summaryrefslogtreecommitdiffstats
path: root/sys/netinet6/nd6.h (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Move ND6_PRIV_* constants from nd6.h to slaacd the only place whereflorian2020-03-281-6/+1
| | | | | | | | | they are used. Nobody in the wider eco system uses these. While here reduce temporary address valid lifetime to 2 days as per draft-ietf-6man-rfc4941bis. This should considerably reduce the amount of addresses configured on an interface - a common complaint. Original diff from Fernando Gont (fernando AT gont.com.ar), thanks! Ports tree scanning by sthen@
* Prevent recursions by not deleting entries inside rtable_walk(9).mpi2019-06-211-2/+2
| | | | | | | | | | | | | | | rtable_walk(9) now passes a routing entry back to the caller when a non zero value is returned and if it asked for it. This allows us to call rtdeletemsg()/rtrequest_delete() from the caller without creating a recursion because of rtflushclone(). Multicast code hasn't been adapted and is still possibly creating recursions. However multicast route entries aren't cloned so if a recursion exists it isn't because of rtflushclone(). Fix stack exhaustion triggered by the use of "-msave-args". Issue reported by Dániel Lévai on bugs@ confirmed by and ok bluhm@.
* Use a single timer for all ND6 entries.mpi2017-11-271-5/+2
| | | | | | | | | | | | This prevents a use-after-free reported by Hrvoje Popovski where the timeout function was already sleeping on the NET_LOCK() when ifconfig(8) removed the enry from the table. By iterating on a global list in the timeout routine we ensure that the items are still valid when we process them. This also reduce differences with ARP. ok bluhm@, visa@
* We are processing Router Solicitation / Advertisement messages onlyflorian2017-11-031-3/+2
| | | | | | | | for the Source Link-layer Address Options. Merge nd6_rs_input() and nd6_ra_input() into one generic function that does just that. input & OK mpi
* Remove knob and always do neighbor unreachable detection.florian2017-08-091-4/+1
|
* accept_rtadv doesn't do anything since some time.florian2017-08-091-2/+1
| | | | OK mpi
* We are no longer generating privacy addresses in theflorian2017-08-091-5/+1
| | | | | kernel. OK mpi
* Stop running nd6_expire every second.florian2017-08-081-2/+2
| | | | | We know when pltime or vltime decrease to zero. Run nd6_expire then. Input & OK mpi, bluhm
* Get rid of ICMPV6CTL_ND6_DRLIST and ICMPV6CTL_ND6_PRLIST sysctlsflorian2017-07-121-29/+1
| | | | | | | With this we can also get rid of in6_prefix and in6_defrouter. They are meaningless, the kernel no longer tracks this information. Pointed out by & OK mpi
* Purging is at last at hand. Day of Doom is here. All that is evilflorian2017-07-111-62/+1
| | | | | | | | | shall all be cleansed. Remove sending of router solicitations and processing of router advertisements from the kernel. It's handled by slaacd(8) these days. Input & OK bluhm@, mpi@
* Move nd6 timer initialisation to nd6_init() and call timeout_set()bluhm2016-12-271-4/+1
| | | | | only once during init. OK mpi@
* Remove multiple recursive splsoftnet().mpi2016-11-281-4/+1
| | | | ok bluhm@
* Assert that prelist_update() is always called at IPL_SOFTNET.mpi2016-11-211-2/+1
| | | | While here use __func__ in debug strings to reduce noise when grepping.
