gluon-client-bridge: Revert "move IPv4 local subnet route to br-client (#1312)"

The commit b3762fc61c ("gluon-client-bridge: move IPv4 local subnet route
to br-client (#1312)") moves the IPv4 prefix from the local-port interface
to br-client. A client requesting an IPv4 connection to the IPv4 anycast
address of the node (the device running gluon) will create following
packets:

1. ARP packet from client to get the MAC of the mac address of the anycast
   IPv4 address
2. ARP reply from node to client with the anycast MAC address for the IPv4
   anycast address
3. IPv4 packet from client which requires reply (for example ICMP echo
   request)
4. ARP request for the client MAC address for its IPv4 address in prefix4
   (done with the mac address of br-client and transmitted over br-client)
5. IPv4 packet from node (transmitted over br-client with br-client MAC
   address) as reply for the client IPv4 packet (for example ICMP echo
   reply)

The step 4 and 5 are problematic here because packets use the node specific
MAC addresses from br-client instead of the anycast MAC address. The client
will receive the ARP packet with the node specific MAC address and change
their own neighbor IP (translation) table. This will for example break the
access to the status page to the connected device or the anycast DNS
forwarder implementation when the client roams to a different node.

This reverts commit b3762fc61c and adds an
upgrade code to remove local_node_route on on existing installations.
This commit is contained in:
Sven Eckelmann 2018-07-22 07:58:29 +02:00 committed by Matthias Schiffer
parent a7a5db9f54
commit ea9a69f7da
2 changed files with 2 additions and 5 deletions

View File

@ -23,7 +23,8 @@ uci:section('network', 'device', 'local_node_dev', {
local ip4, ip6 local ip4, ip6
if next_node.ip4 then if next_node.ip4 then
ip4 = next_node.ip4 .. '/32' local plen = site.prefix4():match('/%d+$')
ip4 = next_node.ip4 .. plen
end end
if next_node.ip6 then if next_node.ip6 then

View File

@ -25,10 +25,6 @@ uci:section('network', 'interface', 'client', {
uci:delete('network', 'client_lan') uci:delete('network', 'client_lan')
uci:delete('network', 'local_node_route') uci:delete('network', 'local_node_route')
uci:section('network', 'route', 'local_node_route', {
interface = 'client',
target = site.prefix4(),
})
uci:delete('network', 'local_node_route6') uci:delete('network', 'local_node_route6')
uci:section('network', 'route6', 'local_node_route6', { uci:section('network', 'route6', 'local_node_route6', {