summaryrefslogtreecommitdiff
path: root/sys/net/route.c
AgeCommit message (Collapse)Author
2013-10-20rt_mpath_next() was always called with 0 in the last argument. So drop it.Claudio Jeker
OK henning@
2013-10-17The header file netinet/in_var.h included netinet6/in6_var.h. ThisAlexander Bluhm
created a bunch of useless dependencies. Remove this implicit inclusion and do an explicit #include <netinet6/in6_var.h> when it is needed. OK mpi@ henning@
2013-08-28Remove unused argument from *rtrequest()Martin Pieuchot
ok krw@, mikeb@
2013-03-28code that calls timeout functions should include timeout.hTed Unangst
slipped by on i386, but the zaurus doesn't automagically pick it up. spotted by patrick
2013-03-28no need for a lot of code to include proc.hTed Unangst
2013-03-07Remove the IFAFREE() macro, the ifafree() function it was calling alreadyMartin Pieuchot
check for the reference counter. ok mikeb@, miod@, pelikan@, kettenis@, krw@
2012-09-20Fix a pair of typos in comments.Bret Lambert
ok claudio@
2012-09-19Make rt_lookup return a pointer to an rtentry struct instead ofBret Lambert
to a radix_node struct. The radix tree pushdown continues. ok claudio@
2012-09-19More radix internals pushdown; place rn_mpath_next, which accepts andBret Lambert
returns radix_node pointers, inside a new rt_mpath_next, which accepts and returns rtentry pointers, and start using that instead. ok claudio@
2012-09-18Wrap rtable_add() and rtable_l2set() calls inside ifioctl() inside softnet,Bret Lambert
as functions that modify routing information shouldn't be interruptable by network traffic. Also make sure that both of those functions assert that they are called at softnet. I'm reasonably sure that there shouldn't be any, but if there is any codepath that was missed, we're going to be here for another 4 days to deal with any fallout. While here, move the multitude of "int s" declarations inside ifioctl to the beginning of the function. okay claudio@
2012-07-13Use NULL instead of 0 in pointer context. approvedz blambert@Claudio Jeker
2012-05-09backout 1.134 since it introduced a use-after-free for routing entries;Markus Friedl
ok blambert@ sthen@ henning@ claudio@
2011-12-06Remove needless temporary variable for greater clarity.Bret Lambert
testing sthen@ ok sthen@ henning@ dlg@
2011-12-06don't duplicate rtfree actions taken by rtrequest1() in rtdeletemsg()Bret Lambert
testing sthen@ ok sthen@ henning@ dlg@
2011-12-06simplify the somewhat-tangled conditional maze in rt_getifa()Bret Lambert
testing sthen@ ok sthen@ henning@ dlg@
2011-07-22fix typos, martin pelikanHenning Brauer
2011-07-04LINK_STATE cleanup. It is no longer needed to special case carp(4).Claudio Jeker
LINK_STATE_IS_UP() does the trick now for all cases. OK henning@ deraadt@
2011-04-04previous commit replaced a malloc(new) with malloc(sizeof(*new)) whichBret Lambert
leads to corrupted memory; backout to await a better fix
2011-04-04stop using the stupid R_Malloc/Bcopy/Free macros, and just start usingBret Lambert
malloc/bcopy/free, the way He Who Must Not Be Named intended. "yes please" claudio@
2010-11-16If the interface address referenced by a cloning route did not pointAlexander Bluhm
to an interface any more, the kernel crashed with a null pointer dereference. This situation could be created by a strange sequence of route and ifconfig commands. Now when a cloning route references a stale interface address and rtrequest1(RTM_RESOLVE) has to create a cloned route, it does a lookup for a valid interface address with the same ip address. The new interface address and its interface are used for the new cloned route and they replace the old ones at the cloning route. ok claudio@, henning@
2010-08-25Let rtable_add() return usefull errnos so that the ioctl handler and theClaudio Jeker
rtsock code can return a more reasonable error to the user. OK henning
2010-08-24Only do the link state checking and RTF_UP dance if the routing table isClaudio Jeker
rn_mpath_capable(). Move code down into the mpath specific block. Not all routing tables support multipath and therefor priorities.
