X-Git-Url: https://gerrit.fd.io/r/gitweb?a=blobdiff_plain;f=src%2Fvnet%2Fip%2Fip6_neighbor.c;h=6b63e6fbbf6c61f31f52b1ae0b0e4ff65e44587e;hb=7f358b3;hp=4c1b1bb10e64a3b25e5013680f8c443b5515766c;hpb=c819fc612f9a79eaba2981dc2e8f7c31552db5ea;p=vpp.git

diff --git a/src/vnet/ip/ip6_neighbor.c b/src/vnet/ip/ip6_neighbor.c
index 4c1b1bb10e6..6b63e6fbbf6 100644
--- a/src/vnet/ip/ip6_neighbor.c
+++ b/src/vnet/ip/ip6_neighbor.c
@@ -19,12 +19,12 @@
 #include <vnet/ip/ip6_neighbor.h>
 #include <vnet/ethernet/ethernet.h>
 #include <vppinfra/mhash.h>
-#include <vppinfra/md5.h>
 #include <vnet/adj/adj.h>
 #include <vnet/adj/adj_mcast.h>
 #include <vnet/fib/fib_table.h>
 #include <vnet/fib/ip6_fib.h>
 #include <vnet/mfib/ip6_mfib.h>
+#include <vnet/ip/ip6_ll_table.h>
 
 /**
  * @file
@@ -154,6 +154,15 @@ typedef struct
 
   /* Link local address to use (defaults to underlying physical for logical interfaces */
   ip6_address_t link_local_address;
+
+  /* router solicitations sending state */
+  u8 keep_sending_rs;		/* when true then next fields are valid */
+  icmp6_send_router_solicitation_params_t params;
+  f64 sleep_interval;
+  f64 due_time;
+  u32 n_left;
+  f64 start_time;
+  vlib_buffer_t *buffer;
 } ip6_radv_t;
 
 typedef struct
@@ -198,6 +207,10 @@ typedef struct
   /* Wildcard nd report publisher */
   uword wc_ip6_nd_publisher_node;
   uword wc_ip6_nd_publisher_et;
+
+  /* Router advertisement report publisher */
+  uword ip6_ra_publisher_node;
+  uword ip6_ra_publisher_et;
 } ip6_neighbor_main_t;
 
 /* ipv6 neighbor discovery - timer/event types */
@@ -220,6 +233,7 @@ static ip6_neighbor_main_t ip6_neighbor_main;
 static ip6_address_t ip6a_zero;	/* ip6 address 0 */
 
 static void wc_nd_signal_report (wc_nd_report_t * r);
+static void ra_signal_report (ra_report_t * r);
 
 /**
  * @brief publish wildcard arp event
@@ -263,6 +277,37 @@ wc_nd_set_publisher_node (uword node_index, uword event_type)
   nm->wc_ip6_nd_publisher_et = event_type;
 }
 
+static int
+ra_publish (ra_report_t * r)
+{
+  void vl_api_rpc_call_main_thread (void *fp, u8 * data, u32 data_length);
+  vl_api_rpc_call_main_thread (ra_signal_report, (u8 *) r, sizeof *r);
+  return 0;
+}
+
+static void
+ra_signal_report (ra_report_t * r)
+{
+  vlib_main_t *vm = vlib_get_main ();
+  ip6_neighbor_main_t *nm = &ip6_neighbor_main;
+  uword ni = nm->ip6_ra_publisher_node;
+  uword et = nm->ip6_ra_publisher_et;
+
+  if (ni == (uword) ~ 0)
+    return;
+  ra_report_t *q = vlib_process_signal_event_data (vm, ni, et, 1, sizeof *q);
+
+  *q = *r;
+}
+
+void
+ra_set_publisher_node (uword node_index, uword event_type)
+{
+  ip6_neighbor_main_t *nm = &ip6_neighbor_main;
+  nm->ip6_ra_publisher_node = node_index;
+  nm->ip6_ra_publisher_et = event_type;
+}
+
 static u8 *
 format_ip6_neighbor_ip6_entry (u8 * s, va_list * va)
 {
@@ -273,7 +318,7 @@ format_ip6_neighbor_ip6_entry (u8 * s, va_list * va)
   u8 *flags = 0;
 
   if (!n)
-    return format (s, "%=12s%=20s%=6s%=20s%=40s", "Time", "Address", "Flags",
+    return format (s, "%=12s%=25s%=6s%=20s%=40s", "Time", "Address", "Flags",
 		   "Link layer", "Interface");
 
   if (n->flags & IP6_NEIGHBOR_FLAG_DYNAMIC)
@@ -286,8 +331,8 @@ format_ip6_neighbor_ip6_entry (u8 * s, va_list * va)
     flags = format (flags, "N");
 
   si = vnet_get_sw_interface (vnm, n->key.sw_if_index);
-  s = format (s, "%=12U%=20U%=6s%=20U%=40U",
-	      format_vlib_cpu_time, vm, n->cpu_time_last_updated,
+  s = format (s, "%=12U%=25U%=6s%=20U%=40U",
+	      format_vlib_time, vm, n->time_last_updated,
 	      format_ip6_address, &n->key.ip6_address,
 	      flags ? (char *) flags : "",
 	      format_ethernet_address, n->link_layer_address,
@@ -302,18 +347,29 @@ ip6_neighbor_adj_fib_remove (ip6_neighbor_t * n, u32 fib_index)
 {
   if (FIB_NODE_INDEX_INVALID != n->fib_entry_index)
     {
-      fib_prefix_t pfx = {
-	.fp_len = 128,
-	.fp_proto = FIB_PROTOCOL_IP6,
-	.fp_addr.ip6 = n->key.ip6_address,
-      };
-      fib_table_entry_path_remove (fib_index,
-				   &pfx,
-				   FIB_SOURCE_ADJ,
-				   DPO_PROTO_IP6,
-				   &pfx.fp_addr,
-				   n->key.sw_if_index, ~0,
-				   1, FIB_ROUTE_PATH_FLAG_NONE);
+      if (ip6_address_is_link_local_unicast (&n->key.ip6_address))
+	{
+	  ip6_ll_prefix_t pfx = {
+	    .ilp_addr = n->key.ip6_address,
+	    .ilp_sw_if_index = n->key.sw_if_index,
+	  };
+	  ip6_ll_table_entry_delete (&pfx);
+	}
+      else
+	{
+	  fib_prefix_t pfx = {
+	    .fp_len = 128,
+	    .fp_proto = FIB_PROTOCOL_IP6,
+	    .fp_addr.ip6 = n->key.ip6_address,
+	  };
+	  fib_table_entry_path_remove (fib_index,
+				       &pfx,
+				       FIB_SOURCE_ADJ,
+				       DPO_PROTO_IP6,
+				       &pfx.fp_addr,
+				       n->key.sw_if_index, ~0,
+				       1, FIB_ROUTE_PATH_FLAG_NONE);
+	}
     }
 }
 
