2 * Copyright (c) 2002 Michael Shalayeff. All rights reserved.
3 * Copyright (c) 2003 Ryan McBride. All rights reserved.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17 * IN NO EVENT SHALL THE AUTHOR OR HIS RELATIVES BE LIABLE FOR ANY DIRECT,
18 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
19 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
20 * SERVICES; LOSS OF MIND, USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
22 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
23 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
24 * THE POSSIBILITY OF SUCH DAMAGE.
27 * $FreeBSD: src/sys/netinet/ip_carp.c,v 1.48 2007/02/02 09:39:09 glebius Exp $
32 #include "opt_inet6.h"
34 #include <sys/param.h>
35 #include <sys/systm.h>
36 #include <sys/kernel.h>
37 #include <sys/in_cksum.h>
38 #include <sys/limits.h>
39 #include <sys/malloc.h>
41 #include <sys/msgport2.h>
45 #include <sys/sockio.h>
46 #include <sys/socket.h>
47 #include <sys/sysctl.h>
48 #include <sys/syslog.h>
49 #include <sys/thread.h>
51 #include <machine/stdarg.h>
52 #include <crypto/sha1.h>
55 #include <net/ethernet.h>
57 #include <net/if_dl.h>
58 #include <net/if_types.h>
59 #include <net/route.h>
60 #include <net/if_clone.h>
61 #include <net/if_var.h>
62 #include <net/ifq_var.h>
63 #include <net/netmsg2.h>
66 #include <netinet/in.h>
67 #include <netinet/in_var.h>
68 #include <netinet/in_systm.h>
69 #include <netinet/ip.h>
70 #include <netinet/ip_var.h>
71 #include <netinet/if_ether.h>
75 #include <netinet/icmp6.h>
76 #include <netinet/ip6.h>
77 #include <netinet6/ip6_var.h>
78 #include <netinet6/scope6_var.h>
79 #include <netinet6/nd6.h>
82 #include <netinet/ip_carp.h>
84 #define CARP_IFNAME "carp"
85 #define CARP_IS_RUNNING(ifp) \
86 (((ifp)->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING))
91 uint32_t vha_flags; /* CARP_VHAF_ */
92 struct in_ifaddr *vha_ia; /* carp address */
93 struct in_ifaddr *vha_iaback; /* backing address */
94 TAILQ_ENTRY(carp_vhaddr) vha_link;
96 TAILQ_HEAD(carp_vhaddr_list, carp_vhaddr);
99 struct netmsg_base base;
100 struct ifnet *nc_carpdev;
101 struct carp_softc *nc_softc;
107 struct arpcom arpcom;
108 struct ifnet *sc_carpdev; /* parent interface */
109 struct carp_vhaddr_list sc_vha_list; /* virtual addr list */
111 const struct in_ifaddr *sc_ia; /* primary iface address v4 */
112 struct ip_moptions sc_imo;
115 struct in6_ifaddr *sc_ia6; /* primary iface address v6 */
116 struct ip6_moptions sc_im6o;
119 enum { INIT = 0, BACKUP, MASTER }
125 int sc_sendad_errors;
126 #define CARP_SENDAD_MAX_ERRORS 3
127 int sc_sendad_success;
128 #define CARP_SENDAD_MIN_SUCCESS 3
132 int sc_naddrs; /* actually used IPv4 vha */
134 int sc_advbase; /* seconds */
139 #define CARP_HMAC_PAD 64
140 unsigned char sc_key[CARP_KEY_LEN];
141 unsigned char sc_pad[CARP_HMAC_PAD];
144 struct callout sc_ad_tmo; /* advertisement timeout */
145 struct netmsg_carp sc_ad_msg; /* adv timeout netmsg */
146 struct callout sc_md_tmo; /* ip4 master down timeout */
147 struct callout sc_md6_tmo; /* ip6 master down timeout */
148 struct netmsg_carp sc_md_msg; /* master down timeout netmsg */
150 LIST_ENTRY(carp_softc) sc_next; /* Interface clue */
153 #define sc_if arpcom.ac_if
155 struct carp_softc_container {
156 TAILQ_ENTRY(carp_softc_container) scc_link;
157 struct carp_softc *scc_softc;
159 TAILQ_HEAD(carp_if, carp_softc_container);
161 SYSCTL_DECL(_net_inet_carp);
163 static int carp_opts[CARPCTL_MAXID] = { 0, 1, 0, 1, 0, 0 }; /* XXX for now */
164 SYSCTL_INT(_net_inet_carp, CARPCTL_ALLOW, allow, CTLFLAG_RW,
165 &carp_opts[CARPCTL_ALLOW], 0, "Accept incoming CARP packets");
166 SYSCTL_INT(_net_inet_carp, CARPCTL_PREEMPT, preempt, CTLFLAG_RW,
167 &carp_opts[CARPCTL_PREEMPT], 0, "high-priority backup preemption mode");
168 SYSCTL_INT(_net_inet_carp, CARPCTL_LOG, log, CTLFLAG_RW,
169 &carp_opts[CARPCTL_LOG], 0, "log bad carp packets");
170 SYSCTL_INT(_net_inet_carp, CARPCTL_ARPBALANCE, arpbalance, CTLFLAG_RW,
171 &carp_opts[CARPCTL_ARPBALANCE], 0, "balance arp responses");
173 static int carp_suppress_preempt = 0;
174 SYSCTL_INT(_net_inet_carp, OID_AUTO, suppress_preempt, CTLFLAG_RD,
175 &carp_suppress_preempt, 0, "Preemption is suppressed");
177 static struct carpstats carpstats;
178 SYSCTL_STRUCT(_net_inet_carp, CARPCTL_STATS, stats, CTLFLAG_RW,
179 &carpstats, carpstats,
180 "CARP statistics (struct carpstats, netinet/ip_carp.h)");
