Hi, I have some issues with how IPV6_ROUTER_ALERT is implemented in Linux. RFC 2711 - IPv6 Router Alert Option states in section 2.0 Approach: "The goal is to provide an efficient mechanism whereby routers can know when to intercept datagrams not addressed to them without having to extensively examine every datagram. (...)" The problem with the current implementation is that it only accepts the IPV6_ROUTER_ALERT option for SOCK_RAW+IPPROTO_RAW sockets. I understand the fact that only SOCK_RAW sockets may be used but IPPROTO_RAW seems a bit limiting to me. Why aren't values such as IPPROTO_ICMPV6 (for MLD processing) or IPPROTO_RSVP (for RSVP) accepted? Generic hop-by-hop processing obviously doesn't work as the packets we wish to process are not destined to any of the router's interfaces. Another issue involves the manpage text and the real behaviour. ipv6(7) states that IPV6_ROUTER_ALERT accepts a boolean option which isn't true at all. The argument instead is used as the RA selector (used in ip6_ra_control) and then in ip6_forward, ip6_call_ra_chain delivers the datagram to interested sockets (from RA value). So a setsockopt(..., 0) instead turns MLD RA delivery on, and setsockopt(..., 1) turns RSVP RA delivery on. A setsockopt(..., val < 0) removes the socket from the ra chain. Hope the maintainers may comment on these issues, Best Regards, Hugo Santos
Attachment:
signature.asc
Description: Digital signature