The commit b3762fc61c ("gluon-client-bridge: move IPv4 local subnet route
to br-client (#1312)") moves the IPv4 prefix from the local-port interface
to br-client. A client requesting an IPv4 connection to the IPv4 anycast
address of the node (the device running gluon) will create following
packets:
1. ARP packet from client to get the MAC of the mac address of the anycast
IPv4 address
2. ARP reply from node to client with the anycast MAC address for the IPv4
anycast address
3. IPv4 packet from client which requires reply (for example ICMP echo
request)
4. ARP request for the client MAC address for its IPv4 address in prefix4
(done with the mac address of br-client and transmitted over br-client)
5. IPv4 packet from node (transmitted over br-client with br-client MAC
address) as reply for the client IPv4 packet (for example ICMP echo
reply)
The step 4 and 5 are problematic here because packets use the node specific
MAC addresses from br-client instead of the anycast MAC address. The client
will receive the ARP packet with the node specific MAC address and change
their own neighbor IP (translation) table. This will for example break the
access to the status page to the connected device or the anycast DNS
forwarder implementation when the client roams to a different node.
This reverts commit b3762fc61c and adds an
upgrade code to remove local_node_route on on existing installations.
The commit b3762fc61c ("gluon-client-bridge: move IPv4 local subnet route
to br-client (#1312)") moves the IPv4 prefix from the local-port interface
to br-client. A client requesting an IPv4 connection to the IPv4 anycast
address of the node (the device running gluon) will create following
packets:
1. ARP packet from client to get the MAC of the mac address of the anycast
IPv4 address
2. ARP reply from node to client with the anycast MAC address for the IPv4
anycast address
3. IPv4 packet from client which requires reply (for example ICMP echo
request)
4. ARP request for the client MAC address for its IPv4 address in prefix4
(done with the mac address of br-client and transmitted over br-client)
5. IPv4 packet from node (transmitted over br-client with br-client MAC
address) as reply for the client IPv4 packet (for example ICMP echo
reply)
The step 4 is extremely problematic here. ARP replies with the anycast IPv4
address must not be submitted or received via bat0 - expecially not when it
contains an node specific MAC address as source. When it is still done then
the wrong MAC address is stored in the batadv DAT cache and ARP packet is
maybe even forwarded to clients. This latter is especially true for ARP
requests which are broadcast and will be flooded to the complete mesh.
Clients will see these ARP packets and change their own neighbor IP
(translation) table. They will then try to submit the packets for IPv4
anycast addresses to the complete wrong device in the mesh. This will for
example break the access to the status page to the connected device or the
anycast DNS forwarder implementation. Especially the latter causes extreme
latency when clients try to connect to server using a domain name or even
breaks the connection setup process completely. Both are caused by the
unanswered DNS requests which at first glance look like packet loss.
An node must therefore take care of:
* not transmitting ARP packets related to the anycast IPv4 address over
bat0
* drop ARP packets related to the anycast IPv4 when they are received on
bat0 from a still broken node
* don't accept ARP packets related to the anycast IPv4 replies on local
node when it comes from bat0
Fixes: b3762fc61c ("gluon-client-bridge: move IPv4 local subnet route to br-client (#1312)")
aaecfecdcd kernel: bump kernel 4.4 to version 4.4.139
b08003223a base-files: fix links in banner.failsafe
71019a7605 ar71xx: fix 5 GHz Wi-Fi on NBG6716
ba5c0a1dea Revert "base-files: fix UCI config parsing and callback handling"
5c6a8a9cdb kernel: bump kernel 4.4 to version 4.4.138
cf4a37a581 uci: add missing 'option' support to uci_rename()
7fc94b2a25 mac80211: rt2x00: no longer use TXOP_BACKOFF for probe frames
b03826d8aa kernel: bump kernel 4.4 to version 4.4.137
21f44e3389 map: add ealen as configurable uci parameter
Signed-off-by: Christoph Krapp <achterin@googlemail.com>
This commit makes use of the Power-LED as Diag-LED, allowing the LED to
work as a status indicator for config-mode.
Signed-off-by: David Bauer <mail@david-bauer.net>
b6a1f43075f9 base-files: fix UCI config parsing and callback handling
6734f32d91cd mtd: add build hack to reintroduce shared mtd for older releases
aaac9e82aa60 mtd: mark as nonshared to fix FS#484
0fee4906d5c0 ustream-ssl: update to latest git HEAD
f34a0756fd94 ustream-ssl: update to latest git HEAD
98b9d8a3d3fd mbedtls: Activate the session cache
88ba88e5adc4 mbedtls: update mbedtls to version 2.7.3
Most of the implementations behind cfg80211_get_station will not initialize
sinfo to zero before manipulating it. For example, the member "filled",
which indicates the filled in parts of this struct, is often only modified
by enabling certain bits in the bitfield while keeping the remaining bits
in their original state. A caller without a preinitialized sinfo.filled can
then no longer decide which parts of sinfo were filled in by
cfg80211_get_station (or actually the underlying implementations).
cfg80211_get_station must therefore take care that sinfo is initialized to
zero. Otherwise, the caller may tries to read information which was not
filled in and which must therefore also be considered uninitialized. In
batadv_v_elp_get_throughput's case, an invalid "random" expected throughput
may be stored for this neighbor and thus the B.A.T.M.A.N V algorithm may
switch to non-optimal neighbors for certain destinations.
optional = true does not make sense without a datatype. When no datatype is
set, the empty string will be a valid value, so data is never unset in the
write function. Restore the minlength(1) datatype so the contact setting is
deleted as intended when no value is provided.
688901a664eb bird2: Add package
ecbdeb0500cc bird: Rename to bird1 and bump to v1.6.4
453de2136e2f nodogsplash2: update to version 2.1.1 (#376)
a71ecc3dddc4 babeld: Update to 1.8.2
209877071051 miniupnpd: drop from repo