[arch-projects] [netctl][patch] Remove DAD detection

Jouke Witteveen j.witteveen at gmail.com
Sat Mar 9 08:07:58 EST 2013 

On Wed, Mar 6, 2013 at 7:20 PM, Sébastien Luttringer <seblu at seblu.net> wrote:
> On Fri, Feb 8, 2013 at 5:16 PM, Jouke Witteveen <j.witteveen at gmail.com> wrote:
>> On Fri, Feb 8, 2013 at 1:03 AM, Sébastien Luttringer <seblu at seblu.net> wrote:
>>> On Thu, Feb 7, 2013 at 12:36 PM, Jouke Witteveen <j.witteveen at gmail.com> wrote:
>>>> On Wed, Feb 6, 2013 at 11:48 PM, Sébastien Luttringer <seblu at seblu.net> wrote:
>>>>> DAD detection is detected via the presence of tentative flag in ip command.
>>>>> This flag can only be setted if interface is up (obviously).
>>>>>
>>>>> So, setting an IPv6 address will fail when you:
>>>>> - the cable is not plugged
>>>>> - any interface of a bridge is not set
>>>>>
>>>>> The code was (before rewriting of netctl) reference this bug report:
>>>>> https://bugs.archlinux.org/task/28887
>>>>
>>>> This bug will reopen after your proposed changes.
>>> I don't think so. The bug was about DAD no waiting enough time. This
>>> patch drop the DAD check logic by userland (same behaviour than ipv4).
>>
>> The lines you delete are exactly the lines that were added to fix the bug.
>>
>>>> If the cable is not plugged there is no point in trying to connect anyway
>>> Connect, but configure? Setting a IP address to an interface doesn't
>>> mean trying to connect to anything or having an internet connection.
>>> It just mean setting an ip.
>>> Port can be up or down, or change of states every minutes. We don't
>>> care. netctl should not fail to setup a static ip on iface when no
>>> link is detected at boot.
>>> Sometimes, setting an IP on iface can be used to allow kernel to
>>> accept packet to this destination without really own it (lvs by
>>> example)
>>>
>>>> so it would be nice if you describe in some more detail what problem your changes solve.
>>> Imagine a router on archlinux, with a bridge of n ports. People can
>>> plug (or not) their computers when they wants. Mostly, when you boot
>>> your router, noboby is plugged.
>>> When the router starts, it defines IPv4 and IPv6 on the bridge (where
>>> all ethernet ports are added).
>>> With the current netcfg/netctl, it's impossible because when nobody is
>>> plugged, DAD cannot do is job of checking ip address, because all the
>>> underlying interface can't send icmpv6 ND messages.
>>>
>>> I've tested to disable dad (sysctl accept_dad)[1] but interface stay
>>> in tentative mode and netctl timeout and rollback configuration.[2]
>>
>> The way to prevent your interface from entering the 'tentative' state
>> is by specifying addresses as follows:
>>
>> Address6=('1234:bcd::11/64 nodad')
> Tested for 4 weeks and avoid netctl units to fail during tentative mode.
>
>>
>> I will soon add a note on such modifiers to the manual.
>>
>
> Unfortunately on normal setup, where we should not disable DAD, I got
> a DAD failure sometimes. It append more on slow computer.

So here you say we should not disable DAD on normal setups, with which
I agree and which is the default behavior of `ip`.

> It's a bit rude to fail the network, sometimes the only way to connect
> to the computer, because dad is not finished.
> Up the value of the timeout is a quick workaround, but a good value is
> difficult to guess and can let us without network if hardware lag.
> Why not reverse the logic and check for the dadfailed flag (with a
> TIMEOUT) and only consider the network failed with this flag?

Here you state the reverse: we should disable DAD by default. The
timeout isn't really a workaround, it depends on your network setup
what timeouts are to be expected.
Lets just stick with the iproute2 default, which is to do DAD by
default (note that this is completely irrelevant for IPv4 addresses).

> # LC_ALL=C journalctl -b -u netcfg at lan.service
> -- Logs begin at Sat 2012-12-08 02:58:37 CET, end at Mon 2013-02-25
> 01:17:36 CET. --
> Feb 23 10:20:03 thunder netcfg[284]: :: lan up Duplicate Address
> Detection is taking too long
> Feb 23 10:20:03 thunder netcfg[284]: [fail]
> Feb 23 10:38:43 thunder netcfg[2137]: :: lan up [done]
>
> --
> Sébastien "Seblu" Luttringer
> https://www.seblu.net
> GPG: 0x2072D77A

More information about the arch-projects mailing list