Skip to Content [alt-c]

Andrew Ayer

Sections

You are here: Andrew's SiteProjectsrdiscd

rdiscd - IPv6 Router Discovery and SLAAC Daemon

rdiscd is a daemon for performing IPv6 router discovery and stateless address autoconfiguration (SLAAC) in userspace. It provides greater flexibility and more functionality than the kernel's implementation. For example, rdiscd supports static interface IDs, where the advertised prefix is combined with a static suffix to form a complete address. It also supports RFC 7217 for generating semantically opaque interface IDs (aka "stable privacy addresses").

Building rdiscd

Run make. You can install the resulting binaries wherever you want (such as /usr/local/sbin).

Dependencies

rdiscd depends on libndp v1.2 or higher.

To build rdiscd, you need a C++ compiler (such as gcc) and development headers for libndp.

Current Status

The current version of rdiscd is 0.5, released on 2014-10-04. rdiscd aims to be bug-free and reliable, meaning it shouldn't crash or malfunction. In fact, it is used in production on several servers, desktops, and laptops. However, it has not yet reached maturity, meaning it is not as polished or featureful as it should be. It contains basic support for autoconfiguring addresses and the default gateway, but does not yet support route or DNS server advertisements.

Project Resources

For help or questions, send mail to the discuss list, rdiscd-discuss@lists.cloudmutt.com. To report a bug or make a feature request, please open an issue at GitHub or send mail to the discuss list. To contribute code, please send a properly-formatted patch to the discuss list, or open a pull request at GitHub.

Credits

rdiscd was written by Andrew Ayer.

rdiscd is inspired by the userspace SLAAC implementation in NetworkManager, and some code is based on the code found therein.

rdiscd contains a SHA-2 implementation by Aaron D. Gifford.

rdiscd would not be possible without libndp, by Jiri Pirko.

Security

rdiscd has been designed and implemented with security in mind. Safe, high-level C++ constructs are used whenever possible to reduce the chance of programmer error. Low-level, potentially-unsafe code is kept to a minimum and written very carefully when it's necessary. In addition, I have audited the code of libndp, the NDP library used by rdiscd. I found one vulnerability, CVE-2014-3554, which is fixed as of libndp 1.4.

By necessity, rdiscd requires privilege, as it configures the system's networking and uses raw sockets. To mitigate the potential impact of a security vulnerability in rdiscd or libndp, rdiscd supports privilege separation. The process that handles NDP packets from the network runs as an unprivileged user in an empty and unwritable root directory, and passes configuration information to the privileged process over a UNIX domain socket using a simple and easily-audited protocol. The privileged process never talks directly to the network.

To use privilege separation, you must pass the name of an unprivileged user to the -u option (you should use a dedicated user for rdiscd), and a root directory to the -r option (you should use an empty and unwritable directory). Privilege separation is enabled by default in the Debian package, with no manual configuration required.

If you find a security vulnerability in rdiscd, please contact me privately, optionally using my PGP key, EF5D 84C1 838F 2EB6 D896 8C04 1037 8EFC 2080 080C.

Legalese

Copyright © 2014 Andrew Ayer

Licensed predominantly under the GPLv3. Also contains code licensed under more permissive GPL-compatible licenses.

rdiscd is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.