Page MenuHomeVyOS Platform
Create Task
Maniphest T669

Get rid of intfwatchd and set the net.ipv6.conf.default.keep_addr_on_down sysctl option to 1 by default
Closed, ResolvedPublic
Actions

Description

intfwatchd is one of the worst programs I've ever written. If you don't know what is it and why it's there, here's the story: at some point, the Linux kernel decided that IPv6 addresses are not worth keeping after interface goes down, so they would disappear permanently. What's worse, there was no way around it.
While this behaviour may be somewhat sensible for hosts, it's absolutely unacceptable for routers, so we've had to have a way to add them back. So I wrote a quick and dirty daemon that watches links and restores IPv6 addresses when they go back up after going down.

New kernels still keep this behaviour by default, but luckily, there's no an option to talk some sense back in them:

sudo sysctl net.ipv6.conf.default.keep_addr_on_down=1

So we finally can get rid of that dirty hack.

Details

Difficulty level
Unknown (require assessment)
Version
-
Why the issue appeared?
Will be filled on close

Related Objects

Event Timeline

dmbaturin triaged this task as High priority.May 30 2018, 2:19 AM
dmbaturin created this task.
dmbaturin created this object with visibility "Public (No Login Required)".
dmbaturin mentioned this in T91: Memory leak in the Perl bindings for CStore (Vyatta::Config).May 30 2018, 2:42 AM
dmbaturin moved this task from Need Triage to In Progress on the VyOS 1.2 Crux board.May 30 2018, 3:07 AM
dmbaturin added a comment.May 30 2018, 8:55 AM

Verification:

Without the new sysctl options:

vyos@vyos-test# run show interfaces ethernet eth0.50
eth0.50@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 00:50:56:9b:05:00 brd ff:ff:ff:ff:ff:ff
    inet6 2001:db8:bad:f00d::1/64 scope global 
       valid_lft forever preferred_lft forever
    inet6 fe80::250:56ff:fe9b:500/64 scope link 
       valid_lft forever preferred_lft forever
...

vyos@vyos-test# set interfaces ethernet eth0 vif 50 disable
vyos@vyos-test# commit
vyos@vyos-test# run show interfaces ethernet eth0.50
eth0.50@eth0: <BROADCAST,MULTICAST> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    link/ether 00:50:56:9b:05:00 brd ff:ff:ff:ff:ff:ff
<oops, no IPv6!>

But with those new options:

vyos@vyos-test# sudo sysctl net.ipv6.conf.default.keep_addr_on_down=1
net.ipv6.conf.default.keep_addr_on_down = 1

vyos@vyos-test# sudo sysctl net.ipv6.conf.all.keep_addr_on_down=1
net.ipv6.conf.all.keep_addr_on_down = 1

vyos@vyos-test# set interfaces ethernet eth0 vif 60 address 2001:db8:cafe:babe::1/64
vyos@vyos-test# commit

vyos@vyos-test# run show interfaces ethernet eth0 vif 60 
eth0.60@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 00:50:56:9b:05:00 brd ff:ff:ff:ff:ff:ff
    inet6 2001:db8:cafe:babe::1/64 scope global 
       valid_lft forever preferred_lft forever
    inet6 fe80::250:56ff:fe9b:500/64 scope link 
       valid_lft forever preferred_lft forever
...

vyos@vyos-test# run show interfaces ethernet eth0 vif 60 
eth0.60@eth0: <BROADCAST,MULTICAST> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    link/ether 00:50:56:9b:05:00 brd ff:ff:ff:ff:ff:ff
    inet6 2001:db8:cafe:babe::1/64 scope global tentative 
       valid_lft forever preferred_lft forever
pasik added a subscriber: pasik.Jun 19 2018, 5:05 PM
dmbaturin closed this task as Resolved.Jun 20 2018, 2:56 PM
dmbaturin moved this task from In Progress to Finished on the VyOS 1.2 Crux board.
syncer edited projects, added VyOS 1.2 Crux (VyOS 1.2.0-rc1), VyOS-1.2.0-GA; removed VyOS 1.2 Crux.Oct 15 2018, 11:51 PM
syncer moved this task from Needs Triage to Finished on the VyOS 1.2 Crux (VyOS 1.2.0-rc1) board.Oct 15 2018, 11:58 PM