@@ -616,10 +672,10 @@ ip6_ethernet_update_adjacency (vnet_main_t * vnm, u32 sw_if_index, u32 ai)
 	 * Complete the remaining fields of the adj's rewrite to direct the
 	 * complete of the rewrite at switch time by copying in the IP
 	 * dst address's bytes.
-	 * Ofset is 2 bytes into the desintation address. And we write 4 bytes.
+	 * Ofset is 2 bytes into the desintation address.
 	 */
 	offset = vec_len (rewrite) - 2;
-	adj_mcast_update_rewrite (ai, rewrite, offset, 0xffffffff);
+	adj_mcast_update_rewrite (ai, rewrite, offset);
 
 	break;
       }
@@ -640,18 +696,30 @@ ip6_ethernet_update_adjacency (vnet_main_t * vnm, u32 sw_if_index, u32 ai)
 static void
 ip6_neighbor_adj_fib_add (ip6_neighbor_t * n, u32 fib_index)
 {
-  fib_prefix_t pfx = {
-    .fp_len = 128,
-    .fp_proto = FIB_PROTOCOL_IP6,
-    .fp_addr.ip6 = n->key.ip6_address,
-  };
+  if (ip6_address_is_link_local_unicast (&n->key.ip6_address))
+    {
+      ip6_ll_prefix_t pfx = {
+	.ilp_addr = n->key.ip6_address,
+	.ilp_sw_if_index = n->key.sw_if_index,
+      };
+      n->fib_entry_index =
+	ip6_ll_table_entry_update (&pfx, FIB_ROUTE_PATH_FLAG_NONE);
+    }
+  else
+    {
+      fib_prefix_t pfx = {
+	.fp_len = 128,
+	.fp_proto = FIB_PROTOCOL_IP6,
+	.fp_addr.ip6 = n->key.ip6_address,
+      };
 
-  n->fib_entry_index =
-    fib_table_entry_path_add (fib_index, &pfx, FIB_SOURCE_ADJ,
-			      FIB_ENTRY_FLAG_ATTACHED,
-			      DPO_PROTO_IP6, &pfx.fp_addr,
-			      n->key.sw_if_index, ~0, 1, NULL,
-			      FIB_ROUTE_PATH_FLAG_NONE);
+      n->fib_entry_index =
+	fib_table_entry_path_add (fib_index, &pfx, FIB_SOURCE_ADJ,
+				  FIB_ENTRY_FLAG_ATTACHED,
+				  DPO_PROTO_IP6, &pfx.fp_addr,
+				  n->key.sw_if_index, ~0, 1, NULL,
+				  FIB_ROUTE_PATH_FLAG_NONE);
+    }
 }
 
 int
@@ -708,9 +776,8 @@ vnet_set_ip6_ethernet_neighbor (vlib_main_t * vm,
        */
       if (!is_no_fib_entry)
 	{
-	  ip6_neighbor_adj_fib_add (n,
-				    ip6_fib_table_get_index_for_sw_if_index
-				    (n->key.sw_if_index));
+	  ip6_neighbor_adj_fib_add
+	    (n, ip6_fib_table_get_index_for_sw_if_index (n->key.sw_if_index));
 	}
       else
 	{
@@ -725,14 +792,17 @@ vnet_set_ip6_ethernet_neighbor (vlib_main_t * vm,
        */
       if (0 == memcmp (n->link_layer_address,
 		       link_layer_address, n_bytes_link_layer_address))
-	goto check_customers;
+	{
+	  n->time_last_updated = vlib_time_now (vm);
+	  goto check_customers;
+	}
 
       clib_memcpy (n->link_layer_address,
 		   link_layer_address, n_bytes_link_layer_address);
     }
 
   /* Update time stamp and flags. */
-  n->cpu_time_last_updated = clib_cpu_time_now ();
+  n->time_last_updated = vlib_time_now (vm);
   if (is_static)
     n->flags |= IP6_NEIGHBOR_FLAG_STATIC;
   else
@@ -875,6 +945,13 @@ ip6_neighbor_sort (void *a1, void *a2)
   return cmp;
 }
 
+ip6_neighbor_t *
+ip6_neighbors_pool (void)
+{
+  ip6_neighbor_main_t *nm = &ip6_neighbor_main;
+  return nm->neighbor_pool;
+}
+
 ip6_neighbor_t *
 ip6_neighbors_entries (u32 sw_if_index)
 {
@@ -1135,7 +1212,7 @@ icmp6_neighbor_solicitation_or_advertisement (vlib_main_t * vm,
 					      &h0->target_address,
 					      o0->ethernet_address,
 					      sizeof (o0->ethernet_address),
-					      0, ip6_sadd_link_local);
+					      0, 0);
 	    }
 
 	  if (is_solicitation && error0 == ICMP6_ERROR_NONE)
@@ -1153,9 +1230,18 @@ icmp6_neighbor_solicitation_or_advertisement (vlib_main_t * vm,
 		}
 	      else
 		{
-		  fei = ip6_fib_table_lookup_exact_match (fib_index,
-							  &h0->target_address,
-							  128);
+		  if (ip6_address_is_link_local_unicast (&h0->target_address))
+		    {
+		      fei = ip6_fib_table_lookup_exact_match
+			(ip6_ll_fib_get (sw_if_index0),
+			 &h0->target_address, 128);
+		    }
+		  else
+		    {
+		      fei = ip6_fib_table_lookup_exact_match (fib_index,
+							      &h0->target_address,
+							      128);
+		    }
 
