1 /* $NetBSD: nd6.c,v 1.19 2000/02/28 12:08:24 itojun Exp $ */ 2 /* $KAME: nd6.c,v 1.41 2000/02/24 16:34:50 itojun Exp $ */ 3 4 /* 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 /* 34 * XXX 35 * KAME 970409 note: 36 * BSD/OS version heavily modifies this code, related to llinfo. 37 * Since we don't have BSD/OS version of net/route.c in our hand, 38 * I left the code mostly as it was in 970310. -- itojun 39 */ 40 41 #include <sys/param.h> 42 #include <sys/systm.h> 43 #include <sys/malloc.h> 44 #include <sys/mbuf.h> 45 #include <sys/socket.h> 46 #include <sys/sockio.h> 47 #include <sys/time.h> 48 #include <sys/kernel.h> 49 #include <sys/protosw.h> 50 #include <sys/errno.h> 51 #include <sys/ioctl.h> 52 #include <sys/syslog.h> 53 #include <sys/queue.h> 54 55 #include <net/if.h> 56 #include <net/if_dl.h> 57 #include <net/if_types.h> 58 #include <net/if_atm.h> 59 #include <net/route.h> 60 61 #include <netinet/in.h> 62 #include <net/if_ether.h> 63 #include <netinet/if_inarp.h> 64 #include <net/if_fddi.h> 65 #include <netinet6/in6_var.h> 66 #include <netinet/ip6.h> 67 #include <netinet6/ip6_var.h> 68 #include <netinet6/nd6.h> 69 #include <netinet6/in6_prefix.h> 70 #include <netinet/icmp6.h> 71 72 #include "loop.h" 73 extern struct ifnet loif[NLOOP]; 74 75 #include <net/net_osdep.h> 76 77 #define ND6_SLOWTIMER_INTERVAL (60 * 60) /* 1 hour */ 78 #define ND6_RECALC_REACHTM_INTERVAL (60 * 120) /* 2 hours */ 79 80 #define SIN6(s) ((struct sockaddr_in6 *)s) 81 #define SDL(s) ((struct sockaddr_dl *)s) 82 83 /* timer values */ 84 int nd6_prune = 1; /* walk list every 1 seconds */ 85 int nd6_delay = 5; /* delay first probe time 5 second */ 86 int nd6_umaxtries = 3; /* maximum unicast query */ 87 int nd6_mmaxtries = 3; /* maximum multicast query */ 88 int nd6_useloopback = 1; /* use loopback interface for local traffic */ 89 90 /* preventing too many loops in ND option parsing */ 91 int nd6_maxndopt = 10; /* max # of ND options allowed */ 92 93 /* for debugging? */ 94 static int nd6_inuse, nd6_allocated; 95 96 struct llinfo_nd6 llinfo_nd6 = {&llinfo_nd6, &llinfo_nd6}; 97 struct nd_ifinfo *nd_ifinfo = NULL; 98 struct nd_drhead nd_defrouter; 99 struct nd_prhead nd_prefix = { 0 }; 100 101 int nd6_recalc_reachtm_interval = ND6_RECALC_REACHTM_INTERVAL; 102 static struct sockaddr_in6 all1_sa; 103 104 static void nd6_slowtimo __P((void *)); 105 106 void 107 nd6_init() 108 { 109 static int nd6_init_done = 0; 110 int i; 111 112 if (nd6_init_done) { 113 log(LOG_NOTICE, "nd6_init called more than once(ignored)\n"); 114 return; 115 } 116 117 all1_sa.sin6_family = AF_INET6; 118 all1_sa.sin6_len = sizeof(struct sockaddr_in6); 119 for (i = 0; i < sizeof(all1_sa.sin6_addr); i++) 120 all1_sa.sin6_addr.s6_addr[i] = 0xff; 121 122 /* initialization of the default router list */ 123 TAILQ_INIT(&nd_defrouter); 124 125 nd6_init_done = 1; 126 127 /* start timer */ 128 timeout(nd6_slowtimo, (caddr_t)0, ND6_SLOWTIMER_INTERVAL * hz); 129 } 130 131 void 132 nd6_ifattach(ifp) 133 struct ifnet *ifp; 134 { 135 static size_t if_indexlim = 8; 136 137 /* 138 * We have some arrays that should be indexed by if_index. 139 * since if_index will grow dynamically, they should grow too. 140 */ 141 if (nd_ifinfo == NULL || if_index >= if_indexlim) { 142 size_t n; 143 caddr_t q; 144 145 while (if_index >= if_indexlim) 146 if_indexlim <<= 1; 147 148 /* grow nd_ifinfo */ 149 n = if_indexlim * sizeof(struct nd_ifinfo); 150 q = (caddr_t)malloc(n, M_IP6NDP, M_WAITOK); 151 bzero(q, n); 152 if (nd_ifinfo) { 153 bcopy((caddr_t)nd_ifinfo, q, n/2); 154 free((caddr_t)nd_ifinfo, M_IP6NDP); 155 } 156 nd_ifinfo = (struct nd_ifinfo *)q; 157 } 158 159 #define ND nd_ifinfo[ifp->if_index] 160 ND.linkmtu = ifindex2ifnet[ifp->if_index]->if_mtu; 161 ND.chlim = IPV6_DEFHLIM; 162 ND.basereachable = REACHABLE_TIME; 163 ND.reachable = ND_COMPUTE_RTIME(ND.basereachable); 164 ND.retrans = RETRANS_TIMER; 165 ND.receivedra = 0; 166 nd6_setmtu(ifp); 167 #undef ND 168 } 169 170 /* 171 * Reset ND level link MTU. This function is called when the physical MTU 172 * changes, which means we might have to adjust the ND level MTU. 173 */ 174 void 175 nd6_setmtu(ifp) 176 struct ifnet *ifp; 177 { 178 #define MIN(a,b) ((a) < (b) ? (a) : (b)) 179 struct nd_ifinfo *ndi = &nd_ifinfo[ifp->if_index]; 180 u_long oldmaxmtu = ndi->maxmtu; 181 u_long oldlinkmtu = ndi->linkmtu; 182 183 switch(ifp->if_type) { 184 case IFT_ARCNET: /* XXX MTU handling needs more work */ 185 ndi->maxmtu = MIN(60480, ifp->if_mtu); 186 break; 187 case IFT_ETHER: 188 ndi->maxmtu = MIN(ETHERMTU, ifp->if_mtu); 189 break; 190 case IFT_ATM: 191 ndi->maxmtu = MIN(ATMMTU, ifp->if_mtu); 192 break; 193 default: 194 ndi->maxmtu = ifp->if_mtu; 195 break; 196 } 197 198 if (oldmaxmtu != ndi->maxmtu) { 199 /* 200 * If the ND level MTU is not set yet, or if the maxmtu 201 * is reset to a smaller value than the ND level MTU, 202 * also reset the ND level MTU. 203 */ 204 if (ndi->linkmtu == 0 || 205 ndi->maxmtu < ndi->linkmtu) { 206 ndi->linkmtu = ndi->maxmtu; 207 /* also adjust in6_maxmtu if necessary. */ 208 if (oldlinkmtu == 0) { 209 /* 210 * XXX: the case analysis is grotty, but 211 * it is not efficient to call in6_setmaxmtu() 212 * here when we are during the initialization 213 * procedure. 214 */ 215 if (in6_maxmtu < ndi->linkmtu) 216 in6_maxmtu = ndi->linkmtu; 217 } 218 else 219 in6_setmaxmtu(); 220 } 221 } 222 #undef MIN 223 } 224 225 void 226 nd6_option_init(opt, icmp6len, ndopts) 227 void *opt; 228 int icmp6len; 229 union nd_opts *ndopts; 230 { 231 bzero(ndopts, sizeof(*ndopts)); 232 ndopts->nd_opts_search = (struct nd_opt_hdr *)opt; 233 ndopts->nd_opts_last 234 = (struct nd_opt_hdr *)(((u_char *)opt) + icmp6len); 235 236 if (icmp6len == 0) { 237 ndopts->nd_opts_done = 1; 238 ndopts->nd_opts_search = NULL; 239 } 240 } 241 242 /* 243 * Take one ND option. 244 */ 245 struct nd_opt_hdr * 246 nd6_option(ndopts) 247 union nd_opts *ndopts; 248 { 249 struct nd_opt_hdr *nd_opt; 250 int olen; 251 252 if (!ndopts) 253 panic("ndopts == NULL in nd6_option\n"); 254 if (!ndopts->nd_opts_last) 255 panic("uninitialized ndopts in nd6_option\n"); 256 if (!ndopts->nd_opts_search) 257 return NULL; 258 if (ndopts->nd_opts_done) 259 return NULL; 260 261 nd_opt = ndopts->nd_opts_search; 262 263 olen = nd_opt->nd_opt_len << 3; 264 if (olen == 0) { 265 /* 266 * Message validation requires that all included 267 * options have a length that is greater than zero. 268 */ 269 bzero(ndopts, sizeof(*ndopts)); 270 return NULL; 271 } 272 273 ndopts->nd_opts_search = (struct nd_opt_hdr *)((caddr_t)nd_opt + olen); 274 if (!