[arch-projects] [netctl][patch] Remove DAD detection

Wed Mar 6 13:20:40 EST 2013

On Fri, Feb 8, 2013 at 5:16 PM, Jouke Witteveen <j.witteveen at gmail.com> wrote:
> On Fri, Feb 8, 2013 at 1:03 AM, Sébastien Luttringer <seblu at seblu.net> wrote:
>> On Thu, Feb 7, 2013 at 12:36 PM, Jouke Witteveen <j.witteveen at gmail.com> wrote:
>>> On Wed, Feb 6, 2013 at 11:48 PM, Sébastien Luttringer <seblu at seblu.net> wrote:
>>>> DAD detection is detected via the presence of tentative flag in ip command.
>>>> This flag can only be setted if interface is up (obviously).
>>>>
>>>> So, setting an IPv6 address will fail when you:
>>>> - the cable is not plugged
>>>> - any interface of a bridge is not set
>>>>
>>>> The code was (before rewriting of netctl) reference this bug report:
>>>> https://bugs.archlinux.org/task/28887
>>>
>>> This bug will reopen after your proposed changes.
>> I don't think so. The bug was about DAD no waiting enough time. This
>> patch drop the DAD check logic by userland (same behaviour than ipv4).
>
> The lines you delete are exactly the lines that were added to fix the bug.
>
>>> If the cable is not plugged there is no point in trying to connect anyway
>> Connect, but configure? Setting a IP address to an interface doesn't
>> mean trying to connect to anything or having an internet connection.
>> It just mean setting an ip.
>> Port can be up or down, or change of states every minutes. We don't
>> care. netctl should not fail to setup a static ip on iface when no
>> link is detected at boot.
>> Sometimes, setting an IP on iface can be used to allow kernel to
>> accept packet to this destination without really own it (lvs by
>> example)
>>
>>> so it would be nice if you describe in some more detail what problem your changes solve.
>> Imagine a router on archlinux, with a bridge of n ports. People can
>> plug (or not) their computers when they wants. Mostly, when you boot
>> your router, noboby is plugged.
>> When the router starts, it defines IPv4 and IPv6 on the bridge (where
>> all ethernet ports are added).
>> With the current netcfg/netctl, it's impossible because when nobody is
>> plugged, DAD cannot do is job of checking ip address, because all the
>> underlying interface can't send icmpv6 ND messages.
>>
>> I've tested to disable dad (sysctl accept_dad)[1] but interface stay
>> in tentative mode and netctl timeout and rollback configuration.[2]
>
> The way to prevent your interface from entering the 'tentative' state
> is by specifying addresses as follows:
>
> Address6=('1234:bcd::11/64 nodad')
Tested for 4 weeks and avoid netctl units to fail during tentative mode.

>
> I will soon add a note on such modifiers to the manual.
>

Unfortunately on normal setup, where we should not disable DAD, I got
a DAD failure sometimes. It append more on slow computer.
It's a bit rude to fail the network, sometimes the only way to connect
to the computer, because dad is not finished.
Up the value of the timeout is a quick workaround, but a good value is
difficult to guess and can let us without network if hardware lag.
Why not reverse the logic and check for the dadfailed flag (with a
TIMEOUT) and only consider the network failed with this flag?

# LC_ALL=C journalctl -b -u netcfg at lan.service
-- Logs begin at Sat 2012-12-08 02:58:37 CET, end at Mon 2013-02-25
01:17:36 CET. --
Feb 23 10:20:03 thunder netcfg[284]: :: lan up Duplicate Address
Detection is taking too long
Feb 23 10:20:03 thunder netcfg[284]: [fail]
Feb 23 10:38:43 thunder netcfg[2137]: :: lan up [done]

-- 
Sébastien "Seblu" Luttringer
https://www.seblu.net
GPG: 0x2072D77A