summaryrefslogtreecommitdiff
path: root/sys/net/if_gre.c
AgeCommit message (Collapse)Author
2022-06-26The "ifq_set_maxlen(..., 1);" hack we use to enforce pipex(4) relatedVitaliy Makkoveev
(*if_qstart)() be always called with netlock held doesn't work anymore with PPPOE sessions. Introduce `pipex_list_mtx' mutex(9) and use it to protect global pipex(4) lists and radix trees. Protect pipex(4) `session' dereference with reference counters, because we could sleep when accessing pipex(4) from ioctl(2) path, and this is not possible with mutex(9) held. ok bluhm@
2021-03-10spellingJonathan Gray
ok gnezdo@ semarie@ mpi@
2021-02-27trim some code i accidentally left into the nvgre add address functionDavid Gwynne
2021-02-27recover scope from v6 nvgre endpoint addresses for userland to look at.David Gwynne
2021-02-26use a uint64_t for the ethernet address in the etherbridge table.David Gwynne
testing has shown up to a 30% improvement in the veb forwarding rate with this change. an earlier diff was tested by hrvoje popovski tested on amd64 and sparc64
2021-02-24add support for adding and deleting mac addr entries on nvgre.David Gwynne
the guts of this are in the etherbridge code which i added for veb and used in bpe. there's a bit of boilerplate to make sure that the addresses used for the endpoints will work with the tunnel addresses that have been configured, but it's not too bad. again, this is hard to use because ifconfig doesnt (yet) know how to put ethernet addresses into the "add address" ioctl. these ioctls could be used for things like evpn via bgpd though. not sure if that's interesting to anyone though. it would probably be more useful on vxlan interfaces.
2021-02-21cut nvgre(4) over to use common etherbridge code.David Gwynne
the "ports" that nvgre provides to etherbridge are ip addresses used in the underlay network. ok patrick@ jmatthew@
2021-02-20move gre and mgre from calling l3 input handlers to using if_vinput.David Gwynne
using if_vinput factors out a lot of repeated code between tunnel drivers, and it means monitor mode works on gre and mgre now too. make the l2 gre interfaces do some things in the same order while here.
2021-01-19gre(4): convert ifunit() to if_unit(9)mvs
ok dlg@
2020-12-12Rename the macro MCLGETI to MCLGETL and removes the dead parameter ifp.jan
OK dlg@, bluhm@ No Opinion mpi@ Not against it claudio@
2020-12-10Convert gre_sysctl to sysctl_bounded_arrgnezdo
Fixed up a reference to gre_wccp where a fixed value from wwcp standard was intended. ok gkoehler@
2020-11-03replace the nvgre node when the endpoint ip changes.David Gwynne
this helps nvgre follow things like carp masters changing on the inside of the virtual network. "makes sense" jmatthew@
2020-08-28Add missing #if's to fix build without bpf(4).mvs
ok deraadt@
2020-08-21Leave default ifq_maxlen handling to ifq_init()kn
Most clonable interface drivers (except bridge, enc, loop, pppx, switch, trunk and vlan) initialise the send queue's length to IFQ_MAXLEN during *_clone_create() even though ifq_init(), which is eventually called through if_attach(), does the same. Remove all early "ifq_set_maxlen(&ifq->if_snd, IFQ_MAXLEN);" lines to leave it to ifq_init() and have clonable drivers a tad more in sync. OK mvs
2020-07-10Change users of IFQ_SET_MAXLEN() and IFQ_IS_EMPTY() to use the "new" API.Patrick Wildt
ok dlg@ tobhe@
2020-06-17make ph_flowid in mbufs 16bits by storing whether it's set in csum_flags.David Gwynne
i've been wanting to do this for a while, and now that we've got stoeplitz and it gives us 16 bits, it seems like the right time.