(ndopts->nd_opts_search < ndopts->nd_opts_last)) { 275 ndopts->nd_opts_done = 1; 276 ndopts->nd_opts_search = NULL; 277 } 278 return nd_opt; 279 } 280 281 /* 282 * Parse multiple ND options. 283 * This function is much easier to use, for ND routines that do not need 284 * multiple options of the same type. 285 */ 286 int 287 nd6_options(ndopts) 288 union nd_opts *ndopts; 289 { 290 struct nd_opt_hdr *nd_opt; 291 int i = 0; 292 293 if (!ndopts) 294 panic("ndopts == NULL in nd6_options\n"); 295 if (!ndopts->nd_opts_last) 296 panic("uninitialized ndopts in nd6_options\n"); 297 if (!ndopts->nd_opts_search) 298 return 0; 299 300 while (1) { 301 nd_opt = nd6_option(ndopts); 302 if (!nd_opt && !ndopts->nd_opts_last) { 303 /* 304 * Message validation requires that all included 305 * options have a length that is greater than zero. 306 */ 307 bzero(ndopts, sizeof(*ndopts)); 308 return -1; 309 } 310 311 if (!nd_opt) 312 goto skip1; 313 314 switch (nd_opt->nd_opt_type) { 315 case ND_OPT_SOURCE_LINKADDR: 316 case ND_OPT_TARGET_LINKADDR: 317 case ND_OPT_MTU: 318 case ND_OPT_REDIRECTED_HEADER: 319 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) { 320 printf("duplicated ND6 option found " 321 "(type=%d)\n", nd_opt->nd_opt_type); 322 /* XXX bark? */ 323 } else { 324 ndopts->nd_opt_array[nd_opt->nd_opt_type] 325 = nd_opt; 326 } 327 break; 328 case ND_OPT_PREFIX_INFORMATION: 329 if (ndopts->nd_opt_array[nd_opt->nd_opt_type] == 0) { 330 ndopts->nd_opt_array[nd_opt->nd_opt_type] 331 = nd_opt; 332 } 333 ndopts->nd_opts_pi_end = 334 (struct nd_opt_prefix_info *)nd_opt; 335 break; 336 default: 337 /* 338 * Unknown options must be silently ignored, 339 * to accomodate future extension to the protocol. 340 */ 341 log(LOG_INFO, 342 "nd6_options: unsupported option %d - " 343 "option ignored\n", nd_opt->nd_opt_type); 344 } 345 346 skip1: 347 i++; 348 if (i > nd6_maxndopt) { 349 icmp6stat.icp6s_nd_toomanyopt++; 350 printf("too many loop in nd opt\n"); 351 break; 352 } 353 354 if (ndopts->nd_opts_done) 355 break; 356 } 357 358 return 0; 359 } 360 361 /* 362 * ND6 timer routine to expire default route list and prefix list 363 */ 364 void 365 nd6_timer(ignored_arg) 366 void *ignored_arg; 367 { 368 int s; 369 register struct llinfo_nd6 *ln; 370 register struct nd_defrouter *dr; 371 register struct nd_prefix *pr; 372 long time_second = time.tv_sec; 373 374 s = splsoftnet(); 375 timeout(nd6_timer, (caddr_t)0, nd6_prune * hz); 376 377 ln = llinfo_nd6.ln_next; 378 /* XXX BSD/OS separates this code -- itojun */ 379 while (ln && ln != &llinfo_nd6) { 380 struct rtentry *rt; 381 struct ifnet *ifp; 382 struct sockaddr_in6 *dst; 383 struct llinfo_nd6 *next = ln->ln_next; 384 385 if ((rt = ln->ln_rt) == NULL) { 386 ln = next; 387 continue; 388 } 389 if ((ifp = rt->rt_ifp) == NULL) { 390 ln = next; 391 continue; 392 } 393 dst = (struct sockaddr_in6 *)rt_key(rt); 394 395 if (ln->ln_expire > time_second) { 396 ln = next; 397 continue; 398 } 399 400 /* sanity check */ 401 if (!rt) 402 panic("rt=0 in nd6_timer(ln=%p)\n", ln); 403 if (!dst) 404 panic("dst=0 in nd6_timer(ln=%p)\n", ln); 405 406 switch (ln->ln_state) { 407 case ND6_LLINFO_INCOMPLETE: 408 if (ln->ln_asked < nd6_mmaxtries) { 409 ln->ln_asked++; 410 ln->ln_expire = time_second + 411 nd_ifinfo[ifp->if_index].retrans / 1000; 412 nd6_ns_output(ifp, NULL, &dst->sin6_addr, 413 ln, 0); 414 } else { 415 struct mbuf *m = ln->ln_hold; 416 if (m) { 417 if (rt->rt_ifp) { 418 /* 419 * Fake rcvif to make ICMP error 420 * more helpful in diagnosing 421 * for the receiver. 422 * XXX: should we consider 423 * older rcvif? 424 */ 425 m->m_pkthdr.rcvif = rt->rt_ifp; 426 } 427 icmp6_error(m, ICMP6_DST_UNREACH, 428 ICMP6_DST_UNREACH_ADDR, 0); 429 ln->ln_hold = NULL; 430 } 431 nd6_free(rt); 432 } 433 break; 434 case ND6_LLINFO_REACHABLE: 435 if (ln->ln_expire) 436 ln->ln_state = ND6_LLINFO_STALE; 437 break; 438 /* 439 * ND6_LLINFO_STALE state requires nothing for timer 440 * routine. 441 */ 442 case ND6_LLINFO_DELAY: 443 ln->ln_asked = 1; 444 ln->ln_state = ND6_LLINFO_PROBE; 445 ln->ln_expire = time_second + 446 nd_ifinfo[ifp->if_index].retrans / 1000; 447 nd6_ns_output(ifp, &dst->sin6_addr, &dst->sin6_addr, 448 ln, 0); 449 break; 450 451 case ND6_LLINFO_PROBE: 452 if (ln->ln_asked < nd6_umaxtries) { 453 ln->ln_asked++; 454 ln->ln_expire = time_second + 455 nd_ifinfo[ifp->if_index].retrans / 1000; 456 nd6_ns_output(ifp, &dst->sin6_addr, 457 &dst->sin6_addr, ln, 0); 458 } else { 459 nd6_free(rt); 460 } 461 break; 462 case ND6_LLINFO_WAITDELETE: 463 nd6_free(rt); 464 break; 465 } 466 ln = next; 467 } 468 469 /* expire */ 470 dr = TAILQ_FIRST(&nd_defrouter); 471 while (dr) { 472 if (dr->expire && dr->expire < time_second) { 473 struct nd_defrouter *t; 474 t = TAILQ_NEXT(dr, dr_entry); 475 defrtrlist_del(dr); 476 dr = t; 477 } else 478 dr = TAILQ_NEXT(dr, dr_entry); 479 } 480 pr = nd_prefix.lh_first; 481 while (pr) { 482 struct in6_ifaddr *ia6; 483 struct in6_addrlifetime *lt6; 484 485 if (IN6_IS_ADDR_UNSPECIFIED(&pr->ndpr_addr)) 486 ia6 = NULL; 487 else 488 ia6 = in6ifa_ifpwithaddr(pr->ndpr_ifp, &pr->ndpr_addr); 489 490 if (ia6) { 491 /* check address lifetime */ 492 lt6 = &ia6->ia6_lifetime; 493 if (lt6->ia6t_preferred && lt6->ia6t_preferred < time_second) 494 ia6->ia6_flags |= IN6_IFF_DEPRECATED; 495 if (lt6->ia6t_expire && lt6->ia6t_expire < time_second) { 496 if (!IN6_IS_ADDR_UNSPECIFIED(&pr->ndpr_addr)) 497 in6_ifdel(pr->ndpr_ifp, &pr->ndpr_addr); 498 /* xxx ND_OPT_PI_FLAG_ONLINK processing */ 499 } 500 } 501 502 /* 503 * check prefix lifetime. 504 * since pltime is just for autoconf, pltime processing for 505 * prefix is not necessary. 506 * 507 * we offset expire time by NDPR_KEEP_EXPIRE, so that we 508 * can use the old prefix information to validate the 509 * next prefix information to come. See prelist_update() 510 * for actual validation. 