From 465dfe59fcbb81f21161417a74dd33276bf8039b Mon Sep 17 00:00:00 2001 From: Hristo Venev Date: Tue, 9 May 2017 19:04:55 +0100 Subject: [PATCH] networkd: add IPv6ProxyNDP (#5913) This allows enabling proxy_ndp even if no addresses are configured in networkd, as well as disabling proxy_ndp from a drop-in. --- man/systemd.network.xml | 31 ++++++++++++++---------- src/network/networkd-ipv6-proxy-ndp.c | 3 +++ src/network/networkd-network-gperf.gperf | 1 + src/network/networkd-network.c | 1 + src/network/networkd-network.h | 1 + 5 files changed, 24 insertions(+), 13 deletions(-) diff --git a/man/systemd.network.xml b/man/systemd.network.xml index 74ee8e56ff..d02e3b0e60 100644 --- a/man/systemd.network.xml +++ b/man/systemd.network.xml @@ -612,22 +612,27 @@ - IPv6ProxyNDPAddress= - An IPv6 address, for which Neighbour Advertisement - messages will be proxied. - Proxy NDP (Neighbor Discovery Protocol) is a technique for IPv6 to - allow routing of addresses to a different destination when peers expect them - to be present on a certain physical link. + IPv6ProxyNDP= + A boolean. Configures proxy NDP for IPv6. Proxy NDP (Neighbor Discovery + Protocol) is a technique for IPv6 to allow routing of addresses to a different + destination when peers expect them to be present on a certain physical link. In this case a router answers Neighbour Advertisement messages intended for another machine by offering its own MAC address as destination. - Unlike proxy ARP for IPv4, is not enabled globally, but will only send Neighbour + Unlike proxy ARP for IPv4, it is not enabled globally, but will only send Neighbour Advertisement messages for addresses in the IPv6 neighbor proxy table, - which can also be shown by ip -6 neighbour show proxy - This option may be specified more than once. systemd-networkd will control the - per-interface `proxy_ndp` switch for each configured interface, depending on whether - there are entries configured and add these to - the kernels IPv6 neighbor proxy table. - Defaults to unset. + which can also be shown by ip -6 neighbour show proxy. + systemd-networkd will control the per-interface `proxy_ndp` switch for each configured + interface depending on this option. + Defautls to unset. + + + + IPv6ProxyNDPAddress= + An IPv6 address, for which Neighbour Advertisement messages will be + proxied. This option may be specified more than once. systemd-networkd will add the + entries to the kernel's IPv6 neighbor proxy table. + This option implies but has no effect if + has been set to false. Defaults to unset. diff --git a/src/network/networkd-ipv6-proxy-ndp.c b/src/network/networkd-ipv6-proxy-ndp.c index 11c1cd9268..00790c0c13 100644 --- a/src/network/networkd-ipv6-proxy-ndp.c +++ b/src/network/networkd-ipv6-proxy-ndp.c @@ -38,6 +38,9 @@ static bool ipv6_proxy_ndp_is_needed(Link *link) { if (!link->network) return false; + if (link->network->ipv6_proxy_ndp != -1) + return link->network->ipv6_proxy_ndp; + if (link->network->n_ipv6_proxy_ndp_addresses == 0) return false; diff --git a/src/network/networkd-network-gperf.gperf b/src/network/networkd-network-gperf.gperf index ef53b528a8..b2c585f866 100644 --- a/src/network/networkd-network-gperf.gperf +++ b/src/network/networkd-network-gperf.gperf @@ -63,6 +63,7 @@ Network.IPv6AcceptRA, config_parse_tristate, Network.IPv6AcceptRouterAdvertisements, config_parse_tristate, 0, offsetof(Network, ipv6_accept_ra) Network.IPv6DuplicateAddressDetection, config_parse_int, 0, offsetof(Network, ipv6_dad_transmits) Network.IPv6HopLimit, config_parse_int, 0, offsetof(Network, ipv6_hop_limit) +Network.IPv6ProxyNDP, config_parse_tristate, 0, offsetof(Network, ipv6_proxy_ndp) Network.ActiveSlave, config_parse_bool, 0, offsetof(Network, active_slave) Network.PrimarySlave, config_parse_bool, 0, offsetof(Network, primary_slave) Network.IPv4ProxyARP, config_parse_tristate, 0, offsetof(Network, proxy_arp) diff --git a/src/network/networkd-network.c b/src/network/networkd-network.c index 0c0e661909..3c26c8609e 100644 --- a/src/network/networkd-network.c +++ b/src/network/networkd-network.c @@ -184,6 +184,7 @@ static int network_load_one(Manager *manager, const char *filename) { network->ipv6_accept_ra = -1; network->ipv6_dad_transmits = -1; network->ipv6_hop_limit = -1; + network->ipv6_proxy_ndp = -1; network->duid.type = _DUID_TYPE_INVALID; network->proxy_arp = -1; network->arp = -1; diff --git a/src/network/networkd-network.h b/src/network/networkd-network.h index 28ef285be6..c9326c7f1e 100644 --- a/src/network/networkd-network.h +++ b/src/network/networkd-network.h @@ -178,6 +178,7 @@ struct Network { int ipv6_accept_ra; int ipv6_dad_transmits; int ipv6_hop_limit; + int ipv6_proxy_ndp; int proxy_arp; bool ipv6_accept_ra_use_dns;