182 #define CARP_LOG(...) do { \
183 if (carp_opts[CARPCTL_LOG] > 0) \
184 log(LOG_INFO, __VA_ARGS__); \
187 #define CARP_DEBUG(...) do { \
188 if (carp_opts[CARPCTL_LOG] > 1) \
189 log(LOG_DEBUG, __VA_ARGS__); \
192 static struct lwkt_token carp_tok = LWKT_TOKEN_INITIALIZER(carp_token);
194 static void carp_hmac_prepare(struct carp_softc *);
195 static void carp_hmac_generate(struct carp_softc *, uint32_t *,
197 static int carp_hmac_verify(struct carp_softc *, uint32_t *,
199 static void carp_setroute(struct carp_softc *, int);
200 static void carp_proto_input_c(struct carp_softc *, struct mbuf *,
201 struct carp_header *, sa_family_t);
202 static int carp_clone_create(struct if_clone *, int, caddr_t);
203 static int carp_clone_destroy(struct ifnet *);
204 static void carp_detach(struct carp_softc *, int, boolean_t);
205 static void carp_prepare_ad(struct carp_softc *, struct carp_header *);
206 static void carp_send_ad_all(void);
207 static void carp_send_ad_timeout(void *);
208 static void carp_send_ad(struct carp_softc *);
209 static void carp_send_arp(struct carp_softc *);
210 static void carp_master_down_timeout(void *);
211 static void carp_master_down(struct carp_softc *);
212 static void carp_setrun(struct carp_softc *, sa_family_t);
213 static void carp_set_state(struct carp_softc *, int);
214 static struct ifnet *carp_forus(struct carp_if *, const uint8_t *);
216 static void carp_init(void *);
217 static int carp_ioctl(struct ifnet *, u_long, caddr_t, struct ucred *);
218 static int carp_output(struct ifnet *, struct mbuf *, struct sockaddr *,
220 static void carp_start(struct ifnet *);
221 static void carp_serialize(struct ifnet *, enum ifnet_serialize);
222 static void carp_deserialize(struct ifnet *, enum ifnet_serialize);
223 static int carp_tryserialize(struct ifnet *, enum ifnet_serialize);
225 static void carp_serialize_assert(struct ifnet *, enum ifnet_serialize,
229 static void carp_multicast_cleanup(struct carp_softc *);
230 static void carp_add_addr(struct carp_softc *, struct ifaddr *);
231 static void carp_del_addr(struct carp_softc *, struct ifaddr *);
232 static void carp_config_addr(struct carp_softc *, struct ifaddr *);
233 static void carp_link_addrs(struct carp_softc *, struct ifnet *,
235 static void carp_unlink_addrs(struct carp_softc *, struct ifnet *,
237 static void carp_update_addrs(struct carp_softc *, struct ifaddr *);
239 static int carp_config_vhaddr(struct carp_softc *, struct carp_vhaddr *,
241 static int carp_activate_vhaddr(struct carp_softc *, struct carp_vhaddr *,
242 struct ifnet *, struct in_ifaddr *, int);
243 static void carp_deactivate_vhaddr(struct carp_softc *,
244 struct carp_vhaddr *, boolean_t);
245 static int carp_addroute_vhaddr(struct carp_softc *, struct carp_vhaddr *);
246 static void carp_delroute_vhaddr(struct carp_softc *, struct carp_vhaddr *,
250 static void carp_sc_state(struct carp_softc *);
253 static void carp_send_na(struct carp_softc *);
255 static int carp_set_addr6(struct carp_softc *, struct sockaddr_in6 *);
256 static int carp_del_addr6(struct carp_softc *, struct sockaddr_in6 *);
258 static void carp_multicast6_cleanup(struct carp_softc *);
260 static void carp_stop(struct carp_softc *, int);
261 static void carp_suspend(struct carp_softc *, int);
262 static void carp_ioctl_stop(struct carp_softc *);
263 static int carp_ioctl_setvh(struct carp_softc *, void *, struct ucred *);
264 static int carp_ioctl_getvh(struct carp_softc *, void *, struct ucred *);
265 static int carp_ioctl_getdevname(struct carp_softc *, struct ifdrv *);
266 static int carp_ioctl_getvhaddr(struct carp_softc *, struct ifdrv *);
268 static struct carp_if *carp_if_remove(struct carp_if *, struct carp_softc *);
269 static struct carp_if *carp_if_insert(struct carp_if *, struct carp_softc *);
270 static void carp_if_free(struct carp_if *);
272 static void carp_ifaddr(void *, struct ifnet *, enum ifaddr_event,
274 static void carp_ifdetach(void *, struct ifnet *);
276 static void carp_ifdetach_dispatch(netmsg_t);
277 static void carp_clone_destroy_dispatch(netmsg_t);
278 static void carp_init_dispatch(netmsg_t);
279 static void carp_ioctl_stop_dispatch(netmsg_t);
280 static void carp_ioctl_setvh_dispatch(netmsg_t);
281 static void carp_ioctl_getvh_dispatch(netmsg_t);
282 static void carp_ioctl_getdevname_dispatch(netmsg_t);