511 */ 512 if (pr->ndpr_expire 513 && pr->ndpr_expire + NDPR_KEEP_EXPIRED < time_second) { 514 struct nd_prefix *t; 515 t = pr->ndpr_next; 516 517 /* 518 * address expiration and prefix expiration are 519 * separate. NEVER perform in6_ifdel here. 520 */ 521 522 prelist_remove(pr); 523 pr = t; 524 } else 525 pr = pr->ndpr_next; 526 } 527 splx(s); 528 } 529 530 /* 531 * Nuke neighbor cache/prefix/default router management table, right before 532 * ifp goes away. 533 */ 534 void 535 nd6_purge(ifp) 536 struct ifnet *ifp; 537 { 538 struct llinfo_nd6 *ln, *nln; 539 struct nd_defrouter *dr, *ndr, drany; 540 struct nd_prefix *pr, *npr; 541 542 /* Nuke default router list entries toward ifp */ 543 if ((dr = TAILQ_FIRST(&nd_defrouter)) != NULL) { 544 /* 545 * The first entry of the list may be stored in 546 * the routing table, so we'll delete it later. 547 */ 548 for (dr = TAILQ_NEXT(dr, dr_entry); dr; dr = ndr) { 549 ndr = TAILQ_NEXT(dr, dr_entry); 550 if (dr->ifp == ifp) 551 defrtrlist_del(dr); 552 } 553 dr = TAILQ_FIRST(&nd_defrouter); 554 if (dr->ifp == ifp) 555 defrtrlist_del(dr); 556 } 557 558 /* Nuke prefix list entries toward ifp */ 559 for (pr = nd_prefix.lh_first; pr; pr = npr) { 560 npr = pr->ndpr_next; 561 if (pr->ndpr_ifp == ifp) { 562 if (!IN6_IS_ADDR_UNSPECIFIED(&pr->ndpr_addr)) 563 in6_ifdel(pr->ndpr_ifp, &pr->ndpr_addr); 564 prelist_remove(pr); 565 } 566 } 567 568 /* cancel default outgoing interface setting */ 569 if (nd6_defifindex == ifp->if_index) 570 nd6_setdefaultiface(0); 571 572 /* refresh default router list */ 573 bzero(&drany, sizeof(drany)); 574 defrouter_delreq(&drany, 0); 575 defrouter_select(); 576 577 /* 578 * Nuke neighbor cache entries for the ifp. 579 * Note that rt->rt_ifp may not be the same as ifp, 580 * due to KAME goto ours hack. See RTM_RESOLVE case in 581 * nd6_rtrequest(), and ip6_input(). 582 */ 583 ln = llinfo_nd6.ln_next; 584 while (ln && ln != &llinfo_nd6) { 585 struct rtentry *rt; 586 struct sockaddr_dl *sdl; 587 588 nln = ln->ln_next; 589 rt = ln->ln_rt; 590 if (rt && rt->rt_gateway && 591 rt->rt_gateway->sa_family == AF_LINK) { 592 sdl = (struct sockaddr_dl *)rt->rt_gateway; 593 if (sdl->sdl_index == ifp->if_index) 594 nd6_free(rt); 595 } 596 ln = nln; 597 } 598 599 /* 600 * Neighbor cache entry for interface route will be retained 601 * with ND6_LLINFO_WAITDELETE state, by nd6_free(). Nuke it. 602 */ 603 ln = llinfo_nd6.ln_next; 604 while (ln && ln != &llinfo_nd6) { 605 struct rtentry *rt; 606 struct sockaddr_dl *sdl; 607 608 nln = ln->ln_next; 609 rt = ln->ln_rt; 610 if (rt && rt->rt_gateway && 611 rt->rt_gateway->sa_family == AF_LINK) { 612 sdl = (struct sockaddr_dl *)rt->rt_gateway; 613 if (sdl->sdl_index == ifp->if_index) { 614 rtrequest(RTM_DELETE, rt_key(rt), 615 (struct sockaddr *)0, rt_mask(rt), 0, 616 (struct rtentry **)0); 617 } 618 } 619 ln = nln; 620 } 621 } 622 623 struct rtentry * 624 nd6_lookup(addr6, create, ifp) 625 struct in6_addr *addr6; 626 int create; 627 struct ifnet *ifp; 628 { 629 struct rtentry *rt; 630 struct sockaddr_in6 sin6; 631 632 bzero(&sin6, sizeof(sin6)); 633 sin6.sin6_len = sizeof(struct sockaddr_in6); 634 sin6.sin6_family = AF_INET6; 635 sin6.sin6_addr = *addr6; 636 rt = rtalloc1((struct sockaddr *)&sin6, create); 637 if (rt && (rt->rt_flags & RTF_LLINFO) == 0) { 638 /* 639 * This is the case for the default route. 640 * If we want to create a neighbor cache for the address, we 641 * should free the route for the destination and allocate an 642 * interface route. 643 */ 644 if (create) { 645 RTFREE(rt); 646 rt = 0; 647 } 648 } 649 if (!rt) { 650 if (create && ifp) { 651 /* 652 * If no route is available and create is set, 653 * we allocate a host route for the destination 654 * and treat it like an interface route. 655 * This hack is necessary for a neighbor which can't 656 * be covered by our own prefix. 657 */ 658 struct ifaddr *ifa = 659 ifaof_ifpforaddr((struct sockaddr *)&sin6, ifp); 660 if (ifa == NULL) 661 return(NULL); 662 663 /* 664 * Create a new route. RTF_LLINFO is necessary 665 * to create a Neighbor Cache entry for the 666 * destination in nd6_rtrequest which will be 667 * called in rtequest via ifa->ifa_rtrequest. 668 */ 669 if (rtrequest(RTM_ADD, (struct sockaddr *)&sin6, 670 ifa->ifa_addr, 671 (struct sockaddr *)&all1_sa, 672 (ifa->ifa_flags | 673 RTF_HOST | RTF_LLINFO) & ~RTF_CLONING, 674 &rt)) 675 log(LOG_ERR, 676 "nd6_lookup: failed to add route for a " 677 "neighbor(%s)\n", ip6_sprintf(addr6)); 678 if (rt == NULL) 679 return(NULL); 680 if (rt->rt_llinfo) { 681 struct llinfo_nd6 *ln = 682 (struct llinfo_nd6 *)rt->rt_llinfo; 683 ln->ln_state = ND6_LLINFO_NOSTATE; 684 } 685 } 686 else 687 return(NULL); 688 } 689 rt->rt_refcnt--; 690 /* 691 * Validation for the entry. 692 * XXX: we can't use rt->rt_ifp to check for the interface, since 693 * it might be the loopback interface if the entry is for our 694 * own address on a non-loopback interface. Instead, we should 695 * use rt->rt_ifa->ifa_ifp, which would specify the REAL interface. 696 */ 697 if ((rt->rt_flags & RTF_GATEWAY) || (rt->rt_flags & RTF_LLINFO) == 0 || 698 rt->rt_gateway->sa_family != AF_LINK || 699 (ifp && rt->rt_ifa->ifa_ifp != ifp)) { 700 if (create) { 701 log(LOG_DEBUG, "nd6_lookup: failed to lookup %s (if = %s)\n", 702 ip6_sprintf(addr6), ifp ? if_name(ifp) : "unspec"); 703 /* xxx more logs... kazu */ 704 } 705 return(0); 706 } 707 return(rt); 708 } 709 710 /* 711 * Detect if a given IPv6 address identifies a neighbor on a given link. 712 * XXX: should take care of the destination of a p2p link? 713 */ 714 int 715 nd6_is_addr_neighbor(addr, ifp) 716 struct in6_addr *addr; 717 struct ifnet *ifp; 718 { 719 register struct ifaddr *ifa; 720 int i; 721 722 #define IFADDR6(a) ((((struct in6_ifaddr *)(a))->ia_addr).sin6_addr) 723 #define IFMASK6(a) ((((struct in6_ifaddr *)(a))->ia_prefixmask).sin6_addr) 724 725 /* A link-local address is always a neighbor. */ 726 if (IN6_IS_ADDR_LINKLOCAL(addr)) 727 return(1); 728 729 /* 730 * If the address matches one of our addresses, 731 * it should be a neighbor. 