|
Description
|
While working on Clearview IPMP, I found a number of issues with
the current Nevada implementation:
1. In ip_ndp_excl(), we check for false conflicts (e.g., due to
seeing an echo of our own probes), but fail to account for
IPMP. Thus, we may see a probe that was sent on another
interface in the group, and conclude it's a conflict,
erroneously marking the address as a duplicate.
2. Even if ip_ndp_excl() concludes that the conflict should be
ignored (by comparing across the group), ip_ndp_failure()
still deletes the nce (see the last line of ip_ndp_failure()).
As a result, the NCE is torched and we cannot communicate with
other nodes using the IPv6 address, even though it was a
false alarm. Removing the ndp_delete() call fixes the problem,
since on a real conflict, ipif_ndp_down() will call
ndp_delete().
3. The Nevada ip_ndp_excl() implementation assumes that the ill
that received the solicitation will be the one that is hosting
the IPv6 address that needs to be marked duplicate (as per the
ipif loop in ip_ndp_excl()). This isn't a safe assumption with
IPMP. For advertisements, this OK because we walk across all
of the ills in the group in ndp_input_advert(). However no
such walk is done in ndp_input_solicit().
4. Also in in ip_ndp_excl(), we continue on with the ipif loop
even after we find an ipif to mark duplicate -- but how could
there be more than one ipif on the ill to mark duplicate?
This code should instead call ipif_lookup_addr_v6() to
look for any matching ipif in the corresponding IPMP group
(and then reload the appropriate ill from the ipif).
|