283 static void carp_ioctl_getvhaddr_dispatch(netmsg_t);
284 static void carp_send_ad_timeout_dispatch(netmsg_t);
285 static void carp_master_down_timeout_dispatch(netmsg_t);
287 static MALLOC_DEFINE(M_CARP, "CARP", "CARP interfaces");
289 static LIST_HEAD(, carp_softc) carpif_list;
291 static struct if_clone carp_cloner =
292 IF_CLONE_INITIALIZER(CARP_IFNAME, carp_clone_create, carp_clone_destroy,
295 static uint8_t carp_etheraddr[ETHER_ADDR_LEN] = { 0, 0, 0x5e, 0, 1, 0 };
297 static eventhandler_tag carp_ifdetach_event;
298 static eventhandler_tag carp_ifaddr_event;
301 carp_insert_vhaddr(struct carp_softc *sc, struct carp_vhaddr *vha_new)
303 struct carp_vhaddr *vha;
304 u_long new_addr, addr;
306 KKASSERT((vha_new->vha_flags & CARP_VHAF_ONLIST) == 0);
309 * Virtual address list is sorted; smaller one first
311 new_addr = ntohl(vha_new->vha_ia->ia_addr.sin_addr.s_addr);
313 TAILQ_FOREACH(vha, &sc->sc_vha_list, vha_link) {
314 addr = ntohl(vha->vha_ia->ia_addr.sin_addr.s_addr);
320 TAILQ_INSERT_TAIL(&sc->sc_vha_list, vha_new, vha_link);
322 TAILQ_INSERT_BEFORE(vha, vha_new, vha_link);
323 vha_new->vha_flags |= CARP_VHAF_ONLIST;
327 carp_remove_vhaddr(struct carp_softc *sc, struct carp_vhaddr *vha)
329 KKASSERT(vha->vha_flags & CARP_VHAF_ONLIST);
330 vha->vha_flags &= ~CARP_VHAF_ONLIST;
331 TAILQ_REMOVE(&sc->sc_vha_list, vha, vha_link);
335 carp_hmac_prepare(struct carp_softc *sc)
337 uint8_t version = CARP_VERSION, type = CARP_ADVERTISEMENT;
338 uint8_t vhid = sc->sc_vhid & 0xff;
341 struct ifaddr_container *ifac;
345 struct carp_vhaddr *vha;
348 /* XXX: possible race here */
350 /* compute ipad from key */
351 bzero(sc->sc_pad, sizeof(sc->sc_pad));
352 bcopy(sc->sc_key, sc->sc_pad, sizeof(sc->sc_key));
353 for (i = 0; i < sizeof(sc->sc_pad); i++)
354 sc->sc_pad[i] ^= 0x36;
356 /* precompute first part of inner hash */
357 SHA1Init(&sc->sc_sha1);
358 SHA1Update(&sc->sc_sha1, sc->sc_pad, sizeof(sc->sc_pad));
359 SHA1Update(&sc->sc_sha1, (void *)&version, sizeof(version));
360 SHA1Update(&sc->sc_sha1, (void *)&type, sizeof(type));
361 SHA1Update(&sc->sc_sha1, (void *)&vhid, sizeof(vhid));
363 TAILQ_FOREACH(vha, &sc->sc_vha_list, vha_link) {
364 SHA1Update(&sc->sc_sha1,
365 (const uint8_t *)&vha->vha_ia->ia_addr.sin_addr,
366 sizeof(struct in_addr));
370 TAILQ_FOREACH(ifac, &sc->sc_if.if_addrheads[mycpuid], ifa_link) {
371 struct ifaddr *ifa = ifac->ifa;
373 if (ifa->ifa_addr->sa_family == AF_INET6) {
374 in6 = ifatoia6(ifa)->ia_addr.sin6_addr;
375 in6_clearscope(&in6);
376 SHA1Update(&sc->sc_sha1, (void *)&in6, sizeof(in6));
381 /* convert ipad to opad */
382 for (i = 0; i < sizeof(sc->sc_pad); i++)
383 sc->sc_pad[i] ^= 0x36 ^ 0x5c;
387 carp_hmac_generate(struct carp_softc *sc, uint32_t counter[2],
388 unsigned char md[20])
392 /* fetch first half of inner hash */
393 bcopy(&sc->sc_sha1, &sha1ctx, sizeof(sha1ctx));
395 SHA1Update(&sha1ctx, (void *)counter, sizeof(sc->sc_counter));
396 SHA1Final(md, &sha1ctx);
400 SHA1Update(&sha1ctx, sc->sc_pad, sizeof(sc->sc_pad));
401 SHA1Update(&sha1ctx, md, 20);
402 SHA1Final(md, &sha1ctx);
406 carp_hmac_verify(struct carp_softc *sc, uint32_t counter[2],
407 unsigned char md[20])
409 unsigned char md2[20];
411 carp_hmac_generate(sc, counter, md2);
412 return (bcmp(md, md2, sizeof(md2)));
416 carp_setroute(struct carp_softc *sc, int cmd)
419 struct ifaddr_container *ifac;
421 struct carp_vhaddr *vha;
423 KKASSERT(cmd == RTM_DELETE || cmd == RTM_ADD);
425 TAILQ_FOREACH(vha, &sc->sc_vha_list, vha_link) {
426 if (vha->vha_iaback == NULL)
428 if (cmd == RTM_DELETE)
429 carp_delroute_vhaddr(sc, vha, FALSE);
431 carp_addroute_vhaddr(sc, vha);
435 TAILQ_FOREACH(ifac, &sc->sc_if.if_addrheads[mycpuid], ifa_link) {
436 struct ifaddr *ifa = ifac->ifa;
438 if (ifa->ifa_addr->sa_family == AF_INET6) {
449 carp_clone_create(struct if_clone *ifc, int unit, caddr_t param __unused)
451 struct carp_softc *sc;
454 sc = kmalloc(sizeof(*sc), M_CARP, M_WAITOK | M_ZERO);
458 sc->sc_advbase = CARP_DFLTINTV;
459 sc->sc_vhid = -1; /* required setting */
461 sc->sc_init_counter = 1;
465 TAILQ_INIT(&sc->sc_vha_list);
468 sc->sc_im6o.im6o_multicast_hlim = CARP_DFLTTL;
471 callout_init_mp(&sc->sc_ad_tmo);
472 netmsg_init(&sc->sc_ad_msg.base, NULL, &netisr_adone_rport,
473 MSGF_DROPABLE | MSGF_PRIORITY, carp_send_ad_timeout_dispatch);
474 sc->sc_ad_msg.nc_softc = sc;
476 callout_init_mp(&sc->sc_md_tmo);
477 callout_init_mp(&sc->sc_md6_tmo);
