aboutsummaryrefslogtreecommitdiff
path: root/sys/netinet
Commit message (Collapse)AuthorAgeFilesLines
* Fix check used by stream reset related events.Michael Tuexen2012-04-211-3/+3
| | | | | | | MFC after: 3 days Notes: svn path=/head/; revision=234539
* Whitespace changes.Michael Tuexen2012-04-192-2/+2
| | | | | | | MFC after: 3 days Notes: svn path=/head/; revision=234464
* Use the same pattern for mbuf logging everywhere.Michael Tuexen2012-04-192-34/+12
| | | | | | | MFC after: 3 days Notes: svn path=/head/; revision=234461
* Fix reported errno.Michael Tuexen2012-04-191-2/+2
| | | | | | | MFC after: 3 days Notes: svn path=/head/; revision=234460
* Fix a bug where we copy out more data from a mbuf chain that areMichael Tuexen2012-04-192-16/+21
| | | | | | | | | | | | actually in it. This happens when SCTP receives an unknown chunk, which requires the sending of an ERROR chunk, and there is no final padding but the chunk is not 4-byte aligned. Reported by yueting via rwatson@ MFC after: 3 days Notes: svn path=/head/; revision=234459
* When we receive an ICMP unreach need fragmentation datagram, we takeGleb Smirnoff2012-04-164-19/+32
| | | | | | | | | | | | | | | | | | | | | | | | | | | | proposed MTU value from it and update the TCP host cache. Then tcp_mss_update() is called on the corresponding tcpcb. It finds the just allocated entry in the TCP host cache and updates MSS on the tcpcb. And then we do a fast retransmit of what we have in the tcp send buffer. This sequence gets broken if the TCP host cache is exausted. In this case allocation fails, and later called tcp_mss_update() finds nothing in cache. The fast retransmit is done with not reduced MSS and is immidiately replied by remote host with new ICMP datagrams and the cycle repeats. This ping-pong can go up to wirespeed. To fix this: - tcp_mss_update() gets new parameter - mtuoffer, that is like offer, but needs to have min_protoh subtracted. - tcp_mtudisc() as notification method renamed to tcp_mtudisc_notify(). - tcp_mtudisc() now accepts not a useless error argument, but proposed MTU value, that is passed to tcp_mss_update() as mtuoffer. Reported by: az Reported by: Andrey Zonov <andrey zonov.org> Reviewed by: andre (previous version of patch) Notes: svn path=/head/; revision=234342
* Send always HBs when in PF state.Michael Tuexen2012-04-141-1/+2
| | | | | | | | MFC after: 1 week X-MFC with: r234296 Notes: svn path=/head/; revision=234297
* Bugfix: Don't send HBs on path which are not idle.Michael Tuexen2012-04-141-1/+16
| | | | | | | MFC after: 1 week Notes: svn path=/head/; revision=234296
* It is a logical error that in carp_multicast_cleanup()Gleb Smirnoff2012-04-111-24/+59
| | | | | | | | | | | we look at count of addresses on a particular vhid, we should account number of addresses on cif. To achieve this we need to run carp_attach() and carp_detach() under appropriate cif lock. Notes: svn path=/head/; revision=234130
* M_DONTWAIT is a flag from historical mbuf(9)Gleb Smirnoff2012-04-101-1/+1
| | | | | | | allocator, not malloc(9) or uma(9) flag. Notes: svn path=/head/; revision=234087
* CARP should be capable to run on if_bridge(4). Unfortunately,Gleb Smirnoff2012-04-101-0/+2
| | | | | | | | | | | this commit is not enough to enable CARP operation on if_bridge(4), because the latter doesn't handle or even initialize its ifp->if_link_state. Reported by: Alexander Lunev <sol289 gmail.com> Notes: svn path=/head/; revision=234084
* Remove duplicate condition in if statement.Michael Tuexen2012-04-061-1/+0
| | | | | | | | Obtained from: brucec@ MFC after: 3 days Notes: svn path=/head/; revision=233940
* Don't check malloc(M_WAITOK) results.Gleb Smirnoff2012-03-311-4/+0
| | | | Notes: svn path=/head/; revision=233745
* Make stream our stream reset implementationRandall Stewart2012-03-2913-215/+549
| | | | | | | | | compliant to RFC6525. MFC after: 1 month Notes: svn path=/head/; revision=233660
* Permit tcpdrop in VNET jails.Marko Zec2012-03-281-1/+1