 		  if (FIB_NODE_INDEX_INVALID == fei)
 		    {
@@ -1174,7 +1260,8 @@ icmp6_neighbor_solicitation_or_advertisement (vlib_main_t * vm,
 			}
 		      else
 			if (fib_entry_is_sourced
-			    (fei, FIB_SOURCE_IP6_ND_PROXY))
+			    (fei, FIB_SOURCE_IP6_ND_PROXY) ||
+			    fib_entry_is_sourced (fei, FIB_SOURCE_IP6_ND))
 			{
 			  /* The address was added by IPv6 Proxy ND config.
 			   * We should only respond to these if the NS arrived on
@@ -1481,13 +1568,15 @@ icmp6_router_solicitation (vlib_main_t * vm,
 		     sizeof (icmp6_neighbor_discovery_header_t));
 
 		  /* look up the radv_t information for this interface */
-		  vec_validate_init_empty
-		    (nm->if_radv_pool_index_by_sw_if_index, sw_if_index0, ~0);
-
-		  ri = nm->if_radv_pool_index_by_sw_if_index[sw_if_index0];
+		  if (vec_len (nm->if_radv_pool_index_by_sw_if_index) >
+		      sw_if_index0)
+		    {
+		      ri =
+			nm->if_radv_pool_index_by_sw_if_index[sw_if_index0];
 
-		  if (ri != ~0)
-		    radv_info = pool_elt_at_index (nm->if_radv_pool, ri);
+		      if (ri != ~0)
+			radv_info = pool_elt_at_index (nm->if_radv_pool, ri);
+		    }
 
 		  error0 =
 		    ((!radv_info) ?
@@ -1830,13 +1919,15 @@ icmp6_router_advertisement (vlib_main_t * vm,
 		  u32 ri;
 
 		  /* look up the radv_t information for this interface */
-		  vec_validate_init_empty
-		    (nm->if_radv_pool_index_by_sw_if_index, sw_if_index0, ~0);
-
-		  ri = nm->if_radv_pool_index_by_sw_if_index[sw_if_index0];
+		  if (vec_len (nm->if_radv_pool_index_by_sw_if_index) >
+		      sw_if_index0)
+		    {
+		      ri =
+			nm->if_radv_pool_index_by_sw_if_index[sw_if_index0];
 
-		  if (ri != ~0)
-		    radv_info = pool_elt_at_index (nm->if_radv_pool, ri);
+		      if (ri != ~0)
+			radv_info = pool_elt_at_index (nm->if_radv_pool, ri);
+		    }
 
 		  error0 =
 		    ((!radv_info) ?
@@ -1845,6 +1936,22 @@ icmp6_router_advertisement (vlib_main_t * vm,
 
 		  if (error0 == ICMP6_ERROR_NONE)
 		    {
+		      radv_info->keep_sending_rs = 0;
+
+		      ra_report_t r;
+
+		      r.sw_if_index = sw_if_index0;
+		      memcpy (r.router_address, &ip0->src_address, 16);
+		      r.current_hop_limit = h0->current_hop_limit;
+		      r.flags = h0->flags;
+		      r.router_lifetime_in_sec =
+			clib_net_to_host_u16 (h0->router_lifetime_in_sec);
+		      r.neighbor_reachable_time_in_msec =
+			clib_net_to_host_u32
+			(h0->neighbor_reachable_time_in_msec);
+		      r.time_in_msec_between_retransmitted_neighbor_solicitations = clib_net_to_host_u32 (h0->time_in_msec_between_retransmitted_neighbor_solicitations);
+		      r.prefixes = 0;
+
 		      /* validate advertised information */
 		      if ((h0->current_hop_limit && radv_info->curr_hop_limit)
 			  && (h0->current_hop_limit !=
@@ -1962,6 +2069,20 @@ icmp6_router_advertisement (vlib_main_t * vm,
 
 			  switch (option_type)
 			    {
+			    case ICMP6_NEIGHBOR_DISCOVERY_OPTION_source_link_layer_address:
+			      {
+				icmp6_neighbor_discovery_ethernet_link_layer_address_option_t
+				  * h =
+				  (icmp6_neighbor_discovery_ethernet_link_layer_address_option_t
+				   *) (o0);
+
+				if (opt_len < sizeof (*h))
+				  break;
+
+				memcpy (r.slla, h->ethernet_address, 6);
+			      }
+			      break;
+
 			    case ICMP6_NEIGHBOR_DISCOVERY_OPTION_mtu:
 			      {
 				icmp6_neighbor_discovery_mtu_option_t *h =
@@ -1971,6 +2092,8 @@ icmp6_router_advertisement (vlib_main_t * vm,
 				if (opt_len < sizeof (*h))
 				  break;
 
+				r.mtu = clib_net_to_host_u32 (h->mtu);
+
 				if ((h->mtu && radv_info->adv_link_mtu) &&
 				    (h->mtu !=
 				     clib_host_to_net_u32
@@ -2000,10 +2123,23 @@ icmp6_router_advertisement (vlib_main_t * vm,
 				if (opt_len < sizeof (*h))
 				  break;
 
+				vec_validate (r.prefixes,
+					      vec_len (r.prefixes));
+				ra_report_prefix_info_t *prefix =
+				  vec_elt_at_index (r.prefixes,
+						    vec_len (r.prefixes) - 1);
+
 				preferred =
 				  clib_net_to_host_u32 (h->preferred_time);
 				valid = clib_net_to_host_u32 (h->valid_time);
 