478 netmsg_init(&sc->sc_md_msg.base, NULL, &netisr_adone_rport,
479 MSGF_DROPABLE | MSGF_PRIORITY, carp_master_down_timeout_dispatch);
480 sc->sc_md_msg.nc_softc = sc;
482 if_initname(ifp, CARP_IFNAME, unit);
484 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST;
485 ifp->if_init = carp_init;
486 ifp->if_ioctl = carp_ioctl;
487 ifp->if_start = carp_start;
488 ifp->if_serialize = carp_serialize;
489 ifp->if_deserialize = carp_deserialize;
490 ifp->if_tryserialize = carp_tryserialize;
492 ifp->if_serialize_assert = carp_serialize_assert;
494 ifq_set_maxlen(&ifp->if_snd, ifqmaxlen);
495 ifq_set_ready(&ifp->if_snd);
497 ether_ifattach(ifp, carp_etheraddr, NULL);
499 ifp->if_type = IFT_CARP;
500 ifp->if_output = carp_output;
503 LIST_INSERT_HEAD(&carpif_list, sc, sc_next);
510 carp_clone_destroy_dispatch(netmsg_t msg)
512 struct netmsg_carp *cmsg = (struct netmsg_carp *)msg;
513 struct carp_softc *sc = cmsg->nc_softc;
518 carp_detach(sc, 1, FALSE);
522 callout_stop_sync(&sc->sc_ad_tmo);
523 callout_stop_sync(&sc->sc_md_tmo);
524 callout_stop_sync(&sc->sc_md6_tmo);
527 if ((sc->sc_ad_msg.base.lmsg.ms_flags & MSGF_DONE) == 0)
528 lwkt_dropmsg(&sc->sc_ad_msg.base.lmsg);
529 if ((sc->sc_md_msg.base.lmsg.ms_flags & MSGF_DONE) == 0)
530 lwkt_dropmsg(&sc->sc_md_msg.base.lmsg);
533 lwkt_replymsg(&cmsg->base.lmsg, 0);
537 carp_clone_destroy(struct ifnet *ifp)
539 struct carp_softc *sc = ifp->if_softc;
540 struct netmsg_carp cmsg;
542 bzero(&cmsg, sizeof(cmsg));
543 netmsg_init(&cmsg.base, NULL, &curthread->td_msgport, 0,
544 carp_clone_destroy_dispatch);
547 lwkt_domsg(cpu_portfn(0), &cmsg.base.lmsg, 0);
550 LIST_REMOVE(sc, sc_next);
556 KASSERT(sc->sc_naddrs == 0, ("certain inet address is still active\n"));
562 static struct carp_if *
563 carp_if_remove(struct carp_if *ocif, struct carp_softc *sc)
565 struct carp_softc_container *oscc, *scc;
572 TAILQ_FOREACH(oscc, ocif, scc_link) {
575 if (oscc->scc_softc == sc)
579 KASSERT(found, ("%s carp_softc is not on carp_if\n", __func__));
582 /* Last one is going to be unlinked */
586 cif = kmalloc(sizeof(*cif), M_CARP, M_WAITOK | M_ZERO);
589 TAILQ_FOREACH(oscc, ocif, scc_link) {
590 if (oscc->scc_softc == sc)
593 scc = kmalloc(sizeof(*scc), M_CARP, M_WAITOK | M_ZERO);
594 scc->scc_softc = oscc->scc_softc;
595 TAILQ_INSERT_TAIL(cif, scc, scc_link);
601 static struct carp_if *
602 carp_if_insert(struct carp_if *ocif, struct carp_softc *sc)
604 struct carp_softc_container *oscc;
609 TAILQ_FOREACH(oscc, ocif, scc_link) {
610 if (oscc->scc_softc == sc)
616 if (sc->sc_carpdev != NULL) {
617 KASSERT(onlist, ("%s is not on %s carp list\n",
618 sc->sc_if.if_xname, sc->sc_carpdev->if_xname));
620 KASSERT(!onlist, ("%s is already on carp list\n",
621 sc->sc_if.if_xname));
627 struct carp_softc_container *new_scc, *scc;
630 cif = kmalloc(sizeof(*cif), M_CARP, M_WAITOK | M_ZERO);
633 new_scc = kmalloc(sizeof(*new_scc), M_CARP, M_WAITOK | M_ZERO);
634 new_scc->scc_softc = sc;
637 TAILQ_FOREACH(oscc, ocif, scc_link) {
639 oscc->scc_softc->sc_vhid > sc->sc_vhid) {
640 TAILQ_INSERT_TAIL(cif, new_scc,
645 scc = kmalloc(sizeof(*scc), M_CARP,
647 scc->scc_softc = oscc->scc_softc;
648 TAILQ_INSERT_TAIL(cif, scc, scc_link);
652 TAILQ_INSERT_TAIL(cif, new_scc, scc_link);
661 carp_if_free(struct carp_if *cif)
663 struct carp_softc_container *scc;
665 while ((scc = TAILQ_FIRST(cif)) != NULL) {
666 TAILQ_REMOVE(cif, scc, scc_link);
673 carp_detach(struct carp_softc *sc, int detach, boolean_t del_iaback)
675 carp_suspend(sc, detach);
677 carp_multicast_cleanup(sc);
679 carp_multicast6_cleanup(sc);
682 if (!sc->sc_dead && detach) {
683 struct carp_vhaddr *vha;
685 TAILQ_FOREACH(vha, &sc->sc_vha_list, vha_link)
686 carp_deactivate_vhaddr(sc, vha, del_iaback);
687 KKASSERT(sc->sc_naddrs == 0);
690 if (sc->sc_carpdev != NULL) {
691 struct ifnet *ifp = sc->sc_carpdev;
692 struct carp_if *ocif = ifp->if_carp;
694 ifp->if_carp = carp_if_remove(ocif, sc);
695 KASSERT(ifp->if_carp != ocif,
696 ("%s carp_if_remove failed\n", __func__));
698 sc->sc_carpdev = NULL;
702 * Make sure that all protocol threads see the
703 * sc_carpdev and if_carp changes
705 netmsg_service_sync();
707 if (ifp->if_carp == NULL) {
709 * No more carp interfaces using
710 * ifp as the backing interface,
711 * move it out of promiscous mode.
717 * The old carp list could be safely free now,
718 * since no one can access it.
