Re: BSD non-/32 prefixes on p2p linkes
On 20.09.2013 21:09, Alexander V. Chernikov wrote:
Hello list!
Currently bird assumes (bsd sysdep) that any prefix on p2p link is /32.
Just to be more specific: krt_read_addr() assumes the following for
every non-multiaccess interfaces:
else /* PtP iface */
{
ifa.flags |= IA_PEER;
ifa.prefix = ifa.opposite = ifa.brd;
}
For every mask != 32 this (except /31 and higher address) gives you
wrong prefix like in example below:
For example:
ifconfig gif15 inet 10.0.0.2/31 10.0.0.3
ifconfig gif15
gif15: flags=8051UP,POINTOPOINT,RUNNING,MULTICAST metric 0 mtu 1280
...
inet 10.0.0.2 -- 10.0.0.3 netmask 0xfffe
bird: direct1 primary address 10.0.0.3/31 on interface gif15 added
bird: Ignoring bogus prefix 10.0.0.3/31 received via direct1
bird: direct1 invalid 10.0.0.3/31 dev gif15
IPv6 case was fixed in 3f5843740
https://gitlab.labs.nic.cz/labs/bird/commit/3f58437405f8e37e9c14d83274a6b82ffd9583f8.
Can we do the same for IPv4 ?
Re: BSD non-/32 prefixes on p2p linkes
On Fri, Sep 20, 2013 at 09:09:32PM +0400, Alexander V. Chernikov wrote:
Hello list!
Currently bird assumes (bsd sysdep) that any prefix on p2p link is /32.
For example:
bird: direct1 primary address 10.0.0.3/31 on interface gif15 added
bird: Ignoring bogus prefix 10.0.0.3/31 received via direct1
bird: direct1 invalid 10.0.0.3/31 dev gif15
Can we do the same for IPv4 ?
That could be done, but i wonder why ever check for IF_MULTIACCESS, is
that relevant for IPs on BSD? Does BSD support peer addresses on
multiaccess interfaces?
Do you think we could do it with the same logic as it is done in Linux:
if (i-ifa_prefixlen == BITS_PER_IP_ADDRESS)
{
ip_addr addr;
memcpy(addr, RTA_DATA(a[IFA_ADDRESS]), sizeof(addr));
ipa_ntoh(addr);
ifa.prefix = ifa.brd = addr;
/* It is either a host address or a peer address */
if (ipa_equal(ifa.ip, addr))
ifa.flags |= IA_HOST;
else
{
ifa.flags |= IA_PEER;
ifa.opposite = addr;
}
}
else
{
ip_addr netmask = ipa_mkmask(ifa.pxlen);
ifa.prefix = ipa_and(ifa.ip, netmask);
ifa.brd = ipa_or(ifa.ip, ipa_not(netmask));
if (i-ifa_prefixlen == BITS_PER_IP_ADDRESS - 1)
ifa.opposite = ipa_opposite_m1(ifa.ip);
#ifndef IPV6
if (i-ifa_prefixlen == BITS_PER_IP_ADDRESS - 2)
ifa.opposite = ipa_opposite_m2(ifa.ip);
}
--
Elen sila lumenn' omentielvo
Ondrej 'SanTiago' Zajicek (email: santi...@crfreenet.org)
OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net)
To err is human -- to blame it on a computer is even more so.
signature.asc
Description: Digital signature
Re: BSD non-/32 prefixes on p2p linkes
On Sat, Sep 21, 2013 at 11:45:08AM +0200, Ondrej Zajicek wrote:
On Fri, Sep 20, 2013 at 09:09:32PM +0400, Alexander V. Chernikov wrote:
Hello list!
Currently bird assumes (bsd sysdep) that any prefix on p2p link is /32.
For example:
bird: direct1 primary address 10.0.0.3/31 on interface gif15 added
bird: Ignoring bogus prefix 10.0.0.3/31 received via direct1
bird: direct1 invalid 10.0.0.3/31 dev gif15
Can we do the same for IPv4 ?
That could be done, but i wonder why ever check for IF_MULTIACCESS, is
that relevant for IPs on BSD? Does BSD support peer addresses on
multiaccess interfaces?
Do you think we could do it with the same logic as it is done in Linux:
That would be:
if (masklen BITS_PER_IP_ADDRESS)
{
ifa.prefix = ipa_and(ifa.ip, ipa_mkmask(masklen));
if (masklen == (BITS_PER_IP_ADDRESS - 1))
ifa.opposite = ipa_opposite_m1(ifa.ip);
#ifndef IPV6
if (masklen == (BITS_PER_IP_ADDRESS - 2))
ifa.opposite = ipa_opposite_m2(ifa.ip);
#endif
}
else if (masklen == BITS_PER_IP_ADDRESS)
{
ifa.prefix = ifa.brd;
if (ipa_equal(ifa.ip, ifa.brd))
ifa.flags |= IA_HOST;
else
{
ifa.flags |= IA_PEER;
ifa.opposite = ifa.brd;
}
}
else // BAD px len
--
Elen sila lumenn' omentielvo
Ondrej 'SanTiago' Zajicek (email: santi...@crfreenet.org)
OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net)
To err is human -- to blame it on a computer is even more so.
signature.asc
Description: Digital signature
Re: BSD non-/32 prefixes on p2p linkes
On Sat, Sep 21, 2013 at 11:45:08AM +0200, Ondrej Zajicek wrote: On Fri, Sep 20, 2013 at 09:09:32PM +0400, Alexander V. Chernikov wrote: Hello list! Currently bird assumes (bsd sysdep) that any prefix on p2p link is /32. For example: bird: direct1 primary address 10.0.0.3/31 on interface gif15 added bird: Ignoring bogus prefix 10.0.0.3/31 received via direct1 bird: direct1 invalid 10.0.0.3/31 dev gif15 Can we do the same for IPv4 ? That could be done, but i wonder why ever check for IF_MULTIACCESS, is that relevant for IPs on BSD? Does BSD support peer addresses on multiaccess interfaces? I did some tests on FreeBSD and it seems that allowed address combinations depend on IF_MULTIACCESS: Multiaccess iface (e.g. ethernet): - behavior the same for IPv4 and IPv6 - prefix and host addresses allowed, peer addresses forbidden PtP iface (e.g. GRE tunnel), IPv4: - peer addresses allowed - prefix addresses allowed, but require dest_address - host addresses forbidden - note that you could set peer address with dest_address the same as local address, which could be interpreted as host address, but it is question whether it should be interpreted that or whether it is just an error. PtP iface (e.g. GRE tunnel), IPv6: - prefix, host and peer addresses are allowed (Prefix addresses are addresses with non-max prefix, peer addresses are pairs of local/remote IPs (IA_PEER in BIRD), host addresses are max-prefix addresses without remote ends (kind of loopback, IA_HOST in BIRD.) Not sure of other BSDs, newer FreeBSDs and whether all these allowed combinations are intentional. I guess that in a case where IPv4 prefix addresses are used on PtP iface, we could more or less ignore value of dest_address (it would be parsed as broadcast address, which may or may not be OK). And we definitely would ignore the possibility that dest_address is outside the (non-max) prefix. -- Elen sila lumenn' omentielvo Ondrej 'SanTiago' Zajicek (email: santi...@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) To err is human -- to blame it on a computer is even more so. signature.asc Description: Digital signature
