Re: [OpenWrt-Devel] [odhcp6c] [PATCH] Add -H option to override the host id
On 25.06.2013 00:15, Thomas Bächler wrote: Am 18.06.2013 14:57, schrieb Steven Barth: Allright fine, you guys have convinced me. I just commited a modified version of that patch to trunk. Please test it. On AA, there's a missing line proto_config_add_string ifaceid in proto_dhcpv6_init_config() in package/odhcp6c/files/dhcpv6.sh. When I add it, everything works as expected. Thanks, corrected in both trunk and AA. ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [odhcp6c] [PATCH] Add -H option to override the host id
On 18.06.2013 01:15, Thomas Bächler wrote: You're confusing me even more - how does the patch relate to ipv6cp? In ipv6cp, I am assigned a link-local address by the provider. I may be wrong, but doesn't my peer expect that I use this link-local address in its routing table in order to communicate with me? This means that I cannot change the assigned link-local address. Well I'm not sure about that but that but that was not what I meant. Maybe my wording was a bit confusing as. IIRC pppd provides an option to define the local interface identifier for use in IPv6CP and is then hand-shaked with the peer. And as we by default use the interface-identifier of the link-local address for the global addresses as well this should equally do what you want with the nice side-effect that the interface identifier of the LL-address matches those of the global ones. On the other hand, my peer doesn't care which IPv6 address I choose inside the advertised prefix, and if it is related to the link-local or not, so this is the address that I can change, and the client is the only place where I can change it. Yeah you're right, but honestly I still don't see the point of adding this in the DHCPv6/RA-client rather than just configuring pppd. If configuring ppp doesn't work for you we can reevaluate adding this feature to odhcp6c instead. Steven ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [odhcp6c] [PATCH] Add -H option to override the host id
Am 18.06.2013 10:03, schrieb Steven Barth: On 18.06.2013 01:15, Thomas Bächler wrote: You're confusing me even more - how does the patch relate to ipv6cp? In ipv6cp, I am assigned a link-local address by the provider. I may be wrong, but doesn't my peer expect that I use this link-local address in its routing table in order to communicate with me? This means that I cannot change the assigned link-local address. Well I'm not sure about that but that but that was not what I meant. Maybe my wording was a bit confusing as. IIRC pppd provides an option to define the local interface identifier for use in IPv6CP and is then hand-shaked with the peer. Documentation in pppd is incomplete here, at best. While I can define an interface identifier using the 'ipv6' option, it doesn't say anything about hand-shaking. My impression (from the wording of the documentation) is that this is useful if you have a static local and remote LL (know a-priori on both ends) and want to omit IPv6CP completely (just like specifying a local and remote IP for IPv4). In case there is a negotiation, the peer can still reject my requested local LL, and I suspect it will do so if I want it to be 'fe80::1' (right now, I use -H::1 on odhcp6c, which gives a nice and short address). As I said, pppd's documentation is not very explicit on the matter. I guess some experimentation and tcpdump'ing is in order to determine my ISP's behaviour. And as we by default use the interface-identifier of the link-local address for the global addresses as well this should equally do what you want with the nice side-effect that the interface identifier of the LL-address matches those of the global ones. The point of my patch was that we are not forced to do that. As long as we perform DAD (which the kernel does automatically), we do not violate RFC 4862 by choosing whatever interface identifier we want (I used the term hostid in the patch, but I just noticed that the RFC refers to interface identifier instead). Another point of my patch is that it takes the path of least resistance: Instead of messing with the pppd negotiation, it applies its settings at a point where there is no negotiation and a large degree of freedom. ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [odhcp6c] [PATCH] Add -H option to override the host id
