| Age | Commit message (Collapse) | Author |
|---|
|
stop passing it in every rt_ifa_add(9) calls.
ok claudio@
|
|
The SIOCGIFSTAT_IN6 is no longer supported.
ok mikeb@, claudio@, dlg@
|
|
interface.
OK mpi@
|
|
|
|
The SIOCGIFSTAT_ICMP6 is no longer supported.
ok dlg@, mikeb@, claudio@
|
|
Fix a regression reported by Brad.
|
|
Previously loopback connected routes were managed via the global list
of prefixes, which mean that systems with AUTOCONF'd addresses did not
see them in the routing table.
This also makes inet6 route creation coherent with inet.
|
|
AUTOCONF'd addresses.
This prevent the kernel from removing connected (/64) routes as soon as
it configures an AUTOCONF'd address based on a RA.
Tested by sebastia@, ok sthen@
|
|
IN6_IFF_NODAD pseudo-flag not being set.
This was just a flag for spaghetti code that should not exist in the
first place.
Tested by sebastia@, ok sthen@
|
|
everywhere to avoid passing around pointers to uninitialized stack
memory. While there, fix the call to in6_recoverscope() in
fill_drlist().
OK deraadt@ mpi@
|
|
into a common pattern. In the man page clarify the usage of the
returned route.
OK mpi@ mikeb@ jmc@
|
|
propagated.
|
|
Prodded by and ok bluhm@
|
|
reject SIOCAIFADDR_IN6 ioctl(2) where it is set.
ok jca@, bluhm@
|
|
structures into a function.
ok florian@
|
|
ok millert@
|
|
|
|
of RTF_CLONING and RTF_BROASCAST routes to not create MPATH conflicts
when IP address aliases are used.
This change makes it possible to have multiple RTF_CLONING routes with
the same priority. Note that any of the existing RTF_CLONING route
might be used by the kernel to create a RTF_CLONED route which should
not be a problem with aliases since they are attached to the same ifp.
This unbreak address aliases since the kernel supports multiple connected
routes for a subnet.
Found the hardway by djm@, ok claudio@
|
|
Use the existing multipath code. Switch away from using the ifa address
when making the cloning route and instead put a dummy sockaddr_dl route
in. With this it is possible to use the same network on multiple interfaces
at the same time. So if wireless and ethernet share the same network
the system will use the wired connection as long as there is link.
Still missing is builtin proxy-arp for the other interface IPs to allow
hitless failover.
OK mpi@
|
|
one route to "::1".
Due to a clever BSD trick, the `ifa_dstaddr` field of addresses on
IFF_LOOPBACK ifps is set to the same value that `ifa_addr`. That's
why filtering for broadcast addresses is so complicated, because
guess what, `ifa_broadaddr` is the same as `ifa_dstaddr`!
Sadly our IPv6 code was "only" checking for `ifa_dstaddr` without
looking if the ifa was attached to a IFF_POINTOTPOINT interface.
So it always tried to create two routes to "::1" and, with the
recent RTF_LOCAL work, succeed.
You should now have only one local route to "::1".
::1 ::1 UHl 14 0 32768 1 lo0
-::1 ::1 UH 0 0 32768 4 lo0
ok henning@
|
|
The routing layer already check for the correct ifa when asked
to delete a local route, so do not try to be clever here.
This change also prevent having a NULL ifp pointer in your routing
table when you delete loopback interfaces having the same address.
ok henning@
|
|
have any direct symbols used. Tested for indirect use by compiling
amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
|
Put an splsoftnet() around the call to pfxlist_onlink_check() in
in6_control(SIOCAIFADDR_IN6). Include the call to dohooks() in the
protection like it is done elsewhere.
splassert failure reported and fix tested by matthieu@; OK mikeb@
|
|
make sure the default MTU is set for every address configured on the
ifp and not just the first one.
Regress test breakage reported by daniel@
|
|
interfaces.
When the kernel automagically configures IPv6 addresses on loopback
interfaces, start by assigning a link-local address and then try to
assign "::1".
Only the first configured loopback interface per rdomain can have the
"::1" address. But even if other loopback interfaces failed to get
this address, because it is already taken, give them a chance to have
a link-local address.
While here change in6_ifattach() to return an error value and remove
duplicated code.
Fix a regression introduced by the NOINET6 flag removal.
ok henning@, stsp@, florian@, benno@
|
|
before <net/pfvar.h> or <net/if_pflog.h>. The kernel files can be
cleaned up next. Some sockaddr_union steps make it into here as well.
ok naddy
|
|
reflect that IPv6 link-local addresses are no longer automagically
configured the first time an interface is brought up.
ok henning@, stsp@
|
|
was enabled by default. Add AFATTACH/AFDETACH ioctls which enable/disable
an address family for an interface (currently used for IPv6 only).
New kernel needs new ifconfig for IPv6 configuration (address assignment
still works with old ifconfig making this easy to cross over).
