Re: [WireGuard] Source address fib invalidation on IPv6

On Sun, Nov 13, 2016, at 01:43, Jason A. Donenfeld wrote: > On Sat, Nov 12, 2016 at 8:08 PM, Jason A. Donenfeld > wrote: > >> Gotcha. I don't see any checks that the saddr is valid similar to what > >> IPv4 does. > >> > >> I think the right place to add a check is in

Re: [WireGuard] Source address fib invalidation on IPv6

On Sun, Nov 13, 2016 at 1:43 AM, Jason A. Donenfeld wrote: > In perusing through the v6 FIB code, I don't even see an analog of > __ip_dev_find... Hm? Of all places, the iscsi code actually has a nice side-by-side comparison. So far as I can see, the other protocols just omit

Re: [WireGuard] Source address fib invalidation on IPv6

Hi David, On Sat, Nov 12, 2016 at 7:14 PM, David Ahern wrote: > I believe that is coming from __ip_route_output_key_hash(), line 2232 with > __ip_dev_find not finding a device with that address. It's possible we simply are looking at different source trees, but I have

Re: [WireGuard] Source address fib invalidation on IPv6

Hi David, On Fri, Nov 11, 2016 at 11:14 PM, David Ahern wrote: > What do you mean by 'valid dst'? ipv6 returns net->ipv6.ip6_null_entry on > lookup failures so yes dst is non-NULL but that does not mean the lookup > succeeded. What I mean is that it returns an

Re: [WireGuard] Source address fib invalidation on IPv6

On 11/11/16 12:29 PM, Jason A. Donenfeld wrote: > Hi folks, > > If I'm replying to a UDP packet, I generally want to use a source > address that's the same as the destination address of the packet to > which I'm replying. For example: > > Peer A sends packet: src = 10.0.0.1, dst = 10.0.0.3 >

[WireGuard] Source address fib invalidation on IPv6

Hi folks, If I'm replying to a UDP packet, I generally want to use a source address that's the same as the destination address of the packet to which I'm replying. For example: Peer A sends packet: src = 10.0.0.1, dst = 10.0.0.3 Peer B replies with: src = 10.0.0.3, dst = 10.0.0.1 But let's