[08/20] lnet: only use PUBLIC IP6 addresses for connections

Commit Message

James Simmons Oct. 14, 2022, 9:37 p.m. UTC

From: Mr NeilBrown <neilb@suse.de>

IPv6 can have temporary address.  These can be used for short-lives
outgoing connections to increase privacy.  They are not suitable for
long-term connections.

So request that only PUBLIC IPv6 addresses are used when making a
connection.

WC-bug-id: https://jira.whamcloud.com/browse/LU-10391
Lustre-commit: cd3b89be221b4c5b6 ("LU-10391 lnet: only use PUBLIC IP6 addresses for connections")
Signed-off-by: Mr NeilBrown <neilb@suse.de>
Reviewed-on: https://review.whamcloud.com/c/fs/lustre-release/+/48571
Reviewed-by: jsimmons <jsimmons@infradead.org>
Reviewed-by: Frank Sehr <fsehr@whamcloud.com>
Reviewed-by: Serguei Smirnov <ssmirnov@whamcloud.com>
Reviewed-by: Oleg Drokin <green@whamcloud.com>
Signed-off-by: James Simmons <jsimmons@infradead.org>
---
 net/lnet/lnet/lib-socket.c | 11 +++++++++++
 1 file changed, 11 insertions(+)

Patch

diff --git a/net/lnet/lnet/lib-socket.c b/net/lnet/lnet/lib-socket.c
index 3a99cb69f66f..01f375ed96a3 100644
--- a/net/lnet/lnet/lib-socket.c
+++ b/net/lnet/lnet/lib-socket.c
@@ -379,6 +379,17 @@  lnet_sock_connect(int interface, int local_port,
 	if (IS_ERR(sock))
 		return sock;
 
+	/* Avoid temporary address, they are bad for long-lived
+	 * connections such as lustre mounts.
+	 * RFC4941, section 3.6 suggests that:
+	 *    Individual applications, which have specific
+	 *    knowledge about the normal duration of connections,
+	 *    MAY override this as appropriate.
+	 */
+	if (peeraddr->sa_family == PF_INET6)
+		ip6_sock_set_addr_preferences(sock->sk,
+					      IPV6_PREFER_SRC_PUBLIC);
+
 	rc = kernel_connect(sock, peeraddr, sizeof(struct sockaddr_in6), 0);
 	if (!rc)
 		return sock;