| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
| |
This is done to stop using stale ifa attached to routes, which is
the easiest way to make rtisvalid(9) MP-safe.
sthen@ and henning@ like it, ok claudio@
|
| | |
|
| |
|
|
|
|
|
|
| |
This matches what IPv4 is doing and unbreak carp(4) when the same
address is set twice, for example when running netstart(8) multiple
times.
Issue reported by and fix from Simon Mages.
|
| |
|
|
|
|
| |
instead of abusing RTF_CLONING.
Fix a leak reporeted by Aaron Riekenberg on misc@, ok sthen@
|
| | |
|
| |
|
|
|
|
|
|
|
| |
in{,6}_ioctl() that do not deal with sockets.
This will allow to automagically configure interface addresses in
the kernel without too many layer violations.
Required by upcoming umb(4).
|
| |
|
|
|
|
|
|
| |
Router renumbering was never supported, prefix ioctls were deprecated
~15 years ago. Move some items in netinet6/nd6.h where they are still
used.
ok mikeb@ mpi@
|
| |
|
|
|
|
|
| |
Those ioctls never made sense, IPv6 was designed right from the start
with support for multiple addresses by interface.
ok mikeb@ mpi@
|
| |
|
|
|
|
|
|
|
|
|
| |
As described in NetBSD kern/35897 PR, the parameters
this ioctl needs overlay each other in a union. The ioctl
cannot have worked properly.
Discovered while discussing overflow checks with mmcc@ and mpi@
The checks were part of the removed code.
ok deraadt@
|
| |
|
|
|
|
| |
an interface joined a specific multicast group.
ok phessler@, visa@, dlg@
|
| |
|
|
|
|
| |
Reported by sebastisa@.
ok sebasitia@, stsp@, florian@, vgross@
|
| | |
|
| |
|
|
|
|
|
| |
ifa->ifa_addr must not be NULL when an ifa is on a per-interface list of
addresses.
ok bluhm@, sthen@, benno@, millert@
|
| |
|
|
|
|
|
| |
attached to a carp(4) or bridge(4) member, to not dereference rt_ifp
directly.
ok visa@
|
| |
|
|
|
|
|
|
|
| |
One of the keys of our MP work relies on making OpenBSD's kernel simpler!
In this case turning ARP processing MP-safe is quite complicated due to
the way carp(4) is hooked in arpinput() and nowadays you'd better run
kitchensinkd(9) anyway :)
ok bluhm@, claudio@, reyk@
|
| |
|
|
| |
OK mpi@
|
| |
|
|
|
|
|
|
|
| |
L2 resolution depends on the protocol (encoded in the route entry) and
an ``ifp''. Not having to care about an ``ifa'' makes our life easier
in our MP effort. Fewer dependencies between data structures implies
fewer headaches.
Discussed with bluhm@, ok claudio@
|
| |
|
|
|
|
| |
stop passing it in every rt_ifa_add(9) calls.
ok claudio@
|
| |
|
|
|
|
| |
The SIOCGIFSTAT_IN6 is no longer supported.
ok mikeb@, claudio@, dlg@
|
| |
|
|
|
| |
interface.
OK mpi@
|
| | |
|
| |
|
|
|
|
| |
The SIOCGIFSTAT_ICMP6 is no longer supported.
ok dlg@, mikeb@, claudio@
|
| |
|
|
| |
Fix a regression reported by Brad.
|
| |
|
|
|
|
|
|
| |
Previously loopback connected routes were managed via the global list
of prefixes, which mean that systems with AUTOCONF'd addresses did not
see them in the routing table.
This also makes inet6 route creation coherent with inet.
|
| |
|
|
|
|
|
|
|
| |
AUTOCONF'd addresses.
This prevent the kernel from removing connected (/64) routes as soon as
it configures an AUTOCONF'd address based on a RA.
Tested by sebastia@, ok sthen@
|
| |
|
|
|
|
|
|
|
| |
IN6_IFF_NODAD pseudo-flag not being set.
This was just a flag for spaghetti code that should not exist in the
first place.
Tested by sebastia@, ok sthen@
|
| |
|
|
|
|
|
| |
everywhere to avoid passing around pointers to uninitialized stack
memory. While there, fix the call to in6_recoverscope() in
fill_drlist().
OK deraadt@ mpi@
|
| |
|
|
|
|
| |
into a common pattern. In the man page clarify the usage of the
returned route.
OK mpi@ mikeb@ jmc@
|
| |
|
|
| |
propagated.
|
| |
|
|
| |
Prodded by and ok bluhm@
|
| |
|
|
|
|
| |
reject SIOCAIFADDR_IN6 ioctl(2) where it is set.
ok jca@, bluhm@
|
| |
|
|
|
|
| |
structures into a function.
ok florian@
|
| |
|
|
| |
ok millert@
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
of RTF_CLONING and RTF_BROASCAST routes to not create MPATH conflicts
when IP address aliases are used.