+				prefix->preferred_time = preferred;
+				prefix->valid_time = valid;
+				prefix->flags = h->flags & 0xc0;
+				prefix->dst_address_length =
+				  h->dst_address_length;
+				prefix->dst_address = h->dst_address;
+
 				/* look for matching prefix - if we our advertising it, it better be consistant */
 				/* *INDENT-OFF* */
 				pool_foreach (pr_info, radv_info->adv_prefixes_pool,
@@ -2044,6 +2180,7 @@ icmp6_router_advertisement (vlib_main_t * vm,
 			      break;
 			    }
 			}
+		      ra_publish (&r);
 		    }
 		}
 	    }
@@ -2061,7 +2198,7 @@ icmp6_router_advertisement (vlib_main_t * vm,
       vlib_put_next_frame (vm, node, next_index, n_left_to_next);
     }
 
-  /* Account for router advertisements sent. */
+  /* Account for router advertisements received. */
   vlib_error_count (vm, error_node->node_index,
 		    ICMP6_ERROR_ROUTER_ADVERTISEMENTS_RX,
 		    n_advertisements_rcvd);
@@ -2069,6 +2206,252 @@ icmp6_router_advertisement (vlib_main_t * vm,
   return frame->n_vectors;
 }
 
+static inline f64
+random_f64_from_to (f64 from, f64 to)
+{
+  static u32 seed = 0;
+  static u8 seed_set = 0;
+  if (!seed_set)
+    {
+      seed = random_default_seed ();
+      seed_set = 1;
+    }
+  return random_f64 (&seed) * (to - from) + from;
+}
+
+static inline u8
+get_mac_address (u32 sw_if_index, u8 * address)
+{
+  vnet_main_t *vnm = vnet_get_main ();
+  vnet_hw_interface_t *hw_if = vnet_get_sup_hw_interface (vnm, sw_if_index);
+  if (!hw_if->hw_address)
+    return 1;
+  clib_memcpy (address, hw_if->hw_address, 6);
+  return 0;
+}
+
+static inline vlib_buffer_t *
+create_buffer_for_rs (vlib_main_t * vm, ip6_radv_t * radv_info)
+{
+  u32 bi0;
+  vlib_buffer_t *p0;
+  vlib_buffer_free_list_t *fl;
+  icmp6_router_solicitation_header_t *rh;
+  u16 payload_length;
+  int bogus_length;
+  u32 sw_if_index;
+
+  sw_if_index = radv_info->sw_if_index;
+
+  if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
+    {
+      clib_warning ("buffer allocation failure");
+      return 0;
+    }
+
+  p0 = vlib_get_buffer (vm, bi0);
+  fl = vlib_buffer_get_free_list (vm, VLIB_BUFFER_DEFAULT_FREE_LIST_INDEX);
+  vlib_buffer_init_for_free_list (p0, fl);
+  VLIB_BUFFER_TRACE_TRAJECTORY_INIT (p0);
+  p0->flags |= VNET_BUFFER_F_LOCALLY_ORIGINATED;
+
+  vnet_buffer (p0)->sw_if_index[VLIB_RX] = sw_if_index;
+  vnet_buffer (p0)->sw_if_index[VLIB_TX] = sw_if_index;
+
+  vnet_buffer (p0)->ip.adj_index[VLIB_TX] = radv_info->mcast_adj_index;
+
+  rh = vlib_buffer_get_current (p0);
+  p0->current_length = sizeof (*rh);
+
+  rh->neighbor.icmp.type = ICMP6_router_solicitation;
+  rh->neighbor.icmp.code = 0;
+  rh->neighbor.icmp.checksum = 0;
+  rh->neighbor.reserved_must_be_zero = 0;
+
+  rh->link_layer_option.header.type =
+    ICMP6_NEIGHBOR_DISCOVERY_OPTION_source_link_layer_address;
+  if (0 != get_mac_address (sw_if_index,
+			    rh->link_layer_option.ethernet_address))
+    {
+      clib_warning ("interface with sw_if_index %u has no mac address",
+		    sw_if_index);
+      vlib_buffer_free (vm, &bi0, 1);
+      return 0;
+    }
+  rh->link_layer_option.header.n_data_u64s = 1;
+
+  payload_length = sizeof (rh->neighbor) + sizeof (u64);
+
+  rh->ip.ip_version_traffic_class_and_flow_label =
+    clib_host_to_net_u32 (0x6 << 28);
+  rh->ip.payload_length = clib_host_to_net_u16 (payload_length);
+  rh->ip.protocol = IP_PROTOCOL_ICMP6;
+  rh->ip.hop_limit = 255;
+  rh->ip.src_address = radv_info->link_local_address;
+  /* set address ff02::2 */
+  rh->ip.dst_address.as_u64[0] = clib_host_to_net_u64 (0xff02L << 48);
+  rh->ip.dst_address.as_u64[1] = clib_host_to_net_u64 (2);
+
+  rh->neighbor.icmp.checksum = ip6_tcp_udp_icmp_compute_checksum (vm, p0,
+								  &rh->ip,
+								  &bogus_length);
+
+  return p0;
+}
+
+static inline void
+stop_sending_rs (vlib_main_t * vm, ip6_radv_t * ra)
+{
+  u32 bi0;
+
+  ra->keep_sending_rs = 0;
+  if (ra->buffer)
+    {
+      bi0 = vlib_get_buffer_index (vm, ra->buffer);
+      vlib_buffer_free (vm, &bi0, 1);
+      ra->buffer = 0;
+    }
+}
+
+static inline bool
+check_send_rs (vlib_main_t * vm, ip6_radv_t * radv_info, f64 current_time,
+	       f64 * due_time)
+{
+  vlib_buffer_t *p0;
+  vlib_frame_t *f;
+  u32 *to_next;
+  u32 next_index;
+  vlib_buffer_t *c0;
+  u32 ci0;
+
+  icmp6_send_router_solicitation_params_t *params;
+
+  if (!radv_info->keep_sending_rs)
+    return false;
+
+  params = &radv_info->params;
+
+  if (radv_info->due_time > current_time)
+    {
+      *due_time = radv_info->due_time;
+      return true;
+    }
+
+  p0 = radv_info->buffer;
+
+  next_index = ip6_rewrite_mcast_node.index;
+
+  c0 = vlib_buffer_copy (vm, p0);
+  ci0 = vlib_get_buffer_index (vm, c0);
+
+  f = vlib_get_frame_to_node (vm, next_index);
+  to_next = vlib_frame_vector_args (f);
+  to_next[0] = ci0;
+  f->n_vectors = 1;
+  vlib_put_frame_to_node (vm, next_index, f);
+
+  if (params->mrc != 0 && --radv_info->n_left == 0)
+    stop_sending_rs (vm, radv_info);
+  else
+    {
+      radv_info->sleep_interval =
+	(2 + random_f64_from_to (-0.1, 0.1)) * radv_info->sleep_interval;
+      if (radv_info->sleep_interval > params->mrt)
+	radv_info->sleep_interval =
+	  (1 + random_f64_from_to (-0.1, 0.1)) * params->mrt;
+
+      radv_info->due_time = current_time + radv_info->sleep_interval;
+
+      if (params->mrd != 0
+	  && current_time > radv_info->start_time + params->mrd)
+	stop_sending_rs (vm, radv_info);
+      else
+	*due_time = radv_info->due_time;
+    }
+
+  return radv_info->keep_sending_rs;
+}
+
+static uword
+send_rs_process (vlib_main_t * vm, vlib_node_runtime_t * rt,
+		 vlib_frame_t * f0)
+{
+  ip6_neighbor_main_t *nm = &ip6_neighbor_main;
+  ip6_radv_t *radv_info;
+  uword *event_data = 0;
+  f64 sleep_time = 1e9;
+  f64 current_time;
+  f64 due_time;
+  f64 dt = 0;
+
+  while (true)
+    {
+      vlib_process_wait_for_event_or_clock (vm, sleep_time);
+      vlib_process_get_events (vm, &event_data);
+      vec_reset_length (event_data);
+
+      current_time = vlib_time_now (vm);
+      do
+	{
+	  due_time = current_time + 1e9;
+        /* *INDENT-OFF* */
+        pool_foreach (radv_info, nm->if_radv_pool,
+        ({
+	    if (check_send_rs (vm, radv_info, current_time, &dt)
+		&& (dt < due_time))
+	      due_time = dt;
+        }));
+        /* *INDENT-ON* */
+	  current_time = vlib_time_now (vm);
+	}
+      while (due_time < current_time);
+
+      sleep_time = due_time - current_time;
+    }
+
+  return 0;
+}
+
+/* *INDENT-OFF* */
+VLIB_REGISTER_NODE (send_rs_process_node) = {
+    .function = send_rs_process,
+    .type = VLIB_NODE_TYPE_PROCESS,
+    .name = "send-rs-process",
+};
+/* *INDENT-ON* */
+
+void
+icmp6_send_router_solicitation (vlib_main_t * vm, u32 sw_if_index, u8 stop,
+				icmp6_send_router_solicitation_params_t *
+				params)
+{
+  ip6_neighbor_main_t *nm = &ip6_neighbor_main;
+  u32 rai;
+  ip6_radv_t *ra = 0;
+
+  ASSERT (~0 != sw_if_index);
+
+  rai = nm->if_radv_pool_index_by_sw_if_index[sw_if_index];
+  ra = pool_elt_at_index (nm->if_radv_pool, rai);
+
+  if (stop)
+    stop_sending_rs (vm, ra);
+  else
+    {
+      ra->keep_sending_rs = 1;
+      ra->params = *params;
+      ra->n_left = params->mrc;
+      ra->start_time = vlib_time_now (vm);
+      ra->sleep_interval = (1 + random_f64_from_to (-0.1, 0.1)) * params->irt;
+      ra->due_time = 0;		/* send first packet ASAP */
+      ra->buffer = create_buffer_for_rs (vm, ra);
+      if (!ra->buffer)
+	ra->keep_sending_rs = 0;
+      else
+	vlib_process_signal_event (vm, send_rs_process_node.index, 1, 0);
+    }
+}
+
 /**
  * @brief Add a multicast Address to the advertised MLD set
  */
@@ -2079,7 +2462,7 @@ ip6_neighbor_add_mld_prefix (ip6_radv_t * radv_info, ip6_address_t * addr)
   uword *p;
 
