summaryrefslogtreecommitdiff
path: root/sys/netinet/ip_carp.c
AgeCommit message (Collapse)Author
2006-08-31Automatically add a IPv6 link-local address to carp interfaces when theRyan Thomas McBride
virtual MAC address is set. Among other things, this makes route6d work correctly on systems with carp interfaces. In order to ensure backwards compatibility, we do not include IPv6 link-local addresses in generating the HMAC, but we accept HMACs with AND without the link-local addresses. They will be added to the HMAC in a future release. In short: this change should only affect backwards compatibility for IPv6 users who are manually adding link-local addresses on carp interfaces. testing mtu@ todd@ ok mpf@ henning@ deraadt@
2006-08-28Make carp see all IPv6 address additions and remove dead code in carp_ioctl()Ryan Thomas McBride
ok mpf@ henning@
2006-08-16Send out a second delayed gratuitous ARP request afterMarco Pfatschbacher
we've won the MASTER election. This seems to be necessary w/ some wacky L3 switches, that only learn by looking at ARP packets. Fixes PR 5148. OK mcbride@
2006-06-16adjust functions dealing with the routing table to take a table ID asHenning Brauer
parameter so they can work on alternate tables. table 0 hardcoded for many callers yet, that will be adapted step by step. input + ok claudio norby hshoexer
2006-06-02Introduce attributes to interface groups.Marco Pfatschbacher
As a first user, move the global carp(4) demotion counter into the interface group. Thus we have the possibility to define which carp interfaces are demoted together. Put the demotion counter into the reserved field of the carp header. With this, we can have carp act smarter if multiple errors occur. It now always takes over other carp peers, that are advertising with a higher demote count. As a side effect, we can also have group failovers without the need of running in preempt mode. The protocol change does not break compability with older implementations. Collaborative work with mcbride@ OK mcbride@, henning@
2006-05-22Check for NULL cookies before calling hook_disestablish(). Just in caseKenneth R Westerback
the establish calls were bypassed or failed. ok mpf@
2006-05-18Add a duplicate check for our own advertisements. This is necessaryMarco Pfatschbacher
for dumb non simplex interfaces, that receive packets they've just sent. Fixes bug 5121. OK deraadt@, mcbride@
2006-03-26if_link_state_change() is more appropriate here.Camiel Dobbelaar
ok henning mcbride
2006-03-25allow bpf(4) to ignore packets based on their direction (inbound orDamien Miller
outbound), using a new BIOCSDIRFILT ioctl; guidance, feedback and ok canacar@
2006-03-23Set a carp MAC address of 00:00:00:00:00:00 if no vhid is assigned.Ryan Thomas McBride
ok henning@
2006-03-22prevent anything outside rote.c from accessing the routing table headsHenning Brauer
directly. rather provide a rt_lookup function for regular lookups, and a rt_gettable for those that need access to the head for some reason. the latter cases should be revisted later probably so that nothing outside the routing core code accesses the heads at all... tested claudio jolan me, ok claudio markus
2006-01-28Fix hmac calculation.Marco Pfatschbacher
Add some f's; do comparison in host byte order. OK mcbride@
2005-11-29Fix IPv6 hmac calculation.Marco Pfatschbacher
OK mcbride@
2005-11-29something in the eurobsdcon route-a-thon broke my simple home networkJolan Luff
router so back out the routing stuff to pre-eurobsdcon where my machine doesn't crash immediately. i am happy to test diffs and report success/failures but i am not happy to have instantaneous crashes when i reboot with a new kernel that was compiled from pristine sources. if you are going to be an elitist asshole then you could at least make sure your code works. ok and "be crass towards them" deraadt@
2005-11-27don't let anything outside route.c access the routing table heads directly,Henning Brauer
but go through a provided wrapper. also provide rt_lookup() instead of doing the lookup manually in many places. ryan ok
2005-11-27Completly remove transition path INIT -> MASTER.Marco Pfatschbacher
A bug introduced in -r 1.4 led lower priotorized hosts switching to MASTER state for a short time at bootup, if preemption was enabled. OK mcbride@
2005-11-27Sort the IP addresses in ascending order when doing the carp hmac; makesRyan Thomas McBride
alias address order on the interface irrelevant. prodding by henning@, ok mpf@
2005-11-04Add carp_hash() - hash the ethernet address of the ARP request and useRyan Thomas McBride
the result to determine which carp interface should answer rather than simply using the ip address. Fixes breakage debugged by Matt Bradford <m.bradford@isrc.qut.edu.au> 'just commit' deraadt@
2005-10-31Fix a TAILQ_FOREACH where the item containing the next pointer could beChristopher Pascoe
freed. ok canacar deraadt
2005-10-24Remove redundant duplicate packet length check.Ryan Thomas McBride
ok mpf@
2005-09-29Rework of multicast deletion code.Marco Pfatschbacher
The previous code could wrongly delete multicast groups on the parent interface. Now we forward only remembered delete requests to the carpdev. OK mcbride, mickey. "Get it in" deraadt.
