Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm / 723884339f90a9c420783135168cc1045750eb5d^! / . / net / sctp / protocol.c
commit723884339f90a9c420783135168cc1045750eb5d[log] [tgz]
authorBhaskar Dutta <bhaskie@gmail.com>Thu Sep 03 17:25:47 2009 +0530
committerVlad Yasevich <vladislav.yasevich@hp.com>Fri Sep 04 18:21:01 2009 -0400
treec8538602e56f2310470b0970bf121a1000313401
parent8da645e101a8c20c6073efda3c7cc74eec01b87f [diff] [blame]
sctp: Sysctl configuration for IPv4 Address Scoping

This patch introduces a new sysctl option to make IPv4 Address Scoping
configurable <draft-stewart-tsvwg-sctp-ipv4-00.txt>.

In networking environments where DNAT rules in iptables prerouting
chains convert destination IP's to link-local/private IP addresses,
SCTP connections fail to establish as the INIT chunk is dropped by the
kernel due to address scope match failure.
For example to support overlapping IP addresses (same IP address with
different vlan id) a Layer-5 application listens on link local IP's,
and there is a DNAT rule that maps the destination IP to a link local
IP. Such applications never get the SCTP INIT if the address-scoping
draft is strictly followed.

This sysctl configuration allows SCTP to function in such
unconventional networking environments.

Sysctl options:
0 - Disable IPv4 address scoping draft altogether
1 - Enable IPv4 address scoping (default, current behavior)
2 - Enable address scoping but allow IPv4 private addresses in init/init-ack
3 - Enable address scoping but allow IPv4 link local address in init/init-ack

Signed-off-by: Bhaskar Dutta <bhaskar.dutta@globallogic.com>
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>

diff --git a/net/sctp/protocol.c b/net/sctp/protocol.c
index a76da65..60093be 100644
--- a/net/sctp/protocol.c
+++ b/net/sctp/protocol.c

@@ -431,16 +431,14 @@
  * of requested destination address, sender and receiver
  * SHOULD include all of its addresses with level greater
  * than or equal to L.
+ *
+ * IPv4 scoping can be controlled through sysctl option
+ * net.sctp.addr_scope_policy
  */
 static sctp_scope_t sctp_v4_scope(union sctp_addr *addr)
 {
 	sctp_scope_t retval;
 
-	/* Should IPv4 scoping be a sysctl configurable option
-	 * so users can turn it off (default on) for certain
-	 * unconventional networking environments?
-	 */
-
 	/* Check for unusable SCTP addresses. */
 	if (IS_IPV4_UNUSABLE_ADDRESS(addr->v4.sin_addr.s_addr)) {
 		retval =  SCTP_SCOPE_UNUSABLE;
@@ -1259,6 +1257,9 @@
 	/* Disable AUTH by default. */
 	sctp_auth_enable = 0;
 
+	/* Set SCOPE policy to enabled */
+	sctp_scope_policy = SCTP_SCOPE_POLICY_ENABLE;
+
 	sctp_sysctl_register();
 
 	INIT_LIST_HEAD(&sctp_address_families);