732 */ 733 for (ifa = ifp->if_addrlist.tqh_first; 734 ifa; 735 ifa = ifa->ifa_list.tqe_next) 736 { 737 if (ifa->ifa_addr->sa_family != AF_INET6) 738 next: continue; 739 740 for (i = 0; i < 4; i++) { 741 if ((IFADDR6(ifa).s6_addr32[i] ^ addr->s6_addr32[i]) & 742 IFMASK6(ifa).s6_addr32[i]) 743 goto next; 744 } 745 return(1); 746 } 747 748 /* 749 * Even if the address matches none of our addresses, it might be 750 * in the neighbor cache. 751 */ 752 if (nd6_lookup(addr, 0, ifp)) 753 return(1); 754 755 return(0); 756 #undef IFADDR6 757 #undef IFMASK6 758 } 759 760 /* 761 * Free an nd6 llinfo entry. 762 */ 763 void 764 nd6_free(rt) 765 struct rtentry *rt; 766 { 767 struct llinfo_nd6 *ln = (struct llinfo_nd6 *)rt->rt_llinfo; 768 struct sockaddr_dl *sdl; 769 struct in6_addr in6 = ((struct sockaddr_in6 *)rt_key(rt))->sin6_addr; 770 struct nd_defrouter *dr; 771 772 /* 773 * Clear all destination cache entries for the neighbor. 774 * XXX: is it better to restrict this to hosts? 775 */ 776 pfctlinput(PRC_HOSTDEAD, rt_key(rt)); 777 778 if (!ip6_forwarding && ip6_accept_rtadv) { /* XXX: too restrictive? */ 779 int s; 780 s = splsoftnet(); 781 dr = defrouter_lookup(&((struct sockaddr_in6 *)rt_key(rt))->sin6_addr, 782 rt->rt_ifp); 783 if (ln->ln_router || dr) { 784 /* 785 * rt6_flush must be called whether or not the neighbor 786 * is in the Default Router List. 787 * See a corresponding comment in nd6_na_input(). 788 */ 789 rt6_flush(&in6, rt->rt_ifp); 790 } 791 792 if (dr) { 793 /* 794 * Unreachablity of a router might affect the default 795 * router selection and on-link detection of advertised 796 * prefixes. 797 */ 798 799 /* 800 * Temporarily fake the state to choose a new default 801 * router and to perform on-link determination of 802 * prefixes coreectly. 803 * Below the state will be set correctly, 804 * or the entry itself will be deleted. 805 */ 806 ln->ln_state = ND6_LLINFO_INCOMPLETE; 807 808 if (dr == TAILQ_FIRST(&nd_defrouter)) { 809 /* 810 * It is used as the current default router, 811 * so we have to move it to the end of the 812 * list and choose a new one. 813 * XXX: it is not very efficient if this is 814 * the only router. 815 */ 816 TAILQ_REMOVE(&nd_defrouter, dr, dr_entry); 817 TAILQ_INSERT_TAIL(&nd_defrouter, dr, dr_entry); 818 819 defrouter_select(); 820 } 821 pfxlist_onlink_check(); 822 } 823 splx(s); 824 } 825 826 if (rt->rt_refcnt > 0 && (sdl = SDL(rt->rt_gateway)) && 827 sdl->sdl_family == AF_LINK) { 828 sdl->sdl_alen = 0; 829 ln->ln_state = ND6_LLINFO_WAITDELETE; 830 ln->ln_asked = 0; 831 rt->rt_flags &= ~RTF_REJECT; 832 return; 833 } 834 835 rtrequest(RTM_DELETE, rt_key(rt), (struct sockaddr *)0, 836 rt_mask(rt), 0, (struct rtentry **)0); 837 } 838 839 /* 840 * Upper-layer reachability hint for Neighbor Unreachability Detection. 841 * 842 * XXX cost-effective metods? 843 */ 844 void 845 nd6_nud_hint(rt, dst6) 846 struct rtentry *rt; 847 struct in6_addr *dst6; 848 { 849 struct llinfo_nd6 *ln; 850 long time_second = time.tv_sec; 851 852 /* 853 * If the caller specified "rt", use that. Otherwise, resolve the 854 * routing table by supplied "dst6". 855 */ 856 if (!rt) { 857 if (!dst6) 858 return; 859 if (!(rt = nd6_lookup(dst6, 0, NULL))) 860 return; 861 } 862 863 if ((rt->rt_flags & RTF_GATEWAY) 864 || (rt->rt_flags & RTF_LLINFO) == 0 865 || !rt->rt_llinfo 866 || !rt->rt_gateway 867 || rt->rt_gateway->sa_family != AF_LINK) { 868 /* This is not a host route. */ 869 return; 870 } 871 872 ln = (struct llinfo_nd6 *)rt->rt_llinfo; 873 if (ln->ln_state == ND6_LLINFO_INCOMPLETE) 874 return; 875 876 ln->ln_state = ND6_LLINFO_REACHABLE; 877 if (ln->ln_expire) 878 ln->ln_expire = time_second + 879 nd_ifinfo[rt->rt_ifp->if_index].reachable; 880 } 881 882 #ifdef OLDIP6OUTPUT 883 /* 884 * Resolve an IP6 address into an ethernet address. If success, 885 * desten is filled in. If there is no entry in ndptab, 886 * set one up and multicast a solicitation for the IP6 address. 887 * Hold onto this mbuf and resend it once the address 888 * is finally resolved. A return value of 1 indicates 889 * that desten has been filled in and the packet should be sent 890 * normally; a 0 return indicates that the packet has been 891 * taken over here, either now or for later transmission. 892 */ 893 int 894 nd6_resolve(ifp, rt, m, dst, desten) 895 struct ifnet *ifp; 896 struct rtentry *rt; 897 struct mbuf *m; 898 struct sockaddr *dst; 899 u_char *desten; 900 { 901 struct llinfo_nd6 *ln = (struct llinfo_nd6 *)NULL; 902 struct sockaddr_dl *sdl; 903 long time_second = time.tv_sec; 904 905 if (m->m_flags & M_MCAST) { 906 switch (ifp->if_type) { 907 case IFT_ETHER: 908 case IFT_FDDI: 909 ETHER_MAP_IPV6_MULTICAST(&SIN6(dst)->sin6_addr, 910 desten); 911 return(1); 912 break; 913 case IFT_ARCNET: 914 *desten = 0; 915 return(1); 916 break; 917 default: 918 return(0); 919 } 920 } 921 if (rt && (rt->rt_flags & RTF_LLINFO) != 0) 922 ln = (struct llinfo_nd6 *)rt->rt_llinfo; 923 else { 924 if ((rt = nd6_lookup(&(SIN6(dst)->sin6_addr), 1, ifp)) != NULL) 925 ln = (struct llinfo_nd6 *)rt->rt_llinfo; 926 } 927 if (!ln || !rt) { 928 log(LOG_DEBUG, "nd6_resolve: can't allocate llinfo for %s\n", 929 ip6_sprintf(&(SIN6(dst)->sin6_addr))); 930 m_freem(m); 931 return(0); 932 } 933 sdl = SDL(rt->rt_gateway); 934 /* 935 * Ckeck the address family and length is valid, the address 936 * is resolved; otherwise, try to resolve. 937 */ 938 if (ln->ln_state >= ND6_LLINFO_REACHABLE 939 && sdl->sdl_family == AF_LINK 940 && sdl->sdl_alen != 0) { 941 bcopy(LLADDR(sdl), desten, sdl->sdl_alen); 942 if (ln->ln_state == ND6_LLINFO_STALE) { 943 ln->ln_asked = 0; 944 ln->ln_state = ND6_LLINFO_DELAY; 945 ln->ln_expire = time_second + nd6_delay; 946 } 947 return(1); 948 } 949 /* 950 * There is an ndp entry, but no ethernet address 951 * response yet. Replace the held mbuf with this 952 * latest one. 953 * 954 * XXX Does the code conform to rate-limiting rule? 955 * (RFC 2461 7.2.2) 956 */ 957 if (ln->ln_state == ND6_LLINFO_WAITDELETE || 958 ln->ln_state == ND6_LLINFO_NOSTATE) 959 ln->ln_state = ND6_LLINFO_INCOMPLETE; 960 if (ln->ln_hold) 961 m_freem(ln->ln_hold); 962 ln->ln_hold = m; 963 if (ln->ln_expire) { 964 rt->rt_flags &= ~RTF_REJECT; 965 if (ln->ln_asked < nd6_mmaxtries && 966 ln->ln_expire < time_second) { 967 ln->ln_asked++; 968 ln->ln_expire = time_second + 969 nd_ifinfo[ifp->if_index].retrans / 1000; 970 nd6_ns_output(ifp, NULL, &(SIN6(dst)->sin6_addr), 