Since ARP and routing are separated, "proxy only" entries
don't have any meaning, thus we don't need additional field
in sockaddr to pass SIN_PROXY flag.
New kernel is binary compatible with old tools, since sizes
of sockaddr_inarp and sockaddr_in match, and sa_family are
filled with same value.
The structure declaration is left for compatibility with
third party software, but in tree code no longer use it.
Reviewed by: ru, andre, net@
- Add a range condition of given FIB number and the related error messages.
- Fix free() problem.
Spotted by: Artyom Mirgorodskiy
Discussed with: glebius
- Deembed scope id in L3 address in in6_lltable_dump().
- Simplify scope id recovery in rtsock routines.
- Remove embedded scope id handling in ndp(8) and route(8) completely.
- Check V_deembed_scopeid before checking if sa_family == AF_INET6.
- Fix scope id handing in route(8)[2] and ifconfig(8).
Reported by: rpaulo[1], Mateusz Guzik[1], peter[2]
userland via routing socket or sysctl. This eliminates the following
KAME-specific sin6_scope_id handling routine from each userland utility:
sin6.sin6_scope_id = ntohs(*(u_int16_t *)&sin6.sin6_addr.s6_addr[2]);
This behavior can be controlled by net.inet6.ip6.deembed_scopeid. This is
set to 1 by default (sin6_scope_id will be filled in the kernel).
Reviewed by: bz
comma-separated list and/or range specification:
# route add -inet 192.0.2.0/24 198.51.100.1 -fib 1,3-5,6
Although all of the subcommands supports the modifier, "monitor" does not
support the list or range specification at this moment.
Reviewed by: bz
- add static and const where appropriate
- check pointers against NULL
- minor styling nits
- it is actually WARNS=6 clean for non-strict alignment platforms
This is shamelessly stolen from DragonflyBSD and reduces our diff.
PR: bin/140078
Approved by: ed (co-mentor)
- add show as alias for get
- add weights to allow mpath to do more than equal cost
- add sticky / nostick to disable / re-enable per-connection load balancing
This adds a field to rt_metrics_lite so network bits of world will need to be re-built.
Reviewed by: jeli & qingli
calculation was too agressive. Instead we should only
look at each nibble. This makes it so we make
10.2.0.0 become 10.2/16 NOT 10.2/17.
Need to explore the non-cidr address issue. The two
may not be seperable..
MFC after: 1 week
if a entry is not route add -net xxx/bits then we should use
the addr (xxx) to establish the number of bits by looking at
the first non-zero bit. So if we enter
route add -net 10.1.1.0 10.1.3.5
this is the same as doing
route add -net 10.1.1.0/24
Since the 8th bit (zero counting) is set to 1 we set bits
to 32-8.
Users can of course still use the /x to change this behavior
or in cases where the network is in the trailing part
of the address, a "netmask" argument can be supplied to
override what is established from the interpretation of the
address itself. e.g:
route add -net 10.1.1.8 -netmask 0xff00ffff
should overide and place the proper CIDR mask in place.
PR: 131365
MFC after: 1 week
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
'get'. Since rtmsg() always gets called and returns 0 on success and -1
on failure, it's possible to exit with a suitable exit code by calling
exit(ret != 0) instead, as is done at the end of newroute().
PR: bin/112303
Submitted by: bruce@cran.org.uk
MFC after: 1 week
command would add incorrect routing entries if network numbers weren't
fully "spelled" out according to their class. For example:
# route add 128.0/16 (works)
# route add 128/16 (doesn't work)
# route add 193.0.0/24 (works)
# route add 193/24 (doesn't work)
Also, rework the way a netmask is deduced from network number if
it [netmask] is not specified.
Submitted by: Nuno Antunes <nuno.antunes@gmail.com> (mostly)
MFC after: 1 week
- Add description for EEXIST.
- Change description for ENOBUFS. Routing socket can return
this error for many different reasons, including general
memory shortage, mbuf memory shortage and rtentry zone.
PR: kern/64090 [1]
root is allowed to create raw sockets, then they will be able to create
routing sockets, too. However prison-root is not able to manipulate
routing tables. So when route(8) attempts to write to a routing
socket and recieves EPERM from the kernel, exit rather than moving
on with execution.
Approved by: bmilekic (mentor)
prior sysctl due to the structure growing between calls try again.
Also try again for deleting routes if things fail. We've seen
route -f fail this way which does not actually flush all routes.
This fixes it. It will whine but it will do the work.
PR: 56732
Obtained from: IronPort
answer for the euid. As a result, fix it such that setuid scripts or
programs may call route(8) to do work on their behalf.
Reviewed by: ru
MFC after: 3 days
- /0 if matches ::/128
- /64 if matches 2000::/3 and lowermost 64 bit is all 0
- /128 if matches 2000::/3 and lowermost 64 bit is non-zero 0
Obtained from: KAME/NetBSD
It does not help modern compilers, and some may take some hit from it.
(I also found several functions that listed *every* of its 10 local vars with
"register" -- just how many free registers do people think machines have?)