summaryrefslogtreecommitdiff
path: root/interface-definitions/service-ids-ddos-protection.xml.in
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2021-09-20 21:50:56 +0200
committerChristian Poessinger <christian@poessinger.com>2021-09-20 21:56:44 +0200
commitc330504ceda582daca8c4982e0cf8adfb556f15d (patch)
tree5dd90dd40613f2108e6ad94aec12159c28ba0e38 /interface-definitions/service-ids-ddos-protection.xml.in
parentb535300858d8bcd8f350da0949de0bd135e82f73 (diff)
downloadvyos-1x-c330504ceda582daca8c4982e0cf8adfb556f15d.tar.gz
vyos-1x-c330504ceda582daca8c4982e0cf8adfb556f15d.zip
vyos.ifconfig: get_mac_synthetic() must generate a stable "MAC"
Commit b7d30137b1 ("vyos.ifconfig: provide generic get_mac_synthetic() method") provided a common helper to generate MAC addresses used by EUI64 addresses for interfaces not having a layer2 interface (WireGuard or ip tunnel). The problem is that every call to the helper always yielded a new MAC address. This becomes problematic when IPv6 link-local addresses are generated and modified on the interface as multiple link-local (fe80::/64) addresses can easily be added to the interface leaving ... a mess. This commit changes the way how the "synthetic" MAC is generated, we generate a UUID which is stable as it is based on the interface name. We take out the last 48 bits of the UUID and form the "MAC" address. (cherry picked from commit 081e23996feb60ad903caf8b0a4587f5dacc69bf)
Diffstat (limited to 'interface-definitions/service-ids-ddos-protection.xml.in')
0 files changed, 0 insertions, 0 deletions