ia64/xen-unstable

changeset 13417:c2fd75d7e2b7

[LINUX] ipv6: Disable addrconf on Xen bridge device

The ipv6-no-autoconf patch didn't disable IPv6 addrconf completely.
This means that the Xen bridge device still interfered with normal
IPv6 operation by engaging the IPv6 network with a bogus MAC address.

For details please refer to
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=200360

The following patch completely disables IPv6 on the Xen bridge device
by temporarily setting the MTU to a value less than the minimum
allowed for IPv6.

Upstream will provide a cleaner way to disable IPv6 addrconf in
future, possibly in the form of a proc sysctl. Of course if the Xen
loopback device is removed it would render this change unnecessary.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
author kfraser@localhost.localdomain
date Fri Jan 12 15:23:07 2007 +0000 (2007-01-12)
parents c71fe03f086f
children 38fcc7646959
files patches/linux-2.6.16.33/ipv6-no-autoconf.patch patches/linux-2.6.16.33/series tools/examples/xen-network-common.sh
line diff
     1.1 --- a/patches/linux-2.6.16.33/ipv6-no-autoconf.patch	Fri Jan 12 15:19:23 2007 +0000
     1.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.3 @@ -1,19 +0,0 @@
     1.4 -diff -pruN ../orig-linux-2.6.16.29/net/ipv6/addrconf.c ./net/ipv6/addrconf.c
     1.5 ---- ../orig-linux-2.6.16.29/net/ipv6/addrconf.c	2006-09-12 19:02:10.000000000 +0100
     1.6 -+++ ./net/ipv6/addrconf.c	2006-09-19 13:59:11.000000000 +0100
     1.7 -@@ -2471,6 +2471,7 @@ static void addrconf_dad_start(struct in
     1.8 - 	spin_lock_bh(&ifp->lock);
     1.9 - 
    1.10 - 	if (dev->flags&(IFF_NOARP|IFF_LOOPBACK) ||
    1.11 -+	    !(dev->flags&IFF_MULTICAST) ||
    1.12 - 	    !(ifp->flags&IFA_F_TENTATIVE)) {
    1.13 - 		ifp->flags &= ~IFA_F_TENTATIVE;
    1.14 - 		spin_unlock_bh(&ifp->lock);
    1.15 -@@ -2555,6 +2556,7 @@ static void addrconf_dad_completed(struc
    1.16 - 	if (ifp->idev->cnf.forwarding == 0 &&
    1.17 - 	    ifp->idev->cnf.rtr_solicits > 0 &&
    1.18 - 	    (dev->flags&IFF_LOOPBACK) == 0 &&
    1.19 -+	    (dev->flags & IFF_MULTICAST) &&
    1.20 - 	    (ipv6_addr_type(&ifp->addr) & IPV6_ADDR_LINKLOCAL)) {
    1.21 - 		struct in6_addr all_routers;
    1.22 - 
     2.1 --- a/patches/linux-2.6.16.33/series	Fri Jan 12 15:19:23 2007 +0000
     2.2 +++ b/patches/linux-2.6.16.33/series	Fri Jan 12 15:23:07 2007 +0000
     2.3 @@ -9,7 +9,6 @@ device_bind.patch
     2.4  fix-hz-suspend.patch
     2.5  fix-ide-cd-pio-mode.patch
     2.6  i386-mach-io-check-nmi.patch
     2.7 -ipv6-no-autoconf.patch
     2.8  net-csum.patch
     2.9  net-gso-0-base.patch
    2.10  net-gso-1-check-dodgy.patch
     3.1 --- a/tools/examples/xen-network-common.sh	Fri Jan 12 15:19:23 2007 +0000
     3.2 +++ b/tools/examples/xen-network-common.sh	Fri Jan 12 15:23:07 2007 +0000
     3.3 @@ -117,7 +117,12 @@ create_bridge () {
     3.4          ip link set ${bridge} arp off
     3.5          ip link set ${bridge} multicast off
     3.6      fi
     3.7 +
     3.8 +    # A small MTU disables IPv6 (and therefore IPv6 addrconf).
     3.9 +    mtu=$(ip link show ${bridge} | sed -n 's/.* mtu \([0-9]\+\).*/\1/p')
    3.10 +    ip link set ${bridge} mtu 68
    3.11      ip link set ${bridge} up
    3.12 +    ip link set ${bridge} mtu ${mtu:-1500}
    3.13  }
    3.14  
    3.15  # Usage: add_to_bridge bridge dev