t nd_ifinfo_indexlim = 8; 109 struct nd_ifinfo *nd_ifinfo = NULL; 110 struct nd_drhead nd_defrouter; 111 struct nd_prhead nd_prefix = { 0 }; 112 113 int nd6_recalc_reachtm_interval = ND6_RECALC_REACHTM_INTERVAL; 114 static struct sockaddr_in6 all1_sa; 115 116 static void nd6_slowtimo __P((void *)); 117 118 struct callout nd6_slowtimo_ch; 119 struct callout nd6_timer_ch; 120 121 void 122 nd6_init() 123 { 124 static int nd6_init_done = 0; 125 int i; 126 127 if (nd6_init_done) { 128 log(LOG_NOTICE, "nd6_init called more than once(ignored)\n"); 129 return; 130 } 131 132 all1_sa.sin6_family = AF_INET6; 133 all1_sa.sin6_len = sizeof(struct sockaddr_in6); 134 for (i = 0; i < sizeof(all1_sa.sin6_addr); i++) 135 all1_sa.sin6_addr.s6_addr[i] = 0xff; 136 137 /* initialization of the default router list */ 138 TAILQ_INIT(&nd_defrouter); 139 140 nd6_init_done = 1; 141 142 /* start timer */ 143 callout_reset(&nd6_slowtimo_ch, ND6_SLOWTIMER_INTERVAL * hz, 144 nd6_slowtimo, NULL); 145 } 146 147 void 148 nd6_ifattach(ifp) 149 struct ifnet *ifp; 150 { 151 152 /* 153 * We have some arrays that should be indexed by if_index. 154 * since if_index will grow dynamically, they should grow too. 155 */ 156 if (nd_ifinfo == NULL || if_index >= nd_ifinfo_indexlim) { 157 size_t n; 158 caddr_t q; 159 160 while (if_index >= nd_ifinfo_indexlim) 161 nd_ifinfo_indexlim <<= 1; 162 163 /* grow nd_ifinfo */ 164 n = nd_ifinfo_indexlim * sizeof(struct nd_ifinfo); 165 q = (caddr_t)malloc(n, M_IP6NDP, M_WAITOK); 166 bzero(q, n); 167 if (nd_ifinfo) { 168 bcopy((caddr_t)nd_ifinfo, q, n/2); 169 free((caddr_t)nd_ifinfo, M_IP6NDP); 170 } 171 nd_ifinfo = (struct nd_ifinfo *)q; 172 } 173 174 #define ND nd_ifinfo[ifp->if_index] 175 176 /* 177 * Don't initialize if called twice. 178 * XXX: to detect this, we should choose a member that is never set 179 * before initialization of the ND structure itself. We formaly used 180 * the linkmtu member, which was not suitable because it could be 181 * initialized via "ifconfig mtu". 182 */ 183 if (ND.basereachable) 184 return; 185 186 #ifdef DIAGNOSTIC 187 if (!ifindex2ifnet[ifp->if_index]) 188 panic("nd6_ifattach: ifindex2ifnet is NULL"); 189 #endif 190 ND.linkmtu = ifindex2ifnet[ifp->if_index]->if_mtu; 191 ND.chlim = IPV6_DEFHLIM; 192 ND.basereachable = REACHABLE_TIME; 193 ND.reachable = ND_COMPUTE_RTIME(ND.basereachable); 194 ND.retrans = RETRANS_TIMER; 195 ND.receivedra = 0; 196 ND.flags = ND6_IFF_PERFORMNUD; 197 nd6_setmtu(ifp); 198 #undef ND 199 } 200 201 /* 202 * Reset ND level link MTU. This function is called when the physical MTU 203 * changes, which means we might have to adjust the ND level MTU. 204 */ 205 void 206 nd6_setmtu(ifp) 207 struct ifnet *ifp; 208 { 209 struct nd_ifinfo *ndi = &nd_ifinfo[ifp->if_index]; 210 u_long oldmaxmtu = ndi->maxmtu; 211 u_long oldlinkmtu = ndi->linkmtu; 212 213 switch (ifp->if_type) { 214 case IFT_ARCNET: /* XXX MTU handling needs more work */ 215 ndi->maxmtu = MIN(60480, ifp->if_mtu); 216 break; 217 case IFT_ETHER: 218 ndi->maxmtu = MIN(ETHERMTU, ifp->if_mtu); 219 break; 220 case IFT_ATM: 221 ndi->maxmtu = MIN(ATMMTU, ifp->if_mtu); 222 break; 223 case IFT_IEEE1394: 224 ndi->maxmtu = MIN(IEEE1394MTU, ifp->if_mtu); 225 break; 226 default: 227 ndi->maxmtu = ifp->if_mtu; 228 break; 229 } 230 231 if (oldmaxmtu != ndi->maxmtu) { 232 /* 233 * If the ND level MTU is not set yet, or if the maxmtu 234 * is reset to a smaller value than the ND level MTU, 235 * also reset the ND level MTU. 236 */ 237 if (ndi->linkmtu == 0 || 238 ndi->maxmtu < ndi->linkmtu) { 239 ndi->linkmtu = ndi->maxmtu; 240 /* also adjust in6_maxmtu if necessary. */ 241 if (oldlinkmtu == 0) { 242 /* 243 * XXX: the case analysis is grotty, but 244 * it is not efficient to call in6_setmaxmtu() 245 * here when we are during the initialization 246 * procedure. 247 */ 248 if (in6_maxmtu < ndi->linkmtu) 249 in6_maxmtu = ndi->linkmtu; 250 } else 251 in6_setmaxmtu(); 252 } 253 } 254 #undef MIN 255 } 256 257 void 258 nd6_option_init(opt, icmp6len, ndopts) 259 void *opt; 260 int icmp6len; 261 union nd_opts *ndopts; 262 { 263 bzero(ndopts, sizeof(*ndopts)); 264 ndopts->nd_opts_search = (struct nd_opt_hdr *)opt; 265 ndopts->nd_opts_last 266 = (struct nd_opt_hdr *)(((u_char *)opt) + icmp6len); 267 268 if (icmp6len == 0) { 269 ndopts->nd_opts_done = 1; 270 ndopts->nd_opts_search = NULL; 271 } 272 } 273 274 /* 275 * Take one ND option. 276 */ 277 struct nd_opt_hdr * 278 nd6_option(ndopts) 279 union nd_opts *ndopts; 280 { 281 struct nd_opt_hdr *nd_opt; 282 int olen; 283 284 if (!ndopts) 285 panic("ndopts == NULL in nd6_option\n"); 286 if (!ndopts->nd_opts_last) 287 panic("uninitialized ndopts in nd6_option\n"); 288 if (!ndopts->nd_opts_search) 289 return NULL; 290 if (ndopts->nd_opts_done) 291 return NULL; 292 293 nd_opt = ndopts->nd_opts_search; 294 295 /* make sure nd_opt_len is inside the buffer */ 296 if ((caddr_t)&nd_opt->nd_opt_len >= (caddr_t)ndopts->nd_opts_last) { 297 bzero(ndopts, sizeof(*ndopts)); 298 return NULL; 299 } 300 301 olen = nd_opt->nd_opt_len << 3; 302 if (olen == 0) { 303 /* 304 * Message validation requires that all included 305 * options have a length that is greater than zero. 306 */ 307 bzero(ndopts, sizeof(*ndopts)); 308 return NULL; 309 } 310 311 ndopts->nd_opts_search = (struct nd_opt_hdr *)((caddr_t)nd_opt + olen); 312 if (ndopts->nd_opts_search > ndopts->nd_opts_last) { 313 /* option overruns the end of buffer, invalid */ 314 bzero(ndopts, sizeof(*ndopts)); 315 return NULL; 316 } else if (ndopts->nd_opts_search == ndopts->nd_opts_last) { 317 /* reached the end of options chain */ 318 ndopts->nd_opts_done = 1; 319 ndopts->nd_opts_search = NULL; 320 } 321 return nd_opt; 322 } 323 324 /* 325 * Parse multiple ND options. 326 * This function is much easier to use, for ND routines that do not need 327 * multiple options of the same type. 328 */ 329 int 330 nd6_options(ndopts) 331 union nd_opts *ndopts; 332 { 333 struct nd_opt_hdr *nd_opt; 334 int i = 0; 335 336 if (!ndopts) 337 panic("ndopts == NULL in nd6_options\n"); 338 if (!ndopts->nd_opts_last) 339 panic("uninitialized ndopts in nd6_options\n"); 340 if (!ndopts->nd_opts_search) 341 return 0; 342 343 while (1) { 344 nd_opt = nd6_option(ndopts); 345 if (!nd_opt && !ndopts->nd_opts_last) { 346 /* 347 * Message validation requires that all included 348 * options have a length that is greater than zero. 349 */ 350 icmp6stat.icp6s_nd_badopt++; 351 bzero(ndopts, sizeof(*ndopts)); 352 return -1; 353 } 354 355 if (!nd_opt) 356 goto skip1; 357 358 switch (nd_opt->nd_opt_type) { 359 case ND_OPT_SOURCE_LINKADDR: 360 case ND_OPT_TARGET_LINKADDR: 361 case ND_OPT_MTU: 362 case ND_OPT_REDIRECTED_HEADER: 363 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) { 364 nd6log((LOG_INFO, 365 "duplicated ND6 option found (type=%d)\n", 366 nd_opt->nd_opt_type)); 367 /* XXX bark? */ 368 } else { 369 ndopts->nd_opt_array[nd_opt->nd_opt_type] 370 = nd_opt; 371 } 372 break; 373 case ND_OPT_PREFIX_INFORMATION: 374 if (ndopts->nd_opt_array[nd_opt->nd_opt_type] == 0) { 375 ndopts->nd_opt_array[nd_opt->nd_opt_type] 376 = nd_opt; 377 } 378 ndopts->nd_opts_pi_end = 379 (struct nd_opt_prefix_info *)nd_opt; 380 break; 381 default: 382 /* 383 * Unknown options must be silently ignored, 384 * to accomodate future extension to the protocol. 