| | | | | | | | Submitted by: Miljenko Mikuc MFC after: 3 days Notes: svn path=/head/; revision=233601
* Honor the net.inet.udp.checksum sysctl when using SCTP/UDP/IPv4Michael Tuexen2012-03-281-9/+35
| | | | | | | | | encapsulation. MFCing requires MFCing http://svn.freebsd.org/changeset/base/233554 MFC after: 2 weeks Notes: svn path=/head/; revision=233597
* Export the udp_cksum sysctl for upcoming SCTP work. Rather than always,Bjoern A. Zeeb2012-03-272-4/+6
| | | | | | | | | | | | | | SCTP will only do IPv4 UDP checksum calculation as defined by the host policy. When tunneling SCTP always calculates the inner checksum already so not doing the outer UDP can save cycles. While here virtualize the variable. Requested by: tuexen MFC after: 2 weeks Notes: svn path=/head/; revision=233554
* - Permit number of ipfw tables to be changed in runtime.Alexander V. Chernikov2012-03-254-14/+101
| | | | | | | | | | | | | | | | | | net.inet.ip.fw.tables_max is now read-write. - Bump IPFW_TABLES_MAX to 65535 Default number of tables is still 128 - Remove IPFW_TABLES_MAX from ipfw(8) code. Sponsored by Yandex LLC Approved by: kib(mentor) MFC after: 2 weeks Notes: svn path=/head/; revision=233478
* Small cleanup of the code. No functional change (in FreeBSD kernel).Michael Tuexen2012-03-221-17/+20
| | | | | | | MFC after: 1 week. Notes: svn path=/head/; revision=233311
* Hide a few declarations from userland (including `struct inpcbgroup'). ThisRobert Millan2012-03-171-1/+1
| | | | | | | | | | | removes the dependency on <machine/param.h> which was introduced with SVN rev 222748 (due to CACHE_LINE_SIZE). Reviewed by: bde MFC after: 10 days Notes: svn path=/head/; revision=233096
* Clean up, no functional change.Michael Tuexen2012-03-151-16/+11
| | | | | | | MFC after: 3 days. Notes: svn path=/head/; revision=233005
* Fix bugs which can result in a panic when an non-SCTP socket itMichael Tuexen2012-03-151-5/+5
| | | | | | | | | used with an sctp_ system-call which expects an SCTP socket. MFC after: 3 days. Notes: svn path=/head/; revision=233004
* Fix VNET build broken by r232865.Alexander V. Chernikov2012-03-122-3/+3
| | | | | | | Temporary remove the ability to assign different number of tables per VNET instance. Notes: svn path=/head/; revision=232868
* This fixes PR 165210. Basically we justRandall Stewart2012-03-121-0/+1
| | | | | | | | | | | | | add in the netgraph interface to the list of acceptable interfaces. A todo at the next IETF code blitz, though is we need to review why we screen interfaces, there was a reason ;-). PR: 165210 MFC after: 1 week Notes: svn path=/head/; revision=232866
* - Add ipfw eXtended tables permitting radix to be used for any kind of keys.Alexander V. Chernikov2012-03-125-92/+671
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Add support for IPv6 and interface extended tables - Make number of tables to be loader tunable in range 0..65534. - Use IP_FW3 opcode for all new extended table cmds No ABI changes are introduced. Old userland will see valid tables for IPv4 tables and no entries otherwise. Flush works for any table. IP_FW3 socket option is used to encapsulate all new opcodes: /* IP_FW3 header/opcodes */ typedef struct _ip_fw3_opheader { uint16_t opcode; /* Operation opcode */ uint16_t reserved[3]; /* Align to 64-bit boundary */ } ip_fw3_opheader; New opcodes added: IP_FW_TABLE_XADD, IP_FW_TABLE_XDEL, IP_FW_TABLE_XGETSIZE, IP_FW_TABLE_XLIST ipfw(8) table argument parsing behavior is changed: 'ipfw table 999 add host' now assumes 'host' to be interface name instead of hostname. New tunable: net.inet.ip.fw.tables_max controls number of table supported by ipfw in given VNET instance. 128 is still the default value. New syntax: ipfw add skipto tablearg ip from any to any via table(42) in ipfw add skipto tablearg ip from any to any via table(4242) out This is a bit hackish, special interface name '\1' is used to signal interface table number is passed in p.glob field. Sponsored by Yandex LLC Reviewed by: ae Approved by: ae (mentor) MFC after: 4 weeks Notes: svn path=/head/; revision=232865
