Improve handling of IPv6 SLAAC renumbering scenarios

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

Improve handling of IPv6 SLAAC renumbering scenarios

Fernando Gont-2
Folks,

This improves IPv6 SLAAC handling of renumbering scenarios. At the time
of this writing, this doesn't follow the spec, but is the right thing.

Essentially, PIOs will employ these default values:
Preferred Lifetime = Router Lifetime (as sent by router, defaulting to 1800)
Valid Lifetime= 48 * Preferred Lifetime

(unless you manually set them to something else)

The problem statement for this is in this IETF I-D (v6ops wg item):
https://tools.ietf.org/html/draft-ietf-v6ops-slaac-renum

And the changes are described Section 4.1.1 of this (*individual* I-D):
https://tools.ietf.org/html/draft-gont-6man-slaac-renum-04

Note: More is needed... but this is at least something. If you like the
patch, I may implement the rest of the proposal.

Thoughts?


---- cut here ----
diff --git frontend.c frontend.c
index c932c3dfca3..80c16f953ea 100644
--- frontend.c
+++ frontend.c
@@ -128,7 +128,8 @@ struct ra_iface_conf *find_ra_iface_conf(struct
ra_iface_conf_head *,
  struct ra_prefix_conf *find_ra_prefix_conf(struct ra_prefix_conf_head*,
     struct in6_addr *, int);
  void add_new_prefix_to_ra_iface(struct ra_iface *r,
-    struct in6_addr *, int, struct ra_prefix_conf *);
+    struct in6_addr *, int, struct ra_prefix_conf *,
+    struct ra_iface_conf *);
  void free_ra_iface(struct ra_iface *);
  int in6_mask2prefixlen(struct in6_addr *);
  void get_interface_prefixes(struct ra_iface *,
@@ -858,16 +859,16 @@ merge_ra_interfaces(void)
  continue;
  }

- ra_iface_conf = find_ra_iface_conf(
-    &frontend_conf->ra_iface_list, ra_iface->conf_name);
+ ra_iface_conf = find_ra_iface_conf(&frontend_conf->ra_iface_list,
+    ra_iface->name);

  log_debug("add static prefixes for %s", ra_iface->name);

  SIMPLEQ_FOREACH(ra_prefix_conf, &ra_iface_conf->ra_prefix_list,
     entry) {
  add_new_prefix_to_ra_iface(ra_iface,
-    &ra_prefix_conf->prefix,
-    ra_prefix_conf->prefixlen, ra_prefix_conf);
+    &ra_prefix_conf->prefix, ra_prefix_conf->prefixlen,
+     ra_prefix_conf, ra_iface_conf);
  }

  if (ra_iface_conf->autoprefix)
@@ -926,6 +927,7 @@ get_interface_prefixes(struct ra_iface *ra_iface,
struct ra_prefix_conf
  struct ifaddrs *ifap, *ifa;
  struct sockaddr_in6 *sin6;
  int prefixlen;
+ struct ra_iface_conf *ra_iface_conf;

  log_debug("%s: %s", __func__, ra_iface->name);

@@ -959,8 +961,11 @@ get_interface_prefixes(struct ra_iface *ra_iface,
struct ra_prefix_conf

  mask_prefix(&sin6->sin6_addr, prefixlen);

+ ra_iface_conf = find_ra_iface_conf(&frontend_conf->ra_iface_list,
+    ra_iface->name);
+
  add_new_prefix_to_ra_iface(ra_iface, &sin6->sin6_addr,
-    prefixlen, autoprefix);
+    prefixlen, autoprefix, ra_iface_conf);
  }
  freeifaddrs(ifap);
  }
@@ -982,7 +987,8 @@ find_ra_prefix_conf(struct ra_prefix_conf_head*
head, struct in6_addr *prefix,

  void
  add_new_prefix_to_ra_iface(struct ra_iface *ra_iface, struct in6_addr
*addr,
-    int prefixlen, struct ra_prefix_conf *ra_prefix_conf)
+    int prefixlen, struct ra_prefix_conf *ra_prefix_conf,
+    struct ra_iface_conf *ra_iface_conf)
  {
  struct ra_prefix_conf *new_ra_prefix_conf;

@@ -992,6 +998,9 @@ add_new_prefix_to_ra_iface(struct ra_iface
*ra_iface, struct in6_addr *addr,
  return;
  }