385 */ 386 nd6log((LOG_DEBUG, 387 "nd6_options: unsupported option %d - " 388 "option ignored\n", nd_opt->nd_opt_type)); 389 } 390 391 skip1: 392 i++; 393 if (i > nd6_maxndopt) { 394 icmp6stat.icp6s_nd_toomanyopt++; 395 nd6log((LOG_INFO, "too many loop in nd opt\n")); 396 break; 397 } 398 399 if (ndopts->nd_opts_done) 400 break; 401 } 402 403 return 0; 404 } 405 406 /* 407 * ND6 timer routine to expire default route list and prefix list 408 */ 409 void 410 nd6_timer(ignored_arg) 411 void *ignored_arg; 412 { 413 int s; 414 struct llinfo_nd6 *ln; 415 struct nd_defrouter *dr; 416 struct nd_prefix *pr; 417 long time_second = time.tv_sec; 418 419 s = splsoftnet(); 420 callout_reset(&nd6_timer_ch, nd6_prune * hz, 421 nd6_timer, NULL); 422 423 ln = llinfo_nd6.ln_next; 424 /* XXX BSD/OS separates this code -- itojun */ 425 while (ln && ln != &llinfo_nd6) { 426 struct rtentry *rt; 427 struct ifnet *ifp; 428 struct sockaddr_in6 *dst; 429 struct llinfo_nd6 *next = ln->ln_next; 430 /* XXX: used for the DELAY case only: */ 431 struct nd_ifinfo *ndi = NULL; 432 433 if ((rt = ln->ln_rt) == NULL) { 434 ln = next; 435 continue; 436 } 437 if ((ifp = rt->rt_ifp) == NULL) { 438 ln = next; 439 continue; 440 } 441 ndi = &nd_ifinfo[ifp->if_index]; 442 dst = (struct sockaddr_in6 *)rt_key(rt); 443 444 if (ln->ln_expire > time_second) { 445 ln = next; 446 continue; 447 } 448 449 /* sanity check */ 450 if (!rt) 451 panic("rt=0 in nd6_timer(ln=%p)\n", ln); 452 if (rt->rt_llinfo && (struct llinfo_nd6 *)rt->rt_llinfo != ln) 453 panic("rt_llinfo(%p) is not equal to ln(%p)\n", 454 rt->rt_llinfo, ln); 455 if (!dst) 456 panic("dst=0 in nd6_timer(ln=%p)\n", ln); 457 458 switch (ln->ln_state) { 459 case ND6_LLINFO_INCOMPLETE: 460 if (ln->ln_asked < nd6_mmaxtries) { 461 ln->ln_asked++; 462 ln->ln_expire = time_second + 463 nd_ifinfo[ifp->if_index].retrans / 1000; 464 nd6_ns_output(ifp, NULL, &dst->sin6_addr, 465 ln, 0); 466 } else { 467 struct mbuf *m = ln->ln_hold; 468 if (m) { 469 if (rt->rt_ifp) { 470 /* 471 * Fake rcvif to make ICMP error 472 * more helpful in diagnosing 473 * for the receiver. 474 * XXX: should we consider 475 * older rcvif? 476 */ 477 m->m_pkthdr.rcvif = rt->rt_ifp; 478 } 479 icmp6_error(m, ICMP6_DST_UNREACH, 480 ICMP6_DST_UNREACH_ADDR, 0); 481 ln->ln_hold = NULL; 482 } 483 next = nd6_free(rt); 484 } 485 break; 486 case ND6_LLINFO_REACHABLE: 487 if (ln->ln_expire) { 488 ln->ln_state = ND6_LLINFO_STALE; 489 ln->ln_expire = time_second + nd6_gctimer; 490 } 491 break; 492 493 case ND6_LLINFO_STALE: 494 /* Garbage Collection(RFC 2461 5.3) */ 495 if (ln->ln_expire) 496 next = nd6_free(rt); 497 break; 498 499 case ND6_LLINFO_DELAY: 500 if (ndi && (ndi->flags & ND6_IFF_PERFORMNUD) != 0) { 501 /* We need NUD */ 502 ln->ln_asked = 1; 503 ln->ln_state = ND6_LLINFO_PROBE; 504 ln->ln_expire = time_second + 505 ndi->retrans / 1000; 506 nd6_ns_output(ifp, &dst->sin6_addr, 507 &dst->sin6_addr, 508 ln, 0); 509 } else { 510 ln->ln_state = ND6_LLINFO_STALE; /* XXX */ 511 ln->ln_expire = time_second + nd6_gctimer; 512 } 513 break; 514 case ND6_LLINFO_PROBE: 515 if (ln->ln_asked < nd6_umaxtries) { 516 ln->ln_asked++; 517 ln->ln_expire = time_second + 518 nd_ifinfo[ifp->if_index].retrans / 1000; 519 nd6_ns_output(ifp, &dst->sin6_addr, 520 &dst->sin6_addr, ln, 0); 521 } else 522 next = nd6_free(rt); 523 break; 524 } 525 ln = next; 526 } 527 528 /* expire default router list */ 529 dr = TAILQ_FIRST(&nd_defrouter); 530 while (dr) { 531 if (dr->expire && dr->expire < time_second) { 532 struct nd_defrouter *t; 533 t = TAILQ_NEXT(dr, dr_entry); 534 defrtrlist_del(dr); 535 dr = t; 536 } else { 537 dr = TAILQ_NEXT(dr, dr_entry); 538 } 539 } 540 pr = nd_prefix.lh_first; 541 while (pr) { 542 struct in6_ifaddr *ia6; 543 struct in6_addrlifetime *lt6; 544 545 if (IN6_IS_ADDR_UNSPECIFIED(&pr->ndpr_addr)) 546 ia6 = NULL; 547 else 548 ia6 = in6ifa_ifpwithaddr(pr->ndpr_ifp, &pr->ndpr_addr); 549 550 if (ia6) { 551 /* check address lifetime */ 552 lt6 = &ia6->ia6_lifetime; 553 if (lt6->ia6t_preferred && lt6->ia6t_preferred < time_second) 554 ia6->ia6_flags |= IN6_IFF_DEPRECATED; 555 if (lt6->ia6t_expire && lt6->ia6t_expire < time_second) { 556 if (!IN6_IS_ADDR_UNSPECIFIED(&pr->ndpr_addr)) 557 in6_ifdel(pr->ndpr_ifp, &pr->ndpr_addr); 558 /* xxx ND_OPT_PI_FLAG_ONLINK processing */ 559 } 560 } 561 562 /* 563 * check prefix lifetime. 564 * since pltime is just for autoconf, pltime processing for 565 * prefix is not necessary. 566 * 567 * we offset expire time by NDPR_KEEP_EXPIRE, so that we 568 * can use the old prefix information to validate the 569 * next prefix information to come. See prelist_update() 570 * for actual validation. 571 */ 572 if (pr->ndpr_expire 573 && pr->ndpr_expire + NDPR_KEEP_EXPIRED < time_second) { 574 struct nd_prefix *t; 575 t = pr->ndpr_next; 576 577 /* 578 * address expiration and prefix expiration are 579 * separate. NEVER perform in6_ifdel here. 580 */ 581 582 prelist_remove(pr); 583 pr = t; 584 } else 585 pr = pr->ndpr_next; 586 } 587 splx(s); 588 } 589 590 /* 591 * Nuke neighbor cache/prefix/default router management table, right before 592 * ifp goes away. 593 */ 594 void 595 nd6_purge(ifp) 596 struct ifnet *ifp; 597 { 598 struct llinfo_nd6 *ln, *nln; 599 struct nd_defrouter *dr, *ndr, drany; 600 struct nd_prefix *pr, *npr; 601 602 /* Nuke default router list entries toward ifp */ 603 if ((dr = TAILQ_FIRST(&nd_defrouter)) != NULL) { 604 /* 605 * The first entry of the list may be stored in 606 * the routing table, so we'll delete it later. 607 */ 608 for (dr = TAILQ_NEXT(dr, dr_entry); dr; dr = ndr) { 609 ndr = TAILQ_NEXT(dr, dr_entry); 610 if (dr->ifp == ifp) 611 defrtrlist_del(dr); 612 } 613 dr = TAILQ_FIRST(&nd_defrouter); 614 if (dr->ifp == ifp) 615 defrtrlist_del(dr); 616 } 617 618 /* Nuke prefix list entries toward ifp */ 619 for (pr = nd_prefix.lh_first; pr; pr = npr) { 620 npr = pr->ndpr_next; 621 if (pr->ndpr_ifp == ifp) { 622 if (!IN6_IS_ADDR_UNSPECIFIED(&pr->ndpr_addr)) 623 in6_ifdel(pr->ndpr_ifp, &pr->ndpr_addr); 624 prelist_remove(pr); 625 } 626 } 627 628 /* cancel default outgoing interface setting */ 629 if (nd6_defifindex == ifp->if_index) 630 nd6_setdefaultiface(0); 631 632 if (!ip6_forwarding && ip6_accept_rtadv) { /* XXX: too restrictive? */ 633 /* refresh default router list */ 634 bzero(&drany, sizeof(drany)); 635 defrouter_delreq(&drany, 0); 636 defrouter_select(); 637 } 638 639 /* 640 * Nuke neighbor cache entries for the ifp. 641 * Note that rt->rt_ifp may not be the same as ifp, 642 * due to KAME goto ours hack. See RTM_RESOLVE case in 643 * nd6_rtrequest(), and ip6_input(). 