summaryrefslogtreecommitdiff
path: root/sys/net
AgeCommit message (Collapse)Author
2009-01-16In pf_test_rule(), if we don't create a state, free any state keys thatDavid Krause
may have been allocated earlier by pf_get_translation(). Fixes a pf_state_key_pl leak triggered by certain ICMP types matching a NAT rule. Finally located with the help of pool_walk(). ok henning@ dlg@ mcbride@
2009-01-09fix egress group matching for IPv6; ok claudio@David Krause
2009-01-08Fix sockaddr_mpls structure.Michele Marchetto
Now it contains just the label as it must be. This introduces a ugly hack in rtentry that will be removed as soon as possible. OK claudio@
2009-01-06Always check rs_malloc() returns. Also add M_ZERO and M_CANFAILThordur I. Bjornsson
to the flags passed to malloc() in the kernel case since we always zero the memory and are able to fail gracefully. remove memset()'s and bzero's accordingly and use calloc(1, ...) in the userland case so we get it zeroed. OK henning@, claudio@
2009-01-06Change the way way rn_mklists work (especially the RNF_NORMAL ones).Claudio Jeker
Until now RNF_NORMAL masks did not use the refcount because only one route in a particular subtree could have this mask. With multipath routing this is no longer correct. The result was wrong backtracking information beeing stored in the radix tree and so cretain lookups ended up on the wrong multipath nodes. Use rm_refs for RNF_NORMAL masks so that all multipath routes are able to point to the same radix_mask entry. Additional logic ensures that rm_leaf always points back to the head of the multipath rn_dupedkey chain. Tested by dlg@, gollo@, david@, sthen@ and a few more This can have my OK dlg@
2009-01-06Send broadcast and multicast traffic not only out on all bridge interfaces butClaudio Jeker
also up into the network stack on all interfaces. Multicast addresses are bound to interfaces and without this local sockets did not see packets that entered the bridge on a different interface. This should help IPv6. OK naddy@
2009-01-03sync flow sequence ids on all used pflow interfaces.Joerg Goltermann
OK henning@
2009-01-03Write back the priority the kernel used. Fixes a problem seen in ospfd whenClaudio Jeker
routes are added via route(8) -- those where added with the wrong priority and so where not correctly tracked later on. Found and tested by gollo@
2008-12-29At least try to make this code a bit easier to read. Don't fiddle with xClaudio Jeker
when xx can do the trick or in dlg's words: "xx was a copy of x so they could use x for some temp working and restore it from xx later? yeesh" ok dlg@
2008-12-29Use rn_mpath_next() in rtalloc_mpath() to figure out if the next routeClaudio Jeker
belongs to the same multipath group instead of own wrong check which failed to look at the priority. Found and diff tested by gollo@
2008-12-22Change DLT_MPLS number.Michele Marchetto
Use one assigned by tcpdump guys to keep things in sync with them. ok canacar@
2008-12-21split the pfsync input routine up so that each action has its own functionDavid Gwynne
to handle it. this is to modularise it in preparation for further changes. in my opinion it also makes the code a lot easier to read and to maintain. tested by sthen@ johan@
2008-12-18Remove redundant function prototypes which are already in pfvar.hDavid Hill
ok henning@
2008-12-14Allow trunk_hashmbuf() to take HW VLAN tagging into consideration.Brad Smith
ok mpf@ naddy@
2008-12-14Since trunk_hashmbuf() and thus trunk_lb_gethdr() are no longer specificBrad Smith
to the loadbalance code rename trunk_lb_gethdr() to just trunk_gethr(). ok mpf@
2008-12-12Introduce a if_priority that will be added to RTP_STATIC when routes areClaudio Jeker
added without an expilict priority. This allows to specify less prefered interfaces that will only take over if the primary interface loses link. OK deraadt@
2008-12-12Make sure that incomming routing messages don't have RTP_DOWN set. MaskClaudio Jeker
the rtm_priority with RTP_MASK so that userland (e.g. arp) can issue a RTM_GET and reissue the message as RTM_DELETE.