   /* lookup  mldp info for this interface */
-  p = mhash_get (&radv_info->address_to_mldp_index, &addr);
+  p = mhash_get (&radv_info->address_to_mldp_index, addr);
   mcast_group_info =
     p ? pool_elt_at_index (radv_info->mldp_group_pool, p[0]) : 0;
 
@@ -2091,13 +2474,13 @@ ip6_neighbor_add_mld_prefix (ip6_radv_t * radv_info, ip6_address_t * addr)
       pool_get (radv_info->mldp_group_pool, mcast_group_info);
 
       mi = mcast_group_info - radv_info->mldp_group_pool;
-      mhash_set (&radv_info->address_to_mldp_index, &addr, mi,	/* old_value */
+      mhash_set (&radv_info->address_to_mldp_index, addr, mi,	/* old_value */
 		 0);
 
       mcast_group_info->type = 4;
       mcast_group_info->mcast_source_address_pool = 0;
       mcast_group_info->num_sources = 0;
-      clib_memcpy (&mcast_group_info->mcast_address, &addr,
+      clib_memcpy (&mcast_group_info->mcast_address, addr,
 		   sizeof (ip6_address_t));
     }
 }
@@ -2194,6 +2577,9 @@ ip6_neighbor_sw_interface_add_del (vnet_main_t * vnm,
 	  mhash_free (&a->address_to_prefix_index);
 	  mhash_free (&a->address_to_mldp_index);
 
+	  if (a->keep_sending_rs)
+	    a->keep_sending_rs = 0;
+
 	  pool_put (nm->if_radv_pool, a);
 	  nm->if_radv_pool_index_by_sw_if_index[sw_if_index] = ~0;
 	  ri = ~0;
@@ -2257,6 +2643,8 @@ ip6_neighbor_sw_interface_add_del (vnet_main_t * vnm,
 						      VNET_LINK_IP6,
 						      sw_if_index);
 
+	  a->keep_sending_rs = 0;
+
 	  /* add multicast groups we will always be reporting  */
 	  ip6_neighbor_add_mld_grp (a,
 				    IP6_MULTICAST_SCOPE_link_local,
@@ -2696,6 +3084,281 @@ VLIB_REGISTER_NODE (ip6_icmp_neighbor_advertisement_node,static) =
 };
 /* *INDENT-ON* */
 