Committing on behalf of henning@ who is currently lebensmittelvergiftet.
ok stsp, benno, mpi
|
|
to decide whether or not to remove local routes.
Prevent from having a NULL ifp pointer in the routing table when an
address present in another rdomain is removed from an interface.
ok bluhm@
|
|
error code on failure (unchecked for the moment).
ok mikeb@, jmc@
|
|
interfaces with an IPv6 address.
ok henning@, mikeb@, deraadt@
|
|
functionnality instead of a mix of enable/disable.
ok bluhm@, jca@
|
|
If there is a tie then a carp interface is not allowed to win even if
it has an address with a longer bitwise match. This allows reliable IPv6
communication between carp master and backup across a shared IPv6 subnet.
Consider the carp address 2001:DB8:10::14, which is configured on firewall A
(in carp master state) and firewall B (in carp backup state), each of which
has another address in the same prefix on a non-carp interface (A has
2001:DB8:10::1 and B has 2001:DB8:10::11). In this setup, A would use
2001:DB8:10::14 as source address when sending neighbour solicitations to B.
Since 2001:DB8:10::14 is a local address from B's point of view, B never
replied to the neighbour solicitations sent by A.
With this change A uses 2001:DB8:10::1 as source address instead.
ok mpi@
|
|
kill the macro.
ok mikeb@, henning@
|
|
raise it inside their ioctl handler (except for carp(4), what else?).
In general, global structures manipulated in the softnet codepath only
require a splsoftnet() protection when they are modified in process
(ioctl) context.
Also put some IPL_SOFNET asserts in functions accessing global structures.
Previous version diff ok mikeb@, with inputs from and ok bluhm@
|
|
pointed out & OK bluhm@
|
|
processing of router advertisements was already in the kernel.
With this rtsol{,d}(8) is no longer necessary.
The kernel starts sending solicitations with
# ifconfig $IF inet6 autoconf
or
inet6 autoconf
in /etc/hostname.$IF.
input stsp@
much help & OK mpi@
tweaks & OK bluhm@
|
|
after discussions with beck deraadt kettenis.
|
|
interfaces.
ok mikeb@
|
|
instead of relying on hacks in nd6_rtrequest() to add a route to
loopback for each address configured on such interfaces.
While here document that abusing lo0 for local traffic is not safe
for interfaces in a non-default rdomain.
Tested by claudio@, jca@ and sthen@, ok sthen@
|
|
connected routes to prefixes/hosts.
Since the introduction of rt_ifa_addloop(9) and rt_ifa_delloop(9),
rtinit() was just a wrapper, so use the underlying functions
directly and document them.
Inputs from and ok mikeb@, manpage tweaks from jmc@
|
|
Move these functions to a more generic place and make them reuse
existing code, they'll be soon used in IPv4 too.
Tested by André Lucas, Vigdis and sthen@, thanks!
ok sthen@
|
|
Instead of always copying ifa_flags to the routing entry flags when
creating a route by calling rtinit(), explicitly pass the RTF_CLONING
flag when required. This means ifa_flags are now *only* used to check
if an address has an associated route that was created by the kernel
auto-magically.
ok benno@
|
|
ok mikeb@, bluhm@
|
|
request, so kill it along with the associated global variable.
ok claudio@
|
|
(unplugged). Even if it makes no sense to keep them around if the
interface is no more, we cannot safely remove them since pcb multicast
options might keep a pointer to them.
Fixes a user after free introduced by the multicast address linking
rewrite and reported by Alexey Suslikov, thanks!
ok claudio@
|
|
ok stsp@
|
|
consistent with struct ifaddr "ifa" and struct in_ifaddr "ia".
OK mpi@
|
|
Really change the link-local address in the unlikely event of an IFID
collision, instead of going into an infinite conf-nak loop with the peer.
To make the netinet6 code use the IPv6CP IFID in a new link-local address,
in6_ifattach_linklocal() must accept a provided IFID. Replace the unused
'altifp' parameter with a new 'ifid' parameter for this purpose.
Always use the latest suggested address in IPv6CP replies, even if
the task to update the interface's address hasn't run yet.
Also, clear the ifindex (KAME hack) in addresses sent during IPv6CP.
ok mpi
|
|
Instead of linking multicast records to the first configured address of
the corresponding protocol, making this address and its position in the
global list special, add them to a new list directly linked to the
interface descriptor.
This new multicast address list is similar to the address list, all its
elements contain a protocol agnostic part. This design allows us to
be able to join a multicast group without necessarily having a configured
address. That means IPv6 multicast kludges are no longer needed.
Another benefit is to be able to add and remove an IP address from an
interface without worrying about multicast records. That means that the
global IPv4 list is no longer needed since the first configured address
of an interface is no longer special.
This new list might also be extended in the future to contain the
link-layer addresses used to configure hardware filters.
Tested by sthen@ and weerd@, ok mikeb@
|