2020-04-12Stop processing packets under non-exclusive (read) netlock.Martin Pieuchot
Prevent concurrency in the socket layer which is not ready for that. Two recent data corruptions in pfsync(4) and the socket layer pointed out that, at least, tun(4) was incorrectly using NET_RUNLOCK(). Until we find a way in software to avoid future mistakes and to make sure that only the softnet thread and some ioctls are safe to use a read version of the lock, put everything back to the exclusive version. ok stsp@, visa@
2019-11-10whitespace fixes, no functional changeDavid Gwynne
2019-11-07turn the linkstate hooks into a task list, like the detach hooks.David Gwynne
this is largely mechanical, except for carp. this moves the addition of the carp link state hook after we're committed to using the new interface as a carpdev. because the add can't fail, we avoid a complicated unwind dance. also, this tweaks the carp linkstate hook so it only updates the relevant carp interface, not all of the carpdevs on the parent. hrvoje popovski has tested an early version of this diff and it's generally ok, but there's some splasserts that this diff fires that i'll fix in an upcoming diff. ok claudio@
2019-11-06replace the hooks used with if_detachhooks with a task list.David Gwynne
the main semantic change is that things registering detach hooks have to allocate and set a task structure that then gets added to the list. this means if the task is allocated up front (eg, as part of carps softc or bridges port structure), it avoids the possibility that adding a hook can fail. a lot of drivers weren't checking for failure, and unwinding state in the event of failure in other parts was error prone. while doing this i discovered that the list operations have to be in a particular order, but drivers weren't doing that consistently either. this diff wraps the list ops up so you have to seriously go out of your way to screw them up. ive also sprinkled some NET_ASSERT_LOCKED around the list operations so we can make sure there's no potential for the list to be corrupted, especially while it's being run. hrvoje popovski has tested this a bit, and some issues he discovered have been fixed. ok sashan@
2019-07-29The IPv6 duplicate address detection may send a packet before theAlexander Bluhm
gre tunnel is set up. This could cause a panic. In gre(4) reject outgoing packets during that time window. While there, count interface errors and use generic unhandled_af(). bug reported by andreas at nullbyte dot se; OK dlg@
2019-07-17Introduce ETHER_IS_BROADCAST/ANYADDR/EQ() and use them where appropriate.Martin Pieuchot
ok dlg@, sthen@, millert@
2019-04-23give gre and mgre percpu counters tooDavid Gwynne
makes input bytes and packets consistent
2019-04-23a first cut at converting some virtual ethernet interfaces to if_vinputDavid Gwynne
this let's input processing bypass ifiqs. there's a performance benefit from this, and it will let me tweak the backpressure detection mechanism that ifiqs use without impacting on a stack of virtual interfaces. ive tested all of these except mpw, which i will end up testing soon anyway.
2019-04-22support rxprioDavid Gwynne
i need to come back to this and make it flow a bit better, but this is a good start.
2019-04-19use the common code in if.c to check if txhprio is good.David Gwynne
no functional change.
2019-04-15Use timeout_del_barrier(9) instead of timeout_del(9) followed byVisa Hankala
conditional timeout_barrier(9). OK kn@ dlg@
2019-01-04make kernel build without MPLS/mpe/mpwSebastian Benoit
ok claudio@ dlg@
2019-01-04make kernel build without INET6 again.Sebastian Benoit
ok dlg@
2018-12-17Handle SIOCADDMULTI and SIOCDELMULTI as nops in ioctl code.David Gwynne
There's nothing underneath the tunnels that needs configuration, so there's no point in keepign track of configured multicast addresses. We will at least save a bit of memory.
2018-12-17If something like ether_ioctl returns ENETRESET, don't let it bubble out.David Gwynne
ENETRESET in hardware drivers means you should reprogram the hardware. There's no hardware to reprogram, so just turn it into 0 on the way out.