+ ra_iface_conf = find_ra_iface_conf(&frontend_conf->ra_iface_list,
+    ra_iface->name);
+
  log_debug("adding %s/%d prefix", in6_to_str(addr), prefixlen);

  if ((new_ra_prefix_conf = calloc(1, sizeof(*ra_prefix_conf))) == NULL)
@@ -999,7 +1008,18 @@ add_new_prefix_to_ra_iface(struct ra_iface
*ra_iface, struct in6_addr *addr,
  new_ra_prefix_conf->prefix = *addr;
  new_ra_prefix_conf->prefixlen = prefixlen;
  new_ra_prefix_conf->vltime = ra_prefix_conf->vltime;
- new_ra_prefix_conf->pltime = ra_prefix_conf->pltime;
+
+ if(ra_prefix_conf->pltime == DEFAULT_PIO_PLTIME &&
+   ra_iface_conf->ra_options.router_lifetime > DEFAULT_PIO_PLTIME) {
+ new_ra_prefix_conf->pltime =
+            ra_iface_conf->ra_options.router_lifetime;
+ new_ra_prefix_conf->vltime = new_ra_prefix_conf->pltime * 48;
+ }
+ else{
+     new_ra_prefix_conf->pltime = ra_prefix_conf->pltime;
+ new_ra_prefix_conf->vltime = ra_prefix_conf->vltime;
+ }
+
  new_ra_prefix_conf->aflag = ra_prefix_conf->aflag;
  new_ra_prefix_conf->lflag = ra_prefix_conf->lflag;
  SIMPLEQ_INSERT_TAIL(&ra_iface->prefixes, new_ra_prefix_conf, entry);
diff --git parse.y parse.y
index bb18c3d9c9c..5c45ced6147 100644
--- parse.y
+++ parse.y
@@ -964,8 +964,8 @@ conf_get_ra_prefix(struct in6_addr *addr, int prefixlen)
  if (prefix == NULL)
  errx(1, "%s: calloc", __func__);
  prefix->prefixlen = prefixlen;
- prefix->vltime = 2592000; /* 30 days */
- prefix->pltime = 604800; /* 7 days */
+ prefix->vltime = DEFAULT_PIO_VLTIME;
+ prefix->pltime = DEFAULT_PIO_PLTIME;
  prefix->lflag = 1;
  prefix->aflag = 1;

diff --git rad.h rad.h
index 2bbf7c8ed5c..e77e8f38c4c 100644
--- rad.h
+++ rad.h
@@ -31,7 +31,8 @@
  #define MIN_RTR_ADV_INTERVAL 200
  #define MAX_SEARCH 1025 /* same as MAXDNAME in arpa/nameser.h */
  #define DEFAULT_RDNS_LIFETIME 600 * 1.5
-
+#define DEFAULT_PIO_PLTIME 1800
+#define DEFAULT_PIO_VLTIME 1800 * 48
  #define IMSG_DATA_SIZE(imsg) ((imsg).hdr.len - IMSG_HEADER_SIZE)

  enum {
---- cut here ----

--
Fernando Gont
e-mail: [hidden email] || [hidden email]
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1



Reply | Threaded
Open this post in threaded view
|

Re: Improve handling of IPv6 SLAAC renumbering scenarios

Denis Fondras
On Sat, Mar 14, 2020 at 12:54:20PM -0300, Fernando Gont wrote:

> Folks,
>
> This improves IPv6 SLAAC handling of renumbering scenarios. At the time of
> this writing, this doesn't follow the spec, but is the right thing.
>
> Essentially, PIOs will employ these default values:
> Preferred Lifetime = Router Lifetime (as sent by router, defaulting to 1800)
> Valid Lifetime= 48 * Preferred Lifetime
>
> (unless you manually set them to something else)
>
> The problem statement for this is in this IETF I-D (v6ops wg item):
> https://tools.ietf.org/html/draft-ietf-v6ops-slaac-renum
>
> And the changes are described Section 4.1.1 of this (*individual* I-D):
> https://tools.ietf.org/html/draft-gont-6man-slaac-renum-04
>
> Note: More is needed... but this is at least something. If you like the
> patch, I may implement the rest of the proposal.
>
> Thoughts?
>
>
> ---- cut here ----
> diff --git frontend.c frontend.c
> index c932c3dfca3..80c16f953ea 100644
> --- frontend.c
> +++ frontend.c
> @@ -128,7 +128,8 @@ struct ra_iface_conf *find_ra_iface_conf(struct
> ra_iface_conf_head *,
>  struct ra_prefix_conf *find_ra_prefix_conf(struct ra_prefix_conf_head*,
>      struct in6_addr *, int);
>  void add_new_prefix_to_ra_iface(struct ra_iface *r,
> -    struct in6_addr *, int, struct ra_prefix_conf *);
> +    struct in6_addr *, int, struct ra_prefix_conf *,
> +    struct ra_iface_conf *);
>  void free_ra_iface(struct ra_iface *);
>  int in6_mask2prefixlen(struct in6_addr *);
>  void get_interface_prefixes(struct ra_iface *,
> @@ -858,16 +859,16 @@ merge_ra_interfaces(void)
>   continue;
>   }
>
> - ra_iface_conf = find_ra_iface_conf(
> -    &frontend_conf->ra_iface_list, ra_iface->conf_name);
> + ra_iface_conf = find_ra_iface_conf(&frontend_conf->ra_iface_list,
> +    ra_iface->name);
>
>   log_debug("add static prefixes for %s", ra_iface->name);
>
>   SIMPLEQ_FOREACH(ra_prefix_conf, &ra_iface_conf->ra_prefix_list,
>      entry) {
>   add_new_prefix_to_ra_iface(ra_iface,
> -    &ra_prefix_conf->prefix,
> -    ra_prefix_conf->prefixlen, ra_prefix_conf);
> +    &ra_prefix_conf->prefix, ra_prefix_conf->prefixlen,
> +     ra_prefix_conf, ra_iface_conf);
>   }
>
>   if (ra_iface_conf->autoprefix)
> @@ -926,6 +927,7 @@ get_interface_prefixes(struct ra_iface *ra_iface, struct
> ra_prefix_conf
>   struct ifaddrs *ifap, *ifa;
>   struct sockaddr_in6 *sin6;
>   int prefixlen;
> + struct ra_iface_conf *ra_iface_conf;
>
>   log_debug("%s: %s", __func__, ra_iface->name);
>
> @@ -959,8 +961,11 @@ get_interface_prefixes(struct ra_iface *ra_iface,
> struct ra_prefix_conf
>
>   mask_prefix(&sin6->sin6_addr, prefixlen);
>
> + ra_iface_conf = find_ra_iface_conf(&frontend_conf->ra_iface_list,
> +    ra_iface->name);
> +
>   add_new_prefix_to_ra_iface(ra_iface, &sin6->sin6_addr,
> -    prefixlen, autoprefix);
> +    prefixlen, autoprefix, ra_iface_conf);
>   }
>   freeifaddrs(ifap);
>  }
> @@ -982,7 +987,8 @@ find_ra_prefix_conf(struct ra_prefix_conf_head* head,
> struct in6_addr *prefix,
>
>  void
>  add_new_prefix_to_ra_iface(struct ra_iface *ra_iface, struct in6_addr
> *addr,
> -    int prefixlen, struct ra_prefix_conf *ra_prefix_conf)
> +    int prefixlen, struct ra_prefix_conf *ra_prefix_conf,
> +    struct ra_iface_conf *ra_iface_conf)
>  {
>   struct ra_prefix_conf *new_ra_prefix_conf;
>
> @@ -992,6 +998,9 @@ add_new_prefix_to_ra_iface(struct ra_iface *ra_iface,
> struct in6_addr *addr,
>   return;
>   }
>
> + ra_iface_conf = find_ra_iface_conf(&frontend_conf->ra_iface_list,
> +    ra_iface->name);
> +
>   log_debug("adding %s/%d prefix", in6_to_str(addr), prefixlen);
>
>   if ((new_ra_prefix_conf = calloc(1, sizeof(*ra_prefix_conf))) == NULL)
> @@ -999,7 +1008,18 @@ add_new_prefix_to_ra_iface(struct ra_iface *ra_iface,
> struct in6_addr *addr,
>   new_ra_prefix_conf->prefix = *addr;
>   new_ra_prefix_conf->prefixlen = prefixlen;
>   new_ra_prefix_conf->vltime = ra_prefix_conf->vltime;

I guess this line ^^ can be removed.