* store nd6 expiries in the route, not separately in the llinfo struct.dlg2016-07-131-3/+2
| | | | | | | this makes it more consistent with arp, and makes expiries visible via route(8) get as well as ndp(8). ok mpi@ florian@
* Kill nd6_output(), it doesn't do anything since the resolution logicmpi2016-06-151-5/+1
| | | | | | has been moved to nd6_resolve(). ok visa@, millert@, florian@, sthen@
* Move ND resoluton logic from nd6_output() to nd6_storelladdr() andmpi2016-06-081-2/+2
| | | | | | | | | rename it to nd6_resolve(). This allows us to get rid of non-Ethernet hacks by moving Ethernet specific logic in the appropriate layer. ok sthen@
* make nd6_llinfo_settimer take seconds instead of ticks.dlg2016-06-011-2/+2
| | | | | | | | | | most callers are working in seconds, internally it uses seconds, and you can call timeout_add_sec as easily as timeout_add. this also fixes an issue with an nd_defrouter expire which was incorrectly scaled with ticks in a comparison. ok mpi@
* remove code compensating for the "short" range of timeouts.dlg2016-05-301-2/+1
| | | | | | | | | | the nd6 code for managing expiries is never asked to handle intervals greater than what timeouts can handle, so we dont need to overcompensate. the code was also incorrect by using a long, which isnt that long on ILP32 machines. ok mpi@ millert@ benno@
* Implement proxy ARP for ART based on mpath support.mpi2016-03-301-6/+1
| | | | | | Since mpath is not enabled in RAMDISK, proxy ARP won't work there either. ok bluhm@
* Kill IPv6 prefix and router renumbering ioctls.jca2016-03-031-1/+12
| | | | | | | | Router renumbering was never supported, prefix ioctls were deprecated ~15 years ago. Move some items in netinet6/nd6.h where they are still used. ok mikeb@ mpi@
* Convert arc4random() to arc4random_uniorm(). Diff by Matthew Martin.tb2015-12-181-2/+2
| | | | | | | | Ensure that arc4random_uniform() doesn't loop by redefining ND6_MAX_DESYNC_FACTOR to be 512, the largest power of two smaller than the RFC-specified 600 seconds. Suggested by florian@ and deraadt@ ok florian@, sthen@ in this form, arc4random change ok djm@, tedu@
* Change nd6_nud_hint() to no longer manipulate rt_ifp directly.mpi2015-11-061-2/+2
| | | | | | | While here remove unused argument and convert the route check to rtisvalid(9). ok bluhm@
* Implement the list of nd6 llinfo entries with a TAILQ.bluhm2015-11-021-4/+2
| | | | OK millert@ mpi@
* Prefer an existing refcounted ``ifp'' to rt_ifp when possible or use thempi2015-11-021-2/+2
| | | | | | interface index directly. ok bluhm@
* Remove linkmtu and maxmtu from struct nd_ifinfo. IN6_LINKMTU can nowflorian2015-10-281-10/+1
| | | | | die and ifp->if_mtu is the one true mtu. Suggested by and OK mpi@
* Introduce if_rtrequest() the successor of ifa_rtrequest().mpi2015-10-251-2/+2
| | | | | | | | | L2 resolution depends on the protocol (encoded in the route entry) and an ``ifp''. Not having to care about an ``ifa'' makes our life easier in our MP effort. Fewer dependencies between data structures implies fewer headaches. Discussed with bluhm@, ok claudio@
* Ignore Router Advertisment's current hop limit.mpi2015-10-241-2/+1
| | | | | | | | Appart from the usual inet6 axe murdering exercise to keep you fit, this allows us to get rid of a lot of layer violation due to the use of per- ifp variables to store the current hop limit. Imputs from bluhm@, ok phessler@, florian@, bluhm@
* The return value of nd6_cache_lladdr() is never used so make it a void.mpi2015-08-311-3/+2
| | | | Fewer "struct rtentry" left in the wild!
