History log of /openbsd-current/sys/netinet6/nd6.h
Revision (<<< Hide revision tags) (Show revision tags >>>) Date Author Comments
# 1.99 04-May-2023 bluhm

Introduce a neighbor discovery mutex like ARP uses it. For now it
only protects nd6_list. It does not unlock ND6 from kernel lock
yet.
OK kn@


# 1.98 02-May-2023 bluhm

Call nd6_ns_output() without kernel lock from nd6_resolve().
OK kn@


# 1.97 05-Apr-2023 bluhm

ARP has a sysctl to show the number of packets waiting for an arp
response. Implement analog sysctl net.inet6.icmp6.nd6_queued for
ND6 to reduce places where mbufs can hide within the kernel.
Atomic operations operate on unsigned int. Make the type of total
hold queue length consistent.
Use atomic load to read the value for the sysctl. This clarifies
why no lock around sysctl_rdint() is needed.
OK mvs@ kn@


# 1.96 05-Apr-2023 bluhm

ARP has a queue of packets that should be sent after name resolution.
ND6 did only hold a single packet. Unify the logic and add a mbuf
hold queue to struct llinfo_nd6. This is MP safe and queue limits
are tracked with atomic operations. New function if_mqoutput() has
common code for ARP and ND6. ln_saddr6 holds the source address
of the requesting packet. That is easier than fiddling with mbuf
queue in nd6_ns_output().
OK kn@


Revision tags: OPENBSD_7_3_BASE
# 1.95 06-Jan-2023 kn

Clean up struct nd_opts, use nd6_options() function local variables

nd_opts_search is really the next option, so call it next_opt.

nd_opts_done == 1 means next_opt == NULL, i.e. no more option to handle,
so zap the former and use the latter to stop.

Finally drop the useless struct members, all under _KERNEL.

OK claudio


# 1.94 10-Dec-2022 kn

Merge nd6_option_init() into nd6_options()

All call-sites call nd6_options() directly after nd6_option_init().
Fold them to simplify the logic and do less pointing around.

Feedback OK bluhm florian


# 1.93 09-Dec-2022 claudio

Switch nd_opts from a union to just a struct.
The ND6 option handling in the kernel got a lot simpler since only
the tgt and src lladdr option are inspected by the kernel. The magic
of assigning options via one side of the union and accessing them
via the other is total overkill and actually quite error prone.
OK florian@


# 1.92 07-Dec-2022 kn

Do not store unused ICMPv6 Option PREFIX_INFORMATION

Dead since 2017 sys/netinet6/nd6_rtr.c r1.163
Remove sending of router solicitations and processing of router
advertisements from the kernel. It's handled by slaacd(8) these days.

sysctl(2) net.inet6.icmp6.nd6_debug does not warn about it like it does
for, e.g., duplicate MTU options, so don't do anything with this option.

Remove access macros for other unused options while here.
Eventually, union nd_opts should be removed completely.
All under _KERNEL.

tcpdump(8)/rad(8)/slaacd(8) keep showing/sending/receiving this option when
running this diff on both router and client.

OK claudio


# 1.91 02-Dec-2022 kn

Remove constant basereachable and retrans members from struct nd_ifinfo

Both are initalised with compile-time constants and never written to.

They are part of the Neighbour Discovery machinery and only surface
through the single-user SIOCGIFINFO_IN6:
$ ndp -i lo0
basereachable=30s0ms, reachable=39s, retrans=1s0ms

These values are read-only since 2017
sys/netinet6/nd6.c r1.217
usr.sbin/ndp/ndp.c r1.85
Remove knob and always do neighbor unreachable detection

Inline the macros (to keep meaningful names), shrink the per-interface
allocated struct nd_ifinfo to what is actually needed and inline
nd6_dad_starttimer()'s constant `msec' argument.

Nothing else in base, incl. regress, uses SIOCGIFINFO_IN6 or `ndp -i'.

OK bluhm


# 1.90 28-Nov-2022 kn

Document struct nd_ifinfo protection, remove obsolete .initialized member

All access to struct ifnet's member *if_nd is read-only, with the one
write exception being nd6_slowtimo() updating ND information.

IPv6 Neighbour Discovery information is fully protected by the net lock.
---
nd6_ifattach() allocates and unconditionally initialises struct ifnet's
*if_nd member, so early in if_attachsetup() that there is no way to query
unitialised Neighour Unreachable Detection bits.

Only SIOCGIFINFO_IN6 through ndp(8) used the .initialized member:
Added/set since 2002 sys/netinet6/nd6.c r1.42
attach nd_ifinfo structure to if_afdata.
split IPv6 MTU (advertised by RA) from real link MTU.
sync with kame

Read since 2002 usr.sbin/ndp/ndp.c r1.16
use new SIOCGIFINFO_IN6. random other cleanups. sync w/kame.

Obsolete since 2017 sys/netinet6/nd6.c r1.217
usr.sbin/ndp/ndp.c r1.85
Remove knob and always do neighbor unreachable detection.

Feedback OK bluhm


# 1.89 23-Nov-2022 kn

Remove unused NDPRF_* defines; dead since 2017 sys/netinet6/nd6.c r1.210

Remove sending of router solicitations and processing of router
advertisements from the kernel. It's handled by slaacd(8) these days.

Outside of _KERNEL, but nothing in base uses it, either.
codesearch.debian.net seems to agree.

OK mvs claudio bluhm


# 1.88 23-Nov-2022 kn

Remove unused struct in6_ndifreq; dead since 2013 sys/netinet6/in6_var.h r1.37

Remove unused code manipulating a default interface and its index
This is a leftover from the on-link assumption behavior removal,
which has been deprecated by RFC4861 anyway.

Outside of _KERNEL, but nothing in base uses it, either.
codesearch.debian.net seems to agree.

OK mvs claudio bluhm


# 1.87 23-Nov-2022 kn

Remove unused struct prf_ra; dead since 2017 sys/netinet/icmp6.h r1.45

Get rid of ICMPV6CTL_ND6_DRLIST and ICMPV6CTL_ND6_PRLIST sysctls
With this we can also get rid of in6_prefix and in6_defrouter. They
are meaningless, the kernel no longer tracks this information.

Outside of _KERNEL, but nothing in base uses it, either.
codesearch.debian.net seems to agree.

OK mvs claudio bluhm


# 1.86 23-Nov-2022 kn

Inline useless ND_IFINFO() macro

A single cast-free struct pointer dereference needs no indirection.
ND_IFINFO() is under _KERNEL.

OK mvs


# 1.85 23-Nov-2022 kn

Let nd6_if{at,de}tach() be void and take an ifp argument

Do it like the rest of at/detach routines which modify a struct ifnet
pointer without returning anything.

OK mvs


# 1.84 23-Nov-2022 kn

Add *if_nd to struct ifnet, call nd6_if{at,de}tach() directly

*if_afdata[] and struct domain's dom_if{at,de}tach() are only used with
IPv6 Neighbour Discovery in6_dom{at,de}tach(), which allocate/init and
free single struct nd_ifinfo.

Set up a new ND-specific *if_nd member directly to avoid yet another
layer of indirection and thus make the generic domain API obsolete.

The per-interface data is only accessed in nd6.c and nd6_nbr.c through
the ND_IFINFO() macro; it is allocated and freed exactly once during
interface at/detach, so document it as [I]mmutable.

OK bluhm mvs claudio


# 1.83 23-Nov-2022 kn

Recommit previous "Remove useless struct in6_ifextra"

This was the right diff after all, I just confused myself between trees.

OK bluhm
---
Remove useless struct in6_ifextra

in6_var.h r1.75 removed all other struct members.

Now It only contains a single struct nd_ifinfo pointer, so address family
specific data might as well be just that.

ND_IFINFO() is the only way nd6_nbr.c and nd6.c access this data, there is
no other usage of if_afdata[].

One allocation and unhelpful indirection less per interface.

All under _KERNEL.

OK claudio


# 1.82 22-Nov-2022 kn

Backout "Remove useless struct in6_ifextra" commit

I committed the wrong iteration of this diff, sorry for the noise.


# 1.81 22-Nov-2022 kn

Remove useless struct in6_ifextra

in6_var.h r1.75 removed all other struct members.

Now It only contains a single struct nd_ifinfo pointer, so address family
specific data might as well be just that.

ND_IFINFO() is the only way nd6_nbr.c and nd6.c access this data, there is
no other usage of if_afdata[].

One allocation and unhelpful indirection less per interface.

All under _KERNEL.

OK claudio


# 1.80 12-Nov-2022 kn

Remove unused RS_LHCOOKIE macro

Added in 2014 110585f259f4974284e531f0a1e121b001a580dc
Move sending of router solicitations to the kernel; [...]
but never used.


Revision tags: OPENBSD_7_2_BASE
# 1.79 08-Aug-2022 kn

Constify in6_addr pointer arguments in nd6_*() functions

All of them are passed to inspect/copy out fields, none of the functions
writes to the struct.

This makes it easier to argue about code (in MP context).

OK bluhm


# 1.78 28-Jul-2022 kn

Zap prototypes for nonexistent nd6_setmtu() and in6_ifdel()

Removed in 2015 and 2002, respectively.

OK claudio


# 1.77 22-Jul-2022 kn

Leftovers from florian's RS/NA purge from the kernel in 2017.

OK bluhm


Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE
# 1.76 28-Mar-2020 florian

Move ND6_PRIV_* constants from nd6.h to slaacd the only place where
they are used. Nobody in the wider eco system uses these.
While here reduce temporary address valid lifetime to 2 days as per
draft-ietf-6man-rfc4941bis. This should considerably reduce the amount
of addresses configured on an interface - a common complaint.
Original diff from Fernando Gont (fernando AT gont.com.ar), thanks!
Ports tree scanning by sthen@


Revision tags: OPENBSD_6_6_BASE
# 1.75 21-Jun-2019 mpi

Prevent recursions by not deleting entries inside rtable_walk(9).

rtable_walk(9) now passes a routing entry back to the caller when
a non zero value is returned and if it asked for it.
This allows us to call rtdeletemsg()/rtrequest_delete() from the
caller without creating a recursion because of rtflushclone().

Multicast code hasn't been adapted and is still possibly creating
recursions. However multicast route entries aren't cloned so if
a recursion exists it isn't because of rtflushclone().

Fix stack exhaustion triggered by the use of "-msave-args".

Issue reported by D��niel L��vai on bugs@ confirmed by and ok bluhm@.


Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE
# 1.74 27-Nov-2017 mpi

Use a single timer for all ND6 entries.

This prevents a use-after-free reported by Hrvoje Popovski where the
timeout function was already sleeping on the NET_LOCK() when ifconfig(8)
removed the enry from the table.

By iterating on a global list in the timeout routine we ensure that the
items are still valid when we process them. This also reduce differences
with ARP.

ok bluhm@, visa@


# 1.73 03-Nov-2017 florian

We are processing Router Solicitation / Advertisement messages only
for the Source Link-layer Address Options.
Merge nd6_rs_input() and nd6_ra_input() into one generic function that
does just that.

input & OK mpi


Revision tags: OPENBSD_6_2_BASE
# 1.72 09-Aug-2017 florian

Remove knob and always do neighbor unreachable detection.


# 1.71 09-Aug-2017 florian

accept_rtadv doesn't do anything since some time.
OK mpi


# 1.70 09-Aug-2017 florian

We are no longer generating privacy addresses in the
kernel.
OK mpi


# 1.69 08-Aug-2017 florian

Stop running nd6_expire every second.
We know when pltime or vltime decrease to zero. Run nd6_expire then.
Input & OK mpi, bluhm


# 1.68 12-Jul-2017 florian

Get rid of ICMPV6CTL_ND6_DRLIST and ICMPV6CTL_ND6_PRLIST sysctls
With this we can also get rid of in6_prefix and in6_defrouter. They
are meaningless, the kernel no longer tracks this information.

Pointed out by & OK mpi


# 1.67 11-Jul-2017 florian

Purging is at last at hand. Day of Doom is here. All that is evil
shall all be cleansed.

Remove sending of router solicitations and processing of router
advertisements from the kernel. It's handled by slaacd(8) these days.

Input & OK bluhm@, mpi@


Revision tags: OPENBSD_6_1_BASE
# 1.66 27-Dec-2016 bluhm

Move nd6 timer initialisation to nd6_init() and call timeout_set()
only once during init.
OK mpi@


# 1.65 28-Nov-2016 mpi

Remove multiple recursive splsoftnet().

ok bluhm@


# 1.64 21-Nov-2016 mpi

Assert that prelist_update() is always called at IPL_SOFTNET.

While here use __func__ in debug strings to reduce noise when grepping.


Revision tags: OPENBSD_6_0_BASE
# 1.63 13-Jul-2016 dlg

store nd6 expiries in the route, not separately in the llinfo struct.

this makes it more consistent with arp, and makes expiries visible
via route(8) get as well as ndp(8).

ok mpi@ florian@


# 1.62 15-Jun-2016 mpi

Kill nd6_output(), it doesn't do anything since the resolution logic
has been moved to nd6_resolve().

ok visa@, millert@, florian@, sthen@


# 1.61 08-Jun-2016 mpi

Move ND resoluton logic from nd6_output() to nd6_storelladdr() and
rename it to nd6_resolve().

This allows us to get rid of non-Ethernet hacks by moving Ethernet
specific logic in the appropriate layer.

ok sthen@


# 1.60 01-Jun-2016 dlg

make nd6_llinfo_settimer take seconds instead of ticks.

most callers are working in seconds, internally it uses seconds, and
you can call timeout_add_sec as easily as timeout_add.

this also fixes an issue with an nd_defrouter expire which was
incorrectly scaled with ticks in a comparison.

ok mpi@


# 1.59 30-May-2016 dlg

remove code compensating for the "short" range of timeouts.

the nd6 code for managing expiries is never asked to handle intervals
greater than what timeouts can handle, so we dont need to overcompensate.

the code was also incorrect by using a long, which isnt that long
on ILP32 machines.

ok mpi@ millert@ benno@


# 1.58 30-Mar-2016 mpi

Implement proxy ARP for ART based on mpath support.

Since mpath is not enabled in RAMDISK, proxy ARP won't work there either.

ok bluhm@


# 1.57 03-Mar-2016 jca

Kill IPv6 prefix and router renumbering ioctls.

Router renumbering was never supported, prefix ioctls were deprecated
~15 years ago. Move some items in netinet6/nd6.h where they are still
used.

ok mikeb@ mpi@


Revision tags: OPENBSD_5_9_BASE
# 1.56 18-Dec-2015 tb

Convert arc4random() to arc4random_uniorm(). Diff by Matthew Martin.

Ensure that arc4random_uniform() doesn't loop by redefining
ND6_MAX_DESYNC_FACTOR to be 512, the largest power of two smaller
than the RFC-specified 600 seconds. Suggested by florian@ and deraadt@

ok florian@, sthen@ in this form, arc4random change ok djm@, tedu@


# 1.55 06-Nov-2015 mpi

Change nd6_nud_hint() to no longer manipulate rt_ifp directly.

While here remove unused argument and convert the route check to
rtisvalid(9).

ok bluhm@


# 1.54 02-Nov-2015 bluhm

Implement the list of nd6 llinfo entries with a TAILQ.
OK millert@ mpi@


# 1.53 02-Nov-2015 mpi

Prefer an existing refcounted ``ifp'' to rt_ifp when possible or use the
interface index directly.

ok bluhm@


# 1.52 28-Oct-2015 florian

Remove linkmtu and maxmtu from struct nd_ifinfo. IN6_LINKMTU can now
die and ifp->if_mtu is the one true mtu.
Suggested by and OK mpi@


# 1.51 25-Oct-2015 mpi

Introduce if_rtrequest() the successor of ifa_rtrequest().

L2 resolution depends on the protocol (encoded in the route entry) and
an ``ifp''. Not having to care about an ``ifa'' makes our life easier
in our MP effort. Fewer dependencies between data structures implies
fewer headaches.

Discussed with bluhm@, ok claudio@


# 1.50 24-Oct-2015 mpi

Ignore Router Advertisment's current hop limit.

Appart from the usual inet6 axe murdering exercise to keep you fit, this
allows us to get rid of a lot of layer violation due to the use of per-
ifp variables to store the current hop limit.

Imputs from bluhm@, ok phessler@, florian@, bluhm@


# 1.49 31-Aug-2015 mpi

The return value of nd6_cache_lladdr() is never used so make it a void.

Fewer "struct rtentry" left in the wild!


# 1.48 24-Aug-2015 mpi

nd6_prefix_add() is no longer used and die.


# 1.47 24-Aug-2015 mpi

Start moving away from the global prefix list by limiting its usage to
AUTOCONF'd addresses.

This prevent the kernel from removing connected (/64) routes as soon as
it configures an AUTOCONF'd address based on a RA.

Tested by sebastia@, ok sthen@


# 1.46 24-Aug-2015 mpi

Rework the code to decide when to perform DAD to no longer rely on the
IN6_IFF_NODAD pseudo-flag not being set.

This was just a flag for spaghetti code that should not exist in the
first place.

Tested by sebastia@, ok sthen@


# 1.45 18-Aug-2015 mpi

Call rtfree(9) when we no longer need the route entry rather than
decrementing rt_refcnt just after rtrequest1(9).

While here reduce the differences with rt_ifa_add(9). There's still
an ambiguity about rtrequest1(9)'s return value, but bluhm@ will
address that in a different diff.

Discussed with and ok bluhm@


Revision tags: OPENBSD_5_8_BASE
# 1.44 18-Jul-2015 mpi

Merge two identical chunks to add new prefixes to the global data
structures into a function.

ok florian@


# 1.43 16-Jul-2015 mpi

Properly layer Router Solicitation code.

Tweak and ok florian@


# 1.42 09-Jul-2015 mpi

Remove unused arguments and the associated code from nd6_nud_hint().

ok claudio@


Revision tags: OPENBSD_5_7_BASE
# 1.41 20-Nov-2014 mpi

Rework the handling of interfaces and IPv6 addresses for local delivery.

- Unicast packets sent to any local address will have their interface
set to loobpack.

- In order to differentiate traffic from interfaces having identical
link-local addresses, provide the scoped addresses to pf(4).

- Update the icmp6 state lookup logic to match scoped MLL addresses.

- Remove a shortcut in ip6_input() that bypasses pf and always look
for an RTF_LOCAL route.

Packets sent to multicast addresses still retain their original
interface due to the fact that local multicast packet delivering
does not use if_output.

This makes ping6 to link-local addresses work even with pf enabled
and "set skip" on loopbacks, reported by Pieter Verberne.

Debugged, analysed and tested with mikeb@.

ok mikeb@, henning@, sthen@


# 1.40 10-Nov-2014 mpi

Do not pass an ifa pointer when we already have a DAD descriptor.

Tweaks and ok florian@


# 1.39 25-Aug-2014 florian

Move sending of router solicitations to the kernel; receiving and
processing of router advertisements was already in the kernel.
With this rtsol{,d}(8) is no longer necessary.

The kernel starts sending solicitations with
# ifconfig $IF inet6 autoconf
or
inet6 autoconf
in /etc/hostname.$IF.

input stsp@
much help & OK mpi@
tweaks & OK bluhm@


Revision tags: OPENBSD_5_6_BASE
# 1.38 11-Jul-2014 blambert

move IPv6 prefix adding from workq to taskq; as a happy benefit, we
can delete 2 dozen or so lines that check to see if we've queued
up a prefix addition multiple times.

ok stsp@


# 1.37 07-May-2014 mpi

Kill the {nd6_,}useloopback buttons, using the loopback interface for
local traffic is not optional.

ok mikeb@, stsp@, jca@


Revision tags: OPENBSD_5_5_BASE
# 1.36 07-Jan-2014 mikeb

Propagate an rdomain number to the nd6_lookup independently from
the ifp pointer which can be NULL. This prevents a crash reported
by David Hill <dhill at mindcry ! org>. OK bluhm


# 1.35 25-Oct-2013 deraadt

More _KERNEL namespace cleanup, just in case something out there
includes this.


# 1.34 28-Aug-2013 mpi

Remove unused argument from *rtrequest()

ok krw@, mikeb@


# 1.33 26-Aug-2013 bluhm

No one uses the obsolete IPv6 ioctls SIOCGDRLST_IN6, SIOCGPRLST_IN6,
OSIOCGIFINFO_IN6 anymore. Remove them together with the structs
in6_drlist, in6_oprlist, in6_prlist, in6_ondireq and the kernel
implementation.
OK mikeb@ henning@


# 1.32 11-Aug-2013 bluhm

To control the lifetime of IPv6 addresses, prefixes and default
routers, the kernel and ndp use a bunch of expire fields. Before
they were int or u_long, convert expire to time_t in all structs.
Move vltime and pltime to u_int32_t everywhere. Sort struct fields
by size. Struct inet6_ndpr_msghdr is not used at all, so remove
it.

Binary compatibility of rtsold and ndp break with this change as
rtsold uses in6_drlist and ndp uses in6_defrouter and in6_prefix
to interact with the kernel.

OK mpi@


Revision tags: OPENBSD_5_4_BASE
# 1.31 01-Jul-2013 bluhm

Do not access queue fields directly, use FOREACH() macro instead.
No binary change.
OK mikeb@ mpi@


# 1.30 11-Mar-2013 mpi

Remove unused code manipulating a default interface and its index,
This is a leftover from the on-link assumption behavior removal,
which has been deprecated by RFC4861 anyway.

ok mikeb@, bluhm@, florian@


Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
# 1.29 14-Feb-2012 sthen

typo in comment.


Revision tags: OPENBSD_5_0_BASE OPENBSD_5_1_BASE
# 1.28 03-Apr-2011 stsp

fix typos in comments
ok deraadt henning sthen thib (though thib says he can't spell)


Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
# 1.27 06-Apr-2010 stsp

Simple implementation of RFC4941, "Privacy Extensions for Stateless
Address Autoconfiguration in IPv6". For those among us who are paranoid
about broadcasting their MAC address to the IPv6 internet.

Man page help from jmc, testing by weerd, arc4random API hints from djm.

ok deraadt, claudio


Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE
# 1.26 11-Jun-2008 mcbride

From KAME, allow adjustable limits on NDP entries and discovered routes.

ok mpf naddy


Revision tags: OPENBSD_3_4_BASE OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE SMP_SYNC_A SMP_SYNC_B
# 1.25 08-Jul-2003 itojun

unifdef -U__otherBSD__


# 1.24 27-Jun-2003 itojun

split ND6 cache timer management to per-entry. increased accuracy,
no O(N) loop. sync w/ kame. marc tested, daniel ok


Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE UBC_SYNC_A UBC_SYNC_B
# 1.23 08-Jun-2002 itojun

gc


# 1.22 08-Jun-2002 itojun

sync with latest KAME in6_ifaddr/prefix/default router manipulation.
behavior changes:
- two iocts used by ndp(8) are now obsolete (backward compat provided).
use sysctl path instead.
- lo0 does not get ::1 automatically. it will get ::1 when lo0 comes up.


# 1.21 07-Jun-2002 itojun

cope with cases where maxmtu == 0 (shouldn't happen)


# 1.20 05-Jun-2002 itojun

be sure to use L3 MTU, not L2 MTU, when specified in spec (affects FDDI/ARCnet)


# 1.19 30-May-2002 itojun

improve nd6_setmtu(), to warn too-small MTU on SIOCSIFMTU. sync w/kame


# 1.18 29-May-2002 itojun

no need to supply obsolete field name "receivedra"


# 1.17 29-May-2002 itojun

attach nd_ifinfo structure to if_afdata.
split IPv6 MTU (advertised by RA) from real link MTU.
sync with kame


Revision tags: OPENBSD_3_1_BASE
# 1.16 14-Mar-2002 millert

First round of __P removal in sys


# 1.15 23-Jan-2002 fgsch

compatability -> compatibility.


Revision tags: OPENBSD_2_9_BASE OPENBSD_3_0_BASE UBC_BASE
# 1.14 23-Feb-2001 itojun

branches: 1.14.6;
garbage-collect stale ND entries (default: 1 day).
RFC 2461 5.3. sync with kame.


# 1.13 23-Feb-2001 itojun

remove unnecessary state, ND6_LLINFO_WAITDELETE, from neighbor cache
state machine.
no need for RTF_REJECT on neighbor cache entires, they are leftover from
ARP code.
sync with kame.


# 1.12 08-Feb-2001 itojun

when chasing nd6_llinfo chain, make sure we do not touch dangling
pointer (due to RTM_DELETE during default router list management).
from kame


# 1.11 08-Feb-2001 itojun

use timeout_xx() throughout sys/netinet6. sync with kame.


# 1.10 07-Feb-2001 itojun

by default, don't bark on inbound ND messages, as outsider may be able to
fill up /var with bogus packets.
setting net.inet6.icmp6.nd6_debug will re-enable kernel messages on invalid
ND packet and other occasions.

improve icmp6 stats.


# 1.9 19-Jan-2001 itojun

pull post-4.4BSD change to sys/net/route.c from BSD/OS 4.2 (UCB copyrighted).

have sys/net/route.c:rtrequest1(), which takes rt_addrinfo * as the argument.
pass rt_addrinfo all the way down to rtrequest, and ifa->ifa_rtrequest.
3rd arg of ifa->ifa_rtrequest is now rt_addrinfo * instead of sockaddr *
(almost noone is using it anyways).

benefit: the follwoing command now works. previously we need two route(8)
invocations, "add" then "change".
# route add -inet6 default ::1 -ifp gif0

remove unsafe typecast in rtrequest(), from rtentry * to sockaddr *. it was
introduced by 4.3BSD-reno and never corrected.

XXX is eon_rtrequest() change correct regarding to 3rd arg?
eon_rtrequest() and rtrequest() were incorrect since 4.3BSD-reno,
so i do not have correct answer in the source code.
someone with more clue about netiso-over-ip, please help.


Revision tags: OPENBSD_2_8_BASE
# 1.8 06-Jul-2000 itojun

- more icmp6/ip6 stats.
- protect IPv6 ND from being hosed (due to neighbor unreachability detection
hint) by wrong tcp traffic. still not sure if there's real attack, but
it is good to be cautious.
- avoid bitfield for router renumbering header decl.
- implement packet-per-sec limitation for icmp6 errors, turn interval
limit off (it is not very useful due to unix timer resolution).


# 1.7 19-May-2000 itojun

never forward packet with link-local address.
experimental support for new loopback packet handling (with FAKE_LOOPBACK_IF,
rcvif will be set to real outgoing interface, not the loopback, to honor scope)
sync with kame.


# 1.6 15-May-2000 itojun

perform NUD on p2p link, only if the destination/gateway is real neighbor.
this removes temporary workaround (no NUD on p2p link). KAME PR 245.


Revision tags: OPENBSD_2_7_BASE
# 1.5 17-Apr-2000 itojun

revisit in6_ifattach(). (1) make it more persistent about initializaing an
interface (2) cleanup interface id selection.
run NUD on p2p interface (required by spec for bidir p2p interface).
add "ndp -i interface" (can tweak per-interface ND flag).
(sync with more recent kame)


# 1.4 28-Feb-2000 itojun

bring in recent KAME changes (only important and stable ones, as usual).
- remove net.inet6.ip6.nd6_proxyall. introduce proxy NDP code works
just like "arp -s".
- revise source address selection.
be more careful about use of yet-to-be-valid addresses as source.
- as router, transmit ICMP6_DST_UNREACH_BEYONDSCOPE against out-of-scope
packet forwarding attempt.
- path MTU discovery takes care of routing header properly.
- be more strict about mbuf chain parsing.
- nuke xxCTL_VARS #define, they are for BSDI.
- disable SIOCSIFDSTADDR_IN6/SIOCSIFNETMASK_IN6 ioctl, they do not fit
IPv6 model where multiple address on interface is normal.
(kernel side supports them for a while for backward compat,
the support will be nuked shortly)
- introduce "default outgoing interface" (for spec conformance in very
rare case)


Revision tags: SMP_BASE
# 1.3 04-Feb-2000 itojun

branches: 1.3.2;
more coverage of in6_ifdetach()'s cleanup process.
bug fix in SIOCGIFADDR_IN6 (point to point case).


# 1.2 08-Jan-2000 deraadt

use arc4random() instead of random for two reasons.
1) on some architectures, random() should only be used by the scheduler
(ie. statintr() because it is uniformly distributed
2) arc4random() is actually strong, random() is not at all


Revision tags: kame_19991208
# 1.1 08-Dec-1999 itojun

bring in KAME IPv6 code, dated 19991208.
replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support.
see sys/netinet6/{TODO,IMPLEMENTATION} for more details.

GENERIC configuration should work fine as before. GENERIC.v6 works fine
as well, but you'll need KAME userland tools to play with IPv6 (will be
bringed into soon).


# 1.98 02-May-2023 bluhm

Call nd6_ns_output() without kernel lock from nd6_resolve().
OK kn@


# 1.97 05-Apr-2023 bluhm

ARP has a sysctl to show the number of packets waiting for an arp
response. Implement analog sysctl net.inet6.icmp6.nd6_queued for
ND6 to reduce places where mbufs can hide within the kernel.
Atomic operations operate on unsigned int. Make the type of total
hold queue length consistent.
Use atomic load to read the value for the sysctl. This clarifies
why no lock around sysctl_rdint() is needed.
OK mvs@ kn@


# 1.96 05-Apr-2023 bluhm

ARP has a queue of packets that should be sent after name resolution.
ND6 did only hold a single packet. Unify the logic and add a mbuf
hold queue to struct llinfo_nd6. This is MP safe and queue limits
are tracked with atomic operations. New function if_mqoutput() has
common code for ARP and ND6. ln_saddr6 holds the source address
of the requesting packet. That is easier than fiddling with mbuf
queue in nd6_ns_output().
OK kn@


Revision tags: OPENBSD_7_3_BASE
# 1.95 06-Jan-2023 kn

Clean up struct nd_opts, use nd6_options() function local variables

nd_opts_search is really the next option, so call it next_opt.

nd_opts_done == 1 means next_opt == NULL, i.e. no more option to handle,
so zap the former and use the latter to stop.

Finally drop the useless struct members, all under _KERNEL.

OK claudio


# 1.94 10-Dec-2022 kn

Merge nd6_option_init() into nd6_options()

All call-sites call nd6_options() directly after nd6_option_init().
Fold them to simplify the logic and do less pointing around.

Feedback OK bluhm florian


# 1.93 09-Dec-2022 claudio

Switch nd_opts from a union to just a struct.
The ND6 option handling in the kernel got a lot simpler since only
the tgt and src lladdr option are inspected by the kernel. The magic
of assigning options via one side of the union and accessing them
via the other is total overkill and actually quite error prone.
OK florian@


# 1.92 07-Dec-2022 kn

Do not store unused ICMPv6 Option PREFIX_INFORMATION

Dead since 2017 sys/netinet6/nd6_rtr.c r1.163
Remove sending of router solicitations and processing of router
advertisements from the kernel. It's handled by slaacd(8) these days.

sysctl(2) net.inet6.icmp6.nd6_debug does not warn about it like it does
for, e.g., duplicate MTU options, so don't do anything with this option.

Remove access macros for other unused options while here.
Eventually, union nd_opts should be removed completely.
All under _KERNEL.

tcpdump(8)/rad(8)/slaacd(8) keep showing/sending/receiving this option when
running this diff on both router and client.

OK claudio


# 1.91 02-Dec-2022 kn

Remove constant basereachable and retrans members from struct nd_ifinfo

Both are initalised with compile-time constants and never written to.

They are part of the Neighbour Discovery machinery and only surface
through the single-user SIOCGIFINFO_IN6:
$ ndp -i lo0
basereachable=30s0ms, reachable=39s, retrans=1s0ms

These values are read-only since 2017
sys/netinet6/nd6.c r1.217
usr.sbin/ndp/ndp.c r1.85
Remove knob and always do neighbor unreachable detection

Inline the macros (to keep meaningful names), shrink the per-interface
allocated struct nd_ifinfo to what is actually needed and inline
nd6_dad_starttimer()'s constant `msec' argument.

Nothing else in base, incl. regress, uses SIOCGIFINFO_IN6 or `ndp -i'.

OK bluhm


# 1.90 28-Nov-2022 kn

Document struct nd_ifinfo protection, remove obsolete .initialized member

All access to struct ifnet's member *if_nd is read-only, with the one
write exception being nd6_slowtimo() updating ND information.

IPv6 Neighbour Discovery information is fully protected by the net lock.
---
nd6_ifattach() allocates and unconditionally initialises struct ifnet's
*if_nd member, so early in if_attachsetup() that there is no way to query
unitialised Neighour Unreachable Detection bits.

Only SIOCGIFINFO_IN6 through ndp(8) used the .initialized member:
Added/set since 2002 sys/netinet6/nd6.c r1.42
attach nd_ifinfo structure to if_afdata.
split IPv6 MTU (advertised by RA) from real link MTU.
sync with kame

Read since 2002 usr.sbin/ndp/ndp.c r1.16
use new SIOCGIFINFO_IN6. random other cleanups. sync w/kame.

Obsolete since 2017 sys/netinet6/nd6.c r1.217
usr.sbin/ndp/ndp.c r1.85
Remove knob and always do neighbor unreachable detection.

Feedback OK bluhm


# 1.89 23-Nov-2022 kn

Remove unused NDPRF_* defines; dead since 2017 sys/netinet6/nd6.c r1.210

Remove sending of router solicitations and processing of router
advertisements from the kernel. It's handled by slaacd(8) these days.

Outside of _KERNEL, but nothing in base uses it, either.
codesearch.debian.net seems to agree.

OK mvs claudio bluhm


# 1.88 23-Nov-2022 kn

Remove unused struct in6_ndifreq; dead since 2013 sys/netinet6/in6_var.h r1.37

Remove unused code manipulating a default interface and its index
This is a leftover from the on-link assumption behavior removal,
which has been deprecated by RFC4861 anyway.

Outside of _KERNEL, but nothing in base uses it, either.
codesearch.debian.net seems to agree.

OK mvs claudio bluhm


# 1.87 23-Nov-2022 kn

Remove unused struct prf_ra; dead since 2017 sys/netinet/icmp6.h r1.45

Get rid of ICMPV6CTL_ND6_DRLIST and ICMPV6CTL_ND6_PRLIST sysctls
With this we can also get rid of in6_prefix and in6_defrouter. They
are meaningless, the kernel no longer tracks this information.

Outside of _KERNEL, but nothing in base uses it, either.
codesearch.debian.net seems to agree.

OK mvs claudio bluhm


# 1.86 23-Nov-2022 kn

Inline useless ND_IFINFO() macro

A single cast-free struct pointer dereference needs no indirection.
ND_IFINFO() is under _KERNEL.

OK mvs


# 1.85 23-Nov-2022 kn

Let nd6_if{at,de}tach() be void and take an ifp argument

Do it like the rest of at/detach routines which modify a struct ifnet
pointer without returning anything.

OK mvs


# 1.84 23-Nov-2022 kn

Add *if_nd to struct ifnet, call nd6_if{at,de}tach() directly

*if_afdata[] and struct domain's dom_if{at,de}tach() are only used with
IPv6 Neighbour Discovery in6_dom{at,de}tach(), which allocate/init and
free single struct nd_ifinfo.

Set up a new ND-specific *if_nd member directly to avoid yet another
layer of indirection and thus make the generic domain API obsolete.

The per-interface data is only accessed in nd6.c and nd6_nbr.c through
the ND_IFINFO() macro; it is allocated and freed exactly once during
interface at/detach, so document it as [I]mmutable.

OK bluhm mvs claudio


# 1.83 23-Nov-2022 kn

Recommit previous "Remove useless struct in6_ifextra"

This was the right diff after all, I just confused myself between trees.

OK bluhm
---
Remove useless struct in6_ifextra

in6_var.h r1.75 removed all other struct members.

Now It only contains a single struct nd_ifinfo pointer, so address family
specific data might as well be just that.

ND_IFINFO() is the only way nd6_nbr.c and nd6.c access this data, there is
no other usage of if_afdata[].

One allocation and unhelpful indirection less per interface.

All under _KERNEL.

OK claudio


# 1.82 22-Nov-2022 kn

Backout "Remove useless struct in6_ifextra" commit

I committed the wrong iteration of this diff, sorry for the noise.


# 1.81 22-Nov-2022 kn

Remove useless struct in6_ifextra

in6_var.h r1.75 removed all other struct members.

Now It only contains a single struct nd_ifinfo pointer, so address family
specific data might as well be just that.

ND_IFINFO() is the only way nd6_nbr.c and nd6.c access this data, there is
no other usage of if_afdata[].

One allocation and unhelpful indirection less per interface.

All under _KERNEL.

OK claudio


# 1.80 12-Nov-2022 kn

Remove unused RS_LHCOOKIE macro

Added in 2014 110585f259f4974284e531f0a1e121b001a580dc
Move sending of router solicitations to the kernel; [...]
but never used.


Revision tags: OPENBSD_7_2_BASE
# 1.79 08-Aug-2022 kn

Constify in6_addr pointer arguments in nd6_*() functions

All of them are passed to inspect/copy out fields, none of the functions
writes to the struct.

This makes it easier to argue about code (in MP context).

OK bluhm


# 1.78 28-Jul-2022 kn

Zap prototypes for nonexistent nd6_setmtu() and in6_ifdel()

Removed in 2015 and 2002, respectively.

OK claudio


# 1.77 22-Jul-2022 kn

Leftovers from florian's RS/NA purge from the kernel in 2017.

OK bluhm


Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE
# 1.76 28-Mar-2020 florian

Move ND6_PRIV_* constants from nd6.h to slaacd the only place where
they are used. Nobody in the wider eco system uses these.
While here reduce temporary address valid lifetime to 2 days as per
draft-ietf-6man-rfc4941bis. This should considerably reduce the amount
of addresses configured on an interface - a common complaint.
Original diff from Fernando Gont (fernando AT gont.com.ar), thanks!
Ports tree scanning by sthen@


Revision tags: OPENBSD_6_6_BASE
# 1.75 21-Jun-2019 mpi

Prevent recursions by not deleting entries inside rtable_walk(9).

rtable_walk(9) now passes a routing entry back to the caller when
a non zero value is returned and if it asked for it.
This allows us to call rtdeletemsg()/rtrequest_delete() from the
caller without creating a recursion because of rtflushclone().

Multicast code hasn't been adapted and is still possibly creating
recursions. However multicast route entries aren't cloned so if
a recursion exists it isn't because of rtflushclone().

Fix stack exhaustion triggered by the use of "-msave-args".

Issue reported by D��niel L��vai on bugs@ confirmed by and ok bluhm@.


Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE
# 1.74 27-Nov-2017 mpi

Use a single timer for all ND6 entries.

This prevents a use-after-free reported by Hrvoje Popovski where the
timeout function was already sleeping on the NET_LOCK() when ifconfig(8)
removed the enry from the table.

By iterating on a global list in the timeout routine we ensure that the
items are still valid when we process them. This also reduce differences
with ARP.

ok bluhm@, visa@


# 1.73 03-Nov-2017 florian

We are processing Router Solicitation / Advertisement messages only
for the Source Link-layer Address Options.
Merge nd6_rs_input() and nd6_ra_input() into one generic function that
does just that.

input & OK mpi


Revision tags: OPENBSD_6_2_BASE
# 1.72 09-Aug-2017 florian

Remove knob and always do neighbor unreachable detection.


# 1.71 09-Aug-2017 florian

accept_rtadv doesn't do anything since some time.
OK mpi


# 1.70 09-Aug-2017 florian

We are no longer generating privacy addresses in the
kernel.
OK mpi


# 1.69 08-Aug-2017 florian

Stop running nd6_expire every second.
We know when pltime or vltime decrease to zero. Run nd6_expire then.
Input & OK mpi, bluhm


# 1.68 12-Jul-2017 florian

Get rid of ICMPV6CTL_ND6_DRLIST and ICMPV6CTL_ND6_PRLIST sysctls
With this we can also get rid of in6_prefix and in6_defrouter. They
are meaningless, the kernel no longer tracks this information.

Pointed out by & OK mpi


# 1.67 11-Jul-2017 florian

Purging is at last at hand. Day of Doom is here. All that is evil
shall all be cleansed.

Remove sending of router solicitations and processing of router
advertisements from the kernel. It's handled by slaacd(8) these days.

Input & OK bluhm@, mpi@


Revision tags: OPENBSD_6_1_BASE
# 1.66 27-Dec-2016 bluhm

Move nd6 timer initialisation to nd6_init() and call timeout_set()
only once during init.
OK mpi@


# 1.65 28-Nov-2016 mpi

Remove multiple recursive splsoftnet().

ok bluhm@


# 1.64 21-Nov-2016 mpi

Assert that prelist_update() is always called at IPL_SOFTNET.

While here use __func__ in debug strings to reduce noise when grepping.


Revision tags: OPENBSD_6_0_BASE
# 1.63 13-Jul-2016 dlg

store nd6 expiries in the route, not separately in the llinfo struct.

this makes it more consistent with arp, and makes expiries visible
via route(8) get as well as ndp(8).

ok mpi@ florian@


# 1.62 15-Jun-2016 mpi

Kill nd6_output(), it doesn't do anything since the resolution logic
has been moved to nd6_resolve().

ok visa@, millert@, florian@, sthen@


# 1.61 08-Jun-2016 mpi

Move ND resoluton logic from nd6_output() to nd6_storelladdr() and
rename it to nd6_resolve().

This allows us to get rid of non-Ethernet hacks by moving Ethernet
specific logic in the appropriate layer.

ok sthen@


# 1.60 01-Jun-2016 dlg

make nd6_llinfo_settimer take seconds instead of ticks.

most callers are working in seconds, internally it uses seconds, and
you can call timeout_add_sec as easily as timeout_add.

this also fixes an issue with an nd_defrouter expire which was
incorrectly scaled with ticks in a comparison.

ok mpi@


# 1.59 30-May-2016 dlg

remove code compensating for the "short" range of timeouts.

the nd6 code for managing expiries is never asked to handle intervals
greater than what timeouts can handle, so we dont need to overcompensate.

the code was also incorrect by using a long, which isnt that long
on ILP32 machines.

ok mpi@ millert@ benno@


# 1.58 30-Mar-2016 mpi

Implement proxy ARP for ART based on mpath support.

Since mpath is not enabled in RAMDISK, proxy ARP won't work there either.

ok bluhm@


# 1.57 03-Mar-2016 jca

Kill IPv6 prefix and router renumbering ioctls.

Router renumbering was never supported, prefix ioctls were deprecated
~15 years ago. Move some items in netinet6/nd6.h where they are still
used.

ok mikeb@ mpi@


Revision tags: OPENBSD_5_9_BASE
# 1.56 18-Dec-2015 tb

Convert arc4random() to arc4random_uniorm(). Diff by Matthew Martin.

Ensure that arc4random_uniform() doesn't loop by redefining
ND6_MAX_DESYNC_FACTOR to be 512, the largest power of two smaller
than the RFC-specified 600 seconds. Suggested by florian@ and deraadt@

ok florian@, sthen@ in this form, arc4random change ok djm@, tedu@


# 1.55 06-Nov-2015 mpi

Change nd6_nud_hint() to no longer manipulate rt_ifp directly.

While here remove unused argument and convert the route check to
rtisvalid(9).

ok bluhm@


# 1.54 02-Nov-2015 bluhm

Implement the list of nd6 llinfo entries with a TAILQ.
OK millert@ mpi@


# 1.53 02-Nov-2015 mpi

Prefer an existing refcounted ``ifp'' to rt_ifp when possible or use the
interface index directly.

ok bluhm@


# 1.52 28-Oct-2015 florian

Remove linkmtu and maxmtu from struct nd_ifinfo. IN6_LINKMTU can now
die and ifp->if_mtu is the one true mtu.
Suggested by and OK mpi@


# 1.51 25-Oct-2015 mpi

Introduce if_rtrequest() the successor of ifa_rtrequest().

L2 resolution depends on the protocol (encoded in the route entry) and
an ``ifp''. Not having to care about an ``ifa'' makes our life easier
in our MP effort. Fewer dependencies between data structures implies
fewer headaches.

Discussed with bluhm@, ok claudio@


# 1.50 24-Oct-2015 mpi

Ignore Router Advertisment's current hop limit.

Appart from the usual inet6 axe murdering exercise to keep you fit, this
allows us to get rid of a lot of layer violation due to the use of per-
ifp variables to store the current hop limit.

Imputs from bluhm@, ok phessler@, florian@, bluhm@


# 1.49 31-Aug-2015 mpi

The return value of nd6_cache_lladdr() is never used so make it a void.

Fewer "struct rtentry" left in the wild!


# 1.48 24-Aug-2015 mpi

nd6_prefix_add() is no longer used and die.


# 1.47 24-Aug-2015 mpi

Start moving away from the global prefix list by limiting its usage to
AUTOCONF'd addresses.

This prevent the kernel from removing connected (/64) routes as soon as
it configures an AUTOCONF'd address based on a RA.

Tested by sebastia@, ok sthen@


# 1.46 24-Aug-2015 mpi

Rework the code to decide when to perform DAD to no longer rely on the
IN6_IFF_NODAD pseudo-flag not being set.

This was just a flag for spaghetti code that should not exist in the
first place.

Tested by sebastia@, ok sthen@


# 1.45 18-Aug-2015 mpi

Call rtfree(9) when we no longer need the route entry rather than
decrementing rt_refcnt just after rtrequest1(9).

While here reduce the differences with rt_ifa_add(9). There's still
an ambiguity about rtrequest1(9)'s return value, but bluhm@ will
address that in a different diff.

Discussed with and ok bluhm@


Revision tags: OPENBSD_5_8_BASE
# 1.44 18-Jul-2015 mpi

Merge two identical chunks to add new prefixes to the global data
structures into a function.

ok florian@


# 1.43 16-Jul-2015 mpi

Properly layer Router Solicitation code.

Tweak and ok florian@


# 1.42 09-Jul-2015 mpi

Remove unused arguments and the associated code from nd6_nud_hint().

ok claudio@


Revision tags: OPENBSD_5_7_BASE
# 1.41 20-Nov-2014 mpi

Rework the handling of interfaces and IPv6 addresses for local delivery.

- Unicast packets sent to any local address will have their interface
set to loobpack.

- In order to differentiate traffic from interfaces having identical
link-local addresses, provide the scoped addresses to pf(4).

- Update the icmp6 state lookup logic to match scoped MLL addresses.

- Remove a shortcut in ip6_input() that bypasses pf and always look
for an RTF_LOCAL route.

Packets sent to multicast addresses still retain their original
interface due to the fact that local multicast packet delivering
does not use if_output.

This makes ping6 to link-local addresses work even with pf enabled
and "set skip" on loopbacks, reported by Pieter Verberne.

Debugged, analysed and tested with mikeb@.

ok mikeb@, henning@, sthen@


# 1.40 10-Nov-2014 mpi

Do not pass an ifa pointer when we already have a DAD descriptor.

Tweaks and ok florian@


# 1.39 25-Aug-2014 florian

Move sending of router solicitations to the kernel; receiving and
processing of router advertisements was already in the kernel.
With this rtsol{,d}(8) is no longer necessary.

The kernel starts sending solicitations with
# ifconfig $IF inet6 autoconf
or
inet6 autoconf
in /etc/hostname.$IF.

input stsp@
much help & OK mpi@
tweaks & OK bluhm@


Revision tags: OPENBSD_5_6_BASE
# 1.38 11-Jul-2014 blambert

move IPv6 prefix adding from workq to taskq; as a happy benefit, we
can delete 2 dozen or so lines that check to see if we've queued
up a prefix addition multiple times.

ok stsp@


# 1.37 07-May-2014 mpi

Kill the {nd6_,}useloopback buttons, using the loopback interface for
local traffic is not optional.

ok mikeb@, stsp@, jca@


Revision tags: OPENBSD_5_5_BASE
# 1.36 07-Jan-2014 mikeb

Propagate an rdomain number to the nd6_lookup independently from
the ifp pointer which can be NULL. This prevents a crash reported
by David Hill <dhill at mindcry ! org>. OK bluhm


# 1.35 25-Oct-2013 deraadt

More _KERNEL namespace cleanup, just in case something out there
includes this.


# 1.34 28-Aug-2013 mpi

Remove unused argument from *rtrequest()

ok krw@, mikeb@


# 1.33 26-Aug-2013 bluhm

No one uses the obsolete IPv6 ioctls SIOCGDRLST_IN6, SIOCGPRLST_IN6,
OSIOCGIFINFO_IN6 anymore. Remove them together with the structs
in6_drlist, in6_oprlist, in6_prlist, in6_ondireq and the kernel
implementation.
OK mikeb@ henning@


# 1.32 11-Aug-2013 bluhm

To control the lifetime of IPv6 addresses, prefixes and default
routers, the kernel and ndp use a bunch of expire fields. Before
they were int or u_long, convert expire to time_t in all structs.
Move vltime and pltime to u_int32_t everywhere. Sort struct fields
by size. Struct inet6_ndpr_msghdr is not used at all, so remove
it.

Binary compatibility of rtsold and ndp break with this change as
rtsold uses in6_drlist and ndp uses in6_defrouter and in6_prefix
to interact with the kernel.

OK mpi@


Revision tags: OPENBSD_5_4_BASE
# 1.31 01-Jul-2013 bluhm

Do not access queue fields directly, use FOREACH() macro instead.
No binary change.
OK mikeb@ mpi@


# 1.30 11-Mar-2013 mpi

Remove unused code manipulating a default interface and its index,
This is a leftover from the on-link assumption behavior removal,
which has been deprecated by RFC4861 anyway.

ok mikeb@, bluhm@, florian@


Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
# 1.29 14-Feb-2012 sthen

typo in comment.


Revision tags: OPENBSD_5_0_BASE OPENBSD_5_1_BASE
# 1.28 03-Apr-2011 stsp

fix typos in comments
ok deraadt henning sthen thib (though thib says he can't spell)


Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
# 1.27 06-Apr-2010 stsp

Simple implementation of RFC4941, "Privacy Extensions for Stateless
Address Autoconfiguration in IPv6". For those among us who are paranoid
about broadcasting their MAC address to the IPv6 internet.

