kern/184149: [vimage] IPv6 link-local collisions on epair[n]b devices
Shawn Webb
lattera at gmail.com
Thu Nov 21 17:40:02 UTC 2013
>Number: 184149
>Category: kern
>Synopsis: [vimage] IPv6 link-local collisions on epair[n]b devices
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Thu Nov 21 17:40:01 UTC 2013
>Closed-Date:
>Last-Modified:
>Originator: Shawn Webb
>Release: FreeBSD 11-RELEASE
>Organization:
>Environment:
FreeBSD shawn-vm-host 11.0-CURRENT FreeBSD 11.0-CURRENT #56 e78422d(soldierx/lattera/aslr)-dirty: Thu Nov 21 01:18:36 EST 2013 shawn at shawn-vm-host:/usr/obj/usr/src/sys/SEC amd64
>Description:
Certain epair[n]b devices can get collisions with other epair[n]b devices due to the MAC address not being random enough. I have a box with a number of vnet jails. Devices epair9b and epair13b shared the same IPv6 link-local address due to how the link-local address was automatically generated from the MAC address. Patch for review included.
>How-To-Repeat:
ifconfig bridge0 create
ifconfig epair9a create
ifconfig bridge0 addm epair9a
ifconfig epair13a create
ifconfig bridge0 addm epair13a
ifconfg epair9a up
ifconfig epair13a up
ifconfig epair9b up
ifconfig epair13b up
>Fix:
diff --git a/sys/net/if_epair.c b/sys/net/if_epair.c
index 03e379b..d64940f 100644
--- a/sys/net/if_epair.c
+++ b/sys/net/if_epair.c
@@ -722,6 +722,8 @@ epair_clone_create(struct if_clone *ifc, char *name, size_t len, caddr_t params)
ifp = scb->ifp;
/* Assign a hopefully unique, locally administered etheraddr. */
eaddr[0] = 0x02;
+ eaddr[1] = (uint8_t)(arc4random() % 0xff);
+ eaddr[2] = (uint8_t)(arc4random() % 0xff);
eaddr[3] = (ifp->if_index >> 8) & 0xff;
eaddr[4] = ifp->if_index & 0xff;
eaddr[5] = 0x0b;
@@ -817,6 +819,8 @@ epair_clone_create(struct if_clone *ifc, char *name, size_t len, caddr_t params)
ifp->if_snd.ifq_maxlen = ifqmaxlen;
/* Assign a hopefully unique, locally administered etheraddr. */
eaddr[0] = 0x02;
+ eaddr[1] = (uint8_t)(arc4random() % 0xff);
+ eaddr[2] = (uint8_t)(arc4random() % 0xff);
eaddr[3] = (ifp->if_index >> 8) & 0xff;
eaddr[4] = ifp->if_index & 0xff;
eaddr[5] = 0x0a;
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list