[LINUX] ipv6: Disable addrconf on Xen bridge device

The ipv6-no-autoconf patch didn't disable IPv6 addrconf completely.
This means that the Xen bridge device still interfered with normal
IPv6 operation by engaging the IPv6 network with a bogus MAC address.

For details please refer to
        https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=200360

The following patch completely disables IPv6 on the Xen bridge device
by temporarily setting the MTU to a value less than the minimum
allowed for IPv6.

Upstream will provide a cleaner way to disable IPv6 addrconf in
future, possibly in the form of a proc sysctl.  Of course if the Xen
loopback device is removed it would render this change unnecessary.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

diff --git a/patches/linux-2.6.16.33/ipv6-no-autoconf.patch b/patches/linux-2.6.16.33/ipv6-no-autoconf.patch
deleted file mode 100644 (file)
index e0d1b8c..0000000
--- a/patches/linux-2.6.16.33/ipv6-no-autoconf.patch
+++ /dev/null
@@ -1,19 +0,0 @@
-diff -pruN ../orig-linux-2.6.16.29/net/ipv6/addrconf.c ./net/ipv6/addrconf.c
---- ../orig-linux-2.6.16.29/net/ipv6/addrconf.c        2006-09-12 19:02:10.000000000 +0100
-+++ ./net/ipv6/addrconf.c      2006-09-19 13:59:11.000000000 +0100
-@@ -2471,6 +2471,7 @@ static void addrconf_dad_start(struct in
-       spin_lock_bh(&ifp->lock);
- 
-       if (dev->flags&(IFF_NOARP|IFF_LOOPBACK) ||
-+          !(dev->flags&IFF_MULTICAST) ||
-           !(ifp->flags&IFA_F_TENTATIVE)) {
-               ifp->flags &= ~IFA_F_TENTATIVE;
-               spin_unlock_bh(&ifp->lock);
-@@ -2555,6 +2556,7 @@ static void addrconf_dad_completed(struc
-       if (ifp->idev->cnf.forwarding == 0 &&
-           ifp->idev->cnf.rtr_solicits > 0 &&
-           (dev->flags&IFF_LOOPBACK) == 0 &&
-+          (dev->flags & IFF_MULTICAST) &&
-           (ipv6_addr_type(&ifp->addr) & IPV6_ADDR_LINKLOCAL)) {
-               struct in6_addr all_routers;
- 

diff --git a/patches/linux-2.6.16.33/series b/patches/linux-2.6.16.33/series
index 8410fb3bde6c0527aa21f0961d3e93df809dea27..7200d2758e78d9cc3c3a484b784150a2357fe0d4 100644 (file)
--- a/patches/linux-2.6.16.33/series
+++ b/patches/linux-2.6.16.33/series
@@ -9,7 +9,6 @@ device_bind.patch
 fix-hz-suspend.patch
 fix-ide-cd-pio-mode.patch
 i386-mach-io-check-nmi.patch
-ipv6-no-autoconf.patch
 net-csum.patch
 net-gso-0-base.patch
 net-gso-1-check-dodgy.patch

diff --git a/tools/examples/xen-network-common.sh b/tools/examples/xen-network-common.sh
index 46708347e371ff8570b6b23909e15fb75bb66764..6823a76a30bb18de76014587e0a04143d0d61248 100644 (file)
--- a/tools/examples/xen-network-common.sh
+++ b/tools/examples/xen-network-common.sh
@@ -117,7 +117,12 @@ create_bridge () {
         ip link set ${bridge} arp off
         ip link set ${bridge} multicast off
     fi
+
+    # A small MTU disables IPv6 (and therefore IPv6 addrconf).
+    mtu=$(ip link show ${bridge} | sed -n 's/.* mtu \([0-9]\+\).*/\1/p')
+    ip link set ${bridge} mtu 68
     ip link set ${bridge} up
+    ip link set ${bridge} mtu ${mtu:-1500}
 }
 
 # Usage: add_to_bridge bridge dev