Bug#815793: IPv6 code ignores unsolicited router advertisements
Marc Haber
mh+debian-packages at zugschlus.de
Wed Jul 6 08:42:33 BST 2016
On Wed, Jul 06, 2016 at 09:29:35AM +0200, Martin Pitt wrote:
> Marc Haber [2016-07-06 9:03 +0200]:
> > > Do you have some instructions how this can be reproduced? It sounds
> > > like it should be possible to test this using a veth pair, possibly a
> > > dnsmasq on one end, and some ip commands. Then I'd like to write a
> > > test case for [2].
> > >
> > > If this is hardware specific, can you please try this with 230 with
> > > the patch reverted? I build packages for amd64 here:
> > > https://people.debian.org/~mpitt/tmp/systemd-userspace-ndisc/
> > > (there's also a Packages.gz so this can be used as an apt deb line)
> > > There were a lot of changes to the RA handling in 230.
> >
> > I will try this, but since my current project is in a critical phase I
> > do not have too much time. I am confident that I can produce results
> > during july, but most probably not next weekend. I will keep you posted.
>
> Thanks. Testing the above packages will indeed take some time, but I
> wondered if you could give me a hint whether this can be reproduced
> with something like "set up a normal RA server/IPv6 networkd client"
> (I know how to do that of course) and then change foo/run blah to
> trigger this".
I think this particular issue can be triggered by:
- set up a router running radvd
- start up a client with networkd and systemd IPv6 implementation
- manually remove any IPv6 address and IPv6 route from the client
- restart the radvd on the router
The client should pick up the prefix and route that the newly started
radvd announces. At least this would be my first test.
I _think_ that I stumbled upon this issue because the systemd IPv6
code sent out its _single_ router solicitation so early that the
network link was not yet up (thus, no IPv6 on the client), and then
proceeded to ignore the regular route updates sent out by the radvd
because it didn't ask for them.
Ignoring unsolicited announcements is state of the art for ARP and
DHCP to protect a system's caches against poisioning attacks, which is
probably the reason why this was implemented in systemd IPv6 code as
well. But, IPv6 works differently and it is necessary for network
functionality to listen and to act even on unsolicited router
announcements.
At least this is how I explained to myself why the code was written
this way. Too bad they didn't test it in reality but instead released
it.
Greetings
Marc
--
-----------------------------------------------------------------------------
Marc Haber | "I don't trust Computers. They | Mailadresse im Header
Leimen, Germany | lose things." Winona Ryder | Fon: *49 6224 1600402
Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
More information about the Pkg-systemd-maintainers
mailing list