[lustre-devel] [PATCH 08/20] lnet: only use PUBLIC IP6 addresses for connections
James Simmons
jsimmons at infradead.org
Fri Oct 14 14:37:59 PDT 2022
From: Mr NeilBrown <neilb at suse.de>
IPv6 can have temporary address. These can be used for short-lives
outgoing connections to increase privacy. They are not suitable for
long-term connections.
So request that only PUBLIC IPv6 addresses are used when making a
connection.
WC-bug-id: https://jira.whamcloud.com/browse/LU-10391
Lustre-commit: cd3b89be221b4c5b6 ("LU-10391 lnet: only use PUBLIC IP6 addresses for connections")
Signed-off-by: Mr NeilBrown <neilb at suse.de>
Reviewed-on: https://review.whamcloud.com/c/fs/lustre-release/+/48571
Reviewed-by: jsimmons <jsimmons at infradead.org>
Reviewed-by: Frank Sehr <fsehr at whamcloud.com>
Reviewed-by: Serguei Smirnov <ssmirnov at whamcloud.com>
Reviewed-by: Oleg Drokin <green at whamcloud.com>
Signed-off-by: James Simmons <jsimmons at infradead.org>
---
net/lnet/lnet/lib-socket.c | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/net/lnet/lnet/lib-socket.c b/net/lnet/lnet/lib-socket.c
index 3a99cb69f66f..01f375ed96a3 100644
--- a/net/lnet/lnet/lib-socket.c
+++ b/net/lnet/lnet/lib-socket.c
@@ -379,6 +379,17 @@ lnet_sock_connect(int interface, int local_port,
if (IS_ERR(sock))
return sock;
+ /* Avoid temporary address, they are bad for long-lived
+ * connections such as lustre mounts.
+ * RFC4941, section 3.6 suggests that:
+ * Individual applications, which have specific
+ * knowledge about the normal duration of connections,
+ * MAY override this as appropriate.
+ */
+ if (peeraddr->sa_family == PF_INET6)
+ ip6_sock_set_addr_preferences(sock->sk,
+ IPV6_PREFER_SRC_PUBLIC);
+
rc = kernel_connect(sock, peeraddr, sizeof(struct sockaddr_in6), 0);
if (!rc)
return sock;
--
2.27.0
More information about the lustre-devel
mailing list