971 ln, 0); 972 } 973 } 974 return(0); 975 } 976 #endif /* OLDIP6OUTPUT */ 977 978 void 979 nd6_rtrequest(req, rt, sa) 980 int req; 981 struct rtentry *rt; 982 struct sockaddr *sa; /* xxx unused */ 983 { 984 struct sockaddr *gate = rt->rt_gateway; 985 struct llinfo_nd6 *ln = (struct llinfo_nd6 *)rt->rt_llinfo; 986 static struct sockaddr_dl null_sdl = {sizeof(null_sdl), AF_LINK}; 987 struct ifnet *ifp = rt->rt_ifp; 988 struct ifaddr *ifa; 989 long time_second = time.tv_sec; 990 991 if (rt->rt_flags & RTF_GATEWAY) 992 return; 993 994 switch (req) { 995 case RTM_ADD: 996 /* 997 * There is no backward compatibility :) 998 * 999 * if ((rt->rt_flags & RTF_HOST) == 0 && 1000 * SIN(rt_mask(rt))->sin_addr.s_addr != 0xffffffff) 1001 * rt->rt_flags |= RTF_CLONING; 1002 */ 1003 if (rt->rt_flags & (RTF_CLONING | RTF_LLINFO)) { 1004 /* 1005 * Case 1: This route should come from 1006 * a route to interface. RTF_LLINFO flag is set 1007 * for a host route whose destination should be 1008 * treated as on-link. 1009 */ 1010 rt_setgate(rt, rt_key(rt), 1011 (struct sockaddr *)&null_sdl); 1012 gate = rt->rt_gateway; 1013 SDL(gate)->sdl_type = ifp->if_type; 1014 SDL(gate)->sdl_index = ifp->if_index; 1015 if (ln) 1016 ln->ln_expire = time_second; 1017 #if 1 1018 if (ln && ln->ln_expire == 0) { 1019 /* cludge for desktops */ 1020 #if 0 1021 printf("nd6_request: time.tv_sec is zero; " 1022 "treat it as 1\n"); 1023 #endif 1024 ln->ln_expire = 1; 1025 } 1026 #endif 1027 if (rt->rt_flags & RTF_CLONING) 1028 break; 1029 } 1030 /* 1031 * In IPv4 code, we try to annonuce new RTF_ANNOUNCE entry here. 1032 * We don't do that here since llinfo is not ready yet. 1033 * 1034 * There are also couple of other things to be discussed: 1035 * - unsolicited NA code needs improvement beforehand 1036 * - RFC2461 says we MAY send multicast unsolicited NA 1037 * (7.2.6 paragraph 4), however, it also says that we 1038 * SHOULD provide a mechanism to prevent multicast NA storm. 1039 * we don't have anything like it right now. 1040 * note that the mechanism need a mutual agreement 1041 * between proxies, which means that we need to implement 1042 * a new protocol, or new kludge. 1043 * - from RFC2461 6.2.4, host MUST NOT send unsolicited NA. 1044 * we need to check ip6forwarding before sending it. 1045 * (or should we allow proxy ND configuration only for 1046 * routers? there's no mention about proxy ND from hosts) 1047 */ 1048 #if 0 1049 /* XXX it does not work */ 1050 if (rt->rt_flags & RTF_ANNOUNCE) 1051 nd6_na_output(ifp, 1052 &SIN6(rt_key(rt))->sin6_addr, 1053 &SIN6(rt_key(rt))->sin6_addr, 1054 ip6_forwarding ? ND_NA_FLAG_ROUTER : 0, 1055 1, NULL); 1056 #endif 1057 /* FALLTHROUGH */ 1058 case RTM_RESOLVE: 1059 if (gate->sa_family != AF_LINK || 1060 gate->sa_len < sizeof(null_sdl)) { 1061 log(LOG_DEBUG, "nd6_rtrequest: bad gateway value\n"); 1062 break; 1063 } 1064 SDL(gate)->sdl_type = ifp->if_type; 1065 SDL(gate)->sdl_index = ifp->if_index; 1066 if (ln != 0) 1067 break; /* This happens on a route change */ 1068 /* 1069 * Case 2: This route may come from cloning, or a manual route 1070 * add with a LL address. 1071 */ 1072 R_Malloc(ln, struct llinfo_nd6 *, sizeof(*ln)); 1073 rt->rt_llinfo = (caddr_t)ln; 1074 if (!ln) { 1075 log(LOG_DEBUG, "nd6_rtrequest: malloc failed\n"); 1076 break; 1077 } 1078 nd6_inuse++; 1079 nd6_allocated++; 1080 Bzero(ln, sizeof(*ln)); 1081 ln->ln_rt = rt; 1082 /* this is required for "ndp" command. - shin */ 1083 if (req == RTM_ADD) { 1084 /* 1085 * gate should have some valid AF_LINK entry, 1086 * and ln->ln_expire should have some lifetime 1087 * which is specified by ndp command. 1088 */ 1089 ln->ln_state = ND6_LLINFO_REACHABLE; 1090 } else { 1091 /* 1092 * When req == RTM_RESOLVE, rt is created and 1093 * initialized in rtrequest(), so rt_expire is 0. 1094 */ 1095 ln->ln_state = ND6_LLINFO_NOSTATE; 1096 ln->ln_expire = time_second; 1097 } 1098 rt->rt_flags |= RTF_LLINFO; 1099 ln->ln_next = llinfo_nd6.ln_next; 1100 llinfo_nd6.ln_next = ln; 1101 ln->ln_prev = &llinfo_nd6; 1102 ln->ln_next->ln_prev = ln; 1103 1104 /* 1105 * check if rt_key(rt) is one of my address assigned 1106 * to the interface. 1107 */ 1108 ifa = (struct ifaddr *)in6ifa_ifpwithaddr(rt->rt_ifp, 1109 &SIN6(rt_key(rt))->sin6_addr); 1110 if (ifa) { 1111 caddr_t macp = nd6_ifptomac(ifp); 1112 ln->ln_expire = 0; 1113 ln->ln_state = ND6_LLINFO_REACHABLE; 1114 if (macp) { 1115 Bcopy(macp, LLADDR(SDL(gate)), ifp->if_addrlen); 1116 SDL(gate)->sdl_alen = ifp->if_addrlen; 1117 } 1118 if (nd6_useloopback) { 1119 rt->rt_ifp = &loif[0]; /*XXX*/ 1120 /* 1121 * Make sure rt_ifa be equal to the ifaddr 1122 * corresponding to the address. 1123 * We need this because when we refer 1124 * rt_ifa->ia6_flags in ip6_input, we assume 1125 * that the rt_ifa points to the address instead 1126 * of the loopback address. 1127 */ 1128 if (ifa != rt->rt_ifa) { 1129 IFAFREE(rt->rt_ifa); 1130 IFAREF(ifa); 1131 rt->rt_ifa = ifa; 1132 } 1133 } 1134 } else if (rt->rt_flags & RTF_ANNOUNCE) { 1135 ln->ln_expire = 0; 1136 ln->ln_state = ND6_LLINFO_REACHABLE; 1137 1138 /* join solicited node multicast for proxy ND */ 1139 if (ifp->if_flags & IFF_MULTICAST) { 1140 struct in6_addr llsol; 1141 int error; 1142 1143 llsol = SIN6(rt_key(rt))->sin6_addr; 1144 llsol.s6_addr16[0] = htons(0xff02); 1145 llsol.s6_addr16[1] = htons(ifp->if_index); 1146 llsol.s6_addr32[1] = 0; 1147 llsol.s6_addr32[2] = htonl(1); 1148 llsol.s6_addr8[12] = 0xff; 1149 1150 (void)in6_addmulti(&llsol, ifp, &error); 1151 if (error) 1152 printf( 1153 "nd6_rtrequest: could not join solicited node multicast (errno=%d)\n", error); 1154 } 1155 } 1156 break; 1157 1158 case RTM_DELETE: 1159 if (!ln) 1160 break; 1161 /* leave from solicited node multicast for proxy ND */ 1162 if ((rt->rt_flags & RTF_ANNOUNCE) != 0 && 1163 (ifp->if_flags & IFF_MULTICAST) != 0) { 1164 struct in6_addr llsol; 1165 struct in6_multi *in6m; 1166 1167 llsol = SIN6(rt_key(rt))->sin6_addr; 1168 llsol.s6_addr16[0] = htons(0xff02); 1169 llsol.s6_addr16[1] = htons(ifp->if_index); 1170 llsol.s6_addr32[1] = 0; 1171 llsol.s6_addr32[2] = htonl(1); 1172 llsol.s6_addr8[12] = 0xff; 1173 1174 IN6_LOOKUP_MULTI(llsol, ifp, in6m); 1175 if (in6m) 1176 