ndp: Don't sabotage DAD by replying to probing neighbour solicitation

If the solicitation comes from ::, it's the guest performing
duplicate address detection -- don't answer that.

Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
This commit is contained in:
Stefano Brivio 2021-10-21 12:13:44 +02:00
parent bf68270898
commit af55c4e98f

3
ndp.c
View file

@ -76,6 +76,9 @@ int ndp(struct ctx *c, struct ethhdr *eh, size_t len)
sizeof(struct in6_addr))
return -1;
if (IN6_IS_ADDR_UNSPECIFIED(&ip6h->saddr))
return 1;
info("NDP: received NS, sending NA");
ihr->icmp6_type = NA;
ihr->icmp6_code = 0;