644 */ 645 ln = llinfo_nd6.ln_next; 646 while (ln && ln != &llinfo_nd6) { 647 struct rtentry *rt; 648 struct sockaddr_dl *sdl; 649 650 nln = ln->ln_next; 651 rt = ln->ln_rt; 652 if (rt && rt->rt_gateway && 653 rt->rt_gateway->sa_family == AF_LINK) { 654 sdl = (struct sockaddr_dl *)rt->rt_gateway; 655 if (sdl->sdl_index == ifp->if_index) 656 nln = nd6_free(rt); 657 } 658 ln = nln; 659 } 660 } 661 662 struct rtentry * 663 nd6_lookup(addr6, create, ifp) 664 struct in6_addr *addr6; 665 int create; 666 struct ifnet *ifp; 667 { 668 struct rtentry *rt; 669 struct sockaddr_in6 sin6; 670 671 bzero(&sin6, sizeof(sin6)); 672 sin6.sin6_len = sizeof(struct sockaddr_in6); 673 sin6.sin6_family = AF_INET6; 674 sin6.sin6_addr = *addr6; 675 rt = rtalloc1((struct sockaddr *)&sin6, create); 676 if (rt && (rt->rt_flags & RTF_LLINFO) == 0) { 677 /* 678 * This is the case for the default route. 679 * If we want to create a neighbor cache for the address, we 680 * should free the route for the destination and allocate an 681 * interface route. 682 */ 683 if (create) { 684 RTFREE(rt); 685 rt = 0; 686 } 687 } 688 if (!rt) { 689 if (create && ifp) { 690 int e; 691 692 /* 693 * If no route is available and create is set, 694 * we allocate a host route for the destination 695 * and treat it like an interface route. 696 * This hack is necessary for a neighbor which can't 697 * be covered by our own prefix. 698 */ 699 struct ifaddr *ifa = 700 ifaof_ifpforaddr((struct sockaddr *)&sin6, ifp); 701 if (ifa == NULL) 702 return(NULL); 703 704 /* 705 * Create a new route. RTF_LLINFO is necessary 706 * to create a Neighbor Cache entry for the 707 * destination in nd6_rtrequest which will be 708 * called in rtequest via ifa->ifa_rtrequest. 709 */ 710 if ((e = rtrequest(RTM_ADD, (struct sockaddr *)&sin6, 711 ifa->ifa_addr, 712 (struct sockaddr *)&all1_sa, 713 (ifa->ifa_flags | 714 RTF_HOST | RTF_LLINFO) & 715 ~RTF_CLONING, 716 &rt)) != 0) 717 log(LOG_ERR, 718 "nd6_lookup: failed to add route for a " 719 "neighbor(%s), errno=%d\n", 720 ip6_sprintf(addr6), e); 721 if (rt == NULL) 722 return(NULL); 723 if (rt->rt_llinfo) { 724 struct llinfo_nd6 *ln = 725 (struct llinfo_nd6 *)rt->rt_llinfo; 726 ln->ln_state = ND6_LLINFO_NOSTATE; 727 } 728 } else 729 return(NULL); 730 } 731 rt->rt_refcnt--; 732 /* 733 * Validation for the entry. 734 * XXX: we can't use rt->rt_ifp to check for the interface, since 735 * it might be the loopback interface if the entry is for our 736 * own address on a non-loopback interface. Instead, we should 737 * use rt->rt_ifa->ifa_ifp, which would specify the REAL interface. 738 */ 739 if ((rt->rt_flags & RTF_GATEWAY) || (rt->rt_flags & RTF_LLINFO) == 0 || 740 rt->rt_gateway->sa_family != AF_LINK || 741 (ifp && rt->rt_ifa->ifa_ifp != ifp)) { 742 if (create) { 743 log(LOG_DEBUG, "nd6_lookup: failed to lookup %s (if = %s)\n", 744 ip6_sprintf(addr6), ifp ? if_name(ifp) : "unspec"); 745 /* xxx more logs... kazu */ 746 } 747 return(0); 748 } 749 return(rt); 750 } 751 752 /* 753 * Detect if a given IPv6 address identifies a neighbor on a given link. 754 * XXX: should take care of the destination of a p2p link? 755 */ 756 int 757 nd6_is_addr_neighbor(addr, ifp) 758 struct sockaddr_in6 *addr; 759 struct ifnet *ifp; 760 { 761 struct ifaddr *ifa; 762 int i; 763 764 #define IFADDR6(a) ((((struct in6_ifaddr *)(a))->ia_addr).sin6_addr) 765 #define IFMASK6(a) ((((struct in6_ifaddr *)(a))->ia_prefixmask).sin6_addr) 766 767 /* 768 * A link-local address is always a neighbor. 769 * XXX: we should use the sin6_scope_id field rather than the embedded 770 * interface index. 771 */ 772 if (IN6_IS_ADDR_LINKLOCAL(&addr->sin6_addr) && 773 ntohs(*(u_int16_t *)&addr->sin6_addr.s6_addr[2]) == ifp->if_index) 774 return(1); 775 776 /* 777 * If the address matches one of our addresses, 778 * it should be a neighbor. 779 */ 780 for (ifa = ifp->if_addrlist.tqh_first; 781 ifa; 782 ifa = ifa->ifa_list.tqe_next) 783 { 784 if (ifa->ifa_addr->sa_family != AF_INET6) 785 next: continue; 786 787 for (i = 0; i < 4; i++) { 788 if ((IFADDR6(ifa).s6_addr32[i] ^ 789 addr->sin6_addr.s6_addr32[i]) & 790 IFMASK6(ifa).s6_addr32[i]) 791 goto next; 792 } 793 return(1); 794 } 795 796 /* 797 * Even if the address matches none of our addresses, it might be 798 * in the neighbor cache. 799 */ 800 if (nd6_lookup(&addr->sin6_addr, 0, ifp)) 801 return(1); 802 803 return(0); 804 #undef IFADDR6 805 #undef IFMASK6 806 } 807 808 /* 809 * Free an nd6 llinfo entry. 810 */ 811 struct llinfo_nd6 * 812 nd6_free(rt) 813 struct rtentry *rt; 814 { 815 struct llinfo_nd6 *ln = (struct llinfo_nd6 *)rt->rt_llinfo, *next; 816 struct in6_addr in6 = ((struct sockaddr_in6 *)rt_key(rt))->sin6_addr; 817 struct nd_defrouter *dr; 818 819 /* 820 * Clear all destination cache entries for the neighbor. 821 * XXX: is it better to restrict this to hosts? 822 */ 823 pfctlinput(PRC_HOSTDEAD, rt_key(rt)); 824 825 if (!ip6_forwarding && ip6_accept_rtadv) { /* XXX: too restrictive? */ 826 int s; 827 s = splsoftnet(); 828 dr = defrouter_lookup(&((struct sockaddr_in6 *)rt_key(rt))->sin6_addr, 829 rt->rt_ifp); 830 if (ln->ln_router || dr) { 831 /* 832 * rt6_flush must be called whether or not the neighbor 833 * is in the Default Router List. 834 * See a corresponding comment in nd6_na_input(). 835 */ 836 rt6_flush(&in6, rt->rt_ifp); 837 } 838 839 if (dr) { 840 /* 841 * Unreachablity of a router might affect the default 842 * router selection and on-link detection of advertised 843 * prefixes. 844 */ 845 846 /* 847 * Temporarily fake the state to choose a new default 848 * router and to perform on-link determination of 849 * prefixes coreectly. 850 * Below the state will be set correctly, 851 * or the entry itself will be deleted. 852 */ 853 ln->ln_state = ND6_LLINFO_INCOMPLETE; 854 855 if (dr == TAILQ_FIRST(&nd_defrouter)) { 856 /* 857 * It is used as the current default router, 858 * so we have to move it to the end of the 859 * list and choose a new one. 860 * XXX: it is not very efficient if this is 861 * the only router. 862 */ 863 TAILQ_REMOVE(&nd_defrouter, dr, dr_entry); 864 TAILQ_INSERT_TAIL(&nd_defrouter, dr, dr_entry); 865 866 defrouter_select(); 867 } 868 pfxlist_onlink_check(); 869 } 870 splx(s); 871 } 872 873 /* 874 * Before deleting the entry, remember the next entry as the 875 * return value. We need this because pfxlist_onlink_check() above 876 * might have freed other entries (particularly the old next entry) as 877 * a side effect (XXX). 