in6_delmulti(in6m); 1177 } 1178 nd6_inuse--; 1179 ln->ln_next->ln_prev = ln->ln_prev; 1180 ln->ln_prev->ln_next = ln->ln_next; 1181 ln->ln_prev = NULL; 1182 rt->rt_llinfo = 0; 1183 rt->rt_flags &= ~RTF_LLINFO; 1184 if (ln->ln_hold) 1185 m_freem(ln->ln_hold); 1186 Free((caddr_t)ln); 1187 } 1188 } 1189 1190 void 1191 nd6_p2p_rtrequest(req, rt, sa) 1192 int req; 1193 struct rtentry *rt; 1194 struct sockaddr *sa; /* xxx unused */ 1195 { 1196 struct sockaddr *gate = rt->rt_gateway; 1197 static struct sockaddr_dl null_sdl = {sizeof(null_sdl), AF_LINK}; 1198 struct ifnet *ifp = rt->rt_ifp; 1199 struct ifaddr *ifa; 1200 1201 if (rt->rt_flags & RTF_GATEWAY) 1202 return; 1203 1204 switch (req) { 1205 case RTM_ADD: 1206 /* 1207 * There is no backward compatibility :) 1208 * 1209 * if ((rt->rt_flags & RTF_HOST) == 0 && 1210 * SIN(rt_mask(rt))->sin_addr.s_addr != 0xffffffff) 1211 * rt->rt_flags |= RTF_CLONING; 1212 */ 1213 if (rt->rt_flags & RTF_CLONING) { 1214 /* 1215 * Case 1: This route should come from 1216 * a route to interface. 1217 */ 1218 rt_setgate(rt, rt_key(rt), 1219 (struct sockaddr *)&null_sdl); 1220 gate = rt->rt_gateway; 1221 SDL(gate)->sdl_type = ifp->if_type; 1222 SDL(gate)->sdl_index = ifp->if_index; 1223 break; 1224 } 1225 /* Announce a new entry if requested. */ 1226 if (rt->rt_flags & RTF_ANNOUNCE) 1227 nd6_na_output(ifp, 1228 &SIN6(rt_key(rt))->sin6_addr, 1229 &SIN6(rt_key(rt))->sin6_addr, 1230 ip6_forwarding ? ND_NA_FLAG_ROUTER : 0, 1231 1, NULL); 1232 /* FALLTHROUGH */ 1233 case RTM_RESOLVE: 1234 /* 1235 * check if rt_key(rt) is one of my address assigned 1236 * to the interface. 1237 */ 1238 ifa = (struct ifaddr *)in6ifa_ifpwithaddr(rt->rt_ifp, 1239 &SIN6(rt_key(rt))->sin6_addr); 1240 if (ifa) { 1241 if (nd6_useloopback) { 1242 rt->rt_ifp = &loif[0]; /*XXX*/ 1243 } 1244 } 1245 break; 1246 } 1247 } 1248 1249 int 1250 nd6_ioctl(cmd, data, ifp) 1251 u_long cmd; 1252 caddr_t data; 1253 struct ifnet *ifp; 1254 { 1255 struct in6_drlist *drl = (struct in6_drlist *)data; 1256 struct in6_prlist *prl = (struct in6_prlist *)data; 1257 struct in6_ndireq *ndi = (struct in6_ndireq *)data; 1258 struct in6_nbrinfo *nbi = (struct in6_nbrinfo *)data; 1259 struct in6_ndifreq *ndif = (struct in6_ndifreq *)data; 1260 struct nd_defrouter *dr, any; 1261 struct nd_prefix *pr; 1262 struct rtentry *rt; 1263 int i = 0, error = 0; 1264 int s; 1265 1266 switch (cmd) { 1267 case SIOCGDRLST_IN6: 1268 bzero(drl, sizeof(*drl)); 1269 s = splsoftnet(); 1270 dr = TAILQ_FIRST(&nd_defrouter); 1271 while (dr && i < DRLSTSIZ) { 1272 drl->defrouter[i].rtaddr = dr->rtaddr; 1273 if (IN6_IS_ADDR_LINKLOCAL(&drl->defrouter[i].rtaddr)) { 1274 /* XXX: need to this hack for KAME stack */ 1275 drl->defrouter[i].rtaddr.s6_addr16[1] = 0; 1276 } 1277 else 1278 log(LOG_ERR, 1279 "default router list contains a " 1280 "non-linklocal address(%s)\n", 1281 ip6_sprintf(&drl->defrouter[i].rtaddr)); 1282 1283 drl->defrouter[i].flags = dr->flags; 1284 drl->defrouter[i].rtlifetime = dr->rtlifetime; 1285 drl->defrouter[i].expire = dr->expire; 1286 drl->defrouter[i].if_index = dr->ifp->if_index; 1287 i++; 1288 dr = TAILQ_NEXT(dr, dr_entry); 1289 } 1290 splx(s); 1291 break; 1292 case SIOCGPRLST_IN6: 1293 /* 1294 * XXX meaning of fields, especialy "raflags", is very 1295 * differnet between RA prefix list and RR/static prefix list. 1296 * how about separating ioctls into two? 1297 */ 1298 bzero(prl, sizeof(*prl)); 1299 s = splsoftnet(); 1300 pr = nd_prefix.lh_first; 1301 while (pr && i < PRLSTSIZ) { 1302 struct nd_pfxrouter *pfr; 1303 int j; 1304 1305 prl->prefix[i].prefix = pr->ndpr_prefix.sin6_addr; 1306 prl->prefix[i].raflags = pr->ndpr_raf; 1307 prl->prefix[i].prefixlen = pr->ndpr_plen; 1308 prl->prefix[i].vltime = pr->ndpr_vltime; 1309 prl->prefix[i].pltime = pr->ndpr_pltime; 1310 prl->prefix[i].if_index = pr->ndpr_ifp->if_index; 1311 prl->prefix[i].expire = pr->ndpr_expire; 1312 1313 pfr = pr->ndpr_advrtrs.lh_first; 1314 j = 0; 1315 while(pfr) { 1316 if (j < DRLSTSIZ) { 1317 #define RTRADDR prl->prefix[i].advrtr[j] 1318 RTRADDR = pfr->router->rtaddr; 1319 if (IN6_IS_ADDR_LINKLOCAL(&RTRADDR)) { 1320 /* XXX: hack for KAME */ 1321 RTRADDR.s6_addr16[1] = 0; 1322 } 1323 else 1324 log(LOG_ERR, 1325 "a router(%s) advertises " 1326 "a prefix with " 1327 "non-link local address\n", 1328 ip6_sprintf(&RTRADDR)); 1329 #undef RTRADDR 1330 } 1331 j++; 1332 pfr = pfr->pfr_next; 1333 } 1334 prl->prefix[i].advrtrs = j; 1335 prl->prefix[i].origin = PR_ORIG_RA; 1336 1337 i++; 1338 pr = pr->ndpr_next; 1339 } 1340 { 1341 struct rr_prefix *rpp; 1342 1343 for (rpp = LIST_FIRST(&rr_prefix); rpp; 1344 rpp = LIST_NEXT(rpp, rp_entry)) { 1345 if (i >= PRLSTSIZ) 1346 break; 1347 prl->prefix[i].prefix = rpp->rp_prefix.sin6_addr; 1348 prl->prefix[i].raflags = rpp->rp_raf; 1349 prl->prefix[i].prefixlen = rpp->rp_plen; 1350 prl->prefix[i].vltime = rpp->rp_vltime; 1351 prl->prefix[i].pltime = rpp->rp_pltime; 1352 prl->prefix[i].if_index = rpp->rp_ifp->if_index; 1353 prl->prefix[i].expire = rpp->rp_expire; 1354 prl->prefix[i].advrtrs = 0; 1355 prl->prefix[i].origin = rpp->rp_origin; 1356 i++; 1357 } 1358 } 1359 splx(s); 1360 1361 break; 1362 case SIOCGIFINFO_IN6: 1363 ndi->ndi = nd_ifinfo[ifp->if_index]; 1364 break; 1365 case SIOCSNDFLUSH_IN6: /* XXX: the ioctl name is confusing... */ 1366 /* flush default router list */ 1367 /* 1368 * xxx sumikawa: should not delete route if default 1369 * route equals to the top of default router list 1370 */ 1371 bzero(&any, sizeof(any)); 1372 defrouter_delreq(&any, 0); 1373 defrouter_select(); 1374 /* xxx sumikawa: flush prefix list */ 1375 break; 1376 case SIOCSPFXFLUSH_IN6: 1377 { 1378 /* flush all the prefix advertised by routers */ 1379 struct nd_prefix *pr, *next; 1380 1381 s = splsoftnet(); 1382 for (pr = nd_prefix.lh_first; pr; pr = next) { 1383 next = pr->ndpr_next; 1384 if (!IN6_IS_ADDR_UNSPECIFIED(&pr->ndpr_addr)) 1385 in6_ifdel(pr->ndpr_ifp, &pr->ndpr_addr); 1386 prelist_remove(pr); 1387 } 1388 splx(s); 1389 break; 1390 } 1391 case SIOCSRTRFLUSH_IN6: 1392 { 1393 /* flush all the default routers */ 1394 struct nd_defrouter *dr, *next; 1395 1396 s = splsoftnet(); 1397 if ((dr = TAILQ_FIRST(&nd_defrouter)) != NULL) { 1398 /* 1399 * The first entry of the list may be stored in 1400 * the routing table, so we'll delete it later. 