| Age | Commit message (Collapse) | Author |
|---|
|
the callback functions. This fixes a problem where dynamic routes in
different tables would not get deleted because the callback was doing
the remove on the wrong table.
OK henning@
|
|
create enc0 by default, but it is possible to add additional enc
interfaces. This will be used later to allow alternative encs per
policy or to have an enc per rdomain when IPsec becomes rdomain-aware.
manpage bits ok jmc@
input from henning@ deraadt@ toby@ naddy@
ok henning@ claudio@
|
|
rt_if_remove_rtdelete() need to know the table id to be able to correctly
remove nodes.
Problem found by Andrea Parazzini and analyzed by Martin Pelikán.
OK henning@
|
|
accept flags for report and nocloning. Move the rtableid into struct route
(with a minor twist for now) and make a few more codepathes rdomain aware.
Appart from the pf.c and route.c bits the diff is mostly mechanical.
More to come...
OK michele, henning
|
|
and rdomainid are returned. This is necessary to know where L2 information
of a table is stored (which will be needed soon by bgpd).
Also while there change the errno for non-existing routing tables to ENOENT.
'Fine' deraadt@
|
|
rt_if_linkstate_change() needs to be rerun for this route and the
resulting rt_flags need to copied to the rtm_flags for userland.
Problem found and diagnosed by Doran Mori. OK henning@, jsing@
|
|
tables on top of a rdomain) but until now our code was a crazy mix so that
it was impossible to correctly use rtables in that case. Additionally pf(4)
only knows about rtables and not about rdomains. This is especially bad when
tracking (possibly conflicting) states in various domains.
This diff fixes all or most of these issues. It adds a lookup function to
get the rdomain id based on a rtable id. Makes pf understand rdomains and
allows pf to move packets between rdomains (it is similar to NAT).
Because pf states now track the rdomain id as well it is necessary to modify
the pfsync wire format. So old and new systems will not sync up.
A lot of help by dlg@, tested by sthen@, jsg@ and probably more
OK dlg@, mpf@, deraadt@
|
|
The RTM_VERSION bump is 2 years ago and so there is no need for this.
Diff made by tedu@ some time ago but got never commited so I do it now.
|
|
alternate routing table and separate them from other interfaces in distinct
routing tables. The same network can now be used in any doamin at the same
time without causing conflicts.
This diff is mostly mechanical and adds the necessary rdomain checks accross
net and netinet. L2 and IPv4 are mostly covered still missing pf and IPv6.
input and tested by jsg@, phessler@ and reyk@. "put it in" deraadt@
|
|
ok claudio@
|
|
code. In pf rtableid == -1 means don't change the rtableid because
of this rule. So it has to be signed int there. Before the value
is passed from pf to route it is always checked to be >= 0. Change
the type to int in pf and to u_int in netinet and netinet6 to make
the checks work. Otherwise -1 may be used as an array index and
the kernel crashes.
ok henning@
|
|
switch the rtsocket message filter specification so you can or the macros
converting the routing socket message types into the mask used by the
filter. ie:
- ROUTE_SETFILTER(rtfilter, RTM_NEWADDR);
- ROUTE_SETFILTER(rtfilter, RTM_DELADDR);
- ROUTE_SETFILTER(rtfilter, RTM_IFINFO);
- ROUTE_SETFILTER(rtfilter, RTM_IFANNOUNCE);
+ rtfilter = ROUTE_FILTER(RTM_NEWADDR) | ROUTE_FILTER(RTM_DELADDR) |
+ ROUTE_FILTER(RTM_IFINFO) | ROUTE_FILTER(RTM_IFANNOUNCE);
there's a manpage change coming.
ok claudio@
|
|
Switch the padding field into a MPLS one in rt_msghdr to store
relevant informations.
OK claudio@ laurent@
|
|
We can now act as edge node and allow ipv4 packets to
enter a Label Switched Path and not just forwarding
MPLS packets.
OK claudio@
|
|
actually a bitfield -- of routing messages a listener is interested in.
This list can be changed with a setsockopt(s, AF_ROUTE, ROUTE_MSGFILTER, ...)
call. OK henning@, dlg@
|
|
Now it contains just the label as it must be.
This introduces a ugly hack in rtentry that will be removed
as soon as possible.
OK claudio@
|
|
added without an expilict priority. This allows to specify less prefered
interfaces that will only take over if the primary interface loses link.
OK deraadt@
|
|
which are considered down will no be marked ~RTF_UP and so multipath routing
will start to work as expected and not pump 50% of the traffic to nirvana.
Most of the magic happens in rn_mpath_reprio() which fiddles with the
routing table internals. The rest is more straight forward.
get it in deraadt@
|
|
macros; ok otto
|
|
|
|
rtrequest1() everywhere now. OK henning@
|
|
get hung in nfs_reconnect() because they do not have the proper
privilages to bind to a socket, by adding a struct proc * argument
to sobind() (and the *_usrreq() routines, and finally in{6}_pcbbind)
and do the sobind() with proc0 in nfs_connect.
OK markus@, blambert@.
"go ahead" deraadt@.
Fixes an issue reported by bernd@ (Tested by bernd@).
Fixes PR5135 too.
|
|
and the one route with the lowest number wins. This will be used by the
routing daemons to resolve the synchronisations issue in case of conflicts.
The nasty bits of this are in the multipath code. If no priority is specified
the kernel will choose an appropriate priority.
Looked at by a few people at n2k8 code is much older
|
|
MPLS support partly based on the (abandoned?) AYAME project.
Basic LSR (Label Switch Router) functionality is present, but not fully
functional yet.
It is currently possible to insert entries in the LIB (Label Information Base)
with route(8), but setting the operation type is not supported yet.