+typedef enum
+{
+  IP6_DISCOVER_NEIGHBOR_NEXT_DROP,
+  IP6_DISCOVER_NEIGHBOR_NEXT_REPLY_TX,
+  IP6_DISCOVER_NEIGHBOR_N_NEXT,
+} ip6_discover_neighbor_next_t;
+
+typedef enum
+{
+  IP6_DISCOVER_NEIGHBOR_ERROR_DROP,
+  IP6_DISCOVER_NEIGHBOR_ERROR_REQUEST_SENT,
+  IP6_DISCOVER_NEIGHBOR_ERROR_NO_SOURCE_ADDRESS,
+} ip6_discover_neighbor_error_t;
+
+static uword
+ip6_discover_neighbor_inline (vlib_main_t * vm,
+			      vlib_node_runtime_t * node,
+			      vlib_frame_t * frame, int is_glean)
+{
+  vnet_main_t *vnm = vnet_get_main ();
+  ip6_main_t *im = &ip6_main;
+  ip_lookup_main_t *lm = &im->lookup_main;
+  u32 *from, *to_next_drop;
+  uword n_left_from, n_left_to_next_drop;
+  static f64 time_last_seed_change = -1e100;
+  static u32 hash_seeds[3];
+  static uword hash_bitmap[256 / BITS (uword)];
+  f64 time_now;
+  int bogus_length;
+  ip6_neighbor_main_t *nm = &ip6_neighbor_main;
+
+  if (node->flags & VLIB_NODE_FLAG_TRACE)
+    ip6_forward_next_trace (vm, node, frame, VLIB_TX);
+
+  time_now = vlib_time_now (vm);
+  if (time_now - time_last_seed_change > 1e-3)
+    {
+      uword i;
+      u32 *r = clib_random_buffer_get_data (&vm->random_buffer,
+					    sizeof (hash_seeds));
+      for (i = 0; i < ARRAY_LEN (hash_seeds); i++)
+	hash_seeds[i] = r[i];
+
+      /* Mark all hash keys as been not-seen before. */
+      for (i = 0; i < ARRAY_LEN (hash_bitmap); i++)
+	hash_bitmap[i] = 0;
+
+      time_last_seed_change = time_now;
+    }
+
+  from = vlib_frame_vector_args (frame);
+  n_left_from = frame->n_vectors;
+
+  while (n_left_from > 0)
+    {
+      vlib_get_next_frame (vm, node, IP6_DISCOVER_NEIGHBOR_NEXT_DROP,
+			   to_next_drop, n_left_to_next_drop);
+
+      while (n_left_from > 0 && n_left_to_next_drop > 0)
+	{
+	  vlib_buffer_t *p0;
+	  ip6_header_t *ip0;
+	  u32 pi0, adj_index0, a0, b0, c0, m0, sw_if_index0, drop0;
+	  uword bm0;
+	  ip_adjacency_t *adj0;
+	  vnet_hw_interface_t *hw_if0;
+	  ip6_radv_t *radv_info;
+	  u32 next0;
+
+	  pi0 = from[0];
+
+	  p0 = vlib_get_buffer (vm, pi0);
+
+	  adj_index0 = vnet_buffer (p0)->ip.adj_index[VLIB_TX];
+
+	  ip0 = vlib_buffer_get_current (p0);
+
+	  adj0 = adj_get (adj_index0);
+
+	  if (!is_glean)
+	    {
+	      ip0->dst_address.as_u64[0] =
+		adj0->sub_type.nbr.next_hop.ip6.as_u64[0];
+	      ip0->dst_address.as_u64[1] =
+		adj0->sub_type.nbr.next_hop.ip6.as_u64[1];
+	    }
+
+	  a0 = hash_seeds[0];
+	  b0 = hash_seeds[1];
+	  c0 = hash_seeds[2];
+
+	  sw_if_index0 = adj0->rewrite_header.sw_if_index;
+	  vnet_buffer (p0)->sw_if_index[VLIB_TX] = sw_if_index0;
+
+	  a0 ^= sw_if_index0;
+	  b0 ^= ip0->dst_address.as_u32[0];
+	  c0 ^= ip0->dst_address.as_u32[1];
+
+	  hash_v3_mix32 (a0, b0, c0);
+
+	  b0 ^= ip0->dst_address.as_u32[2];
+	  c0 ^= ip0->dst_address.as_u32[3];
+
+	  hash_v3_finalize32 (a0, b0, c0);
+
+	  c0 &= BITS (hash_bitmap) - 1;
+	  c0 = c0 / BITS (uword);
+	  m0 = (uword) 1 << (c0 % BITS (uword));
+
+	  bm0 = hash_bitmap[c0];
+	  drop0 = (bm0 & m0) != 0;
+
+	  /* Mark it as seen. */
+	  hash_bitmap[c0] = bm0 | m0;
+
+	  from += 1;
+	  n_left_from -= 1;
+	  to_next_drop[0] = pi0;
+	  to_next_drop += 1;
+	  n_left_to_next_drop -= 1;
+
+	  hw_if0 = vnet_get_sup_hw_interface (vnm, sw_if_index0);
+
+	  /* If the interface is link-down, drop the pkt */
+	  if (!(hw_if0->flags & VNET_HW_INTERFACE_FLAG_LINK_UP))
+	    drop0 = 1;
+
+	  if (vec_len (nm->if_radv_pool_index_by_sw_if_index) > sw_if_index0)
+	    {
+	      u32 ri = nm->if_radv_pool_index_by_sw_if_index[sw_if_index0];
+
+	      if (ri != ~0)
+		radv_info = pool_elt_at_index (nm->if_radv_pool, ri);
+	      else
+		drop0 = 1;
+	    }
+	  else
+	    drop0 = 1;
+
+	  /*
+	   * the adj has been updated to a rewrite but the node the DPO that got
+	   * us here hasn't - yet. no big deal. we'll drop while we wait.
+	   */
+	  if (IP_LOOKUP_NEXT_REWRITE == adj0->lookup_next_index)
+	    drop0 = 1;
+
+	  p0->error =
+	    node->errors[drop0 ? IP6_DISCOVER_NEIGHBOR_ERROR_DROP
+			 : IP6_DISCOVER_NEIGHBOR_ERROR_REQUEST_SENT];
