diff options
author | Daniil Baturin <daniil@vyos.io> | 2024-02-17 15:31:21 -0500 |
---|---|---|
committer | Daniil Baturin <daniil@vyos.io> | 2024-02-17 15:31:21 -0500 |
commit | 258753a9d848e0157457086b0d6fa17ee6900786 (patch) | |
tree | 2ce0f8c940d480cb5379ae3bb889211efae6b2fe | |
parent | f09358e216ffd7ca890c3090d3323d81892df643 (diff) | |
download | ipaddrcheck-258753a9d848e0157457086b0d6fa17ee6900786.tar.gz ipaddrcheck-258753a9d848e0157457086b0d6fa17ee6900786.zip |
Clarify the reason to disallow the first IPv6 address
of a network as a host address
-rw-r--r-- | src/ipaddrcheck_functions.c | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/src/ipaddrcheck_functions.c b/src/ipaddrcheck_functions.c index 2b3cc22..2d2dff3 100644 --- a/src/ipaddrcheck_functions.c +++ b/src/ipaddrcheck_functions.c @@ -324,6 +324,21 @@ int is_ipv6_host(CIDR *address) { int result; + /* We reuse the same logic that prevents IPv4 network addresses + from being assigned to interfaces (address == network_address), + but the reason is slightly differnt. + + As per https://www.rfc-editor.org/rfc/rfc4291 section 2.6.1, + >[Subnet-Router anycast address] is syntactically + >the same as a unicast address for an interface on the link with the + >interface identifier set to zero. + + So, the first address of the subnet must not be used for link addresses, + even if the semantic reason is different. + There's absolutely nothing wrong with assigning the last address, though, + since there's no broadcast in IPv6. + */ + if( (cidr_get_proto(address) == CIDR_IPV6) && ((cidr_equals(address, cidr_addr_network(address)) < 0) || (cidr_get_pflen(address) >= 127)) ) |