2005-08-31Comment out KASSERT(mc != NULL) in carp_ether_delmulti. Because we mess withRyan Thomas McBride
the multicast list elsewhere, it can occur under certain conditions (PR4475). ok deraadt@ mpf@
2005-07-31Introduce bpf_mtap_af and bpf_mtap_hdr to be used when passing a mbuf chainChristopher Pascoe
to bpf with either an address family or other header added. These helpers only allocate a much smaller struct m_hdr on the stack when needed, rather than leaving 256 byte struct mbufs on the stack in deep call paths. Also removes a fair bit of duplicated code. commit now, tune after deraadt@
2005-06-19Don't reflect CARP's internal state via IFF_UP (which a user can modify), useChristopher Pascoe
IFF_RUNNING instead. Also, do not blindly restore flags onto an interface when returning to the running state. This eliminates the possibility that the kernel will bring the interface back up after a link state change on the physical interface, even though the user may have done an "ifconfig carpN down" in the meantime. Similarly two link state down events on the physical interface in succession could result in us never coming out of the INIT state. The master/backup state is still reported via link state information, so bgpd/ospfd, etc, should function as before. This also addresses PR4238. ok mpf@, ok with the idea etc henning@
2005-05-27only access if_linkstatehooks inside splnet.Marco Pfatschbacher
with pascoe@
2005-04-20Introduce if_linkstatehooks.Marco Pfatschbacher
This converts if_link_state_change() to a generic usable callback with dohooks(). OK henning@, camield@ Tested by camield@ and Alexey E. Suslikov
2005-03-15- stop tearing down routes when the carp interface goes to backup in theRyan Thomas McBride
carpdev case; block outgoing packets in carp_output() instead. - unbreak the "bow out on 'ifconfig down'" behaviour, allows instant failover on graceful halt/reboot to work again. ok mpf@ henning@
2005-03-13fix a potential crash that could occur when CARP_LOG is being used.Patrick Latifi
ok mcbride
2005-03-05Remove code which enforces a advskew=0 for the caseMarco Pfatschbacher
that carp shares the IP addresse with its physical interface. It's neither supported nor needed, since we have carpdev now. ok mcbride@
2005-03-01Unbreak arp_input with carp; add back the call to carp_iamatch()Ryan Thomas McBride
which was removed in rev 1.57. This makes arpbalance work again, and ensures that only one carp host will reply to a given arp request. ok mpf@ pascoe@ dhartmei@ deraadt@
2005-02-28Remove unused variable if_flags in struct carp_softc, ok mickey@Ryan Thomas McBride
2005-02-08build w/o INET6; ok mpf@, mcbride@Markus Friedl
2005-02-07Unrevert the changes introduced in 1.96 and accidentally removed in 1.97Ryan Thomas McBride
with an id10t error by yours truly.
2005-02-07Prevent carp from attaching to other carp interfaces, which theRyan Thomas McBride
ifp->if_flags & IFF_MULTICAST checks no longer protect against. ok pascoe@ mpf@
2005-02-07There is no SIOCDIFADDR call into interfaces on address deletion, soChristopher Pascoe
use our carp_addr_updated callback to detect deletion and reconfigure appropriately. ok mcbride@
2005-01-29Check the carpdev link state when we attach to it, makes a firewallRyan Thomas McBride
with an interface down avoid preempting after a reboot. Pointed out by Stephen Marley <stephen.marley@catwoman.cl-is.com> ok pascoe@ mpf@
2005-01-18Rewriting the lladdr can now be done without using mbuf tags.Marco Pfatschbacher
Advertisements run through the carp interface first. So we just take the address from ifp0. While we're there, also remove carp_macmatch6, which isn't used anymore. Proposed by mcbride@ ok mcbride@, pascoe@
2005-01-06spacingTheo de Raadt
2005-01-06Attach multicast to the carp interface for IPv6 (makes it consistent withRyan Thomas McBride
IPv4, and will allow us to get rid of carp_fix_lladdr() and the carp mbuf tag later). ok pascoe@ mpf@
2005-01-06Error path cleanups for carp_output. Use ENOBUFS instead of ENOMEM whenChristopher Pascoe
unable to tag a packet, and free mbuf chain on all failures. ok mcbride@
2005-01-06Tag all packets sent via a CARP interface for link local addressChristopher Pascoe
substitution. With this change and the previous ARP changes, all Ethernet packets sent via a CARP interface should now have the virtual MAC address as the source. ok mcbride@ niklas@
2005-01-04Move processing of ARP packets for CARP addresses to the carp interfaceChristopher Pascoe
instead of processing them in the parent interface. This causes us to send ARP packets on a carpdev with its virtual MAC address as the source, rather than the parent's physical address. Permits us to fail over cleanly when connected to devices that use the source MAC address on a received ARP request to generate an ARP entry for the requesting host, rather than going through the who-has/is-at procedure. ok niklas@ mcbride@
2004-12-22Instead of running carp_setroute synchronously, use if_addrhooks to get aChristopher Pascoe
callback after in_ifinit has run. This lets us correct any routes that in_ifinit has incorrectly added for our interface. Also be more explicit with the routing checks/changes that we make. This makes it possible to have different prefix lengths on a CARP interface and the physical interface it is bound to. ok mcbride@
2004-12-19#define sc_if sc_ac.ac_if, makes things a little more readable, andRyan Thomas McBride
kills a couple of ugly line wraps. From Max Laier. ok pascoe@
2004-12-19Make it possible for carp to work on fddi and token ring again.Ryan Thomas McBride
ok pascoe@ mpf@
2004-12-18Decrement carp_suppress_preempt when detaching an interface that hasChristopher Pascoe
been experiencing output errors. ok mcbride@
2004-12-17Temporary fix to get IPv6 working again.Marco Pfatschbacher
v6 advertisements are still received the old-fashioned way. ok mcbride@
2004-12-17Reorder code in the ethernet output path, and enhance unicast addressChristopher Pascoe
matching in the bridge receive path to make CARP operate correctly on physical interfaces that are participating in a bridge. ok mcbride@ henning@ dlg@
2004-12-17Remember to decrement carp_suppress_preempt when detaching.Ryan Thomas McBride
ok pascoe@
2004-12-15Add IFF_NOARP to carp interface, we want arp requests to be handled viaRyan Thomas McBride
carp_iamatch() on the physical interface. ok pascoe@ mpf@