| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
| |
variables being processed.
ok bluhm@ henning@
|
| | |
|
| |
|
|
| |
again makes assumptions of the ifqueue internals, ok ryan claudio
|
| |
|
|
| |
ok claudio@
|
| |
|
|
|
|
|
| |
Fixes a case in bridge_output() where ARP requests are not broadcast
on interfaces without the discovery flag.
ok claudio deraadt
|
| | |
|
| |
|
|
|
|
|
| |
rt_if_remove_rtdelete() need to know the table id to be able to correctly
remove nodes.
Problem found by Andrea Parazzini and analyzed by Martin Pelikán.
OK henning@
|
| |
|
|
|
|
|
|
| |
accept flags for report and nocloning. Move the rtableid into struct route
(with a minor twist for now) and make a few more codepathes rdomain aware.
Appart from the pf.c and route.c bits the diff is mostly mechanical.
More to come...
OK michele, henning
|
| | |
|
| | |
|
| |
|
|
|
| |
we now correctly broadcast packets to all local ports.
OK deraadt@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
tables on top of a rdomain) but until now our code was a crazy mix so that
it was impossible to correctly use rtables in that case. Additionally pf(4)
only knows about rtables and not about rdomains. This is especially bad when
tracking (possibly conflicting) states in various domains.
This diff fixes all or most of these issues. It adds a lookup function to
get the rdomain id based on a rtable id. Makes pf understand rdomains and
allows pf to move packets between rdomains (it is similar to NAT).
Because pf states now track the rdomain id as well it is necessary to modify
the pfsync wire format. So old and new systems will not sync up.
A lot of help by dlg@, tested by sthen@, jsg@ and probably more
OK dlg@, mpf@, deraadt@
|
| |
|
|
|
|
|
|
|
| |
link-route points over the carp interface. (IP-less carpdev)
The descision whether to drop an ARP query is now expressed with
a goto out; rather than a second check later, which prevented
the carpdev case to work. Also add some comments to make
in_arpinput() easier to understand.
OK henning, markus.
|
| |
|
|
|
|
|
|
|
| |
alternate routing table and separate them from other interfaces in distinct
routing tables. The same network can now be used in any doamin at the same
time without causing conflicts.
This diff is mostly mechanical and adds the necessary rdomain checks accross
net and netinet. L2 and IPv4 are mostly covered still missing pf and IPv6.
input and tested by jsg@, phessler@ and reyk@. "put it in" deraadt@
|
| |
|
|
|
|
|
|
| |
interfaces and is probably never hit. The other one happens when the
number of packets on the arp hold queue is exceeded. If arpresolve()
returns NULL the mbuf must be on the hold queue or freed.
Fixes the mbuf leak seen by dlg@. Found with dlg@'s insane mbuf leak
diff. OK dlg@
|
| |
|
|
|
| |
arp layer. With a lot of input from deraadt@.
OK dlg@, looks good gollo@ + deraadt@
|
| |
|
|
|
|
|
|
|
| |
address. This cvs commit introduces a queue that buffers a small
burst of packets and resending the packets in correct order when
the ethernet address is resolved. Code written by Armin Wolfermann
<aw@osn.de>.
OK: claudio@ henning@
|
| |
|
|
|
|
|
| |
Really just the low-hanging fruit of (hopefully) forthcoming timeout
conversions.
ok art@, krw@
|
| |
|
|
|
|
|
| |
just insert arp entries. the inserted routes will have the right
priority no matter what, most times cloned.
problem found by Joerg Goltermann <jg@osn.de>, fix by his colleague
Armin Wolgermann <aw@osn.de>, ok claudio
|
| |
|
|
|
|
|
|
| |
ln_hold or la_hold into temporary storage and null ln_hold or
la_hold before manually processing the mbuf chain. Discard the mbuf chain
if it is put back in the hold area.
ok claudio@ markus@
|
| |
|
|
| |
OK henning@
|
| |
|
|
| |
ok claudio theo
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
it by reading the queues head pointer. if that pointer is not null
then it takes splnet and dequeues a packet for handling. this is
bad because the ifqueue head is modified at splnet and the sofnet
handlers read it without holding splnet.
this removes that check of the head pointer and simply checks if
the dequeue gave us a packet or not before proceeding.
found while reading mpls code.
discussed with norby@ and henning@
ok mcbride@ henning@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of using the same IP on multiple interfaces, carp has to be
configured with the new "carpnodes" and "balancing" options.
# ifconfig carp0 carpnodes 1:0,2:100,3:100 balancing ip carpdev sis0 192.168.5.50
Please note, that this is a flag day for anyone using carp balancing.
