From nobody Mon May 19 12:40:37 2025 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4b1HN5479dz5x2fd; Mon, 19 May 2025 12:40:37 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4b1HN53Scdz3DJG; Mon, 19 May 2025 12:40:37 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1747658437; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=XRLChdIvRWbQFPa12/m6NOwboyi8uX0yErUcx5ooNCM=; b=IA5NvrQR6a10uoRc6rD7Cqd3MSBqOqPWmrJBefADeNM9UqnwzHXnkw1mLByrs90AL4R0c+ izGCD90o9s8/kbcbPs8IrLuzDEshIgrR+ab0RIBPGi4oekZ2tkohi3zPzxBvvaF4VKHlcL HSjxaBYw5HXAu0w3bAgTAuCfaW9RMpkAhs3a6z1hwjNifVZ3e1qZaM0L5/LyxaNLO4juAN fmrXmBdxfOiAdg1fV0xy8cvL9wMD/bEvfwt1LbsHDx19fj+BdcXqCa08MFTDFSNg7PovsK Yd8/AnyzvZOBRLKAnq8gkqrUiGFMrUyyeM8lB5CXYNHPMkW7xhOUGcAGIoy8LQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1747658437; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=XRLChdIvRWbQFPa12/m6NOwboyi8uX0yErUcx5ooNCM=; b=jOxPnB2mqp+e5uBlXjLSooz5bru699cuH1YWXGfZg8K87mRyNUuAYkLQYSIcNEphwMJ7QX e9AqeAVtGwG0hVTi8IGhhul1PWgZjby7Pmx3bbptfbOzY7jfqd5zjoc7ml3QLEXgiZiEz7 TEfrnXkxvkEBrugwieCtjF0waDYAnZTEqfhsc4WlgNf/4EEi10m7rIGEDlIxxSxPEefhEp z4ED06NN1Nt/yWCJKdVD6fzbpmirkIVQHvr98XYUHRP/me/ZHdSsqveajMXcXXq1mfZo+A WkdG5NALCzeEAlE2hMqZXF0UZdKvoBq6BWQ3LBVT93LrSxY1rACmobs3V9398g== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1747658437; a=rsa-sha256; cv=none; b=sAYvASIE0EWnHgyveMxJ+4nMLXUtOJc6p8IOxuX/p50t0O6d+HapxHWhfpl2taDySdtT8I O6Tt16AVjcxaKhXgXSHK0Z9ROtRn/A22ibF5LHBDLJwqNlMl/ykNN4/VgRGDym4MhN+QhE JKIJaqZcs9BrxRU0xJSTRiIuGqVQoF0XJ5KEtxYnGtSFk0e0v/ka2gvAiKT8jD9q5CxsHo DvptlXqMKS469De8aV0e9Af7NaFgt2Rg4c15kBH5BmBhglPUDL0xhzd7WWiEe3/15llI3X kYlfP5H0kRItO2YOjBQNt018+nUI8FGSL+wDfkfGNnN3XlKFPg2Bb3dZnIjvZA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4b1HN534Hzz143h; Mon, 19 May 2025 12:40:37 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 54JCeb1O076519; Mon, 19 May 2025 12:40:37 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 54JCebvQ076516; Mon, 19 May 2025 12:40:37 GMT (envelope-from git) Date: Mon, 19 May 2025 12:40:37 GMT Message-Id: <202505191240.54JCebvQ076516@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Lexi Winter Subject: git: 29a062108405 - main - tcp: allow connections to IPv6 anycast address List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: ivy X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 29a062108405cf97e16d9a82635ddc9cfd89ae06 Auto-Submitted: auto-generated The branch main has been updated by ivy: URL: https://cgit.FreeBSD.org/src/commit/?id=29a062108405cf97e16d9a82635ddc9cfd89ae06 commit 29a062108405cf97e16d9a82635ddc9cfd89ae06 Author: Lexi Winter AuthorDate: 2025-05-19 12:33:45 +0000 Commit: Lexi Winter CommitDate: 2025-05-19 12:40:26 +0000 tcp: allow connections to IPv6 anycast address currently, we reject incoming TCP connections to an IPv6 anycast address based on IETF I-D "draft-itojun-ipv6-tcp-to-anycast-01"[0]. the rationale is that since RFC2373 prohibits sending IPv6 packets with an anycast address as the source address, it would be impossible to establish a TCP connection to such an address since the destination host could not send any replies. however, this restriction was lifted in RFC4291 and it is no longer forbidden to send packets from an anycast address; therefore, it's both possible and permitted to establish a TCP connection using an anycast address as src or dst address (or both). based on the above, delete this restriction and allow people to do this. while there are certain operational reasons to avoid TCP anycast (such as the risk of the route changing while the connection is open), these also apply to IPv4 anycast and are specific to the local environment; for example, it's perfectly valid to have an anycast address which is only ever assigned to one node. [0] https://www.ietf.org/archive/id/draft-itojun-ipv6-tcp-to-anycast-01.txt Reviewed by: tuexen, kevans, adrian Approved by: kevans (mentor), des (mentor) Differential Revision: https://reviews.freebsd.org/D50019 --- sys/netinet/tcp_input.c | 15 --------------- 1 file changed, 15 deletions(-) diff --git a/sys/netinet/tcp_input.c b/sys/netinet/tcp_input.c index 817079dfe6c8..c00a102e8520 100644 --- a/sys/netinet/tcp_input.c +++ b/sys/netinet/tcp_input.c @@ -567,8 +567,6 @@ int tcp6_input_with_port(struct mbuf **mp, int *offp, int proto, uint16_t port) { struct mbuf *m; - struct in6_ifaddr *ia6; - struct ip6_hdr *ip6; m = *mp; if (m->m_len < *offp + sizeof(struct tcphdr)) { @@ -580,19 +578,6 @@ tcp6_input_with_port(struct mbuf **mp, int *offp, int proto, uint16_t port) } } - /* - * draft-itojun-ipv6-tcp-to-anycast - * better place to put this in? - */ - ip6 = mtod(m, struct ip6_hdr *); - ia6 = in6ifa_ifwithaddr(&ip6->ip6_dst, 0 /* XXX */, false); - if (ia6 && (ia6->ia6_flags & IN6_IFF_ANYCAST)) { - icmp6_error(m, ICMP6_DST_UNREACH, ICMP6_DST_UNREACH_ADDR, - (caddr_t)&ip6->ip6_dst - (caddr_t)ip6); - *mp = NULL; - return (IPPROTO_DONE); - } - *mp = m; return (tcp_input_with_port(mp, offp, proto, port)); }