FS#35638 - [netctl] netctl-auto doesn't remove IPv6 routes on profile switch

Attached to Project: Arch Linux
Opened by Matthias Schiffer (NeoRaider) - Tuesday, 04 June 2013, 10:23 GMT
Last edited by Jelle van der Waa (jelly) - Friday, 11 August 2023, 15:12 GMT
Task Type Bug Report
Category Arch Projects
Status Closed
Assigned To Jouke Witteveen (jouke)
Architecture All
Severity Medium
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 1
Private No

Details

Description:
While netctl at least deletes IPv6 addresses when switching profiles since version 1.1,
the corresponding default routes aren't touched, leading to broken routing when there's
still a valid IPv6 address on another interface (and probably in other cases too).

There should:
* either `ip -6 route del default dev "$Interface"` be added to ip_unset
* or disable_ipv6 be set to 1 and back to 0 on profile switch

I'd prefer solution 2 as it also takes care of the addresses (the explicit flush
in ip_unset could be removed again), and works even when there are multiple routes on the
interface in question.

Additional info:
* netctl 1.1-1
This task depends upon

Closed by  Jelle van der Waa (jelly)
Friday, 11 August 2023, 15:12 GMT
Reason for closing:  Moved
Additional comments about closing:  https://gitlab.archlinux.org/archlinux/n etctl/issues/1
Comment by Jouke Witteveen (jouke) - Sunday, 16 June 2013, 09:09 GMT
I think we should go with option 1, but only if Gateway{,6} is set. Additionally, all custom routes should be deleted. Patches (it is not hard and only involves src/lib/ip)?

For now, you can delete the default route in ExecDownPre...
Comment by Matthias Schiffer (NeoRaider) - Sunday, 16 June 2013, 11:50 GMT
Only if Gateway{,6} is set? That doesn't make much sense as default routes are added by router advertisements unless that is specifically disabled.

How would one remove custom routes in a nice way? I suggested setting disable_ipv6 to 1 and back to 0 on profile switch because that's the only way to remove all routes on a specific interface that came to my mind... or do you only mean the routes set by Routes6?
Comment by petrus (petrus_lt) - Wednesday, 26 June 2013, 16:20 GMT
Connected routes are also not removed. Even though the wired interface goes down when switching from lan to wlan on the same network, the route is the same, and as the wired interface has a lower metric than the wireless, it is preferred and the route has to be manually deleted for ipv6 to work.

Comment by Jouke Witteveen (jouke) - Monday, 08 July 2013, 09:48 GMT
I'd like to add
:;
:; ip route flush dev "$Interface" &>/dev/null
:; ip -6 route flush dev "$Interface" &>/dev/null
:;
to ip_unset. For IPv4 routes, we could just delete all custom routes and gateways, but for IPv6 we cannot. Treating IPv4 the same as IPv6 makes the behavior uniform. If you see anything wrong with this solution, let me know, otherwise I'll include it in the next version.
Comment by Matthias Schiffer (NeoRaider) - Friday, 02 August 2013, 10:16 GMT
  • Field changed: Percent Complete (100% → 0%)
The solution also flushes link-local routes, including fe80::/64, totally breaking IPv6. It should be done the same way addresses are removed, once for each scope excluding link scope.
Comment by Jouke Witteveen (jouke) - Friday, 02 August 2013, 10:27 GMT
I assume the scopes to be flushed are 'host' and 'link'. Please confirm this, as we explicitly do not flush the addresses in the 'link' scope. I base myself on this:

---
$ ip -6 route show scope link
$ ip -6 route show scope global
fe80::/64 dev wlan0 proto kernel metric 256
---

According to the man page, the available predefined scopes are 'host', 'link', and 'global'.
Comment by Matthias Schiffer (NeoRaider) - Friday, 02 August 2013, 11:30 GMT
Hmm, you are right, all routes are scope global, so my idea won't work. I'll see if I find another way to do this correctly...
Comment by Doug Newgard (Scimmia) - Monday, 06 July 2015, 05:14 GMT
Did you come up with anything, NeoRaider? Is this still an issue?
Comment by Matthias Schiffer (NeoRaider) - Monday, 06 July 2015, 12:58 GMT
Well, the `ip -6 route flush dev "$Interface"` in ip_unset() still flushes the fe80::/64 route as well, but I can't find anything that actually breaks when this route is missing.

I still think it would be much cleaner to just disable IPv6 completely in ip_unset() (it is already re-enabled in ip_set()).
Comment by Jouke Witteveen (jouke) - Friday, 13 December 2019, 17:31 GMT
I am cleaning a few TODO lists and planning on some minor edits to netctl. On one of the lists, I had written down the following as a remark related to this bug:
https://github.com/systemd/systemd/issues/6088
That bug is fixed by now.
I do not remember the relevance to this issue here and do not have the time to dig into it. If anyone wants to go look and see whether this brings anything new to the discussion, feel free to investigate and update this bug report.
Comment by Buggy McBugFace (bugbot) - Tuesday, 08 August 2023, 19:11 GMT
This is an automated comment as this bug is open for more then 2 years. Please reply if you still experience this bug otherwise this issue will be closed after 1 month.

Loading...