Hi, On Tue, Jun 18, 2013 at 11:35:41AM +0200, Thomas Bächler wrote: Documentation in pppd is incomplete here, at best. While I can define an interface identifier using the 'ipv6' option, it doesn't say anything about hand-shaking. My impression (from the wording of the documentation) is that this is useful if you have a static local and remote LL (know a-priori on both ends) and want to omit IPv6CP completely (just like specifying a local and remote IP for IPv4). That interface identifier is used for the IPv6CP handshake - it's what the client proposes, and the server side can then accept it, or assign something else. DSL providers usually accept, 3G providers usually reject... [..] The point of my patch was that we are not forced to do that. As long as we perform DAD (which the kernel does automatically), we do not violate RFC 4862 by choosing whatever interface identifier we want (I used the term hostid in the patch, but I just noticed that the RFC refers to interface identifier instead). Another point of my patch is that it takes the path of least resistance: Instead of messing with the pppd negotiation, it applies its settings at a point where there is no negotiation and a large degree of freedom. I think this change is useful (without having looked at the actual code), for exactly these reasons. With the IPv6CP handshake, you'll arrive at something the provider controls - but then in the /64 that is announced by RA, you can choose whatever host id / interface identifier you want, and I can see people wanting to use something easy to type and remember, like ::1. (And you can't configure fully static IPv6 addresses here, as the assigned prefix can - and likely, will - change) gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgpiw7ZUJ1cYA.pgp Description: PGP signature ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [odhcp6c] [PATCH] Add -H option to override the host id
Gert Doering g...@greenie.muc.de writes: On Tue, Jun 18, 2013 at 11:35:41AM +0200, Thomas Bächler wrote: Documentation in pppd is incomplete here, at best. While I can define an interface identifier using the 'ipv6' option, it doesn't say anything about hand-shaking. My impression (from the wording of the documentation) is that this is useful if you have a static local and remote LL (know a-priori on both ends) and want to omit IPv6CP completely (just like specifying a local and remote IP for IPv4). Just for the record: You can NEVER omit the NCP. Omitting it means that you don't run that protocol over the PPP session. This is a basic PPP concept. That interface identifier is used for the IPv6CP handshake - it's what the client proposes, and the server side can then accept it, or assign something else. DSL providers usually accept, 3G providers usually reject... Yes, but there can be good reasons for DSL providers to reject as well. When playing with the local DHCPv6 server on Juniper ERXes we discovered that they use the peer ifid as a hidden key in their lease database in addition to the DUID. This meant that a bouncing PPP session with a newly generated ifid was unable to reuse the same DHCPv6 prefix until the old lease expired, even if the DHCPv6 client (as identified by DUID) was the same. Requiring all users to configure a static ifid is impossible, so we push static ifids for PPP users with static prefixes from the ISP end. Meaning that we have to reject the peers choice. The point of my patch was that we are not forced to do that. As long as we perform DAD (which the kernel does automatically), we do not violate RFC 4862 by choosing whatever interface identifier we want (I used the term hostid in the patch, but I just noticed that the RFC refers to interface identifier instead). Another point of my patch is that it takes the path of least resistance: Instead of messing with the pppd negotiation, it applies its settings at a point where there is no negotiation and a large degree of freedom. I think this change is useful (without having looked at the actual code), for exactly these reasons. With the IPv6CP handshake, you'll arrive at something the provider controls - but then in the /64 that is announced by RA, you can choose whatever host id / interface identifier you want, and I can see people wanting to use something easy to type and remember, like ::1. I must be missing something here... Exactly how do you communicate an interface identifier via RA? Bjørn ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [odhcp6c] [PATCH] Add -H option to override the host id
