Queenie  Davis

Queenie Davis

1658765160

Magpie: Bidirectional NDP Proxy and Route Maintainer For C++

Magpie

Bidirectional NDP proxy and route maintainer to relay an IPv6 SLAAC network.

The name "magpie" is from the Chinese folk tale The Cowherd and the Weaver Girl: once a year on the 7-th day of the 7-th lunar month, all the magpies flys to the Milky Way and form a bridge to let couple, the Cowherd and the Weaver Girl, to meet.

Introduction

In an IPv6 network, the downstream router (your homelab LAN gateway) usually got a /64 routed prefix with DHCPv6's PD (prefix delegation) from upstream network (ISP). Then your downstream router could broadcast RA with the delegated prefix so that all hosts in your main LAN could get IPv6 addresses with SLAAC.

        Upstream         <--->       Downstream Router        <--->            Hosts in main LAN
(DHCPv6 server with PD)         (Got /64 PD from upstream)              (Got IPv6 addresses with SLAAC)
                                     (Broadcasting RA)

But what if you connect a secondary router to the downstream router's main LAN? Your secondary router gets a globally routable IPv6 address with that prefix, but not your secondary LAN's terminal devices because no one is broadcasting RA. You can pretend to be owning that PD, re-broadcasting the downstream router's RA to the secondary LAN (with radvd). But even if your terminal devices could get "real" IPv6 address, it's not globally routable.

     Downstream Router        <--->             Secondary Router             <--->        Terminal devices in secondary LAN
(Got /64 PD from upstream)              (Got IPv6 addresses with SLAAC)                    (Got IPv6 addresses with SLAAC)
     (Broadcasting RA)                        (Re-broadcasting RA)                               (But not working?)

Why? Because that /64 prefix doesn't belong to your secondary router, an output packet could reach the Internet but no input packet goes to your terminal devices through your secondary router. To go deeper, the upstream router, who owns the PD in real, doesn't know where to send the packet.

So why it can without the secondary router? Just like IPv4's ARP, in IPv6, a host resolves an IP address in the same broadcast domain to MAC address with NDP. But your secondary router divides the hosts in a /64 network, which are in theory belong to one broadcast domain, to two -- the main LAN and secondary LAN. Then there are two problems involved:

  1. For an IPv6 address used by your secondary LAN's terminal device, the downstream router, who need to do the first-time routing for each packet to your network, couldn't find it with NDP.
  2. For an IPv6 address in the /64 prefix of all your hosts, your secondary router don't know whether it's in main LAN or secondary LAN -- since the two interfaces are in the same broadcast domain in theory.

For the 1st problem, we can proxy the NDP messages on your secondary router. When receiving a NDP query (NS) from one network, send a NDP query to the other network from itself, when receving a NDP response (NA) from one network, respond to the the other network to announce the IP is on itself. Then hosts in two networks are thinking they're in the same broadcast domain, but in real they communicate with your secondary router as the gateway.

For the 2st problem, we can learn routes from the NDP responses (NA). Once receving a NA from one network, add a rule to route the target IP to that network in the system routing table. We have a timeout and reprobe mechanism to delete expired (disconnected) hosts. In addition, we can capture the output ICMPv6 "destination unreachable" messages and try to probe them and fix the routes.

Building

Install dependencies:

apt install -y libpcap-dev # Ubuntu or Debian
pacman -Sy libpcap         # Archlinux

Clone this repo with --recursive:

git clone https://github.com/Menci/magpie --recursive
cd magpie

Build with CMake:

mkdir build && cd build
cmake .. -DCMAKE_BUILD_TYPE=Release
make -j
# Result binary: ./src/magpie

Usage

Magpie listens on multiple (two normally but more are possible) interfaces, specified by -i, and do NDP proxying and routes probing/learning. Usually it's the only argument needed. But for debugging purpose you could also specify the log level with -l.

magpie -i wan,br-lan # Relaying IPv6 on interface "wan" and "br-lan"
magpie -i wan,br-lan -l verbose # Increase the log level for 

It sets alarm and check for the timeout of routes in each --alarm-interval, -a seconds, any route lasted --probe-interval, -p seconds will be reprobed. There will be --probe-retries, -r reprobe retries before a route being deleted as expired. For example, the default:

# A route will be reprobed 5 times before deleted as expired, in an interval of 60s for each reprobe
magpie -i wan,br-lan -a 10 -p 60 -r 5

It's better to provide a --routes-save-file to save the routes to file on exit and load (reprobe) them on start. This helps reduce the IPv6 network down time between your restarts of the daemon.

magpie -i wan,br-lan -f /var/lib/magpie/saved-routes.json

Security Notice

This project aims on using in homelab / school network in which the hosts are trusted. Don't use it in a public / untrusted network since it maintains routing states without any security measure. Attacks like NDP hijacking and routing table DDoS could be done easily.