Imported to allow more people to work on this in the coming weeks.
ok claudio@ laurent@ dlg@
|
|
Changes include 64bit counters instead of u_long, routing table id in the header
of most messages, reserved routing priority field, added a hdrlen field to skip
over the header so that binary compatibility becomes easier.
A minimal backward support for old binaries is included to ease upgrades but
don't expect anything more than ifconfig, route and dhclient to correctly work.
OK henning@ mglocker@
|
|
To minimise path disruptions, this implements recommendations made in RFC2992 -
the hash-threshold mechanism to select paths based on source/destination IP
address pairs, and inserts multipath routes in the middle of the route table.
To enable multipath distribution, use:
sysctl net.inet.ip.multipath=1
and/or:
sysctl net.inet6.ip6.multipath=1
testing norby@
ok claudio@ henning@ hshoexer@
|
|
manipulate alternate tables from userland. new tables are created
implicitely when an RTM_ADD for that table is seen.
ok norby claudio hshoexer
|
|
parameter so they can work on alternate tables. table 0 hardcoded for
many callers yet, that will be adapted step by step.
input + ok claudio norby hshoexer
|
|
problem before: with this, we are no longer using the address family as
array index directly, since only 3 of 31 address fanilies actually attach
a table, but we're using an address family to array index translation (just
another array). there, 0 meant "does not attach a table", thus rt_gettable
has to return a null pointer. unfortunately we were using array index 0 for
whatever af attaches first, and since the list is backwards,, that used to
be ipsec - execpt on ipsec-less ramdisks, where it was inet6, and since
route show blindly iterates over all address families, and all those
without a table pointed to index 0, we got 28 or 29 copies of the v6 table.
i had that right initally, and then i borked it later... re-spotted by
claudio.
ok norby hshoexer claudio
|
|
'route show' dump out repeated copies of the v6 routing table on ramdisks.
on some architectures it spins forever doing this, on others it just
goes for a long time printing the v6 routes over and over before terminating.
spotted by jmc and krw, backout diff tested by beck.
|
|
we trade higher memory consumption if the user doesn't use continous table
IDs, but in the worst case (table IDs 0 and 255, 64bit machine) that is 2KB
ok claudio ryan
|
|
-instead of staticaly declaring the heads, allocate memory for them
-add second dimension to the routing table head array, table ID
-space saver: do not use the AF as array index directly, but have an
AF->index translation array and only account for AFs actually attaching
a routing table
note that whil ethat allows for multiple routing table heads, nothing uses
taht yet.
tested by many, ok claudio reyk norby mcbride
|
|
cases harmless it is used by the IPv6 code. The result is that bgpd is unable
to assigning link local addresses to the correct interface. OK henning@
Fix for PR 5063.
|
|
This new rmx_refcnt can be used by route(8) to produce the same output
as netstat(1). OK henning@
|
|
directly. rather provide a rt_lookup function for regular lookups,
and a rt_gettable for those that need access to the head for some reason.
the latter cases should be revisted later probably so that nothing outside
the routing core code accesses the heads at all...
tested claudio jolan me, ok claudio markus
|
|
interface that is removed. use that from if.c and if_tun.c instead of
re-implementing in the latter case. ok claudio
|
|
request. Extend the "hack" to include more flags (RTF_PROTO[123] flags,
RTF_BLACKHOLE, RTF_REJECT and RTF_STATIC). Because rtm_use is "abused" --
rtm_use was replaced long time ago with rtm_rmx->rmx_pksent -- it is now
forced to 0 in RTM_GET requests and sysctl_dumpentry(). This is done to
prevent false changes because of a reused RTM_GET message.
OK henning@, mcbride@, makes sense markus@
|
|
router so back out the routing stuff to pre-eurobsdcon where my machine
doesn't crash immediately.
i am happy to test diffs and report success/failures but i am not happy
to have instantaneous crashes when i reboot with a new kernel that was
compiled from pristine sources.
if you are going to be an elitist asshole then you could at least make
sure your code works.
ok and "be crass towards them" deraadt@
|
|
but go through a provided wrapper.
also provide rt_lookup() instead of doing the lookup manually in many places.
ryan ok
|
|
when the interface is deleted to a function in route.c, and replace
the copies of that code by calls to that function
from basel almost-hackathon
|
|
|
|
|
|
Suggestion from Cedric Berger
ok marius@ claudio@
|
|
on the local network support them.
This adds a new socket option, SO_JUMBO, and a new route flag,
RTF_JUMBO. If _both_ the socket option is set and the route for the host
has RTF_JUMBO set, ip_output will fragment the packet to the largest
possible size for the link, ignoring the card's MTU.
The semantics of this feature will be evolving rapidly; talk to us
if you intend to use it.
ok deraadt@ marius@
|
|
theo ok
|
|
|
|
forgot to commit...
|
|
to a route.
the label is sent over the routing socket wrapped into a new
struct sockaddr_rtlabel, allowing for handling it like any other sockaddr.
struct rtentry only contains a (16 bit) label-ID, with the actual labels
kept outside the routing table.
ID allocator code inspired by my own code for altq and pf tags.
mostly hacked at the c2k4 hackathon, markus ok
|
|
route(8) takes a new -mpath modifier to enter a multipath route.
requested deraadt@, ok itojun@ mcbride@ millert@
|
|
their *source* IP address in addition to their destination address.
routing table "destination" now contains a "struct sockaddr_rtin"
for IPv4 instead of a "struct sockaddr_in".
the routing socket has been extended in a backward-compatible way.
todo: PMTU enhancements, IPv6. ok deraadt@ mcbride@
|