> - new_ra_prefix_conf->pltime = ra_prefix_conf->pltime;
> +
> + if(ra_prefix_conf->pltime == DEFAULT_PIO_PLTIME &&
> +   ra_iface_conf->ra_options.router_lifetime > DEFAULT_PIO_PLTIME) {
> + new_ra_prefix_conf->pltime =
> +            ra_iface_conf->ra_options.router_lifetime;
> + new_ra_prefix_conf->vltime = new_ra_prefix_conf->pltime * 48;
> + }
> + else{
> +     new_ra_prefix_conf->pltime = ra_prefix_conf->pltime;
> + new_ra_prefix_conf->vltime = ra_prefix_conf->vltime;
> + }
> +
>   new_ra_prefix_conf->aflag = ra_prefix_conf->aflag;
>   new_ra_prefix_conf->lflag = ra_prefix_conf->lflag;
>   SIMPLEQ_INSERT_TAIL(&ra_iface->prefixes, new_ra_prefix_conf, entry);
> diff --git parse.y parse.y
> index bb18c3d9c9c..5c45ced6147 100644
> --- parse.y
> +++ parse.y
> @@ -964,8 +964,8 @@ conf_get_ra_prefix(struct in6_addr *addr, int prefixlen)
>   if (prefix == NULL)
>   errx(1, "%s: calloc", __func__);
>   prefix->prefixlen = prefixlen;
> - prefix->vltime = 2592000; /* 30 days */
> - prefix->pltime = 604800; /* 7 days */
> + prefix->vltime = DEFAULT_PIO_VLTIME;
> + prefix->pltime = DEFAULT_PIO_PLTIME;
>   prefix->lflag = 1;
>   prefix->aflag = 1;
>
> diff --git rad.h rad.h
> index 2bbf7c8ed5c..e77e8f38c4c 100644
> --- rad.h
> +++ rad.h
> @@ -31,7 +31,8 @@
>  #define MIN_RTR_ADV_INTERVAL 200
>  #define MAX_SEARCH 1025 /* same as MAXDNAME in arpa/nameser.h */
>  #define DEFAULT_RDNS_LIFETIME 600 * 1.5
> -
> +#define DEFAULT_PIO_PLTIME 1800
> +#define DEFAULT_PIO_VLTIME 1800 * 48
>  #define IMSG_DATA_SIZE(imsg) ((imsg).hdr.len - IMSG_HEADER_SIZE)
>
>  enum {

It reads good and builds (a pain to apply though).
Not tested further.

Reply | Threaded
Open this post in threaded view
|

PATCH: rad(8) Better PIO default lifetimes (was: Re: Improve handling of IPv6 SLAAC renumbering scenarios)

Fernando Gont-2
In reply to this post by Fernando Gont-2
Florian/folks,

This is an improved version:

Essentially, if the lifetime of a prefix is not specified (i.e., the
admin relies on the default values), the Preferred Lifetime is set to
the Router Lifetime, and the Valid Lifetime is set to Router Lifetime *
48 (one day)

This improve the state of affairs for renumbering events on the router side.


---- cut here ----
diff --git frontend.c frontend.c
index c932c3dfca3..fd0f16779aa 100644
--- frontend.c
+++ frontend.c
@@ -128,7 +128,8 @@ struct ra_iface_conf *find_ra_iface_conf(struct
ra_iface_conf_head *,
  struct ra_prefix_conf *find_ra_prefix_conf(struct ra_prefix_conf_head*,
     struct in6_addr *, int);
  void add_new_prefix_to_ra_iface(struct ra_iface *r,
-    struct in6_addr *, int, struct ra_prefix_conf *);
+    struct in6_addr *, int, struct ra_prefix_conf *,
+    struct ra_iface_conf *);
  void free_ra_iface(struct ra_iface *);
  int in6_mask2prefixlen(struct in6_addr *);
  void get_interface_prefixes(struct ra_iface *,
@@ -858,16 +859,16 @@ merge_ra_interfaces(void)
  continue;
  }

- ra_iface_conf = find_ra_iface_conf(
-    &frontend_conf->ra_iface_list, ra_iface->conf_name);
+ ra_iface_conf = find_ra_iface_conf(&frontend_conf->ra_iface_list,
+    ra_iface->name);

  log_debug("add static prefixes for %s", ra_iface->name);

  SIMPLEQ_FOREACH(ra_prefix_conf, &ra_iface_conf->ra_prefix_list,
     entry) {
  add_new_prefix_to_ra_iface(ra_iface,
-    &ra_prefix_conf->prefix,
-    ra_prefix_conf->prefixlen, ra_prefix_conf);
+    &ra_prefix_conf->prefix, ra_prefix_conf->prefixlen,
+     ra_prefix_conf, ra_iface_conf);
  }

  if (ra_iface_conf->autoprefix)
@@ -926,6 +927,7 @@ get_interface_prefixes(struct ra_iface *ra_iface,
struct ra_prefix_conf
  struct ifaddrs *ifap, *ifa;
  struct sockaddr_in6 *sin6;
  int prefixlen;
+ struct ra_iface_conf *ra_iface_conf;

  log_debug("%s: %s", __func__, ra_iface->name);

