Commit Graph

27 Commits

Author SHA1 Message Date
Hiroki Sato
a283298ce3 Improve flexibility of receiving Router Advertisement and
automatic link-local address configuration:

- Convert a sysctl net.inet6.ip6.accept_rtadv to one for the
  default value of a per-IF flag ND6_IFF_ACCEPT_RTADV, not a
  global knob.  The default value of the sysctl is 0.

- Add a new per-IF flag ND6_IFF_AUTO_LINKLOCAL and convert a
  sysctl net.inet6.ip6.auto_linklocal to one for its default
  value.  The default value of the sysctl is 1.

- Make ND6_IFF_IFDISABLED more robust.  It can be used to disable
  IPv6 functionality of an interface now.

- Receiving RA is allowed if ip6_forwarding==0 *and*
  ND6_IFF_ACCEPT_RTADV is set on that interface.  The former
  condition will be revisited later to support a "host + router" box
  like IPv6 CPE router.  The current behavior is compatible with
  the older releases of FreeBSD.

- The ifconfig(8) now supports these ND6 flags as well as "nud",
  "prefer_source", and "disabled" in ndp(8).  The ndp(8) now
  supports "auto_linklocal".

Discussed with:	bz and jinmei
Reviewed by:	bz
MFC after:	3 days
2009-09-12 22:08:20 +00:00
Bjoern A. Zeeb
cb58c0efad In the NEXTADDR macro use SA_SIZE() rather than directly using
sizeof(), as introduced in r186119, for advancing the current
position into the buffer.
See comment in net/route.h for a description of the difference.
This makes ndp -s work again.

Reviewed by:	qingli
X-MFC after:	now
2009-09-05 16:51:51 +00:00
Qing Li
8eca593c5a This checkin addresses a couple of issues:
1. The "route" command allows route insertion through the interface-direct
   option "-iface". During if_attach(), an sockaddr_dl{} entry is created
   for the interface and is part of the interface address list. This
   sockaddr_dl{} entry describes the interface in detail. The "route"
   command selects this entry as the "gateway" object when the "-iface"
   option is present. The "arp" and "ndp" commands also interact with the
   kernel through the routing socket when adding and removing static L2
   entries. The static L2 information is also provided through the
   "gateway" object with an AF_LINK family type, similar to what is
   provided by the "route" command. In order to differentiate between
   these two types of operations, a RTF_LLDATA flag is introduced. This
   flag is set by the "arp" and "ndp" commands when issuing the add and
   delete commands. This flag is also set in each L2 entry returned by the
   kernel. The "arp" and "ndp" command follows a convention where a RTM_GET
   is issued first followed by a RTM_ADD/DELETE. This RTM_GET request fills
   in the fields for a "rtm" object, which is reinjected into the kernel by
   a subsequent RTM_ADD/DELETE command. The entry returend from RTM_GET
   is a prefix route, so the RTF_LLDATA flag must be specified when issuing
   the RTM_ADD/DELETE messages.

2. Enforce the convention that NET_RT_FLAGS with a 0 w_arg is the
   specification for retrieving L2 information. Also optimized the
   code logic.

Reviewed by:   julian
2008-12-26 19:45:24 +00:00
Qing Li
6e6b3f7cbc This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
   possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,

The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.

Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:

- Kip Macy revised the locking code completely, thus completing
  the last piece of the puzzle, Kip has also been conducting
  active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
  provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
  me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
Kevin Lo
784bddbc5b Cleanup of userland __P use 2007-11-07 10:53:41 +00:00
Kevin Lo
d069140339 Use sizeof() for calculating the buffer size instead of hard-coded values. 2007-03-06 09:32:41 +00:00
Maxim Konovalov
ba5b74d001 o Remove duplicate includes.
Obtained from:	Slava Semushin via NetBSD
2007-01-20 08:24:02 +00:00
SUZUKI Shinsuke
5b27b04579 supported an ndp command suboption to disable IPv6 in the given interface
Obtained from: KAME
Reviewd by: ume, gnn
MFC after: 2 week
2005-10-19 16:20:18 +00:00
SUZUKI Shinsuke
057c4aff27 sync with KAME in the following point:
- fixed a bug that "ndp ... proxy" command does not work

Obtained from: KAME
Reviewd by: ume, gnn
MFC after: 2 weeks
2005-10-19 15:58:23 +00:00
SUZUKI Shinsuke
ec0176bbda sync with KAME in the following points:
- removed compilation warnings
- suppress a redundant error message when a default-router-list is empty