725 carp_ifdetach_dispatch(netmsg_t msg)
727 struct netmsg_carp *cmsg = (struct netmsg_carp *)msg;
728 struct ifnet *ifp = cmsg->nc_carpdev;
732 while (ifp->if_carp) {
733 struct carp_softc_container *scc;
735 scc = TAILQ_FIRST((struct carp_if *)(ifp->if_carp));
736 carp_detach(scc->scc_softc, 1, TRUE);
741 lwkt_replymsg(&cmsg->base.lmsg, 0);
744 /* Detach an interface from the carp. */
746 carp_ifdetach(void *arg __unused, struct ifnet *ifp)
748 struct netmsg_carp cmsg;
750 ASSERT_IFNET_NOT_SERIALIZED_ALL(ifp);
752 bzero(&cmsg, sizeof(cmsg));
753 netmsg_init(&cmsg.base, NULL, &curthread->td_msgport, 0,
754 carp_ifdetach_dispatch);
755 cmsg.nc_carpdev = ifp;
757 lwkt_domsg(cpu_portfn(0), &cmsg.base.lmsg, 0);
761 * process input packet.
762 * we have rearranged checks order compared to the rfc,
763 * but it seems more efficient this way or not possible otherwise.
766 carp_proto_input(struct mbuf **mp, int *offp, int proto)
768 struct mbuf *m = *mp;
769 struct ip *ip = mtod(m, struct ip *);
770 struct ifnet *ifp = m->m_pkthdr.rcvif;
771 struct carp_header *ch;
772 struct carp_softc *sc;
780 carpstats.carps_ipackets++;
782 if (!carp_opts[CARPCTL_ALLOW]) {
787 /* Check if received on a valid carp interface */
788 if (ifp->if_type != IFT_CARP) {
789 carpstats.carps_badif++;
790 CARP_LOG("carp_proto_input: packet received on non-carp "
791 "interface: %s\n", ifp->if_xname);
796 if (!CARP_IS_RUNNING(ifp)) {
797 carpstats.carps_badif++;
798 CARP_LOG("carp_proto_input: packet received on stopped carp "
799 "interface: %s\n", ifp->if_xname);
805 if (sc->sc_carpdev == NULL) {
806 carpstats.carps_badif++;
807 CARP_LOG("carp_proto_input: packet received on defunc carp "
808 "interface: %s\n", ifp->if_xname);
813 if (!IN_MULTICAST(ntohl(ip->ip_dst.s_addr))) {
814 carpstats.carps_badif++;
815 CARP_LOG("carp_proto_input: non-mcast packet on "
816 "interface: %s\n", ifp->if_xname);
821 /* Verify that the IP TTL is CARP_DFLTTL. */
822 if (ip->ip_ttl != CARP_DFLTTL) {
823 carpstats.carps_badttl++;
824 CARP_LOG("carp_proto_input: received ttl %d != %d on %s\n",
825 ip->ip_ttl, CARP_DFLTTL, ifp->if_xname);
830 /* Minimal CARP packet size */
831 len = iphlen + sizeof(*ch);
834 * Verify that the received packet length is
835 * not less than the CARP header
837 if (m->m_pkthdr.len < len) {
838 carpstats.carps_badlen++;
839 CARP_LOG("packet too short %d on %s\n", m->m_pkthdr.len,
845 /* Make sure that CARP header is contiguous */
846 if (len > m->m_len) {
847 m = m_pullup(m, len);
849 carpstats.carps_hdrops++;
850 CARP_LOG("carp_proto_input: m_pullup failed\n");
853 ip = mtod(m, struct ip *);
855 ch = (struct carp_header *)((uint8_t *)ip + iphlen);
857 /* Verify the CARP checksum */
858 if (in_cksum_skip(m, len, iphlen)) {
859 carpstats.carps_badsum++;
860 CARP_LOG("carp_proto_input: checksum failed on %s\n",
865 carp_proto_input_c(sc, m, ch, AF_INET);
868 return(IPPROTO_DONE);
873 carp6_proto_input(struct mbuf **mp, int *offp, int proto)
875 struct mbuf *m = *mp;
876 struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *);
877 struct ifnet *ifp = m->m_pkthdr.rcvif;
878 struct carp_header *ch;
879 struct carp_softc *sc;
884 carpstats.carps_ipackets6++;
886 if (!carp_opts[CARPCTL_ALLOW]) {
891 /* check if received on a valid carp interface */
892 if (ifp->if_type != IFT_CARP) {
893 carpstats.carps_badif++;
894 CARP_LOG("carp6_proto_input: packet received on non-carp "
895 "interface: %s\n", ifp->if_xname);
900 if (!CARP_IS_RUNNING(ifp)) {
901 carpstats.carps_badif++;
902 CARP_LOG("carp_proto_input: packet received on stopped carp "
903 "interface: %s\n", ifp->if_xname);
909 if (sc->sc_carpdev == NULL) {
910 carpstats.carps_badif++;
911 CARP_LOG("carp6_proto_input: packet received on defunc-carp "
912 "interface: %s\n", ifp->if_xname);
917 /* verify that the IP TTL is 255 */
918 if (ip6->ip6_hlim != CARP_DFLTTL) {
919 carpstats.carps_badttl++;
920 CARP_LOG("carp6_proto_input: received ttl %d != 255 on %s\n",
921 ip6->ip6_hlim, ifp->if_xname);
926 /* verify that we have a complete carp packet */
928 IP6_EXTHDR_GET(ch, struct carp_header *, m, *offp, sizeof(*ch));
930 carpstats.carps_badlen++;
931 CARP_LOG("carp6_proto_input: packet size %u too small\n", len);
935 /* verify the CARP checksum */
936 if (in_cksum_range(m, 0, *offp, sizeof(*ch))) {
937 carpstats.carps_badsum++;
938 CARP_LOG("carp6_proto_input: checksum failed, on %s\n",
944 carp_proto_input_c(sc, m, ch, AF_INET6);
947 return (IPPROTO_DONE);
952 carp_proto_input_c(struct carp_softc *sc, struct mbuf *m,
953 struct carp_header *ch, sa_family_t af)
956 uint64_t tmp_counter;
957 struct timeval sc_tv, ch_tv;
959 if (sc->sc_vhid != ch->carp_vhid) {
961 * CARP uses multicast, however, multicast packets
962 * are tapped to all CARP interfaces on the physical
963 * interface receiving the CARP packets, so we don't
964 * update any stats here.
