Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Update go.mod and go.sum to latest version from networkservicemesh/cm…
…d-forwarder-vpp@main PR link: networkservicemesh/cmd-forwarder-vpp#739 Commit: a2c0b6d Author: Ed Warnicke Date: 2022-10-25 02:59:01 -0500 Message: - Final fix to disable IPv6 RA when NSM_TUNNEL_IP is IPv6 (#739) VPP, being a router, presumes that any IPv6 enabled interface should, by default, be sending IPv6 Router Announcements (RAs). In our case, this is an incorrect behavior. In the past we had attempted using: 'ip6 nd host-%s ra-cease' this did not work as expected for two reasons: 1. It was done before assigning an IPv6 address to the interface. Because of this the interface does not yet have IPv6 enabled, and therefore the 'ip6 nd host-%s ra-cease' has no effect. 2. 'ip6 nd host-%s ra-cease' only precluded repetition of RAs after the interface is up. Initial RAs are still sent. This can be fixed by adding 'ra-suppress' So in short, we use: 'enable ip6 interface host-%s' 'ip6 nd host-%s ra-cease ra-suppress' which disables any sending of RAs from the interface prior to it being 'upped'. This has been tested using tcpdump. Tcpdump was used in the uncorrected case to ensure it correctly detects RAs being sent out (it does) Tcpdump was used to determine that with: 'enable ip6 interface host-%s' 'ip6 nd host-%s ra-cease' the initial RA is sent, but no subsequent RAs. The actual fix was tested with tcpdump to ensure that 'enable ip6 interface host-%s' 'ip6 nd host-%s ra-cease ra-suppress' results in *no* RAs being sent. Finally, tcpdump was used to ensure that with the code being submitted was used, not RAs were sent out. Signed-off-by: Ed Warnicke <[email protected]> Signed-off-by: NSMBot <[email protected]>
- Loading branch information