878 */ 879 next = ln->ln_next; 880 881 /* 882 * Detach the route from the routing tree and the list of neighbor 883 * caches, and disable the route entry not to be used in already 884 * cached routes. 885 */ 886 rtrequest(RTM_DELETE, rt_key(rt), (struct sockaddr *)0, 887 rt_mask(rt), 0, (struct rtentry **)0); 888 889 return(next); 890 } 891 892 /* 893 * Upper-layer reachability hint for Neighbor Unreachability Detection. 894 * 895 * XXX cost-effective metods? 896 */ 897 void 898 nd6_nud_hint(rt, dst6, force) 899 struct rtentry *rt; 900 struct in6_addr *dst6; 901 int force; 902 { 903 struct llinfo_nd6 *ln; 904 long time_second = time.tv_sec; 905 906 /* 907 * If the caller specified "rt", use that. Otherwise, resolve the 908 * routing table by supplied "dst6". 909 */ 910 if (!rt) { 911 if (!dst6) 912 return; 913 if (!(rt = nd6_lookup(dst6, 0, NULL))) 914 return; 915 } 916 917 if ((rt->rt_flags & RTF_GATEWAY) != 0 || 918 (rt->rt_flags & RTF_LLINFO) == 0 || 919 !rt->rt_llinfo || !rt->rt_gateway || 920 rt->rt_gateway->sa_family != AF_LINK) { 921 /* This is not a host route. */ 922 return; 923 } 924 925 ln = (struct llinfo_nd6 *)rt->rt_llinfo; 926 if (ln->ln_state < ND6_LLINFO_REACHABLE) 927 return; 928 929 /* 930 * if we get upper-layer reachability confirmation many times, 931 * it is possible we have false information. 932 */ 933 if (!force) { 934 ln->ln_byhint++; 935 if (ln->ln_byhint > nd6_maxnudhint) 936 return; 937 } 938 939 ln->ln_state = ND6_LLINFO_REACHABLE; 940 if (ln->ln_expire) 941 ln->ln_expire = time_second + 942 nd_ifinfo[rt->rt_ifp->if_index].reachable; 943 } 944 945 #ifdef OLDIP6OUTPUT 946 /* 947 * Resolve an IP6 address into an ethernet address. If success, 948 * desten is filled in. If there is no entry in ndptab, 949 * set one up and multicast a solicitation for the IP6 address. 950 * Hold onto this mbuf and resend it once the address 951 * is finally resolved. A return value of 1 indicates 952 * that desten has been filled in and the packet should be sent 953 * normally; a 0 return indicates that the packet has been 954 * taken over here, either now or for later transmission. 955 */ 956 int 957 nd6_resolve(ifp, rt, m, dst, desten) 958 struct ifnet *ifp; 959 struct rtentry *rt; 960 struct mbuf *m; 961 struct sockaddr *dst; 962 u_char *desten; 963 { 964 struct llinfo_nd6 *ln = (struct llinfo_nd6 *)NULL; 965 struct sockaddr_dl *sdl; 966 long time_second = time.tv_sec; 967 968 if (m->m_flags & M_MCAST) { 969 switch (ifp->if_type) { 970 case IFT_ETHER: 971 case IFT_FDDI: 972 ETHER_MAP_IPV6_MULTICAST(&SIN6(dst)->sin6_addr, 973 desten); 974 return(1); 975 case IFT_IEEE1394: 976 bcopy(ifp->if_broadcastaddr, desten, ifp->if_addrlen); 977 return(1); 978 case IFT_ARCNET: 979 *desten = 0; 980 return(1); 981 default: 982 m_freem(m); 983 return(0); 984 } 985 } 986 if (rt && (rt->rt_flags & RTF_LLINFO) != 0) 987 ln = (struct llinfo_nd6 *)rt->rt_llinfo; 988 else { 989 if ((rt = nd6_lookup(&(SIN6(dst)->sin6_addr), 1, ifp)) != NULL) 990 ln = (struct llinfo_nd6 *)rt->rt_llinfo; 991 } 992 if (!ln || !rt) { 993 log(LOG_DEBUG, "nd6_resolve: can't allocate llinfo for %s\n", 994 ip6_sprintf(&(SIN6(dst)->sin6_addr))); 995 m_freem(m); 996 return(0); 997 } 998 sdl = SDL(rt->rt_gateway); 999 /* 1000 * Ckeck the address family and length is valid, the address 1001 * is resolved; otherwise, try to resolve. 1002 */ 1003 if (ln->ln_state >= ND6_LLINFO_REACHABLE 1004 && sdl->sdl_family == AF_LINK 1005 && sdl->sdl_alen != 0) { 1006 bcopy(LLADDR(sdl), desten, sdl->sdl_alen); 1007 if (ln->ln_state == ND6_LLINFO_STALE) { 1008 ln->ln_asked = 0; 1009 ln->ln_state = ND6_LLINFO_DELAY; 1010 ln->ln_expire = time_second + nd6_delay; 1011 } 1012 return(1); 1013 } 1014 /* 1015 * There is an ndp entry, but no ethernet address 1016 * response yet. Replace the held mbuf with this 1017 * latest one. 1018 * 1019 * XXX Does the code conform to rate-limiting rule? 1020 * (RFC 2461 7.2.2) 1021 */ 1022 if (ln->ln_state == ND6_LLINFO_NOSTATE) 1023 ln->ln_state = ND6_LLINFO_INCOMPLETE; 1024 if (ln->ln_hold) 1025 m_freem(ln->ln_hold); 1026 ln->ln_hold = m; 1027 if (ln->ln_expire) { 1028 if (ln->ln_asked < nd6_mmaxtries && 1029 ln->ln_expire < time_second) { 1030 ln->ln_asked++; 1031 ln->ln_expire = time_second + 1032 nd_ifinfo[ifp->if_index].retrans / 1000; 1033 nd6_ns_output(ifp, NULL, &(SIN6(dst)->sin6_addr), 1034 ln, 0); 1035 } 1036 } 1037 /* do not free mbuf here, it is queued into llinfo_nd6 */ 1038 return(0); 1039 } 1040 #endif /* OLDIP6OUTPUT */ 1041 1042 void 1043 nd6_rtrequest(req, rt, info) 1044 int req; 1045 struct rtentry *rt; 1046 struct rt_addrinfo *info; /* xxx unused */ 1047 { 1048 struct sockaddr *gate = rt->rt_gateway; 1049 struct llinfo_nd6 *ln = (struct llinfo_nd6 *)rt->rt_llinfo; 1050 static struct sockaddr_dl null_sdl = {sizeof(null_sdl), AF_LINK}; 1051 struct ifnet *ifp = rt->rt_ifp; 1052 struct ifaddr *ifa; 1053 long time_second = time.tv_sec; 1054 1055 if (rt->rt_flags & RTF_GATEWAY) 1056 return; 1057 1058 switch (req) { 1059 case RTM_ADD: 1060 /* 1061 * There is no backward compatibility :) 1062 * 1063 * if ((rt->rt_flags & RTF_HOST) == 0 && 1064 * SIN(rt_mask(rt))->sin_addr.s_addr != 0xffffffff) 1065 * rt->rt_flags |= RTF_CLONING; 1066 */ 1067 if (rt->rt_flags & (RTF_CLONING | RTF_LLINFO)) { 1068 /* 1069 * Case 1: This route should come from 1070 * a route to interface. RTF_LLINFO flag is set 1071 * for a host route whose destination should be 1072 * treated as on-link. 1073 */ 1074 rt_setgate(rt, rt_key(rt), 1075 (struct sockaddr *)&null_sdl); 1076 gate = rt->rt_gateway; 1077 SDL(gate)->sdl_type = ifp->if_type; 1078 SDL(gate)->sdl_index = ifp->if_index; 1079 if (ln) 1080 ln->ln_expire = time_second; 1081 #if 1 1082 if (ln && ln->ln_expire == 0) { 1083 /* kludge for desktops */ 1084 #if 0 1085 printf("nd6_request: time.tv_sec is zero; " 1086 "treat it as 1\n"); 1087 #endif 1088 ln->ln_expire = 1; 1089 } 1090 #endif 1091 if (rt->rt_flags & RTF_CLONING) 1092 break; 1093 } 1094 /* 1095 * In IPv4 code, we try to annonuce new RTF_ANNOUNCE entry here. 1096 * We don't do that here since llinfo is not ready yet. 1097 * 1098 * There are also couple of other things to be discussed: 1099 * - unsolicited NA code needs improvement beforehand 1100 * - RFC2461 says we MAY send multicast unsolicited NA 1101 * (7.2.6 paragraph 4), however, it also says that we 1102 * SHOULD provide a mechanism to prevent multicast NA storm. 1103 * we don't have anything like it right now. 1104 * note that the mechanism needs a mutual agreement 1105 * between proxies, which means that we need to implement 1106 * a new protocol, or a new kludge. 