1401 */ 1402 for (dr = TAILQ_NEXT(dr, dr_entry); dr; dr = next) { 1403 next = TAILQ_NEXT(dr, dr_entry); 1404 defrtrlist_del(dr); 1405 } 1406 defrtrlist_del(TAILQ_FIRST(&nd_defrouter)); 1407 } 1408 splx(s); 1409 break; 1410 } 1411 case SIOCGNBRINFO_IN6: 1412 { 1413 struct llinfo_nd6 *ln; 1414 struct in6_addr nb_addr = nbi->addr; /* make local for safety */ 1415 1416 /* 1417 * XXX: KAME specific hack for scoped addresses 1418 * XXXX: for other scopes than link-local? 1419 */ 1420 if (IN6_IS_ADDR_LINKLOCAL(&nbi->addr) || 1421 IN6_IS_ADDR_MC_LINKLOCAL(&nbi->addr)) { 1422 u_int16_t *idp = (u_int16_t *)&nb_addr.s6_addr[2]; 1423 1424 if (*idp == 0) 1425 *idp = htons(ifp->if_index); 1426 } 1427 1428 s = splsoftnet(); 1429 if ((rt = nd6_lookup(&nb_addr, 0, ifp)) == NULL) { 1430 error = EINVAL; 1431 splx(s); 1432 break; 1433 } 1434 ln = (struct llinfo_nd6 *)rt->rt_llinfo; 1435 nbi->state = ln->ln_state; 1436 nbi->asked = ln->ln_asked; 1437 nbi->isrouter = ln->ln_router; 1438 nbi->expire = ln->ln_expire; 1439 splx(s); 1440 1441 break; 1442 } 1443 case SIOCGDEFIFACE_IN6: /* XXX: should be implemented as a sysctl? */ 1444 ndif->ifindex = nd6_defifindex; 1445 break; 1446 case SIOCSDEFIFACE_IN6: /* XXX: should be implemented as a sysctl? */ 1447 return(nd6_setdefaultiface(ndif->ifindex)); 1448 break; 1449 } 1450 return(error); 1451 } 1452 1453 /* 1454 * Create neighbor cache entry and cache link-layer address, 1455 * on reception of inbound ND6 packets. (RS/RA/NS/redirect) 1456 */ 1457 struct rtentry * 1458 nd6_cache_lladdr(ifp, from, lladdr, lladdrlen, type, code) 1459 struct ifnet *ifp; 1460 struct in6_addr *from; 1461 char *lladdr; 1462 int lladdrlen; 1463 int type; /* ICMP6 type */ 1464 int code; /* type dependent information */ 1465 { 1466 struct rtentry *rt = NULL; 1467 struct llinfo_nd6 *ln = NULL; 1468 int is_newentry; 1469 struct sockaddr_dl *sdl = NULL; 1470 int do_update; 1471 int olladdr; 1472 int llchange; 1473 int newstate = 0; 1474 long time_second = time.tv_sec; 1475 1476 if (!ifp) 1477 panic("ifp == NULL in nd6_cache_lladdr"); 1478 if (!from) 1479 panic("from == NULL in nd6_cache_lladdr"); 1480 1481 /* nothing must be updated for unspecified address */ 1482 if (IN6_IS_ADDR_UNSPECIFIED(from)) 1483 return NULL; 1484 1485 /* 1486 * Validation about ifp->if_addrlen and lladdrlen must be done in 1487 * the caller. 1488 * 1489 * XXX If the link does not have link-layer adderss, what should 1490 * we do? (ifp->if_addrlen == 0) 1491 * Spec says nothing in sections for RA, RS and NA. There's small 1492 * description on it in NS section (RFC 2461 7.2.3). 1493 */ 1494 1495 rt = nd6_lookup(from, 0, ifp); 1496 if (!rt) { 1497 #if 0 1498 /* nothing must be done if there's no lladdr */ 1499 if (!lladdr || !lladdrlen) 1500 return NULL; 1501 #endif 1502 1503 rt = nd6_lookup(from, 1, ifp); 1504 is_newentry = 1; 1505 } else 1506 is_newentry = 0; 1507 1508 if (!rt) 1509 return NULL; 1510 if ((rt->rt_flags & (RTF_GATEWAY | RTF_LLINFO)) != RTF_LLINFO) { 1511 fail: 1512 nd6_free(rt); 1513 return NULL; 1514 } 1515 ln = (struct llinfo_nd6 *)rt->rt_llinfo; 1516 if (!ln) 1517 goto fail; 1518 if (!rt->rt_gateway) 1519 goto fail; 1520 if (rt->rt_gateway->sa_family != AF_LINK) 1521 goto fail; 1522 sdl = SDL(rt->rt_gateway); 1523 1524 olladdr = (sdl->sdl_alen) ? 1 : 0; 1525 if (olladdr && lladdr) { 1526 if (bcmp(lladdr, LLADDR(sdl), ifp->if_addrlen)) 1527 llchange = 1; 1528 else 1529 llchange = 0; 1530 } else 1531 llchange = 0; 1532 1533 /* 1534 * newentry olladdr lladdr llchange (*=record) 1535 * 0 n n -- (1) 1536 * 0 y n -- (2) 1537 * 0 n y -- (3) * STALE 1538 * 0 y y n (4) * 1539 * 0 y y y (5) * STALE 1540 * 1 -- n -- (6) NOSTATE(= PASSIVE) 1541 * 1 -- y -- (7) * STALE 1542 */ 1543 1544 if (lladdr) { /*(3-5) and (7)*/ 1545 /* 1546 * Record source link-layer address 1547 * XXX is it dependent to ifp->if_type? 1548 */ 1549 sdl->sdl_alen = ifp->if_addrlen; 1550 bcopy(lladdr, LLADDR(sdl), ifp->if_addrlen); 1551 } 1552 1553 if (!is_newentry) { 1554 if ((!olladdr && lladdr) /*(3)*/ 1555 || (olladdr && lladdr && llchange)) { /*(5)*/ 1556 do_update = 1; 1557 newstate = ND6_LLINFO_STALE; 1558 } else /*(1-2,4)*/ 1559 do_update = 0; 1560 } else { 1561 do_update = 1; 1562 if (!lladdr) /*(6)*/ 1563 newstate = ND6_LLINFO_NOSTATE; 1564 else /*(7)*/ 1565 newstate = ND6_LLINFO_STALE; 1566 } 1567 1568 if (do_update) { 1569 /* 1570 * Update the state of the neighbor cache. 1571 */ 1572 ln->ln_state = newstate; 1573 1574 if (ln->ln_state == ND6_LLINFO_STALE) { 1575 rt->rt_flags &= ~RTF_REJECT; 1576 if (ln->ln_hold) { 1577 #ifdef OLDIP6OUTPUT 1578 (*ifp->if_output)(ifp, ln->ln_hold, 1579 rt_key(rt), rt); 1580 #else 1581 nd6_output(ifp, ln->ln_hold, 1582 (struct sockaddr_in6 *)rt_key(rt), 1583 rt); 1584 #endif 1585 ln->ln_hold = 0; 1586 } 1587 } else if (ln->ln_state == ND6_LLINFO_INCOMPLETE) { 1588 /* probe right away */ 1589 ln->ln_expire = time_second; 1590 } 1591 } 1592 1593 /* 1594 * ICMP6 type dependent behavior. 1595 * 1596 * NS: clear IsRouter if new entry 1597 * RS: clear IsRouter 1598 * RA: set IsRouter if there's lladdr 1599 * redir: clear IsRouter if new entry 1600 * 1601 * RA case, (1): 1602 * The spec says that we must set IsRouter in the following cases: 1603 * - If lladdr exist, set IsRouter. This means (1-5). 1604 * - If it is old entry (!newentry), set IsRouter. This means (7). 1605 * So, based on the spec, in (1-5) and (7) cases we must set IsRouter. 1606 * A quetion arises for (1) case. (1) case has no lladdr in the 1607 * neighbor cache, this is similar to (6). 1608 * This case is rare but we figured that we MUST NOT set IsRouter. 1609 * 1610 * newentry olladdr lladdr llchange NS RS RA redir 1611 * D R 1612 * 0 n n -- (1) c ? s 1613 * 0 y n -- (2) c s s 1614 * 0 n y -- (3) c s s 1615 * 0 y y n (4) c s s 1616 * 0 y y y (5) c s s 1617 * 1 -- n -- (6) c c c s 1618 * 1 -- y -- (7) c c s c s 1619 * 1620 * (c=clear s=set) 1621 */ 1622 switch (type & 0xff) { 1623 case ND_NEIGHBOR_SOLICIT: 1624 /* 1625 * New entry must have is_router flag cleared. 