[radvd] Shutting down radvd stops/breaks IPv6 forwarding
When shutting down radvd, ipv6 forwarding is turned off, even though it was on before radvd was started:
[11:02] router1.place6:~# sysctl net.ipv6.conf.all.forwarding
net.ipv6.conf.all.forwarding = 1
[11:02] router1.place6:~# /etc/init.d/radvd start; sleep 3; /etc/init.d/radvd stop; sysctl net.ipv6.conf.a
ll.forwarding
* Enabling IPv6 forwarding ... [ ok ]
* Starting IPv6 Router Advertisement Daemon ... [ ok ]
* Stopping IPv6 Router Advertisement Daemon ... [ ok ]
* Disabling IPv6 forwarding ... [ ok ]
net.ipv6.conf.all.forwarding = 0
[11:03] router1.place6:~#
This breaks every router which has to start/stop radvd occasionally.
I see the code block for start/and stop
# start
if [ "${FORWARD}" != "no" ]; then
ebegin "Enabling IPv6 forwarding"
sysctl -w "${SYSCTL_FORWARD}=1" >/dev/null
eend $?
fi
# stop
if [ "${FORWARD}" != "no" ]; then
ebegin "Disabling IPv6 forwarding"
sysctl -w "${SYSCTL_FORWARD}=0" > /dev/null
eend $?
fi
I think the logic in the init script is a bit weird.
- If FORWARD=yes and forwarding was enabled before, it clears it on exit
- FORWARD=no does not really disable forwarding
- Other distros don't have the radvd init script modify the sysctl by default and radvd just fails to start if forwarding is not enabled. ** I would have expected similar behaviour here
- Enabling ipv6 forwarding without knowing it also might have unwanted side effects (i.e. forwarding to networks that are configured, but not yet firewalled).
So my proposals (in order) are:
- Remove the FORWARD= logic from radvd as it's unexpected and has potentially complex side effects
- If we want to keep it, set it to FORWARD=no by default OR
- restore the before radvd situation on exit (but this might ugly and still not as intended) ** might not have been enabled before starting radvd ** then the user modifies / uses forwarding which works due to radvd side effect ** radvd is stopped -> other services of the user break