1107 * - from RFC2461 6.2.4, host MUST NOT send an unsolicited NA. 1108 * we need to check ip6forwarding before sending it. 1109 * (or should we allow proxy ND configuration only for 1110 * routers? there's no mention about proxy ND from hosts) 1111 */ 1112 #if 0 1113 /* XXX it does not work */ 1114 if (rt->rt_flags & RTF_ANNOUNCE) 1115 nd6_na_output(ifp, 1116 &SIN6(rt_key(rt))->sin6_addr, 1117 &SIN6(rt_key(rt))->sin6_addr, 1118 ip6_forwarding ? ND_NA_FLAG_ROUTER : 0, 1119 1, NULL); 1120 #endif 1121 /* FALLTHROUGH */ 1122 case RTM_RESOLVE: 1123 if ((ifp->if_flags & IFF_POINTOPOINT) == 0) { 1124 /* 1125 * Address resolution isn't necessary for a point to 1126 * point link, so we can skip this test for a p2p link. 1127 */ 1128 if (gate->sa_family != AF_LINK || 1129 gate->sa_len < sizeof(null_sdl)) { 1130 log(LOG_DEBUG, 1131 "nd6_rtrequest: bad gateway value: %s\n", 1132 if_name(ifp)); 1133 break; 1134 } 1135 SDL(gate)->sdl_type = ifp->if_type; 1136 SDL(gate)->sdl_index = ifp->if_index; 1137 } 1138 if (ln != NULL) 1139 break; /* This happens on a route change */ 1140 /* 1141 * Case 2: This route may come from cloning, or a manual route 1142 * add with a LL address. 1143 */ 1144 R_Malloc(ln, struct llinfo_nd6 *, sizeof(*ln)); 1145 rt->rt_llinfo = (caddr_t)ln; 1146 if (!ln) { 1147 log(LOG_DEBUG, "nd6_rtrequest: malloc failed\n"); 1148 break; 1149 } 1150 nd6_inuse++; 1151 nd6_allocated++; 1152 Bzero(ln, sizeof(*ln)); 1153 ln->ln_rt = rt; 1154 /* this is required for "ndp" command. - shin */ 1155 if (req == RTM_ADD) { 1156 /* 1157 * gate should have some valid AF_LINK entry, 1158 * and ln->ln_expire should have some lifetime 1159 * which is specified by ndp command. 1160 */ 1161 ln->ln_state = ND6_LLINFO_REACHABLE; 1162 ln->ln_byhint = 0; 1163 } else { 1164 /* 1165 * When req == RTM_RESOLVE, rt is created and 1166 * initialized in rtrequest(), so rt_expire is 0. 1167 */ 1168 ln->ln_state = ND6_LLINFO_NOSTATE; 1169 ln->ln_expire = time_second; 1170 } 1171 rt->rt_flags |= RTF_LLINFO; 1172 ln->ln_next = llinfo_nd6.ln_next; 1173 llinfo_nd6.ln_next = ln; 1174 ln->ln_prev = &llinfo_nd6; 1175 ln->ln_next->ln_prev = ln; 1176 1177 /* 1178 * check if rt_key(rt) is one of my address assigned 1179 * to the interface. 1180 */ 1181 ifa = (struct ifaddr *)in6ifa_ifpwithaddr(rt->rt_ifp, 1182 &SIN6(rt_key(rt))->sin6_addr); 1183 if (ifa) { 1184 caddr_t macp = nd6_ifptomac(ifp); 1185 ln->ln_expire = 0; 1186 ln->ln_state = ND6_LLINFO_REACHABLE; 1187 ln->ln_byhint = 0; 1188 if (macp) { 1189 Bcopy(macp, LLADDR(SDL(gate)), ifp->if_addrlen); 1190 SDL(gate)->sdl_alen = ifp->if_addrlen; 1191 } 1192 if (nd6_useloopback) { 1193 rt->rt_ifp = &loif[0]; /*XXX*/ 1194 /* 1195 * Make sure rt_ifa be equal to the ifaddr 1196 * corresponding to the address. 1197 * We need this because when we refer 1198 * rt_ifa->ia6_flags in ip6_input, we assume 1199 * that the rt_ifa points to the address instead 1200 * of the loopback address. 1201 */ 1202 if (ifa != rt->rt_ifa) { 1203 IFAFREE(rt->rt_ifa); 1204 IFAREF(ifa); 1205 rt->rt_ifa = ifa; 1206 } 1207 } 1208 } else if (rt->rt_flags & RTF_ANNOUNCE) { 1209 ln->ln_expire = 0; 1210 ln->ln_state = ND6_LLINFO_REACHABLE; 1211 ln->ln_byhint = 0; 1212 1213 /* join solicited node multicast for proxy ND */ 1214 if (ifp->if_flags & IFF_MULTICAST) { 1215 struct in6_addr llsol; 1216 int error; 1217 1218 llsol = SIN6(rt_key(rt))->sin6_addr; 1219 llsol.s6_addr16[0] = htons(0xff02); 1220 llsol.s6_addr16[1] = htons(ifp->if_index); 1221 llsol.s6_addr32[1] = 0; 1222 llsol.s6_addr32[2] = htonl(1); 1223 llsol.s6_addr8[12] = 0xff; 1224 1225 if (!in6_addmulti(&llsol, ifp, &error)) { 1226 nd6log((LOG_ERR, "%s: " 1227 "failed to join %s (errno=%d)\n", 1228 if_name(ifp), ip6_sprintf(&llsol), 1229 error)); 1230 } 1231 } 1232 } 1233 break; 1234 1235 case RTM_DELETE: 1236 if (!ln) 1237 break; 1238 /* leave from solicited node multicast for proxy ND */ 1239 if ((rt->rt_flags & RTF_ANNOUNCE) != 0 && 1240 (ifp->if_flags & IFF_MULTICAST) != 0) { 1241 struct in6_addr llsol; 1242 struct in6_multi *in6m; 1243 1244 llsol = SIN6(rt_key(rt))->sin6_addr; 1245 llsol.s6_addr16[0] = htons(0xff02); 1246 llsol.s6_addr16[1] = htons(ifp->if_index); 1247 llsol.s6_addr32[1] = 0; 1248 llsol.s6_addr32[2] = htonl(1); 1249 llsol.s6_addr8[12] = 0xff; 1250 1251 IN6_LOOKUP_MULTI(llsol, ifp, in6m); 1252 if (in6m) 1253 in6_delmulti(in6m); 1254 } 1255 nd6_inuse--; 1256 ln->ln_next->ln_prev = ln->ln_prev; 1257 ln->ln_prev->ln_next = ln->ln_next; 1258 ln->ln_prev = NULL; 1259 rt->rt_llinfo = 0; 1260 rt->rt_flags &= ~RTF_LLINFO; 1261 if (ln->ln_hold) 1262 m_freem(ln->ln_hold); 1263 Free((caddr_t)ln); 1264 } 1265 } 1266 1267 void 1268 nd6_p2p_rtrequest(req, rt, info) 1269 int req; 1270 struct rtentry *rt; 1271 struct rt_addrinfo *info; /* xxx unused */ 1272 { 1273 struct sockaddr *gate = rt->rt_gateway; 1274 static struct sockaddr_dl null_sdl = {sizeof(null_sdl), AF_LINK}; 1275 struct ifnet *ifp = rt->rt_ifp; 1276 struct ifaddr *ifa; 1277 1278 if (rt->rt_flags & RTF_GATEWAY) 1279 return; 1280 1281 switch (req) { 1282 case RTM_ADD: 1283 /* 1284 * There is no backward compatibility :) 1285 * 1286 * if ((rt->rt_flags & RTF_HOST) == 0 && 1287 * SIN(rt_mask(rt))->sin_addr.s_addr != 0xffffffff) 1288 * rt->rt_flags |= RTF_CLONING; 1289 */ 1290 if (rt->rt_flags & RTF_CLONING) { 1291 /* 1292 * Case 1: This route should come from 1293 * a route to interface. 1294 */ 1295 rt_setgate(rt, rt_key(rt), 1296 (struct sockaddr *)&null_sdl); 1297 gate = rt->rt_gateway; 1298 SDL(gate)->sdl_type = ifp->if_type; 1299 SDL(gate)->sdl_index = ifp->if_index; 1300 break; 1301 } 1302 /* Announce a new entry if requested. */ 1303 if (rt->rt_flags & RTF_ANNOUNCE) 1304 nd6_na_output(ifp, 1305 &SIN6(rt_key(rt))->sin6_addr, 1306 &SIN6(rt_key(rt))->sin6_addr, 1307 ip6_forwarding ? ND_NA_FLAG_ROUTER : 0, 1308 1, NULL); 1309 /* FALLTHROUGH */ 1310 case RTM_RESOLVE: 1311 /* 1312 * check if rt_key(rt) is one of my address assigned 1313 * to the interface. 