971 /* verify the CARP version. */
972 if (ch->carp_version != CARP_VERSION) {
973 carpstats.carps_badver++;
974 CARP_LOG("%s; invalid version %d\n", cifp->if_xname,
980 /* verify the hash */
981 if (carp_hmac_verify(sc, ch->carp_counter, ch->carp_md)) {
982 carpstats.carps_badauth++;
983 CARP_LOG("%s: incorrect hash\n", cifp->if_xname);
988 tmp_counter = ntohl(ch->carp_counter[0]);
989 tmp_counter = tmp_counter<<32;
990 tmp_counter += ntohl(ch->carp_counter[1]);
992 /* XXX Replay protection goes here */
994 sc->sc_init_counter = 0;
995 sc->sc_counter = tmp_counter;
997 sc_tv.tv_sec = sc->sc_advbase;
998 if (carp_suppress_preempt && sc->sc_advskew < 240)
999 sc_tv.tv_usec = 240 * 1000000 / 256;
1001 sc_tv.tv_usec = sc->sc_advskew * 1000000 / 256;
1002 ch_tv.tv_sec = ch->carp_advbase;
1003 ch_tv.tv_usec = ch->carp_advskew * 1000000 / 256;
1005 switch (sc->sc_state) {
1011 * If we receive an advertisement from a master who's going to
1012 * be more frequent than us, go into BACKUP state.
1014 if (timevalcmp(&sc_tv, &ch_tv, >) ||
1015 timevalcmp(&sc_tv, &ch_tv, ==)) {
1016 callout_stop(&sc->sc_ad_tmo);
1017 CARP_DEBUG("%s: MASTER -> BACKUP "
1018 "(more frequent advertisement received)\n",
1020 carp_set_state(sc, BACKUP);
1022 carp_setroute(sc, RTM_DELETE);
1028 * If we're pre-empting masters who advertise slower than us,
1029 * and this one claims to be slower, treat him as down.
1031 if (carp_opts[CARPCTL_PREEMPT] &&
1032 timevalcmp(&sc_tv, &ch_tv, <)) {
1033 CARP_DEBUG("%s: BACKUP -> MASTER "
1034 "(preempting a slower master)\n", cifp->if_xname);
1035 carp_master_down(sc);
1040 * If the master is going to advertise at such a low frequency
1041 * that he's guaranteed to time out, we'd might as well just
1042 * treat him as timed out now.
1044 sc_tv.tv_sec = sc->sc_advbase * 3;
1045 if (timevalcmp(&sc_tv, &ch_tv, <)) {
1046 CARP_DEBUG("%s: BACKUP -> MASTER (master timed out)\n",
1048 carp_master_down(sc);
1053 * Otherwise, we reset the counter and wait for the next
1056 carp_setrun(sc, af);
1063 carp_input(void *v, struct mbuf *m)
1065 struct carp_if *cif = v;
1066 struct ether_header *eh;
1067 struct carp_softc_container *scc;
1070 ASSERT_LWKT_TOKEN_HELD(&carp_tok);
1072 eh = mtod(m, struct ether_header *);
1074 ifp = carp_forus(cif, eh->ether_dhost);
1076 ether_reinput_oncpu(ifp, m, REINPUT_RUNBPF);
1080 if ((m->m_flags & (M_BCAST | M_MCAST)) == 0)
1084 * XXX Should really check the list of multicast addresses
1085 * for each CARP interface _before_ copying.
1087 TAILQ_FOREACH(scc, cif, scc_link) {
1088 struct carp_softc *sc = scc->scc_softc;
1091 if ((sc->sc_if.if_flags & IFF_UP) == 0)
1094 m0 = m_dup(m, MB_DONTWAIT);
1098 ether_reinput_oncpu(&sc->sc_if, m0, REINPUT_RUNBPF);
1104 carp_prepare_ad(struct carp_softc *sc, struct carp_header *ch)
1106 if (sc->sc_init_counter) {
1107 /* this could also be seconds since unix epoch */
1108 sc->sc_counter = karc4random();
1109 sc->sc_counter = sc->sc_counter << 32;
1110 sc->sc_counter += karc4random();
1115 ch->carp_counter[0] = htonl((sc->sc_counter >> 32) & 0xffffffff);
1116 ch->carp_counter[1] = htonl(sc->sc_counter & 0xffffffff);
1118 carp_hmac_generate(sc, ch->carp_counter, ch->carp_md);
1122 carp_send_ad_all(void)
1124 struct carp_softc *sc;
1126 LIST_FOREACH(sc, &carpif_list, sc_next) {
1127 if (sc->sc_carpdev == NULL)
1130 if (CARP_IS_RUNNING(&sc->sc_if) && sc->sc_state == MASTER)
1136 carp_send_ad_timeout(void *xsc)
1138 struct carp_softc *sc = xsc;
1139 struct netmsg_carp *cmsg = &sc->sc_ad_msg;
1141 KASSERT(mycpuid == 0, ("%s not on cpu0 but on cpu%d\n",
1142 __func__, mycpuid));
1145 if (cmsg->base.lmsg.ms_flags & MSGF_DONE)
1146 lwkt_sendmsg(cpu_portfn(0), &cmsg->base.lmsg);
1151 carp_send_ad_timeout_dispatch(netmsg_t msg)
1153 struct netmsg_carp *cmsg = (struct netmsg_carp *)msg;
1154 struct carp_softc *sc = cmsg->nc_softc;
1158 lwkt_replymsg(&cmsg->base.lmsg, 0);
1167 carp_send_ad(struct carp_softc *sc)
1169 struct ifnet *cifp = &sc->sc_if;
1170 struct carp_header ch;
1172 struct carp_header *ch_ptr;
1174 int len, advbase, advskew;