Hi, On Tue, Jun 18, 2013 at 02:14:18PM +0200, Bjørn Mork wrote: I think this change is useful (without having looked at the actual code), for exactly these reasons. With the IPv6CP handshake, you'll arrive at something the provider controls - but then in the /64 that is announced by RA, you can choose whatever host id / interface identifier you want, and I can see people wanting to use something easy to type and remember, like ::1. I must be missing something here... Exactly how do you communicate an interface identifier via RA? You don't. Which is the point :-) - ISP announces the RA, end user gets to pick whatever prefix they like, inside the /64 announced. One could argue that they should only use the interface identifier that PPP/IPv6CP negotiated, but in practice, that would break at least privacy addresses - so what I've seen so far is if the ISP sends RA with A=1, the user can use any address in that /64 they want. Which even holds true for 3G networks that force link-local to very specific IDs. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgpu1T_DL5sDR.pgp Description: PGP signature ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [odhcp6c] [PATCH] Add -H option to override the host id
Gert Doering g...@greenie.muc.de writes: On Tue, Jun 18, 2013 at 02:14:18PM +0200, Bjørn Mork wrote: I think this change is useful (without having looked at the actual code), for exactly these reasons. With the IPv6CP handshake, you'll arrive at something the provider controls - but then in the /64 that is announced by RA, you can choose whatever host id / interface identifier you want, and I can see people wanting to use something easy to type and remember, like ::1. I must be missing something here... Exactly how do you communicate an interface identifier via RA? You don't. Which is the point :-) - ISP announces the RA, end user gets to pick whatever prefix they like, inside the /64 announced. One could argue that they should only use the interface identifier that PPP/IPv6CP negotiated, but in practice, that would break at least privacy addresses - so what I've seen so far is if the ISP sends RA with A=1, the user can use any address in that /64 they want. Which even holds true for 3G networks that force link-local to very specific IDs. Ah, right. Yes, sure, as long as DAD is OK you can configure global addresses with interface identifiers different from the one negotiated by IPV6CP. Personally I pick a nice looking /128 from the delegated prefix instead and configure it on the PPP interface (assuming that's the uplink), because the delegated prefix is more likely to be static and shorter than any RA prefix. But unfortunately RFC3633 doesn't really allow this, if we're going to be strict. Bjørn ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [odhcp6c] [PATCH] Add -H option to override the host id
On 18.06.2013 14:32, Gert Doering wrote: Hi, On Tue, Jun 18, 2013 at 02:14:18PM +0200, Bjørn Mork wrote: I think this change is useful (without having looked at the actual code), for exactly these reasons. With the IPv6CP handshake, you'll arrive at something the provider controls - but then in the /64 that is announced by RA, you can choose whatever host id / interface identifier you want, and I can see people wanting to use something easy to type and remember, like ::1. I must be missing something here... Exactly how do you communicate an interface identifier via RA? You don't. Which is the point :-) - ISP announces the RA, end user gets to pick whatever prefix they like, inside the /64 announced. One could argue that they should only use the interface identifier that PPP/IPv6CP negotiated, but in practice, that would break at least privacy addresses - so what I've seen so far is if the ISP sends RA with A=1, the user can use any address in that /64 they want. Which even holds true for 3G networks that force link-local to very specific IDs. gert Allright fine, you guys have convinced me. I just commited a modified version of that patch to trunk. Please test it. @Thomas: Please post patches against trunk and not AA in the future. Cheers, Steven ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [odhcp6c] [PATCH] Add -H option to override the host id