1314 */ 1315 ifa = (struct ifaddr *)in6ifa_ifpwithaddr(rt->rt_ifp, 1316 &SIN6(rt_key(rt))->sin6_addr); 1317 if (ifa) { 1318 if (nd6_useloopback) { 1319 rt->rt_ifp = &loif[0]; /*XXX*/ 1320 } 1321 } 1322 break; 1323 } 1324 } 1325 1326 int 1327 nd6_ioctl(cmd, data, ifp) 1328 u_long cmd; 1329 caddr_t data; 1330 struct ifnet *ifp; 1331 { 1332 struct in6_drlist *drl = (struct in6_drlist *)data; 1333 struct in6_prlist *prl = (struct in6_prlist *)data; 1334 struct in6_ndireq *ndi = (struct in6_ndireq *)data; 1335 struct in6_nbrinfo *nbi = (struct in6_nbrinfo *)data; 1336 struct in6_ndifreq *ndif = (struct in6_ndifreq *)data; 1337 struct nd_defrouter *dr, any; 1338 struct nd_prefix *pr; 1339 struct rtentry *rt; 1340 int i = 0, error = 0; 1341 int s; 1342 1343 switch (cmd) { 1344 case SIOCGDRLST_IN6: 1345 bzero(drl, sizeof(*drl)); 1346 s = splsoftnet(); 1347 dr = TAILQ_FIRST(&nd_defrouter); 1348 while (dr && i < DRLSTSIZ) { 1349 drl->defrouter[i].rtaddr = dr->rtaddr; 1350 if (IN6_IS_ADDR_LINKLOCAL(&drl->defrouter[i].rtaddr)) { 1351 /* XXX: need to this hack for KAME stack */ 1352 drl->defrouter[i].rtaddr.s6_addr16[1] = 0; 1353 } else 1354 log(LOG_ERR, 1355 "default router list contains a " 1356 "non-linklocal address(%s)\n", 1357 ip6_sprintf(&drl->defrouter[i].rtaddr)); 1358 1359 drl->defrouter[i].flags = dr->flags; 1360 drl->defrouter[i].rtlifetime = dr->rtlifetime; 1361 drl->defrouter[i].expire = dr->expire; 1362 drl->defrouter[i].if_index = dr->ifp->if_index; 1363 i++; 1364 dr = TAILQ_NEXT(dr, dr_entry); 1365 } 1366 splx(s); 1367 break; 1368 case SIOCGPRLST_IN6: 1369 /* 1370 * XXX meaning of fields, especialy "raflags", is very 1371 * differnet between RA prefix list and RR/static prefix list. 1372 * how about separating ioctls into two? 1373 */ 1374 bzero(prl, sizeof(*prl)); 1375 s = splsoftnet(); 1376 pr = nd_prefix.lh_first; 1377 while (pr && i < PRLSTSIZ) { 1378 struct nd_pfxrouter *pfr; 1379 int j; 1380 1381 prl->prefix[i].prefix = pr->ndpr_prefix.sin6_addr; 1382 prl->prefix[i].raflags = pr->ndpr_raf; 1383 prl->prefix[i].prefixlen = pr->ndpr_plen; 1384 prl->prefix[i].vltime = pr->ndpr_vltime; 1385 prl->prefix[i].pltime = pr->ndpr_pltime; 1386 prl->prefix[i].if_index = pr->ndpr_ifp->if_index; 1387 prl->prefix[i].expire = pr->ndpr_expire; 1388 1389 pfr = pr->ndpr_advrtrs.lh_first; 1390 j = 0; 1391 while (pfr) { 1392 if (j < DRLSTSIZ) { 1393 #define RTRADDR prl->prefix[i].advrtr[j] 1394 RTRADDR = pfr->router->rtaddr; 1395 if (IN6_IS_ADDR_LINKLOCAL(&RTRADDR)) { 1396 /* XXX: hack for KAME */ 1397 RTRADDR.s6_addr16[1] = 0; 1398 } else 1399 log(LOG_ERR, 1400 "a router(%s) advertises " 1401 "a prefix with " 1402 "non-link local address\n", 1403 ip6_sprintf(&RTRADDR)); 1404 #undef RTRADDR 1405 } 1406 j++; 1407 pfr = pfr->pfr_next; 1408 } 1409 prl->prefix[i].advrtrs = j; 1410 prl->prefix[i].origin = PR_ORIG_RA; 1411 1412 i++; 1413 pr = pr->ndpr_next; 1414 } 1415 { 1416 struct rr_prefix *rpp; 1417 1418 for (rpp = LIST_FIRST(&rr_prefix); rpp; 1419 rpp = LIST_NEXT(rpp, rp_entry)) { 1420 if (i >= PRLSTSIZ) 1421 break; 1422 prl->prefix[i].prefix = rpp->rp_prefix.sin6_addr; 1423 prl->prefix[i].raflags = rpp->rp_raf; 1424 prl->prefix[i].prefixlen = rpp->rp_plen; 1425 prl->prefix[i].vltime = rpp->rp_vltime; 1426 prl->prefix[i].pltime = rpp->rp_pltime; 1427 prl->prefix[i].if_index = rpp->rp_ifp->if_index; 1428 prl->prefix[i].expire = rpp->rp_expire; 1429 prl->prefix[i].advrtrs = 0; 1430 prl->prefix[i].origin = rpp->rp_origin; 1431 i++; 1432 } 1433 } 1434 splx(s); 1435 1436 break; 1437 case SIOCGIFINFO_IN6: 1438 if (!nd_ifinfo || i >= nd_ifinfo_indexlim) { 1439 error = EINVAL; 1440 break; 1441 } 1442 ndi->ndi = nd_ifinfo[ifp->if_index]; 1443 break; 1444 case SIOCSIFINFO_FLAGS: 1445 /* XXX: almost all other fields of ndi->ndi is unused */ 1446 if (!nd_ifinfo || i >= nd_ifinfo_indexlim) { 1447 error = EINVAL; 1448 break; 1449 } 1450 nd_ifinfo[ifp->if_index].flags = ndi->ndi.flags; 1451 break; 1452 case SIOCSNDFLUSH_IN6: /* XXX: the ioctl name is confusing... */ 1453 /* flush default router list */ 1454 /* 1455 * xxx sumikawa: should not delete route if default 1456 * route equals to the top of default router list 1457 */ 1458 bzero(&any, sizeof(any)); 1459 defrouter_delreq(&any, 0); 1460 defrouter_select(); 1461 /* xxx sumikawa: flush prefix list */ 1462 break; 1463 case SIOCSPFXFLUSH_IN6: 1464 { 1465 /* flush all the prefix advertised by routers */ 1466 struct nd_prefix *pr, *next; 1467 1468 s = splsoftnet(); 1469 for (pr = nd_prefix.lh_first; pr; pr = next) { 1470 next = pr->ndpr_next; 1471 if (!IN6_IS_ADDR_UNSPECIFIED(&pr->ndpr_addr)) 1472 in6_ifdel(pr->ndpr_ifp, &pr->ndpr_addr); 1473 prelist_remove(pr); 1474 } 1475 splx(s); 1476 break; 1477 } 1478 case SIOCSRTRFLUSH_IN6: 1479 { 1480 /* flush all the default routers */ 1481 struct nd_defrouter *dr, *next; 1482 1483 s = splsoftnet(); 1484 if ((dr = TAILQ_FIRST(&nd_defrouter)) != NULL) { 1485 /* 1486 * The first entry of the list may be stored in 1487 * the routing table, so we'll delete it later. 1488 */ 1489 for (dr = TAILQ_NEXT(dr, dr_entry); dr; dr = next) { 1490 next = TAILQ_NEXT(dr, dr_entry); 1491 defrtrlist_del(dr); 1492 } 1493 defrtrlist_del(TAILQ_FIRST(&nd_defrouter)); 1494 } 1495 splx(s); 1496 break; 1497 } 1498 case SIOCGNBRINFO_IN6: 1499 { 1500 struct llinfo_nd6 *ln; 1501 struct in6_addr nb_addr = nbi->addr; /* make local for safety */ 1502 1503 /* 1504 * XXX: KAME specific hack for scoped addresses 1505 * XXXX: for other scopes than link-local? 1506 */ 1507 if (IN6_IS_ADDR_LINKLOCAL(&nbi->addr) || 1508 IN6_IS_ADDR_MC_LINKLOCAL(&nbi->addr)) { 1509 u_int16_t *idp = (u_int16_t *)&nb_addr.s6_addr[2]; 1510 1511 if (*idp == 0) 1512 *idp = htons(ifp->if_index); 1513 } 1514 1515 s = splsoftnet(); 1516 if ((rt = nd6_lookup(&nb_addr, 0, ifp)) == NULL) { 1517 error = EINVAL; 1518 splx(s); 1519 break; 1520 } 1521 ln = (struct llinfo_nd6 *)rt->rt_llinfo; 1522 nbi->state = ln->ln_state; 1523 nbi->asked = ln->ln_asked; 1524 nbi->isrouter = ln->ln_router; 1525 nbi->expire = ln->ln_expire; 1526 splx(s); 1527 1528 break; 1529 } 1530 case SIOCGDEFIFACE_IN6: /* XXX: should be implemented as a sysctl? */ 1531 ndif->ifindex = nd6_defifindex; 1532 break; 1533 case SIOCSDEFIFACE_IN6: /* XXX: should be implemented as a sysctl? */ 1534 return(nd6_setdefaultiface(ndif->ifindex)); 1535 break; 1536 } 1537 return(error); 1538 } 1539 1540 /* 1541 * Create neighbor cache entry and cache link-layer address, 1542 * on reception of inbound ND6 packets. (RS/RA/NS/redirect) 1543 */ 1544 struct rtentry * 1545 nd6_cache_lladdr(ifp, from, lladdr, lladdrlen, type, code) 1546 struct ifnet *ifp; 1547 struct in6_addr *from; 1548 char *lladdr; 1549 int lladdrlen; 1550 int type; /* ICMP6 type */ 1551 int code; /* type dependent information */ 1552 { 1553 struct rtentry *rt = NULL; 1554 struct llinfo_nd6 *ln = NULL; 1555 int is_newentry; 1556 struct sockaddr_dl *sdl = NULL; 1557 int do_update; 1558 int olladdr; 1559 int llchange; 1560 int newstate = 0; 1561 long time_second = time.tv_sec; 1562 1563 if (!ifp) 1564 panic("ifp == NULL in nd6_cache_lladdr"); 1565 if (!from) 1566 panic("from == NULL in nd6_cache_lladdr"); 1567 1568 /* nothing must be updated for unspecified address */ 1569 if (IN6_IS_ADDR_UNSPECIFIED(from)) 1570 return NULL; 1571 1572 /* 1573 * Validation about ifp->if_addrlen and lladdrlen must be done in 1574 * the caller. 