| Age | Commit message (Collapse) | Author |
|---|
|
prevent an off-by-one when removing entries from the mpath list.
Fix a regression introduced by the refactoring needed to serialize
rtable_walk() with create/delete.
ok jca@
|
|
aware of the direction of the packet. Now nat-to can be used by
in rules and together with divert-to. Collisions with existing
states are found and produce a "NAT proxy port allocation failed"
message.
OK henning@ mikeb@
|
|
ok deraadt@ mikeb@
|
|
art_walk now explicitly takes the same lock used to serialise change
made via rtable_insert and _delete, so it can safely adjust the
refcnts on tables while it recurses into them. they need to still
exist when returning out of the recursion.
it uses srps to access nodes and drops the lock before calling the
callback function. this is because some callbacks sleep (eg, copyout
in the sysctl code that dumps an rtable to userland), which you
shouldnt hold a lock accross. other callbacks attempt to modify
the rtable (eg, marking routes as down when then interface theyre
on goes down), which tries to take the lock again, which probably
wont work in the future.
ok jmatthew@ mpi@
|
|
existing log in pf_state_key_attach() from the failed to the reuse
case.
OK mikeb@
|
|
The umb(4) driver provides support for USB MBIM devices.
Those devices establish connections via celluar networks such as
GPRS, UMTS, and LTE.
ok mpi@ sthen@
additional feedback from deraadt@ jmc@ stsp@ kettenis@
|
|
has been moved to nd6_resolve().
ok visa@, millert@, florian@, sthen@
|
|
byte order. Spotted by Gleb Smirnoff (glebius@FreeBSD.org), thanks!
ok tedu
|
|
new "llprio" setting on the pppoe(4) interface instead.
Tested by Daniel Gillen and myself, ok mikeb
|
|
``rt->rt_ifa'' later.
|
|
memory.
This will allow to unlink 'sruct rtentry' and 'struct ifaddr' to be able
to add route entries without needing an address.
ok sthen@, visa@, florian@
|
|
art_lookup and art_match now return an active srp_ref, which the caller must
leave when it's done with the returned route (if any). This allows lookups
to be done without holding any locks.
The art_table and art_node garbage collectors are still responsible for
freeing items removed from the routing table, so they now use srp_finalize
to wait out any active references, and updates are done using srp_swap
operations.
ok dlg@ mpi@
|
|
to ifconfig.
"llprio" allows one to set the priority of packets that do not go through
pf(4), as the case is for arp(4) or bpf(4).
ok sthen@ mikeb@
|
|
|
|
rename it to nd6_resolve().
This allows us to get rid of non-Ethernet hacks by moving Ethernet
specific logic in the appropriate layer.
ok sthen@
|
|
no need to loop another copy on the receiving interface.
Reported by and ok uebayasi@
|
|
when adding a route to gateway to ensure a most specific match.
This makes "# route add" coherent to "# route get" even with
p2p interfaces. Fix a problem reported by Mart Tõnso.
ok vgross@
|
|
ok mglocker
|
|
|
|
this will allow us to sleep in srp_finalize before freeing the
memory.
the defer is done by putting the tables and nodes on a list which
is serviced by a task. the task removes all the entries from the
list and pool_puts them.
the art_tables gc code uses at_parent as its list entry, and the
art_node gc code uses a union with the an_dst pointer. both at_parent
and an_dst are only used when theyre active as part of an art data
structure, and are not used in lookups. once the art is done with
them we can reuse these pointers safely.
ok mpi@
|
|
time_second is unix time so it can be affected by clock changes.
time_uptime is monotonic so it isnt affected by clock changes. that
in turn means route expiries wont jump with clock changes if set
against time_uptime.
the expiry is translated into unix time for export to userland though.
ok mpi@
|
|
|
|
in the future a table may also be referenced by a cpu reading it
with srp as well as the art rtable, so try and make sure it is
always usable.
ok mpi@
|
|
to the original BSD routing table.
All route(8) and arp(8) tests still pass.
Fix a harmless underflow reported by Hrvoje Popovski.
|
|
this makes the node usable as soon as it is in the tree, rather
than after it inserts the rtentry on the node.
ok mpi@
|
|
ok mpi@
|
|
operations cant drop the refcount to 0.
ok mpi@
|
|
ok mpi@
|
|
resolution is required.
This will allow us to enforce that no route entry is inserted in
the routing table after ether_output().
This is now possible because if_output() is no longer called with
a NULL route argument.
