Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ipv6: Fix source address with many addresses in same network #11384

Merged
merged 1 commit into from Dec 13, 2023
Merged

ipv6: Fix source address with many addresses in same network #11384

merged 1 commit into from Dec 13, 2023

Conversation

PetteriAimonen
Copy link
Contributor

Summary

Previously ipv6 multi-address support decided packet source address based on its destination. This doesn't work if NuttX device has multiple addresses within same subnet. Replies will come from different address that the originator contacted, which causes warnings for ICMPv6 and stops TCP from working.

Instead when a packet is a response to existing connection, the source address should be based on the destination address used in the received packet.

RFC6724 does not go much into detail on this, but says:

Although source and destination address selection is most typically
done when initiating communication, a responder also must deal with
address selection. In many cases, this is trivially dealt with by an
application using the source address of a received packet as the
response destination and the destination address of the received
packet as the response source. Other cases, however, are handled
like an initiator, such as when the request is multicast and hence
source address selection must still occur when generating a response
or when the request includes a list of the initiator's addresses from
which to choose a destination. Finally, a third application scenario
is that of a listening application choosing on what local addresses
to listen. This third scenario is out of the scope of this document.

This commit implements it so that the destination address of received packet is used if it is among the local interface addresses.
If it is not, a best matching address is selected.

Related to #11054 and #11378.
@wengzhe Does this look reasonable to you?

Impact

Makes a difference only when CONFIG_NETDEV_MULTIPLE_IPv6 is enabled.
Affects ICMPv6 and TCP & UDP.

Testing

Tested with following addresses:

  • NuttX eth0 assigned fd0f::e100 before ifup(), with netmask /64.
  • NuttX eth0 added fd0f::1:0:e100 using ifconfig.
  • Connecting from PC that has auto-assigned fd0f::aaa1:59ff:fe15:4b25 to itself.

wengzhe
wengzhe reviewed Dec 13, 2023
View reviewed changes
Copy link
Contributor

@wengzhe wengzhe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great, it seems reasonable to get a source address from the destination address when we're replying. I also found the same problem in ping6 just last week, and didn't get time to fully analyze this problem, thanks for checking it over protocols.

net/icmpv6/icmpv6_input.c Outdated Show resolved Hide resolved
@PetteriAimonen
ipv6: Fix source address with many addresses in same network
878d987 
Previously ipv6 multi-address support decided packet source
address based on its destination. This doesn't work if NuttX
device has multiple addresses within same subnet.

Instead when a packet is a response to existing connection,
the source address should be based on the destination address
used in the received packet.
@xiaoxiang781216 xiaoxiang781216 merged commit c3a234f into apache:master Dec 13, 2023
26 checks passed
@jerpelea jerpelea added this to To-Add in Release Notes - 12.4.0 Dec 27, 2023
@jerpelea jerpelea moved this from To-Add to Net in Release Notes - 12.4.0 Jan 8, 2024
@jerpelea jerpelea moved this from Net to processed in Release Notes - 12.4.0 Jan 8, 2024
wengzhe added a commit to wengzhe/nuttx that referenced this pull request Feb 2, 2024
@wengzhe
net/udp: Fix source address selection under IPv6
562e90c 
apache#11384 has changed the source
address selection of UDP from raddr to laddr, but not all UDP
connections have laddr set, then we need to fallback to get source from
raddr.

Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
@wengzhe wengzhe mentioned this pull request Feb 2, 2024
Merged
xiaoxiang781216 pushed a commit that referenced this pull request Feb 2, 2024
@wengzhe @xiaoxiang781216
net/udp: Fix source address selection under IPv6
8562dd5 
#11384 has changed the source
address selection of UDP from raddr to laddr, but not all UDP
connections have laddr set, then we need to fallback to get source from
raddr.

Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
freakishness pushed a commit to freakishness/incubator-nuttx that referenced this pull request Feb 18, 2024
@wengzhe @freakishness
net/udp: Fix source address selection under IPv6
b9b9f6a 
apache#11384 has changed the source
address selection of UDP from raddr to laddr, but not all UDP
connections have laddr set, then we need to fallback to get source from
raddr.

Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
halyssonJr pushed a commit to halyssonJr/nuttx that referenced this pull request Apr 10, 2024
@wengzhe @halyssonJr
net/udp: Fix source address selection under IPv6
e89a13a 
apache#11384 has changed the source
address selection of UDP from raddr to laddr, but not all UDP
connections have laddr set, then we need to fallback to get source from
raddr.

Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@anchao anchao anchao approved these changes

@wengzhe wengzhe wengzhe approved these changes

@jerpelea jerpelea jerpelea approved these changes

@xiaoxiang781216 xiaoxiang781216 xiaoxiang781216 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
No open projects
Release Notes - 12.4.0
processed
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@PetteriAimonen @anchao @wengzhe @jerpelea @xiaoxiang781216