1575 * 1576 * XXX If the link does not have link-layer adderss, what should 1577 * we do? (ifp->if_addrlen == 0) 1578 * Spec says nothing in sections for RA, RS and NA. There's small 1579 * description on it in NS section (RFC 2461 7.2.3). 1580 */ 1581 1582 rt = nd6_lookup(from, 0, ifp); 1583 if (!rt) { 1584 #if 0 1585 /* nothing must be done if there's no lladdr */ 1586 if (!lladdr || !lladdrlen) 1587 return NULL; 1588 #endif 1589 1590 rt = nd6_lookup(from, 1, ifp); 1591 is_newentry = 1; 1592 } else { 1593 /* do nothing if static ndp is set */ 1594 if (rt->rt_flags & RTF_STATIC) 1595 return NULL; 1596 is_newentry = 0; 1597 } 1598 1599 if (!rt) 1600 return NULL; 1601 if ((rt->rt_flags & (RTF_GATEWAY | RTF_LLINFO)) != RTF_LLINFO) { 1602 fail: 1603 (void)nd6_free(rt); 1604 return NULL; 1605 } 1606 ln = (struct llinfo_nd6 *)rt->rt_llinfo; 1607 if (!ln) 1608 goto fail; 1609 if (!rt->rt_gateway) 1610 goto fail; 1611 if (rt->rt_gateway->sa_family != AF_LINK) 1612 goto fail; 1613 sdl = SDL(rt->rt_gateway); 1614 1615 olladdr = (sdl->sdl_alen) ? 1 : 0; 1616 if (olladdr && lladdr) { 1617 if (bcmp(lladdr, LLADDR(sdl), ifp->if_addrlen)) 1618 llchange = 1; 1619 else 1620 llchange = 0; 1621 } else 1622 llchange = 0; 1623 1624 /* 1625 * newentry olladdr lladdr llchange (*=record) 1626 * 0 n n -- (1) 1627 * 0 y n -- (2) 1628 * 0 n y -- (3) * STALE 1629 * 0 y y n (4) * 1630 * 0 y y y (5) * STALE 1631 * 1 -- n -- (6) NOSTATE(= PASSIVE) 1632 * 1 -- y -- (7) * STALE 1633 */ 1634 1635 if (lladdr) { /*(3-5) and (7)*/ 1636 /* 1637 * Record source link-layer address 1638 * XXX is it dependent to ifp->if_type? 1639 */ 1640 sdl->sdl_alen = ifp->if_addrlen; 1641 bcopy(lladdr, LLADDR(sdl), ifp->if_addrlen); 1642 } 1643 1644 if (!is_newentry) { 1645 if ((!olladdr && lladdr) /*(3)*/ 1646 || (olladdr && lladdr && llchange)) { /*(5)*/ 1647 do_update = 1; 1648 newstate = ND6_LLINFO_STALE; 1649 } else /*(1-2,4)*/ 1650 do_update = 0; 1651 } else { 1652 do_update = 1; 1653 if (!lladdr) /*(6)*/ 1654 newstate = ND6_LLINFO_NOSTATE; 1655 else /*(7)*/ 1656 newstate = ND6_LLINFO_STALE; 1657 } 1658 1659 if (do_update) { 1660 /* 1661 * Update the state of the neighbor cache. 1662 */ 1663 ln->ln_state = newstate; 1664 1665 if (ln->ln_state == ND6_LLINFO_STALE) { 1666 /* 1667 * XXX: since nd6_output() below will cause 1668 * state tansition to DELAY and reset the timer, 1669 * we must set the timer now, although it is actually 1670 * meaningless. 1671 */ 1672 ln->ln_expire = time_second + nd6_gctimer; 1673 1674 if (ln->ln_hold) { 1675 #ifdef OLDIP6OUTPUT 1676 ln->ln_asked = 0; 1677 ln->ln_state = ND6_LLINFO_DELAY; 1678 ln->ln_expire = time_second + nd6_delay; 1679 (*ifp->if_output)(ifp, ln->ln_hold, 1680 rt_key(rt), rt); 1681 #else 1682 /* 1683 * we assume ifp is not a p2p here, so just 1684 * set the 2nd argument as the 1st one. 1685 */ 1686 nd6_output(ifp, ifp, ln->ln_hold, 1687 (struct sockaddr_in6 *)rt_key(rt), 1688 rt); 1689 #endif 1690 ln->ln_hold = NULL; 1691 } 1692 } else if (ln->ln_state == ND6_LLINFO_INCOMPLETE) { 1693 /* probe right away */ 1694 ln->ln_expire = time_second; 1695 } 1696 } 1697 1698 /* 1699 * ICMP6 type dependent behavior. 1700 * 1701 * NS: clear IsRouter if new entry 1702 * RS: clear IsRouter 1703 * RA: set IsRouter if there's lladdr 1704 * redir: clear IsRouter if new entry 1705 * 1706 * RA case, (1): 1707 * The spec says that we must set IsRouter in the following cases: 1708 * - If lladdr exist, set IsRouter. This means (1-5). 1709 * - If it is old entry (!newentry), set IsRouter. This means (7). 1710 * So, based on the spec, in (1-5) and (7) cases we must set IsRouter. 1711 * A quetion arises for (1) case. (1) case has no lladdr in the 1712 * neighbor cache, this is similar to (6). 1713 * This case is rare but we figured that we MUST NOT set IsRouter. 1714 * 1715 * newentry olladdr lladdr llchange NS RS RA redir 1716 * D R 1717 * 0 n n -- (1) c ? s 1718 * 0 y n -- (2) c s s 1719 * 0 n y -- (3) c s s 1720 * 0 y y n (4) c s s 1721 * 0 y y y (5) c s s 1722 * 1 -- n -- (6) c c c s 1723 * 1 -- y -- (7) c c s c s 1724 * 1725 * (c=clear s=set) 1726 */ 1727 switch (type & 0xff) { 1728 case ND_NEIGHBOR_SOLICIT: 1729 /* 1730 * New entry must have is_router flag cleared. 1731 */ 1732 if (is_newentry) /*(6-7)*/ 1733 ln->ln_router = 0; 1734 break; 1735 case ND_REDIRECT: 1736 /* 1737 * If the icmp is a redirect to a better router, always set the 1738 * is_router flag. Otherwise, if the entry is newly created, 1739 * clear the flag. [RFC 2461, sec 8.3] 1740 */ 1741 if (code == ND_REDIRECT_ROUTER) 1742 ln->ln_router = 1; 1743 else if (is_newentry) /*(6-7)*/ 1744 ln->ln_router = 0; 1745 break; 1746 case ND_ROUTER_SOLICIT: 1747 /* 1748 * is_router flag must always be cleared. 1749 */ 1750 ln->ln_router = 0; 1751 break; 1752 case ND_ROUTER_ADVERT: 1753 /* 1754 * Mark an entry with lladdr as a router. 1755 */ 1756 if ((!is_newentry && (olladdr || lladdr)) /*(2-5)*/ 1757 || (is_newentry && lladdr)) { /*(7)*/ 1758 ln->ln_router = 1; 1759 } 1760 break; 1761 } 1762 1763 /* 1764 * When the link-layer address of a router changes, select the 1765 * best router again. In particular, when the neighbor entry is newly 1766 * created, it might affect the selection policy. 1767 * Question: can we restrict the first condition to the "is_newentry" 1768 * case? 1769 * XXX: when we hear an RA from a new router with the link-layer 1770 * address option, defrouter_select() is called twice, since 1771 * defrtrlist_update called the function as well. However, I believe 1772 * we can compromise the overhead, since it only happens the first 1773 * time. 1774 */ 1775 if (do_update && ln->ln_router && !ip6_forwarding && ip6_accept_rtadv) 1776 defrouter_select(); 1777 1778 return rt; 1779 } 1780 1781 static void 1782 nd6_slowtimo(ignored_arg) 1783 void *ignored_arg; 1784 { 1785 int s = splsoftnet(); 1786 int i; 1787 struct nd_ifinfo *nd6if; 1788 1789 callout_reset(&nd6_slowtimo_ch, ND6_SLOWTIMER_INTERVAL * hz, 1790 nd6_slowtimo, NULL); 1791 for (i = 1; i < if_index + 1; i++) { 1792 if (!nd_ifinfo || i >= nd_ifinfo_indexlim) 1793 continue; 1794 nd6if = &nd_ifinfo[i]; 1795 if (nd6if->basereachable && /* already initialized */ 1796 (nd6if->recalctm -= ND6_SLOWTIMER_INTERVAL) <= 0) { 1797 /* 1798 * Since reachable time rarely changes by router 1799 * advertisements, we SHOULD insure that a new random 1800 * value gets recomputed at least once every few hours. 