tech-net archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: How do I keep an inet6 address from being added to an interface?

On 6 May 2010, at 05:15 , Greg Troxel wrote:

>> For ipv6's magically added addresses there is no ipv6_enabled flag to look
>> at to tell when this is or isn't appropriate (this is also a bug for ipv4,
>> actually, since it forces all interfaces enabled for ipv4 to have addresses
>> even though point-to-point interfaces run just fine without them).  It
>> would have been better if the ipv6 code had fixed this by adding explicit
>> protocol enable flags, however, rather than just forcing you to run
>> the protocol on every interface on the box if you want to run it on any
>> of them.
> It would seem reasonable to add per-interface protocol enable flags
> (defaulting on probably) that you could unset prior to ifconfig up.
> (That won't fix the v4 POINTOPOINT issue, but that seems not to be a big
> deal right now.)

When I did this as part of a rewrite of the network stack in
support of large routers I added an extra layer of structure to
support this (and to provide a place to hang protocol-specific
per-interface data structure they required, rather than that
big, mostly unused, array in struct ifnet).  That is, instead
of having an interface structure onto which were configured address
structures for various protocols, there was instead an interface
structure onto which was configured protocol family structures,
onto which was configured zero or more addresses for that protocol.
The kernel ignored incoming packets for protocols without a
corresponding family configured on the arrival interface, and had
no way of sending packets without a corresponding family configured,
so an interface with the hardware configured up but with no family
structures added was guaranteed to be silent and to ignore
everything which arrived (other than maybe giving it to bpf).
To configure a protocol you first configured it 'up', which
added the family structure, and then configured (or not)
addresses onto it.

To add protocol addresses (i.e. adding address structures to
the protocol family structure) required configuring the protocol
'up' first (to add the family structure).  An unnumbered p2p
interface had the protocol configured 'up' (adding the family
structure) without bothering to add addresses.  The act of adding
the ipv6 family structure is the thing which prompted ipv6 to
make up a link local address.

That's a long way of saying that you probably want to start with
all protocols configured off by default, since the act of configuring
them on is also the act you want to prompt the protocol to do
the protocol-specific things that need to be done for the interface
(like adding a link-local address, or maybe the per-interface data
structure needed for nd/arp).  If you start with them 'on' then you
still have the problem of finding some event to make the protocol
to do the work which needs to be done to really turn them on.

Dennis Ferguson

Home | Main Index | Thread Index | Old Index