Man page help from jmc, testing by weerd, arc4random API hints from djm.

ok deraadt, claudio


Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE
# 1.26 11-Jun-2008 mcbride

From KAME, allow adjustable limits on NDP entries and discovered routes.

ok mpf naddy


Revision tags: OPENBSD_3_4_BASE OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE SMP_SYNC_A SMP_SYNC_B
# 1.25 08-Jul-2003 itojun

unifdef -U__otherBSD__


# 1.24 27-Jun-2003 itojun

split ND6 cache timer management to per-entry. increased accuracy,
no O(N) loop. sync w/ kame. marc tested, daniel ok


Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE UBC_SYNC_A UBC_SYNC_B
# 1.23 08-Jun-2002 itojun

gc


# 1.22 08-Jun-2002 itojun

sync with latest KAME in6_ifaddr/prefix/default router manipulation.
behavior changes:
- two iocts used by ndp(8) are now obsolete (backward compat provided).
use sysctl path instead.
- lo0 does not get ::1 automatically. it will get ::1 when lo0 comes up.


# 1.21 07-Jun-2002 itojun

cope with cases where maxmtu == 0 (shouldn't happen)


# 1.20 05-Jun-2002 itojun

be sure to use L3 MTU, not L2 MTU, when specified in spec (affects FDDI/ARCnet)


# 1.19 30-May-2002 itojun

improve nd6_setmtu(), to warn too-small MTU on SIOCSIFMTU. sync w/kame


# 1.18 29-May-2002 itojun

no need to supply obsolete field name "receivedra"


# 1.17 29-May-2002 itojun

attach nd_ifinfo structure to if_afdata.
split IPv6 MTU (advertised by RA) from real link MTU.
sync with kame


Revision tags: OPENBSD_3_1_BASE
# 1.16 14-Mar-2002 millert

First round of __P removal in sys


# 1.15 23-Jan-2002 fgsch

compatability -> compatibility.


Revision tags: OPENBSD_2_9_BASE OPENBSD_3_0_BASE UBC_BASE
# 1.14 23-Feb-2001 itojun

branches: 1.14.6;
garbage-collect stale ND entries (default: 1 day).
RFC 2461 5.3. sync with kame.


# 1.13 23-Feb-2001 itojun

remove unnecessary state, ND6_LLINFO_WAITDELETE, from neighbor cache
state machine.
no need for RTF_REJECT on neighbor cache entires, they are leftover from
ARP code.
sync with kame.


# 1.12 08-Feb-2001 itojun

when chasing nd6_llinfo chain, make sure we do not touch dangling
pointer (due to RTM_DELETE during default router list management).
from kame


# 1.11 08-Feb-2001 itojun

use timeout_xx() throughout sys/netinet6. sync with kame.


# 1.10 07-Feb-2001 itojun

by default, don't bark on inbound ND messages, as outsider may be able to
fill up /var with bogus packets.
setting net.inet6.icmp6.nd6_debug will re-enable kernel messages on invalid
ND packet and other occasions.

improve icmp6 stats.


# 1.9 19-Jan-2001 itojun

pull post-4.4BSD change to sys/net/route.c from BSD/OS 4.2 (UCB copyrighted).

have sys/net/route.c:rtrequest1(), which takes rt_addrinfo * as the argument.
pass rt_addrinfo all the way down to rtrequest, and ifa->ifa_rtrequest.
3rd arg of ifa->ifa_rtrequest is now rt_addrinfo * instead of sockaddr *
(almost noone is using it anyways).

benefit: the follwoing command now works. previously we need two route(8)
invocations, "add" then "change".
# route add -inet6 default ::1 -ifp gif0

remove unsafe typecast in rtrequest(), from rtentry * to sockaddr *. it was
introduced by 4.3BSD-reno and never corrected.

XXX is eon_rtrequest() change correct regarding to 3rd arg?
eon_rtrequest() and rtrequest() were incorrect since 4.3BSD-reno,
so i do not have correct answer in the source code.
someone with more clue about netiso-over-ip, please help.


Revision tags: OPENBSD_2_8_BASE
# 1.8 06-Jul-2000 itojun

- more icmp6/ip6 stats.
- protect IPv6 ND from being hosed (due to neighbor unreachability detection
hint) by wrong tcp traffic. still not sure if there's real attack, but
it is good to be cautious.
- avoid bitfield for router renumbering header decl.
- implement packet-per-sec limitation for icmp6 errors, turn interval
limit off (it is not very useful due to unix timer resolution).


# 1.7 19-May-2000 itojun

never forward packet with link-local address.
experimental support for new loopback packet handling (with FAKE_LOOPBACK_IF,
rcvif will be set to real outgoing interface, not the loopback, to honor scope)
sync with kame.


# 1.6 15-May-2000 itojun

perform NUD on p2p link, only if the destination/gateway is real neighbor.
this removes temporary workaround (no NUD on p2p link). KAME PR 245.


Revision tags: OPENBSD_2_7_BASE
# 1.5 17-Apr-2000 itojun

revisit in6_ifattach(). (1) make it more persistent about initializaing an
interface (2) cleanup interface id selection.
run NUD on p2p interface (required by spec for bidir p2p interface).
add "ndp -i interface" (can tweak per-interface ND flag).
(sync with more recent kame)


# 1.4 28-Feb-2000 itojun

bring in recent KAME changes (only important and stable ones, as usual).
- remove net.inet6.ip6.nd6_proxyall. introduce proxy NDP code works
just like "arp -s".
- revise source address selection.
be more careful about use of yet-to-be-valid addresses as source.
- as router, transmit ICMP6_DST_UNREACH_BEYONDSCOPE against out-of-scope
packet forwarding attempt.
- path MTU discovery takes care of routing header properly.
- be more strict about mbuf chain parsing.
- nuke xxCTL_VARS #define, they are for BSDI.
- disable SIOCSIFDSTADDR_IN6/SIOCSIFNETMASK_IN6 ioctl, they do not fit
IPv6 model where multiple address on interface is normal.
(kernel side supports them for a while for backward compat,
the support will be nuked shortly)
- introduce "default outgoing interface" (for spec conformance in very
rare case)


Revision tags: SMP_BASE
# 1.3 04-Feb-2000 itojun

branches: 1.3.2;
more coverage of in6_ifdetach()'s cleanup process.
bug fix in SIOCGIFADDR_IN6 (point to point case).


# 1.2 08-Jan-2000 deraadt

use arc4random() instead of random for two reasons.
1) on some architectures, random() should only be used by the scheduler
(ie. statintr() because it is uniformly distributed
2) arc4random() is actually strong, random() is not at all


Revision tags: kame_19991208
# 1.1 08-Dec-1999 itojun

bring in KAME IPv6 code, dated 19991208.
replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support.
see sys/netinet6/{TODO,IMPLEMENTATION} for more details.

GENERIC configuration should work fine as before. GENERIC.v6 works fine
as well, but you'll need KAME userland tools to play with IPv6 (will be
bringed into soon).


# 1.97 05-Apr-2023 bluhm

ARP has a sysctl to show the number of packets waiting for an arp
response. Implement analog sysctl net.inet6.icmp6.nd6_queued for
ND6 to reduce places where mbufs can hide within the kernel.
Atomic operations operate on unsigned int. Make the type of total
hold queue length consistent.
Use atomic load to read the value for the sysctl. This clarifies
why no lock around sysctl_rdint() is needed.
OK mvs@ kn@


# 1.96 05-Apr-2023 bluhm

ARP has a queue of packets that should be sent after name resolution.
ND6 did only hold a single packet. Unify the logic and add a mbuf
hold queue to struct llinfo_nd6. This is MP safe and queue limits
are tracked with atomic operations. New function if_mqoutput() has
common code for ARP and ND6. ln_saddr6 holds the source address
of the requesting packet. That is easier than fiddling with mbuf
queue in nd6_ns_output().
OK kn@


Revision tags: OPENBSD_7_3_BASE
# 1.95 06-Jan-2023 kn

Clean up struct nd_opts, use nd6_options() function local variables

nd_opts_search is really the next option, so call it next_opt.

nd_opts_done == 1 means next_opt == NULL, i.e. no more option to handle,
so zap the former and use the latter to stop.

Finally drop the useless struct members, all under _KERNEL.

OK claudio


# 1.94 10-Dec-2022 kn

Merge nd6_option_init() into nd6_options()

All call-sites call nd6_options() directly after nd6_option_init().
Fold them to simplify the logic and do less pointing around.

Feedback OK bluhm florian


# 1.93 09-Dec-2022 claudio

Switch nd_opts from a union to just a struct.
The ND6 option handling in the kernel got a lot simpler since only
the tgt and src lladdr option are inspected by the kernel. The magic
of assigning options via one side of the union and accessing them
via the other is total overkill and actually quite error prone.
OK florian@


# 1.92 07-Dec-2022 kn

Do not store unused ICMPv6 Option PREFIX_INFORMATION

Dead since 2017 sys/netinet6/nd6_rtr.c r1.163
Remove sending of router solicitations and processing of router
advertisements from the kernel. It's handled by slaacd(8) these days.

sysctl(2) net.inet6.icmp6.nd6_debug does not warn about it like it does
for, e.g., duplicate MTU options, so don't do anything with this option.

Remove access macros for other unused options while here.
Eventually, union nd_opts should be removed completely.
All under _KERNEL.

tcpdump(8)/rad(8)/slaacd(8) keep showing/sending/receiving this option when
running this diff on both router and client.

OK claudio


# 1.91 02-Dec-2022 kn

Remove constant basereachable and retrans members from struct nd_ifinfo

Both are initalised with compile-time constants and never written to.

They are part of the Neighbour Discovery machinery and only surface
through the single-user SIOCGIFINFO_IN6:
$ ndp -i lo0
basereachable=30s0ms, reachable=39s, retrans=1s0ms

These values are read-only since 2017
sys/netinet6/nd6.c r1.217
usr.sbin/ndp/ndp.c r1.85
Remove knob and always do neighbor unreachable detection

Inline the macros (to keep meaningful names), shrink the per-interface
allocated struct nd_ifinfo to what is actually needed and inline
nd6_dad_starttimer()'s constant `msec' argument.

Nothing else in base, incl. regress, uses SIOCGIFINFO_IN6 or `ndp -i'.

OK bluhm


# 1.90 28-Nov-2022 kn

Document struct nd_ifinfo protection, remove obsolete .initialized member

All access to struct ifnet's member *if_nd is read-only, with the one
write exception being nd6_slowtimo() updating ND information.

IPv6 Neighbour Discovery information is fully protected by the net lock.
---
nd6_ifattach() allocates and unconditionally initialises struct ifnet's
*if_nd member, so early in if_attachsetup() that there is no way to query
unitialised Neighour Unreachable Detection bits.

Only SIOCGIFINFO_IN6 through ndp(8) used the .initialized member:
Added/set since 2002 sys/netinet6/nd6.c r1.42
attach nd_ifinfo structure to if_afdata.
split IPv6 MTU (advertised by RA) from real link MTU.
sync with kame

Read since 2002 usr.sbin/ndp/ndp.c r1.16
use new SIOCGIFINFO_IN6. random other cleanups. sync w/kame.

Obsolete since 2017 sys/netinet6/nd6.c r1.217
usr.sbin/ndp/ndp.c r1.85
Remove knob and always do neighbor unreachable detection.

Feedback OK bluhm


# 1.89 23-Nov-2022 kn

Remove unused NDPRF_* defines; dead since 2017 sys/netinet6/nd6.c r1.210

Remove sending of router solicitations and processing of router
advertisements from the kernel. It's handled by slaacd(8) these days.

Outside of _KERNEL, but nothing in base uses it, either.
codesearch.debian.net seems to agree.

OK mvs claudio bluhm


# 1.88 23-Nov-2022 kn

Remove unused struct in6_ndifreq; dead since 2013 sys/netinet6/in6_var.h r1.37

Remove unused code manipulating a default interface and its index
This is a leftover from the on-link assumption behavior removal,
which has been deprecated by RFC4861 anyway.

Outside of _KERNEL, but nothing in base uses it, either.
codesearch.debian.net seems to agree.

OK mvs claudio bluhm


# 1.87 23-Nov-2022 kn

Remove unused struct prf_ra; dead since 2017 sys/netinet/icmp6.h r1.45

Get rid of ICMPV6CTL_ND6_DRLIST and ICMPV6CTL_ND6_PRLIST sysctls
With this we can also get rid of in6_prefix and in6_defrouter. They
are meaningless, the kernel no longer tracks this information.

Outside of _KERNEL, but nothing in base uses it, either.
codesearch.debian.net seems to agree.

OK mvs claudio bluhm


# 1.86 23-Nov-2022 kn

Inline useless ND_IFINFO() macro

A single cast-free struct pointer dereference needs no indirection.
ND_IFINFO() is under _KERNEL.

OK mvs


# 1.85 23-Nov-2022 kn

Let nd6_if{at,de}tach() be void and take an ifp argument

Do it like the rest of at/detach routines which modify a struct ifnet
pointer without returning anything.

OK mvs


# 1.84 23-Nov-2022 kn

Add *if_nd to struct ifnet, call nd6_if{at,de}tach() directly

*if_afdata[] and struct domain's dom_if{at,de}tach() are only used with
IPv6 Neighbour Discovery in6_dom{at,de}tach(), which allocate/init and
free single struct nd_ifinfo.

Set up a new ND-specific *if_nd member directly to avoid yet another
layer of indirection and thus make the generic domain API obsolete.

The per-interface data is only accessed in nd6.c and nd6_nbr.c through
the ND_IFINFO() macro; it is allocated and freed exactly once during
interface at/detach, so document it as [I]mmutable.

OK bluhm mvs claudio


# 1.83 23-Nov-2022 kn

Recommit previous "Remove useless struct in6_ifextra"

This was the right diff after all, I just confused myself between trees.

OK bluhm
---
Remove useless struct in6_ifextra

in6_var.h r1.75 removed all other struct members.

Now It only contains a single struct nd_ifinfo pointer, so address family
specific data might as well be just that.

ND_IFINFO() is the only way nd6_nbr.c and nd6.c access this data, there is
no other usage of if_afdata[].

One allocation and unhelpful indirection less per interface.

All under _KERNEL.

OK claudio


# 1.82 22-Nov-2022 kn

Backout "Remove useless struct in6_ifextra" commit

I committed the wrong iteration of this diff, sorry for the noise.


# 1.81 22-Nov-2022 kn

Remove useless struct in6_ifextra

in6_var.h r1.75 removed all other struct members.

Now It only contains a single struct nd_ifinfo pointer, so address family
specific data might as well be just that.

ND_IFINFO() is the only way nd6_nbr.c and nd6.c access this data, there is
no other usage of if_afdata[].

One allocation and unhelpful indirection less per interface.

All under _KERNEL.

OK claudio


# 1.80 12-Nov-2022 kn

Remove unused RS_LHCOOKIE macro

Added in 2014 110585f259f4974284e531f0a1e121b001a580dc
Move sending of router solicitations to the kernel; [...]
but never used.


Revision tags: OPENBSD_7_2_BASE
# 1.79 08-Aug-2022 kn

Constify in6_addr pointer arguments in nd6_*() functions

All of them are passed to inspect/copy out fields, none of the functions
writes to the struct.

This makes it easier to argue about code (in MP context).

OK bluhm


# 1.78 28-Jul-2022 kn

Zap prototypes for nonexistent nd6_setmtu() and in6_ifdel()

Removed in 2015 and 2002, respectively.

OK claudio


# 1.77 22-Jul-2022 kn

Leftovers from florian's RS/NA purge from the kernel in 2017.

OK bluhm


Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE
# 1.76 28-Mar-2020 florian

Move ND6_PRIV_* constants from nd6.h to slaacd the only place where
they are used. Nobody in the wider eco system uses these.
While here reduce temporary address valid lifetime to 2 days as per
draft-ietf-6man-rfc4941bis. This should considerably reduce the amount
of addresses configured on an interface - a common complaint.
Original diff from Fernando Gont (fernando AT gont.com.ar), thanks!
Ports tree scanning by sthen@


Revision tags: OPENBSD_6_6_BASE
# 1.75 21-Jun-2019 mpi

Prevent recursions by not deleting entries inside rtable_walk(9).

rtable_walk(9) now passes a routing entry back to the caller when
a non zero value is returned and if it asked for it.
This allows us to call rtdeletemsg()/rtrequest_delete() from the
caller without creating a recursion because of rtflushclone().

Multicast code hasn't been adapted and is still possibly creating
recursions. However multicast route entries aren't cloned so if
a recursion exists it isn't because of rtflushclone().

Fix stack exhaustion triggered by the use of "-msave-args".

Issue reported by D��niel L��vai on bugs@ confirmed by and ok bluhm@.


Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE
# 1.74 27-Nov-2017 mpi

Use a single timer for all ND6 entries.

This prevents a use-after-free reported by Hrvoje Popovski where the
timeout function was already sleeping on the NET_LOCK() when ifconfig(8)
removed the enry from the table.

By iterating on a global list in the timeout routine we ensure that the
items are still valid when we process them. This also reduce differences
with ARP.

ok bluhm@, visa@


# 1.73 03-Nov-2017 florian

We are processing Router Solicitation / Advertisement messages only
for the Source Link-layer Address Options.
Merge nd6_rs_input() and nd6_ra_input() into one generic function that
does just that.

input & OK mpi


Revision tags: OPENBSD_6_2_BASE
# 1.72 09-Aug-2017 florian

Remove knob and always do neighbor unreachable detection.


# 1.71 09-Aug-2017 florian

accept_rtadv doesn't do anything since some time.
OK mpi


# 1.70 09-Aug-2017 florian

We are no longer generating privacy addresses in the
kernel.
OK mpi


# 1.69 08-Aug-2017 florian

Stop running nd6_expire every second.
We know when pltime or vltime decrease to zero. Run nd6_expire then.
Input & OK mpi, bluhm


# 1.68 12-Jul-2017 florian

Get rid of ICMPV6CTL_ND6_DRLIST and ICMPV6CTL_ND6_PRLIST sysctls
With this we can also get rid of in6_prefix and in6_defrouter. They
are meaningless, the kernel no longer tracks this information.

Pointed out by & OK mpi


# 1.67 11-Jul-2017 florian

Purging is at last at hand. Day of Doom is here. All that is evil
shall all be cleansed.

Remove sending of router solicitations and processing of router
advertisements from the kernel. It's handled by slaacd(8) these days.

Input & OK bluhm@, mpi@


Revision tags: OPENBSD_6_1_BASE
# 1.66 27-Dec-2016 bluhm

Move nd6 timer initialisation to nd6_init() and call timeout_set()
only once during init.
OK mpi@


# 1.65 28-Nov-2016 mpi

Remove multiple recursive splsoftnet().

ok bluhm@


# 1.64 21-Nov-2016 mpi

Assert that prelist_update() is always called at IPL_SOFTNET.

While here use __func__ in debug strings to reduce noise when grepping.


Revision tags: OPENBSD_6_0_BASE
# 1.63 13-Jul-2016 dlg

store nd6 expiries in the route, not separately in the llinfo struct.

this makes it more consistent with arp, and makes expiries visible
via route(8) get as well as ndp(8).

ok mpi@ florian@


# 1.62 15-Jun-2016 mpi

Kill nd6_output(), it doesn't do anything since the resolution logic
has been moved to nd6_resolve().

ok visa@, millert@, florian@, sthen@


# 1.61 08-Jun-2016 mpi

Move ND resoluton logic from nd6_output() to nd6_storelladdr() and
rename it to nd6_resolve().

This allows us to get rid of non-Ethernet hacks by moving Ethernet
specific logic in the appropriate layer.

ok sthen@


# 1.60 01-Jun-2016 dlg

make nd6_llinfo_settimer take seconds instead of ticks.

most callers are working in seconds, internally it uses seconds, and
you can call timeout_add_sec as easily as timeout_add.

this also fixes an issue with an nd_defrouter expire which was
incorrectly scaled with ticks in a comparison.

ok mpi@


# 1.59 30-May-2016 dlg

remove code compensating for the "short" range of timeouts.

the nd6 code for managing expiries is never asked to handle intervals
greater than what timeouts can handle, so we dont need to overcompensate.

the code was also incorrect by using a long, which isnt that long
on ILP32 machines.

ok mpi@ millert@ benno@


# 1.58 30-Mar-2016 mpi

Implement proxy ARP for ART based on mpath support.

Since mpath is not enabled in RAMDISK, proxy ARP won't work there either.

ok bluhm@


# 1.57 03-Mar-2016 jca

Kill IPv6 prefix and router renumbering ioctls.

Router renumbering was never supported, prefix ioctls were deprecated
~15 years ago. Move some items in netinet6/nd6.h where they are still
used.

ok mikeb@ mpi@


Revision tags: OPENBSD_5_9_BASE
# 1.56 18-Dec-2015 tb

Convert arc4random() to arc4random_uniorm(). Diff by Matthew Martin.

Ensure that arc4random_uniform() doesn't loop by redefining
ND6_MAX_DESYNC_FACTOR to be 512, the largest power of two smaller
than the RFC-specified 600 seconds. Suggested by florian@ and deraadt@

ok florian@, sthen@ in this form, arc4random change ok djm@, tedu@


# 1.55 06-Nov-2015 mpi

Change nd6_nud_hint() to no longer manipulate rt_ifp directly.

While here remove unused argument and convert the route check to
rtisvalid(9).

ok bluhm@


# 1.54 02-Nov-2015 bluhm

Implement the list of nd6 llinfo entries with a TAILQ.
OK millert@ mpi@


# 1.53 02-Nov-2015 mpi

Prefer an existing refcounted ``ifp'' to rt_ifp when possible or use the
interface index directly.

ok bluhm@


# 1.52 28-Oct-2015 florian

Remove linkmtu and maxmtu from struct nd_ifinfo. IN6_LINKMTU can now
die and ifp->if_mtu is the one true mtu.
Suggested by and OK mpi@


# 1.51 25-Oct-2015 mpi

Introduce if_rtrequest() the successor of ifa_rtrequest().

L2 resolution depends on the protocol (encoded in the route entry) and
an ``ifp''. Not having to care about an ``ifa'' makes our life easier
in our MP effort. Fewer dependencies between data structures implies
fewer headaches.

Discussed with bluhm@, ok claudio@


# 1.50 24-Oct-2015 mpi

Ignore Router Advertisment's current hop limit.

Appart from the usual inet6 axe murdering exercise to keep you fit, this
allows us to get rid of a lot of layer violation due to the use of per-
ifp variables to store the current hop limit.

Imputs from bluhm@, ok phessler@, florian@, bluhm@


# 1.49 31-Aug-2015 mpi

The return value of nd6_cache_lladdr() is never used so make it a void.

Fewer "struct rtentry" left in the wild!


# 1.48 24-Aug-2015 mpi

nd6_prefix_add() is no longer used and die.


# 1.47 24-Aug-2015 mpi

Start moving away from the global prefix list by limiting its usage to
AUTOCONF'd addresses.

This prevent the kernel from removing connected (/64) routes as soon as
it configures an AUTOCONF'd address based on a RA.

Tested by sebastia@, ok sthen@


# 1.46 24-Aug-2015 mpi

Rework the code to decide when to perform DAD to no longer rely on the
IN6_IFF_NODAD pseudo-flag not being set.

This was just a flag for spaghetti code that should not exist in the
first place.

Tested by sebastia@, ok sthen@


# 1.45 18-Aug-2015 mpi

Call rtfree(9) when we no longer need the route entry rather than
decrementing rt_refcnt just after rtrequest1(9).

While here reduce the differences with rt_ifa_add(9). There's still
an ambiguity about rtrequest1(9)'s return value, but bluhm@ will
address that in a different diff.

Discussed with and ok bluhm@


Revision tags: OPENBSD_5_8_BASE
# 1.44 18-Jul-2015 mpi

Merge two identical chunks to add new prefixes to the global data
structures into a function.

ok florian@


# 1.43 16-Jul-2015 mpi

Properly layer Router Solicitation code.

Tweak and ok florian@


# 1.42 09-Jul-2015 mpi

Remove unused arguments and the associated code from nd6_nud_hint().

ok claudio@


Revision tags: OPENBSD_5_7_BASE
# 1.41 20-Nov-2014 mpi

Rework the handling of interfaces and IPv6 addresses for local delivery.

- Unicast packets sent to any local address will have their interface
set to loobpack.

- In order to differentiate traffic from interfaces having identical
link-local addresses, provide the scoped addresses to pf(4).

- Update the icmp6 state lookup logic to match scoped MLL addresses.

- Remove a shortcut in ip6_input() that bypasses pf and always look
for an RTF_LOCAL route.

Packets sent to multicast addresses still retain their original
interface due to the fact that local multicast packet delivering
does not use if_output.

This makes ping6 to link-local addresses work even with pf enabled
and "set skip" on loopbacks, reported by Pieter Verberne.

Debugged, analysed and tested with mikeb@.

ok mikeb@, henning@, sthen@


# 1.40 10-Nov-2014 mpi

Do not pass an ifa pointer when we already have a DAD descriptor.

Tweaks and ok florian@


# 1.39 25-Aug-2014 florian

Move sending of router solicitations to the kernel; receiving and
processing of router advertisements was already in the kernel.
With this rtsol{,d}(8) is no longer necessary.

The kernel starts sending solicitations with
# ifconfig $IF inet6 autoconf
or
inet6 autoconf
in /etc/hostname.$IF.

input stsp@
much help & OK mpi@
tweaks & OK bluhm@


Revision tags: OPENBSD_5_6_BASE
# 1.38 11-Jul-2014 blambert

move IPv6 prefix adding from workq to taskq; as a happy benefit, we
can delete 2 dozen or so lines that check to see if we've queued
up a prefix addition multiple times.

ok stsp@


# 1.37 07-May-2014 mpi

Kill the {nd6_,}useloopback buttons, using the loopback interface for
local traffic is not optional.

ok mikeb@, stsp@, jca@


Revision tags: OPENBSD_5_5_BASE
# 1.36 07-Jan-2014 mikeb

Propagate an rdomain number to the nd6_lookup independently from
the ifp pointer which can be NULL. This prevents a crash reported
by David Hill <dhill at mindcry ! org>. OK bluhm


# 1.35 25-Oct-2013 deraadt

More _KERNEL namespace cleanup, just in case something out there
includes this.


# 1.34 28-Aug-2013 mpi

Remove unused argument from *rtrequest()

ok krw@, mikeb@


# 1.33 26-Aug-2013 bluhm

No one uses the obsolete IPv6 ioctls SIOCGDRLST_IN6, SIOCGPRLST_IN6,
OSIOCGIFINFO_IN6 anymore. Remove them together with the structs
in6_drlist, in6_oprlist, in6_prlist, in6_ondireq and the kernel
implementation.
OK mikeb@ henning@


# 1.32 11-Aug-2013 bluhm

To control the lifetime of IPv6 addresses, prefixes and default
routers, the kernel and ndp use a bunch of expire fields. Before
they were int or u_long, convert expire to time_t in all structs.
Move vltime and pltime to u_int32_t everywhere. Sort struct fields
by size. Struct inet6_ndpr_msghdr is not used at all, so remove
it.

Binary compatibility of rtsold and ndp break with this change as
rtsold uses in6_drlist and ndp uses in6_defrouter and in6_prefix
to interact with the kernel.

OK mpi@


Revision tags: OPENBSD_5_4_BASE
# 1.31 01-Jul-2013 bluhm

Do not access queue fields directly, use FOREACH() macro instead.
No binary change.
OK mikeb@ mpi@


# 1.30 11-Mar-2013 mpi

Remove unused code manipulating a default interface and its index,
This is a leftover from the on-link assumption behavior removal,
which has been deprecated by RFC4861 anyway.

ok mikeb@, bluhm@, florian@


Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
# 1.29 14-Feb-2012 sthen

typo in comment.


Revision tags: OPENBSD_5_0_BASE OPENBSD_5_1_BASE
# 1.28 03-Apr-2011 stsp

fix typos in comments
ok deraadt henning sthen thib (though thib says he can't spell)


Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
# 1.27 06-Apr-2010 stsp

Simple implementation of RFC4941, "Privacy Extensions for Stateless
Address Autoconfiguration in IPv6". For those among us who are paranoid
about broadcasting their MAC address to the IPv6 internet.

Man page help from jmc, testing by weerd, arc4random API hints from djm.

ok deraadt, claudio


Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE
# 1.26 11-Jun-2008 mcbride

From KAME, allow adjustable limits on NDP entries and discovered routes.

ok mpf naddy


Revision tags: OPENBSD_3_4_BASE OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE SMP_SYNC_A SMP_SYNC_B
# 1.25 08-Jul-2003 itojun

unifdef -U__otherBSD__


# 1.24 27-Jun-2003 itojun

split ND6 cache timer management to per-entry. increased accuracy,
no O(N) loop. sync w/ kame. marc tested, daniel ok


Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE UBC_SYNC_A UBC_SYNC_B
# 1.23 08-Jun-2002 itojun

gc


# 1.22 08-Jun-2002 itojun

sync with latest KAME in6_ifaddr/prefix/default router manipulation.
behavior changes:
- two iocts used by ndp(8) are now obsolete (backward compat provided).
use sysctl path instead.
- lo0 does not get ::1 automatically. it will get ::1 when lo0 comes up.


# 1.21 07-Jun-2002 itojun

cope with cases where maxmtu == 0 (shouldn't happen)


# 1.20 05-Jun-2002 itojun

be sure to use L3 MTU, not L2 MTU, when specified in spec (affects FDDI/ARCnet)


# 1.19 30-May-2002 itojun

improve nd6_setmtu(), to warn too-small MTU on SIOCSIFMTU. sync w/kame


# 1.18 29-May-2002 itojun

no need to supply obsolete field name "receivedra"


# 1.17 29-May-2002 itojun

attach nd_ifinfo structure to if_afdata.
split IPv6 MTU (advertised by RA) from real link MTU.
sync with kame


Revision tags: OPENBSD_3_1_BASE
# 1.16 14-Mar-2002 millert

First round of __P removal in sys


# 1.15 23-Jan-2002 fgsch

compatability -> compatibility.


Revision tags: OPENBSD_2_9_BASE OPENBSD_3_0_BASE UBC_BASE
# 1.14 23-Feb-2001 itojun

branches: 1.14.6;
garbage-collect stale ND entries (default: 1 day).
RFC 2461 5.3. sync with kame.


# 1.13 23-Feb-2001 itojun

remove unnecessary state, ND6_LLINFO_WAITDELETE, from neighbor cache
state machine.
no need for RTF_REJECT on neighbor cache entires, they are leftover from
ARP code.
sync with kame.


# 1.12 08-Feb-2001 itojun

when chasing nd6_llinfo chain, make sure we do not touch dangling
pointer (due to RTM_DELETE during default router list management).
from kame


# 1.11 08-Feb-2001 itojun

use timeout_xx() throughout sys/netinet6. sync with kame.


# 1.10 07-Feb-2001 itojun

by default, don't bark on inbound ND messages, as outsider may be able to
fill up /var with bogus packets.
setting net.inet6.icmp6.nd6_debug will re-enable kernel messages on invalid
ND packet and other occasions.

improve icmp6 stats.


# 1.9 19-Jan-2001 itojun

pull post-4.4BSD change to sys/net/route.c from BSD/OS 4.2 (UCB copyrighted).

have sys/net/route.c:rtrequest1(), which takes rt_addrinfo * as the argument.
pass rt_addrinfo all the way down to rtrequest, and ifa->ifa_rtrequest.
3rd arg of ifa->ifa_rtrequest is now rt_addrinfo * instead of sockaddr *
(almost noone is using it anyways).

benefit: the follwoing command now works. previously we need two route(8)
invocations, "add" then "change".
# route add -inet6 default ::1 -ifp gif0

remove unsafe typecast in rtrequest(), from rtentry * to sockaddr *. it was
introduced by 4.3BSD-reno and never corrected.

XXX is eon_rtrequest() change correct regarding to 3rd arg?
eon_rtrequest() and rtrequest() were incorrect since 4.3BSD-reno,
so i do not have correct answer in the source code.
someone with more clue about netiso-over-ip, please help.


Revision tags: OPENBSD_2_8_BASE
# 1.8 06-Jul-2000 itojun

- more icmp6/ip6 stats.
- protect IPv6 ND from being hosed (due to neighbor unreachability detection
hint) by wrong tcp traffic. still not sure if there's real attack, but
it is good to be cautious.
- avoid bitfield for router renumbering header decl.
- implement packet-per-sec limitation for icmp6 errors, turn interval
limit off (it is not very useful due to unix timer resolution).


# 1.7 19-May-2000 itojun

never forward packet with link-local address.
experimental support for new loopback packet handling (with FAKE_LOOPBACK_IF,
rcvif will be set to real outgoing interface, not the loopback, to honor scope)
sync with kame.


# 1.6 15-May-2000 itojun

perform NUD on p2p link, only if the destination/gateway is real neighbor.
this removes temporary workaround (no NUD on p2p link). KAME PR 245.


Revision tags: OPENBSD_2_7_BASE
# 1.5 17-Apr-2000 itojun

revisit in6_ifattach(). (1) make it more persistent about initializaing an
interface (2) cleanup interface id selection.
run NUD on p2p interface (required by spec for bidir p2p interface).
add "ndp -i interface" (can tweak per-interface ND flag).
(sync with more recent kame)


# 1.4 28-Feb-2000 itojun

bring in recent KAME changes (only important and stable ones, as usual).
- remove net.inet6.ip6.nd6_proxyall. introduce proxy NDP code works
just like "arp -s".
- revise source address selection.
be more careful about use of yet-to-be-valid addresses as source.
- as router, transmit ICMP6_DST_UNREACH_BEYONDSCOPE against out-of-scope
packet forwarding attempt.
- path MTU discovery takes care of routing header properly.
- be more strict about mbuf chain parsing.
- nuke xxCTL_VARS #define, they are for BSDI.
- disable SIOCSIFDSTADDR_IN6/SIOCSIFNETMASK_IN6 ioctl, they do not fit
IPv6 model where multiple address on interface is normal.
(kernel side supports them for a while for backward compat,
the support will be nuked shortly)
- introduce "default outgoing interface" (for spec conformance in very
rare case)


Revision tags: SMP_BASE
# 1.3 04-Feb-2000 itojun

branches: 1.3.2;
more coverage of in6_ifdetach()'s cleanup process.
bug fix in SIOCGIFADDR_IN6 (point to point case).


# 1.2 08-Jan-2000 deraadt

use arc4random() instead of random for two reasons.
1) on some architectures, random() should only be used by the scheduler
(ie. statintr() because it is uniformly distributed
2) arc4random() is actually strong, random() is not at all


Revision tags: kame_19991208
# 1.1 08-Dec-1999 itojun

bring in KAME IPv6 code, dated 19991208.
replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support.
see sys/netinet6/{TODO,IMPLEMENTATION} for more details.

GENERIC configuration should work fine as before. GENERIC.v6 works fine
as well, but you'll need KAME userland tools to play with IPv6 (will be
bringed into soon).


# 1.95 06-Jan-2023 kn

Clean up struct nd_opts, use nd6_options() function local variables

nd_opts_search is really the next option, so call it next_opt.

nd_opts_done == 1 means next_opt == NULL, i.e. no more option to handle,
so zap the former and use the latter to stop.

Finally drop the useless struct members, all under _KERNEL.

OK claudio


# 1.94 10-Dec-2022 kn

Merge nd6_option_init() into nd6_options()

All call-sites call nd6_options() directly after nd6_option_init().
Fold them to simplify the logic and do less pointing around.

Feedback OK bluhm florian


# 1.93 09-Dec-2022 claudio

Switch nd_opts from a union to just a struct.
The ND6 option handling in the kernel got a lot simpler since only
the tgt and src lladdr option are inspected by the kernel. The magic
of assigning options via one side of the union and accessing them
via the other is total overkill and actually quite error prone.
OK florian@


# 1.92 07-Dec-2022 kn

Do not store unused ICMPv6 Option PREFIX_INFORMATION

Dead since 2017 sys/netinet6/nd6_rtr.c r1.163
Remove sending of router solicitations and processing of router
advertisements from the kernel. It's handled by slaacd(8) these days.

sysctl(2) net.inet6.icmp6.nd6_debug does not warn about it like it does
for, e.g., duplicate MTU options, so don't do anything with this option.

Remove access macros for other unused options while here.
Eventually, union nd_opts should be removed completely.
All under _KERNEL.

tcpdump(8)/rad(8)/slaacd(8) keep showing/sending/receiving this option when
running this diff on both router and client.

OK claudio


# 1.91 02-Dec-2022 kn

Remove constant basereachable and retrans members from struct nd_ifinfo

Both are initalised with compile-time constants and never written to.

They are part of the Neighbour Discovery machinery and only surface
through the single-user SIOCGIFINFO_IN6:
$ ndp -i lo0
basereachable=30s0ms, reachable=39s, retrans=1s0ms

These values are read-only since 2017
sys/netinet6/nd6.c r1.217
usr.sbin/ndp/ndp.c r1.85
Remove knob and always do neighbor unreachable detection

Inline the macros (to keep meaningful names), shrink the per-interface
allocated struct nd_ifinfo to what is actually needed and inline
nd6_dad_starttimer()'s constant `msec' argument.

Nothing else in base, incl. regress, uses SIOCGIFINFO_IN6 or `ndp -i'.

OK bluhm


# 1.90 28-Nov-2022 kn

Document struct nd_ifinfo protection, remove obsolete .initialized member

All access to struct ifnet's member *if_nd is read-only, with the one
write exception being nd6_slowtimo() updating ND information.

IPv6 Neighbour Discovery information is fully protected by the net lock.
---
nd6_ifattach() allocates and unconditionally initialises struct ifnet's
*if_nd member, so early in if_attachsetup() that there is no way to query
unitialised Neighour Unreachable Detection bits.

Only SIOCGIFINFO_IN6 through ndp(8) used the .initialized member:
Added/set since 2002 sys/netinet6/nd6.c r1.42
attach nd_ifinfo structure to if_afdata.
split IPv6 MTU (advertised by RA) from real link MTU.
sync with kame

Read since 2002 usr.sbin/ndp/ndp.c r1.16
use new SIOCGIFINFO_IN6. random other cleanups. sync w/kame.

Obsolete since 2017 sys/netinet6/nd6.c r1.217
usr.sbin/ndp/ndp.c r1.85
Remove knob and always do neighbor unreachable detection.

Feedback OK bluhm


# 1.89 23-Nov-2022 kn

Remove unused NDPRF_* defines; dead since 2017 sys/netinet6/nd6.c r1.210

Remove sending of router solicitations and processing of router
advertisements from the kernel. It's handled by slaacd(8) these days.

Outside of _KERNEL, but nothing in base uses it, either.
codesearch.debian.net seems to agree.

OK mvs claudio bluhm


# 1.88 23-Nov-2022 kn

Remove unused struct in6_ndifreq; dead since 2013 sys/netinet6/in6_var.h r1.37

Remove unused code manipulating a default interface and its index
This is a leftover from the on-link assumption behavior removal,
which has been deprecated by RFC4861 anyway.

Outside of _KERNEL, but nothing in base uses it, either.
codesearch.debian.net seems to agree.

OK mvs claudio bluhm


# 1.87 23-Nov-2022 kn

Remove unused struct prf_ra; dead since 2017 sys/netinet/icmp6.h r1.45

Get rid of ICMPV6CTL_ND6_DRLIST and ICMPV6CTL_ND6_PRLIST sysctls
With this we can also get rid of in6_prefix and in6_defrouter. They
are meaningless, the kernel no longer tracks this information.

Outside of _KERNEL, but nothing in base uses it, either.
codesearch.debian.net seems to agree.

OK mvs claudio bluhm


# 1.86 23-Nov-2022 kn

Inline useless ND_IFINFO() macro

A single cast-free struct pointer dereference needs no indirection.
ND_IFINFO() is under _KERNEL.

OK mvs


# 1.85 23-Nov-2022 kn

Let nd6_if{at,de}tach() be void and take an ifp argument

Do it like the rest of at/detach routines which modify a struct ifnet
pointer without returning anything.

OK mvs


# 1.84 23-Nov-2022 kn

Add *if_nd to struct ifnet, call nd6_if{at,de}tach() directly

*if_afdata[] and struct domain's dom_if{at,de}tach() are only used with
IPv6 Neighbour Discovery in6_dom{at,de}tach(), which allocate/init and
free single struct nd_ifinfo.

Set up a new ND-specific *if_nd member directly to avoid yet another
layer of indirection and thus make the generic domain API obsolete.

The per-interface data is only accessed in nd6.c and nd6_nbr.c through
the ND_IFINFO() macro; it is allocated and freed exactly once during
interface at/detach, so document it as [I]mmutable.

OK bluhm mvs claudio


# 1.83 23-Nov-2022 kn

Recommit previous "Remove useless struct in6_ifextra"

This was the right diff after all, I just confused myself between trees.

OK bluhm
---
Remove useless struct in6_ifextra

in6_var.h r1.75 removed all other struct members.

Now It only contains a single struct nd_ifinfo pointer, so address family
specific data might as well be just that.

ND_IFINFO() is the only way nd6_nbr.c and nd6.c access this data, there is
no other usage of if_afdata[].

One allocation and unhelpful indirection less per interface.

All under _KERNEL.

OK claudio


# 1.82 22-Nov-2022 kn

Backout "Remove useless struct in6_ifextra" commit

I committed the wrong iteration of this diff, sorry for the noise.


# 1.81 22-Nov-2022 kn

Remove useless struct in6_ifextra

in6_var.h r1.75 removed all other struct members.

Now It only contains a single struct nd_ifinfo pointer, so address family
specific data might as well be just that.

ND_IFINFO() is the only way nd6_nbr.c and nd6.c access this data, there is
no other usage of if_afdata[].

One allocation and unhelpful indirection less per interface.

All under _KERNEL.

OK claudio


# 1.80 12-Nov-2022 kn

Remove unused RS_LHCOOKIE macro

Added in 2014 110585f259f4974284e531f0a1e121b001a580dc
Move sending of router solicitations to the kernel; [...]
but never used.


Revision tags: OPENBSD_7_2_BASE
# 1.79 08-Aug-2022 kn

Constify in6_addr pointer arguments in nd6_*() functions

All of them are passed to inspect/copy out fields, none of the functions
writes to the struct.

This makes it easier to argue about code (in MP context).

OK bluhm


# 1.78 28-Jul-2022 kn

Zap prototypes for nonexistent nd6_setmtu() and in6_ifdel()

Removed in 2015 and 2002, respectively.

OK claudio


# 1.77 22-Jul-2022 kn

Leftovers from florian's RS/NA purge from the kernel in 2017.

OK bluhm


Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE
# 1.76 28-Mar-2020 florian

Move ND6_PRIV_* constants from nd6.h to slaacd the only place where
they are used. Nobody in the wider eco system uses these.
While here reduce temporary address valid lifetime to 2 days as per
draft-ietf-6man-rfc4941bis. This should considerably reduce the amount
of addresses configured on an interface - a common complaint.
Original diff from Fernando Gont (fernando AT gont.com.ar), thanks!
Ports tree scanning by sthen@


Revision tags: OPENBSD_6_6_BASE
# 1.75 21-Jun-2019 mpi

Prevent recursions by not deleting entries inside rtable_walk(9).

rtable_walk(9) now passes a routing entry back to the caller when
a non zero value is returned and if it asked for it.
This allows us to call rtdeletemsg()/rtrequest_delete() from the
caller without creating a recursion because of rtflushclone().

Multicast code hasn't been adapted and is still possibly creating
recursions. However multicast route entries aren't cloned so if
a recursion exists it isn't because of rtflushclone().

Fix stack exhaustion triggered by the use of "-msave-args".

Issue reported by D��niel L��vai on bugs@ confirmed by and ok bluhm@.


Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE
# 1.74 27-Nov-2017 mpi

Use a single timer for all ND6 entries.

This prevents a use-after-free reported by Hrvoje Popovski where the
timeout function was already sleeping on the NET_LOCK() when ifconfig(8)
removed the enry from the table.

By iterating on a global list in the timeout routine we ensure that the
items are still valid when we process them. This also reduce differences
with ARP.

ok bluhm@, visa@


# 1.73 03-Nov-2017 florian

We are processing Router Solicitation / Advertisement messages only
for the Source Link-layer Address Options.
Merge nd6_rs_input() and nd6_ra_input() into one generic function that
does just that.

input & OK mpi


Revision tags: OPENBSD_6_2_BASE
# 1.72 09-Aug-2017 florian

Remove knob and always do neighbor unreachable detection.


# 1.71 09-Aug-2017 florian

accept_rtadv doesn't do anything since some time.
OK mpi


# 1.70 09-Aug-2017 florian

We are no longer generating privacy addresses in the
kernel.
OK mpi


# 1.69 08-Aug-2017 florian

Stop running nd6_expire every second.
We know when pltime or vltime decrease to zero. Run nd6_expire then.
Input & OK mpi, bluhm


# 1.68 12-Jul-2017 florian

Get rid of ICMPV6CTL_ND6_DRLIST and ICMPV6CTL_ND6_PRLIST sysctls
With this we can also get rid of in6_prefix and in6_defrouter. They
are meaningless, the kernel no longer tracks this information.

Pointed out by & OK mpi


# 1.67 11-Jul-2017 florian

Purging is at last at hand. Day of Doom is here. All that is evil
shall all be cleansed.

Remove sending of router solicitations and processing of router
advertisements from the kernel. It's handled by slaacd(8) these days.

Input & OK bluhm@, mpi@


Revision tags: OPENBSD_6_1_BASE
# 1.66 27-Dec-2016 bluhm

Move nd6 timer initialisation to nd6_init() and call timeout_set()
only once during init.
OK mpi@


# 1.65 28-Nov-2016 mpi

Remove multiple recursive splsoftnet().

ok bluhm@


# 1.64 21-Nov-2016 mpi

Assert that prelist_update() is always called at IPL_SOFTNET.

While here use __func__ in debug strings to reduce noise when grepping.


Revision tags: OPENBSD_6_0_BASE
# 1.63 13-Jul-2016 dlg

store nd6 expiries in the route, not separately in the llinfo struct.

this makes it more consistent with arp, and makes expiries visible
via route(8) get as well as ndp(8).

ok mpi@ florian@


# 1.62 15-Jun-2016 mpi

Kill nd6_output(), it doesn't do anything since the resolution logic
has been moved to nd6_resolve().

ok visa@, millert@, florian@, sthen@


# 1.61 08-Jun-2016 mpi

Move ND resoluton logic from nd6_output() to nd6_storelladdr() and
rename it to nd6_resolve().

This allows us to get rid of non-Ethernet hacks by moving Ethernet
specific logic in the appropriate layer.

ok sthen@


# 1.60 01-Jun-2016 dlg

make nd6_llinfo_settimer take seconds instead of ticks.

most callers are working in seconds, internally it uses seconds, and
you can call timeout_add_sec as easily as timeout_add.

this also fixes an issue with an nd_defrouter expire which was
incorrectly scaled with ticks in a comparison.

ok mpi@


# 1.59 30-May-2016 dlg

remove code compensating for the "short" range of timeouts.

the nd6 code for managing expiries is never asked to handle intervals
greater than what timeouts can handle, so we dont need to overcompensate.

the code was also incorrect by using a long, which isnt that long
on ILP32 machines.

ok mpi@ millert@ benno@


# 1.58 30-Mar-2016 mpi

Implement proxy ARP for ART based on mpath support.

Since mpath is not enabled in RAMDISK, proxy ARP won't work there either.

ok bluhm@


# 1.57 03-Mar-2016 jca

Kill IPv6 prefix and router renumbering ioctls.

Router renumbering was never supported, prefix ioctls were deprecated
~15 years ago. Move some items in netinet6/nd6.h where they are still
used.

ok mikeb@ mpi@


Revision tags: OPENBSD_5_9_BASE
# 1.56 18-Dec-2015 tb

Convert arc4random() to arc4random_uniorm(). Diff by Matthew Martin.

Ensure that arc4random_uniform() doesn't loop by redefining
ND6_MAX_DESYNC_FACTOR to be 512, the largest power of two smaller
than the RFC-specified 600 seconds. Suggested by florian@ and deraadt@

ok florian@, sthen@ in this form, arc4random change ok djm@, tedu@


# 1.55 06-Nov-2015 mpi

Change nd6_nud_hint() to no longer manipulate rt_ifp directly.

While here remove unused argument and convert the route check to
rtisvalid(9).

ok bluhm@


# 1.54 02-Nov-2015 bluhm

Implement the list of nd6 llinfo entries with a TAILQ.
OK millert@ mpi@


# 1.53 02-Nov-2015 mpi

Prefer an existing refcounted ``ifp'' to rt_ifp when possible or use the
interface index directly.

ok bluhm@


# 1.52 28-Oct-2015 florian

Remove linkmtu and maxmtu from struct nd_ifinfo. IN6_LINKMTU can now
die and ifp->if_mtu is the one true mtu.
Suggested by and OK mpi@


# 1.51 25-Oct-2015 mpi

Introduce if_rtrequest() the successor of ifa_rtrequest().

L2 resolution depends on the protocol (encoded in the route entry) and
an ``ifp''. Not having to care about an ``ifa'' makes our life easier
in our MP effort. Fewer dependencies between data structures implies
fewer headaches.

Discussed with bluhm@, ok claudio@


# 1.50 24-Oct-2015 mpi

Ignore Router Advertisment's current hop limit.

Appart from the usual inet6 axe murdering exercise to keep you fit, this
allows us to get rid of a lot of layer violation due to the use of per-
ifp variables to store the current hop limit.

Imputs from bluhm@, ok phessler@, florian@, bluhm@


# 1.49 31-Aug-2015 mpi

The return value of nd6_cache_lladdr() is never used so make it a void.

Fewer "struct rtentry" left in the wild!


# 1.48 24-Aug-2015 mpi

nd6_prefix_add() is no longer used and die.


# 1.47 24-Aug-2015 mpi

Start moving away from the global prefix list by limiting its usage to
AUTOCONF'd addresses.

This prevent the kernel from removing connected (/64) routes as soon as
it configures an AUTOCONF'd address based on a RA.

Tested by sebastia@, ok sthen@


# 1.46 24-Aug-2015 mpi

Rework the code to decide when to perform DAD to no longer rely on the
IN6_IFF_NODAD pseudo-flag not being set.

This was just a flag for spaghetti code that should not exist in the
first place.

Tested by sebastia@, ok sthen@


# 1.45 18-Aug-2015 mpi

Call rtfree(9) when we no longer need the route entry rather than
decrementing rt_refcnt just after rtrequest1(9).

While here reduce the differences with rt_ifa_add(9). There's still
an ambiguity about rtrequest1(9)'s return value, but bluhm@ will
address that in a different diff.