2010-07-09Add support for using IPsec in multiple rdomains.Reyk Floeter
This allows to run isakmpd/iked/ipsecctl in multiple rdomains independently (with "route exec"); the kernel will pickup the rdomain from the process context of the pfkey socket and load the flows and SAs into the matching rdomain encap routing table. The network stack also needs to pass the rdomain to the ipsec stack to lookup the correct rdomain that belongs to an interface/mbuf/... You can now run individual IPsec configs per rdomain or create IPsec VPNs between multiple rdomains on the same machine ;). Note that a primary enc(4) in addition to enc0 interface is required per rdomain, eg. enc1 rdomain 1. Test by some people, mostly on existing "rdomain 0" setups. Was in snaps for some days and people didn't complain. ok claudio@ naddy@
2010-07-09Add the rtableid to struct rttimer and therefor make it available toClaudio Jeker
the callback functions. This fixes a problem where dynamic routes in different tables would not get deleted because the callback was doing the remove on the wrong table. OK henning@
2010-07-02remove prototype of okaytoclone, which got removed in 1.117Jonathan Gray
2010-07-01Allow to specify an alternative enc(4) interface for an SA. AllReyk Floeter
traffic for this SA will appear on the specified enc interface instead of enc0 and can be filtered and monitored separately. This will allow to group individual ipsec policies to virtual interfaces and simplifies monitoring and pf filtering with many ipsec policies a lot. This diff includes the following changes: - Store the enc interface unit (default 0) in the TDB of an SA and pass it to the enc_getif() lookup when running the bpf or pf_test() handlers. - Add the pfkey SADB_X_EXT_TAP extension to communicate the encX interface unit for a specified SA between userland and kernel. - Update enc(4) again to use an allocate array instead of the TAILQ to lookup the matching enc interface in enc_getif() quickly. Discussed with many, tested by a few, will need more testing & review. ok deraadt@
2010-06-29Replace enc(4) with a new implementation as a cloner device. We stillReyk Floeter
create enc0 by default, but it is possible to add additional enc interfaces. This will be used later to allow alternative encs per policy or to have an enc per rdomain when IPsec becomes rdomain-aware. manpage bits ok jmc@ input from henning@ deraadt@ toby@ naddy@ ok henning@ claudio@
2010-06-28Add the rtable id as an argument to rn_walktree(). Functions likeClaudio Jeker
rt_if_remove_rtdelete() need to know the table id to be able to correctly remove nodes. Problem found by Andrea Parazzini and analyzed by Martin Pelikán. OK henning@
2010-06-04rt_timer_queue_destroy() did not actually destroy, leading to a potentialBret Lambert
memory leak due to misleading nomenclature. Change it to actually destroy, not just clean, the the rt_timer_queue passed to it and adjust the correct caller accordingly (i.e., no need to free the mem on our own now). As a bonus, this gets rid of one of the ridiculous R_Malloc/Bzero/Free cycles, and lets us sneak another bzero -> M_ZERO conversion in. ok claudio@
2010-05-19Require RTF_MPLS to be set when a mpls route is added or changed. To removeClaudio Jeker
only the MPLS bits from a route set rtm_fmask to RTF_MPLS. Additionally check if the nexthop is modified and in that case always remove the MPLS info since the path changed. This change makes life in userland a lot easier since the routing daemons normaly don't know about MPLS and until now they destroyed MPLS information when issuing RTM_CHANGEs. OK michele@
2010-05-07Start cleaning up the mess called rtalloc*. Kill rtalloc2, make rtalloc1Claudio Jeker
accept flags for report and nocloning. Move the rtableid into struct route (with a minor twist for now) and make a few more codepathes rdomain aware. Appart from the pf.c and route.c bits the diff is mostly mechanical. More to come... OK michele, henning
2010-03-20Don't leak memory when resizing routing table arrayBret Lambert
ok claudio@
2010-02-09Correctly track RTF_UP on RTM_CHANGE. Since the interface can changeClaudio Jeker
rt_if_linkstate_change() needs to be rerun for this route and the resulting rt_flags need to copied to the rtm_flags for userland. Problem found and diagnosed by Doran Mori. OK henning@, jsing@
2009-11-03rtables are stacked on rdomains (it is possible to have multiple routingClaudio Jeker
