summaryrefslogtreecommitdiff
path: root/sys/netinet6
AgeCommit message (Collapse)Author
2007-06-08kill arcnet leftovers, some pt out by Mike Belopuhov <mkb@crypt.org.ru>,Henning Brauer
some I found afterwards, ok dlg
2007-06-01apply the "skip ipsec if there are no flows" speedup diff to IPv6 too.Henning Brauer
we need a pointer to the inpcb to decide, which was not previously passed to ip6_output, so this diff is a little bigger. from itojun, ok ryan
2007-05-31Sync comment regarding rthdr0 w/ kame tree.Ryan Thomas McBride
from itojun@
2007-05-28typo slipped in, unbreak.Pierre-Yves Ritschard
2007-05-28avoid bypassing sys/queue.h in many places in the kernel.Pierre-Yves Ritschard
many assumptions were made about the way the various list types are implemented. lots of suggestions and help from otto and miod. ok otto@
2007-05-28double pf performance.Henning Brauer
boring details: pf used to use an mbuf tag to keep track of route-to etc, altq, tags, routing table IDs, packets redirected to localhost etc. so each and every packet going through pf got an mbuf tag. mbuf tags use malloc'd memory, and that is knda slow. instead, stuff the information into the mbuf header directly. bridging soekris with just "pass" as ruleset went from 29 MBit/s to 58 MBit/s with that (before ryan's randomness fix, now it is even betterer) thanks to chris for the test setup! ok ryan ryan ckuethe reyk
2007-05-08KILL all IPv6 packets with the rthdr0 extension header or multiple routingRyan Thomas McBride
headers, regardless of forwarding path. It's the sane thing to do. ip6_check_rthdr0() function from claudio@ ok deraadt@ claudio@ henning@
2007-05-03Reduce ip6_hdrnestlimit from 50 to 10. Normal IPv6 packets should not haveClaudio Jeker
more then 10 headers nested. OK deraadt@ henning@ mcbride@
2007-05-01framgent -> fragmentRay Lai
2007-04-21did you know that IPv6 packets are actually carried by turtles?Jun-ichiro itojun Hagino
because turtles are slow but reliable and trustworthy, packets stays on the net for a long period of time. bigger turtles can stay much longer. that is the hidden secret reason for the name of KAME project (i'm lying). j> some IETFers need to be sent to bondage/SM club and spanked/whipped j> by thousands of dominas and then chopped into million peaces by samurai j> swords. t> maybe that is what they actually want, and that is why they t> fucked RFC1883 and put rosemary's baby into RFC2460. j> I am king of IETF now, and tomorrow i may become beggar on the IETF venue j> hotel corridor. http://www.secdev.org/conf/IPv6_RH_security-csw07.pdf ok by myself, deraadt@, <samurais at kame.net>
2007-03-18Add IP load balancing support for carp(4).Marco Pfatschbacher
This provides a similar functionality as ARP balancing, but also works for traffic that comes across routers. IPv6 is supported as well. The configuration scheme will change as soon we have sth better. Also add support for changing the MAC address on carp(4) interfaces. (code from mcbride) Tested by pyr@ and reyk@ OK mcbride@
2007-02-15Simplify the #if NBRIDGE case as in in_gif.c:1.33.Claudio Jeker
2007-02-14Consistently spell FALLTHROUGH to appease lint.Jonathan Gray
ok kettenis@ cloder@ tom@ henning@
2007-02-10Cleanup, kill dead code and unused arguments. Mostly stuff that is computedClaudio Jeker
and passed around but never used. OK mglocker@
2007-02-08- AH: when computing crypto checksum for output, massage source-routingJun-ichiro itojun Hagino
header. - ipsec_input: fix mistake in IPv6 next-header chasing. - ipsec_output: look for the position to insert AH more carefully. - ip6_output: enable use of AH with extension headers. avoid tunnellinng when source-routing header is present. ok by deraad, naddy, hshoexer
2007-01-22Fix KAME cvsweb urlsMiod Vallat
2007-01-16oops, previous commit was incorrect.Jun-ichiro itojun Hagino
2007-01-15fix infinite loop in case nip6 and nicmp6 are not on the same mbuf. NetBSD ↵Jun-ichiro itojun Hagino
PR 34994+35333
2006-12-28check if ifqueue has anything queued before doing the dance ofTheo de Raadt
splnet/IF_DEQUEUE/splx; ok various people
2006-12-27correct rhlen computation (if the "if" clause on the next line is taken,Jun-ichiro itojun Hagino
we will use rhlen uninitialized). checked with kame
2006-12-19reject (potentially malicious) packets from outside,Jun-ichiro itojun Hagino
with interface-local multicast addr in ip6_dst. by jinmei@kame
2006-12-11de-__P. noted by Dries SchellekensJun-ichiro itojun Hagino
2006-12-10In ip6_output(), make sure ia is initialized before it is used.Miod Vallat
2006-12-09switch IPv6 advanced API from RFC2292 to RFC3542 (2292 is superseded by 3542).Jun-ichiro itojun Hagino
the kernel still handles RFC2292 set/getsockopts, so that compiled binary has no trouble running. userland sees RFC3542 symbols only on header file so new code has to use RFC3542 API. bump libc shlib minor for function additions. tested on i386/amd64 by jmc, i386 by brad. checked by deraadt.
