| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
| |
everywhere to avoid passing around pointers to uninitialized stack
memory. While there, fix the call to in6_recoverscope() in
fill_drlist().
OK deraadt@ mpi@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Recent changes to support multiple interface routes broke the
assumption made by all our userland routing daemons concerning
interface routes. Historically such routes had a "gateway"
sockaddr of type AF_LINK. But to be able to support multiple
interface routes as any other multipath routes, they now have
a unique "gateway" sockaddr containing their corresponding IP
address.
This self-describing flag should avoid ambiguity when dealing
with interface routes.
Issue reported by <mxb AT alumni DOT chalmers DOT se> and benno@
ok claudio@, benno@
|
| |
|
|
| |
there's no need to flag every address as IFA_ROUTE.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
of RTF_CLONING and RTF_BROASCAST routes to not create MPATH conflicts
when IP address aliases are used.
This change makes it possible to have multiple RTF_CLONING routes with
the same priority. Note that any of the existing RTF_CLONING route
might be used by the kernel to create a RTF_CLONED route which should
not be a problem with aliases since they are attached to the same ifp.
This unbreak address aliases since the kernel supports multiple connected
routes for a subnet.
Found the hardway by djm@, ok claudio@
|
| |
|
|
|
|
|
|
|
|
|
| |
Use the existing multipath code. Switch away from using the ifa address
when making the cloning route and instead put a dummy sockaddr_dl route
in. With this it is possible to use the same network on multiple interfaces
at the same time. So if wireless and ethernet share the same network
the system will use the wired connection as long as there is link.
Still missing is builtin proxy-arp for the other interface IPs to allow
hitless failover.
OK mpi@
|
| |
|
|
| |
ok claudio@, mikeb@, bluhm@
|
| |
|
|
|
|
|
| |
ioctl(2)s are an exception to this rule. This makes clear that ifa
cannot be used initialized as found by jsg@ with gcc/clang.
ok krw@, bluhm@, jca@
|
| |
|
|
|
| |
long live the one true internet.
ok henning mikeb
|
| |
|
|
|
|
| |
of your system, put it on a diet and kill the superfluous logic.
ok mikeb@
|
| |
|
|
|
|
| |
error code on failure (unchecked for the moment).
ok mikeb@, jmc@
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
to p2p interfaces always mark them as Multipath. This way we can have
multiple routes to the same destination as long as the local address is
different.
ok mikeb@
|
| |
|
|
|
|
|
|
|
| |
It is of course not to make your life more complicated when you are
dealing with ifa_ifwithaddr()! It was to reuse the point-to-point
code to add a route to 127.0.0.1. But now we have local routes and
we don't need this hack anymore :)
ok mikeb@ as part of a larger diff.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
raise it inside their ioctl handler (except for carp(4), what else?).
In general, global structures manipulated in the softnet codepath only
require a splsoftnet() protection when they are modified in process
(ioctl) context.
Also put some IPL_SOFNET asserts in functions accessing global structures.
Previous version diff ok mikeb@, with inputs from and ok bluhm@
|
| |
|
|
|
|
| |
loopback interfaces because we no longer add it.
ok claudio@
|
| |
|
|
|
|
|
|
|
| |
to use the routing table.
Do not create a host route for loopback addresses apart from the local
ones otherwise these addresses are not considered as part of the machine.
Reported by deraadt@ and Heiko Zimmermann on bugs@.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
broadcast address is non null, add a broadcast entry flagged with
RTF_BROADCAST.
Re-use the existing logic to switch a route to prefix from an ifa
to another to also move this broadcast entry.
Prior to this change broadcast entries were simple clonned ARP entries,
that would be deleted once their timer expired since they would always
be incomplete.
With this change they are now persistant and identifiable with a new flag
This version of the diff prevent a corruption reported by millert@
ok mikeb@, florian@
|
| |
|
|
|
| |
need it.
OK mpi@
|
| |
|
|
| |
after discussions with beck deraadt kettenis.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
machine and restore the original behavior of RTM_ADD and RTM_DELETE
by always generating one message per locally configured address.
This time, make sure the local route is removed during an address change,
since at least pppoe(4) do some funky magics with wildcard addresses that
might corrupt the routing tree, as found by naddy@
Also do not add a local route if the specified address is 0.0.0.0, to
prevent a tree corruption, as found by guenther@.
Putting this in now so that it gets tested, claudio@ agrees. Please
contact me if you find any route-related regression caused by this
change.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
an interface. Two other operations are performed when issuing a
SIOCDIFADDR{_IN6,} ioctl: call the address hook and the per-driver
ioctl function.
Since carp(4) relies on an address hook to recalculate its hash, make
sure to call this hook when IFXF_NOINET6 is set or when the rdomain is
changed.
ok henning@, mikeb@
|
| |
|
|
|
|
| |
it introduces a regression with default routes & p2p interfaces.
