NetBSD Problem Report #55091
From kim@tac.gw.com Fri Mar 20 12:54:31 2020
Return-Path: <kim@tac.gw.com>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
by mollari.NetBSD.org (Postfix) with ESMTPS id C486E1A921A
for <gnats-bugs@gnats.NetBSD.org>; Fri, 20 Mar 2020 12:54:30 +0000 (UTC)
Message-Id: <20200320125423.EFEF91B6FB@oxygene.gw.com>
Date: Fri, 20 Mar 2020 14:54:23 +0200 (EET)
From: kim@netbsd.org (Kimmo Suominen)
To: gnats-bugs@NetBSD.org
Subject: IPv6 default route selection fails to harmonize automatically
X-Send-Pr-Version: 3.95
>Number: 55091
>Category: kern
>Synopsis: IPv6 default route selection fails to harmonize automatically
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: kim
>State: closed
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Fri Mar 20 12:55:00 +0000 2020
>Closed-Date: Tue Apr 21 17:44:53 +0000 2020
>Last-Modified: Tue Apr 21 17:44:53 +0000 2020
>Originator: Kimmo Suominen
>Release: NetBSD 9.0
>Organization:
>Environment:
System: NetBSD oxygene.gw.com 9.0 NetBSD 9.0 (GENERIC) #0: Fri Feb 14 00:06:28 UTC 2020 mkrepro@mkrepro.NetBSD.org:/usr/src/sys/arch/amd64/compile/GENERIC amd64
Architecture: x86_64
Machine: amd64
>Description:
On a network segment with multiple routers advertising the default
route using IPv6 router advertisements, the NetBSD kernel fails to
install the highest priority route in the routing table, even over
time.
Running "ndp -H" results in the expected default being installed
in the kernel routing table correctly.
>How-To-Repeat:
# ndp -r
fe80::f29f:c2ff:fe12:1047%vioif0 if=vioif0, flags=, pref=high, expire=26m26s
fe80::de9f:dbff:fe28:887f%vioif0 if=vioif0, flags=, pref=medium, expire=29m48s
# netstat -rnf inet6 | awk '$1 == "default" {print}'
default fe80::de9f:dbff:fe28:887f UG - - - vioif0
# ndp -H
# netstat -rnf inet6 | awk '$1 == "default" {print}'
default fe80::f29f:c2ff:fe12:1047 UG - - - vioif0
# ndp -i vioif0
linkmtu=0, maxmtu=1500, curhlim=64, basereachable=30s0ms, reachable=15s, retrans=1s0ms
Flags: nud accept_rtadv auto_linklocal
>Fix:
>Release-Note:
>Audit-Trail:
From: Kimmo Suominen <kim@netbsd.org>
To: gnats-bugs@netbsd.org
Cc:
Subject: Re: kern/55091: IPv6 default route selection fails to harmonize automatically
Date: Fri, 10 Apr 2020 13:25:19 +0300
As a workaround, one can run dhcpcd 8.1.7 or later (from pkgsrc)
instead of having the kernel process RAs.
First, remove IP address configuration from rc.conf (ifconfig_vioif0,
defaultroute, defaultroute6) or remove the /etc/ifconfig.vioif0 file,
depending which approach is used (using "vioif0" as the interface
name). IP addresses and the IPv4 default gateway will be configured in
/etc/dhcpcd.conf instead. A minimal dhcpcd.conf looks like this:
interface vioif0
persistent
static ip_address=203.0.113.48/26
static ip6_address=2001:db8::48/64
static routers=203.0.113.1
While DNS name servers could be configured in /etc/dhcpcd.conf there
is no way to configure an "options" statement for /etc/resolv.conf in
dhcpcd.conf. It might still be preferential to have all IP address
configuration in dhcpcd.conf and the rest in rc.conf.
To configure name servers and the search list in dhcpcd.conf, add these lines:
static domain_name_servers=203.0.113.10 192.0.2.10
static domain_search=example.com example.net
To configure name servers, the search list, and options (e.g. to
enable EDNS) in rc.conf, add these lines:
dns_search='example.com example.net'
dns_nameservers='203.0.113.10 192.0.2.10'
dns_options='timeout:1 attempts:5 edns0'
Both rc.conf and dhcpcd.conf are sources for resolvconf to build the
actual /etc/resolv.conf file, so information can be divided between
them.
Enable the dhcpcd service in rc.conf:
dhcpcd=YES
Finally, if net.inet6.ip6.accept_rtadv=1 is set in /etc/sysctl.conf,
remove it (the default is 0) to instruct the kernel not to process RA
messages.
Rebooting the system is probably easiest for applying all the changes.
From: "Kimmo Suominen" <kim@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/55091 CVS commit: src/sys/netinet6
Date: Mon, 13 Apr 2020 14:04:27 +0000
Module Name: src
Committed By: kim
Date: Mon Apr 13 14:04:27 UTC 2020
Modified Files:
src/sys/netinet6: nd6_rtr.c
Log Message:
Fix default route selection
The primary issue was that in revision 1.79 a check was added in the
nd6_defrouter_select() search loop to ignore the entry if RA processing
is enabled on its interface. In practice this results in all entries
being ignored.
