NetBSD Problem Report #53655

From clare@csel.org  Sun Oct  7 07:57:02 2018
Return-Path: <clare@csel.org>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
	by mollari.NetBSD.org (Postfix) with ESMTPS id B442E7A180
	for <gnats-bugs@gnats.NetBSD.org>; Sun,  7 Oct 2018 07:57:02 +0000 (UTC)
Message-Id: <20181007075656.A4548FE4E@mail.csel.org>
Date: Sun,  7 Oct 2018 16:56:56 +0900 (JST)
From: clare@csel.org
Reply-To: clare@csel.org
To: gnats-bugs@NetBSD.org
Subject: ifwatchd(8) should handle IPv6 "deprecated" interface flags
X-Send-Pr-Version: 3.95

>Number:         53655
>Category:       bin
>Synopsis:       ifwatchd(8) should handle IPv6 "deprecated" interface flags
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun Oct 07 08:00:00 +0000 2018
>Last-Modified:  Sat Oct 13 17:40:01 +0000 2018
>Originator:     Shinichi Doyashiki
>Release:        NetBSD 8.0_RC1
>Organization:
		at home
>Environment:
System: NetBSD kotori.csel.org 8.0_RC1 NetBSD 8.0_RC1 (CONOHA_8) #1: Wed Jun 6 21:10:04 JST 2018 clare@mizuki.csel.org:/export/stage/stable-8/src/sys/arch/amd64/compile/CONOHA_8 amd64
Architecture: x86_64
Machine: amd64
>Description:
	in Japan, LTE based ISPs does not provide fixed IPv6 prefix for
	general consumers.  power-cycling of LTE routers are result in
	changed (upstream) IPv6 prefix.

	ifwatchd(8) can be used for IPv6 prefix tracking,
	but it does not honor IPv6 DEPRECATED interface flags.

	I want to do is following script:

#!/bin/sh
iface=$1
tty=$2
speed=$3
ifaddr=$4
dest=$5

case "$iface" in
vlan30)
  case "$ifaddr" in
  fe80:*) ;;
  *.*) ;;
  *:*)
    /sbin/ifconfig ipsec0 inet6 tunnel $ifaddr 2400:8500:1302:823::DEAD:BEEF
    /sbin/ifconfig ipsec0 up
    ;;
  esac
  ;;
esac

>How-To-Repeat:
	buy an IPv6 enabled LTE wireless router,
	attach it to an NetBSD box with IPv6 RA-acceptable,
	run ifwatchd(8),
	power-cycle the upsteram LTE router,
	see result of ifwatchd(8).
>Fix:
	unknown yet.

>Audit-Trail:
From: Joerg Sonnenberger <joerg@bec.de>
To: gnats-bugs@NetBSD.org
Cc: gnats-admin@netbsd.org, netbsd-bugs@netbsd.org
Subject: Re: bin/53655: ifwatchd(8) should handle IPv6 "deprecated" interface
 flags
Date: Sun, 7 Oct 2018 14:59:41 +0200

 On Sun, Oct 07, 2018 at 08:00:00AM +0000, clare@csel.org wrote:
 > >Description:
 > 	in Japan, LTE based ISPs does not provide fixed IPv6 prefix for
 > 	general consumers.  power-cycling of LTE routers are result in
 > 	changed (upstream) IPv6 prefix.

 Why don't you use dhcpcd for that?

 Joerg

From: clare@csel.org
To: gnats-bugs@NetBSD.org
Cc: Joerg Sonnenberger <joerg@bec.de>, gnats-admin@netbsd.org,
 netbsd-bugs@netbsd.org
Subject: Re: bin/53655: ifwatchd(8) should handle IPv6 "deprecated"
 interface flags
Date: Mon, 8 Oct 2018 10:48:08 +0900

 On Sun,  7 Oct 2018 13:00:01 +0000 (UTC)
 Joerg Sonnenberger <joerg@bec.de> wrote:

 > From: Joerg Sonnenberger <joerg@bec.de>
 > To: gnats-bugs@NetBSD.org
 > Cc: gnats-admin@netbsd.org, netbsd-bugs@netbsd.org
 > Subject: Re: bin/53655: ifwatchd(8) should handle IPv6 "deprecated" interface
 >  flags
 > Date: Sun, 7 Oct 2018 14:59:41 +0200
 > 
 >  On Sun, Oct 07, 2018 at 08:00:00AM +0000, clare@csel.org wrote:
 >  > >Description:
 >  > 	in Japan, LTE based ISPs does not provide fixed IPv6 prefix for
 >  > 	general consumers.  power-cycling of LTE routers are result in
 >  > 	changed (upstream) IPv6 prefix.
 >  
 >  Why don't you use dhcpcd for that?

 dhcpcd itself is already used for accepting dynamic RAs.
 Should I hook dhcpcd directry?


