Age | Commit message (Collapse) | Author |
|
may have been allocated earlier by pf_get_translation(). Fixes a
pf_state_key_pl leak triggered by certain ICMP types matching a NAT
rule. Finally located with the help of pool_walk().
ok henning@ dlg@ mcbride@
|
|
|
|
Now it contains just the label as it must be.
This introduces a ugly hack in rtentry that will be removed
as soon as possible.
OK claudio@
|
|
to the flags passed to malloc() in the kernel case since we
always zero the memory and are able to fail gracefully.
remove memset()'s and bzero's accordingly and use calloc(1, ...)
in the userland case so we get it zeroed.
OK henning@, claudio@
|
|
Until now RNF_NORMAL masks did not use the refcount because only one route
in a particular subtree could have this mask. With multipath routing this is
no longer correct. The result was wrong backtracking information beeing stored
in the radix tree and so cretain lookups ended up on the wrong multipath nodes.
Use rm_refs for RNF_NORMAL masks so that all multipath routes are able
to point to the same radix_mask entry. Additional logic ensures that rm_leaf
always points back to the head of the multipath rn_dupedkey chain.
Tested by dlg@, gollo@, david@, sthen@ and a few more
This can have my OK dlg@
|
|
also up into the network stack on all interfaces. Multicast addresses are
bound to interfaces and without this local sockets did not see packets that
entered the bridge on a different interface. This should help IPv6.
OK naddy@
|
|
OK henning@
|
|
routes are added via route(8) -- those where added with the wrong priority
and so where not correctly tracked later on.
Found and tested by gollo@
|
|
when xx can do the trick or in dlg's words: "xx was a copy of x so they
could use x for some temp working and restore it from xx later? yeesh"
ok dlg@
|
|
belongs to the same multipath group instead of own wrong check which failed
to look at the priority.
Found and diff tested by gollo@
|
|
Use one assigned by tcpdump guys to keep
things in sync with them.
ok canacar@
|
|
to handle it. this is to modularise it in preparation for further changes.
in my opinion it also makes the code a lot easier to read and to maintain.
tested by sthen@ johan@
|
|
ok henning@
|
|
ok mpf@ naddy@
|
|
to the loadbalance code rename trunk_lb_gethdr() to just trunk_gethr().
ok mpf@
|
|
added without an expilict priority. This allows to specify less prefered
interfaces that will only take over if the primary interface loses link.
OK deraadt@
|
|
the rtm_priority with RTP_MASK so that userland (e.g. arp) can issue a RTM_GET
and reissue the message as RTM_DELETE.
|
|
inside if_data, so that netstat(1) and systat(1) can see them
ok dlg
|
|
type number 0x88a8 specified by 802.1ad.
from reyk on misc@. "ok, go for it" dlg
|
|
ok mpf@
|
|
- Add if_stop "stop routine" field in the ifnet struct.
ok mglocker@
|
|
from the individual drivers now that ether_ioctl() handles this.
Shrinks the i386 kernels by..
RAMDISK - 2176 bytes
RAMDISKB - 1504 bytes
RAMDISKC - 736 bytes
Tested by naddy@/okan@/sthen@/brad@/todd@/jmc@ and lots of users.
Build tested on almost all archs by todd@/brad@
ok naddy@
|
|
Use a 1 tick timeout() to determine if the kernel even manages to get
below softclock (from an old diff by mpf). If our timeout comes late,
reduce the high water marks (to half) for all network interfaces, thus
starving them of future packet allocations for their RX rings. For a
few ticks longer, also block the high water marks from rising even if
RX ring empty conditions would prod us to do so.
Cards may start dropping some packets off the end of their smaller RX
rings, but we were not able to do the work required in any case. With
less interrupt time and mbuf movement, the system finds time to make
progress at the network queues. Userland even gets to run.
A x40 tuned to 600MHz shows no real reduction in performance. But a
soekris has a working console now.
ok dlg claudio, and art liked it too
|
|
it is very confusing like this.
ok deraadt@ canacar@
|
|
watermark for mbuf cluster allocations.
this is necessary for things like bge which cannot cope with less than a
certain number of pkts on the ring.
ok deraadt@
|
|
the per ifp cluster allocator. should prevent the hwm being raised
innapropriately when a driver fills its rx ring for the first time.
|
|
allocators again.
|
|
ok dlg
|
|
but don't do that in m_free() as that will cause a double loop behaviour when
called via m_freem().
OK dlg@, deraadt@
|
|
functions will never ever be called in parallel. dlg@ concured
|
|
other option
ok dlg
|
|
whether we're called from the interrupt context to the functions
performing allocations.
Looked at by mpf@ and henning@, tested by mpf@ and Antti Harri,
the pr originator.
ok tedu
|
|
of. currently limited to MCLBYTES (2048 bytes) and 4096 bytes until pools
can allocate objects of sizes greater than PAGESIZE.
this allows drivers to ask for "jumbo" packets to fill rx rings with.
the second half of this change is per interface mbuf cluster allocator
statistics. drivers can use the new interface (MCLGETI), which will use
these stats to selectively fail allocations based on demand for mbufs. if
the driver isnt rapidly consuming rx mbufs, we dont allow it to allocate
many to put on its rx ring.
drivers require modifications to take advantage of both the new allocation
semantic and large clusters.
this was written and developed with deraadt@ over the last two days
ok deraadt@ claudio@
|
|
which are considered down will no be marked ~RTF_UP and so multipath routing
will start to work as expected and not pump 50% of the traffic to nirvana.
Most of the magic happens in rn_mpath_reprio() which fiddles with the
routing table internals. The rest is more straight forward.
get it in deraadt@
|
|
part of a server. there's no configuration yet, and several other drawbacks,
but it can be hammered into shape. i haven't moved the code forward in a year,
and marco wants it in the tree to hack on.
|
|
callers (plus an upcomming one). OK henning@, dlg@
|
|
not only over routes of the same prio. This makes it possible to modify
rt_mpath_matchgate() so that if only gateway is specified without a specific
priority it will scan the full list and not only the first routes.
This is also needed for upcoming link state tracking.
|
|
not using TRUNK_PROTO_NONE and there are no member ports.
ok mpf@
|
|
addressing in IPv6 likes to do ifp = ifindex2ifnet[ifindex] without properly
checking if the ifindex is valid. As a side-effect this solves parts of
PR 5981. Debugged by jsing@. OK jsing@, deraadt@
|
|
creates the VLAN encapsulation from the tag stored in the mbuf
header. Idea from FreeBSD, input from claudio@ and canacar@.
Switch all hardware VLAN enabled drivers to the new function.
ok claudio@
|
|
ethernet header. This lets us actually process the incoming
LACP-Packets. It should now work with a lot more switches.
At least a Catalyst 3500 seems happy.
OK brad@
|
|
macros; ok otto
|
|
|
|
EVL_PRIOFTAG macro.
ok naddy@
|
|
OK claudio@ laurent@
|
|
before the protocol start routine is called so as to cover all protocols
with the same check.
ok mpf@
|
|
MPLS TTL is mapped into network layer one as the packet exits the LSP.
Just IPv4 support for now.
Added the relevant sysctls to enable this behaviour.
Input and OK claudio@
|
|
|
|
We could re-embed the scope-id before we do the route lookup,
but then we would just find the very interface we've received
the packet on anyway.
OK markus@, claudio@, henning@
|
|
OK: claudio@ henning@
|