Discussed with and ok bluhm@


Revision tags: OPENBSD_5_8_BASE
# 1.44 18-Jul-2015 mpi

Merge two identical chunks to add new prefixes to the global data
structures into a function.

ok florian@


# 1.43 16-Jul-2015 mpi

Properly layer Router Solicitation code.

Tweak and ok florian@


# 1.42 09-Jul-2015 mpi

Remove unused arguments and the associated code from nd6_nud_hint().

ok claudio@


Revision tags: OPENBSD_5_7_BASE
# 1.41 20-Nov-2014 mpi

Rework the handling of interfaces and IPv6 addresses for local delivery.

- Unicast packets sent to any local address will have their interface
set to loobpack.

- In order to differentiate traffic from interfaces having identical
link-local addresses, provide the scoped addresses to pf(4).

- Update the icmp6 state lookup logic to match scoped MLL addresses.

- Remove a shortcut in ip6_input() that bypasses pf and always look
for an RTF_LOCAL route.

Packets sent to multicast addresses still retain their original
interface due to the fact that local multicast packet delivering
does not use if_output.

This makes ping6 to link-local addresses work even with pf enabled
and "set skip" on loopbacks, reported by Pieter Verberne.

Debugged, analysed and tested with mikeb@.

ok mikeb@, henning@, sthen@


# 1.40 10-Nov-2014 mpi

Do not pass an ifa pointer when we already have a DAD descriptor.

Tweaks and ok florian@


# 1.39 25-Aug-2014 florian

Move sending of router solicitations to the kernel; receiving and
processing of router advertisements was already in the kernel.
With this rtsol{,d}(8) is no longer necessary.

The kernel starts sending solicitations with
# ifconfig $IF inet6 autoconf
or
inet6 autoconf
in /etc/hostname.$IF.

input stsp@
much help & OK mpi@
tweaks & OK bluhm@


Revision tags: OPENBSD_5_6_BASE
# 1.38 11-Jul-2014 blambert

move IPv6 prefix adding from workq to taskq; as a happy benefit, we
can delete 2 dozen or so lines that check to see if we've queued
up a prefix addition multiple times.

ok stsp@


# 1.37 07-May-2014 mpi

Kill the {nd6_,}useloopback buttons, using the loopback interface for
local traffic is not optional.

ok mikeb@, stsp@, jca@


Revision tags: OPENBSD_5_5_BASE
# 1.36 07-Jan-2014 mikeb

Propagate an rdomain number to the nd6_lookup independently from
the ifp pointer which can be NULL. This prevents a crash reported
by David Hill <dhill at mindcry ! org>. OK bluhm


# 1.35 25-Oct-2013 deraadt

More _KERNEL namespace cleanup, just in case something out there
includes this.


# 1.34 28-Aug-2013 mpi

Remove unused argument from *rtrequest()

ok krw@, mikeb@


# 1.33 26-Aug-2013 bluhm

No one uses the obsolete IPv6 ioctls SIOCGDRLST_IN6, SIOCGPRLST_IN6,
OSIOCGIFINFO_IN6 anymore. Remove them together with the structs
in6_drlist, in6_oprlist, in6_prlist, in6_ondireq and the kernel
implementation.
OK mikeb@ henning@


# 1.32 11-Aug-2013 bluhm

To control the lifetime of IPv6 addresses, prefixes and default
routers, the kernel and ndp use a bunch of expire fields. Before
they were int or u_long, convert expire to time_t in all structs.
Move vltime and pltime to u_int32_t everywhere. Sort struct fields
by size. Struct inet6_ndpr_msghdr is not used at all, so remove
it.

Binary compatibility of rtsold and ndp break with this change as
rtsold uses in6_drlist and ndp uses in6_defrouter and in6_prefix
to interact with the kernel.

OK mpi@


Revision tags: OPENBSD_5_4_BASE
# 1.31 01-Jul-2013 bluhm

Do not access queue fields directly, use FOREACH() macro instead.
No binary change.
OK mikeb@ mpi@


# 1.30 11-Mar-2013 mpi

Remove unused code manipulating a default interface and its index,
This is a leftover from the on-link assumption behavior removal,
which has been deprecated by RFC4861 anyway.

ok mikeb@, bluhm@, florian@


Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
# 1.29 14-Feb-2012 sthen

typo in comment.


Revision tags: OPENBSD_5_0_BASE OPENBSD_5_1_BASE
# 1.28 03-Apr-2011 stsp

fix typos in comments
ok deraadt henning sthen thib (though thib says he can't spell)


Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
# 1.27 06-Apr-2010 stsp

Simple implementation of RFC4941, "Privacy Extensions for Stateless
Address Autoconfiguration in IPv6". For those among us who are paranoid
about broadcasting their MAC address to the IPv6 internet.

Man page help from jmc, testing by weerd, arc4random API hints from djm.

ok deraadt, claudio


Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE
# 1.26 11-Jun-2008 mcbride

From KAME, allow adjustable limits on NDP entries and discovered routes.

ok mpf naddy


Revision tags: OPENBSD_3_4_BASE OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE SMP_SYNC_A SMP_SYNC_B
# 1.25 08-Jul-2003 itojun

unifdef -U__otherBSD__


# 1.24 27-Jun-2003 itojun

split ND6 cache timer management to per-entry. increased accuracy,
no O(N) loop. sync w/ kame. marc tested, daniel ok


Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE UBC_SYNC_A UBC_SYNC_B
# 1.23 08-Jun-2002 itojun

gc


# 1.22 08-Jun-2002 itojun

sync with latest KAME in6_ifaddr/prefix/default router manipulation.
behavior changes:
- two iocts used by ndp(8) are now obsolete (backward compat provided).
use sysctl path instead.
- lo0 does not get ::1 automatically. it will get ::1 when lo0 comes up.


# 1.21 07-Jun-2002 itojun

cope with cases where maxmtu == 0 (shouldn't happen)


# 1.20 05-Jun-2002 itojun

be sure to use L3 MTU, not L2 MTU, when specified in spec (affects FDDI/ARCnet)


# 1.19 30-May-2002 itojun

improve nd6_setmtu(), to warn too-small MTU on SIOCSIFMTU. sync w/kame


# 1.18 29-May-2002 itojun

no need to supply obsolete field name "receivedra"


# 1.17 29-May-2002 itojun

attach nd_ifinfo structure to if_afdata.
split IPv6 MTU (advertised by RA) from real link MTU.
sync with kame


Revision tags: OPENBSD_3_1_BASE
# 1.16 14-Mar-2002 millert

First round of __P removal in sys


# 1.15 23-Jan-2002 fgsch

compatability -> compatibility.


Revision tags: OPENBSD_2_9_BASE OPENBSD_3_0_BASE UBC_BASE
# 1.14 23-Feb-2001 itojun

branches: 1.14.6;
garbage-collect stale ND entries (default: 1 day).
RFC 2461 5.3. sync with kame.


# 1.13 23-Feb-2001 itojun

remove unnecessary state, ND6_LLINFO_WAITDELETE, from neighbor cache
state machine.
no need for RTF_REJECT on neighbor cache entires, they are leftover from
ARP code.
sync with kame.


# 1.12 08-Feb-2001 itojun

when chasing nd6_llinfo chain, make sure we do not touch dangling
pointer (due to RTM_DELETE during default router list management).
from kame


# 1.11 08-Feb-2001 itojun

use timeout_xx() throughout sys/netinet6. sync with kame.


# 1.10 07-Feb-2001 itojun

by default, don't bark on inbound ND messages, as outsider may be able to
fill up /var with bogus packets.
setting net.inet6.icmp6.nd6_debug will re-enable kernel messages on invalid
ND packet and other occasions.

improve icmp6 stats.


# 1.9 19-Jan-2001 itojun

pull post-4.4BSD change to sys/net/route.c from BSD/OS 4.2 (UCB copyrighted).

have sys/net/route.c:rtrequest1(), which takes rt_addrinfo * as the argument.
pass rt_addrinfo all the way down to rtrequest, and ifa->ifa_rtrequest.
3rd arg of ifa->ifa_rtrequest is now rt_addrinfo * instead of sockaddr *
(almost noone is using it anyways).

benefit: the follwoing command now works. previously we need two route(8)
invocations, "add" then "change".
# route add -inet6 default ::1 -ifp gif0

remove unsafe typecast in rtrequest(), from rtentry * to sockaddr *. it was
introduced by 4.3BSD-reno and never corrected.

XXX is eon_rtrequest() change correct regarding to 3rd arg?
eon_rtrequest() and rtrequest() were incorrect since 4.3BSD-reno,
so i do not have correct answer in the source code.
someone with more clue about netiso-over-ip, please help.


Revision tags: OPENBSD_2_8_BASE
# 1.8 06-Jul-2000 itojun

- more icmp6/ip6 stats.
- protect IPv6 ND from being hosed (due to neighbor unreachability detection
hint) by wrong tcp traffic. still not sure if there's real attack, but
it is good to be cautious.
- avoid bitfield for router renumbering header decl.
- implement packet-per-sec limitation for icmp6 errors, turn interval
limit off (it is not very useful due to unix timer resolution).


# 1.7 19-May-2000 itojun

never forward packet with link-local address.
experimental support for new loopback packet handling (with FAKE_LOOPBACK_IF,
rcvif will be set to real outgoing interface, not the loopback, to honor scope)
sync with kame.


# 1.6 15-May-2000 itojun

perform NUD on p2p link, only if the destination/gateway is real neighbor.
this removes temporary workaround (no NUD on p2p link). KAME PR 245.


Revision tags: OPENBSD_2_7_BASE
# 1.5 17-Apr-2000 itojun

revisit in6_ifattach(). (1) make it more persistent about initializaing an
interface (2) cleanup interface id selection.
run NUD on p2p interface (required by spec for bidir p2p interface).
add "ndp -i interface" (can tweak per-interface ND flag).
(sync with more recent kame)


# 1.4 28-Feb-2000 itojun

bring in recent KAME changes (only important and stable ones, as usual).
- remove net.inet6.ip6.nd6_proxyall. introduce proxy NDP code works
just like "arp -s".
- revise source address selection.
be more careful about use of yet-to-be-valid addresses as source.
- as router, transmit ICMP6_DST_UNREACH_BEYONDSCOPE against out-of-scope
packet forwarding attempt.
- path MTU discovery takes care of routing header properly.
- be more strict about mbuf chain parsing.
- nuke xxCTL_VARS #define, they are for BSDI.
- disable SIOCSIFDSTADDR_IN6/SIOCSIFNETMASK_IN6 ioctl, they do not fit
IPv6 model where multiple address on interface is normal.
(kernel side supports them for a while for backward compat,
the support will be nuked shortly)
- introduce "default outgoing interface" (for spec conformance in very
rare case)


Revision tags: SMP_BASE
# 1.3 04-Feb-2000 itojun

branches: 1.3.2;
more coverage of in6_ifdetach()'s cleanup process.
bug fix in SIOCGIFADDR_IN6 (point to point case).


# 1.2 08-Jan-2000 deraadt

use arc4random() instead of random for two reasons.
1) on some architectures, random() should only be used by the scheduler
(ie. statintr() because it is uniformly distributed
2) arc4random() is actually strong, random() is not at all


Revision tags: kame_19991208
# 1.1 08-Dec-1999 itojun

bring in KAME IPv6 code, dated 19991208.
replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support.
see sys/netinet6/{TODO,IMPLEMENTATION} for more details.

GENERIC configuration should work fine as before. GENERIC.v6 works fine
as well, but you'll need KAME userland tools to play with IPv6 (will be
bringed into soon).


# 1.94 10-Dec-2022 kn

Merge nd6_option_init() into nd6_options()

All call-sites call nd6_options() directly after nd6_option_init().
Fold them to simplify the logic and do less pointing around.

Feedback OK bluhm florian


# 1.93 09-Dec-2022 claudio

Switch nd_opts from a union to just a struct.
The ND6 option handling in the kernel got a lot simpler since only
the tgt and src lladdr option are inspected by the kernel. The magic
of assigning options via one side of the union and accessing them
via the other is total overkill and actually quite error prone.
OK florian@


# 1.92 07-Dec-2022 kn

Do not store unused ICMPv6 Option PREFIX_INFORMATION

Dead since 2017 sys/netinet6/nd6_rtr.c r1.163
Remove sending of router solicitations and processing of router
advertisements from the kernel. It's handled by slaacd(8) these days.

sysctl(2) net.inet6.icmp6.nd6_debug does not warn about it like it does
for, e.g., duplicate MTU options, so don't do anything with this option.

Remove access macros for other unused options while here.
Eventually, union nd_opts should be removed completely.
All under _KERNEL.

tcpdump(8)/rad(8)/slaacd(8) keep showing/sending/receiving this option when
running this diff on both router and client.

OK claudio


# 1.91 02-Dec-2022 kn

Remove constant basereachable and retrans members from struct nd_ifinfo

Both are initalised with compile-time constants and never written to.

They are part of the Neighbour Discovery machinery and only surface
through the single-user SIOCGIFINFO_IN6:
$ ndp -i lo0
basereachable=30s0ms, reachable=39s, retrans=1s0ms

These values are read-only since 2017
sys/netinet6/nd6.c r1.217
usr.sbin/ndp/ndp.c r1.85
Remove knob and always do neighbor unreachable detection

Inline the macros (to keep meaningful names), shrink the per-interface
allocated struct nd_ifinfo to what is actually needed and inline
nd6_dad_starttimer()'s constant `msec' argument.

Nothing else in base, incl. regress, uses SIOCGIFINFO_IN6 or `ndp -i'.

OK bluhm


# 1.90 28-Nov-2022 kn

Document struct nd_ifinfo protection, remove obsolete .initialized member

All access to struct ifnet's member *if_nd is read-only, with the one
write exception being nd6_slowtimo() updating ND information.

IPv6 Neighbour Discovery information is fully protected by the net lock.
---
nd6_ifattach() allocates and unconditionally initialises struct ifnet's
*if_nd member, so early in if_attachsetup() that there is no way to query
unitialised Neighour Unreachable Detection bits.

Only SIOCGIFINFO_IN6 through ndp(8) used the .initialized member:
Added/set since 2002 sys/netinet6/nd6.c r1.42
attach nd_ifinfo structure to if_afdata.
split IPv6 MTU (advertised by RA) from real link MTU.
sync with kame

Read since 2002 usr.sbin/ndp/ndp.c r1.16
use new SIOCGIFINFO_IN6. random other cleanups. sync w/kame.

Obsolete since 2017 sys/netinet6/nd6.c r1.217
usr.sbin/ndp/ndp.c r1.85
Remove knob and always do neighbor unreachable detection.

Feedback OK bluhm


# 1.89 23-Nov-2022 kn

Remove unused NDPRF_* defines; dead since 2017 sys/netinet6/nd6.c r1.210

Remove sending of router solicitations and processing of router
advertisements from the kernel. It's handled by slaacd(8) these days.

Outside of _KERNEL, but nothing in base uses it, either.
codesearch.debian.net seems to agree.

OK mvs claudio bluhm


# 1.88 23-Nov-2022 kn

Remove unused struct in6_ndifreq; dead since 2013 sys/netinet6/in6_var.h r1.37

Remove unused code manipulating a default interface and its index
This is a leftover from the on-link assumption behavior removal,
which has been deprecated by RFC4861 anyway.

Outside of _KERNEL, but nothing in base uses it, either.
codesearch.debian.net seems to agree.

OK mvs claudio bluhm


# 1.87 23-Nov-2022 kn

Remove unused struct prf_ra; dead since 2017 sys/netinet/icmp6.h r1.45

Get rid of ICMPV6CTL_ND6_DRLIST and ICMPV6CTL_ND6_PRLIST sysctls
With this we can also get rid of in6_prefix and in6_defrouter. They
are meaningless, the kernel no longer tracks this information.

Outside of _KERNEL, but nothing in base uses it, either.
codesearch.debian.net seems to agree.

OK mvs claudio bluhm


# 1.86 23-Nov-2022 kn

Inline useless ND_IFINFO() macro

A single cast-free struct pointer dereference needs no indirection.
ND_IFINFO() is under _KERNEL.

OK mvs


# 1.85 23-Nov-2022 kn

Let nd6_if{at,de}tach() be void and take an ifp argument

Do it like the rest of at/detach routines which modify a struct ifnet
pointer without returning anything.

OK mvs


# 1.84 23-Nov-2022 kn

Add *if_nd to struct ifnet, call nd6_if{at,de}tach() directly

*if_afdata[] and struct domain's dom_if{at,de}tach() are only used with
IPv6 Neighbour Discovery in6_dom{at,de}tach(), which allocate/init and
free single struct nd_ifinfo.

Set up a new ND-specific *if_nd member directly to avoid yet another
layer of indirection and thus make the generic domain API obsolete.

The per-interface data is only accessed in nd6.c and nd6_nbr.c through
the ND_IFINFO() macro; it is allocated and freed exactly once during
interface at/detach, so document it as [I]mmutable.

OK bluhm mvs claudio


# 1.83 23-Nov-2022 kn

Recommit previous "Remove useless struct in6_ifextra"

This was the right diff after all, I just confused myself between trees.

OK bluhm
---
Remove useless struct in6_ifextra

in6_var.h r1.75 removed all other struct members.

Now It only contains a single struct nd_ifinfo pointer, so address family
specific data might as well be just that.

ND_IFINFO() is the only way nd6_nbr.c and nd6.c access this data, there is
no other usage of if_afdata[].

One allocation and unhelpful indirection less per interface.

All under _KERNEL.

OK claudio


# 1.82 22-Nov-2022 kn

Backout "Remove useless struct in6_ifextra" commit

I committed the wrong iteration of this diff, sorry for the noise.


# 1.81 22-Nov-2022 kn

Remove useless struct in6_ifextra

in6_var.h r1.75 removed all other struct members.

Now It only contains a single struct nd_ifinfo pointer, so address family
specific data might as well be just that.

ND_IFINFO() is the only way nd6_nbr.c and nd6.c access this data, there is
no other usage of if_afdata[].

One allocation and unhelpful indirection less per interface.

All under _KERNEL.

OK claudio


# 1.80 12-Nov-2022 kn

Remove unused RS_LHCOOKIE macro

Added in 2014 110585f259f4974284e531f0a1e121b001a580dc
Move sending of router solicitations to the kernel; [...]
but never used.


Revision tags: OPENBSD_7_2_BASE
# 1.79 08-Aug-2022 kn

Constify in6_addr pointer arguments in nd6_*() functions

All of them are passed to inspect/copy out fields, none of the functions
writes to the struct.

This makes it easier to argue about code (in MP context).

OK bluhm


# 1.78 28-Jul-2022 kn

Zap prototypes for nonexistent nd6_setmtu() and in6_ifdel()

Removed in 2015 and 2002, respectively.

OK claudio


# 1.77 22-Jul-2022 kn

Leftovers from florian's RS/NA purge from the kernel in 2017.

OK bluhm


Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE
# 1.76 28-Mar-2020 florian

Move ND6_PRIV_* constants from nd6.h to slaacd the only place where
they are used. Nobody in the wider eco system uses these.
While here reduce temporary address valid lifetime to 2 days as per
draft-ietf-6man-rfc4941bis. This should considerably reduce the amount
of addresses configured on an interface - a common complaint.
Original diff from Fernando Gont (fernando AT gont.com.ar), thanks!
Ports tree scanning by sthen@


Revision tags: OPENBSD_6_6_BASE
# 1.75 21-Jun-2019 mpi

Prevent recursions by not deleting entries inside rtable_walk(9).

rtable_walk(9) now passes a routing entry back to the caller when
a non zero value is returned and if it asked for it.
This allows us to call rtdeletemsg()/rtrequest_delete() from the
caller without creating a recursion because of rtflushclone().

Multicast code hasn't been adapted and is still possibly creating
recursions. However multicast route entries aren't cloned so if
a recursion exists it isn't because of rtflushclone().

Fix stack exhaustion triggered by the use of "-msave-args".

Issue reported by D��niel L��vai on bugs@ confirmed by and ok bluhm@.


Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE
# 1.74 27-Nov-2017 mpi

Use a single timer for all ND6 entries.

This prevents a use-after-free reported by Hrvoje Popovski where the
timeout function was already sleeping on the NET_LOCK() when ifconfig(8)
removed the enry from the table.

By iterating on a global list in the timeout routine we ensure that the
items are still valid when we process them. This also reduce differences
with ARP.

ok bluhm@, visa@


# 1.73 03-Nov-2017 florian

We are processing Router Solicitation / Advertisement messages only
for the Source Link-layer Address Options.
Merge nd6_rs_input() and nd6_ra_input() into one generic function that
does just that.

input & OK mpi


Revision tags: OPENBSD_6_2_BASE
# 1.72 09-Aug-2017 florian

Remove knob and always do neighbor unreachable detection.


# 1.71 09-Aug-2017 florian

accept_rtadv doesn't do anything since some time.
OK mpi


# 1.70 09-Aug-2017 florian

We are no longer generating privacy addresses in the
kernel.
OK mpi


# 1.69 08-Aug-2017 florian

Stop running nd6_expire every second.
We know when pltime or vltime decrease to zero. Run nd6_expire then.
Input & OK mpi, bluhm


# 1.68 12-Jul-2017 florian

Get rid of ICMPV6CTL_ND6_DRLIST and ICMPV6CTL_ND6_PRLIST sysctls
With this we can also get rid of in6_prefix and in6_defrouter. They
are meaningless, the kernel no longer tracks this information.

Pointed out by & OK mpi


# 1.67 11-Jul-2017 florian

Purging is at last at hand. Day of Doom is here. All that is evil
shall all be cleansed.

Remove sending of router solicitations and processing of router
advertisements from the kernel. It's handled by slaacd(8) these days.

Input & OK bluhm@, mpi@


Revision tags: OPENBSD_6_1_BASE
# 1.66 27-Dec-2016 bluhm

Move nd6 timer initialisation to nd6_init() and call timeout_set()
only once during init.
OK mpi@


# 1.65 28-Nov-2016 mpi

Remove multiple recursive splsoftnet().

ok bluhm@


# 1.64 21-Nov-2016 mpi

Assert that prelist_update() is always called at IPL_SOFTNET.

While here use __func__ in debug strings to reduce noise when grepping.


Revision tags: OPENBSD_6_0_BASE
# 1.63 13-Jul-2016 dlg

store nd6 expiries in the route, not separately in the llinfo struct.

this makes it more consistent with arp, and makes expiries visible
via route(8) get as well as ndp(8).

ok mpi@ florian@


# 1.62 15-Jun-2016 mpi

Kill nd6_output(), it doesn't do anything since the resolution logic
has been moved to nd6_resolve().

ok visa@, millert@, florian@, sthen@


# 1.61 08-Jun-2016 mpi

Move ND resoluton logic from nd6_output() to nd6_storelladdr() and
rename it to nd6_resolve().

This allows us to get rid of non-Ethernet hacks by moving Ethernet
specific logic in the appropriate layer.

ok sthen@


# 1.60 01-Jun-2016 dlg

make nd6_llinfo_settimer take seconds instead of ticks.

most callers are working in seconds, internally it uses seconds, and
you can call timeout_add_sec as easily as timeout_add.

this also fixes an issue with an nd_defrouter expire which was
incorrectly scaled with ticks in a comparison.

ok mpi@


# 1.59 30-May-2016 dlg

remove code compensating for the "short" range of timeouts.

the nd6 code for managing expiries is never asked to handle intervals
greater than what timeouts can handle, so we dont need to overcompensate.

the code was also incorrect by using a long, which isnt that long
on ILP32 machines.

ok mpi@ millert@ benno@


# 1.58 30-Mar-2016 mpi

Implement proxy ARP for ART based on mpath support.

Since mpath is not enabled in RAMDISK, proxy ARP won't work there either.

ok bluhm@


# 1.57 03-Mar-2016 jca

Kill IPv6 prefix and router renumbering ioctls.

Router renumbering was never supported, prefix ioctls were deprecated
~15 years ago. Move some items in netinet6/nd6.h where they are still
used.

ok mikeb@ mpi@


Revision tags: OPENBSD_5_9_BASE
# 1.56 18-Dec-2015 tb

Convert arc4random() to arc4random_uniorm(). Diff by Matthew Martin.

Ensure that arc4random_uniform() doesn't loop by redefining
ND6_MAX_DESYNC_FACTOR to be 512, the largest power of two smaller
than the RFC-specified 600 seconds. Suggested by florian@ and deraadt@

ok florian@, sthen@ in this form, arc4random change ok djm@, tedu@


# 1.55 06-Nov-2015 mpi

Change nd6_nud_hint() to no longer manipulate rt_ifp directly.

While here remove unused argument and convert the route check to
rtisvalid(9).

ok bluhm@


# 1.54 02-Nov-2015 bluhm

Implement the list of nd6 llinfo entries with a TAILQ.
OK millert@ mpi@


# 1.53 02-Nov-2015 mpi

Prefer an existing refcounted ``ifp'' to rt_ifp when possible or use the
interface index directly.

ok bluhm@


# 1.52 28-Oct-2015 florian

Remove linkmtu and maxmtu from struct nd_ifinfo. IN6_LINKMTU can now
die and ifp->if_mtu is the one true mtu.
Suggested by and OK mpi@


# 1.51 25-Oct-2015 mpi

Introduce if_rtrequest() the successor of ifa_rtrequest().

L2 resolution depends on the protocol (encoded in the route entry) and
an ``ifp''. Not having to care about an ``ifa'' makes our life easier
in our MP effort. Fewer dependencies between data structures implies
fewer headaches.

Discussed with bluhm@, ok claudio@


# 1.50 24-Oct-2015 mpi

Ignore Router Advertisment's current hop limit.

Appart from the usual inet6 axe murdering exercise to keep you fit, this
allows us to get rid of a lot of layer violation due to the use of per-
ifp variables to store the current hop limit.

Imputs from bluhm@, ok phessler@, florian@, bluhm@


# 1.49 31-Aug-2015 mpi

The return value of nd6_cache_lladdr() is never used so make it a void.

Fewer "struct rtentry" left in the wild!


# 1.48 24-Aug-2015 mpi

nd6_prefix_add() is no longer used and die.


# 1.47 24-Aug-2015 mpi

Start moving away from the global prefix list by limiting its usage to
AUTOCONF'd addresses.

This prevent the kernel from removing connected (/64) routes as soon as
it configures an AUTOCONF'd address based on a RA.

Tested by sebastia@, ok sthen@


# 1.46 24-Aug-2015 mpi

Rework the code to decide when to perform DAD to no longer rely on the
IN6_IFF_NODAD pseudo-flag not being set.

This was just a flag for spaghetti code that should not exist in the
first place.

Tested by sebastia@, ok sthen@


# 1.45 18-Aug-2015 mpi

Call rtfree(9) when we no longer need the route entry rather than
decrementing rt_refcnt just after rtrequest1(9).

While here reduce the differences with rt_ifa_add(9). There's still
an ambiguity about rtrequest1(9)'s return value, but bluhm@ will
address that in a different diff.

Discussed with and ok bluhm@


Revision tags: OPENBSD_5_8_BASE
# 1.44 18-Jul-2015 mpi

Merge two identical chunks to add new prefixes to the global data
structures into a function.

ok florian@


# 1.43 16-Jul-2015 mpi

Properly layer Router Solicitation code.

Tweak and ok florian@


# 1.42 09-Jul-2015 mpi

Remove unused arguments and the associated code from nd6_nud_hint().

ok claudio@


Revision tags: OPENBSD_5_7_BASE
# 1.41 20-Nov-2014 mpi

Rework the handling of interfaces and IPv6 addresses for local delivery.

- Unicast packets sent to any local address will have their interface
set to loobpack.

- In order to differentiate traffic from interfaces having identical
link-local addresses, provide the scoped addresses to pf(4).

- Update the icmp6 state lookup logic to match scoped MLL addresses.

- Remove a shortcut in ip6_input() that bypasses pf and always look
for an RTF_LOCAL route.

Packets sent to multicast addresses still retain their original
interface due to the fact that local multicast packet delivering
does not use if_output.

This makes ping6 to link-local addresses work even with pf enabled
and "set skip" on loopbacks, reported by Pieter Verberne.

Debugged, analysed and tested with mikeb@.

ok mikeb@, henning@, sthen@


# 1.40 10-Nov-2014 mpi

Do not pass an ifa pointer when we already have a DAD descriptor.

Tweaks and ok florian@


# 1.39 25-Aug-2014 florian

Move sending of router solicitations to the kernel; receiving and
processing of router advertisements was already in the kernel.
With this rtsol{,d}(8) is no longer necessary.

The kernel starts sending solicitations with
# ifconfig $IF inet6 autoconf
or
inet6 autoconf
in /etc/hostname.$IF.

input stsp@
much help & OK mpi@
tweaks & OK bluhm@


Revision tags: OPENBSD_5_6_BASE
# 1.38 11-Jul-2014 blambert

move IPv6 prefix adding from workq to taskq; as a happy benefit, we
can delete 2 dozen or so lines that check to see if we've queued
up a prefix addition multiple times.

ok stsp@


# 1.37 07-May-2014 mpi

Kill the {nd6_,}useloopback buttons, using the loopback interface for
local traffic is not optional.

ok mikeb@, stsp@, jca@


Revision tags: OPENBSD_5_5_BASE
# 1.36 07-Jan-2014 mikeb

Propagate an rdomain number to the nd6_lookup independently from
the ifp pointer which can be NULL. This prevents a crash reported
by David Hill <dhill at mindcry ! org>. OK bluhm


# 1.35 25-Oct-2013 deraadt

More _KERNEL namespace cleanup, just in case something out there
includes this.


# 1.34 28-Aug-2013 mpi

Remove unused argument from *rtrequest()

ok krw@, mikeb@


# 1.33 26-Aug-2013 bluhm

No one uses the obsolete IPv6 ioctls SIOCGDRLST_IN6, SIOCGPRLST_IN6,
OSIOCGIFINFO_IN6 anymore. Remove them together with the structs
in6_drlist, in6_oprlist, in6_prlist, in6_ondireq and the kernel
implementation.
OK mikeb@ henning@


# 1.32 11-Aug-2013 bluhm

To control the lifetime of IPv6 addresses, prefixes and default
routers, the kernel and ndp use a bunch of expire fields. Before
they were int or u_long, convert expire to time_t in all structs.
Move vltime and pltime to u_int32_t everywhere. Sort struct fields
by size. Struct inet6_ndpr_msghdr is not used at all, so remove
it.

Binary compatibility of rtsold and ndp break with this change as
rtsold uses in6_drlist and ndp uses in6_defrouter and in6_prefix
to interact with the kernel.

OK mpi@


Revision tags: OPENBSD_5_4_BASE
# 1.31 01-Jul-2013 bluhm

Do not access queue fields directly, use FOREACH() macro instead.
No binary change.
OK mikeb@ mpi@


# 1.30 11-Mar-2013 mpi

Remove unused code manipulating a default interface and its index,
This is a leftover from the on-link assumption behavior removal,
which has been deprecated by RFC4861 anyway.

ok mikeb@, bluhm@, florian@


Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
# 1.29 14-Feb-2012 sthen

typo in comment.


Revision tags: OPENBSD_5_0_BASE OPENBSD_5_1_BASE
# 1.28 03-Apr-2011 stsp

fix typos in comments
ok deraadt henning sthen thib (though thib says he can't spell)


Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
# 1.27 06-Apr-2010 stsp

Simple implementation of RFC4941, "Privacy Extensions for Stateless
Address Autoconfiguration in IPv6". For those among us who are paranoid
about broadcasting their MAC address to the IPv6 internet.

Man page help from jmc, testing by weerd, arc4random API hints from djm.

ok deraadt, claudio


Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE
# 1.26 11-Jun-2008 mcbride

From KAME, allow adjustable limits on NDP entries and discovered routes.

ok mpf naddy


Revision tags: OPENBSD_3_4_BASE OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE SMP_SYNC_A SMP_SYNC_B
# 1.25 08-Jul-2003 itojun

unifdef -U__otherBSD__


# 1.24 27-Jun-2003 itojun

split ND6 cache timer management to per-entry. increased accuracy,
no O(N) loop. sync w/ kame. marc tested, daniel ok


Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE UBC_SYNC_A UBC_SYNC_B
# 1.23 08-Jun-2002 itojun

gc


# 1.22 08-Jun-2002 itojun

sync with latest KAME in6_ifaddr/prefix/default router manipulation.
behavior changes:
- two iocts used by ndp(8) are now obsolete (backward compat provided).
use sysctl path instead.
- lo0 does not get ::1 automatically. it will get ::1 when lo0 comes up.


# 1.21 07-Jun-2002 itojun

cope with cases where maxmtu == 0 (shouldn't happen)


# 1.20 05-Jun-2002 itojun

be sure to use L3 MTU, not L2 MTU, when specified in spec (affects FDDI/ARCnet)


# 1.19 30-May-2002 itojun

improve nd6_setmtu(), to warn too-small MTU on SIOCSIFMTU. sync w/kame


# 1.18 29-May-2002 itojun

no need to supply obsolete field name "receivedra"


# 1.17 29-May-2002 itojun

attach nd_ifinfo structure to if_afdata.
split IPv6 MTU (advertised by RA) from real link MTU.
sync with kame


Revision tags: OPENBSD_3_1_BASE
# 1.16 14-Mar-2002 millert

First round of __P removal in sys


# 1.15 23-Jan-2002 fgsch

compatability -> compatibility.


Revision tags: OPENBSD_2_9_BASE OPENBSD_3_0_BASE UBC_BASE
# 1.14 23-Feb-2001 itojun

branches: 1.14.6;
garbage-collect stale ND entries (default: 1 day).
RFC 2461 5.3. sync with kame.


# 1.13 23-Feb-2001 itojun

remove unnecessary state, ND6_LLINFO_WAITDELETE, from neighbor cache
state machine.
no need for RTF_REJECT on neighbor cache entires, they are leftover from
ARP code.
sync with kame.


# 1.12 08-Feb-2001 itojun

when chasing nd6_llinfo chain, make sure we do not touch dangling
pointer (due to RTM_DELETE during default router list management).
from kame


# 1.11 08-Feb-2001 itojun

use timeout_xx() throughout sys/netinet6. sync with kame.


# 1.10 07-Feb-2001 itojun

by default, don't bark on inbound ND messages, as outsider may be able to
fill up /var with bogus packets.
setting net.inet6.icmp6.nd6_debug will re-enable kernel messages on invalid
ND packet and other occasions.

improve icmp6 stats.


# 1.9 19-Jan-2001 itojun

pull post-4.4BSD change to sys/net/route.c from BSD/OS 4.2 (UCB copyrighted).

have sys/net/route.c:rtrequest1(), which takes rt_addrinfo * as the argument.
pass rt_addrinfo all the way down to rtrequest, and ifa->ifa_rtrequest.
3rd arg of ifa->ifa_rtrequest is now rt_addrinfo * instead of sockaddr *
(almost noone is using it anyways).

benefit: the follwoing command now works. previously we need two route(8)
invocations, "add" then "change".
# route add -inet6 default ::1 -ifp gif0

remove unsafe typecast in rtrequest(), from rtentry * to sockaddr *. it was
introduced by 4.3BSD-reno and never corrected.

XXX is eon_rtrequest() change correct regarding to 3rd arg?
eon_rtrequest() and rtrequest() were incorrect since 4.3BSD-reno,
so i do not have correct answer in the source code.
someone with more clue about netiso-over-ip, please help.


Revision tags: OPENBSD_2_8_BASE
# 1.8 06-Jul-2000 itojun

- more icmp6/ip6 stats.
- protect IPv6 ND from being hosed (due to neighbor unreachability detection
hint) by wrong tcp traffic. still not sure if there's real attack, but
it is good to be cautious.
- avoid bitfield for router renumbering header decl.
- implement packet-per-sec limitation for icmp6 errors, turn interval
limit off (it is not very useful due to unix timer resolution).


# 1.7 19-May-2000 itojun

never forward packet with link-local address.
experimental support for new loopback packet handling (with FAKE_LOOPBACK_IF,
rcvif will be set to real outgoing interface, not the loopback, to honor scope)
sync with kame.


# 1.6 15-May-2000 itojun

perform NUD on p2p link, only if the destination/gateway is real neighbor.
this removes temporary workaround (no NUD on p2p link). KAME PR 245.


Revision tags: OPENBSD_2_7_BASE
# 1.5 17-Apr-2000 itojun

revisit in6_ifattach(). (1) make it more persistent about initializaing an
interface (2) cleanup interface id selection.
run NUD on p2p interface (required by spec for bidir p2p interface).
add "ndp -i interface" (can tweak per-interface ND flag).
(sync with more recent kame)


# 1.4 28-Feb-2000 itojun

bring in recent KAME changes (only important and stable ones, as usual).
- remove net.inet6.ip6.nd6_proxyall. introduce proxy NDP code works
just like "arp -s".
- revise source address selection.
be more careful about use of yet-to-be-valid addresses as source.
- as router, transmit ICMP6_DST_UNREACH_BEYONDSCOPE against out-of-scope
packet forwarding attempt.
- path MTU discovery takes care of routing header properly.
- be more strict about mbuf chain parsing.
- nuke xxCTL_VARS #define, they are for BSDI.
- disable SIOCSIFDSTADDR_IN6/SIOCSIFNETMASK_IN6 ioctl, they do not fit
IPv6 model where multiple address on interface is normal.
(kernel side supports them for a while for backward compat,
the support will be nuked shortly)
- introduce "default outgoing interface" (for spec conformance in very
rare case)


Revision tags: SMP_BASE
# 1.3 04-Feb-2000 itojun

branches: 1.3.2;
more coverage of in6_ifdetach()'s cleanup process.
bug fix in SIOCGIFADDR_IN6 (point to point case).


# 1.2 08-Jan-2000 deraadt

use arc4random() instead of random for two reasons.
1) on some architectures, random() should only be used by the scheduler
(ie. statintr() because it is uniformly distributed
2) arc4random() is actually strong, random() is not at all


Revision tags: kame_19991208
# 1.1 08-Dec-1999 itojun

bring in KAME IPv6 code, dated 19991208.
replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support.
see sys/netinet6/{TODO,IMPLEMENTATION} for more details.

GENERIC configuration should work fine as before. GENERIC.v6 works fine
as well, but you'll need KAME userland tools to play with IPv6 (will be
bringed into soon).


# 1.94 10-Dec-2022 kn

Merge nd6_option_init() into nd6_options()

All call-sites call nd6_options() directly after nd6_option_init().
Fold them to simplify the logic and do less pointing around.

Feedback OK bluhm florian


# 1.93 09-Dec-2022 claudio

Switch nd_opts from a union to just a struct.
The ND6 option handling in the kernel got a lot simpler since only
the tgt and src lladdr option are inspected by the kernel. The magic
of assigning options via one side of the union and accessing them
via the other is total overkill and actually quite error prone.
OK florian@


# 1.92 07-Dec-2022 kn

Do not store unused ICMPv6 Option PREFIX_INFORMATION

Dead since 2017 sys/netinet6/nd6_rtr.c r1.163
Remove sending of router solicitations and processing of router
advertisements from the kernel. It's handled by slaacd(8) these days.

sysctl(2) net.inet6.icmp6.nd6_debug does not warn about it like it does
for, e.g., duplicate MTU options, so don't do anything with this option.

Remove access macros for other unused options while here.
Eventually, union nd_opts should be removed completely.
All under _KERNEL.

tcpdump(8)/rad(8)/slaacd(8) keep showing/sending/receiving this option when
running this diff on both router and client.

OK claudio


# 1.91 02-Dec-2022 kn

Remove constant basereachable and retrans members from struct nd_ifinfo

Both are initalised with compile-time constants and never written to.

They are part of the Neighbour Discovery machinery and only surface
through the single-user SIOCGIFINFO_IN6:
$ ndp -i lo0
basereachable=30s0ms, reachable=39s, retrans=1s0ms

These values are read-only since 2017
sys/netinet6/nd6.c r1.217
usr.sbin/ndp/ndp.c r1.85
Remove knob and always do neighbor unreachable detection

Inline the macros (to keep meaningful names), shrink the per-interface
allocated struct nd_ifinfo to what is actually needed and inline
nd6_dad_starttimer()'s constant `msec' argument.

Nothing else in base, incl. regress, uses SIOCGIFINFO_IN6 or `ndp -i'.

OK bluhm


# 1.90 28-Nov-2022 kn

Document struct nd_ifinfo protection, remove obsolete .initialized member

All access to struct ifnet's member *if_nd is read-only, with the one
write exception being nd6_slowtimo() updating ND information.

IPv6 Neighbour Discovery information is fully protected by the net lock.
---
nd6_ifattach() allocates and unconditionally initialises struct ifnet's
*if_nd member, so early in if_attachsetup() that there is no way to query
unitialised Neighour Unreachable Detection bits.

Only SIOCGIFINFO_IN6 through ndp(8) used the .initialized member:
Added/set since 2002 sys/netinet6/nd6.c r1.42
attach nd_ifinfo structure to if_afdata.
split IPv6 MTU (advertised by RA) from real link MTU.
sync with kame

Read since 2002 usr.sbin/ndp/ndp.c r1.16
use new SIOCGIFINFO_IN6. random other cleanups. sync w/kame.

Obsolete since 2017 sys/netinet6/nd6.c r1.217
usr.sbin/ndp/ndp.c r1.85
Remove knob and always do neighbor unreachable detection.

Feedback OK bluhm


# 1.89 23-Nov-2022 kn

Remove unused NDPRF_* defines; dead since 2017 sys/netinet6/nd6.c r1.210

Remove sending of router solicitations and processing of router
advertisements from the kernel. It's handled by slaacd(8) these days.

Outside of _KERNEL, but nothing in base uses it, either.
codesearch.debian.net seems to agree.

OK mvs claudio bluhm


# 1.88 23-Nov-2022 kn

Remove unused struct in6_ndifreq; dead since 2013 sys/netinet6/in6_var.h r1.37

Remove unused code manipulating a default interface and its index
This is a leftover from the on-link assumption behavior removal,
which has been deprecated by RFC4861 anyway.

Outside of _KERNEL, but nothing in base uses it, either.
codesearch.debian.net seems to agree.

OK mvs claudio bluhm


# 1.87 23-Nov-2022 kn

Remove unused struct prf_ra; dead since 2017 sys/netinet/icmp6.h r1.45

Get rid of ICMPV6CTL_ND6_DRLIST and ICMPV6CTL_ND6_PRLIST sysctls
With this we can also get rid of in6_prefix and in6_defrouter. They
are meaningless, the kernel no longer tracks this information.

Outside of _KERNEL, but nothing in base uses it, either.
codesearch.debian.net seems to agree.

OK mvs claudio bluhm


# 1.86 23-Nov-2022 kn

Inline useless ND_IFINFO() macro

A single cast-free struct pointer dereference needs no indirection.
ND_IFINFO() is under _KERNEL.

OK mvs


# 1.85 23-Nov-2022 kn

Let nd6_if{at,de}tach() be void and take an ifp argument

Do it like the rest of at/detach routines which modify a struct ifnet
pointer without returning anything.

OK mvs


# 1.84 23-Nov-2022 kn

Add *if_nd to struct ifnet, call nd6_if{at,de}tach() directly

*if_afdata[] and struct domain's dom_if{at,de}tach() are only used with
IPv6 Neighbour Discovery in6_dom{at,de}tach(), which allocate/init and
free single struct nd_ifinfo.

Set up a new ND-specific *if_nd member directly to avoid yet another
layer of indirection and thus make the generic domain API obsolete.

The per-interface data is only accessed in nd6.c and nd6_nbr.c through
the ND_IFINFO() macro; it is allocated and freed exactly once during
interface at/detach, so document it as [I]mmutable.

OK bluhm mvs claudio


# 1.83 23-Nov-2022 kn

Recommit previous "Remove useless struct in6_ifextra"

This was the right diff after all, I just confused myself between trees.

OK bluhm
---
Remove useless struct in6_ifextra

in6_var.h r1.75 removed all other struct members.

Now It only contains a single struct nd_ifinfo pointer, so address family
specific data might as well be just that.

ND_IFINFO() is the only way nd6_nbr.c and nd6.c access this data, there is
no other usage of if_afdata[].

One allocation and unhelpful indirection less per interface.

All under _KERNEL.

OK claudio


# 1.82 22-Nov-2022 kn

Backout "Remove useless struct in6_ifextra" commit

I committed the wrong iteration of this diff, sorry for the noise.


# 1.81 22-Nov-2022 kn

Remove useless struct in6_ifextra

in6_var.h r1.75 removed all other struct members.

Now It only contains a single struct nd_ifinfo pointer, so address family
specific data might as well be just that.

ND_IFINFO() is the only way nd6_nbr.c and nd6.c access this data, there is
no other usage of if_afdata[].

One allocation and unhelpful indirection less per interface.

All under _KERNEL.

OK claudio


# 1.80 12-Nov-2022 kn

Remove unused RS_LHCOOKIE macro

Added in 2014 110585f259f4974284e531f0a1e121b001a580dc
Move sending of router solicitations to the kernel; [...]
but never used.


Revision tags: OPENBSD_7_2_BASE
# 1.79 08-Aug-2022 kn

Constify in6_addr pointer arguments in nd6_*() functions

All of them are passed to inspect/copy out fields, none of the functions
writes to the struct.

This makes it easier to argue about code (in MP context).

OK bluhm


# 1.78 28-Jul-2022 kn

Zap prototypes for nonexistent nd6_setmtu() and in6_ifdel()

Removed in 2015 and 2002, respectively.

OK claudio


# 1.77 22-Jul-2022 kn

Leftovers from florian's RS/NA purge from the kernel in 2017.

OK bluhm


Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE
# 1.76 28-Mar-2020 florian

Move ND6_PRIV_* constants from nd6.h to slaacd the only place where
they are used. Nobody in the wider eco system uses these.
While here reduce temporary address valid lifetime to 2 days as per
draft-ietf-6man-rfc4941bis. This should considerably reduce the amount
of addresses configured on an interface - a common complaint.
Original diff from Fernando Gont (fernando AT gont.com.ar), thanks!
Ports tree scanning by sthen@


Revision tags: OPENBSD_6_6_BASE
# 1.75 21-Jun-2019 mpi

Prevent recursions by not deleting entries inside rtable_walk(9).

rtable_walk(9) now passes a routing entry back to the caller when
a non zero value is returned and if it asked for it.
This allows us to call rtdeletemsg()/rtrequest_delete() from the
caller without creating a recursion because of rtflushclone().

Multicast code hasn't been adapted and is still possibly creating
recursions. However multicast route entries aren't cloned so if
a recursion exists it isn't because of rtflushclone().

Fix stack exhaustion triggered by the use of "-msave-args".

Issue reported by D��niel L��vai on bugs@ confirmed by and ok bluhm@.


Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE
# 1.74 27-Nov-2017 mpi

Use a single timer for all ND6 entries.

This prevents a use-after-free reported by Hrvoje Popovski where the
timeout function was already sleeping on the NET_LOCK() when ifconfig(8)
removed the enry from the table.

By iterating on a global list in the timeout routine we ensure that the
items are still valid when we process them. This also reduce differences
with ARP.

ok bluhm@, visa@


# 1.73 03-Nov-2017 florian

We are processing Router Solicitation / Advertisement messages only
for the Source Link-layer Address Options.
Merge nd6_rs_input() and nd6_ra_input() into one generic function that
does just that.

input & OK mpi


Revision tags: OPENBSD_6_2_BASE
# 1.72 09-Aug-2017 florian

Remove knob and always do neighbor unreachable detection.


# 1.71 09-Aug-2017 florian

accept_rtadv doesn't do anything since some time.
OK mpi


# 1.70 09-Aug-2017 florian

We are no longer generating privacy addresses in the
kernel.
OK mpi


# 1.69 08-Aug-2017 florian

Stop running nd6_expire every second.
We know when pltime or vltime decrease to zero. Run nd6_expire then.
Input & OK mpi, bluhm


# 1.68 12-Jul-2017 florian

Get rid of ICMPV6CTL_ND6_DRLIST and ICMPV6CTL_ND6_PRLIST sysctls
With this we can also get rid of in6_prefix and in6_defrouter. They
are meaningless, the kernel no longer tracks this information.

Pointed out by & OK mpi


# 1.67 11-Jul-2017 florian

Purging is at last at hand. Day of Doom is here. All that is evil
shall all be cleansed.

Remove sending of router solicitations and processing of router
advertisements from the kernel. It's handled by slaacd(8) these days.

Input & OK bluhm@, mpi@


Revision tags: OPENBSD_6_1_BASE
# 1.66 27-Dec-2016 bluhm

Move nd6 timer initialisation to nd6_init() and call timeout_set()
only once during init.
OK mpi@


# 1.65 28-Nov-2016 mpi

Remove multiple recursive splsoftnet().

ok bluhm@


# 1.64 21-Nov-2016 mpi

Assert that prelist_update() is always called at IPL_SOFTNET.

While here use __func__ in debug strings to reduce noise when grepping.


Revision tags: OPENBSD_6_0_BASE
# 1.63 13-Jul-2016 dlg

store nd6 expiries in the route, not separately in the llinfo struct.

this makes it more consistent with arp, and makes expiries visible
via route(8) get as well as ndp(8).

ok mpi@ florian@


# 1.62 15-Jun-2016 mpi

Kill nd6_output(), it doesn't do anything since the resolution logic
has been moved to nd6_resolve().

ok visa@, millert@, florian@, sthen@


# 1.61 08-Jun-2016 mpi

Move ND resoluton logic from nd6_output() to nd6_storelladdr() and
rename it to nd6_resolve().

This allows us to get rid of non-Ethernet hacks by moving Ethernet
specific logic in the appropriate layer.

ok sthen@


# 1.60 01-Jun-2016 dlg

make nd6_llinfo_settimer take seconds instead of ticks.

most callers are working in seconds, internally it uses seconds, and
you can call timeout_add_sec as easily as timeout_add.

this also fixes an issue with an nd_defrouter expire which was
incorrectly scaled with ticks in a comparison.

ok mpi@


# 1.59 30-May-2016 dlg

remove code compensating for the "short" range of timeouts.

the nd6 code for managing expiries is never asked to handle intervals
greater than what timeouts can handle, so we dont need to overcompensate.

the code was also incorrect by using a long, which isnt that long
on ILP32 machines.

ok mpi@ millert@ benno@


# 1.58 30-Mar-2016 mpi

Implement proxy ARP for ART based on mpath support.