1801 * (RFC 2461, 6.3.4) 1802 */ 1803 nd6if->recalctm = nd6_recalc_reachtm_interval; 1804 nd6if->reachable = ND_COMPUTE_RTIME(nd6if->basereachable); 1805 } 1806 } 1807 splx(s); 1808 } 1809 1810 #define senderr(e) { error = (e); goto bad;} 1811 int 1812 nd6_output(ifp, origifp, m0, dst, rt0) 1813 struct ifnet *ifp; 1814 struct ifnet *origifp; 1815 struct mbuf *m0; 1816 struct sockaddr_in6 *dst; 1817 struct rtentry *rt0; 1818 { 1819 struct mbuf *m = m0; 1820 struct rtentry *rt = rt0; 1821 struct sockaddr_in6 *gw6 = NULL; 1822 struct llinfo_nd6 *ln = NULL; 1823 int error = 0; 1824 long time_second = time.tv_sec; 1825 1826 if (IN6_IS_ADDR_MULTICAST(&dst->sin6_addr)) 1827 goto sendpkt; 1828 1829 /* 1830 * XXX: we currently do not make neighbor cache on any interface 1831 * other than ARCnet, Ethernet, FDDI and GIF. 1832 * 1833 * RFC2893 says: 1834 * - unidirectional tunnels needs no ND 1835 */ 1836 switch (ifp->if_type) { 1837 case IFT_ARCNET: 1838 case IFT_ETHER: 1839 case IFT_FDDI: 1840 case IFT_IEEE1394: 1841 case IFT_GIF: /* XXX need more cases? */ 1842 break; 1843 default: 1844 goto sendpkt; 1845 } 1846 1847 /* 1848 * next hop determination. This routine is derived from ether_outpout. 1849 */ 1850 if (rt) { 1851 if ((rt->rt_flags & RTF_UP) == 0) { 1852 if ((rt0 = rt = rtalloc1((struct sockaddr *)dst, 1)) != 1853 NULL) 1854 { 1855 rt->rt_refcnt--; 1856 if (rt->rt_ifp != ifp) { 1857 /* XXX: loop care? */ 1858 return nd6_output(ifp, origifp, m0, 1859 dst, rt); 1860 } 1861 } else 1862 senderr(EHOSTUNREACH); 1863 } 1864 1865 if (rt->rt_flags & RTF_GATEWAY) { 1866 gw6 = (struct sockaddr_in6 *)rt->rt_gateway; 1867 1868 /* 1869 * We skip link-layer address resolution and NUD 1870 * if the gateway is not a neighbor from ND point 1871 * of view, regardless the value of the 1872 * nd_ifinfo.flags. 1873 * The second condition is a bit tricky: we skip 1874 * if the gateway is our own address, which is 1875 * sometimes used to install a route to a p2p link. 1876 */ 1877 if (!nd6_is_addr_neighbor(gw6, ifp) || 1878 in6ifa_ifpwithaddr(ifp, &gw6->sin6_addr)) { 1879 /* 1880 * We allow this kind of tricky route only 1881 * when the outgoing interface is p2p. 1882 * XXX: we may need a more generic rule here. 1883 */ 1884 if ((ifp->if_flags & IFF_POINTOPOINT) == 0) 1885 senderr(EHOSTUNREACH); 1886 1887 goto sendpkt; 1888 } 1889 1890 if (rt->rt_gwroute == 0) 1891 goto lookup; 1892 if (((rt = rt->rt_gwroute)->rt_flags & RTF_UP) == 0) { 1893 rtfree(rt); rt = rt0; 1894 lookup: 1895 rt->rt_gwroute = rtalloc1(rt->rt_gateway, 1); 1896 if ((rt = rt->rt_gwroute) == 0) 1897 senderr(EHOSTUNREACH); 1898 /* the "G" test below also prevents rt == rt0 */ 1899 if ((rt->rt_flags & RTF_GATEWAY) || 1900 (rt->rt_ifp != ifp)) { 1901 rt->rt_refcnt--; 1902 rt0->rt_gwroute = 0; 1903 senderr(EHOSTUNREACH); 1904 } 1905 } 1906 } 1907 } 1908 1909 /* 1910 * Address resolution or Neighbor Unreachability Detection 1911 * for the next hop. 1912 * At this point, the destination of the packet must be a unicast 1913 * or an anycast address(i.e. not a multicast). 1914 */ 1915 1916 /* Look up the neighbor cache for the nexthop */ 1917 if (rt && (rt->rt_flags & RTF_LLINFO) != 0) 1918 ln = (struct llinfo_nd6 *)rt->rt_llinfo; 1919 else { 1920 /* 1921 * Since nd6_is_addr_neighbor() internally calls nd6_lookup(), 1922 * the condition below is not very efficient. But we believe 1923 * it is tolerable, because this should be a rare case. 1924 */ 1925 if (nd6_is_addr_neighbor(dst, ifp) && 1926 (rt = nd6_lookup(&dst->sin6_addr, 1, ifp)) != NULL) 1927 ln = (struct llinfo_nd6 *)rt->rt_llinfo; 1928 } 1929 if (!ln || !rt) { 1930 if ((ifp->if_flags & IFF_POINTOPOINT) == 0 && 1931 !(nd_ifinfo[ifp->if_index].flags & ND6_IFF_PERFORMNUD)) { 1932 log(LOG_DEBUG, 1933 "nd6_output: can't allocate llinfo for %s " 1934 "(ln=%p, rt=%p)\n", 1935 ip6_sprintf(&dst->sin6_addr), ln, rt); 1936 senderr(EIO); /* XXX: good error? */ 1937 } 1938 1939 goto sendpkt; /* send anyway */ 1940 } 1941 1942 /* We don't have to do link-layer address resolution on a p2p link. */ 1943 if ((ifp->if_flags & IFF_POINTOPOINT) != 0 && 1944 ln->ln_state < ND6_LLINFO_REACHABLE) { 1945 ln->ln_state = ND6_LLINFO_STALE; 1946 ln->ln_expire = time_second + nd6_gctimer; 1947 } 1948 1949 /* 1950 * The first time we send a packet to a neighbor whose entry is 1951 * STALE, we have to change the state to DELAY and a sets a timer to 1952 * expire in DELAY_FIRST_PROBE_TIME seconds to ensure do 1953 * neighbor unreachability detection on expiration. 1954 * (RFC 2461 7.3.3) 1955 */ 1956 if (ln->ln_state == ND6_LLINFO_STALE) { 1957 ln->ln_asked = 0; 1958 ln->ln_state = ND6_LLINFO_DELAY; 1959 ln->ln_expire = time_second + nd6_delay; 1960 } 1961 1962 /* 1963 * If the neighbor cache entry has a state other than INCOMPLETE 1964 * (i.e. its link-layer address is already reloved), just 1965 * send the packet. 1966 */ 1967 if (ln->ln_state > ND6_LLINFO_INCOMPLETE) 1968 goto sendpkt; 1969 1970 /* 1971 * There is a neighbor cache entry, but no ethernet address 1972 * response yet. Replace the held mbuf (if any) with this 1973 * latest one. 1974 * 1975 * XXX Does the code conform to rate-limiting rule? 1976 * (RFC 2461 7.2.2) 1977 */ 1978 if (ln->ln_state == ND6_LLINFO_NOSTATE) 1979 ln->ln_state = ND6_LLINFO_INCOMPLETE; 1980 if (ln->ln_hold) 1981 m_freem(ln->ln_hold); 1982 ln->ln_hold = m; 1983 if (ln->ln_expire) { 1984 if (ln->ln_asked < nd6_mmaxtries && 1985 ln->ln_expire < time_second) { 1986 ln->ln_asked++; 1987 ln->ln_expire = time_second + 1988 nd_ifinfo[ifp->if_index].retrans / 1000; 1989 nd6_ns_output(ifp, NULL, &dst->sin6_addr, ln, 0); 1990 } 1991 } 1992 return(0); 1993 1994 sendpkt: 1995 1996 if ((ifp->if_flags & IFF_LOOPBACK) != 0) { 1997 return((*ifp->if_output)(origifp, m, (struct sockaddr *)dst, 1998 rt)); 1999 } 2000 return((*ifp->if_output)(ifp, m, (struct sockaddr *)dst, rt)); 2001 2002 bad: 2003 if (m) 2004 m_freem(m); 2005 return (error); 2006 } 2007 #undef senderr 2008 2009 int 2010 nd6_storelladdr(ifp, rt, m, dst, desten) 2011 struct ifnet *ifp; 2012 struct rtentry *rt; 2013 struct mbuf *m; 2014 struct sockaddr *dst; 2015 u_char *desten; 2016 { 2017 struct sockaddr_dl *sdl; 2018 2019 if (m->m_flags & M_MCAST) { 2020 switch (ifp->if_type) { 2021 case IFT_ETHER: 2022 case IFT_FDDI: 2023 ETHER_MAP_IPV6_MULTICAST(&SIN6(dst)->sin6_addr, 2024 desten); 2025 return(1); 2026 case IFT_IEEE1394: 2027 bcopy(ifp->if_broadcastaddr, desten, ifp->if_addrlen); 2028 return(1); 2029 case IFT_ARCNET: 2030 *desten = 0; 2031 return(1); 2032 default: 2033 m_freem(m); 2034 return(0); 2035 } 2036 } 2037 2038 if (rt == NULL) { 2039 /* this could happen, if we could not allocate memory */ 2040 m_freem(m); 2041 return(0); 2042 } 2043 if (rt->rt_gateway->sa_family != AF_LINK) { 2044 printf("nd6_storelladdr: something odd happens\n"); 2045 m_freem(m); 2046 return(0); 2047 } 2048 sdl = SDL(rt->rt_gateway); 2049 if (sdl->sdl_alen == 0) { 2050 /* this should be impossible, but we bark here for debugging */ 2051 printf("nd6_storelladdr: sdl_alen == 0\n"); 2052 m_freem(m); 2053 return(0); 2054 } 2055 2056 bcopy(LLADDR(sdl), desten, sdl->sdl_alen); 2057 return(1); 2058 } 2059