Xen project Mailing List

[Xen-changelog] [xen-unstable] [LINUX] ipv6: Disable addrconf on Xen bridge device

From: Xen patchbot-unstable <patchbot-unstable@xxxxxxxxxxxxxxxxxxx>

Date: Sun, 14 Jan 2007 11:40:36 -0800

Delivery-date: Sun, 14 Jan 2007 11:50:31 -0800

List-id: BK change log <xen-changelog.lists.xensource.com>

# HG changeset patch # User kfraser@xxxxxxxxxxxxxxxxxxxxx # Date 1168615387 0 # Node ID c2fd75d7e2b7ab40e98936d10d5c31dbdc37af5b # Parent c71fe03f086f8f705bc11b0edc252d71f0a0eb17 [LINUX] ipv6: Disable addrconf on Xen bridge device The ipv6-no-autoconf patch didn't disable IPv6 addrconf completely. This means that the Xen bridge device still interfered with normal IPv6 operation by engaging the IPv6 network with a bogus MAC address. For details please refer to https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=200360 The following patch completely disables IPv6 on the Xen bridge device by temporarily setting the MTU to a value less than the minimum allowed for IPv6. Upstream will provide a cleaner way to disable IPv6 addrconf in future, possibly in the form of a proc sysctl. Of course if the Xen loopback device is removed it would render this change unnecessary. Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> --- patches/linux-2.6.16.33/ipv6-no-autoconf.patch | 18 ------------------ patches/linux-2.6.16.33/series | 1 - tools/examples/xen-network-common.sh | 5 +++++ 3 files changed, 5 insertions(+), 19 deletions(-) diff -r c71fe03f086f -r c2fd75d7e2b7 patches/linux-2.6.16.33/ipv6-no-autoconf.patch --- a/patches/linux-2.6.16.33/ipv6-no-autoconf.patch Fri Jan 12 15:19:23 2007 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,19 +0,0 @@ -diff -pruN ../orig-linux-2.6.16.29/net/ipv6/addrconf.c ./net/ipv6/addrconf.c ---- ../orig-linux-2.6.16.29/net/ipv6/addrconf.c 2006-09-12 19:02:10.000000000 +0100 -+++ ./net/ipv6/addrconf.c 2006-09-19 13:59:11.000000000 +0100 -@@ -2471,6 +2471,7 @@ static void addrconf_dad_start(struct in - spin_lock_bh(&ifp->lock); - - if (dev->flags&(IFF_NOARP|IFF_LOOPBACK) || -+ !(dev->flags&IFF_MULTICAST) || - !(ifp->flags&IFA_F_TENTATIVE)) { - ifp->flags &= ~IFA_F_TENTATIVE; - spin_unlock_bh(&ifp->lock); -@@ -2555,6 +2556,7 @@ static void addrconf_dad_completed(struc - if (ifp->idev->cnf.forwarding == 0 && - ifp->idev->cnf.rtr_solicits > 0 && - (dev->flags&IFF_LOOPBACK) == 0 && -+ (dev->flags & IFF_MULTICAST) && - (ipv6_addr_type(&ifp->addr) & IPV6_ADDR_LINKLOCAL)) { - struct in6_addr all_routers; - diff -r c71fe03f086f -r c2fd75d7e2b7 patches/linux-2.6.16.33/series --- a/patches/linux-2.6.16.33/series Fri Jan 12 15:19:23 2007 +0000 +++ b/patches/linux-2.6.16.33/series Fri Jan 12 15:23:07 2007 +0000 @@ -9,7 +9,6 @@ fix-hz-suspend.patch fix-hz-suspend.patch fix-ide-cd-pio-mode.patch i386-mach-io-check-nmi.patch -ipv6-no-autoconf.patch net-csum.patch net-gso-0-base.patch net-gso-1-check-dodgy.patch diff -r c71fe03f086f -r c2fd75d7e2b7 tools/examples/xen-network-common.sh --- a/tools/examples/xen-network-common.sh Fri Jan 12 15:19:23 2007 +0000 +++ b/tools/examples/xen-network-common.sh Fri Jan 12 15:23:07 2007 +0000 @@ -117,7 +117,12 @@ create_bridge () { ip link set ${bridge} arp off ip link set ${bridge} multicast off fi + + # A small MTU disables IPv6 (and therefore IPv6 addrconf). + mtu=$(ip link show ${bridge} | sed -n 's/.* mtu $[0-9]\+$.*/\1/p') + ip link set ${bridge} mtu 68 ip link set ${bridge} up + ip link set ${bridge} mtu ${mtu:-1500} } # Usage: add_to_bridge bridge dev _______________________________________________ Xen-changelog mailing list Xen-changelog@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-changelog

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.