+
+	  if (drop0)
+	    continue;
+
+	  {
+	    u32 bi0 = 0;
+	    icmp6_neighbor_solicitation_header_t *h0;
+	    vlib_buffer_t *b0;
+
+	    h0 = vlib_packet_template_get_packet
+	      (vm, &im->discover_neighbor_packet_template, &bi0);
+
+	    /*
+	     * Build ethernet header.
+	     * Choose source address based on destination lookup
+	     * adjacency.
+	     */
+	    if (!ip6_src_address_for_packet (lm,
+					     sw_if_index0,
+					     &ip0->dst_address,
+					     &h0->ip.src_address))
+	      {
+		/* There is no address on the interface */
+		p0->error =
+		  node->errors[IP6_DISCOVER_NEIGHBOR_ERROR_NO_SOURCE_ADDRESS];
+		vlib_buffer_free (vm, &bi0, 1);
+		continue;
+	      }
+
+	    /*
+	     * Destination address is a solicited node multicast address.
+	     * We need to fill in
+	     * the low 24 bits with low 24 bits of target's address.
+	     */
+	    h0->ip.dst_address.as_u8[13] = ip0->dst_address.as_u8[13];
+	    h0->ip.dst_address.as_u8[14] = ip0->dst_address.as_u8[14];
+	    h0->ip.dst_address.as_u8[15] = ip0->dst_address.as_u8[15];
+
+	    h0->neighbor.target_address = ip0->dst_address;
+
+	    clib_memcpy (h0->link_layer_option.ethernet_address,
+			 hw_if0->hw_address, vec_len (hw_if0->hw_address));
+
+	    /* $$$$ appears we need this; why is the checksum non-zero? */
+	    h0->neighbor.icmp.checksum = 0;
+	    h0->neighbor.icmp.checksum =
+	      ip6_tcp_udp_icmp_compute_checksum (vm, 0, &h0->ip,
+						 &bogus_length);
+
+	    ASSERT (bogus_length == 0);
+
+	    vlib_buffer_copy_trace_flag (vm, p0, bi0);
+	    b0 = vlib_get_buffer (vm, bi0);
+	    vnet_buffer (b0)->sw_if_index[VLIB_TX]
+	      = vnet_buffer (p0)->sw_if_index[VLIB_TX];
+
+	    vnet_buffer (b0)->ip.adj_index[VLIB_TX] =
+	      radv_info->mcast_adj_index;
+
+	    b0->flags |= VNET_BUFFER_F_LOCALLY_ORIGINATED;
+	    next0 = IP6_DISCOVER_NEIGHBOR_NEXT_REPLY_TX;
+
+	    vlib_set_next_frame_buffer (vm, node, next0, bi0);
+	  }
+	}
+
+      vlib_put_next_frame (vm, node, IP6_DISCOVER_NEIGHBOR_NEXT_DROP,
+			   n_left_to_next_drop);
+    }
+
+  return frame->n_vectors;
+}
+
+static uword
+ip6_discover_neighbor (vlib_main_t * vm,
+		       vlib_node_runtime_t * node, vlib_frame_t * frame)
+{
+  return (ip6_discover_neighbor_inline (vm, node, frame, 0));
+}
+
+static uword
+ip6_glean (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame)
+{
+  return (ip6_discover_neighbor_inline (vm, node, frame, 1));
+}
+
+static char *ip6_discover_neighbor_error_strings[] = {
+  [IP6_DISCOVER_NEIGHBOR_ERROR_DROP] = "address overflow drops",
+  [IP6_DISCOVER_NEIGHBOR_ERROR_REQUEST_SENT] = "neighbor solicitations sent",
+  [IP6_DISCOVER_NEIGHBOR_ERROR_NO_SOURCE_ADDRESS]
+    = "no source address for ND solicitation",
+};
+
+/* *INDENT-OFF* */
+VLIB_REGISTER_NODE (ip6_glean_node) =
+{
+  .function = ip6_glean,
+  .name = "ip6-glean",
+  .vector_size = sizeof (u32),
+  .format_trace = format_ip6_forward_next_trace,
+  .n_errors = ARRAY_LEN (ip6_discover_neighbor_error_strings),
+  .error_strings = ip6_discover_neighbor_error_strings,
+  .n_next_nodes = IP6_DISCOVER_NEIGHBOR_N_NEXT,
+  .next_nodes =
+  {
+    [IP6_DISCOVER_NEIGHBOR_NEXT_DROP] = "ip6-drop",
+    [IP6_DISCOVER_NEIGHBOR_NEXT_REPLY_TX] = "ip6-rewrite-mcast",
+  },
+};
+VLIB_REGISTER_NODE (ip6_discover_neighbor_node) =
+{
+  .function = ip6_discover_neighbor,
+  .name = "ip6-discover-neighbor",
+  .vector_size = sizeof (u32),
+  .format_trace = format_ip6_forward_next_trace,
+  .n_errors = ARRAY_LEN (ip6_discover_neighbor_error_strings),
+  .error_strings = ip6_discover_neighbor_error_strings,
+  .n_next_nodes = IP6_DISCOVER_NEIGHBOR_N_NEXT,
+  .next_nodes =
+  {
+    [IP6_DISCOVER_NEIGHBOR_NEXT_DROP] = "ip6-drop",
+    [IP6_DISCOVER_NEIGHBOR_NEXT_REPLY_TX] = "ip6-rewrite-mcast",
+  },
+};
+/* *INDENT-ON* */
+
 /* API support functions */
 int
 ip6_neighbor_ra_config (vlib_main_t * vm, u32 sw_if_index,
@@ -3273,6 +3936,10 @@ show_ip6_interface_cmd (vlib_main_t * vm,
 	      vec_free (unknown_scope);
 	    }
 