 -- 
 Shinichi Doyashiki <clare@csel.org>

From: Joerg Sonnenberger <joerg@bec.de>
To: gnats-bugs@NetBSD.org
Cc: gnats-admin@netbsd.org, netbsd-bugs@netbsd.org, clare@csel.org
Subject: Re: bin/53655: ifwatchd(8) should handle IPv6 "deprecated" interface
 flags
Date: Mon, 8 Oct 2018 13:34:56 +0200

 On Mon, Oct 08, 2018 at 01:50:01AM +0000, clare@csel.org wrote:
 >  >  > 	in Japan, LTE based ISPs does not provide fixed IPv6 prefix for
 >  >  > 	general consumers.  power-cycling of LTE routers are result in
 >  >  > 	changed (upstream) IPv6 prefix.
 >  >  
 >  >  Why don't you use dhcpcd for that?
 >  
 >  dhcpcd itself is already used for accepting dynamic RAs.
 >  Should I hook dhcpcd directry?

 It provides you a message for new prefix delegations at least, so I
 would expect that you can script the rest from that.

 Joerg

From: clare@csel.org
To: Joerg Sonnenberger <joerg@bec.de>
Cc: gnats-bugs@NetBSD.org, gnats-admin@netbsd.org, netbsd-bugs@netbsd.org
Subject: Re: bin/53655: ifwatchd(8) should handle IPv6 "deprecated"
 interface flags
Date: Sun, 14 Oct 2018 02:37:30 +0900

 On Mon, 8 Oct 2018 13:34:56 +0200
 Joerg Sonnenberger <joerg@bec.de> wrote:

 > On Mon, Oct 08, 2018 at 01:50:01AM +0000, clare@csel.org wrote:
 > >  >  > 	in Japan, LTE based ISPs does not provide fixed IPv6 prefix for
 > >  >  > 	general consumers.  power-cycling of LTE routers are result in
 > >  >  > 	changed (upstream) IPv6 prefix.
 > >  >  
 > >  >  Why don't you use dhcpcd for that?
 > >  
 > >  dhcpcd itself is already used for accepting dynamic RAs.
 > >  Should I hook dhcpcd directry?
 > 
 > It provides you a message for new prefix delegations at least, so I
 > would expect that you can script the rest from that.
 > 
 > Joerg

 I wrote following script for my tunnel router.


 $ cat /libexec/dhcpcd-hooks/90-racoon
 #!/bin/sh
 logger "XXX reason=$reason"
 logger "XXX interface=$interface"
 if [ $reason != "ROUTERADVERT" ]; then
   exit 0
 fi

 rm -f /tmp/.newaddr
 rm -f /tmp/.curaddr

 # search newly bound address
 ifconfig vlan30 | {
   while read proto ifaddr flags code; do
     if [ "$proto" != "inet6" ]; then
       continue
     fi
     if [ "$flags" != "flags" ]; then
       continue
     fi
     if [ "$code" != "0x0" ]; then
       continue
     fi
     newaddr=`echo "$ifaddr" | sed -e s,/64,,g`
     echo "$newaddr" > /tmp/.newaddr
     logger "XXX address=$newaddr"
   done
 }

 # search tunnel address
 ifconfig ipsec0 | {
   while read tunnel proto myaddr arrow hisaddr; do
     if [ "$tunnel" != tunnel ]; then
       continue
     fi
     if [ "$proto" != inet6 ]; then
       continue
     fi
     echo "$myaddr" > /tmp/.curaddr
   done
 }

 curaddr=`cat /tmp/.curaddr`
 newaddr=`cat /tmp/.newaddr`

 if [ -z "$newaddr" ]; then
   exit 0
 fi

 if [ "$newaddr" != "$curaddr" ]; then
   logger "XXX we need update tunnels"
 else
   logger "XXX we can keep tunnels"
   exit 0
 fi

 /sbin/ifconfig ipsec0 tunnel "$newaddr" 2400:8500:1302:823::DEAD:BEEF
 /sbin/ifconfig ipsec0 up
 /sbin/ifconfig ipsec1 tunnel "$newaddr" 2400:8500:1302:829::DEAD:BEEF
 /sbin/ifconfig ipsec1 up
 /sbin/ifconfig ipsec2 tunnel "$newaddr" 2400:8500:1302:825::DEAD:BEEF
 /sbin/ifconfig ipsec2 up
 service racoon restart


 -- 
 Shinichi Doyashiki <clare@csel.org>

NetBSD Home
NetBSD PR Database Search

(Contact us) $NetBSD: query-full-pr,v 1.43 2018/01/16 07:36:43 maya Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2017 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.