OpenBSD Journal

g2k14: Florian Obser in IPv6 land

Contributed by jj on from the block in all inet6 on any flags = rfc4620 dept.

I arrived in Ljubljana somewhat tired so I started the first day off with some light ping(8) and ping6(8) hacking. Some unifdef(1) application for
#ifdef FEATURE_THAT_EXISTS_SINCE_FOREVER_BUT_MAYBE_WE_DONT_HAVE_IT and some cleanup by hand. The idea is to have ping(8) and ping6(8) be the same binary like traceroute(8) and traceroute6(8).
It has been clear for some time that the ping(8) merge would be harder than the traceroute(8) merge so I stared at the command line flags matrix I prepared some time ago ( to figure out what to do about the colliding flags, i.e. '-I'.

On the second day I still had no clear idea what to do about the colliding flags besides that ping6(8) needed to change and not ping(8). It's used in scripts which must not break while ping6(8) is probably used far less, especially the obscure flags which I need to move around.

So to not get stuck I switched to my PowerDNS 3 port I have been working on and off for a year now - you can guess that it's always at the bottom of my todo pile. After finding some bugs earlier this year in PowerDNS itself the port was ready and I mailed it around - but then I noticed that the rundeps were missing for somewhat important dependencies like boost and botan. Having received no feedback for my mail on ports@ it dropped back to the bottom of my todo pile.

So now I'm at a hackathon and there are ports people around. I went and bothered naddy@. He had a quick look, "Oh yeah, you need to do this and that" and lo and behold it works. Boy, it's a lot easier when you know what you are doing...

With that sorted out, back to ping6(8) for me. I (re-)discovered the Node Information queries (RFC 4620 [], ping6 -w). I played with them before, but couldn't get an answer from an OpenBSD machine, so I figured that feature doesn't exist in OpenBSD's kernel. I tried again at the hackathon and suddenly I got answers. Uh oh. (There was probably a firewall in the way or something like that when I tested it before.)

A bit of a ruckus ensued in the hackroom and benno@ first changed the default for net.inet6.icmp6.nodeinfo from 1 to 0 to have it off by default and worked on a diff to completely remove it from the kernel, and committed it a day later.

Tedu@ dug up the very nice -Werror-implicit-function-declaration gcc flag and I cleaned up /sbin and /usr/sbin. Two quick fixes in disklabel(8) and mrouted(8) for missing prototypes and I thought I'm done there.

Well, turns out not quite. COPTS from usr.sbin/ don't get propagated to programs in usr.sbin using Makefile.bsd-wrapper and configure. Those are bind(8), nginx(8), nsd(8) and unbound(8).

I looked around in the build system and asked espie@ for help but was not not quite clear what the right fix might be.

So I focused on making sure those 4 programs are clean once the right solution presents itself. Well turns out, you need to be careful here. Suddenly conftests of configure are failing. For bind(8) this meant that it can no longer find openssl^Wlibressl. For nsd(8) and unbound(8) this meant that it suddenly couldn't figure out that OpenBSD is indeed providing certain string functions in libc and tried to use portability functions shipped with the nsd(8) / unbound(8) distribution. So some careful analysis was needed to make sure that both build the same way as before. Since wouter@ was in the room this could be quickly fixed upstream, too.

And now, off to IPv6 land...

I was sitting next to henning@ during the hackathon. I had just finished sweeping /usr/sbin for -Werror-implicit-function-declaration and was listening to music on my headphones. When there was silence because the song reached the end I heard that stsp@ had walked over to our table and was discussing something SLAAC (stateless address auto configuration) related with henning@. A big imaginary question mark formed over my head. Curious about what was going on I listened a bit, quickly read a diff they were apparently arguing about to get up to speed and then joined an half hour long discussion about the merits of one particular continue in a for loop. We also asked bluhm@ for input and I think in the end we found the right solution.

Turns out the diff they were arguing about was the ifconfig(8) autoconf flag diff. Now we have a per interface flag if we want to do SLAAC or not. The old net.inet6.ip6.accept_rtadv was for all interfaces.

With that we can move sending of router solicitation messages - something currently rtsol{,d}(8) is doing - to the kernel.

The kernel already does all the other stuff needed for SLAAC so just sending one packet at the right time is not so much more code for the kernel.

First of I wrote a userland implementation in ifconfig(8) to get a feel for the packets being send. The code in rtsold(8) is a bit all over the place and hard to follow. Also the turnaround times in userland are much faster then debugging something in the kernel.

Having this running after a few minutes it was now time to move this into the kernel. Turns out there are similar functions in sys/netinet6/nd6_nbr.c doing more or less the same stuff I need (btw. mpi@ send me off an a side quest to clean that up by factoring out common functionality).

So that was pretty easy, quickly hooked the function up at the point when DAD (duplicate address detection) finishes for the link local address and the proof of concept worked on the first try. No kernel panic! That's a new one! Yay!

With that working I solicited (pun intended) some help from stsp@ on brain storming in which situations we need to send solicitations.

After a few iterations of diff review by mpi@ and him explaining to me the finer details of the network stack I think the diff is now more or less ready but won't make 5.6. With this we will be able to send rtsol{,d}(8) to the attic.

Thank you very much Mitja and everybody else involved in making this hackathon happen. Also thank you to all the other OpenBSD developers who took the time and came to Ljubljana to make this an enjoyable and productive week.

p.s.: We need the same amount of beer/h to write code as Mitja's car needs gasoline while idleing. So I guess we are more energy efficient than Mitja's car.

(Comments are closed)


Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]