Since mpath is not enabled in RAMDISK, proxy ARP won't work there either.

ok bluhm@


# 1.57 03-Mar-2016 jca

Kill IPv6 prefix and router renumbering ioctls.

Router renumbering was never supported, prefix ioctls were deprecated
~15 years ago. Move some items in netinet6/nd6.h where they are still
used.

ok mikeb@ mpi@


Revision tags: OPENBSD_5_9_BASE
# 1.56 18-Dec-2015 tb

Convert arc4random() to arc4random_uniorm(). Diff by Matthew Martin.

Ensure that arc4random_uniform() doesn't loop by redefining
ND6_MAX_DESYNC_FACTOR to be 512, the largest power of two smaller
than the RFC-specified 600 seconds. Suggested by florian@ and deraadt@

ok florian@, sthen@ in this form, arc4random change ok djm@, tedu@


# 1.55 06-Nov-2015 mpi

Change nd6_nud_hint() to no longer manipulate rt_ifp directly.

While here remove unused argument and convert the route check to
rtisvalid(9).

ok bluhm@


# 1.54 02-Nov-2015 bluhm

Implement the list of nd6 llinfo entries with a TAILQ.
OK millert@ mpi@


# 1.53 02-Nov-2015 mpi

Prefer an existing refcounted ``ifp'' to rt_ifp when possible or use the
interface index directly.

ok bluhm@


# 1.52 28-Oct-2015 florian

Remove linkmtu and maxmtu from struct nd_ifinfo. IN6_LINKMTU can now
die and ifp->if_mtu is the one true mtu.
Suggested by and OK mpi@


# 1.51 25-Oct-2015 mpi

Introduce if_rtrequest() the successor of ifa_rtrequest().

L2 resolution depends on the protocol (encoded in the route entry) and
an ``ifp''. Not having to care about an ``ifa'' makes our life easier
in our MP effort. Fewer dependencies between data structures implies
fewer headaches.

Discussed with bluhm@, ok claudio@


# 1.50 24-Oct-2015 mpi

Ignore Router Advertisment's current hop limit.

Appart from the usual inet6 axe murdering exercise to keep you fit, this
allows us to get rid of a lot of layer violation due to the use of per-
ifp variables to store the current hop limit.

Imputs from bluhm@, ok phessler@, florian@, bluhm@


# 1.49 31-Aug-2015 mpi

The return value of nd6_cache_lladdr() is never used so make it a void.

Fewer "struct rtentry" left in the wild!


# 1.48 24-Aug-2015 mpi

nd6_prefix_add() is no longer used and die.


# 1.47 24-Aug-2015 mpi

Start moving away from the global prefix list by limiting its usage to
AUTOCONF'd addresses.

This prevent the kernel from removing connected (/64) routes as soon as
it configures an AUTOCONF'd address based on a RA.

Tested by sebastia@, ok sthen@


# 1.46 24-Aug-2015 mpi

Rework the code to decide when to perform DAD to no longer rely on the
IN6_IFF_NODAD pseudo-flag not being set.

This was just a flag for spaghetti code that should not exist in the
first place.

Tested by sebastia@, ok sthen@


# 1.45 18-Aug-2015 mpi

Call rtfree(9) when we no longer need the route entry rather than
decrementing rt_refcnt just after rtrequest1(9).

While here reduce the differences with rt_ifa_add(9). There's still
an ambiguity about rtrequest1(9)'s return value, but bluhm@ will
address that in a different diff.

Discussed with and ok bluhm@


Revision tags: OPENBSD_5_8_BASE
# 1.44 18-Jul-2015 mpi

Merge two identical chunks to add new prefixes to the global data
structures into a function.

ok florian@


# 1.43 16-Jul-2015 mpi

Properly layer Router Solicitation code.

Tweak and ok florian@


# 1.42 09-Jul-2015 mpi

Remove unused arguments and the associated code from nd6_nud_hint().

ok claudio@


Revision tags: OPENBSD_5_7_BASE
# 1.41 20-Nov-2014 mpi

Rework the handling of interfaces and IPv6 addresses for local delivery.

- Unicast packets sent to any local address will have their interface
set to loobpack.

- In order to differentiate traffic from interfaces having identical
link-local addresses, provide the scoped addresses to pf(4).

- Update the icmp6 state lookup logic to match scoped MLL addresses.

- Remove a shortcut in ip6_input() that bypasses pf and always look
for an RTF_LOCAL route.

Packets sent to multicast addresses still retain their original
interface due to the fact that local multicast packet delivering
does not use if_output.

This makes ping6 to link-local addresses work even with pf enabled
and "set skip" on loopbacks, reported by Pieter Verberne.

Debugged, analysed and tested with mikeb@.

ok mikeb@, henning@, sthen@


# 1.40 10-Nov-2014 mpi

Do not pass an ifa pointer when we already have a DAD descriptor.

Tweaks and ok florian@


# 1.39 25-Aug-2014 florian

Move sending of router solicitations to the kernel; receiving and
processing of router advertisements was already in the kernel.
With this rtsol{,d}(8) is no longer necessary.

The kernel starts sending solicitations with
# ifconfig $IF inet6 autoconf
or
inet6 autoconf
in /etc/hostname.$IF.

input stsp@
much help & OK mpi@
tweaks & OK bluhm@


Revision tags: OPENBSD_5_6_BASE
# 1.38 11-Jul-2014 blambert

move IPv6 prefix adding from workq to taskq; as a happy benefit, we
can delete 2 dozen or so lines that check to see if we've queued
up a prefix addition multiple times.

ok stsp@


# 1.37 07-May-2014 mpi

Kill the {nd6_,}useloopback buttons, using the loopback interface for
local traffic is not optional.

ok mikeb@, stsp@, jca@


Revision tags: OPENBSD_5_5_BASE
# 1.36 07-Jan-2014 mikeb

Propagate an rdomain number to the nd6_lookup independently from
the ifp pointer which can be NULL. This prevents a crash reported
by David Hill <dhill at mindcry ! org>. OK bluhm


# 1.35 25-Oct-2013 deraadt

More _KERNEL namespace cleanup, just in case something out there
includes this.


# 1.34 28-Aug-2013 mpi

Remove unused argument from *rtrequest()

ok krw@, mikeb@


# 1.33 26-Aug-2013 bluhm

No one uses the obsolete IPv6 ioctls SIOCGDRLST_IN6, SIOCGPRLST_IN6,
OSIOCGIFINFO_IN6 anymore. Remove them together with the structs
in6_drlist, in6_oprlist, in6_prlist, in6_ondireq and the kernel
implementation.
OK mikeb@ henning@


# 1.32 11-Aug-2013 bluhm

To control the lifetime of IPv6 addresses, prefixes and default
routers, the kernel and ndp use a bunch of expire fields. Before
they were int or u_long, convert expire to time_t in all structs.
Move vltime and pltime to u_int32_t everywhere. Sort struct fields
by size. Struct inet6_ndpr_msghdr is not used at all, so remove
it.

Binary compatibility of rtsold and ndp break with this change as
rtsold uses in6_drlist and ndp uses in6_defrouter and in6_prefix
to interact with the kernel.

OK mpi@


Revision tags: OPENBSD_5_4_BASE
# 1.31 01-Jul-2013 bluhm

Do not access queue fields directly, use FOREACH() macro instead.
No binary change.
OK mikeb@ mpi@


# 1.30 11-Mar-2013 mpi

Remove unused code manipulating a default interface and its index,
This is a leftover from the on-link assumption behavior removal,
which has been deprecated by RFC4861 anyway.

ok mikeb@, bluhm@, florian@


Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
# 1.29 14-Feb-2012 sthen

typo in comment.


Revision tags: OPENBSD_5_0_BASE OPENBSD_5_1_BASE
# 1.28 03-Apr-2011 stsp

fix typos in comments
ok deraadt henning sthen thib (though thib says he can't spell)


Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
# 1.27 06-Apr-2010 stsp

Simple implementation of RFC4941, "Privacy Extensions for Stateless
Address Autoconfiguration in IPv6". For those among us who are paranoid
about broadcasting their MAC address to the IPv6 internet.

Man page help from jmc, testing by weerd, arc4random API hints from djm.

ok deraadt, claudio


Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE
# 1.26 11-Jun-2008 mcbride

From KAME, allow adjustable limits on NDP entries and discovered routes.

ok mpf naddy


Revision tags: OPENBSD_3_4_BASE OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE SMP_SYNC_A SMP_SYNC_B
# 1.25 08-Jul-2003 itojun

unifdef -U__otherBSD__


# 1.24 27-Jun-2003 itojun

split ND6 cache timer management to per-entry. increased accuracy,
no O(N) loop. sync w/ kame. marc tested, daniel ok


Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE UBC_SYNC_A UBC_SYNC_B
# 1.23 08-Jun-2002 itojun

gc


# 1.22 08-Jun-2002 itojun

sync with latest KAME in6_ifaddr/prefix/default router manipulation.
behavior changes:
- two iocts used by ndp(8) are now obsolete (backward compat provided).
use sysctl path instead.
- lo0 does not get ::1 automatically. it will get ::1 when lo0 comes up.


# 1.21 07-Jun-2002 itojun

cope with cases where maxmtu == 0 (shouldn't happen)


# 1.20 05-Jun-2002 itojun

be sure to use L3 MTU, not L2 MTU, when specified in spec (affects FDDI/ARCnet)


# 1.19 30-May-2002 itojun

improve nd6_setmtu(), to warn too-small MTU on SIOCSIFMTU. sync w/kame


# 1.18 29-May-2002 itojun

no need to supply obsolete field name "receivedra"


# 1.17 29-May-2002 itojun

attach nd_ifinfo structure to if_afdata.
split IPv6 MTU (advertised by RA) from real link MTU.
sync with kame


Revision tags: OPENBSD_3_1_BASE
# 1.16 14-Mar-2002 millert

First round of __P removal in sys


# 1.15 23-Jan-2002 fgsch

compatability -> compatibility.


Revision tags: OPENBSD_2_9_BASE OPENBSD_3_0_BASE UBC_BASE
# 1.14 23-Feb-2001 itojun

branches: 1.14.6;
garbage-collect stale ND entries (default: 1 day).
RFC 2461 5.3. sync with kame.


# 1.13 23-Feb-2001 itojun

remove unnecessary state, ND6_LLINFO_WAITDELETE, from neighbor cache
state machine.
no need for RTF_REJECT on neighbor cache entires, they are leftover from
ARP code.
sync with kame.


# 1.12 08-Feb-2001 itojun

when chasing nd6_llinfo chain, make sure we do not touch dangling
pointer (due to RTM_DELETE during default router list management).
from kame


# 1.11 08-Feb-2001 itojun

use timeout_xx() throughout sys/netinet6. sync with kame.


# 1.10 07-Feb-2001 itojun

by default, don't bark on inbound ND messages, as outsider may be able to
fill up /var with bogus packets.
setting net.inet6.icmp6.nd6_debug will re-enable kernel messages on invalid
ND packet and other occasions.

improve icmp6 stats.


# 1.9 19-Jan-2001 itojun

pull post-4.4BSD change to sys/net/route.c from BSD/OS 4.2 (UCB copyrighted).

have sys/net/route.c:rtrequest1(), which takes rt_addrinfo * as the argument.
pass rt_addrinfo all the way down to rtrequest, and ifa->ifa_rtrequest.
3rd arg of ifa->ifa_rtrequest is now rt_addrinfo * instead of sockaddr *
(almost noone is using it anyways).

benefit: the follwoing command now works. previously we need two route(8)
invocations, "add" then "change".
# route add -inet6 default ::1 -ifp gif0

remove unsafe typecast in rtrequest(), from rtentry * to sockaddr *. it was
introduced by 4.3BSD-reno and never corrected.

XXX is eon_rtrequest() change correct regarding to 3rd arg?
eon_rtrequest() and rtrequest() were incorrect since 4.3BSD-reno,
so i do not have correct answer in the source code.
someone with more clue about netiso-over-ip, please help.


Revision tags: OPENBSD_2_8_BASE
# 1.8 06-Jul-2000 itojun

- more icmp6/ip6 stats.
- protect IPv6 ND from being hosed (due to neighbor unreachability detection
hint) by wrong tcp traffic. still not sure if there's real attack, but
it is good to be cautious.
- avoid bitfield for router renumbering header decl.
- implement packet-per-sec limitation for icmp6 errors, turn interval
limit off (it is not very useful due to unix timer resolution).


# 1.7 19-May-2000 itojun

never forward packet with link-local address.
experimental support for new loopback packet handling (with FAKE_LOOPBACK_IF,
rcvif will be set to real outgoing interface, not the loopback, to honor scope)
sync with kame.


# 1.6 15-May-2000 itojun

perform NUD on p2p link, only if the destination/gateway is real neighbor.
this removes temporary workaround (no NUD on p2p link). KAME PR 245.


Revision tags: OPENBSD_2_7_BASE
# 1.5 17-Apr-2000 itojun

revisit in6_ifattach(). (1) make it more persistent about initializaing an
interface (2) cleanup interface id selection.
run NUD on p2p interface (required by spec for bidir p2p interface).
add "ndp -i interface" (can tweak per-interface ND flag).
(sync with more recent kame)


# 1.4 28-Feb-2000 itojun

bring in recent KAME changes (only important and stable ones, as usual).
- remove net.inet6.ip6.nd6_proxyall. introduce proxy NDP code works
just like "arp -s".
- revise source address selection.
be more careful about use of yet-to-be-valid addresses as source.
- as router, transmit ICMP6_DST_UNREACH_BEYONDSCOPE against out-of-scope
packet forwarding attempt.
- path MTU discovery takes care of routing header properly.
- be more strict about mbuf chain parsing.
- nuke xxCTL_VARS #define, they are for BSDI.
- disable SIOCSIFDSTADDR_IN6/SIOCSIFNETMASK_IN6 ioctl, they do not fit
IPv6 model where multiple address on interface is normal.
(kernel side supports them for a while for backward compat,
the support will be nuked shortly)
- introduce "default outgoing interface" (for spec conformance in very
rare case)


Revision tags: SMP_BASE
# 1.3 04-Feb-2000 itojun

branches: 1.3.2;
more coverage of in6_ifdetach()'s cleanup process.
bug fix in SIOCGIFADDR_IN6 (point to point case).


# 1.2 08-Jan-2000 deraadt

use arc4random() instead of random for two reasons.
1) on some architectures, random() should only be used by the scheduler
(ie. statintr() because it is uniformly distributed
2) arc4random() is actually strong, random() is not at all


Revision tags: kame_19991208
# 1.1 08-Dec-1999 itojun

bring in KAME IPv6 code, dated 19991208.
replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support.
see sys/netinet6/{TODO,IMPLEMENTATION} for more details.

GENERIC configuration should work fine as before. GENERIC.v6 works fine
as well, but you'll need KAME userland tools to play with IPv6 (will be
bringed into soon).


# 1.92 07-Dec-2022 kn

Do not store unused ICMPv6 Option PREFIX_INFORMATION

Dead since 2017 sys/netinet6/nd6_rtr.c r1.163
Remove sending of router solicitations and processing of router
advertisements from the kernel. It's handled by slaacd(8) these days.

sysctl(2) net.inet6.icmp6.nd6_debug does not warn about it like it does
for, e.g., duplicate MTU options, so don't do anything with this option.

Remove access macros for other unused options while here.
Eventually, union nd_opts should be removed completely.
All under _KERNEL.

tcpdump(8)/rad(8)/slaacd(8) keep showing/sending/receiving this option when
running this diff on both router and client.

OK claudio


# 1.91 02-Dec-2022 kn

Remove constant basereachable and retrans members from struct nd_ifinfo

Both are initalised with compile-time constants and never written to.

They are part of the Neighbour Discovery machinery and only surface
through the single-user SIOCGIFINFO_IN6:
$ ndp -i lo0
basereachable=30s0ms, reachable=39s, retrans=1s0ms

These values are read-only since 2017
sys/netinet6/nd6.c r1.217
usr.sbin/ndp/ndp.c r1.85
Remove knob and always do neighbor unreachable detection

Inline the macros (to keep meaningful names), shrink the per-interface
allocated struct nd_ifinfo to what is actually needed and inline
nd6_dad_starttimer()'s constant `msec' argument.

Nothing else in base, incl. regress, uses SIOCGIFINFO_IN6 or `ndp -i'.

OK bluhm


# 1.90 28-Nov-2022 kn

Document struct nd_ifinfo protection, remove obsolete .initialized member

All access to struct ifnet's member *if_nd is read-only, with the one
write exception being nd6_slowtimo() updating ND information.

IPv6 Neighbour Discovery information is fully protected by the net lock.
---
nd6_ifattach() allocates and unconditionally initialises struct ifnet's
*if_nd member, so early in if_attachsetup() that there is no way to query
unitialised Neighour Unreachable Detection bits.

Only SIOCGIFINFO_IN6 through ndp(8) used the .initialized member:
Added/set since 2002 sys/netinet6/nd6.c r1.42
attach nd_ifinfo structure to if_afdata.
split IPv6 MTU (advertised by RA) from real link MTU.
sync with kame

Read since 2002 usr.sbin/ndp/ndp.c r1.16
use new SIOCGIFINFO_IN6. random other cleanups. sync w/kame.

Obsolete since 2017 sys/netinet6/nd6.c r1.217
usr.sbin/ndp/ndp.c r1.85
Remove knob and always do neighbor unreachable detection.

Feedback OK bluhm


# 1.89 23-Nov-2022 kn

Remove unused NDPRF_* defines; dead since 2017 sys/netinet6/nd6.c r1.210

Remove sending of router solicitations and processing of router
advertisements from the kernel. It's handled by slaacd(8) these days.

Outside of _KERNEL, but nothing in base uses it, either.
codesearch.debian.net seems to agree.

OK mvs claudio bluhm


# 1.88 23-Nov-2022 kn

Remove unused struct in6_ndifreq; dead since 2013 sys/netinet6/in6_var.h r1.37

Remove unused code manipulating a default interface and its index
This is a leftover from the on-link assumption behavior removal,
which has been deprecated by RFC4861 anyway.

Outside of _KERNEL, but nothing in base uses it, either.
codesearch.debian.net seems to agree.

OK mvs claudio bluhm


# 1.87 23-Nov-2022 kn

Remove unused struct prf_ra; dead since 2017 sys/netinet/icmp6.h r1.45

Get rid of ICMPV6CTL_ND6_DRLIST and ICMPV6CTL_ND6_PRLIST sysctls
With this we can also get rid of in6_prefix and in6_defrouter. They
are meaningless, the kernel no longer tracks this information.

Outside of _KERNEL, but nothing in base uses it, either.
codesearch.debian.net seems to agree.

OK mvs claudio bluhm


# 1.86 23-Nov-2022 kn

Inline useless ND_IFINFO() macro

A single cast-free struct pointer dereference needs no indirection.
ND_IFINFO() is under _KERNEL.

OK mvs


# 1.85 23-Nov-2022 kn

Let nd6_if{at,de}tach() be void and take an ifp argument

Do it like the rest of at/detach routines which modify a struct ifnet
pointer without returning anything.

OK mvs


# 1.84 23-Nov-2022 kn

Add *if_nd to struct ifnet, call nd6_if{at,de}tach() directly

*if_afdata[] and struct domain's dom_if{at,de}tach() are only used with
IPv6 Neighbour Discovery in6_dom{at,de}tach(), which allocate/init and
free single struct nd_ifinfo.

Set up a new ND-specific *if_nd member directly to avoid yet another
layer of indirection and thus make the generic domain API obsolete.

The per-interface data is only accessed in nd6.c and nd6_nbr.c through
the ND_IFINFO() macro; it is allocated and freed exactly once during
interface at/detach, so document it as [I]mmutable.

OK bluhm mvs claudio


# 1.83 23-Nov-2022 kn

Recommit previous "Remove useless struct in6_ifextra"

This was the right diff after all, I just confused myself between trees.

OK bluhm
---
Remove useless struct in6_ifextra

in6_var.h r1.75 removed all other struct members.

Now It only contains a single struct nd_ifinfo pointer, so address family
specific data might as well be just that.

ND_IFINFO() is the only way nd6_nbr.c and nd6.c access this data, there is
no other usage of if_afdata[].

One allocation and unhelpful indirection less per interface.

All under _KERNEL.

OK claudio


# 1.82 22-Nov-2022 kn

Backout "Remove useless struct in6_ifextra" commit

I committed the wrong iteration of this diff, sorry for the noise.


# 1.81 22-Nov-2022 kn

Remove useless struct in6_ifextra

in6_var.h r1.75 removed all other struct members.

Now It only contains a single struct nd_ifinfo pointer, so address family
specific data might as well be just that.

ND_IFINFO() is the only way nd6_nbr.c and nd6.c access this data, there is
no other usage of if_afdata[].

One allocation and unhelpful indirection less per interface.

All under _KERNEL.

OK claudio


# 1.80 12-Nov-2022 kn

Remove unused RS_LHCOOKIE macro

Added in 2014 110585f259f4974284e531f0a1e121b001a580dc
Move sending of router solicitations to the kernel; [...]
but never used.


Revision tags: OPENBSD_7_2_BASE
# 1.79 08-Aug-2022 kn

Constify in6_addr pointer arguments in nd6_*() functions

All of them are passed to inspect/copy out fields, none of the functions
writes to the struct.

This makes it easier to argue about code (in MP context).

OK bluhm


# 1.78 28-Jul-2022 kn

Zap prototypes for nonexistent nd6_setmtu() and in6_ifdel()

Removed in 2015 and 2002, respectively.

OK claudio


# 1.77 22-Jul-2022 kn

Leftovers from florian's RS/NA purge from the kernel in 2017.

OK bluhm


Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE
# 1.76 28-Mar-2020 florian

Move ND6_PRIV_* constants from nd6.h to slaacd the only place where
they are used. Nobody in the wider eco system uses these.
While here reduce temporary address valid lifetime to 2 days as per
draft-ietf-6man-rfc4941bis. This should considerably reduce the amount
of addresses configured on an interface - a common complaint.
Original diff from Fernando Gont (fernando AT gont.com.ar), thanks!
Ports tree scanning by sthen@


Revision tags: OPENBSD_6_6_BASE
# 1.75 21-Jun-2019 mpi

Prevent recursions by not deleting entries inside rtable_walk(9).

rtable_walk(9) now passes a routing entry back to the caller when
a non zero value is returned and if it asked for it.
This allows us to call rtdeletemsg()/rtrequest_delete() from the
caller without creating a recursion because of rtflushclone().

Multicast code hasn't been adapted and is still possibly creating
recursions. However multicast route entries aren't cloned so if
a recursion exists it isn't because of rtflushclone().

Fix stack exhaustion triggered by the use of "-msave-args".

Issue reported by D��niel L��vai on bugs@ confirmed by and ok bluhm@.


Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE
# 1.74 27-Nov-2017 mpi

Use a single timer for all ND6 entries.

This prevents a use-after-free reported by Hrvoje Popovski where the
timeout function was already sleeping on the NET_LOCK() when ifconfig(8)
removed the enry from the table.

By iterating on a global list in the timeout routine we ensure that the
items are still valid when we process them. This also reduce differences
with ARP.

ok bluhm@, visa@


# 1.73 03-Nov-2017 florian

We are processing Router Solicitation / Advertisement messages only
for the Source Link-layer Address Options.
Merge nd6_rs_input() and nd6_ra_input() into one generic function that
does just that.

input & OK mpi


Revision tags: OPENBSD_6_2_BASE
# 1.72 09-Aug-2017 florian

Remove knob and always do neighbor unreachable detection.


# 1.71 09-Aug-2017 florian

accept_rtadv doesn't do anything since some time.
OK mpi


# 1.70 09-Aug-2017 florian

We are no longer generating privacy addresses in the
kernel.
OK mpi


# 1.69 08-Aug-2017 florian

Stop running nd6_expire every second.
We know when pltime or vltime decrease to zero. Run nd6_expire then.
Input & OK mpi, bluhm


# 1.68 12-Jul-2017 florian

Get rid of ICMPV6CTL_ND6_DRLIST and ICMPV6CTL_ND6_PRLIST sysctls
With this we can also get rid of in6_prefix and in6_defrouter. They
are meaningless, the kernel no longer tracks this information.

Pointed out by & OK mpi


# 1.67 11-Jul-2017 florian

Purging is at last at hand. Day of Doom is here. All that is evil
shall all be cleansed.

Remove sending of router solicitations and processing of router
advertisements from the kernel. It's handled by slaacd(8) these days.

Input & OK bluhm@, mpi@


Revision tags: OPENBSD_6_1_BASE
# 1.66 27-Dec-2016 bluhm

Move nd6 timer initialisation to nd6_init() and call timeout_set()
only once during init.
OK mpi@


# 1.65 28-Nov-2016 mpi

Remove multiple recursive splsoftnet().

ok bluhm@


# 1.64 21-Nov-2016 mpi

Assert that prelist_update() is always called at IPL_SOFTNET.

While here use __func__ in debug strings to reduce noise when grepping.


Revision tags: OPENBSD_6_0_BASE
# 1.63 13-Jul-2016 dlg

store nd6 expiries in the route, not separately in the llinfo struct.

this makes it more consistent with arp, and makes expiries visible
via route(8) get as well as ndp(8).

ok mpi@ florian@


# 1.62 15-Jun-2016 mpi

Kill nd6_output(), it doesn't do anything since the resolution logic
has been moved to nd6_resolve().

ok visa@, millert@, florian@, sthen@


# 1.61 08-Jun-2016 mpi

Move ND resoluton logic from nd6_output() to nd6_storelladdr() and
rename it to nd6_resolve().

This allows us to get rid of non-Ethernet hacks by moving Ethernet
specific logic in the appropriate layer.

ok sthen@


# 1.60 01-Jun-2016 dlg

make nd6_llinfo_settimer take seconds instead of ticks.

most callers are working in seconds, internally it uses seconds, and
you can call timeout_add_sec as easily as timeout_add.

this also fixes an issue with an nd_defrouter expire which was
incorrectly scaled with ticks in a comparison.

ok mpi@


# 1.59 30-May-2016 dlg

remove code compensating for the "short" range of timeouts.

the nd6 code for managing expiries is never asked to handle intervals
greater than what timeouts can handle, so we dont need to overcompensate.

the code was also incorrect by using a long, which isnt that long
on ILP32 machines.

ok mpi@ millert@ benno@


# 1.58 30-Mar-2016 mpi

Implement proxy ARP for ART based on mpath support.

Since mpath is not enabled in RAMDISK, proxy ARP won't work there either.

ok bluhm@


# 1.57 03-Mar-2016 jca

Kill IPv6 prefix and router renumbering ioctls.

Router renumbering was never supported, prefix ioctls were deprecated
~15 years ago. Move some items in netinet6/nd6.h where they are still
used.

ok mikeb@ mpi@


Revision tags: OPENBSD_5_9_BASE
# 1.56 18-Dec-2015 tb

Convert arc4random() to arc4random_uniorm(). Diff by Matthew Martin.

Ensure that arc4random_uniform() doesn't loop by redefining
ND6_MAX_DESYNC_FACTOR to be 512, the largest power of two smaller
than the RFC-specified 600 seconds. Suggested by florian@ and deraadt@

ok florian@, sthen@ in this form, arc4random change ok djm@, tedu@


# 1.55 06-Nov-2015 mpi

Change nd6_nud_hint() to no longer manipulate rt_ifp directly.

While here remove unused argument and convert the route check to
rtisvalid(9).

ok bluhm@


# 1.54 02-Nov-2015 bluhm

Implement the list of nd6 llinfo entries with a TAILQ.
OK millert@ mpi@


# 1.53 02-Nov-2015 mpi

Prefer an existing refcounted ``ifp'' to rt_ifp when possible or use the
interface index directly.

ok bluhm@


# 1.52 28-Oct-2015 florian

Remove linkmtu and maxmtu from struct nd_ifinfo. IN6_LINKMTU can now
die and ifp->if_mtu is the one true mtu.
Suggested by and OK mpi@


# 1.51 25-Oct-2015 mpi

Introduce if_rtrequest() the successor of ifa_rtrequest().

L2 resolution depends on the protocol (encoded in the route entry) and
an ``ifp''. Not having to care about an ``ifa'' makes our life easier
in our MP effort. Fewer dependencies between data structures implies
fewer headaches.

Discussed with bluhm@, ok claudio@


# 1.50 24-Oct-2015 mpi

Ignore Router Advertisment's current hop limit.

Appart from the usual inet6 axe murdering exercise to keep you fit, this
allows us to get rid of a lot of layer violation due to the use of per-
ifp variables to store the current hop limit.

Imputs from bluhm@, ok phessler@, florian@, bluhm@


# 1.49 31-Aug-2015 mpi

The return value of nd6_cache_lladdr() is never used so make it a void.

Fewer "struct rtentry" left in the wild!


# 1.48 24-Aug-2015 mpi

nd6_prefix_add() is no longer used and die.


# 1.47 24-Aug-2015 mpi

Start moving away from the global prefix list by limiting its usage to
AUTOCONF'd addresses.

This prevent the kernel from removing connected (/64) routes as soon as
it configures an AUTOCONF'd address based on a RA.

Tested by sebastia@, ok sthen@


# 1.46 24-Aug-2015 mpi

Rework the code to decide when to perform DAD to no longer rely on the
IN6_IFF_NODAD pseudo-flag not being set.

This was just a flag for spaghetti code that should not exist in the
first place.

Tested by sebastia@, ok sthen@


# 1.45 18-Aug-2015 mpi

Call rtfree(9) when we no longer need the route entry rather than
decrementing rt_refcnt just after rtrequest1(9).

While here reduce the differences with rt_ifa_add(9). There's still
an ambiguity about rtrequest1(9)'s return value, but bluhm@ will
address that in a different diff.

Discussed with and ok bluhm@


Revision tags: OPENBSD_5_8_BASE
# 1.44 18-Jul-2015 mpi

Merge two identical chunks to add new prefixes to the global data
structures into a function.

ok florian@


# 1.43 16-Jul-2015 mpi

Properly layer Router Solicitation code.

Tweak and ok florian@


# 1.42 09-Jul-2015 mpi

Remove unused arguments and the associated code from nd6_nud_hint().

ok claudio@


Revision tags: OPENBSD_5_7_BASE
# 1.41 20-Nov-2014 mpi

Rework the handling of interfaces and IPv6 addresses for local delivery.

- Unicast packets sent to any local address will have their interface
set to loobpack.

- In order to differentiate traffic from interfaces having identical
link-local addresses, provide the scoped addresses to pf(4).

- Update the icmp6 state lookup logic to match scoped MLL addresses.

- Remove a shortcut in ip6_input() that bypasses pf and always look
for an RTF_LOCAL route.

Packets sent to multicast addresses still retain their original
interface due to the fact that local multicast packet delivering
does not use if_output.

This makes ping6 to link-local addresses work even with pf enabled
and "set skip" on loopbacks, reported by Pieter Verberne.

Debugged, analysed and tested with mikeb@.

ok mikeb@, henning@, sthen@


# 1.40 10-Nov-2014 mpi

Do not pass an ifa pointer when we already have a DAD descriptor.

Tweaks and ok florian@


# 1.39 25-Aug-2014 florian

Move sending of router solicitations to the kernel; receiving and
processing of router advertisements was already in the kernel.
With this rtsol{,d}(8) is no longer necessary.

The kernel starts sending solicitations with
# ifconfig $IF inet6 autoconf
or
inet6 autoconf
in /etc/hostname.$IF.

input stsp@
much help & OK mpi@
tweaks & OK bluhm@


Revision tags: OPENBSD_5_6_BASE
# 1.38 11-Jul-2014 blambert

move IPv6 prefix adding from workq to taskq; as a happy benefit, we
can delete 2 dozen or so lines that check to see if we've queued
up a prefix addition multiple times.

ok stsp@


# 1.37 07-May-2014 mpi

Kill the {nd6_,}useloopback buttons, using the loopback interface for
local traffic is not optional.

ok mikeb@, stsp@, jca@


Revision tags: OPENBSD_5_5_BASE
# 1.36 07-Jan-2014 mikeb

Propagate an rdomain number to the nd6_lookup independently from
the ifp pointer which can be NULL. This prevents a crash reported
by David Hill <dhill at mindcry ! org>. OK bluhm


# 1.35 25-Oct-2013 deraadt

More _KERNEL namespace cleanup, just in case something out there
includes this.


# 1.34 28-Aug-2013 mpi

Remove unused argument from *rtrequest()

ok krw@, mikeb@


# 1.33 26-Aug-2013 bluhm

No one uses the obsolete IPv6 ioctls SIOCGDRLST_IN6, SIOCGPRLST_IN6,
OSIOCGIFINFO_IN6 anymore. Remove them together with the structs
in6_drlist, in6_oprlist, in6_prlist, in6_ondireq and the kernel
implementation.
OK mikeb@ henning@


# 1.32 11-Aug-2013 bluhm

To control the lifetime of IPv6 addresses, prefixes and default
routers, the kernel and ndp use a bunch of expire fields. Before
they were int or u_long, convert expire to time_t in all structs.
Move vltime and pltime to u_int32_t everywhere. Sort struct fields
by size. Struct inet6_ndpr_msghdr is not used at all, so remove
it.

Binary compatibility of rtsold and ndp break with this change as
rtsold uses in6_drlist and ndp uses in6_defrouter and in6_prefix
to interact with the kernel.

OK mpi@


Revision tags: OPENBSD_5_4_BASE
# 1.31 01-Jul-2013 bluhm

Do not access queue fields directly, use FOREACH() macro instead.
No binary change.
OK mikeb@ mpi@


# 1.30 11-Mar-2013 mpi

Remove unused code manipulating a default interface and its index,
This is a leftover from the on-link assumption behavior removal,
which has been deprecated by RFC4861 anyway.

ok mikeb@, bluhm@, florian@


Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
# 1.29 14-Feb-2012 sthen

typo in comment.


Revision tags: OPENBSD_5_0_BASE OPENBSD_5_1_BASE
# 1.28 03-Apr-2011 stsp

fix typos in comments
ok deraadt henning sthen thib (though thib says he can't spell)


Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
# 1.27 06-Apr-2010 stsp

Simple implementation of RFC4941, "Privacy Extensions for Stateless
Address Autoconfiguration in IPv6". For those among us who are paranoid
about broadcasting their MAC address to the IPv6 internet.

Man page help from jmc, testing by weerd, arc4random API hints from djm.

ok deraadt, claudio


Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE
# 1.26 11-Jun-2008 mcbride

From KAME, allow adjustable limits on NDP entries and discovered routes.

ok mpf naddy


Revision tags: OPENBSD_3_4_BASE OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE SMP_SYNC_A SMP_SYNC_B
# 1.25 08-Jul-2003 itojun

unifdef -U__otherBSD__


# 1.24 27-Jun-2003 itojun

split ND6 cache timer management to per-entry. increased accuracy,
no O(N) loop. sync w/ kame. marc tested, daniel ok


Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE UBC_SYNC_A UBC_SYNC_B
# 1.23 08-Jun-2002 itojun

gc


# 1.22 08-Jun-2002 itojun

sync with latest KAME in6_ifaddr/prefix/default router manipulation.
behavior changes:
- two iocts used by ndp(8) are now obsolete (backward compat provided).
use sysctl path instead.
- lo0 does not get ::1 automatically. it will get ::1 when lo0 comes up.


# 1.21 07-Jun-2002 itojun

cope with cases where maxmtu == 0 (shouldn't happen)


# 1.20 05-Jun-2002 itojun

be sure to use L3 MTU, not L2 MTU, when specified in spec (affects FDDI/ARCnet)


# 1.19 30-May-2002 itojun

improve nd6_setmtu(), to warn too-small MTU on SIOCSIFMTU. sync w/kame


# 1.18 29-May-2002 itojun

no need to supply obsolete field name "receivedra"


# 1.17 29-May-2002 itojun

attach nd_ifinfo structure to if_afdata.
split IPv6 MTU (advertised by RA) from real link MTU.
sync with kame


Revision tags: OPENBSD_3_1_BASE
# 1.16 14-Mar-2002 millert

First round of __P removal in sys


# 1.15 23-Jan-2002 fgsch

compatability -> compatibility.


Revision tags: OPENBSD_2_9_BASE OPENBSD_3_0_BASE UBC_BASE
# 1.14 23-Feb-2001 itojun

branches: 1.14.6;
garbage-collect stale ND entries (default: 1 day).
RFC 2461 5.3. sync with kame.


# 1.13 23-Feb-2001 itojun

remove unnecessary state, ND6_LLINFO_WAITDELETE, from neighbor cache
state machine.
no need for RTF_REJECT on neighbor cache entires, they are leftover from
ARP code.
sync with kame.


# 1.12 08-Feb-2001 itojun

when chasing nd6_llinfo chain, make sure we do not touch dangling
pointer (due to RTM_DELETE during default router list management).
from kame


# 1.11 08-Feb-2001 itojun

use timeout_xx() throughout sys/netinet6. sync with kame.


# 1.10 07-Feb-2001 itojun

by default, don't bark on inbound ND messages, as outsider may be able to
fill up /var with bogus packets.
setting net.inet6.icmp6.nd6_debug will re-enable kernel messages on invalid
ND packet and other occasions.

improve icmp6 stats.


# 1.9 19-Jan-2001 itojun

pull post-4.4BSD change to sys/net/route.c from BSD/OS 4.2 (UCB copyrighted).

have sys/net/route.c:rtrequest1(), which takes rt_addrinfo * as the argument.
pass rt_addrinfo all the way down to rtrequest, and ifa->ifa_rtrequest.
3rd arg of ifa->ifa_rtrequest is now rt_addrinfo * instead of sockaddr *
(almost noone is using it anyways).

benefit: the follwoing command now works. previously we need two route(8)
invocations, "add" then "change".
# route add -inet6 default ::1 -ifp gif0

remove unsafe typecast in rtrequest(), from rtentry * to sockaddr *. it was
introduced by 4.3BSD-reno and never corrected.

XXX is eon_rtrequest() change correct regarding to 3rd arg?
eon_rtrequest() and rtrequest() were incorrect since 4.3BSD-reno,
so i do not have correct answer in the source code.
someone with more clue about netiso-over-ip, please help.


Revision tags: OPENBSD_2_8_BASE
# 1.8 06-Jul-2000 itojun

- more icmp6/ip6 stats.
- protect IPv6 ND from being hosed (due to neighbor unreachability detection
hint) by wrong tcp traffic. still not sure if there's real attack, but
it is good to be cautious.
- avoid bitfield for router renumbering header decl.
- implement packet-per-sec limitation for icmp6 errors, turn interval
limit off (it is not very useful due to unix timer resolution).


# 1.7 19-May-2000 itojun

never forward packet with link-local address.
experimental support for new loopback packet handling (with FAKE_LOOPBACK_IF,
rcvif will be set to real outgoing interface, not the loopback, to honor scope)
sync with kame.


# 1.6 15-May-2000 itojun

perform NUD on p2p link, only if the destination/gateway is real neighbor.
this removes temporary workaround (no NUD on p2p link). KAME PR 245.


Revision tags: OPENBSD_2_7_BASE
# 1.5 17-Apr-2000 itojun

revisit in6_ifattach(). (1) make it more persistent about initializaing an
interface (2) cleanup interface id selection.
run NUD on p2p interface (required by spec for bidir p2p interface).
add "ndp -i interface" (can tweak per-interface ND flag).
(sync with more recent kame)


# 1.4 28-Feb-2000 itojun

bring in recent KAME changes (only important and stable ones, as usual).
- remove net.inet6.ip6.nd6_proxyall. introduce proxy NDP code works
just like "arp -s".
- revise source address selection.
be more careful about use of yet-to-be-valid addresses as source.
- as router, transmit ICMP6_DST_UNREACH_BEYONDSCOPE against out-of-scope
packet forwarding attempt.
- path MTU discovery takes care of routing header properly.
- be more strict about mbuf chain parsing.
- nuke xxCTL_VARS #define, they are for BSDI.
- disable SIOCSIFDSTADDR_IN6/SIOCSIFNETMASK_IN6 ioctl, they do not fit
IPv6 model where multiple address on interface is normal.
(kernel side supports them for a while for backward compat,
the support will be nuked shortly)
- introduce "default outgoing interface" (for spec conformance in very
rare case)


Revision tags: SMP_BASE
# 1.3 04-Feb-2000 itojun

branches: 1.3.2;
more coverage of in6_ifdetach()'s cleanup process.
bug fix in SIOCGIFADDR_IN6 (point to point case).


# 1.2 08-Jan-2000 deraadt

use arc4random() instead of random for two reasons.
1) on some architectures, random() should only be used by the scheduler
(ie. statintr() because it is uniformly distributed
2) arc4random() is actually strong, random() is not at all


Revision tags: kame_19991208
# 1.1 08-Dec-1999 itojun

bring in KAME IPv6 code, dated 19991208.
replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support.
see sys/netinet6/{TODO,IMPLEMENTATION} for more details.

GENERIC configuration should work fine as before. GENERIC.v6 works fine
as well, but you'll need KAME userland tools to play with IPv6 (will be
bringed into soon).


# 1.91 02-Dec-2022 kn

Remove constant basereachable and retrans members from struct nd_ifinfo

Both are initalised with compile-time constants and never written to.

They are part of the Neighbour Discovery machinery and only surface
through the single-user SIOCGIFINFO_IN6:
$ ndp -i lo0
basereachable=30s0ms, reachable=39s, retrans=1s0ms

These values are read-only since 2017
sys/netinet6/nd6.c r1.217
usr.sbin/ndp/ndp.c r1.85
Remove knob and always do neighbor unreachable detection

Inline the macros (to keep meaningful names), shrink the per-interface
allocated struct nd_ifinfo to what is actually needed and inline
nd6_dad_starttimer()'s constant `msec' argument.

Nothing else in base, incl. regress, uses SIOCGIFINFO_IN6 or `ndp -i'.

OK bluhm


# 1.90 28-Nov-2022 kn

Document struct nd_ifinfo protection, remove obsolete .initialized member

All access to struct ifnet's member *if_nd is read-only, with the one
write exception being nd6_slowtimo() updating ND information.

IPv6 Neighbour Discovery information is fully protected by the net lock.
---
nd6_ifattach() allocates and unconditionally initialises struct ifnet's
*if_nd member, so early in if_attachsetup() that there is no way to query
unitialised Neighour Unreachable Detection bits.

Only SIOCGIFINFO_IN6 through ndp(8) used the .initialized member:
Added/set since 2002 sys/netinet6/nd6.c r1.42
attach nd_ifinfo structure to if_afdata.
split IPv6 MTU (advertised by RA) from real link MTU.
sync with kame

Read since 2002 usr.sbin/ndp/ndp.c r1.16
use new SIOCGIFINFO_IN6. random other cleanups. sync w/kame.

Obsolete since 2017 sys/netinet6/nd6.c r1.217
usr.sbin/ndp/ndp.c r1.85
Remove knob and always do neighbor unreachable detection.

Feedback OK bluhm


# 1.89 23-Nov-2022 kn

Remove unused NDPRF_* defines; dead since 2017 sys/netinet6/nd6.c r1.210

Remove sending of router solicitations and processing of router
advertisements from the kernel. It's handled by slaacd(8) these days.

Outside of _KERNEL, but nothing in base uses it, either.
codesearch.debian.net seems to agree.

OK mvs claudio bluhm


# 1.88 23-Nov-2022 kn

Remove unused struct in6_ndifreq; dead since 2013 sys/netinet6/in6_var.h r1.37

Remove unused code manipulating a default interface and its index
This is a leftover from the on-link assumption behavior removal,
which has been deprecated by RFC4861 anyway.

Outside of _KERNEL, but nothing in base uses it, either.
codesearch.debian.net seems to agree.

OK mvs claudio bluhm


# 1.87 23-Nov-2022 kn

Remove unused struct prf_ra; dead since 2017 sys/netinet/icmp6.h r1.45

Get rid of ICMPV6CTL_ND6_DRLIST and ICMPV6CTL_ND6_PRLIST sysctls
With this we can also get rid of in6_prefix and in6_defrouter. They
are meaningless, the kernel no longer tracks this information.

Outside of _KERNEL, but nothing in base uses it, either.
codesearch.debian.net seems to agree.

OK mvs claudio bluhm


# 1.86 23-Nov-2022 kn

Inline useless ND_IFINFO() macro

A single cast-free struct pointer dereference needs no indirection.
ND_IFINFO() is under _KERNEL.

OK mvs


# 1.85 23-Nov-2022 kn

Let nd6_if{at,de}tach() be void and take an ifp argument

Do it like the rest of at/detach routines which modify a struct ifnet
pointer without returning anything.

OK mvs


# 1.84 23-Nov-2022 kn

Add *if_nd to struct ifnet, call nd6_if{at,de}tach() directly

*if_afdata[] and struct domain's dom_if{at,de}tach() are only used with
IPv6 Neighbour Discovery in6_dom{at,de}tach(), which allocate/init and
free single struct nd_ifinfo.

Set up a new ND-specific *if_nd member directly to avoid yet another
layer of indirection and thus make the generic domain API obsolete.

The per-interface data is only accessed in nd6.c and nd6_nbr.c through
the ND_IFINFO() macro; it is allocated and freed exactly once during
interface at/detach, so document it as [I]mmutable.

OK bluhm mvs claudio


# 1.83 23-Nov-2022 kn

Recommit previous "Remove useless struct in6_ifextra"

This was the right diff after all, I just confused myself between trees.

OK bluhm
---
Remove useless struct in6_ifextra

in6_var.h r1.75 removed all other struct members.

Now It only contains a single struct nd_ifinfo pointer, so address family
specific data might as well be just that.

ND_IFINFO() is the only way nd6_nbr.c and nd6.c access this data, there is
no other usage of if_afdata[].

One allocation and unhelpful indirection less per interface.

All under _KERNEL.

OK claudio


# 1.82 22-Nov-2022 kn

Backout "Remove useless struct in6_ifextra" commit

I committed the wrong iteration of this diff, sorry for the noise.


# 1.81 22-Nov-2022 kn

Remove useless struct in6_ifextra

in6_var.h r1.75 removed all other struct members.

Now It only contains a single struct nd_ifinfo pointer, so address family
specific data might as well be just that.

ND_IFINFO() is the only way nd6_nbr.c and nd6.c access this data, there is
no other usage of if_afdata[].

One allocation and unhelpful indirection less per interface.

All under _KERNEL.

OK claudio


# 1.80 12-Nov-2022 kn

Remove unused RS_LHCOOKIE macro

Added in 2014 110585f259f4974284e531f0a1e121b001a580dc
Move sending of router solicitations to the kernel; [...]
but never used.


Revision tags: OPENBSD_7_2_BASE
# 1.79 08-Aug-2022 kn

Constify in6_addr pointer arguments in nd6_*() functions

All of them are passed to inspect/copy out fields, none of the functions
writes to the struct.

This makes it easier to argue about code (in MP context).

OK bluhm


# 1.78 28-Jul-2022 kn

Zap prototypes for nonexistent nd6_setmtu() and in6_ifdel()

Removed in 2015 and 2002, respectively.

OK claudio


# 1.77 22-Jul-2022 kn

Leftovers from florian's RS/NA purge from the kernel in 2017.

OK bluhm


Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE
# 1.76 28-Mar-2020 florian

Move ND6_PRIV_* constants from nd6.h to slaacd the only place where
they are used. Nobody in the wider eco system uses these.
While here reduce temporary address valid lifetime to 2 days as per
draft-ietf-6man-rfc4941bis. This should considerably reduce the amount
of addresses configured on an interface - a common complaint.
Original diff from Fernando Gont (fernando AT gont.com.ar), thanks!
Ports tree scanning by sthen@


Revision tags: OPENBSD_6_6_BASE
# 1.75 21-Jun-2019 mpi

Prevent recursions by not deleting entries inside rtable_walk(9).

rtable_walk(9) now passes a routing entry back to the caller when
a non zero value is returned and if it asked for it.
This allows us to call rtdeletemsg()/rtrequest_delete() from the
caller without creating a recursion because of rtflushclone().

Multicast code hasn't been adapted and is still possibly creating
recursions. However multicast route entries aren't cloned so if
a recursion exists it isn't because of rtflushclone().

Fix stack exhaustion triggered by the use of "-msave-args".

Issue reported by D��niel L��vai on bugs@ confirmed by and ok bluhm@.


Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE
# 1.74 27-Nov-2017 mpi

Use a single timer for all ND6 entries.

This prevents a use-after-free reported by Hrvoje Popovski where the
timeout function was already sleeping on the NET_LOCK() when ifconfig(8)
removed the enry from the table.

By iterating on a global list in the timeout routine we ensure that the
items are still valid when we process them. This also reduce differences
with ARP.

ok bluhm@, visa@


# 1.73 03-Nov-2017 florian

We are processing Router Solicitation / Advertisement messages only
for the Source Link-layer Address Options.
Merge nd6_rs_input() and nd6_ra_input() into one generic function that
does just that.

input & OK mpi


Revision tags: OPENBSD_6_2_BASE
# 1.72 09-Aug-2017 florian

Remove knob and always do neighbor unreachable detection.


# 1.71 09-Aug-2017 florian

accept_rtadv doesn't do anything since some time.
OK mpi


# 1.70 09-Aug-2017 florian

We are no longer generating privacy addresses in the
kernel.
OK mpi


# 1.69 08-Aug-2017 florian

Stop running nd6_expire every second.
We know when pltime or vltime decrease to zero. Run nd6_expire then.
Input & OK mpi, bluhm


# 1.68 12-Jul-2017 florian

Get rid of ICMPV6CTL_ND6_DRLIST and ICMPV6CTL_ND6_PRLIST sysctls
With this we can also get rid of in6_prefix and in6_defrouter. They
are meaningless, the kernel no longer tracks this information.

Pointed out by & OK mpi


# 1.67 11-Jul-2017 florian

Purging is at last at hand. Day of Doom is here. All that is evil
shall all be cleansed.

Remove sending of router solicitations and processing of router
advertisements from the kernel. It's handled by slaacd(8) these days.

Input & OK bluhm@, mpi@


Revision tags: OPENBSD_6_1_BASE
# 1.66 27-Dec-2016 bluhm

Move nd6 timer initialisation to nd6_init() and call timeout_set()
only once during init.
OK mpi@


# 1.65 28-Nov-2016 mpi

Remove multiple recursive splsoftnet().

ok bluhm@


# 1.64 21-Nov-2016 mpi

Assert that prelist_update() is always called at IPL_SOFTNET.

