conf: Don't exit if sourced default route has no gateway

If we use a template interface without a gateway on the default
route, we can still offer almost complete functionality, except that,
of course, we can't map the gateway address to the outer namespace or
host, and that we have no obvious server address or identifier for
use in DHCP's siaddr and option 54 (Server identifier, mandatory).

Continue, if we have a default route but no default gateway, and
imply --no-map-gw and --no-dhcp in that case. NDP responder and
DHCPv6 should be able to work as usual because we require a
link-local address to be present, and we'll fall back to that.

Together with the previous commits implementing an actual copy of
routes from the outer namespace, this should finally fix the
operation of 'pasta --config-net' for cases where we have a default
route on the host, but no default gateway, as it's the case for
tap-style routes, including typical Wireguard endpoints.

Reported-by: me@yawnt.com
Link: https://bugs.passt.top/show_bug.cgi?id=49
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
This commit is contained in:
Stefano Brivio 2023-05-14 16:24:11 +02:00
parent e8fef7525c
commit a7359f0948
2 changed files with 11 additions and 5 deletions

10
conf.c
View file

@ -665,8 +665,7 @@ static unsigned int conf_ip4(unsigned int ifi,
if (MAC_IS_ZERO(mac)) if (MAC_IS_ZERO(mac))
nl_link(0, ifi, mac, 0, 0); nl_link(0, ifi, mac, 0, 0);
if (IN4_IS_ADDR_UNSPECIFIED(&ip4->gw) || if (IN4_IS_ADDR_UNSPECIFIED(&ip4->addr) ||
IN4_IS_ADDR_UNSPECIFIED(&ip4->addr) ||
MAC_IS_ZERO(mac)) MAC_IS_ZERO(mac))
return 0; return 0;
@ -708,7 +707,6 @@ static unsigned int conf_ip6(unsigned int ifi,
nl_link(0, ifi, mac, 0, 0); nl_link(0, ifi, mac, 0, 0);
if (IN6_IS_ADDR_UNSPECIFIED(&ip6->gw) || if (IN6_IS_ADDR_UNSPECIFIED(&ip6->gw) ||
IN6_IS_ADDR_UNSPECIFIED(&ip6->addr) ||
IN6_IS_ADDR_UNSPECIFIED(&ip6->addr_ll) || IN6_IS_ADDR_UNSPECIFIED(&ip6->addr_ll) ||
MAC_IS_ZERO(mac)) MAC_IS_ZERO(mac))
return 0; return 0;
@ -1660,6 +1658,12 @@ void conf(struct ctx *c, int argc, char **argv)
(*c->ip6.ifname_out && !c->ifi6)) (*c->ip6.ifname_out && !c->ifi6))
die("External interface not usable"); die("External interface not usable");
if (c->ifi4 && IN4_IS_ADDR_UNSPECIFIED(&c->ip4.gw))
c->no_map_gw = c->no_dhcp = 1;
if (c->ifi6 && IN6_IS_ADDR_UNSPECIFIED(&c->ip6.gw))
c->no_map_gw = 1;
/* Inbound port options can be parsed now (after IPv4/IPv6 settings) */ /* Inbound port options can be parsed now (after IPv4/IPv6 settings) */
optind = 1; optind = 1;
do { do {

View file

@ -281,7 +281,8 @@ guest or target namespace will be silently dropped.
.TP .TP
.BR \-\-no-dhcp .BR \-\-no-dhcp
Disable the DHCP server. DHCP client requests coming from guest or target Disable the DHCP server. DHCP client requests coming from guest or target
namespace will be silently dropped. namespace will be silently dropped. Implied if there is no gateway on the
selected IPv4 default route.
.TP .TP
.BR \-\-no-ndp .BR \-\-no-ndp
@ -301,7 +302,8 @@ namespace will be ignored.
.TP .TP
.BR \-\-no-map-gw .BR \-\-no-map-gw
Don't remap TCP connections and untracked UDP traffic, with the gateway address Don't remap TCP connections and untracked UDP traffic, with the gateway address
as destination, to the host. as destination, to the host. Implied if there is no gateway on the selected
default route for any of the enabled address families.
.TP .TP
.BR \-4 ", " \-\-ipv4-only .BR \-4 ", " \-\-ipv4-only