2008-12-11export per-interface mbuf cluster pool use statistics out to userlandTheo de Raadt
inside if_data, so that netstat(1) and systat(1) can see them ok dlg
2008-12-05add ethertype and tcpdump support for VLAN stacking (QinQ) withStuart Henderson
type number 0x88a8 specified by 802.1ad. from reyk on misc@. "ok, go for it" dlg
2008-12-01A bit more cleanup.Brad Smith
ok mpf@
2008-11-30- Remove unused if_reset "bus reset routine" field in the ifnet struct.Brad Smith
- Add if_stop "stop routine" field in the ifnet struct. ok mglocker@
2008-11-28Eliminate the redundant bits of code for MTU and multicast handlingBrad Smith
from the individual drivers now that ether_ioctl() handles this. Shrinks the i386 kernels by.. RAMDISK - 2176 bytes RAMDISKB - 1504 bytes RAMDISKC - 736 bytes Tested by naddy@/okan@/sthen@/brad@/todd@/jmc@ and lots of users. Build tested on almost all archs by todd@/brad@ ok naddy@
2008-11-26Avoid network livelock.Theo de Raadt
Use a 1 tick timeout() to determine if the kernel even manages to get below softclock (from an old diff by mpf). If our timeout comes late, reduce the high water marks (to half) for all network interfaces, thus starving them of future packet allocations for their RX rings. For a few ticks longer, also block the high water marks from rising even if RX ring empty conditions would prod us to do so. Cards may start dropping some packets off the end of their smaller RX rings, but we were not able to do the work required in any case. With less interrupt time and mbuf movement, the system finds time to make progress at the network queues. Userland even gets to run. A x40 tuned to 600MHz shows no real reduction in performance. But a soekris has a working console now. ok dlg claudio, and art liked it too
2008-11-26dont have bpf.h expose the kernel ticks variable wherever it is includeing.David Gwynne
it is very confusing like this. ok deraadt@ canacar@
2008-11-26provide m_clsetlwm, an interface for an interface to raise its lowDavid Gwynne
watermark for mbuf cluster allocations. this is necessary for things like bge which cannot cope with less than a certain number of pkts on the ring. ok deraadt@
2008-11-25expect if_flags to have IFF_RUNNING rather than IFF_UP before modifyingDavid Gwynne
the per ifp cluster allocator. should prevent the hwm being raised innapropriately when a driver fills its rx ring for the first time.
2008-11-25art says he doesnt suck anymore, so enable the really big clusterDavid Gwynne
allocators again.
2008-11-25Factor increases are not needed, +1 appears to work as well.Theo de Raadt
ok dlg
2008-11-25m_cluncount() needs to walk the mbuf chain to correctly uncount all clustersClaudio Jeker
but don't do that in m_free() as that will cause a double loop behaviour when called via m_freem(). OK dlg@, deraadt@
2008-11-24Remove the IFF_OACTIVE dance in gif_start this is not needed because startClaudio Jeker
functions will never ever be called in parallel. dlg@ concured
2008-11-24move MCLPOOLS to if.h and force uipc_mbuf.c to get if.h, there is noTheo de Raadt
other option ok dlg
2008-11-24Fix splasserts seen in pr 5987 by propagating a flag that discribesMike Belopuhov
whether we're called from the interrupt context to the functions performing allocations. Looked at by mpf@ and henning@, tested by mpf@ and Antti Harri, the pr originator. ok tedu
2008-11-24add several backend pools to allocate mbufs clusters of various sizes outDavid Gwynne
of. currently limited to MCLBYTES (2048 bytes) and 4096 bytes until pools can allocate objects of sizes greater than PAGESIZE. this allows drivers to ask for "jumbo" packets to fill rx rings with. the second half of this change is per interface mbuf cluster allocator statistics. drivers can use the new interface (MCLGETI), which will use these stats to selectively fail allocations based on demand for mbufs. if the driver isnt rapidly consuming rx mbufs, we dont allow it to allocate many to put on its rx ring. drivers require modifications to take advantage of both the new allocation semantic and large clusters. this was written and developed with deraadt@ over the last two days ok deraadt@ claudio@
2008-11-24Implement link-state tracking on the routing table. Routes to interfacesClaudio Jeker
which are considered down will no be marked ~RTF_UP and so multipath routing will start to work as expected and not pump 50% of the traffic to nirvana. Most of the magic happens in rn_mpath_reprio() which fiddles with the routing table internals. The rest is more straight forward. get it in deraadt@
2008-11-23softraid support for ata over ethernet (aoe). this includes a client andTed Unangst
part of a server. there's no configuration yet, and several other drawbacks, but it can be hammered into shape. i haven't moved the code forward in a year, and marco wants it in the tree to hack on.