While here use __func__ in debug strings to reduce noise when grepping.


Revision tags: OPENBSD_6_0_BASE
# 1.63 13-Jul-2016 dlg

store nd6 expiries in the route, not separately in the llinfo struct.

this makes it more consistent with arp, and makes expiries visible
via route(8) get as well as ndp(8).

ok mpi@ florian@


# 1.62 15-Jun-2016 mpi

Kill nd6_output(), it doesn't do anything since the resolution logic
has been moved to nd6_resolve().

ok visa@, millert@, florian@, sthen@


# 1.61 08-Jun-2016 mpi

Move ND resoluton logic from nd6_output() to nd6_storelladdr() and
rename it to nd6_resolve().

This allows us to get rid of non-Ethernet hacks by moving Ethernet
specific logic in the appropriate layer.

ok sthen@


# 1.60 01-Jun-2016 dlg

make nd6_llinfo_settimer take seconds instead of ticks.

most callers are working in seconds, internally it uses seconds, and
you can call timeout_add_sec as easily as timeout_add.

this also fixes an issue with an nd_defrouter expire which was
incorrectly scaled with ticks in a comparison.

ok mpi@


# 1.59 30-May-2016 dlg

remove code compensating for the "short" range of timeouts.

the nd6 code for managing expiries is never asked to handle intervals
greater than what timeouts can handle, so we dont need to overcompensate.

the code was also incorrect by using a long, which isnt that long
on ILP32 machines.

ok mpi@ millert@ benno@


# 1.58 30-Mar-2016 mpi

Implement proxy ARP for ART based on mpath support.

Since mpath is not enabled in RAMDISK, proxy ARP won't work there either.

ok bluhm@


# 1.57 03-Mar-2016 jca

Kill IPv6 prefix and router renumbering ioctls.

Router renumbering was never supported, prefix ioctls were deprecated
~15 years ago. Move some items in netinet6/nd6.h where they are still
used.

ok mikeb@ mpi@


Revision tags: OPENBSD_5_9_BASE
# 1.56 18-Dec-2015 tb

Convert arc4random() to arc4random_uniorm(). Diff by Matthew Martin.

Ensure that arc4random_uniform() doesn't loop by redefining
ND6_MAX_DESYNC_FACTOR to be 512, the largest power of two smaller
than the RFC-specified 600 seconds. Suggested by florian@ and deraadt@

ok florian@, sthen@ in this form, arc4random change ok djm@, tedu@


# 1.55 06-Nov-2015 mpi

Change nd6_nud_hint() to no longer manipulate rt_ifp directly.

While here remove unused argument and convert the route check to
rtisvalid(9).

ok bluhm@


# 1.54 02-Nov-2015 bluhm

Implement the list of nd6 llinfo entries with a TAILQ.
OK millert@ mpi@


# 1.53 02-Nov-2015 mpi

Prefer an existing refcounted ``ifp'' to rt_ifp when possible or use the
interface index directly.

ok bluhm@


# 1.52 28-Oct-2015 florian

Remove linkmtu and maxmtu from struct nd_ifinfo. IN6_LINKMTU can now
die and ifp->if_mtu is the one true mtu.
Suggested by and OK mpi@


# 1.51 25-Oct-2015 mpi

Introduce if_rtrequest() the successor of ifa_rtrequest().

L2 resolution depends on the protocol (encoded in the route entry) and
an ``ifp''. Not having to care about an ``ifa'' makes our life easier
in our MP effort. Fewer dependencies between data structures implies
fewer headaches.

Discussed with bluhm@, ok claudio@


# 1.50 24-Oct-2015 mpi

Ignore Router Advertisment's current hop limit.

Appart from the usual inet6 axe murdering exercise to keep you fit, this
allows us to get rid of a lot of layer violation due to the use of per-
ifp variables to store the current hop limit.

Imputs from bluhm@, ok phessler@, florian@, bluhm@


# 1.49 31-Aug-2015 mpi

The return value of nd6_cache_lladdr() is never used so make it a void.

Fewer "struct rtentry" left in the wild!


# 1.48 24-Aug-2015 mpi

nd6_prefix_add() is no longer used and die.


# 1.47 24-Aug-2015 mpi

Start moving away from the global prefix list by limiting its usage to
AUTOCONF'd addresses.

This prevent the kernel from removing connected (/64) routes as soon as
it configures an AUTOCONF'd address based on a RA.

Tested by sebastia@, ok sthen@


# 1.46 24-Aug-2015 mpi

Rework the code to decide when to perform DAD to no longer rely on the
IN6_IFF_NODAD pseudo-flag not being set.

This was just a flag for spaghetti code that should not exist in the
first place.

Tested by sebastia@, ok sthen@


# 1.45 18-Aug-2015 mpi

Call rtfree(9) when we no longer need the route entry rather than
decrementing rt_refcnt just after rtrequest1(9).

While here reduce the differences with rt_ifa_add(9). There's still
an ambiguity about rtrequest1(9)'s return value, but bluhm@ will
address that in a different diff.

Discussed with and ok bluhm@


Revision tags: OPENBSD_5_8_BASE
# 1.44 18-Jul-2015 mpi

Merge two identical chunks to add new prefixes to the global data
structures into a function.

ok florian@


# 1.43 16-Jul-2015 mpi

Properly layer Router Solicitation code.

Tweak and ok florian@


# 1.42 09-Jul-2015 mpi

Remove unused arguments and the associated code from nd6_nud_hint().

ok claudio@


Revision tags: OPENBSD_5_7_BASE
# 1.41 20-Nov-2014 mpi

Rework the handling of interfaces and IPv6 addresses for local delivery.

- Unicast packets sent to any local address will have their interface
set to loobpack.

- In order to differentiate traffic from interfaces having identical
link-local addresses, provide the scoped addresses to pf(4).

- Update the icmp6 state lookup logic to match scoped MLL addresses.

- Remove a shortcut in ip6_input() that bypasses pf and always look
for an RTF_LOCAL route.

Packets sent to multicast addresses still retain their original
interface due to the fact that local multicast packet delivering
does not use if_output.

This makes ping6 to link-local addresses work even with pf enabled
and "set skip" on loopbacks, reported by Pieter Verberne.

Debugged, analysed and tested with mikeb@.

ok mikeb@, henning@, sthen@


# 1.40 10-Nov-2014 mpi

Do not pass an ifa pointer when we already have a DAD descriptor.

Tweaks and ok florian@


# 1.39 25-Aug-2014 florian

Move sending of router solicitations to the kernel; receiving and
processing of router advertisements was already in the kernel.
With this rtsol{,d}(8) is no longer necessary.

The kernel starts sending solicitations with
# ifconfig $IF inet6 autoconf
or
inet6 autoconf
in /etc/hostname.$IF.

input stsp@
much help & OK mpi@
tweaks & OK bluhm@


Revision tags: OPENBSD_5_6_BASE
# 1.38 11-Jul-2014 blambert

move IPv6 prefix adding from workq to taskq; as a happy benefit, we
can delete 2 dozen or so lines that check to see if we've queued
up a prefix addition multiple times.

ok stsp@


# 1.37 07-May-2014 mpi

Kill the {nd6_,}useloopback buttons, using the loopback interface for
local traffic is not optional.

ok mikeb@, stsp@, jca@


Revision tags: OPENBSD_5_5_BASE
# 1.36 07-Jan-2014 mikeb

Propagate an rdomain number to the nd6_lookup independently from
the ifp pointer which can be NULL. This prevents a crash reported
by David Hill <dhill at mindcry ! org>. OK bluhm


# 1.35 25-Oct-2013 deraadt

More _KERNEL namespace cleanup, just in case something out there
includes this.


# 1.34 28-Aug-2013 mpi

Remove unused argument from *rtrequest()

ok krw@, mikeb@


# 1.33 26-Aug-2013 bluhm

No one uses the obsolete IPv6 ioctls SIOCGDRLST_IN6, SIOCGPRLST_IN6,
OSIOCGIFINFO_IN6 anymore. Remove them together with the structs
in6_drlist, in6_oprlist, in6_prlist, in6_ondireq and the kernel
implementation.
OK mikeb@ henning@


# 1.32 11-Aug-2013 bluhm

To control the lifetime of IPv6 addresses, prefixes and default
routers, the kernel and ndp use a bunch of expire fields. Before
they were int or u_long, convert expire to time_t in all structs.
Move vltime and pltime to u_int32_t everywhere. Sort struct fields
by size. Struct inet6_ndpr_msghdr is not used at all, so remove
it.

Binary compatibility of rtsold and ndp break with this change as
rtsold uses in6_drlist and ndp uses in6_defrouter and in6_prefix
to interact with the kernel.

OK mpi@


Revision tags: OPENBSD_5_4_BASE
# 1.31 01-Jul-2013 bluhm

Do not access queue fields directly, use FOREACH() macro instead.
No binary change.
OK mikeb@ mpi@


# 1.30 11-Mar-2013 mpi

Remove unused code manipulating a default interface and its index,
This is a leftover from the on-link assumption behavior removal,
which has been deprecated by RFC4861 anyway.

ok mikeb@, bluhm@, florian@


Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
# 1.29 14-Feb-2012 sthen

typo in comment.


Revision tags: OPENBSD_5_0_BASE OPENBSD_5_1_BASE
# 1.28 03-Apr-2011 stsp

fix typos in comments
ok deraadt henning sthen thib (though thib says he can't spell)


Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
# 1.27 06-Apr-2010 stsp

Simple implementation of RFC4941, "Privacy Extensions for Stateless
Address Autoconfiguration in IPv6". For those among us who are paranoid
about broadcasting their MAC address to the IPv6 internet.

Man page help from jmc, testing by weerd, arc4random API hints from djm.

ok deraadt, claudio


Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE
# 1.26 11-Jun-2008 mcbride

From KAME, allow adjustable limits on NDP entries and discovered routes.

ok mpf naddy


Revision tags: OPENBSD_3_4_BASE OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE SMP_SYNC_A SMP_SYNC_B
# 1.25 08-Jul-2003 itojun

unifdef -U__otherBSD__


# 1.24 27-Jun-2003 itojun

split ND6 cache timer management to per-entry. increased accuracy,
no O(N) loop. sync w/ kame. marc tested, daniel ok


Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE UBC_SYNC_A UBC_SYNC_B
# 1.23 08-Jun-2002 itojun

gc


# 1.22 08-Jun-2002 itojun

sync with latest KAME in6_ifaddr/prefix/default router manipulation.
behavior changes:
- two iocts used by ndp(8) are now obsolete (backward compat provided).
use sysctl path instead.
- lo0 does not get ::1 automatically. it will get ::1 when lo0 comes up.


# 1.21 07-Jun-2002 itojun

cope with cases where maxmtu == 0 (shouldn't happen)


# 1.20 05-Jun-2002 itojun

be sure to use L3 MTU, not L2 MTU, when specified in spec (affects FDDI/ARCnet)


# 1.19 30-May-2002 itojun

improve nd6_setmtu(), to warn too-small MTU on SIOCSIFMTU. sync w/kame


# 1.18 29-May-2002 itojun

no need to supply obsolete field name "receivedra"


# 1.17 29-May-2002 itojun

attach nd_ifinfo structure to if_afdata.
split IPv6 MTU (advertised by RA) from real link MTU.
sync with kame


Revision tags: OPENBSD_3_1_BASE
# 1.16 14-Mar-2002 millert

First round of __P removal in sys


# 1.15 23-Jan-2002 fgsch

compatability -> compatibility.


Revision tags: OPENBSD_2_9_BASE OPENBSD_3_0_BASE UBC_BASE
# 1.14 23-Feb-2001 itojun

branches: 1.14.6;
garbage-collect stale ND entries (default: 1 day).
RFC 2461 5.3. sync with kame.


# 1.13 23-Feb-2001 itojun

remove unnecessary state, ND6_LLINFO_WAITDELETE, from neighbor cache
state machine.
no need for RTF_REJECT on neighbor cache entires, they are leftover from
ARP code.
sync with kame.


# 1.12 08-Feb-2001 itojun

when chasing nd6_llinfo chain, make sure we do not touch dangling
pointer (due to RTM_DELETE during default router list management).
from kame


# 1.11 08-Feb-2001 itojun

use timeout_xx() throughout sys/netinet6. sync with kame.


# 1.10 07-Feb-2001 itojun

by default, don't bark on inbound ND messages, as outsider may be able to
fill up /var with bogus packets.
setting net.inet6.icmp6.nd6_debug will re-enable kernel messages on invalid
ND packet and other occasions.

improve icmp6 stats.


# 1.9 19-Jan-2001 itojun

pull post-4.4BSD change to sys/net/route.c from BSD/OS 4.2 (UCB copyrighted).

have sys/net/route.c:rtrequest1(), which takes rt_addrinfo * as the argument.
pass rt_addrinfo all the way down to rtrequest, and ifa->ifa_rtrequest.
3rd arg of ifa->ifa_rtrequest is now rt_addrinfo * instead of sockaddr *
(almost noone is using it anyways).

benefit: the follwoing command now works. previously we need two route(8)
invocations, "add" then "change".
# route add -inet6 default ::1 -ifp gif0

remove unsafe typecast in rtrequest(), from rtentry * to sockaddr *. it was
introduced by 4.3BSD-reno and never corrected.

XXX is eon_rtrequest() change correct regarding to 3rd arg?
eon_rtrequest() and rtrequest() were incorrect since 4.3BSD-reno,
so i do not have correct answer in the source code.
someone with more clue about netiso-over-ip, please help.


Revision tags: OPENBSD_2_8_BASE
# 1.8 06-Jul-2000 itojun

- more icmp6/ip6 stats.
- protect IPv6 ND from being hosed (due to neighbor unreachability detection
hint) by wrong tcp traffic. still not sure if there's real attack, but
it is good to be cautious.
- avoid bitfield for router renumbering header decl.
- implement packet-per-sec limitation for icmp6 errors, turn interval
limit off (it is not very useful due to unix timer resolution).


# 1.7 19-May-2000 itojun

never forward packet with link-local address.
experimental support for new loopback packet handling (with FAKE_LOOPBACK_IF,
rcvif will be set to real outgoing interface, not the loopback, to honor scope)
sync with kame.


# 1.6 15-May-2000 itojun

perform NUD on p2p link, only if the destination/gateway is real neighbor.
this removes temporary workaround (no NUD on p2p link). KAME PR 245.


Revision tags: OPENBSD_2_7_BASE
# 1.5 17-Apr-2000 itojun

revisit in6_ifattach(). (1) make it more persistent about initializaing an
interface (2) cleanup interface id selection.
run NUD on p2p interface (required by spec for bidir p2p interface).
add "ndp -i interface" (can tweak per-interface ND flag).
(sync with more recent kame)


# 1.4 28-Feb-2000 itojun

bring in recent KAME changes (only important and stable ones, as usual).
- remove net.inet6.ip6.nd6_proxyall. introduce proxy NDP code works
just like "arp -s".
- revise source address selection.
be more careful about use of yet-to-be-valid addresses as source.
- as router, transmit ICMP6_DST_UNREACH_BEYONDSCOPE against out-of-scope
packet forwarding attempt.
- path MTU discovery takes care of routing header properly.
- be more strict about mbuf chain parsing.
- nuke xxCTL_VARS #define, they are for BSDI.
- disable SIOCSIFDSTADDR_IN6/SIOCSIFNETMASK_IN6 ioctl, they do not fit
IPv6 model where multiple address on interface is normal.
(kernel side supports them for a while for backward compat,
the support will be nuked shortly)
- introduce "default outgoing interface" (for spec conformance in very
rare case)


Revision tags: SMP_BASE
# 1.3 04-Feb-2000 itojun

branches: 1.3.2;
more coverage of in6_ifdetach()'s cleanup process.
bug fix in SIOCGIFADDR_IN6 (point to point case).


# 1.2 08-Jan-2000 deraadt

use arc4random() instead of random for two reasons.
1) on some architectures, random() should only be used by the scheduler
(ie. statintr() because it is uniformly distributed
2) arc4random() is actually strong, random() is not at all


Revision tags: kame_19991208
# 1.1 08-Dec-1999 itojun

bring in KAME IPv6 code, dated 19991208.
replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support.
see sys/netinet6/{TODO,IMPLEMENTATION} for more details.

GENERIC configuration should work fine as before. GENERIC.v6 works fine
as well, but you'll need KAME userland tools to play with IPv6 (will be
bringed into soon).


# 1.90 28-Nov-2022 kn

Document struct nd_ifinfo protection, remove obsolete .initialized member

All access to struct ifnet's member *if_nd is read-only, with the one
write exception being nd6_slowtimo() updating ND information.

IPv6 Neighbour Discovery information is fully protected by the net lock.
---
nd6_ifattach() allocates and unconditionally initialises struct ifnet's
*if_nd member, so early in if_attachsetup() that there is no way to query
unitialised Neighour Unreachable Detection bits.

Only SIOCGIFINFO_IN6 through ndp(8) used the .initialized member:
Added/set since 2002 sys/netinet6/nd6.c r1.42
attach nd_ifinfo structure to if_afdata.
split IPv6 MTU (advertised by RA) from real link MTU.
sync with kame

Read since 2002 usr.sbin/ndp/ndp.c r1.16
use new SIOCGIFINFO_IN6. random other cleanups. sync w/kame.

Obsolete since 2017 sys/netinet6/nd6.c r1.217
usr.sbin/ndp/ndp.c r1.85
Remove knob and always do neighbor unreachable detection.

Feedback OK bluhm


# 1.89 23-Nov-2022 kn

Remove unused NDPRF_* defines; dead since 2017 sys/netinet6/nd6.c r1.210

Remove sending of router solicitations and processing of router
advertisements from the kernel. It's handled by slaacd(8) these days.

Outside of _KERNEL, but nothing in base uses it, either.
codesearch.debian.net seems to agree.

OK mvs claudio bluhm


# 1.88 23-Nov-2022 kn

Remove unused struct in6_ndifreq; dead since 2013 sys/netinet6/in6_var.h r1.37

Remove unused code manipulating a default interface and its index
This is a leftover from the on-link assumption behavior removal,
which has been deprecated by RFC4861 anyway.

Outside of _KERNEL, but nothing in base uses it, either.
codesearch.debian.net seems to agree.

OK mvs claudio bluhm


# 1.87 23-Nov-2022 kn

Remove unused struct prf_ra; dead since 2017 sys/netinet/icmp6.h r1.45

Get rid of ICMPV6CTL_ND6_DRLIST and ICMPV6CTL_ND6_PRLIST sysctls
With this we can also get rid of in6_prefix and in6_defrouter. They
are meaningless, the kernel no longer tracks this information.

Outside of _KERNEL, but nothing in base uses it, either.
codesearch.debian.net seems to agree.

OK mvs claudio bluhm


# 1.86 23-Nov-2022 kn

Inline useless ND_IFINFO() macro

A single cast-free struct pointer dereference needs no indirection.
ND_IFINFO() is under _KERNEL.

OK mvs


# 1.85 23-Nov-2022 kn

Let nd6_if{at,de}tach() be void and take an ifp argument

Do it like the rest of at/detach routines which modify a struct ifnet
pointer without returning anything.

OK mvs


# 1.84 23-Nov-2022 kn

Add *if_nd to struct ifnet, call nd6_if{at,de}tach() directly

*if_afdata[] and struct domain's dom_if{at,de}tach() are only used with
IPv6 Neighbour Discovery in6_dom{at,de}tach(), which allocate/init and
free single struct nd_ifinfo.

Set up a new ND-specific *if_nd member directly to avoid yet another
layer of indirection and thus make the generic domain API obsolete.

The per-interface data is only accessed in nd6.c and nd6_nbr.c through
the ND_IFINFO() macro; it is allocated and freed exactly once during
interface at/detach, so document it as [I]mmutable.

OK bluhm mvs claudio


# 1.83 23-Nov-2022 kn

Recommit previous "Remove useless struct in6_ifextra"

This was the right diff after all, I just confused myself between trees.

OK bluhm
---
Remove useless struct in6_ifextra

in6_var.h r1.75 removed all other struct members.

Now It only contains a single struct nd_ifinfo pointer, so address family
specific data might as well be just that.

ND_IFINFO() is the only way nd6_nbr.c and nd6.c access this data, there is
no other usage of if_afdata[].

One allocation and unhelpful indirection less per interface.

All under _KERNEL.

OK claudio


# 1.82 22-Nov-2022 kn

Backout "Remove useless struct in6_ifextra" commit

I committed the wrong iteration of this diff, sorry for the noise.


# 1.81 22-Nov-2022 kn

Remove useless struct in6_ifextra

in6_var.h r1.75 removed all other struct members.

Now It only contains a single struct nd_ifinfo pointer, so address family
specific data might as well be just that.

ND_IFINFO() is the only way nd6_nbr.c and nd6.c access this data, there is
no other usage of if_afdata[].

One allocation and unhelpful indirection less per interface.

All under _KERNEL.

OK claudio


# 1.80 12-Nov-2022 kn

Remove unused RS_LHCOOKIE macro

Added in 2014 110585f259f4974284e531f0a1e121b001a580dc
Move sending of router solicitations to the kernel; [...]
but never used.


Revision tags: OPENBSD_7_2_BASE
# 1.79 08-Aug-2022 kn

Constify in6_addr pointer arguments in nd6_*() functions

All of them are passed to inspect/copy out fields, none of the functions
writes to the struct.

This makes it easier to argue about code (in MP context).

OK bluhm


# 1.78 28-Jul-2022 kn

Zap prototypes for nonexistent nd6_setmtu() and in6_ifdel()

Removed in 2015 and 2002, respectively.

OK claudio


# 1.77 22-Jul-2022 kn

Leftovers from florian's RS/NA purge from the kernel in 2017.

OK bluhm


Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE
# 1.76 28-Mar-2020 florian

Move ND6_PRIV_* constants from nd6.h to slaacd the only place where
they are used. Nobody in the wider eco system uses these.
While here reduce temporary address valid lifetime to 2 days as per
draft-ietf-6man-rfc4941bis. This should considerably reduce the amount
of addresses configured on an interface - a common complaint.
Original diff from Fernando Gont (fernando AT gont.com.ar), thanks!
Ports tree scanning by sthen@


Revision tags: OPENBSD_6_6_BASE
# 1.75 21-Jun-2019 mpi

Prevent recursions by not deleting entries inside rtable_walk(9).

rtable_walk(9) now passes a routing entry back to the caller when
a non zero value is returned and if it asked for it.
This allows us to call rtdeletemsg()/rtrequest_delete() from the
caller without creating a recursion because of rtflushclone().

Multicast code hasn't been adapted and is still possibly creating
recursions. However multicast route entries aren't cloned so if
a recursion exists it isn't because of rtflushclone().

Fix stack exhaustion triggered by the use of "-msave-args".

Issue reported by D��niel L��vai on bugs@ confirmed by and ok bluhm@.


Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE
# 1.74 27-Nov-2017 mpi

Use a single timer for all ND6 entries.

This prevents a use-after-free reported by Hrvoje Popovski where the
timeout function was already sleeping on the NET_LOCK() when ifconfig(8)
removed the enry from the table.

By iterating on a global list in the timeout routine we ensure that the
items are still valid when we process them. This also reduce differences
with ARP.

ok bluhm@, visa@


# 1.73 03-Nov-2017 florian

We are processing Router Solicitation / Advertisement messages only
for the Source Link-layer Address Options.
Merge nd6_rs_input() and nd6_ra_input() into one generic function that
does just that.

input & OK mpi


Revision tags: OPENBSD_6_2_BASE
# 1.72 09-Aug-2017 florian

Remove knob and always do neighbor unreachable detection.


# 1.71 09-Aug-2017 florian

accept_rtadv doesn't do anything since some time.
OK mpi


# 1.70 09-Aug-2017 florian

We are no longer generating privacy addresses in the
kernel.
OK mpi


# 1.69 08-Aug-2017 florian

Stop running nd6_expire every second.
We know when pltime or vltime decrease to zero. Run nd6_expire then.
Input & OK mpi, bluhm


# 1.68 12-Jul-2017 florian

Get rid of ICMPV6CTL_ND6_DRLIST and ICMPV6CTL_ND6_PRLIST sysctls
With this we can also get rid of in6_prefix and in6_defrouter. They
are meaningless, the kernel no longer tracks this information.

Pointed out by & OK mpi


# 1.67 11-Jul-2017 florian

Purging is at last at hand. Day of Doom is here. All that is evil
shall all be cleansed.

Remove sending of router solicitations and processing of router
advertisements from the kernel. It's handled by slaacd(8) these days.

Input & OK bluhm@, mpi@


Revision tags: OPENBSD_6_1_BASE
# 1.66 27-Dec-2016 bluhm

Move nd6 timer initialisation to nd6_init() and call timeout_set()
only once during init.
OK mpi@


# 1.65 28-Nov-2016 mpi

Remove multiple recursive splsoftnet().

ok bluhm@


# 1.64 21-Nov-2016 mpi

Assert that prelist_update() is always called at IPL_SOFTNET.

While here use __func__ in debug strings to reduce noise when grepping.


Revision tags: OPENBSD_6_0_BASE
# 1.63 13-Jul-2016 dlg

store nd6 expiries in the route, not separately in the llinfo struct.

this makes it more consistent with arp, and makes expiries visible
via route(8) get as well as ndp(8).

ok mpi@ florian@


# 1.62 15-Jun-2016 mpi

Kill nd6_output(), it doesn't do anything since the resolution logic
has been moved to nd6_resolve().

ok visa@, millert@, florian@, sthen@


# 1.61 08-Jun-2016 mpi

Move ND resoluton logic from nd6_output() to nd6_storelladdr() and
rename it to nd6_resolve().

This allows us to get rid of non-Ethernet hacks by moving Ethernet
specific logic in the appropriate layer.

ok sthen@


# 1.60 01-Jun-2016 dlg

make nd6_llinfo_settimer take seconds instead of ticks.

most callers are working in seconds, internally it uses seconds, and
you can call timeout_add_sec as easily as timeout_add.

this also fixes an issue with an nd_defrouter expire which was
incorrectly scaled with ticks in a comparison.

ok mpi@


# 1.59 30-May-2016 dlg

remove code compensating for the "short" range of timeouts.

the nd6 code for managing expiries is never asked to handle intervals
greater than what timeouts can handle, so we dont need to overcompensate.

the code was also incorrect by using a long, which isnt that long
on ILP32 machines.

ok mpi@ millert@ benno@


# 1.58 30-Mar-2016 mpi

Implement proxy ARP for ART based on mpath support.

Since mpath is not enabled in RAMDISK, proxy ARP won't work there either.

ok bluhm@


# 1.57 03-Mar-2016 jca

Kill IPv6 prefix and router renumbering ioctls.

Router renumbering was never supported, prefix ioctls were deprecated
~15 years ago. Move some items in netinet6/nd6.h where they are still
used.

ok mikeb@ mpi@


Revision tags: OPENBSD_5_9_BASE
# 1.56 18-Dec-2015 tb

Convert arc4random() to arc4random_uniorm(). Diff by Matthew Martin.

Ensure that arc4random_uniform() doesn't loop by redefining
ND6_MAX_DESYNC_FACTOR to be 512, the largest power of two smaller
than the RFC-specified 600 seconds. Suggested by florian@ and deraadt@

ok florian@, sthen@ in this form, arc4random change ok djm@, tedu@


# 1.55 06-Nov-2015 mpi

Change nd6_nud_hint() to no longer manipulate rt_ifp directly.

While here remove unused argument and convert the route check to
rtisvalid(9).

ok bluhm@


# 1.54 02-Nov-2015 bluhm

Implement the list of nd6 llinfo entries with a TAILQ.
OK millert@ mpi@


# 1.53 02-Nov-2015 mpi

Prefer an existing refcounted ``ifp'' to rt_ifp when possible or use the
interface index directly.

ok bluhm@


# 1.52 28-Oct-2015 florian

Remove linkmtu and maxmtu from struct nd_ifinfo. IN6_LINKMTU can now
die and ifp->if_mtu is the one true mtu.
Suggested by and OK mpi@


# 1.51 25-Oct-2015 mpi

Introduce if_rtrequest() the successor of ifa_rtrequest().

L2 resolution depends on the protocol (encoded in the route entry) and
an ``ifp''. Not having to care about an ``ifa'' makes our life easier
in our MP effort. Fewer dependencies between data structures implies
fewer headaches.

Discussed with bluhm@, ok claudio@


# 1.50 24-Oct-2015 mpi

Ignore Router Advertisment's current hop limit.

Appart from the usual inet6 axe murdering exercise to keep you fit, this
allows us to get rid of a lot of layer violation due to the use of per-
ifp variables to store the current hop limit.

Imputs from bluhm@, ok phessler@, florian@, bluhm@


# 1.49 31-Aug-2015 mpi

The return value of nd6_cache_lladdr() is never used so make it a void.

Fewer "struct rtentry" left in the wild!


# 1.48 24-Aug-2015 mpi

nd6_prefix_add() is no longer used and die.


# 1.47 24-Aug-2015 mpi

Start moving away from the global prefix list by limiting its usage to
AUTOCONF'd addresses.

This prevent the kernel from removing connected (/64) routes as soon as
it configures an AUTOCONF'd address based on a RA.

Tested by sebastia@, ok sthen@


# 1.46 24-Aug-2015 mpi

Rework the code to decide when to perform DAD to no longer rely on the
IN6_IFF_NODAD pseudo-flag not being set.

This was just a flag for spaghetti code that should not exist in the
first place.

Tested by sebastia@, ok sthen@


# 1.45 18-Aug-2015 mpi

Call rtfree(9) when we no longer need the route entry rather than
decrementing rt_refcnt just after rtrequest1(9).

While here reduce the differences with rt_ifa_add(9). There's still
an ambiguity about rtrequest1(9)'s return value, but bluhm@ will
address that in a different diff.

Discussed with and ok bluhm@


Revision tags: OPENBSD_5_8_BASE
# 1.44 18-Jul-2015 mpi

Merge two identical chunks to add new prefixes to the global data
structures into a function.

ok florian@


# 1.43 16-Jul-2015 mpi

Properly layer Router Solicitation code.

Tweak and ok florian@


# 1.42 09-Jul-2015 mpi

Remove unused arguments and the associated code from nd6_nud_hint().

ok claudio@


Revision tags: OPENBSD_5_7_BASE
# 1.41 20-Nov-2014 mpi

Rework the handling of interfaces and IPv6 addresses for local delivery.

- Unicast packets sent to any local address will have their interface
set to loobpack.

- In order to differentiate traffic from interfaces having identical
link-local addresses, provide the scoped addresses to pf(4).

- Update the icmp6 state lookup logic to match scoped MLL addresses.

- Remove a shortcut in ip6_input() that bypasses pf and always look
for an RTF_LOCAL route.

Packets sent to multicast addresses still retain their original
interface due to the fact that local multicast packet delivering
does not use if_output.

This makes ping6 to link-local addresses work even with pf enabled
and "set skip" on loopbacks, reported by Pieter Verberne.

Debugged, analysed and tested with mikeb@.

ok mikeb@, henning@, sthen@


# 1.40 10-Nov-2014 mpi

Do not pass an ifa pointer when we already have a DAD descriptor.

Tweaks and ok florian@


# 1.39 25-Aug-2014 florian

Move sending of router solicitations to the kernel; receiving and
processing of router advertisements was already in the kernel.
With this rtsol{,d}(8) is no longer necessary.

The kernel starts sending solicitations with
# ifconfig $IF inet6 autoconf
or
inet6 autoconf
in /etc/hostname.$IF.

input stsp@
much help & OK mpi@
tweaks & OK bluhm@


Revision tags: OPENBSD_5_6_BASE
# 1.38 11-Jul-2014 blambert

move IPv6 prefix adding from workq to taskq; as a happy benefit, we
can delete 2 dozen or so lines that check to see if we've queued
up a prefix addition multiple times.

ok stsp@


# 1.37 07-May-2014 mpi

Kill the {nd6_,}useloopback buttons, using the loopback interface for
local traffic is not optional.

ok mikeb@, stsp@, jca@


Revision tags: OPENBSD_5_5_BASE
# 1.36 07-Jan-2014 mikeb

Propagate an rdomain number to the nd6_lookup independently from
the ifp pointer which can be NULL. This prevents a crash reported
by David Hill <dhill at mindcry ! org>. OK bluhm


# 1.35 25-Oct-2013 deraadt

More _KERNEL namespace cleanup, just in case something out there
includes this.


# 1.34 28-Aug-2013 mpi

Remove unused argument from *rtrequest()

ok krw@, mikeb@


# 1.33 26-Aug-2013 bluhm

No one uses the obsolete IPv6 ioctls SIOCGDRLST_IN6, SIOCGPRLST_IN6,
OSIOCGIFINFO_IN6 anymore. Remove them together with the structs
in6_drlist, in6_oprlist, in6_prlist, in6_ondireq and the kernel
implementation.
OK mikeb@ henning@


# 1.32 11-Aug-2013 bluhm

To control the lifetime of IPv6 addresses, prefixes and default
routers, the kernel and ndp use a bunch of expire fields. Before
they were int or u_long, convert expire to time_t in all structs.
Move vltime and pltime to u_int32_t everywhere. Sort struct fields
by size. Struct inet6_ndpr_msghdr is not used at all, so remove
it.

Binary compatibility of rtsold and ndp break with this change as
rtsold uses in6_drlist and ndp uses in6_defrouter and in6_prefix
to interact with the kernel.

OK mpi@


Revision tags: OPENBSD_5_4_BASE
# 1.31 01-Jul-2013 bluhm

Do not access queue fields directly, use FOREACH() macro instead.
No binary change.
OK mikeb@ mpi@


# 1.30 11-Mar-2013 mpi

Remove unused code manipulating a default interface and its index,
This is a leftover from the on-link assumption behavior removal,
which has been deprecated by RFC4861 anyway.

ok mikeb@, bluhm@, florian@


Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
# 1.29 14-Feb-2012 sthen

typo in comment.


Revision tags: OPENBSD_5_0_BASE OPENBSD_5_1_BASE
# 1.28 03-Apr-2011 stsp

fix typos in comments
ok deraadt henning sthen thib (though thib says he can't spell)


Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
# 1.27 06-Apr-2010 stsp

Simple implementation of RFC4941, "Privacy Extensions for Stateless
Address Autoconfiguration in IPv6". For those among us who are paranoid
about broadcasting their MAC address to the IPv6 internet.

Man page help from jmc, testing by weerd, arc4random API hints from djm.

ok deraadt, claudio


Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE
# 1.26 11-Jun-2008 mcbride

From KAME, allow adjustable limits on NDP entries and discovered routes.

ok mpf naddy


Revision tags: OPENBSD_3_4_BASE OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE SMP_SYNC_A SMP_SYNC_B
# 1.25 08-Jul-2003 itojun

unifdef -U__otherBSD__


# 1.24 27-Jun-2003 itojun

split ND6 cache timer management to per-entry. increased accuracy,
no O(N) loop. sync w/ kame. marc tested, daniel ok


Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE UBC_SYNC_A UBC_SYNC_B
# 1.23 08-Jun-2002 itojun

gc


# 1.22 08-Jun-2002 itojun

sync with latest KAME in6_ifaddr/prefix/default router manipulation.
behavior changes:
- two iocts used by ndp(8) are now obsolete (backward compat provided).
use sysctl path instead.
- lo0 does not get ::1 automatically. it will get ::1 when lo0 comes up.


# 1.21 07-Jun-2002 itojun

cope with cases where maxmtu == 0 (shouldn't happen)


# 1.20 05-Jun-2002 itojun

be sure to use L3 MTU, not L2 MTU, when specified in spec (affects FDDI/ARCnet)


# 1.19 30-May-2002 itojun

improve nd6_setmtu(), to warn too-small MTU on SIOCSIFMTU. sync w/kame


# 1.18 29-May-2002 itojun

no need to supply obsolete field name "receivedra"


# 1.17 29-May-2002 itojun

attach nd_ifinfo structure to if_afdata.
split IPv6 MTU (advertised by RA) from real link MTU.
sync with kame


Revision tags: OPENBSD_3_1_BASE
# 1.16 14-Mar-2002 millert

First round of __P removal in sys


# 1.15 23-Jan-2002 fgsch

compatability -> compatibility.


Revision tags: OPENBSD_2_9_BASE OPENBSD_3_0_BASE UBC_BASE
# 1.14 23-Feb-2001 itojun

branches: 1.14.6;
garbage-collect stale ND entries (default: 1 day).
RFC 2461 5.3. sync with kame.


# 1.13 23-Feb-2001 itojun

remove unnecessary state, ND6_LLINFO_WAITDELETE, from neighbor cache
state machine.
no need for RTF_REJECT on neighbor cache entires, they are leftover from
ARP code.
sync with kame.


# 1.12 08-Feb-2001 itojun

when chasing nd6_llinfo chain, make sure we do not touch dangling
pointer (due to RTM_DELETE during default router list management).
from kame


# 1.11 08-Feb-2001 itojun

use timeout_xx() throughout sys/netinet6. sync with kame.


# 1.10 07-Feb-2001 itojun

by default, don't bark on inbound ND messages, as outsider may be able to
fill up /var with bogus packets.
setting net.inet6.icmp6.nd6_debug will re-enable kernel messages on invalid
ND packet and other occasions.

improve icmp6 stats.


# 1.9 19-Jan-2001 itojun

pull post-4.4BSD change to sys/net/route.c from BSD/OS 4.2 (UCB copyrighted).

have sys/net/route.c:rtrequest1(), which takes rt_addrinfo * as the argument.
pass rt_addrinfo all the way down to rtrequest, and ifa->ifa_rtrequest.
3rd arg of ifa->ifa_rtrequest is now rt_addrinfo * instead of sockaddr *
(almost noone is using it anyways).

benefit: the follwoing command now works. previously we need two route(8)
invocations, "add" then "change".
# route add -inet6 default ::1 -ifp gif0

remove unsafe typecast in rtrequest(), from rtentry * to sockaddr *. it was
introduced by 4.3BSD-reno and never corrected.

XXX is eon_rtrequest() change correct regarding to 3rd arg?
eon_rtrequest() and rtrequest() were incorrect since 4.3BSD-reno,
so i do not have correct answer in the source code.
someone with more clue about netiso-over-ip, please help.


Revision tags: OPENBSD_2_8_BASE
# 1.8 06-Jul-2000 itojun

- more icmp6/ip6 stats.
- protect IPv6 ND from being hosed (due to neighbor unreachability detection
hint) by wrong tcp traffic. still not sure if there's real attack, but
it is good to be cautious.
- avoid bitfield for router renumbering header decl.
- implement packet-per-sec limitation for icmp6 errors, turn interval
limit off (it is not very useful due to unix timer resolution).


# 1.7 19-May-2000 itojun

never forward packet with link-local address.
experimental support for new loopback packet handling (with FAKE_LOOPBACK_IF,
rcvif will be set to real outgoing interface, not the loopback, to honor scope)
sync with kame.


# 1.6 15-May-2000 itojun

perform NUD on p2p link, only if the destination/gateway is real neighbor.
this removes temporary workaround (no NUD on p2p link). KAME PR 245.


Revision tags: OPENBSD_2_7_BASE
# 1.5 17-Apr-2000 itojun

revisit in6_ifattach(). (1) make it more persistent about initializaing an
interface (2) cleanup interface id selection.
run NUD on p2p interface (required by spec for bidir p2p interface).
add "ndp -i interface" (can tweak per-interface ND flag).
(sync with more recent kame)


# 1.4 28-Feb-2000 itojun

bring in recent KAME changes (only important and stable ones, as usual).
- remove net.inet6.ip6.nd6_proxyall. introduce proxy NDP code works
just like "arp -s".
- revise source address selection.
be more careful about use of yet-to-be-valid addresses as source.
- as router, transmit ICMP6_DST_UNREACH_BEYONDSCOPE against out-of-scope
packet forwarding attempt.
- path MTU discovery takes care of routing header properly.
- be more strict about mbuf chain parsing.
- nuke xxCTL_VARS #define, they are for BSDI.
- disable SIOCSIFDSTADDR_IN6/SIOCSIFNETMASK_IN6 ioctl, they do not fit
IPv6 model where multiple address on interface is normal.
(kernel side supports them for a while for backward compat,
the support will be nuked shortly)
- introduce "default outgoing interface" (for spec conformance in very
rare case)


Revision tags: SMP_BASE
# 1.3 04-Feb-2000 itojun

branches: 1.3.2;
more coverage of in6_ifdetach()'s cleanup process.
bug fix in SIOCGIFADDR_IN6 (point to point case).


# 1.2 08-Jan-2000 deraadt

use arc4random() instead of random for two reasons.
1) on some architectures, random() should only be used by the scheduler
(ie. statintr() because it is uniformly distributed
2) arc4random() is actually strong, random() is not at all


Revision tags: kame_19991208
# 1.1 08-Dec-1999 itojun

bring in KAME IPv6 code, dated 19991208.
replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support.
see sys/netinet6/{TODO,IMPLEMENTATION} for more details.

GENERIC configuration should work fine as before. GENERIC.v6 works fine
as well, but you'll need KAME userland tools to play with IPv6 (will be
bringed into soon).


# 1.89 23-Nov-2022 kn

Remove unused NDPRF_* defines; dead since 2017 sys/netinet6/nd6.c r1.210

Remove sending of router solicitations and processing of router
advertisements from the kernel. It's handled by slaacd(8) these days.

Outside of _KERNEL, but nothing in base uses it, either.
codesearch.debian.net seems to agree.

OK mvs claudio bluhm


# 1.88 23-Nov-2022 kn

Remove unused struct in6_ndifreq; dead since 2013 sys/netinet6/in6_var.h r1.37

Remove unused code manipulating a default interface and its index
This is a leftover from the on-link assumption behavior removal,
which has been deprecated by RFC4861 anyway.

Outside of _KERNEL, but nothing in base uses it, either.
codesearch.debian.net seems to agree.

OK mvs claudio bluhm


# 1.87 23-Nov-2022 kn

Remove unused struct prf_ra; dead since 2017 sys/netinet/icmp6.h r1.45

Get rid of ICMPV6CTL_ND6_DRLIST and ICMPV6CTL_ND6_PRLIST sysctls
With this we can also get rid of in6_prefix and in6_defrouter. They
are meaningless, the kernel no longer tracks this information.

Outside of _KERNEL, but nothing in base uses it, either.
codesearch.debian.net seems to agree.

OK mvs claudio bluhm


# 1.86 23-Nov-2022 kn

Inline useless ND_IFINFO() macro

A single cast-free struct pointer dereference needs no indirection.
ND_IFINFO() is under _KERNEL.

OK mvs


# 1.85 23-Nov-2022 kn

Let nd6_if{at,de}tach() be void and take an ifp argument

Do it like the rest of at/detach routines which modify a struct ifnet
pointer without returning anything.

OK mvs


# 1.84 23-Nov-2022 kn

Add *if_nd to struct ifnet, call nd6_if{at,de}tach() directly

*if_afdata[] and struct domain's dom_if{at,de}tach() are only used with
IPv6 Neighbour Discovery in6_dom{at,de}tach(), which allocate/init and
free single struct nd_ifinfo.

Set up a new ND-specific *if_nd member directly to avoid yet another
layer of indirection and thus make the generic domain API obsolete.

The per-interface data is only accessed in nd6.c and nd6_nbr.c through
the ND_IFINFO() macro; it is allocated and freed exactly once during
interface at/detach, so document it as [I]mmutable.

OK bluhm mvs claudio


# 1.83 23-Nov-2022 kn

Recommit previous "Remove useless struct in6_ifextra"

This was the right diff after all, I just confused myself between trees.

OK bluhm
---
Remove useless struct in6_ifextra

in6_var.h r1.75 removed all other struct members.

Now It only contains a single struct nd_ifinfo pointer, so address family
specific data might as well be just that.

ND_IFINFO() is the only way nd6_nbr.c and nd6.c access this data, there is
no other usage of if_afdata[].

One allocation and unhelpful indirection less per interface.

All under _KERNEL.

OK claudio


# 1.82 22-Nov-2022 kn

Backout "Remove useless struct in6_ifextra" commit

I committed the wrong iteration of this diff, sorry for the noise.


# 1.81 22-Nov-2022 kn

Remove useless struct in6_ifextra

in6_var.h r1.75 removed all other struct members.

Now It only contains a single struct nd_ifinfo pointer, so address family
specific data might as well be just that.

ND_IFINFO() is the only way nd6_nbr.c and nd6.c access this data, there is
no other usage of if_afdata[].

One allocation and unhelpful indirection less per interface.

All under _KERNEL.

OK claudio


# 1.80 12-Nov-2022 kn

Remove unused RS_LHCOOKIE macro

Added in 2014 110585f259f4974284e531f0a1e121b001a580dc
Move sending of router solicitations to the kernel; [...]
but never used.


Revision tags: OPENBSD_7_2_BASE
# 1.79 08-Aug-2022 kn

Constify in6_addr pointer arguments in nd6_*() functions

All of them are passed to inspect/copy out fields, none of the functions
writes to the struct.

This makes it easier to argue about code (in MP context).

OK bluhm


# 1.78 28-Jul-2022 kn

Zap prototypes for nonexistent nd6_setmtu() and in6_ifdel()

Removed in 2015 and 2002, respectively.

OK claudio


# 1.77 22-Jul-2022 kn

Leftovers from florian's RS/NA purge from the kernel in 2017.

OK bluhm


Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE
# 1.76 28-Mar-2020 florian

Move ND6_PRIV_* constants from nd6.h to slaacd the only place where
they are used. Nobody in the wider eco system uses these.
While here reduce temporary address valid lifetime to 2 days as per
draft-ietf-6man-rfc4941bis. This should considerably reduce the amount
of addresses configured on an interface - a common complaint.
Original diff from Fernando Gont (fernando AT gont.com.ar), thanks!
Ports tree scanning by sthen@


Revision tags: OPENBSD_6_6_BASE
# 1.75 21-Jun-2019 mpi

Prevent recursions by not deleting entries inside rtable_walk(9).

rtable_walk(9) now passes a routing entry back to the caller when
a non zero value is returned and if it asked for it.
This allows us to call rtdeletemsg()/rtrequest_delete() from the
caller without creating a recursion because of rtflushclone().

Multicast code hasn't been adapted and is still possibly creating
recursions. However multicast route entries aren't cloned so if
a recursion exists it isn't because of rtflushclone().

Fix stack exhaustion triggered by the use of "-msave-args".

Issue reported by D��niel L��vai on bugs@ confirmed by and ok bluhm@.


Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE
# 1.74 27-Nov-2017 mpi

Use a single timer for all ND6 entries.

This prevents a use-after-free reported by Hrvoje Popovski where the
timeout function was already sleeping on the NET_LOCK() when ifconfig(8)
removed the enry from the table.

By iterating on a global list in the timeout routine we ensure that the
items are still valid when we process them. This also reduce differences
with ARP.

ok bluhm@, visa@


# 1.73 03-Nov-2017 florian

We are processing Router Solicitation / Advertisement messages only
for the Source Link-layer Address Options.
Merge nd6_rs_input() and nd6_ra_input() into one generic function that
does just that.

input & OK mpi


Revision tags: OPENBSD_6_2_BASE
# 1.72 09-Aug-2017 florian

Remove knob and always do neighbor unreachable detection.


# 1.71 09-Aug-2017 florian

accept_rtadv doesn't do anything since some time.
OK mpi


# 1.70 09-Aug-2017 florian

We are no longer generating privacy addresses in the
kernel.
OK mpi


# 1.69 08-Aug-2017 florian

Stop running nd6_expire every second.
We know when pltime or vltime decrease to zero. Run nd6_expire then.
Input & OK mpi, bluhm


# 1.68 12-Jul-2017 florian

Get rid of ICMPV6CTL_ND6_DRLIST and ICMPV6CTL_ND6_PRLIST sysctls
With this we can also get rid of in6_prefix and in6_defrouter. They
are meaningless, the kernel no longer tracks this information.

Pointed out by & OK mpi


# 1.67 11-Jul-2017 florian

Purging is at last at hand. Day of Doom is here. All that is evil
shall all be cleansed.

Remove sending of router solicitations and processing of router
advertisements from the kernel. It's handled by slaacd(8) these days.

Input & OK bluhm@, mpi@


Revision tags: OPENBSD_6_1_BASE
# 1.66 27-Dec-2016 bluhm

Move nd6 timer initialisation to nd6_init() and call timeout_set()
only once during init.
OK mpi@


# 1.65 28-Nov-2016 mpi

Remove multiple recursive splsoftnet().

ok bluhm@


# 1.64 21-Nov-2016 mpi

Assert that prelist_update() is always called at IPL_SOFTNET.

While here use __func__ in debug strings to reduce noise when grepping.


Revision tags: OPENBSD_6_0_BASE
# 1.63 13-Jul-2016 dlg

store nd6 expiries in the route, not separately in the llinfo struct.

this makes it more consistent with arp, and makes expiries visible
via route(8) get as well as ndp(8).

ok mpi@ florian@


# 1.62 15-Jun-2016 mpi

Kill nd6_output(), it doesn't do anything since the resolution logic
has been moved to nd6_resolve().

ok visa@, millert@, florian@, sthen@


# 1.61 08-Jun-2016 mpi

Move ND resoluton logic from nd6_output() to nd6_storelladdr() and
rename it to nd6_resolve().

This allows us to get rid of non-Ethernet hacks by moving Ethernet
specific logic in the appropriate layer.

ok sthen@


# 1.60 01-Jun-2016 dlg

make nd6_llinfo_settimer take seconds instead of ticks.

most callers are working in seconds, internally it uses seconds, and
you can call timeout_add_sec as easily as timeout_add.

this also fixes an issue with an nd_defrouter expire which was
incorrectly scaled with ticks in a comparison.

ok mpi@


# 1.59 30-May-2016 dlg

remove code compensating for the "short" range of timeouts.

the nd6 code for managing expiries is never asked to handle intervals
greater than what timeouts can handle, so we dont need to overcompensate.

the code was also incorrect by using a long, which isnt that long
on ILP32 machines.

ok mpi@ millert@ benno@


# 1.58 30-Mar-2016 mpi

Implement proxy ARP for ART based on mpath support.

Since mpath is not enabled in RAMDISK, proxy ARP won't work there either.

ok bluhm@


# 1.57 03-Mar-2016 jca

Kill IPv6 prefix and router renumbering ioctls.

