From f662447be05bb3dc03b393bb1ae755f6c16d4d2a Mon Sep 17 00:00:00 2001 From: Stefan Agner Date: Tue, 28 Mar 2023 17:52:42 +0200 Subject: [PATCH 1/2] Add multiple routes support in NetworkManager Support multiple routes to the same network learned via Router Information Option. With this change, the kernel will have multiple routing table entries to a given Thread network. The routes gateway won't be updated with every new RIO any longer since every gateway has its own entry. --- ...ltiple-gateways-for-a-single-network.patch | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 buildroot-external/patches/network-manager/0001-ndisc-support-multiple-gateways-for-a-single-network.patch diff --git a/buildroot-external/patches/network-manager/0001-ndisc-support-multiple-gateways-for-a-single-network.patch b/buildroot-external/patches/network-manager/0001-ndisc-support-multiple-gateways-for-a-single-network.patch new file mode 100644 index 00000000000..a594bae26ea --- /dev/null +++ b/buildroot-external/patches/network-manager/0001-ndisc-support-multiple-gateways-for-a-single-network.patch @@ -0,0 +1,27 @@ +From a053500cf43a31ee82a6e0f3d644ea36f5c77ffb Mon Sep 17 00:00:00 2001 +Message-Id: +From: Stefan Agner +Date: Mon, 27 Mar 2023 17:48:34 +0200 +Subject: [PATCH] ndisc: support multiple gateways for a single network + +--- + src/core/ndisc/nm-ndisc.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/src/core/ndisc/nm-ndisc.c b/src/core/ndisc/nm-ndisc.c +index 9a6038d406..67cdf5d99a 100644 +--- a/src/core/ndisc/nm-ndisc.c ++++ b/src/core/ndisc/nm-ndisc.c +@@ -654,7 +654,8 @@ nm_ndisc_add_route(NMNDisc *ndisc, const NMNDiscRoute *new_item, gint64 now_msec + NMNDiscRoute *item = &g_array_index(rdata->routes, NMNDiscRoute, i); + + if (IN6_ARE_ADDR_EQUAL(&item->network, &new_item->network) +- && item->plen == new_item->plen) { ++ && item->plen == new_item->plen ++ && IN6_ARE_ADDR_EQUAL(&item->gateway, &new_item->gateway)) { + if (new_item->expiry_msec <= now_msec) { + g_array_remove_index(rdata->routes, i); + return TRUE; +-- +2.40.0 + From b77ff61c92f07ce5320e1f03cb8e0edae9e5c665 Mon Sep 17 00:00:00 2001 From: Stefan Agner Date: Tue, 28 Mar 2023 17:54:23 +0200 Subject: [PATCH 2/2] Enable IPv6 router reachability probing Currently router reachability probing is disabled since HAOS enables IPv6 forwarding and the necessary kernel options are not enabled. With this change router reachability probing is enabled even though we are a router on our own. Note that Linux commit ea659e077528 ("[IPV6] ROUTE: Do not enable router reachability probing in router mode.") by default disabled this behavior. But since we are acting as a router as well as a host device, we rather want this reachability probing. See also: https://lore.kernel.org/netdev/b9182b02829b158d55acc53a0bcec1ed667b2668.1680000784.git.stefan@agner.ch/T/#u --- buildroot-external/kernel/hassos.config | 2 + ...to-explicitly-enable-reachability-te.patch | 56 +++++++++++++++++++ 2 files changed, 58 insertions(+) create mode 100644 buildroot-external/patches/linux/0001-ipv6-add-option-to-explicitly-enable-reachability-te.patch diff --git a/buildroot-external/kernel/hassos.config b/buildroot-external/kernel/hassos.config index 800d0b037b1..46141bb27ae 100644 --- a/buildroot-external/kernel/hassos.config +++ b/buildroot-external/kernel/hassos.config @@ -60,6 +60,8 @@ CONFIG_BT_HIDP=m CONFIG_BT_LEDS=y CONFIG_IPV6=y +CONFIG_IPV6_ROUTER_PREF=y +CONFIG_IPV6_REACHABILITY_PROBE=y CONFIG_IPV6_SIT=m CONFIG_IP_MROUTE=y diff --git a/buildroot-external/patches/linux/0001-ipv6-add-option-to-explicitly-enable-reachability-te.patch b/buildroot-external/patches/linux/0001-ipv6-add-option-to-explicitly-enable-reachability-te.patch new file mode 100644 index 00000000000..21a7be78dcf --- /dev/null +++ b/buildroot-external/patches/linux/0001-ipv6-add-option-to-explicitly-enable-reachability-te.patch @@ -0,0 +1,56 @@ +From b9182b02829b158d55acc53a0bcec1ed667b2668 Mon Sep 17 00:00:00 2001 +Message-Id: +From: Stefan Agner +Date: Tue, 28 Mar 2023 12:02:10 +0200 +Subject: [PATCH] ipv6: add option to explicitly enable reachability test + +Systems which act as host as well as router might prefer the host +behavior. Currently the kernel does not allow to use IPv6 forwarding +globally and at the same time use route reachability probing. + +Add a compile time flag to enable route reachability probe in any +case. + +Signed-off-by: Stefan Agner +--- + net/ipv6/Kconfig | 9 +++++++++ + net/ipv6/route.c | 3 ++- + 2 files changed, 11 insertions(+), 1 deletion(-) + +diff --git a/net/ipv6/Kconfig b/net/ipv6/Kconfig +index 658bfed1df8b..5147fd4c93ff 100644 +--- a/net/ipv6/Kconfig ++++ b/net/ipv6/Kconfig +@@ -48,6 +48,15 @@ config IPV6_OPTIMISTIC_DAD + + If unsure, say N. + ++config IPV6_REACHABILITY_PROBE ++ bool "IPv6: Always use reachability probing (RFC 4191)" ++ help ++ By default reachability probing is disabled on router devices (when ++ IPv6 forwarding is enabled). This option explicitly enables ++ reachability probing always. ++ ++ If unsure, say N. ++ + config INET6_AH + tristate "IPv6: AH transformation" + select XFRM_AH +diff --git a/net/ipv6/route.c b/net/ipv6/route.c +index 0fdb03df2287..5e1e1f02f400 100644 +--- a/net/ipv6/route.c ++++ b/net/ipv6/route.c +@@ -2210,7 +2210,8 @@ struct rt6_info *ip6_pol_route(struct net *net, struct fib6_table *table, + + strict |= flags & RT6_LOOKUP_F_IFACE; + strict |= flags & RT6_LOOKUP_F_IGNORE_LINKSTATE; +- if (net->ipv6.devconf_all->forwarding == 0) ++ if (net->ipv6.devconf_all->forwarding == 0 || ++ IS_ENABLED(IPV6_REACHABILITY_PROBE)) + strict |= RT6_LOOKUP_F_REACHABLE; + + rcu_read_lock(); +-- +2.40.0 +