* Fix a warning reported by bz@Michael Tuexen2012-03-091-3/+3
| | | | | | | MFC after: 3 days. Notes: svn path=/head/; revision=232726
* Add support for stf interfaces.Michael Tuexen2012-03-091-0/+1
| | | | | | | MFC after: 3days. Notes: svn path=/head/; revision=232724
* Fix a bug reported by Peter Holm which results in a crash:Michael Tuexen2012-03-091-0/+9
| | | | | | | | | | Verify in sctp_peeloff() that the socket is a one-to-many style SCTP socket. MFC after: 3 days. Notes: svn path=/head/; revision=232723
* Change SYSINIT priorities so that ip_mroute_modevent() is executedMarko Zec2012-03-041-2/+2
| | | | | | | | | | | | | before vnet_mroute_init(), since vnet_mroute_init() depends on mfchashsize tunable to be set, and that is done in in ip_mroute_modevent(). Apparently I broke that ordering with r208744 almost 2 years ago... PR: kern/162201 Submitted by: Stevan Markovic (mcafee.com) MFC after: 3 days Notes: svn path=/head/; revision=232517
* Correct typo in the RFC number for the constants based on IANA assignmentsBjoern A. Zeeb2012-03-041-2/+2
| | | | | | | | | | for IPv6 Neighbor Discovery Option types for "IPv6 Router Advertisement Options for DNS Configuration". It is RFC 6106. MFC after: 3 days Notes: svn path=/head/; revision=232513
* - Refresh dynamic tcp rule only if both sides answered keepalive packets.Oleg Bulyzhin2012-02-281-19/+27
| | | | | | | | | - Remove some useless assignments. MFC after: 1 month Notes: svn path=/head/; revision=232273
* lookup_dyn_rule_locked(): style(9) cleanupOleg Bulyzhin2012-02-281-64/+62
| | | | | | | MFC after: 1 month Notes: svn path=/head/; revision=232272
* When using flowtable llentrys can outlive the interface with which they're ↵Kip Macy2012-02-231-16/+15
| | | | | | | | | | | | | | associated at which the lle_tbl pointer points to freed memory and the llt_free pointer is no longer valid. Move the free pointer in to the llentry itself and update the initalization sites. MFC after: 2 weeks Notes: svn path=/head/; revision=232054
* Don't use `m' after m_megapullup.Andrey V. Elsukov2012-02-221-1/+1
| | | | | | | | PR: kern/165373 MFC after: 3 days Notes: svn path=/head/; revision=231991
* Remove two clang warnings.Michael Tuexen2012-02-181-1/+1
| | | | | | | MFC after: 1 month. Notes: svn path=/head/; revision=231895
* IFC @231845Bjoern A. Zeeb2012-02-1715-76/+245
|\ | | | | | | | | | | | | Sponsored by: Cisco Systems, Inc. Notes: svn path=/projects/multi-fibv6/head/; revision=231846
| * Fix PAWS (Protect Against Wrapped Sequence numbers) in cases whenBjoern A. Zeeb2012-02-155-23/+54
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | hz >> 1000 and thus getting outside the timestamp clock frequenceny of 1ms < x < 1s per tick as mandated by RFC1323, leading to connection resets on idle connections. Always use a granularity of 1ms using getmicrouptime() making all but relevant callouts independent of hz. Use getmicrouptime(), not getmicrotime() as the latter may make a jump possibly breaking TCP nfsroot mounts having our timestamps move forward for more than 24.8 days in a second without having been idle for that long. PR: kern/61404 Reviewed by: jhb, mav, rrs Discussed with: silby, lstewart Sponsored by: Sandvine Incorporated (originally in 2011) MFC after: 6 weeks Notes: svn path=/head/; revision=231767
| * Fix a bug where the wrong protocol overhead was used. This can leadMichael Tuexen2012-02-141-25/+62
| | | | | | | | | | | | | | | | | | | | | | | | to a deadlock of an association when an IPv6 socket was used to communcate with IPv4 and an ICMPv4 fragmentation needed message was received. While there, simplify the code a bit. MFC after: 3 days. Notes: svn path=/head/; revision=231672
| * Set vnet context in callouts and taskqueues.Gleb Smirnoff2012-02-081-0/+8
| | | | | | | | | | | | | | PR: 164696 Notes: svn path=/head/; revision=231201
| * Make the 'tcpwin' option of ipfw(8) accept ranges and lists.Gleb Smirnoff2012-02-062-3/+17