Router renumbering was never supported, prefix ioctls were deprecated
~15 years ago. Move some items in netinet6/nd6.h where they are still
used.

ok mikeb@ mpi@


Revision tags: OPENBSD_5_9_BASE
# 1.56 18-Dec-2015 tb

Convert arc4random() to arc4random_uniorm(). Diff by Matthew Martin.

Ensure that arc4random_uniform() doesn't loop by redefining
ND6_MAX_DESYNC_FACTOR to be 512, the largest power of two smaller
than the RFC-specified 600 seconds. Suggested by florian@ and deraadt@

ok florian@, sthen@ in this form, arc4random change ok djm@, tedu@


# 1.55 06-Nov-2015 mpi

Change nd6_nud_hint() to no longer manipulate rt_ifp directly.

While here remove unused argument and convert the route check to
rtisvalid(9).

ok bluhm@


# 1.54 02-Nov-2015 bluhm

Implement the list of nd6 llinfo entries with a TAILQ.
OK millert@ mpi@


# 1.53 02-Nov-2015 mpi

Prefer an existing refcounted ``ifp'' to rt_ifp when possible or use the
interface index directly.

ok bluhm@


# 1.52 28-Oct-2015 florian

Remove linkmtu and maxmtu from struct nd_ifinfo. IN6_LINKMTU can now
die and ifp->if_mtu is the one true mtu.
Suggested by and OK mpi@


# 1.51 25-Oct-2015 mpi

Introduce if_rtrequest() the successor of ifa_rtrequest().

L2 resolution depends on the protocol (encoded in the route entry) and
an ``ifp''. Not having to care about an ``ifa'' makes our life easier
in our MP effort. Fewer dependencies between data structures implies
fewer headaches.

Discussed with bluhm@, ok claudio@


# 1.50 24-Oct-2015 mpi

Ignore Router Advertisment's current hop limit.

Appart from the usual inet6 axe murdering exercise to keep you fit, this
allows us to get rid of a lot of layer violation due to the use of per-
ifp variables to store the current hop limit.

Imputs from bluhm@, ok phessler@, florian@, bluhm@


# 1.49 31-Aug-2015 mpi

The return value of nd6_cache_lladdr() is never used so make it a void.

Fewer "struct rtentry" left in the wild!


# 1.48 24-Aug-2015 mpi

nd6_prefix_add() is no longer used and die.


# 1.47 24-Aug-2015 mpi

Start moving away from the global prefix list by limiting its usage to
AUTOCONF'd addresses.

This prevent the kernel from removing connected (/64) routes as soon as
it configures an AUTOCONF'd address based on a RA.

Tested by sebastia@, ok sthen@


# 1.46 24-Aug-2015 mpi

Rework the code to decide when to perform DAD to no longer rely on the
IN6_IFF_NODAD pseudo-flag not being set.

This was just a flag for spaghetti code that should not exist in the
first place.

Tested by sebastia@, ok sthen@


# 1.45 18-Aug-2015 mpi

Call rtfree(9) when we no longer need the route entry rather than
decrementing rt_refcnt just after rtrequest1(9).

While here reduce the differences with rt_ifa_add(9). There's still
an ambiguity about rtrequest1(9)'s return value, but bluhm@ will
address that in a different diff.

Discussed with and ok bluhm@


Revision tags: OPENBSD_5_8_BASE
# 1.44 18-Jul-2015 mpi

Merge two identical chunks to add new prefixes to the global data
structures into a function.

ok florian@


# 1.43 16-Jul-2015 mpi

Properly layer Router Solicitation code.

Tweak and ok florian@


# 1.42 09-Jul-2015 mpi

Remove unused arguments and the associated code from nd6_nud_hint().

ok claudio@


Revision tags: OPENBSD_5_7_BASE
# 1.41 20-Nov-2014 mpi

Rework the handling of interfaces and IPv6 addresses for local delivery.

- Unicast packets sent to any local address will have their interface
set to loobpack.

- In order to differentiate traffic from interfaces having identical
link-local addresses, provide the scoped addresses to pf(4).

- Update the icmp6 state lookup logic to match scoped MLL addresses.

- Remove a shortcut in ip6_input() that bypasses pf and always look
for an RTF_LOCAL route.

Packets sent to multicast addresses still retain their original
interface due to the fact that local multicast packet delivering
does not use if_output.

This makes ping6 to link-local addresses work even with pf enabled
and "set skip" on loopbacks, reported by Pieter Verberne.

Debugged, analysed and tested with mikeb@.

ok mikeb@, henning@, sthen@


# 1.40 10-Nov-2014 mpi

Do not pass an ifa pointer when we already have a DAD descriptor.

Tweaks and ok florian@


# 1.39 25-Aug-2014 florian

Move sending of router solicitations to the kernel; receiving and
processing of router advertisements was already in the kernel.
With this rtsol{,d}(8) is no longer necessary.

The kernel starts sending solicitations with
# ifconfig $IF inet6 autoconf
or
inet6 autoconf
in /etc/hostname.$IF.

input stsp@
much help & OK mpi@
tweaks & OK bluhm@


Revision tags: OPENBSD_5_6_BASE
# 1.38 11-Jul-2014 blambert

move IPv6 prefix adding from workq to taskq; as a happy benefit, we
can delete 2 dozen or so lines that check to see if we've queued
up a prefix addition multiple times.

ok stsp@


# 1.37 07-May-2014 mpi

Kill the {nd6_,}useloopback buttons, using the loopback interface for
local traffic is not optional.

ok mikeb@, stsp@, jca@


Revision tags: OPENBSD_5_5_BASE
# 1.36 07-Jan-2014 mikeb

Propagate an rdomain number to the nd6_lookup independently from
the ifp pointer which can be NULL. This prevents a crash reported
by David Hill <dhill at mindcry ! org>. OK bluhm


# 1.35 25-Oct-2013 deraadt

More _KERNEL namespace cleanup, just in case something out there
includes this.


# 1.34 28-Aug-2013 mpi

Remove unused argument from *rtrequest()

ok krw@, mikeb@


# 1.33 26-Aug-2013 bluhm

No one uses the obsolete IPv6 ioctls SIOCGDRLST_IN6, SIOCGPRLST_IN6,
OSIOCGIFINFO_IN6 anymore. Remove them together with the structs
in6_drlist, in6_oprlist, in6_prlist, in6_ondireq and the kernel
implementation.
OK mikeb@ henning@


# 1.32 11-Aug-2013 bluhm

To control the lifetime of IPv6 addresses, prefixes and default
routers, the kernel and ndp use a bunch of expire fields. Before
they were int or u_long, convert expire to time_t in all structs.
Move vltime and pltime to u_int32_t everywhere. Sort struct fields
by size. Struct inet6_ndpr_msghdr is not used at all, so remove
it.

Binary compatibility of rtsold and ndp break with this change as
rtsold uses in6_drlist and ndp uses in6_defrouter and in6_prefix
to interact with the kernel.

OK mpi@


Revision tags: OPENBSD_5_4_BASE
# 1.31 01-Jul-2013 bluhm

Do not access queue fields directly, use FOREACH() macro instead.
No binary change.
OK mikeb@ mpi@


# 1.30 11-Mar-2013 mpi

Remove unused code manipulating a default interface and its index,
This is a leftover from the on-link assumption behavior removal,
which has been deprecated by RFC4861 anyway.

ok mikeb@, bluhm@, florian@


Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
# 1.29 14-Feb-2012 sthen

typo in comment.


Revision tags: OPENBSD_5_0_BASE OPENBSD_5_1_BASE
# 1.28 03-Apr-2011 stsp

fix typos in comments
ok deraadt henning sthen thib (though thib says he can't spell)


Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
# 1.27 06-Apr-2010 stsp

Simple implementation of RFC4941, "Privacy Extensions for Stateless
Address Autoconfiguration in IPv6". For those among us who are paranoid
about broadcasting their MAC address to the IPv6 internet.

Man page help from jmc, testing by weerd, arc4random API hints from djm.

ok deraadt, claudio


Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE
# 1.26 11-Jun-2008 mcbride

From KAME, allow adjustable limits on NDP entries and discovered routes.

ok mpf naddy


Revision tags: OPENBSD_3_4_BASE OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE SMP_SYNC_A SMP_SYNC_B
# 1.25 08-Jul-2003 itojun

unifdef -U__otherBSD__


# 1.24 27-Jun-2003 itojun

split ND6 cache timer management to per-entry. increased accuracy,
no O(N) loop. sync w/ kame. marc tested, daniel ok


Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE UBC_SYNC_A UBC_SYNC_B
# 1.23 08-Jun-2002 itojun

gc


# 1.22 08-Jun-2002 itojun

sync with latest KAME in6_ifaddr/prefix/default router manipulation.
behavior changes:
- two iocts used by ndp(8) are now obsolete (backward compat provided).
use sysctl path instead.
- lo0 does not get ::1 automatically. it will get ::1 when lo0 comes up.


# 1.21 07-Jun-2002 itojun

cope with cases where maxmtu == 0 (shouldn't happen)


# 1.20 05-Jun-2002 itojun

be sure to use L3 MTU, not L2 MTU, when specified in spec (affects FDDI/ARCnet)


# 1.19 30-May-2002 itojun

improve nd6_setmtu(), to warn too-small MTU on SIOCSIFMTU. sync w/kame


# 1.18 29-May-2002 itojun

no need to supply obsolete field name "receivedra"


# 1.17 29-May-2002 itojun

attach nd_ifinfo structure to if_afdata.
split IPv6 MTU (advertised by RA) from real link MTU.
sync with kame


Revision tags: OPENBSD_3_1_BASE
# 1.16 14-Mar-2002 millert

First round of __P removal in sys


# 1.15 23-Jan-2002 fgsch

compatability -> compatibility.


Revision tags: OPENBSD_2_9_BASE OPENBSD_3_0_BASE UBC_BASE
# 1.14 23-Feb-2001 itojun

branches: 1.14.6;
garbage-collect stale ND entries (default: 1 day).
RFC 2461 5.3. sync with kame.


# 1.13 23-Feb-2001 itojun

remove unnecessary state, ND6_LLINFO_WAITDELETE, from neighbor cache
state machine.
no need for RTF_REJECT on neighbor cache entires, they are leftover from
ARP code.
sync with kame.


# 1.12 08-Feb-2001 itojun

when chasing nd6_llinfo chain, make sure we do not touch dangling
pointer (due to RTM_DELETE during default router list management).
from kame


# 1.11 08-Feb-2001 itojun

use timeout_xx() throughout sys/netinet6. sync with kame.


# 1.10 07-Feb-2001 itojun

by default, don't bark on inbound ND messages, as outsider may be able to
fill up /var with bogus packets.
setting net.inet6.icmp6.nd6_debug will re-enable kernel messages on invalid
ND packet and other occasions.

improve icmp6 stats.


# 1.9 19-Jan-2001 itojun

pull post-4.4BSD change to sys/net/route.c from BSD/OS 4.2 (UCB copyrighted).

have sys/net/route.c:rtrequest1(), which takes rt_addrinfo * as the argument.
pass rt_addrinfo all the way down to rtrequest, and ifa->ifa_rtrequest.
3rd arg of ifa->ifa_rtrequest is now rt_addrinfo * instead of sockaddr *
(almost noone is using it anyways).

benefit: the follwoing command now works. previously we need two route(8)
invocations, "add" then "change".
# route add -inet6 default ::1 -ifp gif0

remove unsafe typecast in rtrequest(), from rtentry * to sockaddr *. it was
introduced by 4.3BSD-reno and never corrected.

XXX is eon_rtrequest() change correct regarding to 3rd arg?
eon_rtrequest() and rtrequest() were incorrect since 4.3BSD-reno,
so i do not have correct answer in the source code.
someone with more clue about netiso-over-ip, please help.


Revision tags: OPENBSD_2_8_BASE
# 1.8 06-Jul-2000 itojun

- more icmp6/ip6 stats.
- protect IPv6 ND from being hosed (due to neighbor unreachability detection
hint) by wrong tcp traffic. still not sure if there's real attack, but
it is good to be cautious.
- avoid bitfield for router renumbering header decl.
- implement packet-per-sec limitation for icmp6 errors, turn interval
limit off (it is not very useful due to unix timer resolution).


# 1.7 19-May-2000 itojun

never forward packet with link-local address.
experimental support for new loopback packet handling (with FAKE_LOOPBACK_IF,
rcvif will be set to real outgoing interface, not the loopback, to honor scope)
sync with kame.


# 1.6 15-May-2000 itojun

perform NUD on p2p link, only if the destination/gateway is real neighbor.
this removes temporary workaround (no NUD on p2p link). KAME PR 245.


Revision tags: OPENBSD_2_7_BASE
# 1.5 17-Apr-2000 itojun

revisit in6_ifattach(). (1) make it more persistent about initializaing an
interface (2) cleanup interface id selection.
run NUD on p2p interface (required by spec for bidir p2p interface).
add "ndp -i interface" (can tweak per-interface ND flag).
(sync with more recent kame)


# 1.4 28-Feb-2000 itojun

bring in recent KAME changes (only important and stable ones, as usual).
- remove net.inet6.ip6.nd6_proxyall. introduce proxy NDP code works
just like "arp -s".
- revise source address selection.
be more careful about use of yet-to-be-valid addresses as source.
- as router, transmit ICMP6_DST_UNREACH_BEYONDSCOPE against out-of-scope
packet forwarding attempt.
- path MTU discovery takes care of routing header properly.
- be more strict about mbuf chain parsing.
- nuke xxCTL_VARS #define, they are for BSDI.
- disable SIOCSIFDSTADDR_IN6/SIOCSIFNETMASK_IN6 ioctl, they do not fit
IPv6 model where multiple address on interface is normal.
(kernel side supports them for a while for backward compat,
the support will be nuked shortly)
- introduce "default outgoing interface" (for spec conformance in very
rare case)


Revision tags: SMP_BASE
# 1.3 04-Feb-2000 itojun

branches: 1.3.2;
more coverage of in6_ifdetach()'s cleanup process.
bug fix in SIOCGIFADDR_IN6 (point to point case).


# 1.2 08-Jan-2000 deraadt

use arc4random() instead of random for two reasons.
1) on some architectures, random() should only be used by the scheduler
(ie. statintr() because it is uniformly distributed
2) arc4random() is actually strong, random() is not at all


Revision tags: kame_19991208
# 1.1 08-Dec-1999 itojun

bring in KAME IPv6 code, dated 19991208.
replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support.
see sys/netinet6/{TODO,IMPLEMENTATION} for more details.

GENERIC configuration should work fine as before. GENERIC.v6 works fine
as well, but you'll need KAME userland tools to play with IPv6 (will be
bringed into soon).


# 1.80 12-Nov-2022 kn

Remove unused RS_LHCOOKIE macro

Added in 2014 110585f259f4974284e531f0a1e121b001a580dc
Move sending of router solicitations to the kernel; [...]
but never used.


Revision tags: OPENBSD_7_2_BASE
# 1.79 08-Aug-2022 kn

Constify in6_addr pointer arguments in nd6_*() functions

All of them are passed to inspect/copy out fields, none of the functions
writes to the struct.

This makes it easier to argue about code (in MP context).

OK bluhm


# 1.78 28-Jul-2022 kn

Zap prototypes for nonexistent nd6_setmtu() and in6_ifdel()

Removed in 2015 and 2002, respectively.

OK claudio


# 1.77 22-Jul-2022 kn

Leftovers from florian's RS/NA purge from the kernel in 2017.

OK bluhm


Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE
# 1.76 28-Mar-2020 florian

Move ND6_PRIV_* constants from nd6.h to slaacd the only place where
they are used. Nobody in the wider eco system uses these.
While here reduce temporary address valid lifetime to 2 days as per
draft-ietf-6man-rfc4941bis. This should considerably reduce the amount
of addresses configured on an interface - a common complaint.
Original diff from Fernando Gont (fernando AT gont.com.ar), thanks!
Ports tree scanning by sthen@


Revision tags: OPENBSD_6_6_BASE
# 1.75 21-Jun-2019 mpi

Prevent recursions by not deleting entries inside rtable_walk(9).

rtable_walk(9) now passes a routing entry back to the caller when
a non zero value is returned and if it asked for it.
This allows us to call rtdeletemsg()/rtrequest_delete() from the
caller without creating a recursion because of rtflushclone().

Multicast code hasn't been adapted and is still possibly creating
recursions. However multicast route entries aren't cloned so if
a recursion exists it isn't because of rtflushclone().

Fix stack exhaustion triggered by the use of "-msave-args".

Issue reported by D��niel L��vai on bugs@ confirmed by and ok bluhm@.


Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE
# 1.74 27-Nov-2017 mpi

Use a single timer for all ND6 entries.

This prevents a use-after-free reported by Hrvoje Popovski where the
timeout function was already sleeping on the NET_LOCK() when ifconfig(8)
removed the enry from the table.

By iterating on a global list in the timeout routine we ensure that the
items are still valid when we process them. This also reduce differences
with ARP.

ok bluhm@, visa@


# 1.73 03-Nov-2017 florian

We are processing Router Solicitation / Advertisement messages only
for the Source Link-layer Address Options.
Merge nd6_rs_input() and nd6_ra_input() into one generic function that
does just that.

input & OK mpi


Revision tags: OPENBSD_6_2_BASE
# 1.72 09-Aug-2017 florian

Remove knob and always do neighbor unreachable detection.


# 1.71 09-Aug-2017 florian

accept_rtadv doesn't do anything since some time.
OK mpi


# 1.70 09-Aug-2017 florian

We are no longer generating privacy addresses in the
kernel.
OK mpi


# 1.69 08-Aug-2017 florian

Stop running nd6_expire every second.
We know when pltime or vltime decrease to zero. Run nd6_expire then.
Input & OK mpi, bluhm


# 1.68 12-Jul-2017 florian

Get rid of ICMPV6CTL_ND6_DRLIST and ICMPV6CTL_ND6_PRLIST sysctls
With this we can also get rid of in6_prefix and in6_defrouter. They
are meaningless, the kernel no longer tracks this information.

Pointed out by & OK mpi


# 1.67 11-Jul-2017 florian

Purging is at last at hand. Day of Doom is here. All that is evil
shall all be cleansed.

Remove sending of router solicitations and processing of router
advertisements from the kernel. It's handled by slaacd(8) these days.

Input & OK bluhm@, mpi@


Revision tags: OPENBSD_6_1_BASE
# 1.66 27-Dec-2016 bluhm

Move nd6 timer initialisation to nd6_init() and call timeout_set()
only once during init.
OK mpi@


# 1.65 28-Nov-2016 mpi

Remove multiple recursive splsoftnet().

ok bluhm@


# 1.64 21-Nov-2016 mpi

Assert that prelist_update() is always called at IPL_SOFTNET.

While here use __func__ in debug strings to reduce noise when grepping.


Revision tags: OPENBSD_6_0_BASE
# 1.63 13-Jul-2016 dlg

store nd6 expiries in the route, not separately in the llinfo struct.

this makes it more consistent with arp, and makes expiries visible
via route(8) get as well as ndp(8).

ok mpi@ florian@


# 1.62 15-Jun-2016 mpi

Kill nd6_output(), it doesn't do anything since the resolution logic
has been moved to nd6_resolve().

ok visa@, millert@, florian@, sthen@


# 1.61 08-Jun-2016 mpi

Move ND resoluton logic from nd6_output() to nd6_storelladdr() and
rename it to nd6_resolve().

This allows us to get rid of non-Ethernet hacks by moving Ethernet
specific logic in the appropriate layer.

ok sthen@


# 1.60 01-Jun-2016 dlg

make nd6_llinfo_settimer take seconds instead of ticks.

most callers are working in seconds, internally it uses seconds, and
you can call timeout_add_sec as easily as timeout_add.

this also fixes an issue with an nd_defrouter expire which was
incorrectly scaled with ticks in a comparison.

ok mpi@


# 1.59 30-May-2016 dlg

remove code compensating for the "short" range of timeouts.

the nd6 code for managing expiries is never asked to handle intervals
greater than what timeouts can handle, so we dont need to overcompensate.

the code was also incorrect by using a long, which isnt that long
on ILP32 machines.

ok mpi@ millert@ benno@


# 1.58 30-Mar-2016 mpi

Implement proxy ARP for ART based on mpath support.

Since mpath is not enabled in RAMDISK, proxy ARP won't work there either.

ok bluhm@


# 1.57 03-Mar-2016 jca

Kill IPv6 prefix and router renumbering ioctls.

Router renumbering was never supported, prefix ioctls were deprecated
~15 years ago. Move some items in netinet6/nd6.h where they are still
used.

ok mikeb@ mpi@


Revision tags: OPENBSD_5_9_BASE
# 1.56 18-Dec-2015 tb

Convert arc4random() to arc4random_uniorm(). Diff by Matthew Martin.

Ensure that arc4random_uniform() doesn't loop by redefining
ND6_MAX_DESYNC_FACTOR to be 512, the largest power of two smaller
than the RFC-specified 600 seconds. Suggested by florian@ and deraadt@

ok florian@, sthen@ in this form, arc4random change ok djm@, tedu@


# 1.55 06-Nov-2015 mpi

Change nd6_nud_hint() to no longer manipulate rt_ifp directly.

While here remove unused argument and convert the route check to
rtisvalid(9).

ok bluhm@


# 1.54 02-Nov-2015 bluhm

Implement the list of nd6 llinfo entries with a TAILQ.
OK millert@ mpi@


# 1.53 02-Nov-2015 mpi

Prefer an existing refcounted ``ifp'' to rt_ifp when possible or use the
interface index directly.

ok bluhm@


# 1.52 28-Oct-2015 florian

Remove linkmtu and maxmtu from struct nd_ifinfo. IN6_LINKMTU can now
die and ifp->if_mtu is the one true mtu.
Suggested by and OK mpi@


# 1.51 25-Oct-2015 mpi

Introduce if_rtrequest() the successor of ifa_rtrequest().

L2 resolution depends on the protocol (encoded in the route entry) and
an ``ifp''. Not having to care about an ``ifa'' makes our life easier
in our MP effort. Fewer dependencies between data structures implies
fewer headaches.

Discussed with bluhm@, ok claudio@


# 1.50 24-Oct-2015 mpi

Ignore Router Advertisment's current hop limit.

Appart from the usual inet6 axe murdering exercise to keep you fit, this
allows us to get rid of a lot of layer violation due to the use of per-
ifp variables to store the current hop limit.

Imputs from bluhm@, ok phessler@, florian@, bluhm@


# 1.49 31-Aug-2015 mpi

The return value of nd6_cache_lladdr() is never used so make it a void.

Fewer "struct rtentry" left in the wild!


# 1.48 24-Aug-2015 mpi

nd6_prefix_add() is no longer used and die.


# 1.47 24-Aug-2015 mpi

Start moving away from the global prefix list by limiting its usage to
AUTOCONF'd addresses.

This prevent the kernel from removing connected (/64) routes as soon as
it configures an AUTOCONF'd address based on a RA.

Tested by sebastia@, ok sthen@


# 1.46 24-Aug-2015 mpi

Rework the code to decide when to perform DAD to no longer rely on the
IN6_IFF_NODAD pseudo-flag not being set.

This was just a flag for spaghetti code that should not exist in the
first place.

Tested by sebastia@, ok sthen@


# 1.45 18-Aug-2015 mpi

Call rtfree(9) when we no longer need the route entry rather than
decrementing rt_refcnt just after rtrequest1(9).

While here reduce the differences with rt_ifa_add(9). There's still
an ambiguity about rtrequest1(9)'s return value, but bluhm@ will
address that in a different diff.

Discussed with and ok bluhm@


Revision tags: OPENBSD_5_8_BASE
# 1.44 18-Jul-2015 mpi

Merge two identical chunks to add new prefixes to the global data
structures into a function.

ok florian@


# 1.43 16-Jul-2015 mpi

Properly layer Router Solicitation code.

Tweak and ok florian@


# 1.42 09-Jul-2015 mpi

Remove unused arguments and the associated code from nd6_nud_hint().

ok claudio@


Revision tags: OPENBSD_5_7_BASE
# 1.41 20-Nov-2014 mpi

Rework the handling of interfaces and IPv6 addresses for local delivery.

- Unicast packets sent to any local address will have their interface
set to loobpack.

- In order to differentiate traffic from interfaces having identical
link-local addresses, provide the scoped addresses to pf(4).

- Update the icmp6 state lookup logic to match scoped MLL addresses.

- Remove a shortcut in ip6_input() that bypasses pf and always look
for an RTF_LOCAL route.

Packets sent to multicast addresses still retain their original
interface due to the fact that local multicast packet delivering
does not use if_output.

This makes ping6 to link-local addresses work even with pf enabled
and "set skip" on loopbacks, reported by Pieter Verberne.

Debugged, analysed and tested with mikeb@.

ok mikeb@, henning@, sthen@


# 1.40 10-Nov-2014 mpi

Do not pass an ifa pointer when we already have a DAD descriptor.

Tweaks and ok florian@


# 1.39 25-Aug-2014 florian

Move sending of router solicitations to the kernel; receiving and
processing of router advertisements was already in the kernel.
With this rtsol{,d}(8) is no longer necessary.

The kernel starts sending solicitations with
# ifconfig $IF inet6 autoconf
or
inet6 autoconf
in /etc/hostname.$IF.

input stsp@
much help & OK mpi@
tweaks & OK bluhm@


Revision tags: OPENBSD_5_6_BASE
# 1.38 11-Jul-2014 blambert

move IPv6 prefix adding from workq to taskq; as a happy benefit, we
can delete 2 dozen or so lines that check to see if we've queued
up a prefix addition multiple times.

ok stsp@


# 1.37 07-May-2014 mpi

Kill the {nd6_,}useloopback buttons, using the loopback interface for
local traffic is not optional.

ok mikeb@, stsp@, jca@


Revision tags: OPENBSD_5_5_BASE
# 1.36 07-Jan-2014 mikeb

Propagate an rdomain number to the nd6_lookup independently from
the ifp pointer which can be NULL. This prevents a crash reported
by David Hill <dhill at mindcry ! org>. OK bluhm


# 1.35 25-Oct-2013 deraadt

More _KERNEL namespace cleanup, just in case something out there
includes this.


# 1.34 28-Aug-2013 mpi

Remove unused argument from *rtrequest()

ok krw@, mikeb@


# 1.33 26-Aug-2013 bluhm

No one uses the obsolete IPv6 ioctls SIOCGDRLST_IN6, SIOCGPRLST_IN6,
OSIOCGIFINFO_IN6 anymore. Remove them together with the structs
in6_drlist, in6_oprlist, in6_prlist, in6_ondireq and the kernel
implementation.
OK mikeb@ henning@


# 1.32 11-Aug-2013 bluhm

To control the lifetime of IPv6 addresses, prefixes and default
routers, the kernel and ndp use a bunch of expire fields. Before
they were int or u_long, convert expire to time_t in all structs.
Move vltime and pltime to u_int32_t everywhere. Sort struct fields
by size. Struct inet6_ndpr_msghdr is not used at all, so remove
it.

Binary compatibility of rtsold and ndp break with this change as
rtsold uses in6_drlist and ndp uses in6_defrouter and in6_prefix
to interact with the kernel.

OK mpi@


Revision tags: OPENBSD_5_4_BASE
# 1.31 01-Jul-2013 bluhm

Do not access queue fields directly, use FOREACH() macro instead.
No binary change.
OK mikeb@ mpi@


# 1.30 11-Mar-2013 mpi

Remove unused code manipulating a default interface and its index,
This is a leftover from the on-link assumption behavior removal,
which has been deprecated by RFC4861 anyway.

ok mikeb@, bluhm@, florian@


Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
# 1.29 14-Feb-2012 sthen

typo in comment.


Revision tags: OPENBSD_5_0_BASE OPENBSD_5_1_BASE
# 1.28 03-Apr-2011 stsp

fix typos in comments
ok deraadt henning sthen thib (though thib says he can't spell)


Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
# 1.27 06-Apr-2010 stsp

Simple implementation of RFC4941, "Privacy Extensions for Stateless
Address Autoconfiguration in IPv6". For those among us who are paranoid
about broadcasting their MAC address to the IPv6 internet.

Man page help from jmc, testing by weerd, arc4random API hints from djm.

ok deraadt, claudio


Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE
# 1.26 11-Jun-2008 mcbride

From KAME, allow adjustable limits on NDP entries and discovered routes.

ok mpf naddy


Revision tags: OPENBSD_3_4_BASE OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE SMP_SYNC_A SMP_SYNC_B
# 1.25 08-Jul-2003 itojun

unifdef -U__otherBSD__


# 1.24 27-Jun-2003 itojun

split ND6 cache timer management to per-entry. increased accuracy,
no O(N) loop. sync w/ kame. marc tested, daniel ok


Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE UBC_SYNC_A UBC_SYNC_B
# 1.23 08-Jun-2002 itojun

gc


# 1.22 08-Jun-2002 itojun

sync with latest KAME in6_ifaddr/prefix/default router manipulation.
behavior changes:
- two iocts used by ndp(8) are now obsolete (backward compat provided).
use sysctl path instead.
- lo0 does not get ::1 automatically. it will get ::1 when lo0 comes up.


# 1.21 07-Jun-2002 itojun

cope with cases where maxmtu == 0 (shouldn't happen)


# 1.20 05-Jun-2002 itojun

be sure to use L3 MTU, not L2 MTU, when specified in spec (affects FDDI/ARCnet)


# 1.19 30-May-2002 itojun

improve nd6_setmtu(), to warn too-small MTU on SIOCSIFMTU. sync w/kame


# 1.18 29-May-2002 itojun

no need to supply obsolete field name "receivedra"


# 1.17 29-May-2002 itojun

attach nd_ifinfo structure to if_afdata.
split IPv6 MTU (advertised by RA) from real link MTU.
sync with kame


Revision tags: OPENBSD_3_1_BASE
# 1.16 14-Mar-2002 millert

First round of __P removal in sys


# 1.15 23-Jan-2002 fgsch

compatability -> compatibility.


Revision tags: OPENBSD_2_9_BASE OPENBSD_3_0_BASE UBC_BASE
# 1.14 23-Feb-2001 itojun

branches: 1.14.6;
garbage-collect stale ND entries (default: 1 day).
RFC 2461 5.3. sync with kame.


# 1.13 23-Feb-2001 itojun

remove unnecessary state, ND6_LLINFO_WAITDELETE, from neighbor cache
state machine.
no need for RTF_REJECT on neighbor cache entires, they are leftover from
ARP code.
sync with kame.


# 1.12 08-Feb-2001 itojun

when chasing nd6_llinfo chain, make sure we do not touch dangling
pointer (due to RTM_DELETE during default router list management).
from kame


# 1.11 08-Feb-2001 itojun

use timeout_xx() throughout sys/netinet6. sync with kame.


# 1.10 07-Feb-2001 itojun

by default, don't bark on inbound ND messages, as outsider may be able to
fill up /var with bogus packets.
setting net.inet6.icmp6.nd6_debug will re-enable kernel messages on invalid
ND packet and other occasions.

improve icmp6 stats.


# 1.9 19-Jan-2001 itojun

pull post-4.4BSD change to sys/net/route.c from BSD/OS 4.2 (UCB copyrighted).

have sys/net/route.c:rtrequest1(), which takes rt_addrinfo * as the argument.
pass rt_addrinfo all the way down to rtrequest, and ifa->ifa_rtrequest.
3rd arg of ifa->ifa_rtrequest is now rt_addrinfo * instead of sockaddr *
(almost noone is using it anyways).

benefit: the follwoing command now works. previously we need two route(8)
invocations, "add" then "change".
# route add -inet6 default ::1 -ifp gif0

remove unsafe typecast in rtrequest(), from rtentry * to sockaddr *. it was
introduced by 4.3BSD-reno and never corrected.

XXX is eon_rtrequest() change correct regarding to 3rd arg?
eon_rtrequest() and rtrequest() were incorrect since 4.3BSD-reno,
so i do not have correct answer in the source code.
someone with more clue about netiso-over-ip, please help.


Revision tags: OPENBSD_2_8_BASE
# 1.8 06-Jul-2000 itojun

- more icmp6/ip6 stats.
- protect IPv6 ND from being hosed (due to neighbor unreachability detection
hint) by wrong tcp traffic. still not sure if there's real attack, but
it is good to be cautious.
- avoid bitfield for router renumbering header decl.
- implement packet-per-sec limitation for icmp6 errors, turn interval
limit off (it is not very useful due to unix timer resolution).


# 1.7 19-May-2000 itojun

never forward packet with link-local address.
experimental support for new loopback packet handling (with FAKE_LOOPBACK_IF,
rcvif will be set to real outgoing interface, not the loopback, to honor scope)
sync with kame.


# 1.6 15-May-2000 itojun

perform NUD on p2p link, only if the destination/gateway is real neighbor.
this removes temporary workaround (no NUD on p2p link). KAME PR 245.


Revision tags: OPENBSD_2_7_BASE
# 1.5 17-Apr-2000 itojun

revisit in6_ifattach(). (1) make it more persistent about initializaing an
interface (2) cleanup interface id selection.
run NUD on p2p interface (required by spec for bidir p2p interface).
add "ndp -i interface" (can tweak per-interface ND flag).
(sync with more recent kame)


# 1.4 28-Feb-2000 itojun

bring in recent KAME changes (only important and stable ones, as usual).
- remove net.inet6.ip6.nd6_proxyall. introduce proxy NDP code works
just like "arp -s".
- revise source address selection.
be more careful about use of yet-to-be-valid addresses as source.
- as router, transmit ICMP6_DST_UNREACH_BEYONDSCOPE against out-of-scope
packet forwarding attempt.
- path MTU discovery takes care of routing header properly.
- be more strict about mbuf chain parsing.
- nuke xxCTL_VARS #define, they are for BSDI.
- disable SIOCSIFDSTADDR_IN6/SIOCSIFNETMASK_IN6 ioctl, they do not fit
IPv6 model where multiple address on interface is normal.
(kernel side supports them for a while for backward compat,
the support will be nuked shortly)
- introduce "default outgoing interface" (for spec conformance in very
rare case)


Revision tags: SMP_BASE
# 1.3 04-Feb-2000 itojun

branches: 1.3.2;
more coverage of in6_ifdetach()'s cleanup process.
bug fix in SIOCGIFADDR_IN6 (point to point case).


# 1.2 08-Jan-2000 deraadt

use arc4random() instead of random for two reasons.
1) on some architectures, random() should only be used by the scheduler
(ie. statintr() because it is uniformly distributed
2) arc4random() is actually strong, random() is not at all


Revision tags: kame_19991208
# 1.1 08-Dec-1999 itojun

bring in KAME IPv6 code, dated 19991208.
replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support.
see sys/netinet6/{TODO,IMPLEMENTATION} for more details.

GENERIC configuration should work fine as before. GENERIC.v6 works fine
as well, but you'll need KAME userland tools to play with IPv6 (will be
bringed into soon).


# 1.79 08-Aug-2022 kn

Constify in6_addr pointer arguments in nd6_*() functions

All of them are passed to inspect/copy out fields, none of the functions
writes to the struct.

This makes it easier to argue about code (in MP context).

OK bluhm


# 1.78 28-Jul-2022 kn

Zap prototypes for nonexistent nd6_setmtu() and in6_ifdel()

Removed in 2015 and 2002, respectively.

OK claudio


# 1.77 22-Jul-2022 kn

Leftovers from florian's RS/NA purge from the kernel in 2017.

OK bluhm


Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE
# 1.76 28-Mar-2020 florian

Move ND6_PRIV_* constants from nd6.h to slaacd the only place where
they are used. Nobody in the wider eco system uses these.
While here reduce temporary address valid lifetime to 2 days as per
draft-ietf-6man-rfc4941bis. This should considerably reduce the amount
of addresses configured on an interface - a common complaint.
Original diff from Fernando Gont (fernando AT gont.com.ar), thanks!
Ports tree scanning by sthen@


Revision tags: OPENBSD_6_6_BASE
# 1.75 21-Jun-2019 mpi

Prevent recursions by not deleting entries inside rtable_walk(9).

rtable_walk(9) now passes a routing entry back to the caller when
a non zero value is returned and if it asked for it.
This allows us to call rtdeletemsg()/rtrequest_delete() from the
caller without creating a recursion because of rtflushclone().

Multicast code hasn't been adapted and is still possibly creating
recursions. However multicast route entries aren't cloned so if
a recursion exists it isn't because of rtflushclone().

Fix stack exhaustion triggered by the use of "-msave-args".

Issue reported by D��niel L��vai on bugs@ confirmed by and ok bluhm@.


Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE
# 1.74 27-Nov-2017 mpi

Use a single timer for all ND6 entries.

This prevents a use-after-free reported by Hrvoje Popovski where the
timeout function was already sleeping on the NET_LOCK() when ifconfig(8)
removed the enry from the table.

By iterating on a global list in the timeout routine we ensure that the
items are still valid when we process them. This also reduce differences
with ARP.

ok bluhm@, visa@


# 1.73 03-Nov-2017 florian

We are processing Router Solicitation / Advertisement messages only
for the Source Link-layer Address Options.
Merge nd6_rs_input() and nd6_ra_input() into one generic function that
does just that.

input & OK mpi


Revision tags: OPENBSD_6_2_BASE
# 1.72 09-Aug-2017 florian

Remove knob and always do neighbor unreachable detection.


# 1.71 09-Aug-2017 florian

accept_rtadv doesn't do anything since some time.
OK mpi


# 1.70 09-Aug-2017 florian

We are no longer generating privacy addresses in the
kernel.
OK mpi


# 1.69 08-Aug-2017 florian

Stop running nd6_expire every second.
We know when pltime or vltime decrease to zero. Run nd6_expire then.
Input & OK mpi, bluhm


# 1.68 12-Jul-2017 florian

Get rid of ICMPV6CTL_ND6_DRLIST and ICMPV6CTL_ND6_PRLIST sysctls
With this we can also get rid of in6_prefix and in6_defrouter. They
are meaningless, the kernel no longer tracks this information.

Pointed out by & OK mpi


# 1.67 11-Jul-2017 florian

Purging is at last at hand. Day of Doom is here. All that is evil
shall all be cleansed.

Remove sending of router solicitations and processing of router
advertisements from the kernel. It's handled by slaacd(8) these days.

Input & OK bluhm@, mpi@


Revision tags: OPENBSD_6_1_BASE
# 1.66 27-Dec-2016 bluhm

Move nd6 timer initialisation to nd6_init() and call timeout_set()
only once during init.
OK mpi@


# 1.65 28-Nov-2016 mpi

Remove multiple recursive splsoftnet().

ok bluhm@


# 1.64 21-Nov-2016 mpi

Assert that prelist_update() is always called at IPL_SOFTNET.

While here use __func__ in debug strings to reduce noise when grepping.


Revision tags: OPENBSD_6_0_BASE
# 1.63 13-Jul-2016 dlg

store nd6 expiries in the route, not separately in the llinfo struct.

this makes it more consistent with arp, and makes expiries visible
via route(8) get as well as ndp(8).

ok mpi@ florian@


# 1.62 15-Jun-2016 mpi

Kill nd6_output(), it doesn't do anything since the resolution logic
has been moved to nd6_resolve().

ok visa@, millert@, florian@, sthen@


# 1.61 08-Jun-2016 mpi

Move ND resoluton logic from nd6_output() to nd6_storelladdr() and
rename it to nd6_resolve().

This allows us to get rid of non-Ethernet hacks by moving Ethernet
specific logic in the appropriate layer.

ok sthen@


# 1.60 01-Jun-2016 dlg

make nd6_llinfo_settimer take seconds instead of ticks.

most callers are working in seconds, internally it uses seconds, and
you can call timeout_add_sec as easily as timeout_add.

this also fixes an issue with an nd_defrouter expire which was
incorrectly scaled with ticks in a comparison.

ok mpi@


# 1.59 30-May-2016 dlg

remove code compensating for the "short" range of timeouts.

the nd6 code for managing expiries is never asked to handle intervals
greater than what timeouts can handle, so we dont need to overcompensate.

the code was also incorrect by using a long, which isnt that long
on ILP32 machines.

ok mpi@ millert@ benno@


# 1.58 30-Mar-2016 mpi

Implement proxy ARP for ART based on mpath support.

Since mpath is not enabled in RAMDISK, proxy ARP won't work there either.

ok bluhm@


# 1.57 03-Mar-2016 jca

Kill IPv6 prefix and router renumbering ioctls.

Router renumbering was never supported, prefix ioctls were deprecated
~15 years ago. Move some items in netinet6/nd6.h where they are still
used.

ok mikeb@ mpi@


Revision tags: OPENBSD_5_9_BASE
# 1.56 18-Dec-2015 tb

Convert arc4random() to arc4random_uniorm(). Diff by Matthew Martin.

Ensure that arc4random_uniform() doesn't loop by redefining
ND6_MAX_DESYNC_FACTOR to be 512, the largest power of two smaller
than the RFC-specified 600 seconds. Suggested by florian@ and deraadt@

ok florian@, sthen@ in this form, arc4random change ok djm@, tedu@


# 1.55 06-Nov-2015 mpi

Change nd6_nud_hint() to no longer manipulate rt_ifp directly.

While here remove unused argument and convert the route check to
rtisvalid(9).

ok bluhm@


# 1.54 02-Nov-2015 bluhm

Implement the list of nd6 llinfo entries with a TAILQ.
OK millert@ mpi@


# 1.53 02-Nov-2015 mpi

Prefer an existing refcounted ``ifp'' to rt_ifp when possible or use the
interface index directly.

ok bluhm@


# 1.52 28-Oct-2015 florian

Remove linkmtu and maxmtu from struct nd_ifinfo. IN6_LINKMTU can now
die and ifp->if_mtu is the one true mtu.
Suggested by and OK mpi@


# 1.51 25-Oct-2015 mpi

Introduce if_rtrequest() the successor of ifa_rtrequest().

L2 resolution depends on the protocol (encoded in the route entry) and
an ``ifp''. Not having to care about an ``ifa'' makes our life easier
in our MP effort. Fewer dependencies between data structures implies
fewer headaches.

Discussed with bluhm@, ok claudio@


# 1.50 24-Oct-2015 mpi

Ignore Router Advertisment's current hop limit.

Appart from the usual inet6 axe murdering exercise to keep you fit, this
allows us to get rid of a lot of layer violation due to the use of per-
ifp variables to store the current hop limit.

Imputs from bluhm@, ok phessler@, florian@, bluhm@


# 1.49 31-Aug-2015 mpi

The return value of nd6_cache_lladdr() is never used so make it a void.

Fewer "struct rtentry" left in the wild!


# 1.48 24-Aug-2015 mpi

nd6_prefix_add() is no longer used and die.


# 1.47 24-Aug-2015 mpi

Start moving away from the global prefix list by limiting its usage to
AUTOCONF'd addresses.

This prevent the kernel from removing connected (/64) routes as soon as
it configures an AUTOCONF'd address based on a RA.

Tested by sebastia@, ok sthen@


# 1.46 24-Aug-2015 mpi

Rework the code to decide when to perform DAD to no longer rely on the
IN6_IFF_NODAD pseudo-flag not being set.

This was just a flag for spaghetti code that should not exist in the
first place.

Tested by sebastia@, ok sthen@


# 1.45 18-Aug-2015 mpi

Call rtfree(9) when we no longer need the route entry rather than
decrementing rt_refcnt just after rtrequest1(9).

While here reduce the differences with rt_ifa_add(9). There's still
an ambiguity about rtrequest1(9)'s return value, but bluhm@ will
address that in a different diff.

Discussed with and ok bluhm@


Revision tags: OPENBSD_5_8_BASE
# 1.44 18-Jul-2015 mpi

Merge two identical chunks to add new prefixes to the global data
structures into a function.

ok florian@


# 1.43 16-Jul-2015 mpi

Properly layer Router Solicitation code.

Tweak and ok florian@


# 1.42 09-Jul-2015 mpi

Remove unused arguments and the associated code from nd6_nud_hint().

ok claudio@


Revision tags: OPENBSD_5_7_BASE
# 1.41 20-Nov-2014 mpi

Rework the handling of interfaces and IPv6 addresses for local delivery.

- Unicast packets sent to any local address will have their interface
set to loobpack.

- In order to differentiate traffic from interfaces having identical
link-local addresses, provide the scoped addresses to pf(4).

- Update the icmp6 state lookup logic to match scoped MLL addresses.

- Remove a shortcut in ip6_input() that bypasses pf and always look
for an RTF_LOCAL route.

Packets sent to multicast addresses still retain their original
interface due to the fact that local multicast packet delivering
does not use if_output.

This makes ping6 to link-local addresses work even with pf enabled
and "set skip" on loopbacks, reported by Pieter Verberne.

Debugged, analysed and tested with mikeb@.

ok mikeb@, henning@, sthen@


# 1.40 10-Nov-2014 mpi

Do not pass an ifa pointer when we already have a DAD descriptor.

Tweaks and ok florian@


# 1.39 25-Aug-2014 florian

Move sending of router solicitations to the kernel; receiving and
processing of router advertisements was already in the kernel.
With this rtsol{,d}(8) is no longer necessary.

The kernel starts sending solicitations with
# ifconfig $IF inet6 autoconf
or
inet6 autoconf
in /etc/hostname.$IF.

input stsp@
much help & OK mpi@
tweaks & OK bluhm@


Revision tags: OPENBSD_5_6_BASE
# 1.38 11-Jul-2014 blambert

move IPv6 prefix adding from workq to taskq; as a happy benefit, we
can delete 2 dozen or so lines that check to see if we've queued
up a prefix addition multiple times.

ok stsp@


# 1.37 07-May-2014 mpi

Kill the {nd6_,}useloopback buttons, using the loopback interface for
local traffic is not optional.

ok mikeb@, stsp@, jca@


Revision tags: OPENBSD_5_5_BASE
# 1.36 07-Jan-2014 mikeb

Propagate an rdomain number to the nd6_lookup independently from
the ifp pointer which can be NULL. This prevents a crash reported
by David Hill <dhill at mindcry ! org>. OK bluhm


# 1.35 25-Oct-2013 deraadt

More _KERNEL namespace cleanup, just in case something out there
includes this.


# 1.34 28-Aug-2013 mpi

Remove unused argument from *rtrequest()

ok krw@, mikeb@


# 1.33 26-Aug-2013 bluhm

No one uses the obsolete IPv6 ioctls SIOCGDRLST_IN6, SIOCGPRLST_IN6,
OSIOCGIFINFO_IN6 anymore. Remove them together with the structs
in6_drlist, in6_oprlist, in6_prlist, in6_ondireq and the kernel
implementation.
OK mikeb@ henning@


# 1.32 11-Aug-2013 bluhm

To control the lifetime of IPv6 addresses, prefixes and default
routers, the kernel and ndp use a bunch of expire fields. Before
they were int or u_long, convert expire to time_t in all structs.
Move vltime and pltime to u_int32_t everywhere. Sort struct fields
by size. Struct inet6_ndpr_msghdr is not used at all, so remove
it.

Binary compatibility of rtsold and ndp break with this change as
rtsold uses in6_drlist and ndp uses in6_defrouter and in6_prefix
to interact with the kernel.

OK mpi@


Revision tags: OPENBSD_5_4_BASE
# 1.31 01-Jul-2013 bluhm

Do not access queue fields directly, use FOREACH() macro instead.
No binary change.
OK mikeb@ mpi@


# 1.30 11-Mar-2013 mpi

Remove unused code manipulating a default interface and its index,
This is a leftover from the on-link assumption behavior removal,
which has been deprecated by RFC4861 anyway.

ok mikeb@, bluhm@, florian@


Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
# 1.29 14-Feb-2012 sthen

typo in comment.


Revision tags: OPENBSD_5_0_BASE OPENBSD_5_1_BASE
# 1.28 03-Apr-2011 stsp

fix typos in comments
ok deraadt henning sthen thib (though thib says he can't spell)


Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
# 1.27 06-Apr-2010 stsp

Simple implementation of RFC4941, "Privacy Extensions for Stateless
Address Autoconfiguration in IPv6". For those among us who are paranoid
about broadcasting their MAC address to the IPv6 internet.

Man page help from jmc, testing by weerd, arc4random API hints from djm.

ok deraadt, claudio


Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE
# 1.26 11-Jun-2008 mcbride

From KAME, allow adjustable limits on NDP entries and discovered routes.

ok mpf naddy


Revision tags: OPENBSD_3_4_BASE OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE SMP_SYNC_A SMP_SYNC_B
# 1.25 08-Jul-2003 itojun

unifdef -U__otherBSD__


# 1.24 27-Jun-2003 itojun

split ND6 cache timer management to per-entry. increased accuracy,
no O(N) loop. sync w/ kame. marc tested, daniel ok


Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE UBC_SYNC_A UBC_SYNC_B
# 1.23 08-Jun-2002 itojun

gc


# 1.22 08-Jun-2002 itojun

sync with latest KAME in6_ifaddr/prefix/default router manipulation.
behavior changes:
- two iocts used by ndp(8) are now obsolete (backward compat provided).
use sysctl path instead.
- lo0 does not get ::1 automatically. it will get ::1 when lo0 comes up.


# 1.21 07-Jun-2002 itojun

cope with cases where maxmtu == 0 (shouldn't happen)


# 1.20 05-Jun-2002 itojun

be sure to use L3 MTU, not L2 MTU, when specified in spec (affects FDDI/ARCnet)


# 1.19 30-May-2002 itojun

improve nd6_setmtu(), to warn too-small MTU on SIOCSIFMTU. sync w/kame


# 1.18 29-May-2002 itojun

no need to supply obsolete field name "receivedra"


# 1.17 29-May-2002 itojun

attach nd_ifinfo structure to if_afdata.
split IPv6 MTU (advertised by RA) from real link MTU.
sync with kame


Revision tags: OPENBSD_3_1_BASE
# 1.16 14-Mar-2002 millert

First round of __P removal in sys


# 1.15 23-Jan-2002 fgsch

compatability -> compatibility.


Revision tags: OPENBSD_2_9_BASE OPENBSD_3_0_BASE UBC_BASE
# 1.14 23-Feb-2001 itojun

branches: 1.14.6;
garbage-collect stale ND entries (default: 1 day).
RFC 2461 5.3. sync with kame.


# 1.13 23-Feb-2001 itojun

remove unnecessary state, ND6_LLINFO_WAITDELETE, from neighbor cache
state machine.
no need for RTF_REJECT on neighbor cache entires, they are leftover from
ARP code.
sync with kame.