1176 if (!CARP_IS_RUNNING(cifp)) {
1181 advbase = sc->sc_advbase;
1182 if (!carp_suppress_preempt || sc->sc_advskew > 240)
1183 advskew = sc->sc_advskew;
1186 tv.tv_sec = advbase;
1187 tv.tv_usec = advskew * 1000000 / 256;
1190 ch.carp_version = CARP_VERSION;
1191 ch.carp_type = CARP_ADVERTISEMENT;
1192 ch.carp_vhid = sc->sc_vhid;
1193 ch.carp_advbase = advbase;
1194 ch.carp_advskew = advskew;
1195 ch.carp_authlen = 7; /* XXX DEFINE */
1196 ch.carp_pad1 = 0; /* must be zero */
1200 if (sc->sc_ia != NULL) {
1203 MGETHDR(m, MB_DONTWAIT, MT_HEADER);
1206 carpstats.carps_onomem++;
1207 /* XXX maybe less ? */
1208 if (advbase != 255 || advskew != 255)
1209 callout_reset(&sc->sc_ad_tmo, tvtohz_high(&tv),
1210 carp_send_ad_timeout, sc);
1213 len = sizeof(*ip) + sizeof(ch);
1214 m->m_pkthdr.len = len;
1215 m->m_pkthdr.rcvif = NULL;
1217 MH_ALIGN(m, m->m_len);
1218 m->m_flags |= M_MCAST;
1219 ip = mtod(m, struct ip *);
1220 ip->ip_v = IPVERSION;
1221 ip->ip_hl = sizeof(*ip) >> 2;
1222 ip->ip_tos = IPTOS_LOWDELAY;
1224 ip->ip_id = ip_newid();
1226 ip->ip_ttl = CARP_DFLTTL;
1227 ip->ip_p = IPPROTO_CARP;
1229 ip->ip_src = sc->sc_ia->ia_addr.sin_addr;
1230 ip->ip_dst.s_addr = htonl(INADDR_CARP_GROUP);
1232 ch_ptr = (struct carp_header *)(&ip[1]);
1233 bcopy(&ch, ch_ptr, sizeof(ch));
1234 carp_prepare_ad(sc, ch_ptr);
1235 ch_ptr->carp_cksum = in_cksum_skip(m, len, sizeof(*ip));
1237 getmicrotime(&cifp->if_lastchange);
1238 cifp->if_opackets++;
1239 cifp->if_obytes += len;
1240 carpstats.carps_opackets++;
1242 if (ip_output(m, NULL, NULL, IP_RAWOUTPUT, &sc->sc_imo, NULL)) {
1244 if (sc->sc_sendad_errors < INT_MAX)
1245 sc->sc_sendad_errors++;
1246 if (sc->sc_sendad_errors == CARP_SENDAD_MAX_ERRORS) {
1247 carp_suppress_preempt++;
1248 if (carp_suppress_preempt == 1) {
1252 sc->sc_sendad_success = 0;
1254 if (sc->sc_sendad_errors >= CARP_SENDAD_MAX_ERRORS) {
1255 if (++sc->sc_sendad_success >=
1256 CARP_SENDAD_MIN_SUCCESS) {
1257 carp_suppress_preempt--;
1258 sc->sc_sendad_errors = 0;
1261 sc->sc_sendad_errors = 0;
1268 struct ip6_hdr *ip6;
1270 MGETHDR(m, MB_DONTWAIT, MT_HEADER);
1273 carpstats.carps_onomem++;
1274 /* XXX maybe less ? */
1275 if (advbase != 255 || advskew != 255)
1276 callout_reset(&sc->sc_ad_tmo, tvtohz_high(&tv),
1277 carp_send_ad_timeout, sc);
1280 len = sizeof(*ip6) + sizeof(ch);
1281 m->m_pkthdr.len = len;
1282 m->m_pkthdr.rcvif = NULL;
1284 MH_ALIGN(m, m->m_len);
1285 m->m_flags |= M_MCAST;
1286 ip6 = mtod(m, struct ip6_hdr *);
1287 bzero(ip6, sizeof(*ip6));
1288 ip6->ip6_vfc |= IPV6_VERSION;
1289 ip6->ip6_hlim = CARP_DFLTTL;
1290 ip6->ip6_nxt = IPPROTO_CARP;
1291 bcopy(&sc->sc_ia6->ia_addr.sin6_addr, &ip6->ip6_src,
1292 sizeof(struct in6_addr));
1293 /* set the multicast destination */
1295 ip6->ip6_dst.s6_addr16[0] = htons(0xff02);
1296 ip6->ip6_dst.s6_addr8[15] = 0x12;
1297 if (in6_setscope(&ip6->ip6_dst, sc->sc_carpdev, NULL) != 0) {
1300 CARP_LOG("%s: in6_setscope failed\n", __func__);
1304 ch_ptr = (struct carp_header *)(&ip6[1]);
1305 bcopy(&ch, ch_ptr, sizeof(ch));
1306 carp_prepare_ad(sc, ch_ptr);
1307 ch_ptr->carp_cksum = in_cksum_skip(m, len, sizeof(*ip6));
1309 getmicrotime(&cifp->if_lastchange);
1310 cifp->if_opackets++;
1311 cifp->if_obytes += len;
1312 carpstats.carps_opackets6++;
1314 if (ip6_output(m, NULL, NULL, 0, &sc->sc_im6o, NULL, NULL)) {
1316 if (sc->sc_sendad_errors < INT_MAX)
1317 sc->sc_sendad_errors++;
1318 if (sc->sc_sendad_errors == CARP_SENDAD_MAX_ERRORS) {
1319 carp_suppress_preempt++;
1320 if (carp_suppress_preempt == 1) {
1324 sc->sc_sendad_success = 0;
1326 if (sc->sc_sendad_errors >= CARP_SENDAD_MAX_ERRORS) {
1327 if (++sc->sc_sendad_success >=
1328 CARP_SENDAD_MIN_SUCCESS) {
1329 carp_suppress_preempt--;
1330 sc->sc_sendad_errors = 0;
1333 sc->sc_sendad_errors = 0;
1339 if (advbase != 255 || advskew != 255)
1340 callout_reset(&sc->sc_ad_tmo, tvtohz_high(&tv),
1341 carp_send_ad_timeout, sc);
1345 * Broadcast a gratuitous ARP request containing
1346 * the virtual router MAC address for each IP address
1347 * associated with the virtual router.
