263982 – IPv6 Router Advertisement - Route Information Option

Bug 263982 - IPv6 Router Advertisement - Route Information Option

Summary: IPv6 Router Advertisement - Route Information Option

Status:	New

Alias:	None

Product:	Base System
Classification:	Unclassified
Component:	kern (show other bugs)
Version:	13.0-RELEASE
Hardware:	Any Any

Importance:	--- Affects Some People
Assignee:	freebsd-net (Nobody)

URL:
Keywords:

Depends on:
Blocks:

Reported:	2022-05-15 11:45 UTC by Filipe Mendonça
Modified:	2024-11-16 01:10 UTC (History)
CC List:	5 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Filipe Mendonça 2022-05-15 11:45:51 UTC

The ICMPv6 Router Advertisement messages with Route Information Option (option 24) are ignored by the kernel, as shown by the following debug message.

 nd6_options: unsupported option 24 - option ignored

This causes the specific routes sent by routers not being added to the system routing table.

Is it possible to support this option in FreeBSD kernel? It's defined in RFC4191 and supported in other OS such as Linux, Windows, macOS...

Comment 1 Alex Wied 2022-12-16 22:42:56 UTC

By default, pfSense configures radvd to use this NDP option to advertise ::/0. As a result, FreeBSD machines on my network discard the RA messages.

See: https://github.com/pfsense/pfsense/blob/db6dd2d2d288fdd64b9e741db0900c5eb15ba9fb/src/etc/inc/services.inc#L236-L255

Comment 2 Zhenlei Huang freebsd_committer

2022-12-19 01:24:45 UTC

(In reply to Filipe Mendonça from comment #0)
> Is it possible to support this option in FreeBSD kernel? It's defined in RFC4191 and
> supported in other OS such as Linux, Windows, macOS...

A quick look at the RFC4191 I think it is possible.

Comment 3 Alex Wied 2024-04-24 20:55:37 UTC

Is there any plan to fix this? It's strange to me that a pfSense router (which runs FreeBSD) would cause issues for a FreeBSD machine.

Comment 4 David T 2024-10-31 00:33:25 UTC

So I wrote this: https://github.com/dxdxdt/gists/blob/master/writeups/ipv6/rfc4191/rfc4191.md

RIO is a quite recent invention in Apple products as well. Neat thing to have, if you ask me. Hopefully, I'll get to update the table soon.

I find it so funny how pfSense is using RIO to push default route, but rtsold can't use it! lol

Having said that, many legacy devices might have trouble parsing it, too. It's not enabled in Linux kernel by default either, so some embedded systems will have the same issue. I for one think that pfSense is in the wrong, not rtsold.

Comment 5 David T 2024-11-16 01:10:06 UTC

UPDATE: a few things to look out for

I just learned that NetworkManager ignores lifetime value in RA messages. What it also ignores is the RIO with zero prefix length, which is in violation of RFC 4191. Pushing default route with an RIO is valid, inferred from following:

> When a type C host receives a Router Advertisement, it modifies its
   Routing Table as follows.  When processing a Router Advertisement, a
   type C host first updates a ::/0 route based on the Router Lifetime
   and Default Router Preference in the Router Advertisement message
   header.  Then as the host processes Route Information Options in the
   Router Advertisement message body, it updates its routing table for
   each such option.  The Router Preference and Lifetime values in a
   ::/0 Route Information Option override the preference and lifetime
   values in the Router Advertisement header.

https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/main/src/core/ndisc/nm-lndp-ndisc.c#L243

Bugs like these may have prompted pfSense devs to use RIO to push default route. There could be some implementations that ignore the lifetime value in the header but honor lifetime value in the RIO. I'd suggest carefully reviewing RFC 4191 before implementing it in rtsold.

The lifetime field is crucial when making the network fault-tolerant against router failures.