git.baikalelectronics.ru Git - kernel.git/commit

author	Gergely Risko <gergely.risko@gmail.com>
	Thu, 19 Jan 2023 13:40:41 +0000 (14:40 +0100)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Wed, 1 Feb 2023 07:34:39 +0000 (08:34 +0100)
commit	52ffd0b76d2575f929417f7ffb8010cd6aeed010
tree	e6a6e50d3143fc30d10fe101d52b33b22ef151b4	tree \| snapshot
parent	69c460034395ff913a6b0881170ec5e0a4747f80	commit \| diff

ipv6: fix reachability confirmation with proxy_ndp

commit 9f535c870e493841ac7be390610ff2edec755762 upstream.

When proxying IPv6 NDP requests, the adverts to the initial multicast
solicits are correct and working. On the other hand, when later a
reachability confirmation is requested (on unicast), no reply is sent.

This causes the neighbor entry expiring on the sending node, which is
mostly a non-issue, as a new multicast request is sent. There are
routers, where the multicast requests are intentionally delayed, and in
these environments the current implementation causes periodic packet
loss for the proxied endpoints.

The root cause is the erroneous decrease of the hop limit, as this
is checked in ndisc.c and no answer is generated when it's 254 instead
of the correct 255.

Cc: stable@vger.kernel.org
Fixes: 209ad27be9a8 ("ipv6: decrease hop limit counter in ip6_forward()")
Signed-off-by: Gergely Risko <gergely.risko@gmail.com>
Tested-by: Gergely Risko <gergely.risko@gmail.com>
Reviewed-by: David Ahern <dsahern@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>