This change makes it possible to have multiple RTF_CLONING routes with
the same priority. Note that any of the existing RTF_CLONING route
might be used by the kernel to create a RTF_CLONED route which should
not be a problem with aliases since they are attached to the same ifp.
This unbreak address aliases since the kernel supports multiple connected
routes for a subnet.
Found the hardway by djm@, ok claudio@
|
| |
|
|
|
|
|
|
|
|
|
| |
Use the existing multipath code. Switch away from using the ifa address
when making the cloning route and instead put a dummy sockaddr_dl route
in. With this it is possible to use the same network on multiple interfaces
at the same time. So if wireless and ethernet share the same network
the system will use the wired connection as long as there is link.
Still missing is builtin proxy-arp for the other interface IPs to allow
hitless failover.
OK mpi@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
one route to "::1".
Due to a clever BSD trick, the `ifa_dstaddr` field of addresses on
IFF_LOOPBACK ifps is set to the same value that `ifa_addr`. That's
why filtering for broadcast addresses is so complicated, because
guess what, `ifa_broadaddr` is the same as `ifa_dstaddr`!
Sadly our IPv6 code was "only" checking for `ifa_dstaddr` without
looking if the ifa was attached to a IFF_POINTOTPOINT interface.
So it always tried to create two routes to "::1" and, with the
recent RTF_LOCAL work, succeed.
You should now have only one local route to "::1".
::1 ::1 UHl 14 0 32768 1 lo0
-::1 ::1 UH 0 0 32768 4 lo0
ok henning@
|
| |
|
|
|
|
|
|
|
|
| |
The routing layer already check for the correct ifa when asked
to delete a local route, so do not try to be clever here.
This change also prevent having a NULL ifp pointer in your routing
table when you delete loopback interfaces having the same address.
ok henning@
|
| |
|
|
|
|
|
| |
have any direct symbols used. Tested for indirect use by compiling
amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
| |
|
|
|
|
|
| |
Put an splsoftnet() around the call to pfxlist_onlink_check() in
in6_control(SIOCAIFADDR_IN6). Include the call to dohooks() in the
protection like it is done elsewhere.
splassert failure reported and fix tested by matthieu@; OK mikeb@
|
| |
|
|
|
|
|
| |
make sure the default MTU is set for every address configured on the
ifp and not just the first one.
Regress test breakage reported by daniel@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
interfaces.
When the kernel automagically configures IPv6 addresses on loopback
interfaces, start by assigning a link-local address and then try to
assign "::1".
Only the first configured loopback interface per rdomain can have the
"::1" address. But even if other loopback interfaces failed to get
this address, because it is already taken, give them a chance to have
a link-local address.
While here change in6_ifattach() to return an error value and remove
duplicated code.
Fix a regression introduced by the NOINET6 flag removal.
ok henning@, stsp@, florian@, benno@
|
| |
|
|
|
|
| |
before <net/pfvar.h> or <net/if_pflog.h>. The kernel files can be
cleaned up next. Some sockaddr_union steps make it into here as well.
ok naddy
|
| |
|
|
|
|
|
| |
reflect that IPv6 link-local addresses are no longer automagically
configured the first time an interface is brought up.
ok henning@, stsp@
|
| |
|
|
|
|
|
|
|
|
|
| |
was enabled by default. Add AFATTACH/AFDETACH ioctls which enable/disable
an address family for an interface (currently used for IPv6 only).
New kernel needs new ifconfig for IPv6 configuration (address assignment
still works with old ifconfig making this easy to cross over).
Committing on behalf of henning@ who is currently lebensmittelvergiftet.
ok stsp, benno, mpi
|
| |
|
|
|
|
|
|
|
| |
to decide whether or not to remove local routes.
Prevent from having a NULL ifp pointer in the routing table when an
address present in another rdomain is removed from an interface.
ok bluhm@
|
| |
|
|
|
|
| |
error code on failure (unchecked for the moment).
ok mikeb@, jmc@
|
| |
|
|
|
|
| |
interfaces with an IPv6 address.
ok henning@, mikeb@, deraadt@
|
| |
|
|
|
|
| |
functionnality instead of a mix of enable/disable.
ok bluhm@, jca@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If there is a tie then a carp interface is not allowed to win even if
it has an address with a longer bitwise match. This allows reliable IPv6
communication between carp master and backup across a shared IPv6 subnet.
Consider the carp address 2001:DB8:10::14, which is configured on firewall A
(in carp master state) and firewall B (in carp backup state), each of which
has another address in the same prefix on a non-carp interface (A has
2001:DB8:10::1 and B has 2001:DB8:10::11). In this setup, A would use
2001:DB8:10::14 as source address when sending neighbour solicitations to B.
Since 2001:DB8:10::14 is a local address from B's point of view, B never
replied to the neighbour solicitations sent by A.
With this change A uses 2001:DB8:10::1 as source address instead.
ok mpi@
|
mpi
jca
stefan
tedu
bluhm
claudio
krw
jsg
deraadt
stsp