-
Notifications
You must be signed in to change notification settings - Fork 2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
gnrc_ipv6_nib: don't ignore PL for route #10627
Conversation
I tested on IoT-LAB with One node uses With both
But with the PR I see NS packets on the radio sniffer:
On master, when pinging on the linux machine (IoT-LAB server that has an IPv6 default route) after a long time I got the 'Hop limit reached' that came from a host somewhere after the default route.
With the PR I see the NS on the radio interface. |
As I do not really understand how the change is done I asked @miri64 irl if the comment should not need to be updated. |
Edit from my message before, the When run from an |
IMHO this is wrong on
|
Maybe #10499 fixes that. Something similar was reported there (the border router waited for a RA on its Ethernet interface, since there was no distinction between non-6LN and 6LN interfaces and so the global address never became valid). |
@tcschmidt @waehlisch @emmanuelsearch do you have any idea about this? |
I'm not sure I understand all details, but if tap0 is the upstream of the BR, then it should have a prefix different from the prefix in the WPAN. |
That confirms my suspicion that the |
Ping? |
As this changes the current behavior, it would be nice to document it in the commit. |
Added an empty squash commit for that (5ea42f7 when writing this post).
I suggest retesting the things above. |
|
I can reproduce the issue: Without this patch, when I restart the border router while pinging a node I get
until I restart the node or wait 1 minute. With this patch routing continues right after the border router received a prefix again:
|
What does "routing continues" mean in this context? |
The message gets delivered to the right node. |
So your assessment is, this fixes the issue? |
I would say so. It also makes sense that the PAN and the upstream interface should have different prefixes. (But I made that mistake too at some point. Might start a wiki page with common IPv6 mistakes, those things just tend to work and first and then introduce subtle errors. Just like those self-assembling 6LoWPAN nodes…) Please squash. (don't forget you added a commit message there in the last commit, so don't accidentally |
That's why I marked it with |
When pinging to a prefix for which there is a prefix list entry on the node (so no next hop) but a default route, a packet to a non-existent address under that prefix results in the packet being forwarded to the default route instead. This fixes it, so the node tries address resolution on the interface the prefix list entry is associated to.
5ea42f7
to
06aa65e
Compare
Squashed! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The change makes sense and improves the routing behavior.
In 06aa65e (RIOT-OS#10627) a new behavior was introduced in IPv6 route resolution to try address resolution only at interfaces that have the prefix of the address to be resolved configured in the prefix list. This however only makes sense, if the prefix configured is [on-link], otherwise there is small likelihood of the address to be resolved being on that link. For the error case presented for 06aa65e (circular routing at the border router) this made sense, however within a 6LoWPAN, due to the prefix being valid for the entire mesh, this leads to the nodes always trying classic address resolution for in-network addresses instead of just routing to the default route. Classic address resolution however fails, as 6LoWPAN hosts typically [don't join the solicited-node multicast address of their unicast addresses][6LN-iface-init], resulting in in-network addresses not being reachable. As such, to prevent both error cases - the fallback to address resolution by prefix list must only be used when the prefix is on-link, - the prefix configured by DHCPv6/UHCP at the 6LoWPAN border router must be configured as on-link, but - the prefix must not be advertised as on-link within the 6LoWPAN to still be [in line with RFC 6775][RFC-6775-forbidden] With this change these cases are covered. [on-link]: https://tools.ietf.org/html/rfc4861#page-6 [RFC 6775]: https://tools.ietf.org/html/rfc6775 [6LN-iface-init]: https://tools.ietf.org/html/rfc6775#section-5.2 [RFC-6775-forbidden]: https://tools.ietf.org/html/rfc6775#section-6.1
Sadly, this broke routing within the a LoWPAN. See #13709. |
In 06aa65e (RIOT-OS#10627) a new behavior was introduced in IPv6 route resolution to try address resolution only at interfaces that have the prefix of the address to be resolved configured in the prefix list. This however only makes sense, if the prefix configured is [on-link], otherwise there is small likelihood of the address to be resolved being on that link. For the error case presented for 06aa65e (circular routing at the border router) this made sense, however within a 6LoWPAN, due to the prefix being valid for the entire mesh, this leads to the nodes always trying classic address resolution for in-network addresses instead of just routing to the default route. Classic address resolution however fails, as 6LoWPAN hosts typically [don't join the solicited-node multicast address of their unicast addresses][6LN-iface-init], resulting in in-network addresses not being reachable. As such, to prevent both error cases - the fallback to address resolution by prefix list must only be used when the prefix is on-link, - the prefix configured by DHCPv6/UHCP at the 6LoWPAN border router must be configured as on-link, but - the prefix must not be advertised as on-link within the 6LoWPAN to still be [in line with RFC 6775][RFC-6775-forbidden] With this change these cases are covered. [on-link]: https://tools.ietf.org/html/rfc4861#page-6 [RFC 6775]: https://tools.ietf.org/html/rfc6775 [6LN-iface-init]: https://tools.ietf.org/html/rfc6775#section-5.2 [RFC-6775-forbidden]: https://tools.ietf.org/html/rfc6775#section-6.1
Contribution description
When pinging to a prefix for which there is a prefix list entry on the node (so no next hop) but a default route, a packet to a non-existent address under that prefix results in the packet being forwarded to the default route instead (see this thread on the devel mailing list). This fixes it, so the node tries address resolution on the interface the prefix list entry is associated to.
Testing procedure
Flash the
gnrc_border_router
example and try to ping a non-existent address from the host under the prefix advertised by the UHCP server (e.g.2001:db8::1234
). Without this fix you will getHop limit exceeded
messages, since the package circles over the ethos interface (which is the default route of the border router) until the hop limit exceeds. With this PR, neighbor solicitations to the solicited nodes multicast address of2001:db8::1234
(ff02::1:ff00:1234
) go out the WPAN interface.Issues/PRs references
None