diff --git a/src/network/networkd-ndisc.c b/src/network/networkd-ndisc.c index ca27c4ad71..6fde8fe239 100644 --- a/src/network/networkd-ndisc.c +++ b/src/network/networkd-ndisc.c @@ -14,7 +14,6 @@ #include "networkd-dhcp6.h" #include "networkd-manager.h" #include "networkd-ndisc.h" -#include "networkd-sysctl.h" #include "string-table.h" #include "string-util.h" #include "strv.h" @@ -52,19 +51,23 @@ bool link_ipv6_accept_ra_enabled(Link *link) { if (!link_ipv6ll_enabled(link)) return false; - /* If unset use system default (enabled if local forwarding is disabled. - * disabled if local forwarding is enabled). - * If set, ignore or enforce RA independent of local forwarding state. - */ - if (link->network->ipv6_accept_ra < 0) + assert(link->network->ipv6_accept_ra >= 0); + return link->network->ipv6_accept_ra; +} + +void network_adjust_ipv6_accept_ra(Network *network) { + assert(network); + + if (!FLAGS_SET(network->link_local, ADDRESS_FAMILY_IPV6)) { + if (network->ipv6_accept_ra > 0) + log_warning("%s: IPv6AcceptRA= is enabled but IPv6 link local addressing is disabled or not supported. " + "Disabling IPv6AcceptRA=.", network->filename); + network->ipv6_accept_ra = false; + } + + if (network->ipv6_accept_ra < 0) /* default to accept RA if ip_forward is disabled and ignore RA if ip_forward is enabled */ - return !link_ip_forward_enabled(link, AF_INET6); - else if (link->network->ipv6_accept_ra > 0) - /* accept RA even if ip_forward is enabled */ - return true; - else - /* ignore RA */ - return false; + network->ipv6_accept_ra = !FLAGS_SET(network->ip_forward, ADDRESS_FAMILY_IPV6); } static int ndisc_remove_old_one(Link *link, const struct in6_addr *router, bool force); diff --git a/src/network/networkd-ndisc.h b/src/network/networkd-ndisc.h index fd7bb0e97f..4e9a704995 100644 --- a/src/network/networkd-ndisc.h +++ b/src/network/networkd-ndisc.h @@ -71,6 +71,8 @@ static inline char* NDISC_DNSSL_DOMAIN(const NDiscDNSSL *n) { bool link_ipv6_accept_ra_enabled(Link *link); +void network_adjust_ipv6_accept_ra(Network *network); + int ndisc_configure(Link *link); void ndisc_vacuum(Link *link); void ndisc_flush(Link *link); diff --git a/src/network/networkd-network.c b/src/network/networkd-network.c index 9707c97653..a9ad8054ff 100644 --- a/src/network/networkd-network.c +++ b/src/network/networkd-network.c @@ -19,6 +19,7 @@ #include "networkd-fdb.h" #include "networkd-manager.h" #include "networkd-mdb.h" +#include "networkd-ndisc.h" #include "networkd-neighbor.h" #include "networkd-network.h" #include "networkd-nexthop.h" @@ -188,11 +189,6 @@ int network_verify(Network *network) { if (network->bond) { /* Bonding slave does not support addressing. */ - if (network->ipv6_accept_ra > 0) { - log_warning("%s: Cannot enable IPv6AcceptRA= when Bond= is specified, disabling IPv6AcceptRA=.", - network->filename); - network->ipv6_accept_ra = 0; - } if (network->link_local >= 0 && network->link_local != ADDRESS_FAMILY_NO) { log_warning("%s: Cannot enable LinkLocalAddressing= when Bond= is specified, disabling LinkLocalAddressing=.", network->filename); @@ -223,12 +219,6 @@ int network_verify(Network *network) { network->link_local = network->bridge ? ADDRESS_FAMILY_NO : ADDRESS_FAMILY_IPV6; if (!FLAGS_SET(network->link_local, ADDRESS_FAMILY_IPV6)) { - if (network->ipv6_accept_ra > 0) { - log_warning("%s: IPv6AcceptRA= is enabled by the .network file but IPv6 link local addressing is disabled. " - "Disabling IPv6AcceptRA=.", network->filename); - network->ipv6_accept_ra = false; - } - if (FLAGS_SET(network->dhcp, ADDRESS_FAMILY_IPV6)) { log_warning("%s: DHCPv6 client is enabled by the .network file but IPv6 link local addressing is disabled. " "Disabling DHCPv6 client.", network->filename); @@ -249,13 +239,12 @@ int network_verify(Network *network) { SET_FLAG(network->link_local, ADDRESS_FAMILY_FALLBACK_IPV4, false); } - if (network->ipv6_accept_ra < 0 && network->bridge) - network->ipv6_accept_ra = false; - /* IPMasquerade=yes implies IPForward=yes */ if (network->ip_masquerade) network->ip_forward |= ADDRESS_FAMILY_IPV4; + network_adjust_ipv6_accept_ra(network); + if (network->mtu > 0 && network->dhcp_use_mtu) { log_warning("%s: MTUBytes= in [Link] section and UseMTU= in [DHCP] section are set. " "Disabling UseMTU=.", network->filename); diff --git a/src/network/networkd-sysctl.c b/src/network/networkd-sysctl.c index c8facbf831..de4ed95981 100644 --- a/src/network/networkd-sysctl.c +++ b/src/network/networkd-sysctl.c @@ -38,7 +38,7 @@ static int link_set_proxy_arp(Link *link) { return sysctl_write_ip_property_boolean(AF_INET, link->ifname, "proxy_arp", link->network->proxy_arp > 0); } -bool link_ip_forward_enabled(Link *link, int family) { +static bool link_ip_forward_enabled(Link *link, int family) { assert(link); assert(IN_SET(family, AF_INET, AF_INET6)); diff --git a/src/network/networkd-sysctl.h b/src/network/networkd-sysctl.h index a409d8f54f..552b55226a 100644 --- a/src/network/networkd-sysctl.h +++ b/src/network/networkd-sysctl.h @@ -16,7 +16,6 @@ typedef enum IPv6PrivacyExtensions { _IPV6_PRIVACY_EXTENSIONS_INVALID = -1, } IPv6PrivacyExtensions; -bool link_ip_forward_enabled(Link *link, int family); int link_set_sysctl(Link *link); int link_set_ipv6_mtu(Link *link);