Tested by Hrvoje Popovski, ok visa@, bluhm@
|
|
becomes DOWN.
This follows the same reasonning as for L2 (cloned) entries.
Hopefully enough to fix tedu@'s stale RTF_DYNAMIC routes when switching
WiFi network during suspend/resume.
ok sthen@
|
|
ok sthen@, bluhm@
|
|
Help to track the leak from Hrvoje Popovski, ok bluhm@
|
|
priority. This is translated into an 802.1p priority tag when
sent over a vlan interface, reducing the risk of them being
crowded out by data packets on a busy link.
Some users have problems with ISPs that place specific
requirements on vlan priority (typically the packet header
value must be '0', relating to priority 1). This diff
doesn't fix that yet, but gives a single place to patch
to change tags on control packets without affecting
normal vlan priority operation on other interfaces.
ok mikeb.
|
|
the packet has been feed to the pseudo-interfaces input handlers.
To fix that without introducing a layer violation we should be able to
disable HW-vlan on parent when in use with different pseudo-interfaces.
In the case of bridge(4) for example it makes no sense to let the interface
remove the VLAN header if the kernel has to add it back for every packet.
Fix issues reported by sebastia@ and markus@
From dlg@, ok claudio@
|
|
pf_test calls pf_refragment6 with dst=NULL, which is passed down to
rtable_match which attempts to dereference it.
|
|
ok bluhm@
|
|
via unions, and we don't want to make it easy to control the target.
instead an integer index into an array of acceptable functions is used.
drivers using custom functions must register them to receive an index.
ok deraadt
|
|
This refactoring aims to reduce the number of places where a route entry is
inserted in the routing table.
ok bluhm@
|
|
routines are call directly by ether_input().
ok visa@, dlg@
|
|
the srp_ref struct is used to track the location of the callers
hazard pointer so later calls to srp_follow and srp_enter already
know what to clear. this in turn means most of the caveats around
using srps go away. specifically, you can now:
- switch cpus while holding an srp ref
- ie, you can sleep while holding an srp ref
- you can take and release srp refs in any order
the original intent was to simplify use of the api when dealing
with complicated data structures. the caller now no longer has to
track the location of the srp a value was fetched from, the srp_ref
effectively does that for you.
srp lists have been refactored to use srp_refs instead of srpl_iter
structs.
this is in preparation of using srps inside the ART code. ART is a
complicated data structure, and lookups require overlapping holds
of srp references.
ok mpi@ jmatthew@
|
|
this makes it more obvious that the bpf code should only read
packets, never modify them.
now possible because the paths that care about M_FILDROP set it
after calling bpf_mtap.
ok mpi@ visa@ deraadt@
|
|
ok mpi@
|
|
hint.
ok kettenis@, deraadt@
|
|
Use a new task that runs holding the KERNEL_LOCK to execute mp-unsafe
code. Our current goal is to progressively move input functions to the
unlocked task.
This gives a small performance boost confirmed by Hrvoje Popovski's
IPv4 forwarding measurement:
before: after:
send receive send receive
400kpps 400kpps 400kpps 400kpps
500kpps 500kpps 500kpps 500kpps
600kpps 600kpps 600kpps 600kpps
650kpps 650kpps 650kpps 640kpps
700kpps 700kpps 700kpps 700kpps
720kpps 640kpps 720kpps 710kpps
800kpps 640kpps 800kpps 650kpps
1.4Mpps 570kpps 1.4Mpps 590kpps
14Mpps 570kpps 14Mpps 590kpps
ok kettenis@, bluhm@, dlg@
|
|
Apparently nobody can hit this condition anymore or people do not
report bugs if their kernel do not panic.
ok dlg@, sashan@
|
|
callbacks return EAGAIN if they modify the routing table. While we're here,
simplify life for rtable_walk callers by moving the loop that restarts the
walk on EAGAIN into rtable_walk itself.
Flushing cloned routes on interface state changes becomes a bit more
inefficient, but this can be improved later.
ok mpi@ dlg@
|
|
bug introduced in r1.138.
Reported at https://twitter.com/DarkSoul4242/status/722365165262405633
(twitter is *NOT* the place to report bugs!) and in
https://marc.info/?l=openbsd-bugs&m=145988918010707&w=2,
pointed out by tb@
|
|
and pretending the output succeeded. Packets are still dropped!
Idea from jsg@ following same change to bridge(4). ok mpi@
|
|
Since the rtalloc(9) rewrite no route lookup is done in this function so
there's no need for a destination or a rtable ID.
|
|
no functional change
|
