| Age | Commit message (Collapse) | Author |
|---|
|
with MPLS packets.
ok mpi@, claudio@
|
|
operating model". This is the kernel component; various changes should
proceed in-tree for a while before userland programs start using it.
ok miod, discussions and help from many
|
|
Code abusing the radix internals for the routing table should now
includes <net/rtable.h> and only deal with "struct rtentry".
Code using a radix tree for another purpose can still include
<net/radix.h>.
Inputs from and ok claudio@, mikeb@
|
|
|
|
route and not during the SIOCSIFADDR ioctl. This way addresses are
not announced when an error occurs.
ok chris@, claudio@
|
|
reaching around through the routing table
original diff by myself, much improved by mikeb@ and mpi@
ok and testing mikeb@ mpi@
|
|
This pseudo-option is a hack to support return-rst on bridge(4). It
passes Ethernet information via a "struct route" through ip_output().
"struct route" is slowly dying...
ok claudio@, benno@
|
|
ok guenther@, henning@
|
|
|
|
ok stsp mpi
|
|
|
|
ok mpi
|
|
a zero window condition. If you send a 0-length packet, but there
is data is the socket buffer, and neither the rexmt or persist timer
is already set, then activate the persist timer.
From FreeBSD revision 284941; OK deraadt@ markus@ mikeb@ claudio@
|
|
OK deraadt@
|
|
ok claudio@
|
|
ok millert@
|
|
Recent changes to support multiple interface routes broke the
assumption made by all our userland routing daemons concerning
interface routes. Historically such routes had a "gateway"
sockaddr of type AF_LINK. But to be able to support multiple
interface routes as any other multipath routes, they now have
a unique "gateway" sockaddr containing their corresponding IP
address.
This self-describing flag should avoid ambiguity when dealing
with interface routes.
Issue reported by <mxb AT alumni DOT chalmers DOT se> and benno@
ok claudio@, benno@
|
|
|
|
there's no need to flag every address as IFA_ROUTE.
|
|
|
|
ifp in order to access its ifih handlers.
So get rid of if_get() in the various ifih handlers we know the ifp is
live at this point.
ok dlg@
|
|
compatibility with 4.3BSD in September 1989.
*Pick your own definition for "temporary".
ok bluhm@, claudio@, dlg@
|
|
talking about (*ifp->if_output)().
ok claudio@, dlg@
|
|
tweaks and ok mpi@
|
|
Note that pseudo-drivers not using if_input() are not affected by this
conversion.
ok mikeb@, kettenis@, claudio@, dlg@
|
|
Most of the ARP layer already take an ifp pointer and this makes clear
wich chunks of code are messing with ac_enaddr.
Note that our Ethernet code assume that these pointer are interchangeable
since the first element of the "struct arpcom" is a "struct ifnet".
|
|
Move bridge_input() outside of ether_input() in order to duplicate packets
flowing through a bridge port before applying any transformation on mbufs.
This saves a various m_adj(9)/M_PREPEND(9) dances and remove the bridge(4)
hack from vlan(4).
Tested by mxb <mxb AT alumni DOT chalmers DOT se> and kettenis@
ok bluhm@
|
|
receiving interface in the packet header of every mbuf.
The interface pointer should now be retrieved when necessary with
if_get(). If a NULL pointer is returned by if_get(), the interface
has probably been destroy/removed and the mbuf should be freed.
Such mechanism will simplify garbage collection of mbufs and limit
problems with dangling ifp pointers.
Tested by jmatthew@ and krw@, discussed with many.
ok mikeb@, bluhm@, dlg@
|
|
|
|
|
|
|
|
|
|
ok sthen@, phessler@
|
|
something based on an address family and later assumes one of the paths
was taken. This was initially just calls to panic until guenther
suggested a function to reduce the amount of strings needed.
This reduces the amount of noise with static analysers and acts
as a sanity check.
ok guenther@ bluhm@
|
|
annoying trailing, leading and embedded whitespace. No change to
.o files.
ok deraadt@
|
|
code to use sotopf() like tcp_usrreq() does. Also following
tcp_usrreq(), put more stuff under splsoftnet. And as a result
in-line code in udp_detach() and nuke udp_detach().
Most ideas from and ok mikeb@
|
|
Tested by <mxb AT alumni DOT chalmers DOT se>, thanks!
ok bluhm@, dlg@
|
|
of RTF_CLONING and RTF_BROASCAST routes to not create MPATH conflicts
when IP address aliases are used.
This change makes it possible to have multiple RTF_CLONING routes with
the same priority. Note that any of the existing RTF_CLONING route
might be used by the kernel to create a RTF_CLONED route which should
not be a problem with aliases since they are attached to the same ifp.
This unbreak address aliases since the kernel supports multiple connected
routes for a subnet.
Found the hardway by djm@, ok claudio@
|
|
This has been done because historically routes to broadcast addresses
were cloned like any ARP entry. But for obvious reasons, no matching
Ethernet address could ever be resolved. That's why we played tricks
with the expire timer.
Now that a RTF_BROADCAST route is created per configured IPv4 address,
we need to differenciate duplicated one. And by not creating an ARP
entry we are allowed to write the IP address in the rt_gateway field,
which prevents MPATH conflicts.
This change is part of a fix to unbreak aliases since the kernel support
multiple connected routes for a subnet.
Found the hardway by djm@, ok claudio@
|
|
|
|
fixes rekeying for l2tp/ipsec against multiple windows clients
and saves memory (for many SAs to same peers); feedback and ok mikeb@
|
|
Since vhe are allocated with M_ZERO and INIT is also defined to be 0,
carp_set_state() would result in a no-op because of the state check.
So explicitly initialize the state of a vhe to INIT and move the state
check in carp_set_state_all() to prevent similar issues in the future.
Problem and initial diff from Johan Ymerson, thanks!
ok henning@
|
|
Found by The Brainy Code Scanner from Maxime Villard.
|
|
Use the existing multipath code. Switch away from using the ifa address
when making the cloning route and instead put a dummy sockaddr_dl route
in. With this it is possible to use the same network on multiple interfaces
at the same time. So if wireless and ethernet share the same network
the system will use the wired connection as long as there is link.
Still missing is builtin proxy-arp for the other interface IPs to allow
hitless failover.
OK mpi@
|
|
change behaviour for now but will allow to share the same address with
the parent interface without major hacks.
OK mpi@
|
|
pointer to this function.
ok claudio@
|
|
ok krw@ miod@
|
|
bridge.
|
|
According to RFC 7323 "once TSopt has been successfully negotiated,
... [it] MUST be sent in every non-<RST> segment for the duration
of the connection." Which means that keep alives which are just
ACK packets must include that too.
Pointed out and tested by Lauri Tirkkonen <lotheac at iki ! fi>, thanks!
ok mpi
|
|
change in ip_spd.c 1.59 makes it appear that there is a cut & pasto.
OK mikeb@
|
