RDKB-58910 : Move the WAN IPV6 configuration from LAN bridge

[S-Parthiban-Selvaraj]

This PR moves WAN IPv6 configuration from the LAN bridge to the WAN interface itself, addressing an issue where IANA is not assigned by the BNG (Broadband Network Gateway). The changes enable the creation of IPv6 addresses on WAN interfaces from delegated prefixes when IANA addresses are not provided.

Key changes:

Removed IPv6 configuration from LAN bridge and moved it to WAN interfaces
Added new function to construct WAN IPv6 addresses from IAPD (IA Prefix Delegation)
Updated IPv6 utility functions to work with virtual interfaces instead of interface names
Cleaned up LAN-specific IPv6 handling code and legacy bridge mode logic

This PR is dependent on the following related PRs:
rdkcentral/telco-voice-manager#5
rdkcentral/utopia#69
#79
rdkcentral/provisioning-and-management#127
rdkcentral/xconf-client#20
rdkcentral/test-and-diagnostic#172
https://github.com/rdk-gdcs/firewall/pull/5
rdkcentral/sysint-broadband#34

[Copilot]

Pull request overview

Copilot reviewed 13 out of 13 changed files in this pull request and generated 7 comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 13 out of 13 changed files in this pull request and generated 8 comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 13 out of 13 changed files in this pull request and generated 5 comments.

[Copilot]

Pull request overview

Copilot reviewed 13 out of 13 changed files in this pull request and generated 5 comments.

Comments suppressed due to low confidence (2)

source/WanManager/wanmgr_dhcpv6_apis.c:1676

• wanmgr_construct_wan_address_from_IAPD() ignores the return value of WanMgr_create_eui64_ipv6_address() and then unconditionally sets addrAssigned=true/addrCmd=ADD. If address construction fails (or produces an empty/invalid address), the subsequent ip -6 addr add will be executed with bad input and the lease will be treated as valid. Please check the return value, validate the generated address string, and propagate failures (return -1 / don’t set addrAssigned) when construction or command execution fails.

    if(IPv6EUI64FormatSupport)
    {
        /* EUI-64: IID derived from WAN interface MAC — deterministically unique per interface.
         * No collision possible with LAN clients (different MACs produce different IIDs). */
        char prefStr[128] = {0};
        inet_ntop(AF_INET6, &prefix, prefStr, sizeof(prefStr));
        CcspTraceInfo(("%s %d EUI64 format is enabled, using prefix %s for WAN address\n", __FUNCTION__, __LINE__, prefStr));
        snprintf(cmdLine, sizeof(cmdLine), "%s/%d", prefStr, prefix_length);
        WanMgr_create_eui64_ipv6_address(cmdLine, pIpv6DataNew->ifname, pIpv6DataNew->address);
    }
    else
    {
        /* Non-EUI-64: Use well-known suffix ::1 (mirrors IPv4 gateway convention).
         * SLAAC EUI-64 clients never generate ::1; DHCPv6 server should exclude ::1 from pool. */
        CcspTraceInfo(("%s %d EUI64 format is not enabled, using WAN_SUFFIX %d\n", __FUNCTION__, __LINE__, WAN_SUFFIX));
        prefix.s6_addr[15] = WAN_SUFFIX;
        inet_ntop(AF_INET6, &prefix, pIpv6DataNew->address, sizeof(pIpv6DataNew->address));
    }
    
    pIpv6DataNew->addrAssigned = true;
    pIpv6DataNew->addrCmd = IFADDRCONF_ADD;

    CcspTraceInfo(("%s %d Calculated WAN address %s/128\n", __FUNCTION__, __LINE__, pIpv6DataNew->address));

source/WanManager/wanmgr_dhcpv6_apis.c:1699

• Even when ip -6 addr add ... or ip -6 neigh add proxy ... fails, the function still returns 0 and leaves addrAssigned set. Consider treating these command failures as fatal (return -1 and avoid updating sysevents/flags) so upper layers can retry or fall back cleanly.

    CcspTraceInfo(("%s %d Calculated WAN address %s/128\n", __FUNCTION__, __LINE__, pIpv6DataNew->address));
    // Assign the /128 host address on the WAN interface
    memset(cmdLine, 0, sizeof(cmdLine));
    snprintf(cmdLine, sizeof(cmdLine), "ip -6 addr add %s/128 dev %s", pIpv6DataNew->address, pIpv6DataNew->ifname);
    if (WanManager_DoSystemActionWithStatus(__FUNCTION__, cmdLine) != 0)
        CcspTraceError(("failed to run cmd: %s", cmdLine));

    /* Enable NDP proxy on the LAN bridge so the kernel responds to Neighbor Solicitations
     * for the WAN address on brlan0. This ensures:
     *  - LAN clients performing DAD for this address will get a Neighbor Advertisement back,
     *    causing their DAD to fail (preventing them from using the WAN address). */
    memset(cmdLine, 0, sizeof(cmdLine));
    snprintf(cmdLine, sizeof(cmdLine), "sysctl -w net.ipv6.conf.%s.proxy_ndp=1", COSA_DML_DHCPV6_SERVER_IFNAME);
    WanManager_DoSystemActionWithStatus(__FUNCTION__, cmdLine);

    /* Add NDP proxy entry for the WAN address on the LAN bridge.
     * This makes the kernel respond to Neighbor Solicitations for our WAN address
     * on brlan0, which:
     *  1. Enables upstream routing to reach the WAN address via the LAN bridge if needed.
     *  2. Causes DAD to fail for any LAN client that tries to use this address. */
    memset(cmdLine, 0, sizeof(cmdLine));
    snprintf(cmdLine, sizeof(cmdLine), "ip -6 neigh add proxy %s dev %s", pIpv6DataNew->address, COSA_DML_DHCPV6_SERVER_IFNAME);
    if (WanManager_DoSystemActionWithStatus(__FUNCTION__, cmdLine) != 0)
        CcspTraceError(("%s %d failed to add NDP proxy entry on %s for %s\n", __FUNCTION__, __LINE__, COSA_DML_DHCPV6_SERVER_IFNAME, pIpv6DataNew->address));