@@ -959,8 +961,11 @@ get_interface_prefixes(struct ra_iface *ra_iface,
struct ra_prefix_conf

  mask_prefix(&sin6->sin6_addr, prefixlen);

+ ra_iface_conf = find_ra_iface_conf(&frontend_conf->ra_iface_list,
+    ra_iface->name);
+
  add_new_prefix_to_ra_iface(ra_iface, &sin6->sin6_addr,
-    prefixlen, autoprefix);
+    prefixlen, autoprefix, ra_iface_conf);
  }
  freeifaddrs(ifap);
  }
@@ -982,7 +987,8 @@ find_ra_prefix_conf(struct ra_prefix_conf_head*
head, struct in6_addr *prefix,

  void
  add_new_prefix_to_ra_iface(struct ra_iface *ra_iface, struct in6_addr
*addr,
-    int prefixlen, struct ra_prefix_conf *ra_prefix_conf)
+    int prefixlen, struct ra_prefix_conf *ra_prefix_conf,
+    struct ra_iface_conf *ra_iface_conf)
  {
  struct ra_prefix_conf *new_ra_prefix_conf;

@@ -992,14 +998,28 @@ add_new_prefix_to_ra_iface(struct ra_iface
*ra_iface, struct in6_addr *addr,
  return;
  }

+ ra_iface_conf = find_ra_iface_conf(&frontend_conf->ra_iface_list,
+    ra_iface->name);
+
  log_debug("adding %s/%d prefix", in6_to_str(addr), prefixlen);

  if ((new_ra_prefix_conf = calloc(1, sizeof(*ra_prefix_conf))) == NULL)
  fatal("%s", __func__);
  new_ra_prefix_conf->prefix = *addr;
  new_ra_prefix_conf->prefixlen = prefixlen;
- new_ra_prefix_conf->vltime = ra_prefix_conf->vltime;
- new_ra_prefix_conf->pltime = ra_prefix_conf->pltime;
+
+ if(ra_prefix_conf->pltime == DEFAULT_PIO_PLTIME &&
+   ra_iface_conf->ra_options.router_lifetime > DEFAULT_PIO_PLTIME) {
+ new_ra_prefix_conf->pltime =
+ ra_iface_conf->ra_options.router_lifetime;
+ new_ra_prefix_conf->vltime = new_ra_prefix_conf->pltime *
+    DFLT_VLTIME_MULT;
+ }
+ else{
+ new_ra_prefix_conf->pltime = ra_prefix_conf->pltime;
+ new_ra_prefix_conf->vltime = ra_prefix_conf->vltime;
+ }
+
  new_ra_prefix_conf->aflag = ra_prefix_conf->aflag;
  new_ra_prefix_conf->lflag = ra_prefix_conf->lflag;
  SIMPLEQ_INSERT_TAIL(&ra_iface->prefixes, new_ra_prefix_conf, entry);
diff --git parse.y parse.y
index bb18c3d9c9c..5c45ced6147 100644
--- parse.y
+++ parse.y
@@ -964,8 +964,8 @@ conf_get_ra_prefix(struct in6_addr *addr, int prefixlen)
  if (prefix == NULL)
  errx(1, "%s: calloc", __func__);
  prefix->prefixlen = prefixlen;
- prefix->vltime = 2592000; /* 30 days */
- prefix->pltime = 604800; /* 7 days */
+ prefix->vltime = DEFAULT_PIO_VLTIME;
+ prefix->pltime = DEFAULT_PIO_PLTIME;
  prefix->lflag = 1;
  prefix->aflag = 1;

diff --git rad.h rad.h
index 2bbf7c8ed5c..a94dd07bc36 100644
--- rad.h
+++ rad.h
@@ -31,7 +31,9 @@
  #define MIN_RTR_ADV_INTERVAL 200
  #define MAX_SEARCH 1025 /* same as MAXDNAME in arpa/nameser.h */
  #define DEFAULT_RDNS_LIFETIME 600 * 1.5
-
+#define DFLT_VLTIME_MULT 48
+#define DEFAULT_PIO_PLTIME 1800
+#define DEFAULT_PIO_VLTIME 1800 * DFLT_VLTIME_MULT
  #define IMSG_DATA_SIZE(imsg) ((imsg).hdr.len - IMSG_HEADER_SIZE)

  enum {
---- cut here ----

Also at: https://www.gont.com.ar/code/fgont-patch-rad-pio-lifetimes.txt



On 14/3/20 12:54, Fernando Gont wrote:

> Folks,
>
> This improves IPv6 SLAAC handling of renumbering scenarios. At the time
> of this writing, this doesn't follow the spec, but is the right thing.
>
> Essentially, PIOs will employ these default values:
> Preferred Lifetime = Router Lifetime (as sent by router, defaulting to
> 1800)
> Valid Lifetime= 48 * Preferred Lifetime
>
> (unless you manually set them to something else)
>
> The problem statement for this is in this IETF I-D (v6ops wg item):
> https://tools.ietf.org/html/draft-ietf-v6ops-slaac-renum
>
> And the changes are described Section 4.1.1 of this (*individual* I-D):
> https://tools.ietf.org/html/draft-gont-6man-slaac-renum-04
>
> Note: More is needed... but this is at least something. If you like the
> patch, I may implement the rest of the proposal.
>
> Thoughts?
>
>
> ---- cut here ----
> diff --git frontend.c frontend.c
> index c932c3dfca3..80c16f953ea 100644
> --- frontend.c
> +++ frontend.c
> @@ -128,7 +128,8 @@ struct ra_iface_conf    *find_ra_iface_conf(struct
> ra_iface_conf_head *,
>   struct ra_prefix_conf    *find_ra_prefix_conf(struct
> ra_prefix_conf_head*,
>                   struct in6_addr *, int);
>   void             add_new_prefix_to_ra_iface(struct ra_iface *r,
> -                struct in6_addr *, int, struct ra_prefix_conf *);
> +                struct in6_addr *, int, struct ra_prefix_conf *,
> +                struct ra_iface_conf *);
>   void             free_ra_iface(struct ra_iface *);
>   int             in6_mask2prefixlen(struct in6_addr *);
>   void             get_interface_prefixes(struct ra_iface *,
> @@ -858,16 +859,16 @@ merge_ra_interfaces(void)
>               continue;
>           }
>
> -        ra_iface_conf = find_ra_iface_conf(
> -            &frontend_conf->ra_iface_list, ra_iface->conf_name);
> +        ra_iface_conf = find_ra_iface_conf(&frontend_conf->ra_iface_list,
> +            ra_iface->name);
>
>           log_debug("add static prefixes for %s", ra_iface->name);
>
>           SIMPLEQ_FOREACH(ra_prefix_conf, &ra_iface_conf->ra_prefix_list,
>               entry) {
>               add_new_prefix_to_ra_iface(ra_iface,
> -                &ra_prefix_conf->prefix,
> -                ra_prefix_conf->prefixlen, ra_prefix_conf);
> +                &ra_prefix_conf->prefix, ra_prefix_conf->prefixlen,
> +                 ra_prefix_conf, ra_iface_conf);
>           }
>
>           if (ra_iface_conf->autoprefix)
> @@ -926,6 +927,7 @@ get_interface_prefixes(struct ra_iface *ra_iface,
> struct ra_prefix_conf
>       struct ifaddrs        *ifap, *ifa;
>       struct sockaddr_in6    *sin6;
>       int             prefixlen;
> +    struct ra_iface_conf    *ra_iface_conf;
>
>       log_debug("%s: %s", __func__, ra_iface->name);
>
> @@ -959,8 +961,11 @@ get_interface_prefixes(struct ra_iface *ra_iface,
> struct ra_prefix_conf
>
>           mask_prefix(&sin6->sin6_addr, prefixlen);
>
> +        ra_iface_conf = find_ra_iface_conf(&frontend_conf->ra_iface_list,
> +            ra_iface->name);
> +