Am 18.06.2013 14:57, schrieb Steven Barth: Allright fine, you guys have convinced me. I just commited a modified version of that patch to trunk. Please test it. I see that your version is slightly more straightforward. For the moment, I can only say that my original version works fine on AA, I'll backport your version to my next AA build (in case it hasn't been backported by then). Thanks for your time and all your work on the openwrt ipv6 stack, it has proven very useful to me. @Thomas: Please post patches against trunk and not AA in the future. That was sort of an accident, but when I realized it, I already sent it, and the patch was trivial enough. I'll try to remember next time. ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [odhcp6c] [PATCH] Add -H option to override the host id
When assigned a static prefix, it is desirable to also have a static IP, however, the link-local address assigned from the provider during ipv6cp may change on each connection. This option solves this problem - for example, you can append -H '::1' to the odhcp6c command line. --- src/odhcp6c.c | 10 -- src/ra.c | 23 +-- src/ra.h | 2 +- 3 files changed, 22 insertions(+), 13 deletions(-) diff --git a/src/odhcp6c.c b/src/odhcp6c.c index 4fefcd7..04b2c6b 100644 --- a/src/odhcp6c.c +++ b/src/odhcp6c.c @@ -50,6 +50,7 @@ int main(_unused int argc, char* const argv[]) // Allocate ressources const char *pidfile = NULL; const char *script = /usr/sbin/odhcp6c-update; + const char *hostid = NULL; ssize_t l; uint8_t buf[134]; char *optpos; @@ -59,7 +60,7 @@ int main(_unused int argc, char* const argv[]) bool help = false, daemonize = false; int logopt = LOG_PID; int c, request_pd = 0; - while ((c = getopt(argc, argv, S::N:P:c:r:s:khedp:)) != -1) { + while ((c = getopt(argc, argv, S::N:P:c:H:r:s:khedp:)) != -1) { switch (c) { case 'S': allow_slaac_only = (optarg) ? atoi(optarg) : -1; @@ -98,6 +99,10 @@ int main(_unused int argc, char* const argv[]) } break; + case 'H': + hostid = optarg; + break; + case 'r': optpos = optarg; while (optpos[0]) { @@ -151,7 +156,7 @@ int main(_unused int argc, char* const argv[]) signal(SIGUSR2, sighandler); if ((urandom_fd = open(/dev/urandom, O_CLOEXEC | O_RDONLY)) 0 || - init_dhcpv6(ifname, request_pd) || ra_init(ifname) || + init_dhcpv6(ifname, request_pd) || ra_init(ifname, hostid) || script_init(script, ifname)) { syslog(LOG_ERR, failed to initialize: %s, strerror(errno)); return 3; @@ -314,6 +319,7 @@ static int usage(void) -N mode Mode for requesting addresses [try|force|none]\n -P length Request IPv6-Prefix (0 = auto)\n -c clientid Override client-ID (base-16 encoded)\n + -H hostid Override host id with the given IPv6 address\n -r optionsOptions to be requested (comma-separated)\n -s script Status update script (/usr/sbin/odhcp6c-update)\n -k Don't send a RELEASE when stopping\n diff --git a/src/ra.c b/src/ra.c index b1526ae..be37b2d 100644 --- a/src/ra.c +++ b/src/ra.c @@ -42,7 +42,7 @@ static struct in6_addr lladdr = IN6ADDR_ANY_INIT; static void ra_send_rs(int signal __attribute__((unused))); -int ra_init(const char *ifname) +int ra_init(const char *ifname, const char *hostid) { sock = socket(AF_INET6, SOCK_RAW | SOCK_CLOEXEC, IPPROTO_ICMPV6); if_index = if_nametoindex(ifname); @@ -74,17 +74,20 @@ int ra_init(const char *ifname) fcntl(sock, F_SETOWN, ourpid); fcntl(sock, F_SETFL, fcntl(sock, F_GETFL) | O_ASYNC); - // Get LL-addr - FILE *fp = fopen(/proc/net/if_inet6, r); - if (fp) { - char addrbuf[33], ifbuf[16]; - while (fscanf(fp, %32s %*x %*x %*x %*x %15s, addrbuf, ifbuf) == 2) { - if (!strcmp(ifbuf, if_name)) { - script_unhexlify((uint8_t*)lladdr, sizeof(lladdr), addrbuf); - break; + // Use hostid if -H was specified + if(hostid == NULL || inet_pton(AF_INET6, hostid, lladdr) != 1) { + // Get LL-addr if -H was missing or inet_pton failed + FILE *fp = fopen(/proc/net/if_inet6, r); + if (fp) { + char addrbuf[33], ifbuf[16]; + while (fscanf(fp, %32s %*x %*x %*x %*x %15s, addrbuf, ifbuf) == 2) { + if (!strcmp(ifbuf, if_name)) { + script_unhexlify((uint8_t*)lladdr, sizeof(lladdr), addrbuf); + break; + } } + fclose(fp); } - fclose(fp); } // Open rtnetlink socket diff --git a/src/ra.h b/src/ra.h index f87c4f7..5a37694 100644 --- a/src/ra.h +++ b/src/ra.h @@ -34,6 +34,6 @@ struct icmpv6_opt { (void*)(opt + opt-len) = (void*)(end); opt += opt-len) -int ra_init(const char *ifname); +int ra_init(const char *ifname, const char *hostid); bool ra_process(void); bool ra_rtnl_process(void); -- 1.8.3.1 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [odhcp6c] [PATCH] Add -H option to override the host id
Hi Thomas, I don't think the DHCPv6 client is the right place to do this. You should rather configure PPP and select the interface identifier in its configuration as this patch would completely defeat the purpose of IPv6CP. Regards, Steven ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel