From ceb4526d3350752394f274e0b65e0253ed17fa37 Mon Sep 17 00:00:00 2001
From: Masahide NAKAMURA <nakam@linux-ipv6.org>
Date: Thu, 14 Dec 2006 21:10:40 +0900
Subject: [WORKAROUND][KERNELIF] HA: Use main table for a routing entry to HA-MN tunnel device.

This is a workaround since it doesn't seem 2.6.19 kernel supports
policy routing stuff correctly for HA usage.

1. When HA boots up with policy routing enabled, it makes new rule entry
   for table 252 like below:

 $ ip -6 rule
 0:      from all lookup local
 1004:   from all lookup 252
 32766:  from all lookup main

2. When the HA becomes to have a binding cache for MN, the HA makes
   two route entries for that table:

 $ ip -6 route show table 252
 MN-HOA from HA dev eth0  proto ntk  metric 128  expires 21334372sec mtu 1500 advmss 1440 hoplimit 4294967295
 MN-HOA dev ip6tnl1  proto ntk  metric 192  expires 21334370sec mtu 1460 advmss 1400 hoplimit 4294967295

   With the kernel status above 1 and 2, the daemon exptecs a) such
   packet as "from HA to MN-HoA" goes to on-link and b) all other packet
   bounds for MN-HOA goes to tunnel device.
   It works a) but doesn't work b). It doesn't seem that kernel can find
   the FIB entry for b) on that table 252 at inbound lookup. It tries
   to find it at the main table as the last resort and use on-link prefix
   route since HA and MN-HoA has the same prefix (is home prefix).

3. This is the workaround; To fix the issue raised at 2, the routing
   entry for b) is inserted at the main table. It works.

 $ ip -6 route show table 252
 MN-HOA from HA dev eth0  proto ntk  metric 128  expires 21334372sec mtu 1500 advmss 1440 hoplimit 4294967295
 $ ip -6 route show
 MN-HOA dev ip6tnl1  proto ntk  metric 192  expires 21334370sec mtu 1460 advmss 1400 hoplimit 4294967295
 (ohter entires)...
---
 src/ha.c |    4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/ha.c b/src/ha.c
index d666222..bca4f1f 100644
--- a/src/ha.c
+++ b/src/ha.c
@@ -525,7 +525,7 @@ static int home_tnl_del(int old_if, int new_if, struct home_tnl_ops_parm *p)
 		ha_ipsec_tnl_pol_del(our_addr, peer_addr, p->bce->tunnel);
 	}
 	/* delete HoA route */
-	route_del(old_if, RT6_TABLE_MIP6,
+	route_del(old_if, RT6_TABLE_MAIN,
 		  IP6_RT_PRIO_MIP6_FWD, NULL, 0, peer_addr, 128, NULL);
 	/* update tunnel interface */
 	p->bce->tunnel = new_if;
@@ -548,7 +548,7 @@ static int home_tnl_add(int old_if, int new_if, struct home_tnl_ops_parm *p)
 	p->bce->tunnel = new_if;
 
 	/* add HoA route */
-	if (route_add(new_if, RT6_TABLE_MIP6,
+	if (route_add(new_if, RT6_TABLE_MAIN,
 		      RTPROT_MIP, 0, IP6_RT_PRIO_MIP6_FWD,
 		      NULL, 0, peer_addr, 128, NULL) < 0) {
 		p->ba_status = IP6_MH_BAS_INSUFFICIENT;
-- 
1.5.0.3