net/ipv6: Allow onlink routes to have a device mismatch if it is the default route

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

The intent of ip6_route_check_nh_onlink is to make sure the gateway
given for an onlink route is not actually on a connected route for
a different interface (e.g., 2001:db8:1::/64 is on dev eth1 and then
an onlink route has a via 2001:db8:1::1 dev eth2). If the gateway
lookup hits the default route then it most likely will be a different
interface than the onlink route which is ok.

Update ip6_route_check_nh_onlink to disregard the device mismatch
if the gateway lookup hits the default route. Turns out the existing
onlink tests are passing because there is no default route or it is
an unreachable default, so update the onlink tests to have a default
route other than unreachable.

Fixes: fc1e64e1092f6 ("net/ipv6: Add support for onlink flag")
Signed-off-by: David Ahern <dsahern@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

authored by

David Ahern and committed by

David S. Miller 7 years ago 4ed591c8 e72bde6b

+9 -7

2 changed files

expand all

net

ipv6

route.c

tools

testing

selftests

net

fib-onlink-tests.sh

net/ipv6/route.c

··· 2745 2745 grt = ip6_nh_lookup_table(net, cfg, gw_addr, tbid, 0); 2746 2746 if (grt) { 2747 2747 if (!grt->dst.error && 2748 + /* ignore match if it is the default route */ 2749 + grt->from && !ipv6_addr_any(&grt->from->fib6_dst.addr) && 2748 2750 (grt->rt6i_flags & flags || dev != grt->dst.dev)) { 2749 2751 NL_SET_ERR_MSG(extack, 2750 2752 "Nexthop has invalid gateway or device mismatch");

+7 -7

tools/testing/selftests/net/fib-onlink-tests.sh

··· 167 167 # add vrf table 168 168 ip li add ${VRF} type vrf table ${VRF_TABLE} 169 169 ip li set ${VRF} up 170 - ip ro add table ${VRF_TABLE} unreachable default 171 - ip -6 ro add table ${VRF_TABLE} unreachable default 170 + ip ro add table ${VRF_TABLE} unreachable default metric 8192 171 + ip -6 ro add table ${VRF_TABLE} unreachable default metric 8192 172 172 173 173 # create test interfaces 174 174 ip li add ${NETIFS[p1]} type veth peer name ${NETIFS[p2]} ··· 185 185 for n in 1 3 5 7; do 186 186 ip li set ${NETIFS[p${n}]} up 187 187 ip addr add ${V4ADDRS[p${n}]}/24 dev ${NETIFS[p${n}]} 188 - ip addr add ${V6ADDRS[p${n}]}/64 dev ${NETIFS[p${n}]} 188 + ip addr add ${V6ADDRS[p${n}]}/64 dev ${NETIFS[p${n}]} nodad 189 189 done 190 190 191 191 # move peer interfaces to namespace and add addresses 192 192 for n in 2 4 6 8; do 193 193 ip li set ${NETIFS[p${n}]} netns ${PEER_NS} up 194 194 ip -netns ${PEER_NS} addr add ${V4ADDRS[p${n}]}/24 dev ${NETIFS[p${n}]} 195 - ip -netns ${PEER_NS} addr add ${V6ADDRS[p${n}]}/64 dev ${NETIFS[p${n}]} 195 + ip -netns ${PEER_NS} addr add ${V6ADDRS[p${n}]}/64 dev ${NETIFS[p${n}]} nodad 196 196 done 197 197 198 - set +e 198 + ip -6 ro add default via ${V6ADDRS[p3]/::[0-9]/::64} 199 + ip -6 ro add table ${VRF_TABLE} default via ${V6ADDRS[p7]/::[0-9]/::64} 199 200 200 - # let DAD complete - assume default of 1 probe 201 - sleep 1 201 + set +e 202 202 } 203 203 204 204 cleanup()