tables on top of a rdomain) but until now our code was a crazy mix so that it was impossible to correctly use rtables in that case. Additionally pf(4) only knows about rtables and not about rdomains. This is especially bad when tracking (possibly conflicting) states in various domains. This diff fixes all or most of these issues. It adds a lookup function to get the rdomain id based on a rtable id. Makes pf understand rdomains and allows pf to move packets between rdomains (it is similar to NAT). Because pf states now track the rdomain id as well it is necessary to modify the pfsync wire format. So old and new systems will not sync up. A lot of help by dlg@, tested by sthen@, jsg@ and probably more OK dlg@, mpf@, deraadt@
2009-10-26Replace pool_get() + bzero() with pool_get(..., PR_ZERO).Michael Knudsen
`OK' claudio
2009-10-10fix mbuf leak in rtinit()Dariusz Swiderski
the mbuf got leaked when detaching an interface, spotted by theo. fixed by me, diff refined by theo eyeballed by claudio@ 'go ahead, commit this' by theo@
2009-09-01Make rtinit() cope when there is a more specific route available thenClaudio Jeker
the one planned to remove. Do this by going through the dupedkey list looking for the right ifa. Problem found by and OK dlg, OK henning
2009-07-28Plug a memory leak when calling rtable_add(0) multiple times. Fixing thisClaudio Jeker
even though adding an already existing routing table is not allowed. Leak found by blambert@, fix by myself. OK blambert@
2009-06-05Initial support for routing domains. This allows to bind interfaces toClaudio Jeker
alternate routing table and separate them from other interfaces in distinct routing tables. The same network can now be used in any doamin at the same time without causing conflicts. This diff is mostly mechanical and adds the necessary rdomain checks accross net and netinet. L2 and IPv4 are mostly covered still missing pf and IPv6. input and tested by jsg@, phessler@ and reyk@. "put it in" deraadt@
2009-05-31Reenable interface state tracking now that I found and fixed the cause ofClaudio Jeker
the rtfree panic seen by some people.
2009-05-26inherit the route label on cloned routesReyk Floeter
ok claudio@
2009-05-18The routing table index rtableid has type unsigned int in the routingAlexander Bluhm
code. In pf rtableid == -1 means don't change the rtableid because of this rule. So it has to be signed int there. Before the value is passed from pf to route it is always checked to be >= 0. Change the type to int in pf and to u_int in netinet and netinet6 to make the checks work. Otherwise -1 may be used as an array index and the kernel crashes. ok henning@
2009-03-15Introduce splsoftassert(), similar to splassert() but for soft interruptMiod Vallat
levels. This will allow for platforms where soft interrupt levels do not map to real hardware interrupt levels to have soft ipl values overlapping hard ipl values without breaking spl asserts.
2009-02-27Do not check the link state when installing a route. This bit was missing inClaudio Jeker
the backout/disabling of the route link state tracking done a few days ago. OK deraadt@
2009-02-03Use our own flags to set the operations and not RTF_PROTOX.Michele Marchetto
Switch the padding field into a MPLS one in rt_msghdr to store relevant informations. OK claudio@ laurent@
2009-01-28Get rid of the ugly rtentry hack.Michele Marchetto
We can now act as edge node and allow ipv4 packets to enter a Label Switched Path and not just forwarding MPLS packets. OK claudio@
2009-01-08Fix sockaddr_mpls structure.Michele Marchetto
Now it contains just the label as it must be. This introduces a ugly hack in rtentry that will be removed as soon as possible. OK claudio@
2008-12-12Introduce a if_priority that will be added to RTP_STATIC when routes areClaudio Jeker
added without an expilict priority. This allows to specify less prefered interfaces that will only take over if the primary interface loses link. OK deraadt@
2008-11-24Implement link-state tracking on the routing table. Routes to interfacesClaudio Jeker
which are considered down will no be marked ~RTF_UP and so multipath routing will start to work as expected and not pump 50% of the traffic to nirvana. Most of the magic happens in rn_mpath_reprio() which fiddles with the routing table internals. The rest is more straight forward. get it in deraadt@
2008-11-21Change rn_mpath_next() to be able to walk over the full multipath listClaudio Jeker
not only over routes of the same prio. This makes it possible to modify rt_mpath_matchgate() so that if only gateway is specified without a specific priority it will scan the full list and not only the first routes. This is also needed for upcoming link state tracking.