2006-12-08whitespaceJun-ichiro itojun Hagino
2006-12-08typo in comment. from kameJun-ichiro itojun Hagino
2006-12-08unifdef -UCOMPAT_RFC1883 (ancient)Jun-ichiro itojun Hagino
2006-12-08leftover from interface-local multicast change.Jun-ichiro itojun Hagino
2006-11-27make use of multiple routing tables.Henning Brauer
hook up looking up routes in alternate tables to the packet forwarding path. alternate routing tables are mintained with route(8), table selection via pf. mostly hacked on a train ride with ryan some time ago, ok mcbride claudio
2006-11-21introduce sysctl net.inet6.ip6.multicast_mtudisc (for multicast routers).Jun-ichiro itojun Hagino
deraadt ok. manpage nit by jmc.
2006-11-17move comment to a line where it makes more senseJun-ichiro itojun Hagino
2006-11-17change semantics of ff01::/16 to interface local multicastJun-ichiro itojun Hagino
(to sync up with more recent IPv6 spec) ok from: deraadt mcbride
2006-11-15unifdef -USCOPEDROUTINGJun-ichiro itojun Hagino
2006-11-14typoJun-ichiro itojun Hagino
2006-10-31Only run address hooks on SIOCAIFADDR_IN6 and SIOCDIFADDR_IN6.Marco Pfatschbacher
Before a normal user running ifconfig(8) could trigger up to three address hook calls per interface. OK mcbride@, henning@
2006-08-31Automatically add a IPv6 link-local address to carp interfaces when theRyan Thomas McBride
virtual MAC address is set. Among other things, this makes route6d work correctly on systems with carp interfaces. In order to ensure backwards compatibility, we do not include IPv6 link-local addresses in generating the HMAC, but we accept HMACs with AND without the link-local addresses. They will be added to the HMAC in a future release. In short: this change should only affect backwards compatibility for IPv6 users who are manually adding link-local addresses on carp interfaces. testing mtu@ todd@ ok mpf@ henning@ deraadt@
2006-08-28Make carp see all IPv6 address additions and remove dead code in carp_ioctl()Ryan Thomas McBride
ok mpf@ henning@
2006-07-06u_quad_t -> u_int64_tBrad Smith
no functional change.
2006-06-18Add support for equal-cost multipath IP.Christopher Pascoe
To minimise path disruptions, this implements recommendations made in RFC2992 - the hash-threshold mechanism to select paths based on source/destination IP address pairs, and inserts multipath routes in the middle of the route table. To enable multipath distribution, use: sysctl net.inet.ip.multipath=1 and/or: sysctl net.inet6.ip6.multipath=1 testing norby@ ok claudio@ henning@ hshoexer@
2006-06-16adjust functions dealing with the routing table to take a table ID asHenning Brauer
parameter so they can work on alternate tables. table 0 hardcoded for many callers yet, that will be adapted step by step. input + ok claudio norby hshoexer
2006-06-16Spelling.Christopher Pascoe
2006-06-16More spelling fixes.Christopher Pascoe
2006-06-16SZpelling.Christopher Pascoe
2006-06-16Spelling.Christopher Pascoe
2006-05-27Do the same thing as for IPv4. Use a sysctl to enable/disable mfrowardingClaudio Jeker
and additionaly make the code part of the MROUTING option. Put it in deraadt@
2006-05-27Fix obvious error in code that is currently not compiled.Claudio Jeker
2006-05-24fix 2 !foo & barThordur I. Bjornsson
"why are you not committing? into the tree, into the tree!" and ok tedu@
2006-04-22Routes announced via rt_missmsg() do not have rtm_index set. While in mostClaudio Jeker
cases harmless it is used by the IPv6 code. The result is that bgpd is unable to assigning link local addresses to the correct interface. OK henning@ Fix for PR 5063.
2006-04-16Fix typo in queue.h conversion.Can Erkin Acar
ok miod@ hshoexer@
2006-03-22prevent anything outside rote.c from accessing the routing table headsHenning Brauer
directly. rather provide a rt_lookup function for regular lookups, and a rt_gettable for those that need access to the head for some reason. the latter cases should be revisted later probably so that nothing outside the routing core code accesses the heads at all... tested claudio jolan me, ok claudio markus