This fix reverses the condition, so that an entry is ignored when RA
processing is NOT enabled on its interface. Further, the entry is
only ignored for being selected as the default router. The currently
installed router must be identified regardless of the (current) status
of its interface, so that we can delete the route before installing a
new one.
I also added error logging when adding or deleting a route fails. This
should help the administrator (or kernel developer) in noticing possible
problems.
Finally, if deleting a route fails, the corresponding default route
entry no longer has its "installed" flag cleared, so that deletion will
be retried. At a minimum, this will cause repeated messages about the
failed deletion as opposed to only getting repeated messages about the
installation of a new default route failing.
Fixes PR kern/55091 and also PR bin/54997 as far as the behaviour
observed with ndp(8).
To generate a diff of this commit:
cvs rdiff -u -r1.147 -r1.148 src/sys/netinet6/nd6_rtr.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
From: "Martin Husemann" <martin@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/55091 CVS commit: [netbsd-9] src/sys/netinet6
Date: Tue, 14 Apr 2020 17:26:22 +0000
Module Name: src
Committed By: martin
Date: Tue Apr 14 17:26:22 UTC 2020
Modified Files:
src/sys/netinet6 [netbsd-9]: nd6_rtr.c
Log Message:
Pull up following revision(s) (requested by kim in ticket #834):
sys/netinet6/nd6_rtr.c: revision 1.148
Fix default route selection
The primary issue was that in revision 1.79 a check was added in the
nd6_defrouter_select() search loop to ignore the entry if RA processing
is enabled on its interface. In practice this results in all entries
being ignored.
This fix reverses the condition, so that an entry is ignored when RA
processing is NOT enabled on its interface. Further, the entry is
only ignored for being selected as the default router. The currently
installed router must be identified regardless of the (current) status
of its interface, so that we can delete the route before installing a
new one.
I also added error logging when adding or deleting a route fails. This
should help the administrator (or kernel developer) in noticing possible
problems.
Finally, if deleting a route fails, the corresponding default route
entry no longer has its "installed" flag cleared, so that deletion will
be retried. At a minimum, this will cause repeated messages about the
failed deletion as opposed to only getting repeated messages about the
installation of a new default route failing.
Fixes PR kern/55091 and also PR bin/54997 as far as the behaviour
observed with ndp(8).
To generate a diff of this commit:
cvs rdiff -u -r1.145 -r1.145.2.1 src/sys/netinet6/nd6_rtr.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
From: "Martin Husemann" <martin@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/55091 CVS commit: [netbsd-8] src/sys/netinet6
Date: Wed, 15 Apr 2020 14:27:54 +0000
Module Name: src
Committed By: martin
Date: Wed Apr 15 14:27:54 UTC 2020
Modified Files:
src/sys/netinet6 [netbsd-8]: nd6_rtr.c
Log Message:
Pull up following revision(s) (requested by kim in ticket #1531):
sys/netinet6/nd6_rtr.c: revision 1.148
Fix default route selection
The primary issue was that in revision 1.79 a check was added in the
nd6_defrouter_select() search loop to ignore the entry if RA processing
is enabled on its interface. In practice this results in all entries
being ignored.
This fix reverses the condition, so that an entry is ignored when RA
processing is NOT enabled on its interface. Further, the entry is
only ignored for being selected as the default router. The currently
installed router must be identified regardless of the (current) status
of its interface, so that we can delete the route before installing a
new one.
I also added error logging when adding or deleting a route fails. This
should help the administrator (or kernel developer) in noticing possible
problems.
Finally, if deleting a route fails, the corresponding default route
entry no longer has its "installed" flag cleared, so that deletion will
be retried. At a minimum, this will cause repeated messages about the
failed deletion as opposed to only getting repeated messages about the
installation of a new default route failing.
Fixes PR kern/55091 and also PR bin/54997 as far as the behaviour
observed with ndp(8).
To generate a diff of this commit:
cvs rdiff -u -r1.135.6.4 -r1.135.6.5 src/sys/netinet6/nd6_rtr.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
From: "Martin Husemann" <martin@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/55091 CVS commit: [netbsd-7] src/sys/netinet6
Date: Wed, 15 Apr 2020 14:52:29 +0000
Module Name: src
Committed By: martin
Date: Wed Apr 15 14:52:29 UTC 2020
Modified Files:
src/sys/netinet6 [netbsd-7]: nd6_rtr.c
Log Message:
Pull up following revision(s) (requested by kim in ticket #1727):
sys/netinet6/nd6_rtr.c: revision 1.148 (via patch)
Fix default route selection
The primary issue was that in revision 1.79 a check was added in the
nd6_defrouter_select() search loop to ignore the entry if RA processing
is enabled on its interface. In practice this results in all entries
being ignored.