Obtained from: KAME
Reviewd by: ume, gnn
MFC after: 2 weeks
2005-10-19 15:52:00 +00:00
SUZUKI Shinsuke
b9204379a1 added an ioctl option in kernel so that ndp/rtadvd can change some NDP-related kernel variables based on their configurations (RFC2461 p.43 6.2.1 mandates this for IPv6 routers)
Obtained from: KAME
Reviewd by: ume, gnn
MFC after: 2 weeks
2005-10-19 15:05:42 +00:00
Warner Losh
486c8cc4c6 Per letter dated July 22, 1999 remove 3rd clause of Berkeley derived software
(with permission of addtional copyright holders where appropriate)
2004-08-07 04:28:56 +00:00
Munechika SUMIKAWA
3a53156b9b Flush stdout when -A option is used.
Obtained from:	KAME
MFC after:	1 week
2004-02-10 22:50:57 +00:00
SUZUKI Shinsuke
ce4bcde831 fixed improper routing-message flag
Obtained from: KAME
2004-01-08 07:25:04 +00:00
Hajimu UMEMOTO
3174c1d413 - make command line argument parsing POSIX compliant. comment from
deraadt NOTE: -I needs to take an arg (there's no way we can take no
  arg/an arg with a single option)
- sscanf overrun
- no variable name on prototype.
- u_int32_t may not be u_long.
- skipped non-host route when printing neighbor cache entries.
- valid and preferred lifetimes are unsigned.
- wording.

Obtained from:	KAME
2003-11-13 16:02:44 +00:00
Hajimu UMEMOTO
2b5e03118b show maxmtu.
Obtained from:	KAME
2003-10-24 18:00:17 +00:00
Hajimu UMEMOTO
31423309c2 don't print ndp -i result if the interface is not
initialized

Obtained from:	KAME
2003-10-17 16:17:47 +00:00
Hajimu UMEMOTO
a96bd7843f - NI_WITHSCOPEID was deprecated
- use strlcpy() and snprintf()
- use err()
- style

Obtained from:	KAME
2003-10-17 11:46:40 +00:00
Hajimu UMEMOTO
07cf047d5a introduced a flag bit "ND6_IFF_ACCEPT_RTADV" in the nd_ifinfo structure to
control whether to accept RAs per-interface basis.
the new stuff ensures the backward compatibility;
- the kernel does not accept RAs on any interfaces by default.
- since the default value of the flag bit is on, the kernel accepts RAs
  on all interfaces when net.inet6.ip6.accept_rtadv is 1.

Obtained from:	KAME
MFC after:	1 week
2003-08-05 14:57:11 +00:00
Juli Mallett
42f3352b5c Change 'int pid' to 'pid_t pid'
Submitted by:	Bruce "Allah" Dang <bruce@research.teamxor.org>
2002-07-25 01:48:19 +00:00
Munechika SUMIKAWA
220f01cd2d Do not delete 'goto ours' routes when using -c option.
Obtained from:	KAME
2001-08-09 19:40:35 +00:00
Hajimu UMEMOTO
3384154590 Sync with recent KAME.
This work was based on kame-20010528-freebsd43-snap.tgz and some
critical problem after the snap was out were fixed.
There are many many changes since last KAME merge.

TODO:
  - The definitions of SADB_* in sys/net/pfkeyv2.h are still different
    from RFC2407/IANA assignment because of binary compatibility
    issue.  It should be fixed under 5-CURRENT.
  - ip6po_m member of struct ip6_pktopts is no longer used.  But, it
    is still there because of binary compatibility issue.  It should
    be removed under 5-CURRENT.

Reviewed by:	itojun
Obtained from:	KAME
MFC after:	3 weeks
2001-06-11 12:39:29 +00:00
Munechika SUMIKAWA
02647224e9 - simplify option flags
- do not print header when using -c
- linklocal address are not cleared when using -c

Obtained from:	KAME
2000-10-09 09:28:49 +00:00
Jun-ichiro itojun Hagino
ccf935dd81 sync with latest kame tree 2000-07-04 16:43:14 +00:00
Philippe Charnier
9a784c6a99 Add prototype 2000-05-28 15:04:01 +00:00
Yoshinobu Inoue
94b65aeee9 Add missing return.
"ndp" command should deletes only neighbor cache entries, but the
  program lacks necessary "return" after the neighbor cache
  entry check, so it might deletes non neighbor cache entries.
  (it seems that usually no problem happens.)

Approved by: jkh
Reviewed by: ume
2000-03-11 20:57:31 +00:00
Yoshinobu Inoue
9a4365d0e0 libipsec and IPsec related apps. (and some KAME related man pages)
Reviewed by: freebsd-arch, cvs-committers
Obtained from: KAME project
2000-01-06 12:40:54 +00:00