|
Revision tags: release/9.2.0 |
|
| #
d1d01586 |
| 05-Sep-2013 |
Simon J. Gerraty <sjg@FreeBSD.org> |
Merge from head
|
| #
40f65a4d |
| 07-Aug-2013 |
Peter Grehan <grehan@FreeBSD.org> |
IFC @ r254014
|
| #
552311f4 |
| 17-Jul-2013 |
Xin LI <delphij@FreeBSD.org> |
IFC @253398
|
| #
ceae90c2 |
| 05-Jul-2013 |
Peter Grehan <grehan@FreeBSD.org> |
IFC @ r252763
|
| #
4099f7e6 |
| 03-Jul-2013 |
Hiroki Sato <hrs@FreeBSD.org> |
Fix a typo (s/error/errno/).
|
| #
33cfdcc3 |
| 30-Jun-2013 |
Hiroki Sato <hrs@FreeBSD.org> |
Do not display a warning message in a jail without AF_INET6 support.
MFC after: 3 days
|
| #
cfe30d02 |
| 19-Jun-2013 |
Gleb Smirnoff <glebius@FreeBSD.org> |
Merge fresh head.
|
|
Revision tags: release/8.4.0 |
|
| #
d241a0e6 |
| 26-Feb-2013 |
Xin LI <delphij@FreeBSD.org> |
IFC @247348.
|
| #
d9a44755 |
| 08-Feb-2013 |
David E. O'Brien <obrien@FreeBSD.org> |
Sync with HEAD.
|
| #
c2217b98 |
| 17-Jan-2013 |
Neel Natu <neel@FreeBSD.org> |
IFC @ r245509
|
| #
164051ce |
| 09-Jan-2013 |
Hajimu UMEMOTO <ume@FreeBSD.org> |
Add no_prefer_iface option.
It stops treating the address on the interface as special by source
address selection rule even when the interface is outgoing interface.
This is desired in some situation
Add no_prefer_iface option.
It stops treating the address on the interface as special by source
address selection rule even when the interface is outgoing interface.
This is desired in some situation.
Requested by: hrs
Reviewed by: IHANet folks including hrs
MFC after: 1 week
show more ...
|
| #
46b1c55d |
| 04-Jan-2013 |
Neel Natu <neel@FreeBSD.org> |
IFC @ r244983.
|
| #
a5752d55 |
| 21-Dec-2012 |
Kevin Lo <kevlo@FreeBSD.org> |
Fix socket calls on error post-r243965.
Submitted by: Garrett Cooper
|
|
Revision tags: release/9.1.0 |
|
| #
b652778e |
| 11-Jul-2012 |
Peter Grehan <grehan@FreeBSD.org> |
IFC @ r238370
|
| #
31ccd489 |
| 28-May-2012 |
Gleb Smirnoff <glebius@FreeBSD.org> |
Merge head r233826 through r236168.
|
| #
6a068746 |
| 15-May-2012 |
Alexander Motin <mav@FreeBSD.org> |
MFC
|
| #
8a3beec6 |
| 11-May-2012 |
Hiroki Sato <hrs@FreeBSD.org> |
Skip nd6 line with no warning message when the system does not support
INET6.
Spotted by: flo
|
|
Revision tags: release/8.3.0_cvs, release/8.3.0, release/9.0.0 |
|
| #
a5615c90 |
| 28-Jun-2011 |
Peter Grehan <grehan@FreeBSD.org> |
IFC @ r222830
|
| #
81c02539 |
| 06-Jun-2011 |
Attilio Rao <attilio@FreeBSD.org> |
MFC
|
| #
e7fa8d0a |
| 06-Jun-2011 |
Hiroki Sato <hrs@FreeBSD.org> |
- Accept Router Advertisement messages even when net.inet6.ip6.forwarding=1.
- A new per-interface knob IFF_ND6_NO_RADR and sysctl IPV6CTL_NO_RADR.
This controls if accepting a route in an RA mess
- Accept Router Advertisement messages even when net.inet6.ip6.forwarding=1.
- A new per-interface knob IFF_ND6_NO_RADR and sysctl IPV6CTL_NO_RADR.
This controls if accepting a route in an RA message as the default route.
The default value for each interface can be set by net.inet6.ip6.no_radr.
The system wide default value is 0.
- A new sysctl: net.inet6.ip6.norbit_raif. This controls if setting R-bit in
NA on RA accepting interfaces. The default is 0 (R-bit is set based on
net.inet6.ip6.forwarding).
Background:
IPv6 host/router model suggests a router sends an RA and a host accepts it for
router discovery. Because of that, KAME implementation does not allow
accepting RAs when net.inet6.ip6.forwarding=1. Accepting RAs on a router can
make the routing table confused since it can change the default router
unintentionally.