# 1.12 08-Feb-2001 itojun

when chasing nd6_llinfo chain, make sure we do not touch dangling
pointer (due to RTM_DELETE during default router list management).
from kame


# 1.11 08-Feb-2001 itojun

use timeout_xx() throughout sys/netinet6. sync with kame.


# 1.10 07-Feb-2001 itojun

by default, don't bark on inbound ND messages, as outsider may be able to
fill up /var with bogus packets.
setting net.inet6.icmp6.nd6_debug will re-enable kernel messages on invalid
ND packet and other occasions.

improve icmp6 stats.


# 1.9 19-Jan-2001 itojun

pull post-4.4BSD change to sys/net/route.c from BSD/OS 4.2 (UCB copyrighted).

have sys/net/route.c:rtrequest1(), which takes rt_addrinfo * as the argument.
pass rt_addrinfo all the way down to rtrequest, and ifa->ifa_rtrequest.
3rd arg of ifa->ifa_rtrequest is now rt_addrinfo * instead of sockaddr *
(almost noone is using it anyways).

benefit: the follwoing command now works. previously we need two route(8)
invocations, "add" then "change".
# route add -inet6 default ::1 -ifp gif0

remove unsafe typecast in rtrequest(), from rtentry * to sockaddr *. it was
introduced by 4.3BSD-reno and never corrected.

XXX is eon_rtrequest() change correct regarding to 3rd arg?
eon_rtrequest() and rtrequest() were incorrect since 4.3BSD-reno,
so i do not have correct answer in the source code.
someone with more clue about netiso-over-ip, please help.


Revision tags: OPENBSD_2_8_BASE
# 1.8 06-Jul-2000 itojun

- more icmp6/ip6 stats.
- protect IPv6 ND from being hosed (due to neighbor unreachability detection
hint) by wrong tcp traffic. still not sure if there's real attack, but
it is good to be cautious.
- avoid bitfield for router renumbering header decl.
- implement packet-per-sec limitation for icmp6 errors, turn interval
limit off (it is not very useful due to unix timer resolution).


# 1.7 19-May-2000 itojun

never forward packet with link-local address.
experimental support for new loopback packet handling (with FAKE_LOOPBACK_IF,
rcvif will be set to real outgoing interface, not the loopback, to honor scope)
sync with kame.


# 1.6 15-May-2000 itojun

perform NUD on p2p link, only if the destination/gateway is real neighbor.
this removes temporary workaround (no NUD on p2p link). KAME PR 245.


Revision tags: OPENBSD_2_7_BASE
# 1.5 17-Apr-2000 itojun

revisit in6_ifattach(). (1) make it more persistent about initializaing an
interface (2) cleanup interface id selection.
run NUD on p2p interface (required by spec for bidir p2p interface).
add "ndp -i interface" (can tweak per-interface ND flag).
(sync with more recent kame)


# 1.4 28-Feb-2000 itojun

bring in recent KAME changes (only important and stable ones, as usual).
- remove net.inet6.ip6.nd6_proxyall. introduce proxy NDP code works
just like "arp -s".
- revise source address selection.
be more careful about use of yet-to-be-valid addresses as source.
- as router, transmit ICMP6_DST_UNREACH_BEYONDSCOPE against out-of-scope
packet forwarding attempt.
- path MTU discovery takes care of routing header properly.
- be more strict about mbuf chain parsing.
- nuke xxCTL_VARS #define, they are for BSDI.
- disable SIOCSIFDSTADDR_IN6/SIOCSIFNETMASK_IN6 ioctl, they do not fit
IPv6 model where multiple address on interface is normal.
(kernel side supports them for a while for backward compat,
the support will be nuked shortly)
- introduce "default outgoing interface" (for spec conformance in very
rare case)


Revision tags: SMP_BASE
# 1.3 04-Feb-2000 itojun

branches: 1.3.2;
more coverage of in6_ifdetach()'s cleanup process.
bug fix in SIOCGIFADDR_IN6 (point to point case).


# 1.2 08-Jan-2000 deraadt

use arc4random() instead of random for two reasons.
1) on some architectures, random() should only be used by the scheduler
(ie. statintr() because it is uniformly distributed
2) arc4random() is actually strong, random() is not at all


Revision tags: kame_19991208
# 1.1 08-Dec-1999 itojun

bring in KAME IPv6 code, dated 19991208.
replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support.
see sys/netinet6/{TODO,IMPLEMENTATION} for more details.

GENERIC configuration should work fine as before. GENERIC.v6 works fine
as well, but you'll need KAME userland tools to play with IPv6 (will be
bringed into soon).


# 1.78 28-Jul-2022 kn

Zap prototypes for nonexistent nd6_setmtu() and in6_ifdel()

Removed in 2015 and 2002, respectively.

OK claudio


# 1.77 22-Jul-2022 kn

Leftovers from florian's RS/NA purge from the kernel in 2017.

OK bluhm


Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE
# 1.76 28-Mar-2020 florian

Move ND6_PRIV_* constants from nd6.h to slaacd the only place where
they are used. Nobody in the wider eco system uses these.
While here reduce temporary address valid lifetime to 2 days as per
draft-ietf-6man-rfc4941bis. This should considerably reduce the amount
of addresses configured on an interface - a common complaint.
Original diff from Fernando Gont (fernando AT gont.com.ar), thanks!
Ports tree scanning by sthen@


Revision tags: OPENBSD_6_6_BASE
# 1.75 21-Jun-2019 mpi

Prevent recursions by not deleting entries inside rtable_walk(9).

rtable_walk(9) now passes a routing entry back to the caller when
a non zero value is returned and if it asked for it.
This allows us to call rtdeletemsg()/rtrequest_delete() from the
caller without creating a recursion because of rtflushclone().

Multicast code hasn't been adapted and is still possibly creating
recursions. However multicast route entries aren't cloned so if
a recursion exists it isn't because of rtflushclone().

Fix stack exhaustion triggered by the use of "-msave-args".

Issue reported by D��niel L��vai on bugs@ confirmed by and ok bluhm@.


Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE
# 1.74 27-Nov-2017 mpi

Use a single timer for all ND6 entries.

This prevents a use-after-free reported by Hrvoje Popovski where the
timeout function was already sleeping on the NET_LOCK() when ifconfig(8)
removed the enry from the table.

By iterating on a global list in the timeout routine we ensure that the
items are still valid when we process them. This also reduce differences
with ARP.

ok bluhm@, visa@


# 1.73 03-Nov-2017 florian

We are processing Router Solicitation / Advertisement messages only
for the Source Link-layer Address Options.
Merge nd6_rs_input() and nd6_ra_input() into one generic function that
does just that.

input & OK mpi


Revision tags: OPENBSD_6_2_BASE
# 1.72 09-Aug-2017 florian

Remove knob and always do neighbor unreachable detection.


# 1.71 09-Aug-2017 florian

accept_rtadv doesn't do anything since some time.
OK mpi


# 1.70 09-Aug-2017 florian

We are no longer generating privacy addresses in the
kernel.
OK mpi


# 1.69 08-Aug-2017 florian

Stop running nd6_expire every second.
We know when pltime or vltime decrease to zero. Run nd6_expire then.
Input & OK mpi, bluhm


# 1.68 12-Jul-2017 florian

Get rid of ICMPV6CTL_ND6_DRLIST and ICMPV6CTL_ND6_PRLIST sysctls
With this we can also get rid of in6_prefix and in6_defrouter. They
are meaningless, the kernel no longer tracks this information.

Pointed out by & OK mpi


# 1.67 11-Jul-2017 florian

Purging is at last at hand. Day of Doom is here. All that is evil
shall all be cleansed.

Remove sending of router solicitations and processing of router
advertisements from the kernel. It's handled by slaacd(8) these days.

Input & OK bluhm@, mpi@


Revision tags: OPENBSD_6_1_BASE
# 1.66 27-Dec-2016 bluhm

Move nd6 timer initialisation to nd6_init() and call timeout_set()
only once during init.
OK mpi@


# 1.65 28-Nov-2016 mpi

Remove multiple recursive splsoftnet().

ok bluhm@


# 1.64 21-Nov-2016 mpi

Assert that prelist_update() is always called at IPL_SOFTNET.

While here use __func__ in debug strings to reduce noise when grepping.


Revision tags: OPENBSD_6_0_BASE
# 1.63 13-Jul-2016 dlg

store nd6 expiries in the route, not separately in the llinfo struct.

this makes it more consistent with arp, and makes expiries visible
via route(8) get as well as ndp(8).

ok mpi@ florian@


# 1.62 15-Jun-2016 mpi

Kill nd6_output(), it doesn't do anything since the resolution logic
has been moved to nd6_resolve().

ok visa@, millert@, florian@, sthen@


# 1.61 08-Jun-2016 mpi

Move ND resoluton logic from nd6_output() to nd6_storelladdr() and
rename it to nd6_resolve().

This allows us to get rid of non-Ethernet hacks by moving Ethernet
specific logic in the appropriate layer.

ok sthen@


# 1.60 01-Jun-2016 dlg

make nd6_llinfo_settimer take seconds instead of ticks.

most callers are working in seconds, internally it uses seconds, and
you can call timeout_add_sec as easily as timeout_add.

this also fixes an issue with an nd_defrouter expire which was
incorrectly scaled with ticks in a comparison.

ok mpi@


# 1.59 30-May-2016 dlg

remove code compensating for the "short" range of timeouts.

the nd6 code for managing expiries is never asked to handle intervals
greater than what timeouts can handle, so we dont need to overcompensate.

the code was also incorrect by using a long, which isnt that long
on ILP32 machines.

ok mpi@ millert@ benno@


# 1.58 30-Mar-2016 mpi

Implement proxy ARP for ART based on mpath support.

Since mpath is not enabled in RAMDISK, proxy ARP won't work there either.

ok bluhm@


# 1.57 03-Mar-2016 jca

Kill IPv6 prefix and router renumbering ioctls.

Router renumbering was never supported, prefix ioctls were deprecated
~15 years ago. Move some items in netinet6/nd6.h where they are still
used.

ok mikeb@ mpi@


Revision tags: OPENBSD_5_9_BASE
# 1.56 18-Dec-2015 tb

Convert arc4random() to arc4random_uniorm(). Diff by Matthew Martin.

Ensure that arc4random_uniform() doesn't loop by redefining
ND6_MAX_DESYNC_FACTOR to be 512, the largest power of two smaller
than the RFC-specified 600 seconds. Suggested by florian@ and deraadt@

ok florian@, sthen@ in this form, arc4random change ok djm@, tedu@


# 1.55 06-Nov-2015 mpi

Change nd6_nud_hint() to no longer manipulate rt_ifp directly.

While here remove unused argument and convert the route check to
rtisvalid(9).

ok bluhm@


# 1.54 02-Nov-2015 bluhm

Implement the list of nd6 llinfo entries with a TAILQ.
OK millert@ mpi@


# 1.53 02-Nov-2015 mpi

Prefer an existing refcounted ``ifp'' to rt_ifp when possible or use the
interface index directly.

ok bluhm@


# 1.52 28-Oct-2015 florian

Remove linkmtu and maxmtu from struct nd_ifinfo. IN6_LINKMTU can now
die and ifp->if_mtu is the one true mtu.
Suggested by and OK mpi@


# 1.51 25-Oct-2015 mpi

Introduce if_rtrequest() the successor of ifa_rtrequest().

L2 resolution depends on the protocol (encoded in the route entry) and
an ``ifp''. Not having to care about an ``ifa'' makes our life easier
in our MP effort. Fewer dependencies between data structures implies
fewer headaches.

Discussed with bluhm@, ok claudio@


# 1.50 24-Oct-2015 mpi

Ignore Router Advertisment's current hop limit.

Appart from the usual inet6 axe murdering exercise to keep you fit, this
allows us to get rid of a lot of layer violation due to the use of per-
ifp variables to store the current hop limit.

Imputs from bluhm@, ok phessler@, florian@, bluhm@


# 1.49 31-Aug-2015 mpi

The return value of nd6_cache_lladdr() is never used so make it a void.

Fewer "struct rtentry" left in the wild!


# 1.48 24-Aug-2015 mpi

nd6_prefix_add() is no longer used and die.


# 1.47 24-Aug-2015 mpi

Start moving away from the global prefix list by limiting its usage to
AUTOCONF'd addresses.

This prevent the kernel from removing connected (/64) routes as soon as
it configures an AUTOCONF'd address based on a RA.

Tested by sebastia@, ok sthen@


# 1.46 24-Aug-2015 mpi

Rework the code to decide when to perform DAD to no longer rely on the
IN6_IFF_NODAD pseudo-flag not being set.

This was just a flag for spaghetti code that should not exist in the
first place.

Tested by sebastia@, ok sthen@


# 1.45 18-Aug-2015 mpi

Call rtfree(9) when we no longer need the route entry rather than
decrementing rt_refcnt just after rtrequest1(9).

While here reduce the differences with rt_ifa_add(9). There's still
an ambiguity about rtrequest1(9)'s return value, but bluhm@ will
address that in a different diff.

Discussed with and ok bluhm@


Revision tags: OPENBSD_5_8_BASE
# 1.44 18-Jul-2015 mpi

Merge two identical chunks to add new prefixes to the global data
structures into a function.

ok florian@


# 1.43 16-Jul-2015 mpi

Properly layer Router Solicitation code.

Tweak and ok florian@


# 1.42 09-Jul-2015 mpi

Remove unused arguments and the associated code from nd6_nud_hint().

ok claudio@


Revision tags: OPENBSD_5_7_BASE
# 1.41 20-Nov-2014 mpi

Rework the handling of interfaces and IPv6 addresses for local delivery.

- Unicast packets sent to any local address will have their interface
set to loobpack.

- In order to differentiate traffic from interfaces having identical
link-local addresses, provide the scoped addresses to pf(4).

- Update the icmp6 state lookup logic to match scoped MLL addresses.

- Remove a shortcut in ip6_input() that bypasses pf and always look
for an RTF_LOCAL route.

Packets sent to multicast addresses still retain their original
interface due to the fact that local multicast packet delivering
does not use if_output.

This makes ping6 to link-local addresses work even with pf enabled
and "set skip" on loopbacks, reported by Pieter Verberne.

Debugged, analysed and tested with mikeb@.

ok mikeb@, henning@, sthen@


# 1.40 10-Nov-2014 mpi

Do not pass an ifa pointer when we already have a DAD descriptor.

Tweaks and ok florian@


# 1.39 25-Aug-2014 florian

Move sending of router solicitations to the kernel; receiving and
processing of router advertisements was already in the kernel.
With this rtsol{,d}(8) is no longer necessary.

The kernel starts sending solicitations with
# ifconfig $IF inet6 autoconf
or
inet6 autoconf
in /etc/hostname.$IF.

input stsp@
much help & OK mpi@
tweaks & OK bluhm@


Revision tags: OPENBSD_5_6_BASE
# 1.38 11-Jul-2014 blambert

move IPv6 prefix adding from workq to taskq; as a happy benefit, we
can delete 2 dozen or so lines that check to see if we've queued
up a prefix addition multiple times.

ok stsp@


# 1.37 07-May-2014 mpi

Kill the {nd6_,}useloopback buttons, using the loopback interface for
local traffic is not optional.

ok mikeb@, stsp@, jca@


Revision tags: OPENBSD_5_5_BASE
# 1.36 07-Jan-2014 mikeb

Propagate an rdomain number to the nd6_lookup independently from
the ifp pointer which can be NULL. This prevents a crash reported
by David Hill <dhill at mindcry ! org>. OK bluhm


# 1.35 25-Oct-2013 deraadt

More _KERNEL namespace cleanup, just in case something out there
includes this.


# 1.34 28-Aug-2013 mpi

Remove unused argument from *rtrequest()

ok krw@, mikeb@


# 1.33 26-Aug-2013 bluhm

No one uses the obsolete IPv6 ioctls SIOCGDRLST_IN6, SIOCGPRLST_IN6,
OSIOCGIFINFO_IN6 anymore. Remove them together with the structs
in6_drlist, in6_oprlist, in6_prlist, in6_ondireq and the kernel
implementation.
OK mikeb@ henning@


# 1.32 11-Aug-2013 bluhm

To control the lifetime of IPv6 addresses, prefixes and default
routers, the kernel and ndp use a bunch of expire fields. Before
they were int or u_long, convert expire to time_t in all structs.
Move vltime and pltime to u_int32_t everywhere. Sort struct fields
by size. Struct inet6_ndpr_msghdr is not used at all, so remove
it.

Binary compatibility of rtsold and ndp break with this change as
rtsold uses in6_drlist and ndp uses in6_defrouter and in6_prefix
to interact with the kernel.

OK mpi@


Revision tags: OPENBSD_5_4_BASE
# 1.31 01-Jul-2013 bluhm

Do not access queue fields directly, use FOREACH() macro instead.
No binary change.
OK mikeb@ mpi@


# 1.30 11-Mar-2013 mpi

Remove unused code manipulating a default interface and its index,
This is a leftover from the on-link assumption behavior removal,
which has been deprecated by RFC4861 anyway.

ok mikeb@, bluhm@, florian@


Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
# 1.29 14-Feb-2012 sthen

typo in comment.


Revision tags: OPENBSD_5_0_BASE OPENBSD_5_1_BASE
# 1.28 03-Apr-2011 stsp

fix typos in comments
ok deraadt henning sthen thib (though thib says he can't spell)


Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
# 1.27 06-Apr-2010 stsp

Simple implementation of RFC4941, "Privacy Extensions for Stateless
Address Autoconfiguration in IPv6". For those among us who are paranoid
about broadcasting their MAC address to the IPv6 internet.

Man page help from jmc, testing by weerd, arc4random API hints from djm.

ok deraadt, claudio


Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE
# 1.26 11-Jun-2008 mcbride

From KAME, allow adjustable limits on NDP entries and discovered routes.

ok mpf naddy


Revision tags: OPENBSD_3_4_BASE OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE SMP_SYNC_A SMP_SYNC_B
# 1.25 08-Jul-2003 itojun

unifdef -U__otherBSD__


# 1.24 27-Jun-2003 itojun

split ND6 cache timer management to per-entry. increased accuracy,
no O(N) loop. sync w/ kame. marc tested, daniel ok


Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE UBC_SYNC_A UBC_SYNC_B
# 1.23 08-Jun-2002 itojun

gc


# 1.22 08-Jun-2002 itojun

sync with latest KAME in6_ifaddr/prefix/default router manipulation.
behavior changes:
- two iocts used by ndp(8) are now obsolete (backward compat provided).
use sysctl path instead.
- lo0 does not get ::1 automatically. it will get ::1 when lo0 comes up.


# 1.21 07-Jun-2002 itojun

cope with cases where maxmtu == 0 (shouldn't happen)


# 1.20 05-Jun-2002 itojun

be sure to use L3 MTU, not L2 MTU, when specified in spec (affects FDDI/ARCnet)


# 1.19 30-May-2002 itojun

improve nd6_setmtu(), to warn too-small MTU on SIOCSIFMTU. sync w/kame


# 1.18 29-May-2002 itojun

no need to supply obsolete field name "receivedra"


# 1.17 29-May-2002 itojun

attach nd_ifinfo structure to if_afdata.
split IPv6 MTU (advertised by RA) from real link MTU.
sync with kame


Revision tags: OPENBSD_3_1_BASE
# 1.16 14-Mar-2002 millert

First round of __P removal in sys


# 1.15 23-Jan-2002 fgsch

compatability -> compatibility.


Revision tags: OPENBSD_2_9_BASE OPENBSD_3_0_BASE UBC_BASE
# 1.14 23-Feb-2001 itojun

branches: 1.14.6;
garbage-collect stale ND entries (default: 1 day).
RFC 2461 5.3. sync with kame.


# 1.13 23-Feb-2001 itojun

remove unnecessary state, ND6_LLINFO_WAITDELETE, from neighbor cache
state machine.
no need for RTF_REJECT on neighbor cache entires, they are leftover from
ARP code.
sync with kame.


# 1.12 08-Feb-2001 itojun

when chasing nd6_llinfo chain, make sure we do not touch dangling
pointer (due to RTM_DELETE during default router list management).
from kame


# 1.11 08-Feb-2001 itojun

use timeout_xx() throughout sys/netinet6. sync with kame.


# 1.10 07-Feb-2001 itojun

by default, don't bark on inbound ND messages, as outsider may be able to
fill up /var with bogus packets.
setting net.inet6.icmp6.nd6_debug will re-enable kernel messages on invalid
ND packet and other occasions.

improve icmp6 stats.


# 1.9 19-Jan-2001 itojun

pull post-4.4BSD change to sys/net/route.c from BSD/OS 4.2 (UCB copyrighted).

have sys/net/route.c:rtrequest1(), which takes rt_addrinfo * as the argument.
pass rt_addrinfo all the way down to rtrequest, and ifa->ifa_rtrequest.
3rd arg of ifa->ifa_rtrequest is now rt_addrinfo * instead of sockaddr *
(almost noone is using it anyways).

benefit: the follwoing command now works. previously we need two route(8)
invocations, "add" then "change".
# route add -inet6 default ::1 -ifp gif0

remove unsafe typecast in rtrequest(), from rtentry * to sockaddr *. it was
introduced by 4.3BSD-reno and never corrected.

XXX is eon_rtrequest() change correct regarding to 3rd arg?
eon_rtrequest() and rtrequest() were incorrect since 4.3BSD-reno,
so i do not have correct answer in the source code.
someone with more clue about netiso-over-ip, please help.


Revision tags: OPENBSD_2_8_BASE
# 1.8 06-Jul-2000 itojun

- more icmp6/ip6 stats.
- protect IPv6 ND from being hosed (due to neighbor unreachability detection
hint) by wrong tcp traffic. still not sure if there's real attack, but
it is good to be cautious.
- avoid bitfield for router renumbering header decl.
- implement packet-per-sec limitation for icmp6 errors, turn interval
limit off (it is not very useful due to unix timer resolution).


# 1.7 19-May-2000 itojun

never forward packet with link-local address.
experimental support for new loopback packet handling (with FAKE_LOOPBACK_IF,
rcvif will be set to real outgoing interface, not the loopback, to honor scope)
sync with kame.


# 1.6 15-May-2000 itojun

perform NUD on p2p link, only if the destination/gateway is real neighbor.
this removes temporary workaround (no NUD on p2p link). KAME PR 245.


Revision tags: OPENBSD_2_7_BASE
# 1.5 17-Apr-2000 itojun

revisit in6_ifattach(). (1) make it more persistent about initializaing an
interface (2) cleanup interface id selection.
run NUD on p2p interface (required by spec for bidir p2p interface).
add "ndp -i interface" (can tweak per-interface ND flag).
(sync with more recent kame)


# 1.4 28-Feb-2000 itojun

bring in recent KAME changes (only important and stable ones, as usual).
- remove net.inet6.ip6.nd6_proxyall. introduce proxy NDP code works
just like "arp -s".
- revise source address selection.
be more careful about use of yet-to-be-valid addresses as source.
- as router, transmit ICMP6_DST_UNREACH_BEYONDSCOPE against out-of-scope
packet forwarding attempt.
- path MTU discovery takes care of routing header properly.
- be more strict about mbuf chain parsing.
- nuke xxCTL_VARS #define, they are for BSDI.
- disable SIOCSIFDSTADDR_IN6/SIOCSIFNETMASK_IN6 ioctl, they do not fit
IPv6 model where multiple address on interface is normal.
(kernel side supports them for a while for backward compat,
the support will be nuked shortly)
- introduce "default outgoing interface" (for spec conformance in very
rare case)


Revision tags: SMP_BASE
# 1.3 04-Feb-2000 itojun

branches: 1.3.2;
more coverage of in6_ifdetach()'s cleanup process.
bug fix in SIOCGIFADDR_IN6 (point to point case).


# 1.2 08-Jan-2000 deraadt

use arc4random() instead of random for two reasons.
1) on some architectures, random() should only be used by the scheduler
(ie. statintr() because it is uniformly distributed
2) arc4random() is actually strong, random() is not at all


Revision tags: kame_19991208
# 1.1 08-Dec-1999 itojun

bring in KAME IPv6 code, dated 19991208.
replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support.
see sys/netinet6/{TODO,IMPLEMENTATION} for more details.

GENERIC configuration should work fine as before. GENERIC.v6 works fine
as well, but you'll need KAME userland tools to play with IPv6 (will be
bringed into soon).


# 1.77 22-Jul-2022 kn

Leftovers from florian's RS/NA purge from the kernel in 2017.

OK bluhm


Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE
# 1.76 28-Mar-2020 florian

Move ND6_PRIV_* constants from nd6.h to slaacd the only place where
they are used. Nobody in the wider eco system uses these.
While here reduce temporary address valid lifetime to 2 days as per
draft-ietf-6man-rfc4941bis. This should considerably reduce the amount
of addresses configured on an interface - a common complaint.
Original diff from Fernando Gont (fernando AT gont.com.ar), thanks!
Ports tree scanning by sthen@


Revision tags: OPENBSD_6_6_BASE
# 1.75 21-Jun-2019 mpi

Prevent recursions by not deleting entries inside rtable_walk(9).

rtable_walk(9) now passes a routing entry back to the caller when
a non zero value is returned and if it asked for it.
This allows us to call rtdeletemsg()/rtrequest_delete() from the
caller without creating a recursion because of rtflushclone().

Multicast code hasn't been adapted and is still possibly creating
recursions. However multicast route entries aren't cloned so if
a recursion exists it isn't because of rtflushclone().

Fix stack exhaustion triggered by the use of "-msave-args".

Issue reported by D��niel L��vai on bugs@ confirmed by and ok bluhm@.


Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE
# 1.74 27-Nov-2017 mpi

Use a single timer for all ND6 entries.

This prevents a use-after-free reported by Hrvoje Popovski where the
timeout function was already sleeping on the NET_LOCK() when ifconfig(8)
removed the enry from the table.

By iterating on a global list in the timeout routine we ensure that the
items are still valid when we process them. This also reduce differences
with ARP.

ok bluhm@, visa@


# 1.73 03-Nov-2017 florian

We are processing Router Solicitation / Advertisement messages only
for the Source Link-layer Address Options.
Merge nd6_rs_input() and nd6_ra_input() into one generic function that
does just that.

input & OK mpi


Revision tags: OPENBSD_6_2_BASE
# 1.72 09-Aug-2017 florian

Remove knob and always do neighbor unreachable detection.


# 1.71 09-Aug-2017 florian

accept_rtadv doesn't do anything since some time.
OK mpi


# 1.70 09-Aug-2017 florian

We are no longer generating privacy addresses in the
kernel.
OK mpi


# 1.69 08-Aug-2017 florian

Stop running nd6_expire every second.
We know when pltime or vltime decrease to zero. Run nd6_expire then.
Input & OK mpi, bluhm


# 1.68 12-Jul-2017 florian

Get rid of ICMPV6CTL_ND6_DRLIST and ICMPV6CTL_ND6_PRLIST sysctls
With this we can also get rid of in6_prefix and in6_defrouter. They
are meaningless, the kernel no longer tracks this information.

Pointed out by & OK mpi


# 1.67 11-Jul-2017 florian

Purging is at last at hand. Day of Doom is here. All that is evil
shall all be cleansed.

Remove sending of router solicitations and processing of router
advertisements from the kernel. It's handled by slaacd(8) these days.

Input & OK bluhm@, mpi@


Revision tags: OPENBSD_6_1_BASE
# 1.66 27-Dec-2016 bluhm

Move nd6 timer initialisation to nd6_init() and call timeout_set()
only once during init.
OK mpi@


# 1.65 28-Nov-2016 mpi

Remove multiple recursive splsoftnet().

ok bluhm@


# 1.64 21-Nov-2016 mpi

Assert that prelist_update() is always called at IPL_SOFTNET.

While here use __func__ in debug strings to reduce noise when grepping.


Revision tags: OPENBSD_6_0_BASE
# 1.63 13-Jul-2016 dlg

store nd6 expiries in the route, not separately in the llinfo struct.

this makes it more consistent with arp, and makes expiries visible
via route(8) get as well as ndp(8).

ok mpi@ florian@


# 1.62 15-Jun-2016 mpi

Kill nd6_output(), it doesn't do anything since the resolution logic
has been moved to nd6_resolve().

ok visa@, millert@, florian@, sthen@


# 1.61 08-Jun-2016 mpi

Move ND resoluton logic from nd6_output() to nd6_storelladdr() and
rename it to nd6_resolve().

This allows us to get rid of non-Ethernet hacks by moving Ethernet
specific logic in the appropriate layer.

ok sthen@


# 1.60 01-Jun-2016 dlg

make nd6_llinfo_settimer take seconds instead of ticks.

most callers are working in seconds, internally it uses seconds, and
you can call timeout_add_sec as easily as timeout_add.

this also fixes an issue with an nd_defrouter expire which was
incorrectly scaled with ticks in a comparison.

ok mpi@


# 1.59 30-May-2016 dlg

remove code compensating for the "short" range of timeouts.

the nd6 code for managing expiries is never asked to handle intervals
greater than what timeouts can handle, so we dont need to overcompensate.

the code was also incorrect by using a long, which isnt that long
on ILP32 machines.

ok mpi@ millert@ benno@


# 1.58 30-Mar-2016 mpi

Implement proxy ARP for ART based on mpath support.

Since mpath is not enabled in RAMDISK, proxy ARP won't work there either.

ok bluhm@


# 1.57 03-Mar-2016 jca

Kill IPv6 prefix and router renumbering ioctls.

Router renumbering was never supported, prefix ioctls were deprecated
~15 years ago. Move some items in netinet6/nd6.h where they are still
used.

ok mikeb@ mpi@


Revision tags: OPENBSD_5_9_BASE
# 1.56 18-Dec-2015 tb

Convert arc4random() to arc4random_uniorm(). Diff by Matthew Martin.

Ensure that arc4random_uniform() doesn't loop by redefining
ND6_MAX_DESYNC_FACTOR to be 512, the largest power of two smaller
than the RFC-specified 600 seconds. Suggested by florian@ and deraadt@

ok florian@, sthen@ in this form, arc4random change ok djm@, tedu@


# 1.55 06-Nov-2015 mpi

Change nd6_nud_hint() to no longer manipulate rt_ifp directly.

While here remove unused argument and convert the route check to
rtisvalid(9).

ok bluhm@


# 1.54 02-Nov-2015 bluhm

Implement the list of nd6 llinfo entries with a TAILQ.
OK millert@ mpi@


# 1.53 02-Nov-2015 mpi

Prefer an existing refcounted ``ifp'' to rt_ifp when possible or use the
interface index directly.

ok bluhm@


# 1.52 28-Oct-2015 florian

Remove linkmtu and maxmtu from struct nd_ifinfo. IN6_LINKMTU can now
die and ifp->if_mtu is the one true mtu.
Suggested by and OK mpi@


# 1.51 25-Oct-2015 mpi

Introduce if_rtrequest() the successor of ifa_rtrequest().

L2 resolution depends on the protocol (encoded in the route entry) and
an ``ifp''. Not having to care about an ``ifa'' makes our life easier
in our MP effort. Fewer dependencies between data structures implies
fewer headaches.

Discussed with bluhm@, ok claudio@


# 1.50 24-Oct-2015 mpi

Ignore Router Advertisment's current hop limit.

Appart from the usual inet6 axe murdering exercise to keep you fit, this
allows us to get rid of a lot of layer violation due to the use of per-
ifp variables to store the current hop limit.

Imputs from bluhm@, ok phessler@, florian@, bluhm@


# 1.49 31-Aug-2015 mpi

The return value of nd6_cache_lladdr() is never used so make it a void.

Fewer "struct rtentry" left in the wild!


# 1.48 24-Aug-2015 mpi

nd6_prefix_add() is no longer used and die.


# 1.47 24-Aug-2015 mpi

Start moving away from the global prefix list by limiting its usage to
AUTOCONF'd addresses.

This prevent the kernel from removing connected (/64) routes as soon as
it configures an AUTOCONF'd address based on a RA.

Tested by sebastia@, ok sthen@


# 1.46 24-Aug-2015 mpi

Rework the code to decide when to perform DAD to no longer rely on the
IN6_IFF_NODAD pseudo-flag not being set.

This was just a flag for spaghetti code that should not exist in the
first place.

Tested by sebastia@, ok sthen@


# 1.45 18-Aug-2015 mpi

Call rtfree(9) when we no longer need the route entry rather than
decrementing rt_refcnt just after rtrequest1(9).

While here reduce the differences with rt_ifa_add(9). There's still
an ambiguity about rtrequest1(9)'s return value, but bluhm@ will
address that in a different diff.

Discussed with and ok bluhm@


Revision tags: OPENBSD_5_8_BASE
# 1.44 18-Jul-2015 mpi

Merge two identical chunks to add new prefixes to the global data
structures into a function.

ok florian@


# 1.43 16-Jul-2015 mpi

Properly layer Router Solicitation code.

Tweak and ok florian@


# 1.42 09-Jul-2015 mpi

Remove unused arguments and the associated code from nd6_nud_hint().

ok claudio@


Revision tags: OPENBSD_5_7_BASE
# 1.41 20-Nov-2014 mpi

Rework the handling of interfaces and IPv6 addresses for local delivery.

- Unicast packets sent to any local address will have their interface
set to loobpack.

- In order to differentiate traffic from interfaces having identical
link-local addresses, provide the scoped addresses to pf(4).

- Update the icmp6 state lookup logic to match scoped MLL addresses.

- Remove a shortcut in ip6_input() that bypasses pf and always look
for an RTF_LOCAL route.

Packets sent to multicast addresses still retain their original
interface due to the fact that local multicast packet delivering
does not use if_output.

This makes ping6 to link-local addresses work even with pf enabled
and "set skip" on loopbacks, reported by Pieter Verberne.

Debugged, analysed and tested with mikeb@.

ok mikeb@, henning@, sthen@


# 1.40 10-Nov-2014 mpi

Do not pass an ifa pointer when we already have a DAD descriptor.

Tweaks and ok florian@


# 1.39 25-Aug-2014 florian

Move sending of router solicitations to the kernel; receiving and
processing of router advertisements was already in the kernel.
With this rtsol{,d}(8) is no longer necessary.

The kernel starts sending solicitations with
# ifconfig $IF inet6 autoconf
or
inet6 autoconf
in /etc/hostname.$IF.

input stsp@
much help & OK mpi@
tweaks & OK bluhm@


Revision tags: OPENBSD_5_6_BASE
# 1.38 11-Jul-2014 blambert

move IPv6 prefix adding from workq to taskq; as a happy benefit, we
can delete 2 dozen or so lines that check to see if we've queued
up a prefix addition multiple times.

ok stsp@


# 1.37 07-May-2014 mpi

Kill the {nd6_,}useloopback buttons, using the loopback interface for
local traffic is not optional.

ok mikeb@, stsp@, jca@


Revision tags: OPENBSD_5_5_BASE
# 1.36 07-Jan-2014 mikeb

Propagate an rdomain number to the nd6_lookup independently from
the ifp pointer which can be NULL. This prevents a crash reported
by David Hill <dhill at mindcry ! org>. OK bluhm


# 1.35 25-Oct-2013 deraadt

More _KERNEL namespace cleanup, just in case something out there
includes this.


# 1.34 28-Aug-2013 mpi

Remove unused argument from *rtrequest()

ok krw@, mikeb@


# 1.33 26-Aug-2013 bluhm

No one uses the obsolete IPv6 ioctls SIOCGDRLST_IN6, SIOCGPRLST_IN6,
OSIOCGIFINFO_IN6 anymore. Remove them together with the structs
in6_drlist, in6_oprlist, in6_prlist, in6_ondireq and the kernel
implementation.
OK mikeb@ henning@


# 1.32 11-Aug-2013 bluhm

To control the lifetime of IPv6 addresses, prefixes and default
routers, the kernel and ndp use a bunch of expire fields. Before
they were int or u_long, convert expire to time_t in all structs.
Move vltime and pltime to u_int32_t everywhere. Sort struct fields
by size. Struct inet6_ndpr_msghdr is not used at all, so remove
it.

Binary compatibility of rtsold and ndp break with this change as
rtsold uses in6_drlist and ndp uses in6_defrouter and in6_prefix
to interact with the kernel.

OK mpi@


Revision tags: OPENBSD_5_4_BASE
# 1.31 01-Jul-2013 bluhm

Do not access queue fields directly, use FOREACH() macro instead.
No binary change.
OK mikeb@ mpi@


# 1.30 11-Mar-2013 mpi

Remove unused code manipulating a default interface and its index,
This is a leftover from the on-link assumption behavior removal,
which has been deprecated by RFC4861 anyway.

ok mikeb@, bluhm@, florian@


Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
# 1.29 14-Feb-2012 sthen

typo in comment.


Revision tags: OPENBSD_5_0_BASE OPENBSD_5_1_BASE
# 1.28 03-Apr-2011 stsp

fix typos in comments
ok deraadt henning sthen thib (though thib says he can't spell)


Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
# 1.27 06-Apr-2010 stsp

Simple implementation of RFC4941, "Privacy Extensions for Stateless
Address Autoconfiguration in IPv6". For those among us who are paranoid
about broadcasting their MAC address to the IPv6 internet.

Man page help from jmc, testing by weerd, arc4random API hints from djm.

ok deraadt, claudio


Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE
# 1.26 11-Jun-2008 mcbride

From KAME, allow adjustable limits on NDP entries and discovered routes.

ok mpf naddy


Revision tags: OPENBSD_3_4_BASE OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE SMP_SYNC_A SMP_SYNC_B
# 1.25 08-Jul-2003 itojun

unifdef -U__otherBSD__


# 1.24 27-Jun-2003 itojun

split ND6 cache timer management to per-entry. increased accuracy,
no O(N) loop. sync w/ kame. marc tested, daniel ok


Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE UBC_SYNC_A UBC_SYNC_B
# 1.23 08-Jun-2002 itojun

gc


# 1.22 08-Jun-2002 itojun

sync with latest KAME in6_ifaddr/prefix/default router manipulation.
behavior changes:
- two iocts used by ndp(8) are now obsolete (backward compat provided).
use sysctl path instead.
- lo0 does not get ::1 automatically. it will get ::1 when lo0 comes up.


# 1.21 07-Jun-2002 itojun

cope with cases where maxmtu == 0 (shouldn't happen)


# 1.20 05-Jun-2002 itojun

be sure to use L3 MTU, not L2 MTU, when specified in spec (affects FDDI/ARCnet)


# 1.19 30-May-2002 itojun

improve nd6_setmtu(), to warn too-small MTU on SIOCSIFMTU. sync w/kame


# 1.18 29-May-2002 itojun

no need to supply obsolete field name "receivedra"


# 1.17 29-May-2002 itojun

attach nd_ifinfo structure to if_afdata.
split IPv6 MTU (advertised by RA) from real link MTU.
sync with kame


Revision tags: OPENBSD_3_1_BASE
# 1.16 14-Mar-2002 millert

First round of __P removal in sys


# 1.15 23-Jan-2002 fgsch

compatability -> compatibility.


Revision tags: OPENBSD_2_9_BASE OPENBSD_3_0_BASE UBC_BASE
# 1.14 23-Feb-2001 itojun

branches: 1.14.6;
garbage-collect stale ND entries (default: 1 day).
RFC 2461 5.3. sync with kame.


# 1.13 23-Feb-2001 itojun

remove unnecessary state, ND6_LLINFO_WAITDELETE, from neighbor cache
state machine.
no need for RTF_REJECT on neighbor cache entires, they are leftover from
ARP code.
sync with kame.


# 1.12 08-Feb-2001 itojun

when chasing nd6_llinfo chain, make sure we do not touch dangling
pointer (due to RTM_DELETE during default router list management).
from kame


# 1.11 08-Feb-2001 itojun

use timeout_xx() throughout sys/netinet6. sync with kame.


# 1.10 07-Feb-2001 itojun

by default, don't bark on inbound ND messages, as outsider may be able to
fill up /var with bogus packets.
setting net.inet6.icmp6.nd6_debug will re-enable kernel messages on invalid
ND packet and other occasions.

improve icmp6 stats.


# 1.9 19-Jan-2001 itojun

pull post-4.4BSD change to sys/net/route.c from BSD/OS 4.2 (UCB copyrighted).

have sys/net/route.c:rtrequest1(), which takes rt_addrinfo * as the argument.
pass rt_addrinfo all the way down to rtrequest, and ifa->ifa_rtrequest.
3rd arg of ifa->ifa_rtrequest is now rt_addrinfo * instead of sockaddr *
(almost noone is using it anyways).

benefit: the follwoing command now works. previously we need two route(8)
invocations, "add" then "change".
# route add -inet6 default ::1 -ifp gif0

remove unsafe typecast in rtrequest(), from rtentry * to sockaddr *. it was
introduced by 4.3BSD-reno and never corrected.

XXX is eon_rtrequest() change correct regarding to 3rd arg?
eon_rtrequest() and rtrequest() were incorrect since 4.3BSD-reno,
so i do not have correct answer in the source code.
someone with more clue about netiso-over-ip, please help.


Revision tags: OPENBSD_2_8_BASE
# 1.8 06-Jul-2000 itojun

- more icmp6/ip6 stats.
- protect IPv6 ND from being hosed (due to neighbor unreachability detection
hint) by wrong tcp traffic. still not sure if there's real attack, but
it is good to be cautious.
- avoid bitfield for router renumbering header decl.
- implement packet-per-sec limitation for icmp6 errors, turn interval
limit off (it is not very useful due to unix timer resolution).


# 1.7 19-May-2000 itojun

never forward packet with link-local address.
experimental support for new loopback packet handling (with FAKE_LOOPBACK_IF,
rcvif will be set to real outgoing interface, not the loopback, to honor scope)
sync with kame.


# 1.6 15-May-2000 itojun

perform NUD on p2p link, only if the destination/gateway is real neighbor.
this removes temporary workaround (no NUD on p2p link). KAME PR 245.


Revision tags: OPENBSD_2_7_BASE
# 1.5 17-Apr-2000 itojun

revisit in6_ifattach(). (1) make it more persistent about initializaing an
interface (2) cleanup interface id selection.
run NUD on p2p interface (required by spec for bidir p2p interface).
add "ndp -i interface" (can tweak per-interface ND flag).
(sync with more recent kame)


# 1.4 28-Feb-2000 itojun

bring in recent KAME changes (only important and stable ones, as usual).
- remove net.inet6.ip6.nd6_proxyall. introduce proxy NDP code works
just like "arp -s".
- revise source address selection.
be more careful about use of yet-to-be-valid addresses as source.
- as router, transmit ICMP6_DST_UNREACH_BEYONDSCOPE against out-of-scope
packet forwarding attempt.
- path MTU discovery takes care of routing header properly.
- be more strict about mbuf chain parsing.
- nuke xxCTL_VARS #define, they are for BSDI.
- disable SIOCSIFDSTADDR_IN6/SIOCSIFNETMASK_IN6 ioctl, they do not fit
IPv6 model where multiple address on interface is normal.
(kernel side supports them for a while for backward compat,
the support will be nuked shortly)
- introduce "default outgoing interface" (for spec conformance in very
rare case)


Revision tags: SMP_BASE
# 1.3 04-Feb-2000 itojun

branches: 1.3.2;
more coverage of in6_ifdetach()'s cleanup process.
bug fix in SIOCGIFADDR_IN6 (point to point case).


# 1.2 08-Jan-2000 deraadt

use arc4random() instead of random for two reasons.
1) on some architectures, random() should only be used by the scheduler
(ie. statintr() because it is uniformly distributed
2) arc4random() is actually strong, random() is not at all


Revision tags: kame_19991208
# 1.1 08-Dec-1999 itojun

bring in KAME IPv6 code, dated 19991208.
replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support.
see sys/netinet6/{TODO,IMPLEMENTATION} for more details.

GENERIC configuration should work fine as before. GENERIC.v6 works fine
as well, but you'll need KAME userland tools to play with IPv6 (will be
bringed into soon).


# 1.76 28-Mar-2020 florian

Move ND6_PRIV_* constants from nd6.h to slaacd the only place where
they are used. Nobody in the wider eco system uses these.
While here reduce temporary address valid lifetime to 2 days as per
draft-ietf-6man-rfc4941bis. This should considerably reduce the amount
of addresses configured on an interface - a common complaint.
Original diff from Fernando Gont (fernando AT gont.com.ar), thanks!
Ports tree scanning by sthen@


Revision tags: OPENBSD_6_6_BASE
# 1.75 21-Jun-2019 mpi

Prevent recursions by not deleting entries inside rtable_walk(9).

rtable_walk(9) now passes a routing entry back to the caller when
a non zero value is returned and if it asked for it.
This allows us to call rtdeletemsg()/rtrequest_delete() from the
caller without creating a recursion because of rtflushclone().

Multicast code hasn't been adapted and is still possibly creating
recursions. However multicast route entries aren't cloned so if
a recursion exists it isn't because of rtflushclone().

Fix stack exhaustion triggered by the use of "-msave-args".

Issue reported by D��niel L��vai on bugs@ confirmed by and ok bluhm@.


Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE
# 1.74 27-Nov-2017 mpi

Use a single timer for all ND6 entries.

This prevents a use-after-free reported by Hrvoje Popovski where the
timeout function was already sleeping on the NET_LOCK() when ifconfig(8)
removed the enry from the table.

By iterating on a global list in the timeout routine we ensure that the
items are still valid when we process them. This also reduce differences
with ARP.

ok bluhm@, visa@


# 1.73 03-Nov-2017 florian

We are processing Router Solicitation / Advertisement messages only
for the Source Link-layer Address Options.
Merge nd6_rs_input() and nd6_ra_input() into one generic function that
does just that.

input & OK mpi


Revision tags: OPENBSD_6_2_BASE
# 1.72 09-Aug-2017 florian

Remove knob and always do neighbor unreachable detection.


# 1.71 09-Aug-2017 florian

accept_rtadv doesn't do anything since some time.
OK mpi


# 1.70 09-Aug-2017 florian

We are no longer generating privacy addresses in the
kernel.
OK mpi


# 1.69 08-Aug-2017 florian

Stop running nd6_expire every second.
We know when pltime or vltime decrease to zero. Run nd6_expire then.
Input & OK mpi, bluhm


# 1.68 12-Jul-2017 florian

Get rid of ICMPV6CTL_ND6_DRLIST and ICMPV6CTL_ND6_PRLIST sysctls
With this we can also get rid of in6_prefix and in6_defrouter. They
are meaningless, the kernel no longer tracks this information.

Pointed out by & OK mpi


# 1.67 11-Jul-2017 florian

Purging is at last at hand. Day of Doom is here. All that is evil
shall all be cleansed.

Remove sending of router solicitations and processing of router
advertisements from the kernel. It's handled by slaacd(8) these days.

Input & OK bluhm@, mpi@


Revision tags: OPENBSD_6_1_BASE
# 1.66 27-Dec-2016 bluhm

Move nd6 timer initialisation to nd6_init() and call timeout_set()
only once during init.
OK mpi@


# 1.65 28-Nov-2016 mpi

Remove multiple recursive splsoftnet().

ok bluhm@


# 1.64 21-Nov-2016 mpi

Assert that prelist_update() is always called at IPL_SOFTNET.

While here use __func__ in debug strings to reduce noise when grepping.


Revision tags: OPENBSD_6_0_BASE
# 1.63 13-Jul-2016 dlg

store nd6 expiries in the route, not separately in the llinfo struct.

this makes it more consistent with arp, and makes expiries visible
via route(8) get as well as ndp(8).

ok mpi@ florian@


# 1.62 15-Jun-2016 mpi

Kill nd6_output(), it doesn't do anything since the resolution logic
has been moved to nd6_resolve().

ok visa@, millert@, florian@, sthen@


# 1.61 08-Jun-2016 mpi

Move ND resoluton logic from nd6_output() to nd6_storelladdr() and
rename it to nd6_resolve().

This allows us to get rid of non-Ethernet hacks by moving Ethernet
specific logic in the appropriate layer.

ok sthen@


# 1.60 01-Jun-2016 dlg

make nd6_llinfo_settimer take seconds instead of ticks.

most callers are working in seconds, internally it uses seconds, and
you can call timeout_add_sec as easily as timeout_add.

this also fixes an issue with an nd_defrouter expire which was
incorrectly scaled with ticks in a comparison.

ok mpi@


# 1.59 30-May-2016 dlg

remove code compensating for the "short" range of timeouts.

the nd6 code for managing expiries is never asked to handle intervals
greater than what timeouts can handle, so we dont need to overcompensate.

the code was also incorrect by using a long, which isnt that long
on ILP32 machines.

ok mpi@ millert@ benno@


# 1.58 30-Mar-2016 mpi

Implement proxy ARP for ART based on mpath support.

Since mpath is not enabled in RAMDISK, proxy ARP won't work there either.

ok bluhm@


# 1.57 03-Mar-2016 jca

Kill IPv6 prefix and router renumbering ioctls.

Router renumbering was never supported, prefix ioctls were deprecated
~15 years ago. Move some items in netinet6/nd6.h where they are still
used.

ok mikeb@ mpi@


Revision tags: OPENBSD_5_9_BASE
# 1.56 18-Dec-2015 tb

Convert arc4random() to arc4random_uniorm(). Diff by Matthew Martin.

Ensure that arc4random_uniform() doesn't loop by redefining
ND6_MAX_DESYNC_FACTOR to be 512, the largest power of two smaller
than the RFC-specified 600 seconds. Suggested by florian@ and deraadt@

ok florian@, sthen@ in this form, arc4random change ok djm@, tedu@


# 1.55 06-Nov-2015 mpi

Change nd6_nud_hint() to no longer manipulate rt_ifp directly.

While here remove unused argument and convert the route check to
rtisvalid(9).

ok bluhm@


# 1.54 02-Nov-2015 bluhm

Implement the list of nd6 llinfo entries with a TAILQ.
OK millert@ mpi@


# 1.53 02-Nov-2015 mpi

Prefer an existing refcounted ``ifp'' to rt_ifp when possible or use the
interface index directly.

ok bluhm@


# 1.52 28-Oct-2015 florian

Remove linkmtu and maxmtu from struct nd_ifinfo. IN6_LINKMTU can now
die and ifp->if_mtu is the one true mtu.
Suggested by and OK mpi@


# 1.51 25-Oct-2015 mpi

Introduce if_rtrequest() the successor of ifa_rtrequest().