* nd6_prefix_add() is no longer used and die.mpi2015-08-241-3/+1
|
* Start moving away from the global prefix list by limiting its usage tompi2015-08-241-2/+2
| | | | | | | | | AUTOCONF'd addresses. This prevent the kernel from removing connected (/64) routes as soon as it configures an AUTOCONF'd address based on a RA. Tested by sebastia@, ok sthen@
* Rework the code to decide when to perform DAD to no longer rely on thempi2015-08-241-2/+2
| | | | | | | | | IN6_IFF_NODAD pseudo-flag not being set. This was just a flag for spaghetti code that should not exist in the first place. Tested by sebastia@, ok sthen@
* Call rtfree(9) when we no longer need the route entry rather thanmpi2015-08-181-3/+1
| | | | | | | | | | decrementing rt_refcnt just after rtrequest1(9). While here reduce the differences with rt_ifa_add(9). There's still an ambiguity about rtrequest1(9)'s return value, but bluhm@ will address that in a different diff. Discussed with and ok bluhm@
* Merge two identical chunks to add new prefixes to the global datampi2015-07-181-1/+4
| | | | | | structures into a function. ok florian@
* Properly layer Router Solicitation code.mpi2015-07-161-11/+6
| | | | Tweak and ok florian@
* Remove unused arguments and the associated code from nd6_nud_hint().mpi2015-07-091-2/+2
| | | | ok claudio@
* Rework the handling of interfaces and IPv6 addresses for local delivery.mpi2014-11-201-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | - Unicast packets sent to any local address will have their interface set to loobpack. - In order to differentiate traffic from interfaces having identical link-local addresses, provide the scoped addresses to pf(4). - Update the icmp6 state lookup logic to match scoped MLL addresses. - Remove a shortcut in ip6_input() that bypasses pf and always look for an RTF_LOCAL route. Packets sent to multicast addresses still retain their original interface due to the fact that local multicast packet delivering does not use if_output. This makes ping6 to link-local addresses work even with pf enabled and "set skip" on loopbacks, reported by Pieter Verberne. Debugged, analysed and tested with mikeb@. ok mikeb@, henning@, sthen@
* Do not pass an ifa pointer when we already have a DAD descriptor.mpi2014-11-101-2/+1
| | | | Tweaks and ok florian@
* Move sending of router solicitations to the kernel; receiving andflorian2014-08-251-1/+13
| | | | | | | | | | | | | | | processing of router advertisements was already in the kernel. With this rtsol{,d}(8) is no longer necessary. The kernel starts sending solicitations with # ifconfig $IF inet6 autoconf or inet6 autoconf in /etc/hostname.$IF. input stsp@ much help & OK mpi@ tweaks & OK bluhm@
* move IPv6 prefix adding from workq to taskq; as a happy benefit, weblambert2014-07-111-1/+5
| | | | | | | can delete 2 dozen or so lines that check to see if we've queued up a prefix addition multiple times. ok stsp@
* Kill the {nd6_,}useloopback buttons, using the loopback interface formpi2014-05-071-2/+1
| | | | | | local traffic is not optional. ok mikeb@, stsp@, jca@
* Propagate an rdomain number to the nd6_lookup independently frommikeb2014-01-071-3/+3
| | | | | the ifp pointer which can be NULL. This prevents a crash reported by David Hill <dhill at mindcry ! org>. OK bluhm
* More _KERNEL namespace cleanup, just in case something out therederaadt2013-10-251-45/+33
| | | | includes this.
* Remove unused argument from *rtrequest()mpi2013-08-281-2/+2
| | | | ok krw@, mikeb@
* No one uses the obsolete IPv6 ioctls SIOCGDRLST_IN6, SIOCGPRLST_IN6,bluhm2013-08-261-65/+1
| | | | | | | OSIOCGIFINFO_IN6 anymore. Remove them together with the structs in6_drlist, in6_oprlist, in6_prlist, in6_ondireq and the kernel implementation. OK mikeb@ henning@
* To control the lifetime of IPv6 addresses, prefixes and defaultbluhm2013-08-111-64/+38
| | | | | | | | | | | | | | routers, the kernel and ndp use a bunch of expire fields. Before they were int or u_long, convert expire to time_t in all structs. Move vltime and pltime to u_int32_t everywhere. Sort struct fields by size. Struct inet6_ndpr_msghdr is not used at all, so remove it. Binary compatibility of rtsold and ndp break with this change as rtsold uses in6_drlist and ndp uses in6_defrouter and in6_prefix to interact with the kernel. OK mpi@
* Do not access queue fields directly, use FOREACH() macro instead.bluhm2013-07-011-4/+1
| | | | | No binary change. OK mikeb@ mpi@
* Remove unused code manipulating a default interface and its index,mpi2013-03-111-5/+1
| | | | | | | This is a leftover from the on-link assumption behavior removal, which has been deprecated by RFC4861 anyway. ok mikeb@, bluhm@, florian@
* typo in comment.sthen2012-02-141-2/+2
|
* fix typos in commentsstsp2011-04-031-2/+2
| | | | ok deraadt henning sthen thib (though thib says he can't spell)
* Simple implementation of RFC4941, "Privacy Extensions for Statelessstsp2010-04-061-1/+6
| | | | | | | | | Address Autoconfiguration in IPv6". For those among us who are paranoid about broadcasting their MAC address to the IPv6 internet. Man page help from jmc, testing by weerd, arc4random API hints from djm. ok deraadt, claudio
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.