However, in practice there are cases where we cannot distinguish a host from
a router clearly. For example, a customer edge router often works as a host
against the ISP, and as a router against the LAN at the same time. Another
example is a complex network configurations like an L2TP tunnel for IPv6
connection to Internet over an Ethernet link with another native IPv6 subnet.
In this case, the physical interface for the native IPv6 subnet works as a
host, and the pseudo-interface for L2TP works as the default IP forwarding
route.
Problem:
Disabling processing RA messages when net.inet6.ip6.forwarding=1 and
accepting them when net.inet6.ip6.forward=0 cause the following practical
issues:
- A router cannot perform SLAAC. It becomes a problem if a box has
multiple interfaces and you want to use SLAAC on some of them, for
example. A customer edge router for IPv6 Internet access service
using an IPv6-over-IPv6 tunnel sometimes needs SLAAC on the
physical interface for administration purpose; updating firmware
and so on (link-local addresses can be used there, but GUAs by
SLAAC are often used for scalability).
- When a host has multiple IPv6 interfaces and it receives multiple RAs on
them, controlling the default route is difficult. Router preferences
defined in RFC 4191 works only when the routers on the links are
under your control.
Details of Implementation Changes:
Router Advertisement messages will be accepted even when
net.inet6.ip6.forwarding=1. More precisely, the conditions are as
follow:
(ACCEPT_RTADV && !NO_RADR && !ip6.forwarding)
=> Normal RA processing on that interface. (as IPv6 host)
(ACCEPT_RTADV && (NO_RADR || ip6.forwarding))
=> Accept RA but add the router to the defroute list with
rtlifetime=0 unconditionally. This effectively prevents
from setting the received router address as the box's
default route.
(!ACCEPT_RTADV)
=> No RA processing on that interface.
ACCEPT_RTADV and NO_RADR are per-interface knob. In short, all interface
are classified as "RA-accepting" or not. An RA-accepting interface always
processes RA messages regardless of ip6.forwarding. The difference caused by
NO_RADR or ip6.forwarding is whether the RA source address is considered as
the default router or not.
R-bit in NA on the RA accepting interfaces is set based on
net.inet6.ip6.forwarding. While RFC 6204 W-1 rule (for CPE case) suggests
a router should disable the R-bit completely even when the box has
net.inet6.ip6.forwarding=1, I believe there is no technical reason with
doing so. This behavior can be set by a new sysctl net.inet6.ip6.norbit_raif
(the default is 0).
Usage:
# ifconfig fxp0 inet6 accept_rtadv
=> accept RA on fxp0
# ifconfig fxp0 inet6 accept_rtadv no_radr
=> accept RA on fxp0 but ignore default route information in it.
# sysctl net.inet6.ip6.norbit_no_radr=1
=> R-bit in NAs on RA accepting interfaces will always be set to 0.
show more ...
|
| #
c3cc3217 |
| 05-Jun-2011 |
Hiroki Sato <hrs@FreeBSD.org> |
Add the "nd6 options" line handler as af_other_status() of AF_INET6, not as an
own address family.
Reviewed by: bz
|
| #
61b92692 |
| 31-May-2011 |
Attilio Rao <attilio@FreeBSD.org> |
MFC
|
| #
5af3fa9a |
| 31-May-2011 |
Bjoern A. Zeeb <bz@FreeBSD.org> |
Conditionally compile in the af_inet and af_inet6, af_nd6 modules.
If compiled in for dual-stack use, test with feature_present(3)
to see if we should register the IPv4/IPv6 address family related
op
Conditionally compile in the af_inet and af_inet6, af_nd6 modules.
If compiled in for dual-stack use, test with feature_present(3)
to see if we should register the IPv4/IPv6 address family related
options.
In case there is no "inet" support we would love to go with the
usage() and make the address family mandatory (as it is for anything
but inet in theory). Unfortunately people are used to
ifconfig IF up/down
etc. as well, so use a fallback of "link". Adjust the man page
to reflect these minor details.
Improve error handling printing a warning in addition to the usage
telling that we do not know the given address family in two places.
Reviewed by: hrs, rwatson
Sponsored by: The FreeBSD Foundation
Sponsored by: iXsystems
MFC after: 2 weeks
show more ...
|
|
Revision tags: release/7.4.0_cvs, release/8.2.0_cvs, release/7.4.0, release/8.2.0, release/8.1.0_cvs, release/8.1.0, release/7.3.0_cvs, release/7.3.0 |
|
| #
1a0fda2b |
| 04-Mar-2010 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
IFH@204581
|
| #
28769e85 |
| 07-Dec-2009 |
Hiroki Sato <hrs@FreeBSD.org> |
MFC:
r197138:
- The ifconfig(8) command now supports NDP flags which are handled by ndp(8).
r198006:
- Use printb() to display the "nd6 options=" line.
|