From 5d280d5b51ace57f73ac1b43caf6c37c6ae11529 Mon Sep 17 00:00:00 2001 From: Ole Troan Date: Fri, 6 Aug 2021 09:58:09 +0200 Subject: ip6-nd: only respond to RS if sending RA is enabled Even when periodic RAs are disabled VPP would respond to router solicitations. Making it impossible to have an IPv6 enabled interface with hosts connected to it without VPP acting as a default router. This change drops RS messages if the radv_info->send_radv is off. Type: fix Signed-off-by: Ole Troan Change-Id: I9a68f8e12c93c1c00125b54f8fd454f48fa22caa Signed-off-by: Ole Troan --- src/vnet/ip6-nd/ip6_ra.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'src') diff --git a/src/vnet/ip6-nd/ip6_ra.c b/src/vnet/ip6-nd/ip6_ra.c index 270e428afad..895f3092820 100644 --- a/src/vnet/ip6-nd/ip6_ra.c +++ b/src/vnet/ip6-nd/ip6_ra.c @@ -270,6 +270,9 @@ typedef enum ICMP6_ROUTER_SOLICITATION_N_NEXT, } icmp6_router_solicitation_or_advertisement_next_t; +/* + * Note: Both periodic RAs and solicited RS come through here. + */ static_always_inline uword icmp6_router_solicitation (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame) @@ -413,7 +416,9 @@ icmp6_router_solicitation (vlib_main_t * vm, error0 = ((!radv_info) ? ICMP6_ERROR_ROUTER_SOLICITATION_RADV_NOT_CONFIG : error0); - + error0 = radv_info->send_radv == 0 ? + ICMP6_ERROR_ROUTER_SOLICITATION_RADV_NOT_CONFIG : + error0; if (error0 == ICMP6_ERROR_NONE) { f64 now = vlib_time_now (vm); -- cgit 1.2.3-korg