| Age | Commit message (Collapse) | Author |
|---|
|
operating model". This is the kernel component; various changes should
proceed in-tree for a while before userland programs start using it.
ok miod, discussions and help from many
|
|
Code abusing the radix internals for the routing table should now
includes <net/rtable.h> and only deal with "struct rtentry".
Code using a radix tree for another purpose can still include
<net/radix.h>.
Inputs from and ok claudio@, mikeb@
|
|
structures into a function.
ok florian@
|
|
There is no need to handle managed/other flags for router
advertisments in the kernel according to the rfcs.
Remove stale todo comment; we do handle the on-link bit.
OK mpi
|
|
This pseudo-option is a hack to support return-rst on bridge(4). It
passes Ethernet information via a "struct route" through ip_output().
"struct route" is slowly dying...
ok claudio@, benno@
|
|
ok guenther@, henning@
|
|
Tweak and ok florian@
|
|
ok phessler@
|
|
ok stsp mpi
|
|
Fix a regression introduced when carp(4) left ether_output() found the
hardway by florian@ and phessler@.
ok benno@
|
|
|
|
ok claudio@
|
|
ok millert@
|
|
Recent changes to support multiple interface routes broke the
assumption made by all our userland routing daemons concerning
interface routes. Historically such routes had a "gateway"
sockaddr of type AF_LINK. But to be able to support multiple
interface routes as any other multipath routes, they now have
a unique "gateway" sockaddr containing their corresponding IP
address.
This self-describing flag should avoid ambiguity when dealing
with interface routes.
Issue reported by <mxb AT alumni DOT chalmers DOT se> and benno@
ok claudio@, benno@
|
|
ok deraadt@, millert@
|
|
compatibility with 4.3BSD in September 1989.
*Pick your own definition for "temporary".
ok bluhm@, claudio@, dlg@
|
|
receiving interface in the packet header of every mbuf.
The interface pointer should now be retrieved when necessary with
if_get(). If a NULL pointer is returned by if_get(), the interface
has probably been destroy/removed and the mbuf should be freed.
Such mechanism will simplify garbage collection of mbufs and limit
problems with dangling ifp pointers.
Tested by jmatthew@ and krw@, discussed with many.
ok mikeb@, bluhm@, dlg@
|
|
|
|
routes.
Since such routes are also flagged with RTF_LLINFO various code path
assume correctly that they contain valid ARP or ND information.
This fixes the "arpresolve: unresolved and rt_expire == 0" issue
reported on tech@ by mxb <mxb AT alumni DOT chalmers DOT se>.
ok claudio@, phessler@
|
|
|
|
of RTF_CLONING and RTF_BROASCAST routes to not create MPATH conflicts
when IP address aliases are used.
This change makes it possible to have multiple RTF_CLONING routes with
the same priority. Note that any of the existing RTF_CLONING route
might be used by the kernel to create a RTF_CLONED route which should
not be a problem with aliases since they are attached to the same ifp.
This unbreak address aliases since the kernel supports multiple connected
routes for a subnet.
Found the hardway by djm@, ok claudio@
|
|
|
|
Use the existing multipath code. Switch away from using the ifa address
when making the cloning route and instead put a dummy sockaddr_dl route
in. With this it is possible to use the same network on multiple interfaces
at the same time. So if wireless and ethernet share the same network
the system will use the wired connection as long as there is link.
Still missing is builtin proxy-arp for the other interface IPs to allow
hitless failover.
OK mpi@
|
|
ok krw@ miod@
|
|
bridge.
|
|
interface.
Fix a use after free introduced in r1.98 of netinet6/in6.c and recently
exposed by a crazy pool/malloc damage finder being currently refined by
dlg@ and deraadt@.
ok mikeb@, henning@
|
|
one route to "::1".
Due to a clever BSD trick, the `ifa_dstaddr` field of addresses on
IFF_LOOPBACK ifps is set to the same value that `ifa_addr`. That's
why filtering for broadcast addresses is so complicated, because
guess what, `ifa_broadaddr` is the same as `ifa_dstaddr`!
Sadly our IPv6 code was "only" checking for `ifa_dstaddr` without
looking if the ifa was attached to a IFF_POINTOTPOINT interface.
So it always tried to create two routes to "::1" and, with the
recent RTF_LOCAL work, succeed.
You should now have only one local route to "::1".
::1 ::1 UHl 14 0 32768 1 lo0
-::1 ::1 UH 0 0 32768 4 lo0
ok henning@
|
|
The routing layer already check for the correct ifa when asked
to delete a local route, so do not try to be clever here.
This change also prevent having a NULL ifp pointer in your routing
table when you delete loopback interfaces having the same address.
ok henning@
|
|
No objection from reyk@, OK markus, hshoexer
|
|
ok mikeb
|
|
|
|
with niqueues.
this change is so big because there's a lot of code that takes
pointers to different input queues (eg, ether_input picks between
ipv4, ipv6, pppoe, arp, and mpls input queues) and falls through
to code to enqueue packets against the pointer. if i changed only
one of the input queues id have to add sepearate code paths, one
for ifqueues and one for niqueues in each of these places
by flipping all these input queues at once i can keep the currently
common code common.
testing by mpi@ sthen@ and rafael zalamena
ok mpi@ sthen@ claudio@ henning@
|
|
is possible to allow IPv6 forwarding and SLAAC at the same time. This
is needed for RFC 7084.
Thanks to henning@ for marking places that needed looking at in
Ljubljana.
OK phessler@, benno@
|
|
the Ethernet frame. Prevent an overflow reported by Henk Jan Agteresch
on bugs@.
|
|
have any direct symbols used. Tested for indirect use by compiling
amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
|
RFC 4941 says in 3.3.5:
"In particular, an implementation MUST NOT create a temporary address
with a zero Preferred Lifetime."
OK sthen, henning, benno
|
|
is to clear the damn embedded scope.
At this point the receiving interface should not matter and will in the
future be cleared to prevent such layer violations.
This prevent exporting addresses with embedded scope to userland.
Found the hardway by and ok florian@
|
|
No binary change; OK mikeb@
|
|
Put an splsoftnet() around the call to pfxlist_onlink_check() in
in6_control(SIOCAIFADDR_IN6). Include the call to dohooks() in the
protection like it is done elsewhere.
splassert failure reported and fix tested by matthieu@; OK mikeb@
|
|
because clearing fields twice is not a problem.
Yeah, I suck at applying diff.
ok henning@, claudio@
|
|
of memory.
The key (destination) is only set once, when the route is inserted in
the routing table, and does not need to change afterward. The gateway
might change and rt_setgate() will do all the checks for you.
ok claudio@
|
|
multicast interface table (mif6). Will be used by netstat soon.
Looked over by guenther@
|
|
with the ip6intrq.
ok claudio@
|
|
states for external traffic through a link-local address.
Found the hard way and fix tested by bluhm@.
|
|
ip_mroute.c
requested by and ok claudio@
|
|
the still static functions in ip_mroute.c
OK phessler, henning
|
|
This unify some code and notify userland for free.
blambert@ agrees, ok bluhm@
|
|
Packets destinated to link-local addresses are looped back with embedded
scopes because we cannot restore them using the receiving interface (lo0).
Embedded scopes are needed by the routing table to match RTF_LOCAL routes,
but pf(4) never saw them and existing rules are likely to break without
teaching the rule engine about them, found by dlg@ the hard way.
So save and restore embedded scopes around pf_test() for packets going
through loopback.
ok dlg@, mikeb@
|
|
email.
|
|
make sure the default MTU is set for every address configured on the
ifp and not just the first one.
Regress test breakage reported by daniel@
|
