From 613d297c16a29d6e47cbfd5dedb6a91c816998ad Mon Sep 17 00:00:00 2001
From: Aditya R <arajan@redhat.com>
Date: Wed, 16 Mar 2022 13:45:49 +0530
Subject: [PATCH] core, ipv6: enable `optimistic_dad` instead of completely
 disabling Duplicate Address Detection

We are disabling duplicate address detection for `ipv6` complelety which
might not be needed so instead of setting `accept_dad` to `0` we can
still do `optimistic_dad` to `1` for required interface.

Some cons of using `optimistic_dad`
* Might be still slower than disabling DAD.
* Not good support for older kernels since it was added in later
  released of `3.x`

Signed-off-by: Aditya R <arajan@redhat.com>
---
 src/network/core_utils.rs | 19 ++++++++++---------
 1 file changed, 10 insertions(+), 9 deletions(-)

diff --git a/src/network/core_utils.rs b/src/network/core_utils.rs
index 1e580b5a8..49e6d1c90 100644
--- a/src/network/core_utils.rs
+++ b/src/network/core_utils.rs
@@ -799,11 +799,12 @@ impl CoreUtils {
                 }
 
                 if ipv6_enabled {
-                    // Disable duplicate address detection if ipv6 enabled
+                    // Enable optimistic_dad on interface if ipv6 is enabled
                     // Do not accept Router Advertisements if ipv6 is enabled
-                    let br_accept_dad = format!("/proc/sys/net/ipv6/conf/{}/accept_dad", ifname);
+                    let br_optimistic_dad =
+                        format!("/proc/sys/net/ipv6/conf/{}/optimistic_dad", ifname);
                     let br_accept_ra = format!("net/ipv6/conf/{}/accept_ra", ifname);
-                    if let Err(e) = CoreUtils::apply_sysctl_value(&br_accept_dad, "0") {
+                    if let Err(e) = CoreUtils::apply_sysctl_value(&br_optimistic_dad, "1") {
                         return Err(std::io::Error::new(
                             std::io::ErrorKind::Other,
                             format!("{}", e),
@@ -934,10 +935,10 @@ impl CoreUtils {
         }
 
         if ipv6_enabled {
-            //  Disable dad inside the container too
-            let disable_dad_in_container =
-                format!("/proc/sys/net/ipv6/conf/{}/accept_dad", container_veth);
-            if let Err(e) = CoreUtils::apply_sysctl_value(&disable_dad_in_container, "0") {
+            // Enable optimistic_dad on interface if ipv6 is enabled
+            let optimistic_dad_in_container =
+                format!("/proc/sys/net/ipv6/conf/{}/optimistic_dad", container_veth);
+            if let Err(e) = CoreUtils::apply_sysctl_value(&optimistic_dad_in_container, "1") {
                 return Err(std::io::Error::new(
                     std::io::ErrorKind::Other,
                     format!("{}", e),
@@ -1095,8 +1096,8 @@ impl CoreUtils {
         }
         if ipv6_enabled {
             // Disable duplicate address detection on host veth if ipv6 enabled
-            let k = format!("/proc/sys/net/ipv6/conf/{}/accept_dad", &host_veth);
-            match CoreUtils::apply_sysctl_value(&k, "0") {
+            let k = format!("/proc/sys/net/ipv6/conf/{}/optimistic_dad", &host_veth);
+            match CoreUtils::apply_sysctl_value(&k, "1") {
                 Ok(_) => {}
                 Err(err) => {
                     return Err(std::io::Error::new(