You'll need to adjust your configuration accordingly.
Addititionally this diff adds IPv6 NDP balancing support.
Tested and OK mcbride@, reyk@.
Manpage help by jmc@.
|
| |
|
|
| |
and can happen on slow mp systems under a lot of network load; ok kettenis@
|
| |
|
|
|
| |
the problemantic IP address and a hopefully better reason message.
After discussion with dtucker@, "fine with me" deraadt@ some time ago
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This provides a similar functionality as ARP balancing,
but also works for traffic that comes across routers.
IPv6 is supported as well.
The configuration scheme will change as soon we have sth better.
Also add support for changing the MAC address on carp(4)
interfaces. (code from mcbride)
Tested by pyr@ and reyk@
OK mcbride@
|
| |
|
|
|
|
|
|
| |
arplookup: unable to enter address for xxx.xxx.xxx.xxx
because it is absolutely useless in a modern world with cable modems
which leak arp packets over IP netblock zones; Anyone who used this as
a diagnostic for real problems has other tools to use; from discussion
with kitella, ok claudio
|
| |
|
|
|
|
|
| |
physical interface shares a bridge with the interface that received it.
Patch based on a version from camield@
Fixes PR 5178.
OK mcbride@
|
| |
|
|
|
|
| |
parameter so they can work on alternate tables. table 0 hardcoded for
many callers yet, that will be adapted step by step.
input + ok claudio norby hshoexer
|
| |
|
|
|
|
|
|
| |
directly. rather provide a rt_lookup function for regular lookups,
and a rt_gettable for those that need access to the head for some reason.
the latter cases should be revisted later probably so that nothing outside
the routing core code accesses the heads at all...
tested claudio jolan me, ok claudio markus
|
| |
|
|
|
|
| |
the remainder of the network stack from splimp to splnet.
ok miod@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
router so back out the routing stuff to pre-eurobsdcon where my machine
doesn't crash immediately.
i am happy to test diffs and report success/failures but i am not happy
to have instantaneous crashes when i reboot with a new kernel that was
compiled from pristine sources.
if you are going to be an elitist asshole then you could at least make
sure your code works.
ok and "be crass towards them" deraadt@
|
| |
|
|
|
|
| |
but go through a provided wrapper.
also provide rt_lookup() instead of doing the lookup manually in many places.
ryan ok
|
| | |
|
| |
|
|
|
|
|
| |
which was removed in rev 1.57. This makes arpbalance work again, and
ensures that only one carp host will reply to a given arp request.
ok mpf@ pascoe@ dhartmei@ deraadt@
|
| |
|
|
|
|
|
|
|
|
|
|
| |
instead of processing them in the parent interface. This causes us to send
ARP packets on a carpdev with its virtual MAC address as the source, rather
than the parent's physical address.
Permits us to fail over cleanly when connected to devices that use the
source MAC address on a received ARP request to generate an ARP entry for
the requesting host, rather than going through the who-has/is-at procedure.
ok niklas@ mcbride@
|
| |
|
|
|
|
| |
source MAC address we provide is ignored by ether_output.
ok mcbride@ niklas@
|
| |
|
|
|
|
|
|
| |
style as vlan(4). carp interfaces no longer require the physical interface
to be on the same subnet as the carp interface, or even that the physical
interface has an adress at all, so CARP can now be used on /30 networks.
ok deraadt@ henning@
|
| |
|
|
|
|
|
|
| |
things such that code that only need a second-resolution uptime or wall
time, and used to get that from time.tv_secs or mono_time.tv_secs now get
this from separate time_t globals time_second and time_uptime.
ok art@ niklas@ nordin@
|
| | |
|
| | |
|
| |
|
|
|
|
| |
the interface is ifconfig'd down.
Patch from Marco Pfatschbacher
|
| |
|
|
|
|
|
|
|
|
| |
Allows multiple hosts to share an IP address, providing high availability
and load balancing.
Based on code by mickey@, with additional help from markus@
and Marco_Pfatschbacher@genua.de
ok deraadt@
|
| | |
|
| |
|
|
| |
rescinded 22 July 1999. Proofed by myself and Theo.
|
| |
|
|
| |
kwesterback tdeval ok
|
| |
|
|
|
| |
of leaking. Reported by orjan.sjelvgren@ignite.com. ok jason@, krw@ and
henning@.
|
| | |
|
| | |
|
miod
henning
dhill
camield
deraadt
claudio
mpf
gollo
blambert
krw
dlg
brad
jolan
pascoe
mcbride
tholo
ho
itojun
millert
dhartmei