L2 resolution depends on the protocol (encoded in the route entry) and
an ``ifp''. Not having to care about an ``ifa'' makes our life easier
in our MP effort. Fewer dependencies between data structures implies
fewer headaches.

Discussed with bluhm@, ok claudio@


# 1.50 24-Oct-2015 mpi

Ignore Router Advertisment's current hop limit.

Appart from the usual inet6 axe murdering exercise to keep you fit, this
allows us to get rid of a lot of layer violation due to the use of per-
ifp variables to store the current hop limit.

Imputs from bluhm@, ok phessler@, florian@, bluhm@


# 1.49 31-Aug-2015 mpi

The return value of nd6_cache_lladdr() is never used so make it a void.

Fewer "struct rtentry" left in the wild!


# 1.48 24-Aug-2015 mpi

nd6_prefix_add() is no longer used and die.


# 1.47 24-Aug-2015 mpi

Start moving away from the global prefix list by limiting its usage to
AUTOCONF'd addresses.

This prevent the kernel from removing connected (/64) routes as soon as
it configures an AUTOCONF'd address based on a RA.

Tested by sebastia@, ok sthen@


# 1.46 24-Aug-2015 mpi

Rework the code to decide when to perform DAD to no longer rely on the
IN6_IFF_NODAD pseudo-flag not being set.

This was just a flag for spaghetti code that should not exist in the
first place.

Tested by sebastia@, ok sthen@


# 1.45 18-Aug-2015 mpi

Call rtfree(9) when we no longer need the route entry rather than
decrementing rt_refcnt just after rtrequest1(9).

While here reduce the differences with rt_ifa_add(9). There's still
an ambiguity about rtrequest1(9)'s return value, but bluhm@ will
address that in a different diff.

Discussed with and ok bluhm@


Revision tags: OPENBSD_5_8_BASE
# 1.44 18-Jul-2015 mpi

Merge two identical chunks to add new prefixes to the global data
structures into a function.

ok florian@


# 1.43 16-Jul-2015 mpi

Properly layer Router Solicitation code.

Tweak and ok florian@


# 1.42 09-Jul-2015 mpi

Remove unused arguments and the associated code from nd6_nud_hint().

ok claudio@


Revision tags: OPENBSD_5_7_BASE
# 1.41 20-Nov-2014 mpi

Rework the handling of interfaces and IPv6 addresses for local delivery.

- Unicast packets sent to any local address will have their interface
set to loobpack.

- In order to differentiate traffic from interfaces having identical
link-local addresses, provide the scoped addresses to pf(4).

- Update the icmp6 state lookup logic to match scoped MLL addresses.

- Remove a shortcut in ip6_input() that bypasses pf and always look
for an RTF_LOCAL route.

Packets sent to multicast addresses still retain their original
interface due to the fact that local multicast packet delivering
does not use if_output.

This makes ping6 to link-local addresses work even with pf enabled
and "set skip" on loopbacks, reported by Pieter Verberne.

Debugged, analysed and tested with mikeb@.

ok mikeb@, henning@, sthen@


# 1.40 10-Nov-2014 mpi

Do not pass an ifa pointer when we already have a DAD descriptor.

Tweaks and ok florian@


# 1.39 25-Aug-2014 florian

Move sending of router solicitations to the kernel; receiving and
processing of router advertisements was already in the kernel.
With this rtsol{,d}(8) is no longer necessary.

The kernel starts sending solicitations with
# ifconfig $IF inet6 autoconf
or
inet6 autoconf
in /etc/hostname.$IF.

input stsp@
much help & OK mpi@
tweaks & OK bluhm@


Revision tags: OPENBSD_5_6_BASE
# 1.38 11-Jul-2014 blambert

move IPv6 prefix adding from workq to taskq; as a happy benefit, we
can delete 2 dozen or so lines that check to see if we've queued
up a prefix addition multiple times.

ok stsp@


# 1.37 07-May-2014 mpi

Kill the {nd6_,}useloopback buttons, using the loopback interface for
local traffic is not optional.

ok mikeb@, stsp@, jca@


Revision tags: OPENBSD_5_5_BASE
# 1.36 07-Jan-2014 mikeb

Propagate an rdomain number to the nd6_lookup independently from
the ifp pointer which can be NULL. This prevents a crash reported
by David Hill <dhill at mindcry ! org>. OK bluhm


# 1.35 25-Oct-2013 deraadt

More _KERNEL namespace cleanup, just in case something out there
includes this.


# 1.34 28-Aug-2013 mpi

Remove unused argument from *rtrequest()

ok krw@, mikeb@


# 1.33 26-Aug-2013 bluhm

No one uses the obsolete IPv6 ioctls SIOCGDRLST_IN6, SIOCGPRLST_IN6,
OSIOCGIFINFO_IN6 anymore. Remove them together with the structs
in6_drlist, in6_oprlist, in6_prlist, in6_ondireq and the kernel
implementation.
OK mikeb@ henning@


# 1.32 11-Aug-2013 bluhm

To control the lifetime of IPv6 addresses, prefixes and default
routers, the kernel and ndp use a bunch of expire fields. Before
they were int or u_long, convert expire to time_t in all structs.
Move vltime and pltime to u_int32_t everywhere. Sort struct fields
by size. Struct inet6_ndpr_msghdr is not used at all, so remove
it.

Binary compatibility of rtsold and ndp break with this change as
rtsold uses in6_drlist and ndp uses in6_defrouter and in6_prefix
to interact with the kernel.

OK mpi@


Revision tags: OPENBSD_5_4_BASE
# 1.31 01-Jul-2013 bluhm

Do not access queue fields directly, use FOREACH() macro instead.
No binary change.
OK mikeb@ mpi@


# 1.30 11-Mar-2013 mpi

Remove unused code manipulating a default interface and its index,
This is a leftover from the on-link assumption behavior removal,
which has been deprecated by RFC4861 anyway.

ok mikeb@, bluhm@, florian@


Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
# 1.29 14-Feb-2012 sthen

typo in comment.


Revision tags: OPENBSD_5_0_BASE OPENBSD_5_1_BASE
# 1.28 03-Apr-2011 stsp

fix typos in comments
ok deraadt henning sthen thib (though thib says he can't spell)


Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
# 1.27 06-Apr-2010 stsp

Simple implementation of RFC4941, "Privacy Extensions for Stateless
Address Autoconfiguration in IPv6". For those among us who are paranoid
about broadcasting their MAC address to the IPv6 internet.

Man page help from jmc, testing by weerd, arc4random API hints from djm.

ok deraadt, claudio


Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE
# 1.26 11-Jun-2008 mcbride

From KAME, allow adjustable limits on NDP entries and discovered routes.

ok mpf naddy


Revision tags: OPENBSD_3_4_BASE OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE SMP_SYNC_A SMP_SYNC_B
# 1.25 08-Jul-2003 itojun

unifdef -U__otherBSD__


# 1.24 27-Jun-2003 itojun

split ND6 cache timer management to per-entry. increased accuracy,
no O(N) loop. sync w/ kame. marc tested, daniel ok


Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE UBC_SYNC_A UBC_SYNC_B
# 1.23 08-Jun-2002 itojun

gc


# 1.22 08-Jun-2002 itojun

sync with latest KAME in6_ifaddr/prefix/default router manipulation.
behavior changes:
- two iocts used by ndp(8) are now obsolete (backward compat provided).
use sysctl path instead.
- lo0 does not get ::1 automatically. it will get ::1 when lo0 comes up.


# 1.21 07-Jun-2002 itojun

cope with cases where maxmtu == 0 (shouldn't happen)


# 1.20 05-Jun-2002 itojun

be sure to use L3 MTU, not L2 MTU, when specified in spec (affects FDDI/ARCnet)


# 1.19 30-May-2002 itojun

improve nd6_setmtu(), to warn too-small MTU on SIOCSIFMTU. sync w/kame


# 1.18 29-May-2002 itojun

no need to supply obsolete field name "receivedra"


# 1.17 29-May-2002 itojun

attach nd_ifinfo structure to if_afdata.
split IPv6 MTU (advertised by RA) from real link MTU.
sync with kame


Revision tags: OPENBSD_3_1_BASE
# 1.16 14-Mar-2002 millert

First round of __P removal in sys


# 1.15 23-Jan-2002 fgsch

compatability -> compatibility.


Revision tags: OPENBSD_2_9_BASE OPENBSD_3_0_BASE UBC_BASE
# 1.14 23-Feb-2001 itojun

branches: 1.14.6;
garbage-collect stale ND entries (default: 1 day).
RFC 2461 5.3. sync with kame.


# 1.13 23-Feb-2001 itojun

remove unnecessary state, ND6_LLINFO_WAITDELETE, from neighbor cache
state machine.
no need for RTF_REJECT on neighbor cache entires, they are leftover from
ARP code.
sync with kame.


# 1.12 08-Feb-2001 itojun

when chasing nd6_llinfo chain, make sure we do not touch dangling
pointer (due to RTM_DELETE during default router list management).
from kame


# 1.11 08-Feb-2001 itojun

use timeout_xx() throughout sys/netinet6. sync with kame.


# 1.10 07-Feb-2001 itojun

by default, don't bark on inbound ND messages, as outsider may be able to
fill up /var with bogus packets.
setting net.inet6.icmp6.nd6_debug will re-enable kernel messages on invalid
ND packet and other occasions.

improve icmp6 stats.


# 1.9 19-Jan-2001 itojun

pull post-4.4BSD change to sys/net/route.c from BSD/OS 4.2 (UCB copyrighted).

have sys/net/route.c:rtrequest1(), which takes rt_addrinfo * as the argument.
pass rt_addrinfo all the way down to rtrequest, and ifa->ifa_rtrequest.
3rd arg of ifa->ifa_rtrequest is now rt_addrinfo * instead of sockaddr *
(almost noone is using it anyways).

benefit: the follwoing command now works. previously we need two route(8)
invocations, "add" then "change".
# route add -inet6 default ::1 -ifp gif0

remove unsafe typecast in rtrequest(), from rtentry * to sockaddr *. it was
introduced by 4.3BSD-reno and never corrected.

XXX is eon_rtrequest() change correct regarding to 3rd arg?
eon_rtrequest() and rtrequest() were incorrect since 4.3BSD-reno,
so i do not have correct answer in the source code.
someone with more clue about netiso-over-ip, please help.


Revision tags: OPENBSD_2_8_BASE
# 1.8 06-Jul-2000 itojun

- more icmp6/ip6 stats.
- protect IPv6 ND from being hosed (due to neighbor unreachability detection
hint) by wrong tcp traffic. still not sure if there's real attack, but
it is good to be cautious.
- avoid bitfield for router renumbering header decl.
- implement packet-per-sec limitation for icmp6 errors, turn interval
limit off (it is not very useful due to unix timer resolution).


# 1.7 19-May-2000 itojun

never forward packet with link-local address.
experimental support for new loopback packet handling (with FAKE_LOOPBACK_IF,
rcvif will be set to real outgoing interface, not the loopback, to honor scope)
sync with kame.


# 1.6 15-May-2000 itojun

perform NUD on p2p link, only if the destination/gateway is real neighbor.
this removes temporary workaround (no NUD on p2p link). KAME PR 245.


Revision tags: OPENBSD_2_7_BASE
# 1.5 17-Apr-2000 itojun

revisit in6_ifattach(). (1) make it more persistent about initializaing an
interface (2) cleanup interface id selection.
run NUD on p2p interface (required by spec for bidir p2p interface).
add "ndp -i interface" (can tweak per-interface ND flag).
(sync with more recent kame)


# 1.4 28-Feb-2000 itojun

bring in recent KAME changes (only important and stable ones, as usual).
- remove net.inet6.ip6.nd6_proxyall. introduce proxy NDP code works
just like "arp -s".
- revise source address selection.
be more careful about use of yet-to-be-valid addresses as source.
- as router, transmit ICMP6_DST_UNREACH_BEYONDSCOPE against out-of-scope
packet forwarding attempt.
- path MTU discovery takes care of routing header properly.
- be more strict about mbuf chain parsing.
- nuke xxCTL_VARS #define, they are for BSDI.
- disable SIOCSIFDSTADDR_IN6/SIOCSIFNETMASK_IN6 ioctl, they do not fit
IPv6 model where multiple address on interface is normal.
(kernel side supports them for a while for backward compat,
the support will be nuked shortly)
- introduce "default outgoing interface" (for spec conformance in very
rare case)


Revision tags: SMP_BASE
# 1.3 04-Feb-2000 itojun

branches: 1.3.2;
more coverage of in6_ifdetach()'s cleanup process.
bug fix in SIOCGIFADDR_IN6 (point to point case).


# 1.2 08-Jan-2000 deraadt

use arc4random() instead of random for two reasons.
1) on some architectures, random() should only be used by the scheduler
(ie. statintr() because it is uniformly distributed
2) arc4random() is actually strong, random() is not at all


Revision tags: kame_19991208
# 1.1 08-Dec-1999 itojun

bring in KAME IPv6 code, dated 19991208.
replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support.
see sys/netinet6/{TODO,IMPLEMENTATION} for more details.

GENERIC configuration should work fine as before. GENERIC.v6 works fine
as well, but you'll need KAME userland tools to play with IPv6 (will be
bringed into soon).


# 1.75 21-Jun-2019 mpi

Prevent recursions by not deleting entries inside rtable_walk(9).

rtable_walk(9) now passes a routing entry back to the caller when
a non zero value is returned and if it asked for it.
This allows us to call rtdeletemsg()/rtrequest_delete() from the
caller without creating a recursion because of rtflushclone().

Multicast code hasn't been adapted and is still possibly creating
recursions. However multicast route entries aren't cloned so if
a recursion exists it isn't because of rtflushclone().

Fix stack exhaustion triggered by the use of "-msave-args".

Issue reported by D��niel L��vai on bugs@ confirmed by and ok bluhm@.


Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE
# 1.74 27-Nov-2017 mpi

Use a single timer for all ND6 entries.

This prevents a use-after-free reported by Hrvoje Popovski where the
timeout function was already sleeping on the NET_LOCK() when ifconfig(8)
removed the enry from the table.

By iterating on a global list in the timeout routine we ensure that the
items are still valid when we process them. This also reduce differences
with ARP.

ok bluhm@, visa@


# 1.73 03-Nov-2017 florian

We are processing Router Solicitation / Advertisement messages only
for the Source Link-layer Address Options.
Merge nd6_rs_input() and nd6_ra_input() into one generic function that
does just that.

input & OK mpi


Revision tags: OPENBSD_6_2_BASE
# 1.72 09-Aug-2017 florian

Remove knob and always do neighbor unreachable detection.


# 1.71 09-Aug-2017 florian

accept_rtadv doesn't do anything since some time.
OK mpi


# 1.70 09-Aug-2017 florian

We are no longer generating privacy addresses in the
kernel.
OK mpi


# 1.69 08-Aug-2017 florian

Stop running nd6_expire every second.
We know when pltime or vltime decrease to zero. Run nd6_expire then.
Input & OK mpi, bluhm


# 1.68 12-Jul-2017 florian

Get rid of ICMPV6CTL_ND6_DRLIST and ICMPV6CTL_ND6_PRLIST sysctls
With this we can also get rid of in6_prefix and in6_defrouter. They
are meaningless, the kernel no longer tracks this information.

Pointed out by & OK mpi


# 1.67 11-Jul-2017 florian

Purging is at last at hand. Day of Doom is here. All that is evil
shall all be cleansed.

Remove sending of router solicitations and processing of router
advertisements from the kernel. It's handled by slaacd(8) these days.

Input & OK bluhm@, mpi@


Revision tags: OPENBSD_6_1_BASE
# 1.66 27-Dec-2016 bluhm

Move nd6 timer initialisation to nd6_init() and call timeout_set()
only once during init.
OK mpi@


# 1.65 28-Nov-2016 mpi

Remove multiple recursive splsoftnet().

ok bluhm@


# 1.64 21-Nov-2016 mpi

Assert that prelist_update() is always called at IPL_SOFTNET.

While here use __func__ in debug strings to reduce noise when grepping.


Revision tags: OPENBSD_6_0_BASE
# 1.63 13-Jul-2016 dlg

store nd6 expiries in the route, not separately in the llinfo struct.

this makes it more consistent with arp, and makes expiries visible
via route(8) get as well as ndp(8).

ok mpi@ florian@


# 1.62 15-Jun-2016 mpi

Kill nd6_output(), it doesn't do anything since the resolution logic
has been moved to nd6_resolve().

ok visa@, millert@, florian@, sthen@


# 1.61 08-Jun-2016 mpi

Move ND resoluton logic from nd6_output() to nd6_storelladdr() and
rename it to nd6_resolve().

This allows us to get rid of non-Ethernet hacks by moving Ethernet
specific logic in the appropriate layer.

ok sthen@


# 1.60 01-Jun-2016 dlg

make nd6_llinfo_settimer take seconds instead of ticks.

most callers are working in seconds, internally it uses seconds, and
you can call timeout_add_sec as easily as timeout_add.

this also fixes an issue with an nd_defrouter expire which was
incorrectly scaled with ticks in a comparison.

ok mpi@


# 1.59 30-May-2016 dlg

remove code compensating for the "short" range of timeouts.

the nd6 code for managing expiries is never asked to handle intervals
greater than what timeouts can handle, so we dont need to overcompensate.

the code was also incorrect by using a long, which isnt that long
on ILP32 machines.

ok mpi@ millert@ benno@


# 1.58 30-Mar-2016 mpi

Implement proxy ARP for ART based on mpath support.

Since mpath is not enabled in RAMDISK, proxy ARP won't work there either.

ok bluhm@


# 1.57 03-Mar-2016 jca

Kill IPv6 prefix and router renumbering ioctls.

Router renumbering was never supported, prefix ioctls were deprecated
~15 years ago. Move some items in netinet6/nd6.h where they are still
used.

ok mikeb@ mpi@


Revision tags: OPENBSD_5_9_BASE
# 1.56 18-Dec-2015 tb

Convert arc4random() to arc4random_uniorm(). Diff by Matthew Martin.

Ensure that arc4random_uniform() doesn't loop by redefining
ND6_MAX_DESYNC_FACTOR to be 512, the largest power of two smaller
than the RFC-specified 600 seconds. Suggested by florian@ and deraadt@

ok florian@, sthen@ in this form, arc4random change ok djm@, tedu@


# 1.55 06-Nov-2015 mpi

Change nd6_nud_hint() to no longer manipulate rt_ifp directly.

While here remove unused argument and convert the route check to
rtisvalid(9).

ok bluhm@


# 1.54 02-Nov-2015 bluhm

Implement the list of nd6 llinfo entries with a TAILQ.
OK millert@ mpi@


# 1.53 02-Nov-2015 mpi

Prefer an existing refcounted ``ifp'' to rt_ifp when possible or use the
interface index directly.

ok bluhm@


# 1.52 28-Oct-2015 florian

Remove linkmtu and maxmtu from struct nd_ifinfo. IN6_LINKMTU can now
die and ifp->if_mtu is the one true mtu.
Suggested by and OK mpi@


# 1.51 25-Oct-2015 mpi

Introduce if_rtrequest() the successor of ifa_rtrequest().

L2 resolution depends on the protocol (encoded in the route entry) and
an ``ifp''. Not having to care about an ``ifa'' makes our life easier
in our MP effort. Fewer dependencies between data structures implies
fewer headaches.

Discussed with bluhm@, ok claudio@


# 1.50 24-Oct-2015 mpi

Ignore Router Advertisment's current hop limit.

Appart from the usual inet6 axe murdering exercise to keep you fit, this
allows us to get rid of a lot of layer violation due to the use of per-
ifp variables to store the current hop limit.

Imputs from bluhm@, ok phessler@, florian@, bluhm@


# 1.49 31-Aug-2015 mpi

The return value of nd6_cache_lladdr() is never used so make it a void.

Fewer "struct rtentry" left in the wild!


# 1.48 24-Aug-2015 mpi

nd6_prefix_add() is no longer used and die.


# 1.47 24-Aug-2015 mpi

Start moving away from the global prefix list by limiting its usage to
AUTOCONF'd addresses.

This prevent the kernel from removing connected (/64) routes as soon as
it configures an AUTOCONF'd address based on a RA.

Tested by sebastia@, ok sthen@


# 1.46 24-Aug-2015 mpi

Rework the code to decide when to perform DAD to no longer rely on the
IN6_IFF_NODAD pseudo-flag not being set.

This was just a flag for spaghetti code that should not exist in the
first place.

Tested by sebastia@, ok sthen@


# 1.45 18-Aug-2015 mpi

Call rtfree(9) when we no longer need the route entry rather than
decrementing rt_refcnt just after rtrequest1(9).

While here reduce the differences with rt_ifa_add(9). There's still
an ambiguity about rtrequest1(9)'s return value, but bluhm@ will
address that in a different diff.

Discussed with and ok bluhm@


Revision tags: OPENBSD_5_8_BASE
# 1.44 18-Jul-2015 mpi

Merge two identical chunks to add new prefixes to the global data
structures into a function.

ok florian@


# 1.43 16-Jul-2015 mpi

Properly layer Router Solicitation code.

Tweak and ok florian@


# 1.42 09-Jul-2015 mpi

Remove unused arguments and the associated code from nd6_nud_hint().

ok claudio@


Revision tags: OPENBSD_5_7_BASE
# 1.41 20-Nov-2014 mpi

Rework the handling of interfaces and IPv6 addresses for local delivery.

- Unicast packets sent to any local address will have their interface
set to loobpack.

- In order to differentiate traffic from interfaces having identical
link-local addresses, provide the scoped addresses to pf(4).

- Update the icmp6 state lookup logic to match scoped MLL addresses.

- Remove a shortcut in ip6_input() that bypasses pf and always look
for an RTF_LOCAL route.

Packets sent to multicast addresses still retain their original
interface due to the fact that local multicast packet delivering
does not use if_output.

This makes ping6 to link-local addresses work even with pf enabled
and "set skip" on loopbacks, reported by Pieter Verberne.

Debugged, analysed and tested with mikeb@.

ok mikeb@, henning@, sthen@


# 1.40 10-Nov-2014 mpi

Do not pass an ifa pointer when we already have a DAD descriptor.

Tweaks and ok florian@


# 1.39 25-Aug-2014 florian

Move sending of router solicitations to the kernel; receiving and
processing of router advertisements was already in the kernel.
With this rtsol{,d}(8) is no longer necessary.

The kernel starts sending solicitations with
# ifconfig $IF inet6 autoconf
or
inet6 autoconf
in /etc/hostname.$IF.

input stsp@
much help & OK mpi@
tweaks & OK bluhm@


Revision tags: OPENBSD_5_6_BASE
# 1.38 11-Jul-2014 blambert

move IPv6 prefix adding from workq to taskq; as a happy benefit, we
can delete 2 dozen or so lines that check to see if we've queued
up a prefix addition multiple times.

ok stsp@


# 1.37 07-May-2014 mpi

Kill the {nd6_,}useloopback buttons, using the loopback interface for
local traffic is not optional.

ok mikeb@, stsp@, jca@


Revision tags: OPENBSD_5_5_BASE
# 1.36 07-Jan-2014 mikeb

Propagate an rdomain number to the nd6_lookup independently from
the ifp pointer which can be NULL. This prevents a crash reported
by David Hill <dhill at mindcry ! org>. OK bluhm


# 1.35 25-Oct-2013 deraadt

More _KERNEL namespace cleanup, just in case something out there
includes this.


# 1.34 28-Aug-2013 mpi

Remove unused argument from *rtrequest()

ok krw@, mikeb@


# 1.33 26-Aug-2013 bluhm

No one uses the obsolete IPv6 ioctls SIOCGDRLST_IN6, SIOCGPRLST_IN6,
OSIOCGIFINFO_IN6 anymore. Remove them together with the structs
in6_drlist, in6_oprlist, in6_prlist, in6_ondireq and the kernel
implementation.
OK mikeb@ henning@


# 1.32 11-Aug-2013 bluhm

To control the lifetime of IPv6 addresses, prefixes and default
routers, the kernel and ndp use a bunch of expire fields. Before
they were int or u_long, convert expire to time_t in all structs.
Move vltime and pltime to u_int32_t everywhere. Sort struct fields
by size. Struct inet6_ndpr_msghdr is not used at all, so remove
it.

Binary compatibility of rtsold and ndp break with this change as
rtsold uses in6_drlist and ndp uses in6_defrouter and in6_prefix
to interact with the kernel.

OK mpi@


Revision tags: OPENBSD_5_4_BASE
# 1.31 01-Jul-2013 bluhm

Do not access queue fields directly, use FOREACH() macro instead.
No binary change.
OK mikeb@ mpi@


# 1.30 11-Mar-2013 mpi

Remove unused code manipulating a default interface and its index,
This is a leftover from the on-link assumption behavior removal,
which has been deprecated by RFC4861 anyway.

ok mikeb@, bluhm@, florian@


Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
# 1.29 14-Feb-2012 sthen

typo in comment.


Revision tags: OPENBSD_5_0_BASE OPENBSD_5_1_BASE
# 1.28 03-Apr-2011 stsp

fix typos in comments
ok deraadt henning sthen thib (though thib says he can't spell)


Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
# 1.27 06-Apr-2010 stsp

Simple implementation of RFC4941, "Privacy Extensions for Stateless
Address Autoconfiguration in IPv6". For those among us who are paranoid
about broadcasting their MAC address to the IPv6 internet.

Man page help from jmc, testing by weerd, arc4random API hints from djm.

ok deraadt, claudio


Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE
# 1.26 11-Jun-2008 mcbride

From KAME, allow adjustable limits on NDP entries and discovered routes.

ok mpf naddy


Revision tags: OPENBSD_3_4_BASE OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE SMP_SYNC_A SMP_SYNC_B
# 1.25 08-Jul-2003 itojun

unifdef -U__otherBSD__


# 1.24 27-Jun-2003 itojun

split ND6 cache timer management to per-entry. increased accuracy,
no O(N) loop. sync w/ kame. marc tested, daniel ok


Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE UBC_SYNC_A UBC_SYNC_B
# 1.23 08-Jun-2002 itojun

gc


# 1.22 08-Jun-2002 itojun

sync with latest KAME in6_ifaddr/prefix/default router manipulation.
behavior changes:
- two iocts used by ndp(8) are now obsolete (backward compat provided).
use sysctl path instead.
- lo0 does not get ::1 automatically. it will get ::1 when lo0 comes up.


# 1.21 07-Jun-2002 itojun

cope with cases where maxmtu == 0 (shouldn't happen)


# 1.20 05-Jun-2002 itojun

be sure to use L3 MTU, not L2 MTU, when specified in spec (affects FDDI/ARCnet)


# 1.19 30-May-2002 itojun

improve nd6_setmtu(), to warn too-small MTU on SIOCSIFMTU. sync w/kame


# 1.18 29-May-2002 itojun

no need to supply obsolete field name "receivedra"


# 1.17 29-May-2002 itojun

attach nd_ifinfo structure to if_afdata.
split IPv6 MTU (advertised by RA) from real link MTU.
sync with kame


Revision tags: OPENBSD_3_1_BASE
# 1.16 14-Mar-2002 millert

First round of __P removal in sys


# 1.15 23-Jan-2002 fgsch

compatability -> compatibility.


Revision tags: OPENBSD_2_9_BASE OPENBSD_3_0_BASE UBC_BASE
# 1.14 23-Feb-2001 itojun

branches: 1.14.6;
garbage-collect stale ND entries (default: 1 day).
RFC 2461 5.3. sync with kame.


# 1.13 23-Feb-2001 itojun

remove unnecessary state, ND6_LLINFO_WAITDELETE, from neighbor cache
state machine.
no need for RTF_REJECT on neighbor cache entires, they are leftover from
ARP code.
sync with kame.


# 1.12 08-Feb-2001 itojun

when chasing nd6_llinfo chain, make sure we do not touch dangling
pointer (due to RTM_DELETE during default router list management).
from kame


# 1.11 08-Feb-2001 itojun

use timeout_xx() throughout sys/netinet6. sync with kame.


# 1.10 07-Feb-2001 itojun

by default, don't bark on inbound ND messages, as outsider may be able to
fill up /var with bogus packets.
setting net.inet6.icmp6.nd6_debug will re-enable kernel messages on invalid
ND packet and other occasions.

improve icmp6 stats.


# 1.9 19-Jan-2001 itojun

pull post-4.4BSD change to sys/net/route.c from BSD/OS 4.2 (UCB copyrighted).

have sys/net/route.c:rtrequest1(), which takes rt_addrinfo * as the argument.
pass rt_addrinfo all the way down to rtrequest, and ifa->ifa_rtrequest.
3rd arg of ifa->ifa_rtrequest is now rt_addrinfo * instead of sockaddr *
(almost noone is using it anyways).

benefit: the follwoing command now works. previously we need two route(8)
invocations, "add" then "change".
# route add -inet6 default ::1 -ifp gif0

remove unsafe typecast in rtrequest(), from rtentry * to sockaddr *. it was
introduced by 4.3BSD-reno and never corrected.

XXX is eon_rtrequest() change correct regarding to 3rd arg?
eon_rtrequest() and rtrequest() were incorrect since 4.3BSD-reno,
so i do not have correct answer in the source code.
someone with more clue about netiso-over-ip, please help.


Revision tags: OPENBSD_2_8_BASE
# 1.8 06-Jul-2000 itojun

- more icmp6/ip6 stats.
- protect IPv6 ND from being hosed (due to neighbor unreachability detection
hint) by wrong tcp traffic. still not sure if there's real attack, but
it is good to be cautious.
- avoid bitfield for router renumbering header decl.
- implement packet-per-sec limitation for icmp6 errors, turn interval
limit off (it is not very useful due to unix timer resolution).


# 1.7 19-May-2000 itojun

never forward packet with link-local address.
experimental support for new loopback packet handling (with FAKE_LOOPBACK_IF,
rcvif will be set to real outgoing interface, not the loopback, to honor scope)
sync with kame.


# 1.6 15-May-2000 itojun

perform NUD on p2p link, only if the destination/gateway is real neighbor.
this removes temporary workaround (no NUD on p2p link). KAME PR 245.


Revision tags: OPENBSD_2_7_BASE
# 1.5 17-Apr-2000 itojun

revisit in6_ifattach(). (1) make it more persistent about initializaing an
interface (2) cleanup interface id selection.
run NUD on p2p interface (required by spec for bidir p2p interface).
add "ndp -i interface" (can tweak per-interface ND flag).
(sync with more recent kame)


# 1.4 28-Feb-2000 itojun

bring in recent KAME changes (only important and stable ones, as usual).
- remove net.inet6.ip6.nd6_proxyall. introduce proxy NDP code works
just like "arp -s".
- revise source address selection.
be more careful about use of yet-to-be-valid addresses as source.
- as router, transmit ICMP6_DST_UNREACH_BEYONDSCOPE against out-of-scope
packet forwarding attempt.
- path MTU discovery takes care of routing header properly.
- be more strict about mbuf chain parsing.
- nuke xxCTL_VARS #define, they are for BSDI.
- disable SIOCSIFDSTADDR_IN6/SIOCSIFNETMASK_IN6 ioctl, they do not fit
IPv6 model where multiple address on interface is normal.
(kernel side supports them for a while for backward compat,
the support will be nuked shortly)
- introduce "default outgoing interface" (for spec conformance in very
rare case)


Revision tags: SMP_BASE
# 1.3 04-Feb-2000 itojun

branches: 1.3.2;
more coverage of in6_ifdetach()'s cleanup process.
bug fix in SIOCGIFADDR_IN6 (point to point case).


# 1.2 08-Jan-2000 deraadt

use arc4random() instead of random for two reasons.
1) on some architectures, random() should only be used by the scheduler
(ie. statintr() because it is uniformly distributed
2) arc4random() is actually strong, random() is not at all


Revision tags: kame_19991208
# 1.1 08-Dec-1999 itojun

bring in KAME IPv6 code, dated 19991208.
replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support.
see sys/netinet6/{TODO,IMPLEMENTATION} for more details.

GENERIC configuration should work fine as before. GENERIC.v6 works fine
as well, but you'll need KAME userland tools to play with IPv6 (will be
bringed into soon).


# 1.74 27-Nov-2017 mpi

Use a single timer for all ND6 entries.

This prevents a use-after-free reported by Hrvoje Popovski where the
timeout function was already sleeping on the NET_LOCK() when ifconfig(8)
removed the enry from the table.

By iterating on a global list in the timeout routine we ensure that the
items are still valid when we process them. This also reduce differences
with ARP.

ok bluhm@, visa@


# 1.73 03-Nov-2017 florian

We are processing Router Solicitation / Advertisement messages only
for the Source Link-layer Address Options.
Merge nd6_rs_input() and nd6_ra_input() into one generic function that
does just that.

input & OK mpi


Revision tags: OPENBSD_6_2_BASE
# 1.72 09-Aug-2017 florian

Remove knob and always do neighbor unreachable detection.


# 1.71 09-Aug-2017 florian

accept_rtadv doesn't do anything since some time.
OK mpi


# 1.70 09-Aug-2017 florian

We are no longer generating privacy addresses in the
kernel.
OK mpi


# 1.69 08-Aug-2017 florian

Stop running nd6_expire every second.
We know when pltime or vltime decrease to zero. Run nd6_expire then.
Input & OK mpi, bluhm


# 1.68 12-Jul-2017 florian

Get rid of ICMPV6CTL_ND6_DRLIST and ICMPV6CTL_ND6_PRLIST sysctls
With this we can also get rid of in6_prefix and in6_defrouter. They
are meaningless, the kernel no longer tracks this information.

Pointed out by & OK mpi


# 1.67 11-Jul-2017 florian

Purging is at last at hand. Day of Doom is here. All that is evil
shall all be cleansed.

Remove sending of router solicitations and processing of router
advertisements from the kernel. It's handled by slaacd(8) these days.

Input & OK bluhm@, mpi@


Revision tags: OPENBSD_6_1_BASE
# 1.66 27-Dec-2016 bluhm

Move nd6 timer initialisation to nd6_init() and call timeout_set()
only once during init.
OK mpi@


# 1.65 28-Nov-2016 mpi

Remove multiple recursive splsoftnet().

ok bluhm@


# 1.64 21-Nov-2016 mpi

Assert that prelist_update() is always called at IPL_SOFTNET.

While here use __func__ in debug strings to reduce noise when grepping.


Revision tags: OPENBSD_6_0_BASE
# 1.63 13-Jul-2016 dlg

store nd6 expiries in the route, not separately in the llinfo struct.

this makes it more consistent with arp, and makes expiries visible
via route(8) get as well as ndp(8).

ok mpi@ florian@


# 1.62 15-Jun-2016 mpi

Kill nd6_output(), it doesn't do anything since the resolution logic
has been moved to nd6_resolve().

ok visa@, millert@, florian@, sthen@


# 1.61 08-Jun-2016 mpi

Move ND resoluton logic from nd6_output() to nd6_storelladdr() and
rename it to nd6_resolve().

This allows us to get rid of non-Ethernet hacks by moving Ethernet
specific logic in the appropriate layer.

ok sthen@


# 1.60 01-Jun-2016 dlg

make nd6_llinfo_settimer take seconds instead of ticks.

most callers are working in seconds, internally it uses seconds, and
you can call timeout_add_sec as easily as timeout_add.

this also fixes an issue with an nd_defrouter expire which was
incorrectly scaled with ticks in a comparison.

ok mpi@


# 1.59 30-May-2016 dlg

remove code compensating for the "short" range of timeouts.

the nd6 code for managing expiries is never asked to handle intervals
greater than what timeouts can handle, so we dont need to overcompensate.

the code was also incorrect by using a long, which isnt that long
on ILP32 machines.

ok mpi@ millert@ benno@


# 1.58 30-Mar-2016 mpi

Implement proxy ARP for ART based on mpath support.

Since mpath is not enabled in RAMDISK, proxy ARP won't work there either.

ok bluhm@


# 1.57 03-Mar-2016 jca

Kill IPv6 prefix and router renumbering ioctls.

Router renumbering was never supported, prefix ioctls were deprecated
~15 years ago. Move some items in netinet6/nd6.h where they are still
used.

ok mikeb@ mpi@


Revision tags: OPENBSD_5_9_BASE
# 1.56 18-Dec-2015 tb

Convert arc4random() to arc4random_uniorm(). Diff by Matthew Martin.

Ensure that arc4random_uniform() doesn't loop by redefining
ND6_MAX_DESYNC_FACTOR to be 512, the largest power of two smaller
than the RFC-specified 600 seconds. Suggested by florian@ and deraadt@

ok florian@, sthen@ in this form, arc4random change ok djm@, tedu@


# 1.55 06-Nov-2015 mpi

Change nd6_nud_hint() to no longer manipulate rt_ifp directly.

While here remove unused argument and convert the route check to
rtisvalid(9).

ok bluhm@


# 1.54 02-Nov-2015 bluhm

Implement the list of nd6 llinfo entries with a TAILQ.
OK millert@ mpi@


# 1.53 02-Nov-2015 mpi

Prefer an existing refcounted ``ifp'' to rt_ifp when possible or use the
interface index directly.

ok bluhm@


# 1.52 28-Oct-2015 florian

Remove linkmtu and maxmtu from struct nd_ifinfo. IN6_LINKMTU can now
die and ifp->if_mtu is the one true mtu.
Suggested by and OK mpi@


# 1.51 25-Oct-2015 mpi

Introduce if_rtrequest() the successor of ifa_rtrequest().

L2 resolution depends on the protocol (encoded in the route entry) and
an ``ifp''. Not having to care about an ``ifa'' makes our life easier
in our MP effort. Fewer dependencies between data structures implies
fewer headaches.

Discussed with bluhm@, ok claudio@


# 1.50 24-Oct-2015 mpi

Ignore Router Advertisment's current hop limit.

Appart from the usual inet6 axe murdering exercise to keep you fit, this
allows us to get rid of a lot of layer violation due to the use of per-
ifp variables to store the current hop limit.

Imputs from bluhm@, ok phessler@, florian@, bluhm@


# 1.49 31-Aug-2015 mpi

The return value of nd6_cache_lladdr() is never used so make it a void.

Fewer "struct rtentry" left in the wild!


# 1.48 24-Aug-2015 mpi

nd6_prefix_add() is no longer used and die.


# 1.47 24-Aug-2015 mpi

Start moving away from the global prefix list by limiting its usage to
AUTOCONF'd addresses.

This prevent the kernel from removing connected (/64) routes as soon as
it configures an AUTOCONF'd address based on a RA.

Tested by sebastia@, ok sthen@


# 1.46 24-Aug-2015 mpi

Rework the code to decide when to perform DAD to no longer rely on the
IN6_IFF_NODAD pseudo-flag not being set.

This was just a flag for spaghetti code that should not exist in the
first place.

Tested by sebastia@, ok sthen@


# 1.45 18-Aug-2015 mpi

Call rtfree(9) when we no longer need the route entry rather than
decrementing rt_refcnt just after rtrequest1(9).

While here reduce the differences with rt_ifa_add(9). There's still
an ambiguity about rtrequest1(9)'s return value, but bluhm@ will
address that in a different diff.

Discussed with and ok bluhm@


Revision tags: OPENBSD_5_8_BASE
# 1.44 18-Jul-2015 mpi

Merge two identical chunks to add new prefixes to the global data
structures into a function.

ok florian@


# 1.43 16-Jul-2015 mpi

Properly layer Router Solicitation code.

Tweak and ok florian@


# 1.42 09-Jul-2015 mpi

Remove unused arguments and the associated code from nd6_nud_hint().

ok claudio@


Revision tags: OPENBSD_5_7_BASE
# 1.41 20-Nov-2014 mpi

Rework the handling of interfaces and IPv6 addresses for local delivery.

- Unicast packets sent to any local address will have their interface
set to loobpack.

- In order to differentiate traffic from interfaces having identical
link-local addresses, provide the scoped addresses to pf(4).

- Update the icmp6 state lookup logic to match scoped MLL addresses.

- Remove a shortcut in ip6_input() that bypasses pf and always look
for an RTF_LOCAL route.

Packets sent to multicast addresses still retain their original
interface due to the fact that local multicast packet delivering
does not use if_output.

This makes ping6 to link-local addresses work even with pf enabled
and "set skip" on loopbacks, reported by Pieter Verberne.

Debugged, analysed and tested with mikeb@.

ok mikeb@, henning@, sthen@


# 1.40 10-Nov-2014 mpi

Do not pass an ifa pointer when we already have a DAD descriptor.

Tweaks and ok florian@


# 1.39 25-Aug-2014 florian

Move sending of router solicitations to the kernel; receiving and
processing of router advertisements was already in the kernel.
With this rtsol{,d}(8) is no longer necessary.

The kernel starts sending solicitations with
# ifconfig $IF inet6 autoconf
or
inet6 autoconf
in /etc/hostname.$IF.

input stsp@
much help & OK mpi@
tweaks & OK bluhm@


Revision tags: OPENBSD_5_6_BASE
# 1.38 11-Jul-2014 blambert

move IPv6 prefix adding from workq to taskq; as a happy benefit, we
can delete 2 dozen or so lines that check to see if we've queued
up a prefix addition multiple times.

ok stsp@


# 1.37 07-May-2014 mpi

Kill the {nd6_,}useloopback buttons, using the loopback interface for
local traffic is not optional.

ok mikeb@, stsp@, jca@


Revision tags: OPENBSD_5_5_BASE
# 1.36 07-Jan-2014 mikeb

Propagate an rdomain number to the nd6_lookup independently from
the ifp pointer which can be NULL. This prevents a crash reported
by David Hill <dhill at mindcry ! org>. OK bluhm


# 1.35 25-Oct-2013 deraadt

More _KERNEL namespace cleanup, just in case something out there
includes this.


# 1.34 28-Aug-2013 mpi

Remove unused argument from *rtrequest()

ok krw@, mikeb@


# 1.33 26-Aug-2013 bluhm

No one uses the obsolete IPv6 ioctls SIOCGDRLST_IN6, SIOCGPRLST_IN6,
OSIOCGIFINFO_IN6 anymore. Remove them together with the structs
in6_drlist, in6_oprlist, in6_prlist, in6_ondireq and the kernel
implementation.
OK mikeb@ henning@


# 1.32 11-Aug-2013 bluhm

To control the lifetime of IPv6 addresses, prefixes and default
routers, the kernel and ndp use a bunch of expire fields. Before
they were int or u_long, convert expire to time_t in all structs.
Move vltime and pltime to u_int32_t everywhere. Sort struct fields
by size. Struct inet6_ndpr_msghdr is not used at all, so remove
it.

Binary compatibility of rtsold and ndp break with this change as
rtsold uses in6_drlist and ndp uses in6_defrouter and in6_prefix
to interact with the kernel.

OK mpi@


Revision tags: OPENBSD_5_4_BASE
# 1.31 01-Jul-2013 bluhm

Do not access queue fields directly, use FOREACH() macro instead.
No binary change.
OK mikeb@ mpi@


# 1.30 11-Mar-2013 mpi

Remove unused code manipulating a default interface and its index,
This is a leftover from the on-link assumption behavior removal,
which has been deprecated by RFC4861 anyway.

ok mikeb@, bluhm@, florian@


Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
# 1.29 14-Feb-2012 sthen

typo in comment.


Revision tags: OPENBSD_5_0_BASE OPENBSD_5_1_BASE
# 1.28 03-Apr-2011 stsp

fix typos in comments
ok deraadt henning sthen thib (though thib says he can't spell)


Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
# 1.27 06-Apr-2010 stsp

Simple implementation of RFC4941, "Privacy Extensions for Stateless
Address Autoconfiguration in IPv6". For those among us who are paranoid
about broadcasting their MAC address to the IPv6 internet.

Man page help from jmc, testing by weerd, arc4random API hints from djm.

ok deraadt, claudio


Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE
# 1.26 11-Jun-2008 mcbride

From KAME, allow adjustable limits on NDP entries and discovered routes.

ok mpf naddy


Revision tags: OPENBSD_3_4_BASE OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE SMP_SYNC_A SMP_SYNC_B
# 1.25 08-Jul-2003 itojun

unifdef -U__otherBSD__


# 1.24 27-Jun-2003 itojun

split ND6 cache timer management to per-entry. increased accuracy,
no O(N) loop. sync w/ kame. marc tested, daniel ok


Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE UBC_SYNC_A UBC_SYNC_B
# 1.23 08-Jun-2002 itojun

gc


# 1.22 08-Jun-2002 itojun

sync with latest KAME in6_ifaddr/prefix/default router manipulation.
behavior changes:
- two iocts used by ndp(8) are now obsolete (backward compat provided).
use sysctl path instead.
- lo0 does not get ::1 automatically. it will get ::1 when lo0 comes up.


# 1.21 07-Jun-2002 itojun

cope with cases where maxmtu == 0 (shouldn't happen)


# 1.20 05-Jun-2002 itojun

be sure to use L3 MTU, not L2 MTU, when specified in spec (affects FDDI/ARCnet)


# 1.19 30-May-2002 itojun

improve nd6_setmtu(), to warn too-small MTU on SIOCSIFMTU. sync w/kame


# 1.18 29-May-2002 itojun

no need to supply obsolete field name "receivedra"


# 1.17 29-May-2002 itojun

attach nd_ifinfo structure to if_afdata.
split IPv6 MTU (advertised by RA) from real link MTU.
sync with kame


Revision tags: OPENBSD_3_1_BASE
# 1.16 14-Mar-2002 millert

First round of __P removal in sys


# 1.15 23-Jan-2002 fgsch

compatability -> compatibility.


Revision tags: OPENBSD_2_9_BASE OPENBSD_3_0_BASE UBC_BASE
# 1.14 23-Feb-2001 itojun

branches: 1.14.6;
garbage-collect stale ND entries (default: 1 day).
RFC 2461 5.3. sync with kame.


# 1.13 23-Feb-2001 itojun

remove unnecessary state, ND6_LLINFO_WAITDELETE, from neighbor cache
state machine.
no need for RTF_REJECT on neighbor cache entires, they are leftover from
ARP code.
sync with kame.


# 1.12 08-Feb-2001 itojun

when chasing nd6_llinfo chain, make sure we do not touch dangling
pointer (due to RTM_DELETE during default router list management).
from kame


# 1.11 08-Feb-2001 itojun

use timeout_xx() throughout sys/netinet6. sync with kame.


# 1.10 07-Feb-2001 itojun

by default, don't bark on inbound ND messages, as outsider may be able to
fill up /var with bogus packets.
setting net.inet6.icmp6.nd6_debug will re-enable kernel messages on invalid
ND packet and other occasions.

improve icmp6 stats.


# 1.9 19-Jan-2001 itojun

pull post-4.4BSD change to sys/net/route.c from BSD/OS 4.2 (UCB copyrighted).

have sys/net/route.c:rtrequest1(), which takes rt_addrinfo * as the argument.
pass rt_addrinfo all the way down to rtrequest, and ifa->ifa_rtrequest.
3rd arg of ifa->ifa_rtrequest is now rt_addrinfo * instead of sockaddr *
(almost noone is using it anyways).

benefit: the follwoing command now works. previously we need two route(8)
invocations, "add" then "change".
# route add -inet6 default ::1 -ifp gif0

remove unsafe typecast in rtrequest(), from rtentry * to sockaddr *. it was
introduced by 4.3BSD-reno and never corrected.

XXX is eon_rtrequest() change correct regarding to 3rd arg?
eon_rtrequest() and rtrequest() were incorrect since 4.3BSD-reno,
so i do not have correct answer in the source code.
someone with more clue about netiso-over-ip, please help.


Revision tags: OPENBSD_2_8_BASE
# 1.8 06-Jul-2000 itojun

- more icmp6/ip6 stats.
- protect IPv6 ND from being hosed (due to neighbor unreachability detection
hint) by wrong tcp traffic. still not sure if there's real attack, but
it is good to be cautious.
- avoid bitfield for router renumbering header decl.
- implement packet-per-sec limitation for icmp6 errors, turn interval
limit off (it is not very useful due to unix timer resolution).


# 1.7 19-May-2000 itojun

never forward packet with link-local address.
experimental support for new loopback packet handling (with FAKE_LOOPBACK_IF,
rcvif will be set to real outgoing interface, not the loopback, to honor scope)
sync with kame.


# 1.6 15-May-2000 itojun

perform NUD on p2p link, only if the destination/gateway is real neighbor.
this removes temporary workaround (no NUD on p2p link). KAME PR 245.


Revision tags: OPENBSD_2_7_BASE
# 1.5 17-Apr-2000 itojun

revisit in6_ifattach(). (1) make it more persistent about initializaing an
interface (2) cleanup interface id selection.
run NUD on p2p interface (required by spec for bidir p2p interface).
add "ndp -i interface" (can tweak per-interface ND flag).
(sync with more recent kame)


# 1.4 28-Feb-2000 itojun

bring in recent KAME changes (only important and stable ones, as usual).
- remove net.inet6.ip6.nd6_proxyall. introduce proxy NDP code works
just like "arp -s".
- revise source address selection.
be more careful about use of yet-to-be-valid addresses as source.
- as router, transmit ICMP6_DST_UNREACH_BEYONDSCOPE against out-of-scope
packet forwarding attempt.
- path MTU discovery takes care of routing header properly.
- be more strict about mbuf chain parsing.
- nuke xxCTL_VARS #define, they are for BSDI.
- disable SIOCSIFDSTADDR_IN6/SIOCSIFNETMASK_IN6 ioctl, they do not fit
IPv6 model where multiple address on interface is normal.
(kernel side supports them for a while for backward compat,
the support will be nuked shortly)
- introduce "default outgoing interface" (for spec conformance in very
rare case)


Revision tags: SMP_BASE
# 1.3 04-Feb-2000 itojun

branches: 1.3.2;
more coverage of in6_ifdetach()'s cleanup process.
bug fix in SIOCGIFADDR_IN6 (point to point case).


# 1.2 08-Jan-2000 deraadt

use arc4random() instead of random for two reasons.
1) on some architectures, random() should only be used by the scheduler
(ie. statintr() because it is uniformly distributed
2) arc4random() is actually strong, random() is not at all


Revision tags: kame_19991208
# 1.1 08-Dec-1999 itojun

bring in KAME IPv6 code, dated 19991208.
replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support.
see sys/netinet6/{TODO,IMPLEMENTATION} for more details.

GENERIC configuration should work fine as before. GENERIC.v6 works fine
as well, but you'll need KAME userland tools to play with IPv6 (will be
bringed into soon).