| | | | | | | | | | | | | | Submitted by: sem Notes: svn path=/head/; revision=231076
| * Fix a typo which was already fixed by eadler in r227489. We missedMichael Tuexen2012-02-061-1/+1
| | | | | | | | | | | | | | | | | | to integrate this fix in our code base, so it was removed in r227755. MFC after: 3 days. Notes: svn path=/head/; revision=231074
| * Add new socket options: TCP_KEEPINIT, TCP_KEEPIDLE, TCP_KEEPINTVL andGleb Smirnoff2012-02-057-24/+103
| | | | | | | | | | | | | | | | | | | | TCP_KEEPCNT, that allow to control initial timeout, idle time, idle re-send interval and idle send count on a per-socket basis. Reviewed by: andre, bz, lstewart Notes: svn path=/head/; revision=231025
* | Document the fact that multi-FIB support for SCTP had been backed outBjoern A. Zeeb2012-02-031-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | in r179783 as (ab)using the concept of VRFs for this had not worked. At this point SCTP in FreeBSD does not support multi-FIB, neither for IPv4 nor for IPv6. Discussed with: rrs Sponsored by: Cisco Systems, Inc. Notes: svn path=/projects/multi-fibv6/head/; revision=230950
* | Make ipfw verify_path6() multi-FIB aware.Bjoern A. Zeeb2012-02-031-6/+6
| | | | | | | | | | | | | | | | | | The "fib" and "setfib" keywords implementations need no adjustments. Sponsored by: Cisco Systems, Inc. Notes: svn path=/projects/multi-fibv6/head/; revision=230943
* | Add multi-FIB IPv6 support to the core network stack supplementingBjoern A. Zeeb2012-02-032-2/+2
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | the original IPv4 implementation from r178888: - Use RT_DEFAULT_FIB in the IPv4 implementation where noticed. - Use rt*fib() KPI with explicit RT_DEFAULT_FIB where applicable in the NFS code. - Use the new in6_rt* KPI in TCP, gif(4), and the IPv6 network stack where applicable. - Split in6_rtqtimo() and in6_mtutimo() as done in IPv4 and equally prevent multiple initializations of callouts in in6_inithead(). - Use wrapper functions where needed to preserve the current KPI to ease MFCs. Use BURN_BRIDGES to indicate expected future cleanup. - Fix (related) comments (both technical or style). - Convert to rtinit() where applicable and only use custom loops where currently not possible otherwise. - Multicast group, most neighbor discovery address actions and faith(4) are locked to the default FIB. Individual IPv6 addresses will only appear in the default FIB, however redirect information and prefixes of connected subnets are automatically propagated to all FIBs by default (mimicking IPv4 behavior as closely as possible). Sponsored by: Cisco Systems, Inc. Notes: svn path=/projects/multi-fibv6/head/; revision=230942
* o Provide functions carp_ifa_addroute()/carp_ifa_delroute()Gleb Smirnoff2012-02-011-24/+41
| | | | | | | | | | | | | to cleanup routes from a single ifa. o Implement carp_addroute()/carp_delroute() via above functions. o Call carp_ifa_delroute() in the carp_detach() to avoid junk routes left in routing table, in case if user removes an address in a MASTER state. [1] Reported by: az [1] Notes: svn path=/head/; revision=230863
* a variable was erroneously declared as 32 bit instead of 64.Luigi Rizzo2012-01-271-1/+1
| | | | | | | MFC after: 3 days Notes: svn path=/head/; revision=230614
* Remove unused variable.Gleb Smirnoff2012-01-241-3/+0
| | | | Notes: svn path=/head/; revision=230508
* Make #error messages string-literals and remove punctuation.Bjoern A. Zeeb2012-01-223-3/+3
| | | | | | | | | Reported by: bde (for ip_divert) Reviewed by: bde MFC after: 3 days Notes: svn path=/head/; revision=230452
* Fix ip_divert handling of inet and inet6 and module building some more.Bjoern A. Zeeb2012-01-221-3/+1
| | | | | | | | | | | Properly sort the "carp" case in modules/Makefile after it was renamed. Reported by: bde (most) Reviewed by: bde MFC after: 3 days Notes: svn path=/head/; revision=230443
generated by cgit v1.2.3 (git 2.25.1) at 2024-10-08 19:26:44 +0000