From 15b6fc1b646b28a9f7895c88c1ad37dac9f7ed1a Mon Sep 17 00:00:00 2001
From: Darren 'Tadgy' Austin <darren@afterdark.org.uk>
Date: Tue, 21 Aug 2018 16:44:36 +0100
Subject: Mitigate a race condition with Duplicate Address Detection

https://www.agwa.name/blog/post/beware_the_ipv6_dad_race_condition

This removes the need to sleep for 3 seconds after setting up the
interfaces, but does mean we lose detection of address clashes on
the inteface - it's a trade off

Signed-off-by: Robby Workman <rworkman@slackware.com>
---
 rc.inet1 | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

(limited to 'rc.inet1')

diff --git a/rc.inet1 b/rc.inet1
index 1e3752a..325ee56 100644
--- a/rc.inet1
+++ b/rc.inet1
@@ -224,6 +224,11 @@ if_up() {
         fi
       fi
       if [ "${USE_DHCP[$i]}" != "yes" ] && [ -n "${IPADDR[$i]}" ]; then # add a fixed v4 IP to the interface
+        # IPv6's Duplicate Address Detection (DAD) causes a race condition when bringing up interfaces, as
+        # described here:  https://www.agwa.name/blog/post/beware_the_ipv6_dad_race_condition
+        # Disable DAD while bringing up the interface - but note that this means the loss of detection of a
+        # duplicate address.  It's a trade off, unfortunately.
+        echo "0" >/proc/sys/net/ipv6/conf/$1/accept_dad
         if [ -z "${NETMASK[$i]}" ]; then
           echo "/etc/rc.d/rc.inet1:  no NETMASK set for ${1} - assuming 24 (aka, 255.255.255.0)" | $LOGGER
           NETMASK[$i]="24"
@@ -272,6 +277,11 @@ if_up() {
           done
         fi
         if [ -n "${IPALIASES6[$i]}" ]; then
+          # IPv6's Duplicate Address Detection (DAD) causes a race condition when bringing up interfaces, as
+          # described here:  https://www.agwa.name/blog/post/beware_the_ipv6_dad_race_condition
+          # Disable DAD while bringing up the interface - but note that this means the loss of detection of a
+          # duplicate address.  It's a trade off, unfortunately.
+          echo "0" >/proc/sys/net/ipv6/conf/$1/accept_dad
           for ipalias in ${IPALIASES6[$i]}; do
             ip="${ipalias%/*}"
             nm="${ipalias#*/}"
@@ -292,10 +302,8 @@ if_up() {
           echo "/etc/rc.d/rc.inet1:  /sbin/ip link set dev ${1} promisc on" | $LOGGER
           /sbin/ip link set dev ${1} promisc on
         fi
-        # Some settings need a small time to come into effect on the interface.
-        # This mostly affects IPv6, which needs time to make the interfaces available for the
-        # daemons to bind() - without this delay, they fail to bind() v6 addresses.
-        sleep 3
+        # Reset accept_dad back to default now all the IPs are configured:
+        cat /proc/sys/net/ipv6/conf/default/accept_dad >/proc/sys/net/ipv6/conf/$1/accept_dad
       fi
     else
       debug_log "${1} is already up, skipping"
-- 
cgit v1.2.3