This fix reverses the condition, so that an entry is ignored when RA
processing is NOT enabled on its interface. Further, the entry is
only ignored for being selected as the default router. The currently
installed router must be identified regardless of the (current) status
of its interface, so that we can delete the route before installing a
new one.
I also added error logging when adding or deleting a route fails. This
should help the administrator (or kernel developer) in noticing possible
problems.
Finally, if deleting a route fails, the corresponding default route
entry no longer has its "installed" flag cleared, so that deletion will
be retried. At a minimum, this will cause repeated messages about the
failed deletion as opposed to only getting repeated messages about the
installation of a new default route failing.
Fixes PR kern/55091 and also PR bin/54997 as far as the behaviour
observed with ndp(8).
To generate a diff of this commit:
cvs rdiff -u -r1.93.2.3 -r1.93.2.4 src/sys/netinet6/nd6_rtr.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
From: "Martin Husemann" <martin@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/55091 CVS commit: [netbsd-7-1] src/sys/netinet6
Date: Wed, 15 Apr 2020 14:58:41 +0000
Module Name: src
Committed By: martin
Date: Wed Apr 15 14:58:41 UTC 2020
Modified Files:
src/sys/netinet6 [netbsd-7-1]: nd6_rtr.c
Log Message:
Pull up following revision(s) (requested by kim in ticket #1727):
sys/netinet6/nd6_rtr.c: revision 1.148 (via patch)
Fix default route selection
The primary issue was that in revision 1.79 a check was added in the
nd6_defrouter_select() search loop to ignore the entry if RA processing
is enabled on its interface. In practice this results in all entries
being ignored.
This fix reverses the condition, so that an entry is ignored when RA
processing is NOT enabled on its interface. Further, the entry is
only ignored for being selected as the default router. The currently
installed router must be identified regardless of the (current) status
of its interface, so that we can delete the route before installing a
new one.
I also added error logging when adding or deleting a route fails. This
should help the administrator (or kernel developer) in noticing possible
problems.
Finally, if deleting a route fails, the corresponding default route
entry no longer has its "installed" flag cleared, so that deletion will
be retried. At a minimum, this will cause repeated messages about the
failed deletion as opposed to only getting repeated messages about the
installation of a new default route failing.
Fixes PR kern/55091 and also PR bin/54997 as far as the behaviour
observed with ndp(8).
To generate a diff of this commit:
cvs rdiff -u -r1.93.2.3 -r1.93.2.3.6.1 src/sys/netinet6/nd6_rtr.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
From: "Martin Husemann" <martin@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/55091 CVS commit: [netbsd-7-0] src/sys/netinet6
Date: Wed, 15 Apr 2020 14:59:33 +0000
Module Name: src
Committed By: martin
Date: Wed Apr 15 14:59:33 UTC 2020
Modified Files:
src/sys/netinet6 [netbsd-7-0]: nd6_rtr.c
Log Message:
Pull up following revision(s) (requested by kim in ticket #1727):
sys/netinet6/nd6_rtr.c: revision 1.148 (via patch)
Fix default route selection
The primary issue was that in revision 1.79 a check was added in the
nd6_defrouter_select() search loop to ignore the entry if RA processing
is enabled on its interface. In practice this results in all entries
being ignored.
This fix reverses the condition, so that an entry is ignored when RA
processing is NOT enabled on its interface. Further, the entry is
only ignored for being selected as the default router. The currently
installed router must be identified regardless of the (current) status
of its interface, so that we can delete the route before installing a
new one.
I also added error logging when adding or deleting a route fails. This
should help the administrator (or kernel developer) in noticing possible
problems.
Finally, if deleting a route fails, the corresponding default route
entry no longer has its "installed" flag cleared, so that deletion will
be retried. At a minimum, this will cause repeated messages about the
failed deletion as opposed to only getting repeated messages about the
installation of a new default route failing.
Fixes PR kern/55091 and also PR bin/54997 as far as the behaviour
observed with ndp(8).
To generate a diff of this commit:
cvs rdiff -u -r1.93.2.3 -r1.93.2.3.2.1 src/sys/netinet6/nd6_rtr.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
State-Changed-From-To: open->feedback
State-Changed-By: maya@NetBSD.org
State-Changed-When: Tue, 21 Apr 2020 16:33:54 +0000
State-Changed-Why:
Do you believe this fix is sufficient?
Responsible-Changed-From-To: kern-bug-people->kim
Responsible-Changed-By: kim@NetBSD.org
Responsible-Changed-When: Tue, 21 Apr 2020 17:44:53 +0000
Responsible-Changed-Why:
Fixed it and pulled up to netbsd-9, -8, and -7*.
State-Changed-From-To: feedback->closed
State-Changed-By: kim@NetBSD.org
State-Changed-When: Tue, 21 Apr 2020 17:44:53 +0000
State-Changed-Why:
Fixed it and pulled up to netbsd-9, -8, and -7*.
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.46 2020/01/03 16:35:01 leot Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2020
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.