2018-12-03Convert more MH_ALIGN() to m_align(). Also switch from m_gethdr/M_GETHDRClaudio Jeker
calls to m_get/M_GET calls because M_MOVE_PKTHDR() is initialising the pkthdr and so it is not needed when allocation the header. OK bluhm@
2018-11-29allow configuration of ecn processingDavid Gwynne
this is a step toward better rfc6040 support ok claudio@
2018-11-15the variable holding the ip tos should be called tos, not ttl.David Gwynne
no functional change.
2018-11-14use the txprio setting to populate the tos in keepalive packets.David Gwynne
the mbuf prio will still be set according to the llprio value, but the tos on the packet may be forced to a specific number by txprio
2018-11-14according to ip_ipip.c, rfc1853 says not to copy the ttl on decapsulationDavid Gwynne
rfc1853 is about IP in IP Tunneling. rfc2003 about IP Encapsulation within IP agrees.
2018-11-13add txprio support to gre, mgre, egre, nvgre, and eoipDavid Gwynne
for l3 interfaces (gre and mgre), allow txprio from the payload, the mbuf, or a hardcoded value. for l2 interfaces (egre, ngre, and eoip), get txprio from the mbuf or a hardcoded value. ok claudio@
2018-11-12set the hardmtu on ether encap ifs so the mtu can be raised above 1500David Gwynne
2018-11-11when encapsulating mpls, map the mpls qos value to an ip tos.David Gwynne
2018-11-11actually use the if_llprio to set the mbuf prio.David Gwynne
the llprio is already used to set the gre and eoip packet tos/tclass, but it was queued at the default prio before this.
2018-11-11use the llprio on gre(4) and eoip(4) interfaces for the keepalive tosDavid Gwynne
llprios are valued 0 to 7, while the ip tos/dscp/tclass is an 8 bit value. fortunately the high 3 bits map nicely to the llprio values, so we shift the llprio into place when generating the keepalive frames. the llprio is defaulted to the value that cisco uses for their gre keepalives.
2018-10-25start both the sc_ka_send and sc_ka_hold timeout whenDavid Gwynne
the timeout gets configured instead of gre_up(). this avoids complex gre_ioctl() ordering rules and enables the sc_ka_hold timeout before the first packet is received. from markus@
2018-10-18provide a default case for all switch statements handling address familiesDavid Gwynne
from markus@
2018-10-18make sure keepalive ioctl values are either both zero, or both not zero.David Gwynne
2018-10-18make sure the tunnel is configured in gre_keepalive_sendDavid Gwynne
check sc_tunnel.t_af for AF_UNSPEC, otherwise we panic in gre_encap() from markus@
2018-10-18move the timeout_add in gre_keepalive_send up.David Gwynne
gre_keepalive_send() should re-schedule immediately, otherwise we stop sending keepalive on temporary mbuf shortage or if the configuration is incomplete. from markus@
2018-10-18Process incoming gre(4) keepalives early to avoid bpf seeing them.David Gwynne
The packet processing done after the protocol detection effectively gets thrown away by the keepalive handling, so this saves some time, and avoids confusing tcpdump on the interface. Keepalives the driver transmits aren't made available for bpf, so taking it away from the receive side is consistent. discussed with and tested by markus@
2018-10-16pull and put the traffic class in ipv6 headersDavid Gwynne
this gives ipv6 handling equivalent the tos stuff in ipv4. ok visa@ benno@
2018-07-24When a GRE packet goes to "decline", the mbuf pointer was not updatedYASUOKA Masahiko
properly. This had caused an panic when the mbuf pointer is updated. Found by IIJ. ok dlg
2018-05-28implement support for MikroTik's Ethernet over IP protocol as eoip(4)David Gwynne
it is sort of like egre(4), but different enough to warrant separate handling. more specifically, eoip sits under gre 1, not 0, and has it's own protocol id (0x6400). the gre key field is mandantory (the rest cannot be set) which is split into a 16 bit length field and a 16 bit tunnel id. lastly, it has a keepalive mechanism where peers send 0 length packets as hellos to each other periodically, which has no equivalent in egre(4) and is different to the gre(4) keepalives. ok sthen@