>           add_new_prefix_to_ra_iface(ra_iface, &sin6->sin6_addr,
> -            prefixlen, autoprefix);
> +            prefixlen, autoprefix, ra_iface_conf);
>       }
>       freeifaddrs(ifap);
>   }
> @@ -982,7 +987,8 @@ find_ra_prefix_conf(struct ra_prefix_conf_head*
> head, struct in6_addr *prefix,
>
>   void
>   add_new_prefix_to_ra_iface(struct ra_iface *ra_iface, struct in6_addr
> *addr,
> -    int prefixlen, struct ra_prefix_conf *ra_prefix_conf)
> +    int prefixlen, struct ra_prefix_conf *ra_prefix_conf,
> +    struct ra_iface_conf *ra_iface_conf)
>   {
>       struct ra_prefix_conf    *new_ra_prefix_conf;
>
> @@ -992,6 +998,9 @@ add_new_prefix_to_ra_iface(struct ra_iface
> *ra_iface, struct in6_addr *addr,
>           return;
>       }
>
> +    ra_iface_conf = find_ra_iface_conf(&frontend_conf->ra_iface_list,
> +        ra_iface->name);
> +
>       log_debug("adding %s/%d prefix", in6_to_str(addr), prefixlen);
>
>       if ((new_ra_prefix_conf = calloc(1, sizeof(*ra_prefix_conf))) ==
> NULL)
> @@ -999,7 +1008,18 @@ add_new_prefix_to_ra_iface(struct ra_iface
> *ra_iface, struct in6_addr *addr,
>       new_ra_prefix_conf->prefix = *addr;
>       new_ra_prefix_conf->prefixlen = prefixlen;
>       new_ra_prefix_conf->vltime = ra_prefix_conf->vltime;
> -    new_ra_prefix_conf->pltime = ra_prefix_conf->pltime;
> +
> +    if(ra_prefix_conf->pltime == DEFAULT_PIO_PLTIME &&
> +       ra_iface_conf->ra_options.router_lifetime > DEFAULT_PIO_PLTIME) {
> +        new_ra_prefix_conf->pltime =
> +                ra_iface_conf->ra_options.router_lifetime;
> +        new_ra_prefix_conf->vltime = new_ra_prefix_conf->pltime * 48;
> +    }
> +    else{
> +            new_ra_prefix_conf->pltime = ra_prefix_conf->pltime;
> +        new_ra_prefix_conf->vltime = ra_prefix_conf->vltime;
> +    }
> +
>       new_ra_prefix_conf->aflag = ra_prefix_conf->aflag;
>       new_ra_prefix_conf->lflag = ra_prefix_conf->lflag;
>       SIMPLEQ_INSERT_TAIL(&ra_iface->prefixes, new_ra_prefix_conf, entry);
> diff --git parse.y parse.y
> index bb18c3d9c9c..5c45ced6147 100644
> --- parse.y
> +++ parse.y
> @@ -964,8 +964,8 @@ conf_get_ra_prefix(struct in6_addr *addr, int
> prefixlen)
>       if (prefix == NULL)
>           errx(1, "%s: calloc", __func__);
>       prefix->prefixlen = prefixlen;
> -    prefix->vltime = 2592000;    /* 30 days */
> -    prefix->pltime = 604800;    /* 7 days */
> +    prefix->vltime = DEFAULT_PIO_VLTIME;
> +    prefix->pltime = DEFAULT_PIO_PLTIME;
>       prefix->lflag = 1;
>       prefix->aflag = 1;
>
> diff --git rad.h rad.h
> index 2bbf7c8ed5c..e77e8f38c4c 100644
> --- rad.h
> +++ rad.h
> @@ -31,7 +31,8 @@
>   #define    MIN_RTR_ADV_INTERVAL        200
>   #define    MAX_SEARCH 1025 /* same as MAXDNAME in arpa/nameser.h */
>   #define    DEFAULT_RDNS_LIFETIME        600 * 1.5
> -
> +#define    DEFAULT_PIO_PLTIME        1800
> +#define    DEFAULT_PIO_VLTIME        1800 * 48
>   #define IMSG_DATA_SIZE(imsg)    ((imsg).hdr.len - IMSG_HEADER_SIZE)
>
>   enum {
> ---- cut here ----
>