Author: Menci
Source code: https://github.com/Menci/magpie
License: MIT license

#cpluplus 

What is GEEK

Buddha Community

Magpie: Bidirectional NDP Proxy and Route Maintainer For C++
Tamale  Moses

Tamale Moses

1624240146

How to Run C/C++ in Sublime Text?

C and C++ are the most powerful programming language in the world. Most of the super fast and complex libraries and algorithms are written in C or C++. Most powerful Kernel programs are also written in C. So, there is no way to skip it.

In programming competitions, most programmers prefer to write code in C or C++. Tourist is considered the worlds top programming contestant of all ages who write code in C++.

During programming competitions, programmers prefer to use a lightweight editor to focus on coding and algorithm designing. VimSublime Text, and Notepad++ are the most common editors for us. Apart from the competition, many software developers and professionals love to use Sublime Text just because of its flexibility.

I have discussed the steps we need to complete in this blog post before running a C/C++ code in Sublime Text. We will take the inputs from an input file and print outputs to an output file without using freopen file related functions in C/C++.

#cpp #c #c-programming #sublimetext #c++ #c/c++

Dicey Issues in C/C++

If you are familiar with C/C++then you must have come across some unusual things and if you haven’t, then you are about to. The below codes are checked twice before adding, so feel free to share this article with your friends. The following displays some of the issues:

  1. Using multiple variables in the print function
  2. Comparing Signed integer with unsigned integer
  3. Putting a semicolon at the end of the loop statement
  4. C preprocessor doesn’t need a semicolon
  5. Size of the string matters
  6. Macros and equations aren’t good friends
  7. Never compare Floating data type with double data type
  8. Arrays have a boundary
  9. Character constants are different from string literals
  10. Difference between single(=) and double(==) equal signs.

The below code generates no error since a print function can take any number of inputs but creates a mismatch with the variables. The print function is used to display characters, strings, integers, float, octal, and hexadecimal values onto the output screen. The format specifier is used to display the value of a variable.

  1. %d indicates Integer Format Specifier
  2. %f indicates Float Format Specifier
  3. %c indicates Character Format Specifier
  4. %s indicates String Format Specifier
  5. %u indicates Unsigned Integer Format Specifier
  6. %ld indicates Long Int Format Specifier

Image for post


A signed integer is a 32-bit datum that encodes an integer in the range [-2147483648 to 2147483647]. An unsigned integer is a 32-bit datum that encodes a non-negative integer in the range [0 to 4294967295]. The signed integer is represented in twos-complement notation. In the below code the signed integer will be converted to the maximum unsigned integer then compared with the unsigned integer.

Image for post

#problems-with-c #dicey-issues-in-c #c-programming #c++ #c #cplusplus

Ari  Bogisich

Ari Bogisich

1590587580

Loops in C++ | For, While, and Do While Loops in C++

In this Video We are going to see how to use Loops in C++. We will see How to use For, While, and Do While Loops in C++.
C++ is general purpose, compiled, object-oriented programming language and its concepts served as the basis for several other languages such as Java, Python, Ruby, Perl etc.

#c #c# #c++ #programming-c

Ari  Bogisich

Ari Bogisich

1589816580

Using isdigit() in C/C++

In this article, we’ll take a look at using the isdigit() function in C/C++. This is a very simple way to check if any value is a digit or not. Let’s look at how to use this function, using some simple examples.

#c programming #c++ #c #c#

Shaylee  Lemke

Shaylee Lemke

1589791833

Object Oriented Programming in C++ | C++ OOPs Concepts | Learn Object Oriented C++

C++ is general purpose, compiled, object-oriented programming language and its concepts served as the basis for several other languages such as Java, Python, Ruby, Perl etc.

The goal of this course is to provide you with a working knowledge of C++. We’ll start with the basics, including syntax, operators, loops, and functions. This Course will explain you how to use data structures and create your own Functions. This Course will show you the details of the powerful object and template systems so you can create useful classes and objects.

Youtube channel: ProgrammingKnowledge - https://www.youtube.com/watch?v=_SH1T3y_D7o

#c #c# #c++ #programming-c