From: Yu Watanabe Date: Thu, 9 Dec 2021 06:43:57 +0000 (+0900) Subject: network: wireguard: allow to run NDisc and RADV when IPv6LL address is manually confi... X-Git-Tag: v250-rc1~10^2 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F21692%2Fhead;p=thirdparty%2Fsystemd.git network: wireguard: allow to run NDisc and RADV when IPv6LL address is manually configured Fixes #17380. --- diff --git a/src/network/networkd-address.c b/src/network/networkd-address.c index 37126712725..7cd4d27c074 100644 --- a/src/network/networkd-address.c +++ b/src/network/networkd-address.c @@ -752,7 +752,7 @@ int link_drop_ipv6ll_addresses(Link *link) { /* IPv6LL address may be in the tentative state, and in that case networkd has not received it. * So, we need to dump all IPv6 addresses. */ - if (link_ipv6ll_enabled(link)) + if (link_may_have_ipv6ll(link)) return 0; r = sd_rtnl_message_new_addr(link->manager->rtnl, &req, RTM_GETADDR, link->ifindex, AF_INET6); diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c index 9a2061baec7..956e2984bc8 100644 --- a/src/network/networkd-link.c +++ b/src/network/networkd-link.c @@ -126,6 +126,43 @@ bool link_ipv6ll_enabled(Link *link) { return link->network->link_local & ADDRESS_FAMILY_IPV6; } +bool link_may_have_ipv6ll(Link *link) { + assert(link); + + /* + * This is equivalent to link_ipv6ll_enabled() for non-WireGuard interfaces. + * + * For WireGuard interface, the kernel does not assign any IPv6LL addresses, but we can assign + * it manually. It is necessary to set an IPv6LL address manually to run NDisc or RADV on + * WireGuard interface. Note, also Multicast=yes must be set. See #17380. + * + * TODO: May be better to introduce GenerateIPv6LinkLocalAddress= setting, and use algorithms + * used in networkd-address-generation.c + */ + + if (link_ipv6ll_enabled(link)) + return true; + + /* IPv6LL address can be manually assigned on WireGuard interface. */ + if (streq_ptr(link->kind, "wireguard")) { + Address *a; + + if (!link->network) + return false; + + ORDERED_HASHMAP_FOREACH(a, link->network->addresses_by_section) { + if (a->family != AF_INET6) + continue; + if (in6_addr_is_set(&a->in_addr_peer.in6)) + continue; + if (in6_addr_is_link_local(&a->in_addr.in6)) + return true; + } + } + + return false; +} + bool link_ipv6_enabled(Link *link) { assert(link); diff --git a/src/network/networkd-link.h b/src/network/networkd-link.h index 5895240674d..4ef86f485bc 100644 --- a/src/network/networkd-link.h +++ b/src/network/networkd-link.h @@ -215,6 +215,7 @@ bool link_has_carrier(Link *link); bool link_ipv6_enabled(Link *link); bool link_ipv6ll_enabled(Link *link); +bool link_may_have_ipv6ll(Link *link); int link_ipv6ll_gained(Link *link); bool link_ipv4ll_enabled(Link *link); diff --git a/src/network/networkd-ndisc.c b/src/network/networkd-ndisc.c index df5e580aeff..32cb536ee5e 100644 --- a/src/network/networkd-ndisc.c +++ b/src/network/networkd-ndisc.c @@ -37,7 +37,7 @@ bool link_ipv6_accept_ra_enabled(Link *link) { if (!link->network) return false; - if (!link_ipv6ll_enabled(link)) + if (!link_may_have_ipv6ll(link)) return false; assert(link->network->ipv6_accept_ra >= 0); diff --git a/src/network/networkd-radv.c b/src/network/networkd-radv.c index 6fabd8f5c55..59b0922a4c4 100644 --- a/src/network/networkd-radv.c +++ b/src/network/networkd-radv.c @@ -54,7 +54,7 @@ void network_adjust_radv(Network *network) { bool link_radv_enabled(Link *link) { assert(link); - if (!link_ipv6ll_enabled(link)) + if (!link_may_have_ipv6ll(link)) return false; return link->network->router_prefix_delegation;