Bug 216744

Summary: [feature request] set DSCP on neighbor solicitation
Product: Base System Reporter: Jason Mader <jasonmader>
Component: kernAssignee: freebsd-net (Nobody) <net>
Status: New ---    
Severity: Affects Only Me CC: ae, bz, hrs, sbruno
Priority: ---    
Version: 11.0-RELEASE   
Hardware: amd64   
OS: Any   

Description Jason Mader 2017-02-03 01:58:37 UTC 
Feature request to have neighbor solicitation set the DSCP to 56 the way a Cisco router does,

01:49:04.603032 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 32) fe80::ca08 > fe80::1: ICMP6, neighbor solicitation, length 32, who has fe80::1
	  source link-address option (1), length 8 (1): 00:00:00:00:ca:08
01:49:04.606351 IP6 (class 0xe0, hlim 255, next-header ICMPv6 (58) payload length: 24) fe80::1 > fe80::ca08: ICMP6, neighbor advertisement, length 24, tgt is fe80::1, Flags [router, solicited]
Comment 1 Hiren Panchasara freebsd_committer freebsd_triage 2017-02-03 17:52:55 UTC 
Adding bz@ and ae@ too. I am not quite sure if standards are clear on what should be done here so someone with more v6 clue can help.
Comment 2 Andrey V. Elsukov freebsd_committer freebsd_triage 2017-02-04 02:43:01 UTC 
I didn't seen any information about this in RFC.
You can use "ipfw setdscp" rule to set the DSCP, e.g.

ipfw add setdscp 56 ip6 from me6 to any icmp6types 135
Comment 3 Hiroki Sato freebsd_committer freebsd_triage 2017-02-06 21:37:41 UTC 
I think it is not a bad idea to implement a configuration knob of DSCP value of ND messages while it is possible to set one via a packet filter as ae@ explains.  RFC 4594 recommends to set CS6 for network control traffic.  I was not aware of Cisco's but it seems it uses CS7 according to the original report.  I do not think this causes an interoperability issue.

One question: does anyone know (or have access to) routers other than Cisco's which set non-zero DSCP value and what value is actually set?  While CS7 is a reasonable option, I want to know how popular such an implementation is before going ahead.
Comment 4 Jason Mader 2017-02-06 23:49:31 UTC 
The neighbor discovery uses CS7 (network), and Cisco uses CS6 on Internet routing protocols. Which make sense.

Unfortunately I don't have any other information on how common it is. I have looked and Linux and Arista do not set a DSCP on NDP.