2008-11-22Allow rt_msg1() to get a NULL as struct rt_addrinfo this simplifies a fewClaudio Jeker
callers (plus an upcomming one). OK henning@, dlg@
2008-11-21Change rn_mpath_next() to be able to walk over the full multipath listClaudio Jeker
not only over routes of the same prio. This makes it possible to modify rt_mpath_matchgate() so that if only gateway is specified without a specific priority it will scan the full list and not only the first routes. This is also needed for upcoming link state tracking.
2008-11-16Make sure to increment the the output error counter ifBrad Smith
not using TRUNK_PROTO_NONE and there are no member ports. ok mpf@
2008-11-10Clear ifindex2ifnet[] in if_detach() this is needed because link localClaudio Jeker
addressing in IPv6 likes to do ifp = ifindex2ifnet[ifindex] without properly checking if the ifindex is valid. As a side-effect this solves parts of PR 5981. Debugged by jsing@. OK jsing@, deraadt@
2008-11-09Introduce bpf_mtap_ether(), which for the benefit of bpf listenersChristian Weisgerber
creates the VLAN encapsulation from the tag stored in the mbuf header. Idea from FreeBSD, input from claudio@ and canacar@. Switch all hardware VLAN enabled drivers to the new function. ok claudio@
2008-11-08Take into account that our ether_input() already strips theMarco Pfatschbacher
ethernet header. This lets us actually process the incoming LACP-Packets. It should now work with a lot more switches. At least a Catalyst 3500 seems happy. OK brad@
2008-11-07use do { } while (/* CONSTCOND */ 0) construct for all multi-line functional ↵Theo de Raadt
macros; ok otto
2008-11-07give this some /* CONSTCOND */ loveTheo de Raadt
2008-11-07Replace the number of bits to shift with EVL_PRIO_BITS in theBrad Smith
EVL_PRIOFTAG macro. ok naddy@
2008-11-06Introduced IPv6 support of uniform model for TTL handling.Michele Marchetto
OK claudio@ laurent@
2008-11-04Move the trunk port count check from trunk_lb_start() to trunk_start()Brad Smith
before the protocol start routine is called so as to cover all protocols with the same check. ok mpf@
2008-11-01Introduced Uniform Model for TTL handling.Michele Marchetto
MPLS TTL is mapped into network layer one as the packet exits the LSP. Just IPv4 support for now. Added the relevant sysctls to enable this behaviour. Input and OK claudio@
2008-10-30Fix building with !INET6 kernels.Brad Smith
2008-10-28Always skip "urpf-failed" test for IPv6 link local addresses.Marco Pfatschbacher
We could re-embed the scope-id before we do the route lookup, but then we would just find the very interface we've received the packet on anyway. OK markus@, claudio@, henning@
2008-10-28add support for multiple pflow(4) interfacesJoerg Goltermann
OK: claudio@ henning@