--
Fernando Gont
e-mail: [hidden email] || [hidden email]
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1



Reply | Threaded
Open this post in threaded view
|

Re: PATCH: rad(8) Better PIO default lifetimes (was: Re: Improve handling of IPv6 SLAAC renumbering scenarios)

Florian Obser-2
On Fri, Mar 27, 2020 at 11:10:25PM -0300, Fernando Gont wrote:

> Florian/folks,
>
> This is an improved version:
>
> Essentially, if the lifetime of a prefix is not specified (i.e., the admin
> relies on the default values), the Preferred Lifetime is set to the Router
> Lifetime, and the Valid Lifetime is set to Router Lifetime * 48 (one day)
>
> This improve the state of affairs for renumbering events on the router side.
>

After talking to Fernando I came up with this much simpler patch:

diff --git parse.y parse.y
index 8e0a899470f..88b31364816 100644
--- parse.y
+++ parse.y
@@ -964,8 +964,8 @@ conf_get_ra_prefix(struct in6_addr *addr, int prefixlen)
  if (prefix == NULL)
  errx(1, "%s: calloc", __func__);
  prefix->prefixlen = prefixlen;
- prefix->vltime = ADV_VALID_LIFETIME;
- prefix->pltime = ADV_PREFERRED_LIFETIME;
+ prefix->pltime = ra_options->router_lifetime;
+ prefix->vltime = VLTIME_PLTIME_FACTOR * prefix->pltime;
  prefix->lflag = 1;
  prefix->aflag = 1;
 
diff --git rad.h rad.h
index 09cc9cf204e..3d58c3558fc 100644
--- rad.h
+++ rad.h
@@ -29,8 +29,7 @@
 #define MAX_RTR_ADV_INTERVAL 600
 #define MIN_RTR_ADV_INTERVAL 200
 #define ADV_DEFAULT_LIFETIME 3 * MAX_RTR_ADV_INTERVAL
-#define ADV_PREFERRED_LIFETIME 604800 /* 7 days */
-#define ADV_VALID_LIFETIME 2592000 /* 30 days */
+#define VLTIME_PLTIME_FACTOR 48
 #define MAX_SEARCH 1025 /* MAXDNAME in arpa/nameser.h */
 #define DEFAULT_RDNS_LIFETIME 600 * 1.5
 

Other aspects of draft-gont-6man-slaac-renum are still being discussed
in the 6man WG, these numbers don't seem to be too contentious though.

On the other hand I don't think we are in a big hurry to get this in
and we can wait a bit on how this plays out. Administrators can
already set these values by themselves in rad.conf

I'm also not opposed to this and I do agree that the current defaults
from RFC 4861 are way to high (7 days prefered lifetime and 30 days
valid lifetime).

Due to hardware issues I'm currently not using rad(8). My ISP provided
cpe sends router advertisements with considerably lower lifetimes then
the rfc defaults.
The vltime is 14.5 hours and 12 seconds(?!) and the pltime 6.5 hours
and 12 seconds.

Thoughts from people who are actually running this?

Oh, and we need to update the manpage.

p.s.: And I see that tab vs. space is still messed up in the defines
even after I tried to fix it :/ Maybe I should just let that part go


--
I'm not entirely sure you are real.

Reply | Threaded
Open this post in threaded view
|

Re: PATCH: rad(8) Better PIO default lifetimes

Fernando Gont-2
Hi, Florian,

On 2/4/20 15:08, Florian Obser wrote:
[...]
> After talking to Fernando I came up with this much simpler patch:
>

Will come back with comments on your patch, but wanted to note a couple
of things bellow:



[...]
>
> Other aspects of draft-gont-6man-slaac-renum are still being discussed
> in the 6man WG, these numbers don't seem to be too contentious though.

Exactly. In fact, I believe The default Valid Lifetime shouldn't be
longer than 2 * Router Lifetime. -- at the end of the day, with a
default Router Lifetime of 1800 seconds, the Valid Lifetime would become
1 hour.

And if the router disappears for that long, e.g. TCP timers would ahve
already gone off way before.

The reason I set the Valid Lifetime as 28 * Router Lifetime was because
a colleague expressed concerns (on the ietf v6ops list) about a short
Valid Lifetime, and I didn't want to have the draft shot down just
because of that. At the end of the day, even reducing the Valid Lifetime
from 1 month to 1 day was a big win ;-)



> On the other hand I don't think we are in a big hurry to get this in
> and we can wait a bit on how this plays out. Administrators can
> already set these values by themselves in rad.conf
>
> I'm also not opposed to this and I do agree that the current defaults
> from RFC 4861 are way to high (7 days prefered lifetime and 30 days
> valid lifetime).

FWIW, Linux radvd() has long deviated from RFC4861. They use:
Valid Lifetime: 86400 seconds (1 day)
Preferred Lifetime: 14400 seconds (4 hours)

(see https://github.com/reubenhwk/radvd/blob/master/radvd.conf.5.man)



> Due to hardware issues I'm currently not using rad(8). My ISP provided
> cpe sends router advertisements with considerably lower lifetimes then
> the rfc defaults.
> The vltime is 14.5 hours and 12 seconds(?!) and the pltime 6.5 hours
> and 12 seconds.

The values in the RFC are insane. In fact, when talking to one of the
original authors of Neighbor Discovery, he noted that it's probably an
historical artifact how the timers got screwed up the way they are (in
the spec).


>
> Thoughts from people who are actually running this?
>
> Oh, and we need to update the manpage.
>
> p.s.: And I see that tab vs. space is still messed up in the defines
> even after I tried to fix it :/ Maybe I should just let that part go

I can try clean that up and update the manpage if that helps.

Thanks!
--
Fernando Gont
e-mail: [hidden email] || [hidden email]
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1