1626 */ 1627 if (is_newentry) /*(6-7)*/ 1628 ln->ln_router = 0; 1629 break; 1630 case ND_REDIRECT: 1631 /* 1632 * If the icmp is a redirect to a better router, always set the 1633 * is_router flag. Otherwise, if the entry is newly created, 1634 * clear the flag. [RFC 2461, sec 8.3] 1635 * 1636 */ 1637 if (code == ND_REDIRECT_ROUTER) 1638 ln->ln_router = 1; 1639 else if (is_newentry) /*(6-7)*/ 1640 ln->ln_router = 0; 1641 break; 1642 case ND_ROUTER_SOLICIT: 1643 /* 1644 * is_router flag must always be cleared. 1645 */ 1646 ln->ln_router = 0; 1647 break; 1648 case ND_ROUTER_ADVERT: 1649 /* 1650 * Mark an entry with lladdr as a router. 1651 */ 1652 if ((!is_newentry && (olladdr || lladdr)) /*(2-5)*/ 1653 || (is_newentry && lladdr)) { /*(7)*/ 1654 ln->ln_router = 1; 1655 } 1656 break; 1657 } 1658 1659 return rt; 1660 } 1661 1662 static void 1663 nd6_slowtimo(ignored_arg) 1664 void *ignored_arg; 1665 { 1666 int s = splsoftnet(); 1667 register int i; 1668 register struct nd_ifinfo *nd6if; 1669 1670 timeout(nd6_slowtimo, (caddr_t)0, ND6_SLOWTIMER_INTERVAL * hz); 1671 for (i = 1; i < if_index + 1; i++) { 1672 nd6if = &nd_ifinfo[i]; 1673 if (nd6if->basereachable && /* already initialized */ 1674 (nd6if->recalctm -= ND6_SLOWTIMER_INTERVAL) <= 0) { 1675 /* 1676 * Since reachable time rarely changes by router 1677 * advertisements, we SHOULD insure that a new random 1678 * value gets recomputed at least once every few hours. 1679 * (RFC 2461, 6.3.4) 1680 */ 1681 nd6if->recalctm = nd6_recalc_reachtm_interval; 1682 nd6if->reachable = ND_COMPUTE_RTIME(nd6if->basereachable); 1683 } 1684 } 1685 splx(s); 1686 } 1687 1688 #define senderr(e) { error = (e); goto bad;} 1689 int 1690 nd6_output(ifp, m0, dst, rt0) 1691 register struct ifnet *ifp; 1692 struct mbuf *m0; 1693 struct sockaddr_in6 *dst; 1694 struct rtentry *rt0; 1695 { 1696 register struct mbuf *m = m0; 1697 register struct rtentry *rt = rt0; 1698 struct llinfo_nd6 *ln = NULL; 1699 int error = 0; 1700 long time_second = time.tv_sec; 1701 1702 if (IN6_IS_ADDR_MULTICAST(&dst->sin6_addr)) 1703 goto sendpkt; 1704 1705 /* 1706 * XXX: we currently do not make neighbor cache on any interface 1707 * other than ARCnet, Ethernet and FDDI. 1708 */ 1709 switch (ifp->if_type) { 1710 case IFT_ARCNET: 1711 case IFT_ETHER: 1712 case IFT_FDDI: 1713 break; 1714 default: 1715 goto sendpkt; 1716 } 1717 1718 /* 1719 * next hop determination. This routine is derived from ether_outpout. 1720 */ 1721 if (rt) { 1722 if ((rt->rt_flags & RTF_UP) == 0) { 1723 if ((rt0 = rt = rtalloc1((struct sockaddr *)dst, 1)) != 1724 NULL) 1725 { 1726 rt->rt_refcnt--; 1727 if (rt->rt_ifp != ifp) 1728 return nd6_output(ifp, m0, dst, rt); /* XXX: loop care? */ 1729 } else 1730 senderr(EHOSTUNREACH); 1731 } 1732 if (rt->rt_flags & RTF_GATEWAY) { 1733 if (rt->rt_gwroute == 0) 1734 goto lookup; 1735 if (((rt = rt->rt_gwroute)->rt_flags & RTF_UP) == 0) { 1736 rtfree(rt); rt = rt0; 1737 lookup: rt->rt_gwroute = rtalloc1(rt->rt_gateway, 1); 1738 if ((rt = rt->rt_gwroute) == 0) 1739 senderr(EHOSTUNREACH); 1740 } 1741 } 1742 if (rt->rt_flags & RTF_REJECT) 1743 senderr(rt == rt0 ? EHOSTDOWN : EHOSTUNREACH); 1744 } 1745 1746 /* 1747 * Address resolution or Neighbor Unreachability Detection 1748 * for the next hop. 1749 * At this point, the destination of the packet must be a unicast 1750 * or an anycast address(i.e. not a multicast). 1751 */ 1752 1753 /* Look up the neighbor cache for the nexthop */ 1754 if (rt && (rt->rt_flags & RTF_LLINFO) != 0) 1755 ln = (struct llinfo_nd6 *)rt->rt_llinfo; 1756 else { 1757 if ((rt = nd6_lookup(&dst->sin6_addr, 1, ifp)) != NULL) 1758 ln = (struct llinfo_nd6 *)rt->rt_llinfo; 1759 } 1760 if (!ln || !rt) { 1761 log(LOG_DEBUG, "nd6_output: can't allocate llinfo for %s " 1762 "(ln=%p, rt=%p)\n", 1763 ip6_sprintf(&dst->sin6_addr), ln, rt); 1764 senderr(EIO); /* XXX: good error? */ 1765 } 1766 1767 1768 /* 1769 * The first time we send a packet to a neighbor whose entry is 1770 * STALE, we have to change the state to DELAY and a sets a timer to 1771 * expire in DELAY_FIRST_PROBE_TIME seconds to ensure do 1772 * neighbor unreachability detection on expiration. 1773 * (RFC 2461 7.3.3) 1774 */ 1775 if (ln->ln_state == ND6_LLINFO_STALE) { 1776 ln->ln_asked = 0; 1777 ln->ln_state = ND6_LLINFO_DELAY; 1778 ln->ln_expire = time_second + nd6_delay; 1779 } 1780 1781 /* 1782 * If the neighbor cache entry has a state other than INCOMPLETE 1783 * (i.e. its link-layer address is already reloved), just 1784 * send the packet. 1785 */ 1786 if (ln->ln_state > ND6_LLINFO_INCOMPLETE) 1787 goto sendpkt; 1788 1789 /* 1790 * There is a neighbor cache entry, but no ethernet address 1791 * response yet. Replace the held mbuf (if any) with this 1792 * latest one. 1793 * 1794 * XXX Does the code conform to rate-limiting rule? 1795 * (RFC 2461 7.2.2) 1796 */ 1797 if (ln->ln_state == ND6_LLINFO_WAITDELETE || 1798 ln->ln_state == ND6_LLINFO_NOSTATE) 1799 ln->ln_state = ND6_LLINFO_INCOMPLETE; 1800 if (ln->ln_hold) 1801 m_freem(ln->ln_hold); 1802 ln->ln_hold = m; 1803 if (ln->ln_expire) { 1804 rt->rt_flags &= ~RTF_REJECT; 1805 if (ln->ln_asked < nd6_mmaxtries && 1806 ln->ln_expire < time_second) { 1807 ln->ln_asked++; 1808 ln->ln_expire = time_second + 1809 nd_ifinfo[ifp->if_index].retrans / 1000; 1810 nd6_ns_output(ifp, NULL, &dst->sin6_addr, ln, 0); 1811 } 1812 } 1813 return(0); 1814 1815 sendpkt: 1816 return((*ifp->if_output)(ifp, m, (struct sockaddr *)dst, rt)); 1817 1818 bad: 1819 if (m) 1820 m_freem(m); 1821 return (error); 1822 } 1823 #undef senderr 1824 1825 int 1826 nd6_storelladdr(ifp, rt, m, dst, desten) 1827 struct ifnet *ifp; 1828 struct rtentry *rt; 1829 struct mbuf *m; 1830 struct sockaddr *dst; 1831 u_char *desten; 1832 { 1833 struct sockaddr_dl *sdl; 1834 1835 if (m->m_flags & M_MCAST) { 1836 switch (ifp->if_type) { 1837 case IFT_ETHER: 1838 case IFT_FDDI: 1839 ETHER_MAP_IPV6_MULTICAST(&SIN6(dst)->sin6_addr, 1840 desten); 1841 return(1); 1842 break; 1843 case IFT_ARCNET: 1844 *desten = 0; 1845 return(1); 1846 default: 1847 return(0); 1848 } 1849 } 1850 1851 if (rt == NULL || 1852 rt->rt_gateway->sa_family != AF_LINK) { 1853 printf("nd6_storelladdr: something odd happens\n"); 1854 return(0); 1855 } 1856 sdl = SDL(rt->rt_gateway); 1857 if (sdl->sdl_alen != 0) 1858 bcopy(LLADDR(sdl), desten, sdl->sdl_alen); 1859 1860 return(1); 1861 } 1862