The dns_reply_a() function appears to filter out IPv6 addresses other than link-local. This means that advertised services are unreachable over IPv6 (since on the client side, we drop the interface identifier so link-local addresses aren't usable anyway).
Fix it to include all addresses, in accordance with RFC6762 ยง6.2:
When a Multicast DNS responder sends a Multicast DNS response message
containing its own address records, it MUST include all addresses
that are valid on the interface on which it is sending the message,
and MUST NOT include addresses that are not valid on that interface
(such as addresses that may be configured on the host's other
interfaces). For example, if an interface has both an IPv6 link-
local and an IPv6 routable address, both should be included in the
response message so that queriers receive both and can make their own
choice about which to use. This allows a querier that only has an
IPv6 link-local address to connect to the link-local address, and a
different querier that has an IPv6 routable address to connect to the
IPv6 routable address instead.
---
v2: Include all addresses; don't exclude LL
diff --git a/dns.c b/dns.c
index 1d3362f..3e902d0 100644
--- a/dns.c
+++ b/dns.c
@@ -200,10 +200,8 @@ dns_reply_a(struct interface *iface, struct sockaddr *to,
int ttl)
dns_add_answer(TYPE_A, (uint8_t *) &sa->sin_addr, 4,
ttl);
}
if (ifa->ifa_addr->sa_family == AF_INET6) {
- uint8_t ll_prefix[] = {0xfe, 0x80 };
sa6 = (struct sockaddr_in6 *) ifa->ifa_addr;
- if (!memcmp(&sa6->sin6_addr, &ll_prefix, 2))
- dns_add_answer(TYPE_AAAA, (uint8_t *)
&sa6->sin6_addr, 16, ttl);
+ dns_add_answer(TYPE_AAAA, (uint8_t *) &sa6->sin6_addr,
16, ttl);
}
}
dns_send_answer(iface, to, mdns_hostname_local);
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ openwrt-devel mailing list [email protected] https://lists.openwrt.org/mailman/listinfo/openwrt-devel
