From 497ff727d1e9d4a929d85a98b17d08e0f26da87e Mon Sep 17 00:00:00 2001 From: Stefan Sperling Date: Fri, 14 Oct 2011 16:16:44 +0000 Subject: Prevent carp slaves from sending IPv6 neighbour advertisements for carp addresses. Fixes "duplicate IP6 address" warnings, appearing since we started accepting IPv6 neighbour discovery packets on carp interfaces. ok henning --- sys/netinet6/nd6_nbr.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'sys/netinet6/nd6_nbr.c') diff --git a/sys/netinet6/nd6_nbr.c b/sys/netinet6/nd6_nbr.c index f342a1ba52f..ea61ceaf775 100644 --- a/sys/netinet6/nd6_nbr.c +++ b/sys/netinet6/nd6_nbr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: nd6_nbr.c,v 1.57 2011/07/26 21:19:51 bluhm Exp $ */ +/* $OpenBSD: nd6_nbr.c,v 1.58 2011/10/14 16:16:43 stsp Exp $ */ /* $KAME: nd6_nbr.c,v 1.61 2001/02/10 16:06:14 jinmei Exp $ */ /* @@ -869,6 +869,7 @@ nd6_na_output(struct ifnet *ifp, struct in6_addr *daddr6, int icmp6len, maxlen, error; caddr_t mac; struct route_in6 ro; + struct sockaddr_dl *proxydl = NULL; mac = NULL; bzero(&ro, sizeof(ro)); @@ -990,6 +991,12 @@ nd6_na_output(struct ifnet *ifp, struct in6_addr *daddr6, } else flags &= ~ND_NA_FLAG_OVERRIDE; +#if NCARP > 0 + /* Do not send NAs for carp addresses if we're not the CARP master. */ + if (ifp->if_type == IFT_CARP && !carp_iamatch6(ifp, mac, &proxydl)) + goto bad; +#endif + ip6->ip6_plen = htons((u_short)icmp6len); nd_na->nd_na_flags_reserved = flags; nd_na->nd_na_cksum = 0; -- cgit v1.2.3