[B.A.T.M.A.N.] [PATCH] batman-adv: allow updating DAT entry timeouts on incoming ARP Replies

Antonio Quartulli a at unstable.cc
Fri Mar 22 10:10:26 CET 2019


Hi,

On 14/02/2019 16:52, Linus Lüssing wrote:
> Currently incoming ARP Replies, for example via a DHT-PUT message, do
> not update the timeout for an already existing DAT entry. These ARP
> Replies are dropped instead.
> 
> This however defeats the purpose of the DHCPACK snooping, for instance.
> Right now, a DAT entry in the DHT will be purged every five minutes,
> likely leading to a mesh-wide ARP Request broadcast after this timeout.
> Which then recreates the entry. The idea of the DHCPACK snooping is to
> be able to update an entry before a timeout happens, to avoid ARP Request
> flooding.
> 
> This patch fixes this issue by updating a DAT entry on incoming
> ARP Replies even if a matching DAT entry already exists. While still
> filtering the ARP Reply towards the soft-interface, to avoid duplicate
> messages on the client device side.
> 
> Signed-off-by: Linus Lüssing <linus.luessing at c0d3.blue>
> ---
> 
> This patch was verified in VMs via gratuitous ARP Replies generated by
> "mausezahn", together with the
> "batman-adv: allow snooping gratuitous ARP Replies" patch.
> 
> Before this patch, the timeout observed via "batctl dc" would continue
> to increase on gratuitous ARP Reply reception. After this patch, the
> last-seen value was reset to 0 successfully.
> ---
>  net/batman-adv/distributed-arp-table.c | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
> 
> diff --git a/net/batman-adv/distributed-arp-table.c b/net/batman-adv/distributed-arp-table.c
> index 310a4f35..8d290da0 100644
> --- a/net/batman-adv/distributed-arp-table.c
> +++ b/net/batman-adv/distributed-arp-table.c
> @@ -1444,7 +1444,6 @@ bool batadv_dat_snoop_incoming_arp_reply(struct batadv_priv *bat_priv,
>  			   hw_src, &ip_src, hw_dst, &ip_dst,
>  			   dat_entry->mac_addr,	&dat_entry->ip);
>  		dropped = true;
> -		goto out;
>  	}
>  
>  	/* Update our internal cache with both the IP addresses the node got
> @@ -1453,6 +1452,9 @@ bool batadv_dat_snoop_incoming_arp_reply(struct batadv_priv *bat_priv,
>  	batadv_dat_entry_add(bat_priv, ip_src, hw_src, vid);
>  	batadv_dat_entry_add(bat_priv, ip_dst, hw_dst, vid);
>  
> +	if (dropped)
> +		goto out;
> +
>  	/* If BLA is enabled, only forward ARP replies if we have claimed the
>  	 * source of the ARP reply or if no one else of the same backbone has
>  	 * already claimed that client. This prevents that different gateways
> 

The patch makes sense, especially because this change will allow to
"refresh" entries before they expire (No matter how the ARP reply was
generated)

Acked-by: Antonio Quartulli <a at unstable.cc>


-- 
Antonio Quartulli

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.open-mesh.org/pipermail/b.a.t.m.a.n/attachments/20190322/2c57819d/attachment.sig>


More information about the B.A.T.M.A.N mailing list