Problem reported by naddy@
|
| |
|
|
|
|
|
| |
machine and restore the original behavior of RTM_ADD and RTM_DELETE
by always generating one message per locally configured address.
Tested by krw@, jca@ and florian@
|
| |
|
|
|
|
|
|
|
|
| |
This function is used only once in our tree to optimize the size of the
MSS if the forward address correspond to a host on one of our subnets,
but only if ip.mutdisc is disable, which is not the default!
While here get rid of the "#ifdef RTV_MTU", it is here.
ok henning@, mikeb@, bluhm@
|
| |
|
|
|
|
|
|
|
|
| |
connected routes to prefixes/hosts.
Since the introduction of rt_ifa_addloop(9) and rt_ifa_delloop(9),
rtinit() was just a wrapper, so use the underlying functions
directly and document them.
Inputs from and ok mikeb@, manpage tweaks from jmc@
|
| |
|
|
|
|
|
|
|
|
| |
Instead of always copying ifa_flags to the routing entry flags when
creating a route by calling rtinit(), explicitly pass the RTF_CLONING
flag when required. This means ifa_flags are now *only* used to check
if an address has an associated route that was created by the kernel
auto-magically.
ok benno@
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
added to an interface into two functions: one for route to prefix
and one for route to host.
This magic has been added to work around the behavior of rtinit() and
preserve the connected route to prefix when the first address of a
subnet is removed. Since this "feature" has been present for point-
to-point interfaces too for more than 10 years, this diff does not
change anything in this regard, even if I'm not sure it makes sense.
Tested by benno@
|
| |
|
|
|
|
| |
it was intended to control. No real-world change say mikeb@ and mpi@.
ok mpi@
|
| |
|
|
|
|
|
|
|
|
|
| |
(unplugged). Even if it makes no sense to keep them around if the
interface is no more, we cannot safely remove them since pcb multicast
options might keep a pointer to them.
Fixes a user after free introduced by the multicast address linking
rewrite and reported by Alexey Suslikov, thanks!
ok claudio@
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of linking multicast records to the first configured address of
the corresponding protocol, making this address and its position in the
global list special, add them to a new list directly linked to the
interface descriptor.
This new multicast address list is similar to the address list, all its
elements contain a protocol agnostic part. This design allows us to
be able to join a multicast group without necessarily having a configured
address. That means IPv6 multicast kludges are no longer needed.
Another benefit is to be able to add and remove an IP address from an
interface without worrying about multicast records. That means that the
global IPv4 list is no longer needed since the first configured address
of an interface is no longer special.
This new list might also be extended in the future to contain the
link-layer addresses used to configure hardware filters.
Tested by sthen@ and weerd@, ok mikeb@
|
| | |
|
| |
|
|
|
|
|
|
|
| |
interface descriptor throught the first configured address in the
global list, this will help reducing the size of future diffs.
No object change.
ok sthen@
|
| |
|
|
|
|
|
|
|
|
| |
of an interface, named after its IPv6 equivalent.
Make use of it instead of removing addresses by hand when detaching
or destroying an interface. As a bonus, multicast records linked
to the just divorced^Wdetached interface are no longer leaked.
No objection from the gang, ok mikeb@
|
| |
|
|
|
|
| |
No functional change.
ok henning@, mikeb@
|
| |
|
|
|
|
| |
than iterating on the global list.
ok bluhm@
|
| |
|
|
|
|
|
| |
sure we add its descriptor back to the tree and interface list to keep
the various global structures consistent.
ok mikeb@, bluhm@
|
| |
|
|
| |
ok mikeb@, henning@
|
| |
|
|
| |
Jeff Ross and later by myself, both on remote systems..
|
| |
|
|
| |
Reported by naddy@
|
| |
|
|
|
|
|
| |
structure rather than doing various M_WAITOK allocations during
the *attach() functions, we always rely on them anyway.
ok mikeb@, uebayasi@
|
| |
|
|
| |
ok bluhm@, mikeb@
|
| |
|
|
|
|
| |
unconditionally for SIOCSIFADDR.
ok bluhm@, henning@
|
| |
|
|
|
|
|
|
|
|
| |
address configured on the interface just like SIOCSIFBRDADDR does.
This prevent the global IPv4 address list and the per-interface list
to be out of sync until one of SIOCAIFADDR or SIOCSIFADDR ioctl(2)
is issued.
ok mikeb@, sthen@
|
| |
|
|
|
|
| |
viariables.
ok mikeb@
|
| | |
|
| |
|
|
|
|
| |
check for the reference counter.
ok mikeb@, miod@, pelikan@, kettenis@, krw@
|
| |
|
|
|
|
| |
added in 1.40). This fixes a pathological case where in_scrubprefix would
do the wrong thing. Found and reported by glebius@FreeBSD
OK bluhm@
|
bluhm
mpi
claudio
tedu
krw
sthen