+	  vlib_cli_output (vm, "\tLink-local address(es):\n");
+	  vlib_cli_output (vm, "\t\t%U\n", format_ip6_address,
+			   &radv_info->link_local_address);
+
 	  vlib_cli_output (vm, "\tJoined group address(es):\n");
 	  ip6_mldp_group_t *m;
 	  /* *INDENT-OFF* */
@@ -3395,7 +4062,6 @@ disable_ip6_interface (vlib_main_t * vm, u32 sw_if_index)
   /* if not created - do nothing */
   if (ri != ~0)
     {
-      vnet_main_t *vnm = vnet_get_main ();
       ip6_radv_t *radv_info;
 
       radv_info = pool_elt_at_index (nm->if_radv_pool, ri);
@@ -3405,14 +4071,15 @@ disable_ip6_interface (vlib_main_t * vm, u32 sw_if_index)
       if (radv_info->ref_count == 0)
 	{
 	  /* essentially "disables" ipv6 on this interface */
-	  error = ip6_add_del_interface_address (vm, sw_if_index,
-						 &radv_info->
-						 link_local_address, 128,
-						 1 /* is_del */ );
-
-	  ip6_neighbor_sw_interface_add_del (vnm, sw_if_index,
-					     0 /* is_add */ );
+	  ip6_ll_prefix_t ilp = {
+	    .ilp_addr = radv_info->link_local_address,
+	    .ilp_sw_if_index = sw_if_index,
+	  };
+	  ip6_ll_table_entry_delete (&ilp);
+	  ip6_sw_interface_enable_disable (sw_if_index, 0);
 	  ip6_mfib_interface_enable_disable (sw_if_index, 0);
+	  ip6_neighbor_sw_interface_add_del (vnet_get_main (), sw_if_index,
+					     0);
 	}
     }
   return error;
@@ -3481,38 +4148,28 @@ enable_ip6_interface (vlib_main_t * vm, u32 sw_if_index)
 		      sw_if0->type == VNET_SW_INTERFACE_TYPE_P2P)
 		    {
 		      /* make up  an interface id */
-		      md5_context_t m;
-		      u8 digest[16];
-
-		      link_local_address.as_u64[0] = radv_info->randomizer;
-
-		      md5_init (&m);
-		      md5_add (&m, &link_local_address, 16);
-		      md5_finish (&m, digest);
-
-		      clib_memcpy (&link_local_address, digest, 16);
-
-		      radv_info->randomizer = link_local_address.as_u64[0];
+		      link_local_address.as_u64[1] =
+			random_u64 (&radv_info->randomizer);
 
 		      link_local_address.as_u64[0] =
 			clib_host_to_net_u64 (0xFE80000000000000ULL);
 		      /* clear u bit */
 		      link_local_address.as_u8[8] &= 0xfd;
 		    }
+		  {
+		    ip6_ll_prefix_t ilp = {
+		      .ilp_addr = link_local_address,
+		      .ilp_sw_if_index = sw_if_index,
+		    };
 
-		  ip6_mfib_interface_enable_disable (sw_if_index, 1);
+		    ip6_ll_table_entry_update (&ilp, FIB_ROUTE_PATH_LOCAL);
+		  }
 
 		  /* essentially "enables" ipv6 on this interface */
-		  error = ip6_add_del_interface_address (vm, sw_if_index,
-							 &link_local_address,
-							 128
-							 /* address width */ ,
-							 0 /* is_del */ );
-
-		  if (error)
-		    ip6_neighbor_sw_interface_add_del (vnm, sw_if_index,
-						       !is_add);
-		  else
+		  ip6_mfib_interface_enable_disable (sw_if_index, 1);
+		  ip6_sw_interface_enable_disable (sw_if_index, 1);
+
+		  if (!error)
 		    {
 		      radv_info->link_local_address = link_local_address;
 		    }
@@ -3523,6 +4180,27 @@ enable_ip6_interface (vlib_main_t * vm, u32 sw_if_index)
   return error;
 }
 
+int
+ip6_get_ll_address (u32 sw_if_index, ip6_address_t * addr)
+{
+  ip6_neighbor_main_t *nm = &ip6_neighbor_main;
+  ip6_radv_t *radv_info;
+  u32 ri;
+
+  if (vec_len (nm->if_radv_pool_index_by_sw_if_index) < sw_if_index)
+    return 0;
+
+  ri = nm->if_radv_pool_index_by_sw_if_index[sw_if_index];
+
+  if (ri == ~0)
+    return 0;
+
+  radv_info = pool_elt_at_index (nm->if_radv_pool, ri);
+  *addr = radv_info->link_local_address;
+
+  return (!0);
+}
+
 static clib_error_t *
 enable_ip6_interface_cmd (vlib_main_t * vm,
 			  unformat_input_t * input, vlib_cli_command_t * cmd)
@@ -3983,6 +4661,8 @@ ip6_neighbor_init (vlib_main_t * vm)
 
   nm->wc_ip6_nd_publisher_node = (uword) ~ 0;
 
+  nm->ip6_ra_publisher_node = (uword) ~ 0;
+
 #if 0
   /* $$$$ Hack fix for today */
   vec_validate_init_empty
@@ -4279,11 +4959,23 @@ ethernet_ndp_change_mac (u32 sw_if_index)
 }
 
 void
-send_ip6_na (vlib_main_t * vm, vnet_hw_interface_t * hi)
+send_ip6_na (vlib_main_t * vm, const vnet_hw_interface_t * hi)
 {
   ip6_main_t *i6m = &ip6_main;
   u32 sw_if_index = hi->sw_if_index;
   ip6_address_t *ip6_addr = ip6_interface_first_address (i6m, sw_if_index);
+
+  send_ip6_na_w_addr (vm, ip6_addr, hi);
+}
+
+void
+send_ip6_na_w_addr (vlib_main_t * vm,
+		    const ip6_address_t * ip6_addr,
+		    const vnet_hw_interface_t * hi)
+{
+  ip6_main_t *i6m = &ip6_main;
+  u32 sw_if_index = hi->sw_if_index;
+
   if (ip6_addr)
     {
       clib_warning