1350 carp_send_arp(struct carp_softc *sc)
1352 const struct carp_vhaddr *vha;
1354 TAILQ_FOREACH(vha, &sc->sc_vha_list, vha_link) {
1355 if (vha->vha_iaback == NULL)
1357 arp_gratuitous(&sc->sc_if, &vha->vha_ia->ia_ifa);
1363 carp_send_na(struct carp_softc *sc)
1365 struct ifaddr_container *ifac;
1366 struct in6_addr *in6;
1367 static struct in6_addr mcast = IN6ADDR_LINKLOCAL_ALLNODES_INIT;
1369 TAILQ_FOREACH(ifac, &sc->sc_if.if_addrheads[mycpuid], ifa_link) {
1370 struct ifaddr *ifa = ifac->ifa;
1372 if (ifa->ifa_addr->sa_family != AF_INET6)
1375 in6 = &ifatoia6(ifa)->ia_addr.sin6_addr;
1376 nd6_na_output(sc->sc_carpdev, &mcast, in6,
1377 ND_NA_FLAG_OVERRIDE, 1, NULL);
1378 DELAY(1000); /* XXX */
1383 static __inline const struct carp_vhaddr *
1384 carp_find_addr(const struct carp_softc *sc, const struct in_addr *addr)
1386 struct carp_vhaddr *vha;
1388 TAILQ_FOREACH(vha, &sc->sc_vha_list, vha_link) {
1389 if (vha->vha_iaback == NULL)
1392 if (vha->vha_ia->ia_addr.sin_addr.s_addr == addr->s_addr)
1400 carp_iamatch_balance(const struct carp_if *cif, const struct in_addr *itaddr,
1401 const struct in_addr *isaddr, uint8_t **enaddr)
1403 const struct carp_softc *vh;
1404 int index, count = 0;
1407 * XXX proof of concept implementation.
1408 * We use the source ip to decide which virtual host should
1409 * handle the request. If we're master of that virtual host,
1410 * then we respond, otherwise, just drop the arp packet on
1414 TAILQ_FOREACH(vh, &cif->vhif_vrs, sc_list) {
1415 if (!CARP_IS_RUNNING(&vh->sc_if))
1418 if (carp_find_addr(vh, itaddr) != NULL)
1424 /* this should be a hash, like pf_hash() */
1425 index = ntohl(isaddr->s_addr) % count;
1428 TAILQ_FOREACH(vh, &cif->vhif_vrs, sc_list) {
1429 if (!CARP_IS_RUNNING(&vh->sc_if))
1432 if (carp_find_addr(vh, itaddr) == NULL)
1435 if (count == index) {
1436 if (vh->sc_state == MASTER) {
1437 *enaddr = IF_LLADDR(&vh->sc_if);
1450 carp_iamatch(const struct in_ifaddr *ia)
1452 const struct carp_softc *sc = ia->ia_ifp->if_softc;
1454 ASSERT_LWKT_TOKEN_HELD(&carp_tok);
1456 KASSERT(&curthread->td_msgport == cpu_portfn(0),
1457 ("not in netisr0"));
1460 if (carp_opts[CARPCTL_ARPBALANCE])
1461 return carp_iamatch_balance(cif, itaddr, isaddr, enaddr);
1464 if (!CARP_IS_RUNNING(&sc->sc_if) || sc->sc_state != MASTER)
1472 carp_iamatch6(void *v, struct in6_addr *taddr)
1475 struct carp_if *cif = v;
1476 struct carp_softc *vh;
1478 ASSERT_LWKT_TOKEN_HELD(&carp_tok);
1480 TAILQ_FOREACH(vh, &cif->vhif_vrs, sc_list) {
1481 struct ifaddr_container *ifac;
1483 TAILQ_FOREACH(ifac, &vh->sc_if.if_addrheads[mycpuid],
1485 struct ifaddr *ifa = ifac->ifa;
1487 if (IN6_ARE_ADDR_EQUAL(taddr,
1488 &ifatoia6(ifa)->ia_addr.sin6_addr) &&
1489 CARP_IS_RUNNING(&vh->sc_if) &&
1490 vh->sc_state == MASTER) {
1500 carp_macmatch6(void *v, struct mbuf *m, const struct in6_addr *taddr)
1504 struct carp_if *cif = v;
1505 struct carp_softc *sc;
1507 ASSERT_LWKT_TOKEN_HELD(&carp_tok);
1509 TAILQ_FOREACH(sc, &cif->vhif_vrs, sc_list) {
1510 struct ifaddr_container *ifac;
1512 TAILQ_FOREACH(ifac, &sc->sc_if.if_addrheads[mycpuid],
1514 struct ifaddr *ifa = ifac->ifa;
1516 if (IN6_ARE_ADDR_EQUAL(taddr,
1517 &ifatoia6(ifa)->ia_addr.sin6_addr) &&
1518 CARP_IS_RUNNING(&sc->sc_if)) {
1519 struct ifnet *ifp = &sc->sc_if;
1521 mtag = m_tag_get(PACKET_TAG_CARP,
1522 sizeof(struct ifnet *), MB_DONTWAIT);
1524 /* better a bit than nothing */
1525 return (IF_LLADDR(ifp));
1527 bcopy(&ifp, (caddr_t)(mtag + 1),
1528 sizeof(struct ifnet *));
1529 m_tag_prepend(m, mtag);
1531 return (IF_LLADDR(ifp));
1540 static struct ifnet *
1541 carp_forus(struct carp_if *cif, const uint8_t *dhost)
1543 struct carp_softc_container *scc;
1545 ASSERT_LWKT_TOKEN_HELD(&carp_tok);
1547 if (memcmp(dhost, carp_etheraddr, ETHER_ADDR_LEN - 1) != 0)
1550 TAILQ_FOREACH(scc, cif, scc_link) {
1551 struct carp_softc *sc = scc->scc_softc;
1552 struct ifnet *ifp = &sc->sc_if;
1554 if (CARP_IS_RUNNING(ifp) && sc->sc_state == MASTER &&
1555 !bcmp(dhost, IF_LLADDR(ifp), ETHER_ADDR_LEN))
1562 carp_master_down_timeout(void *xsc)
1564 struct carp_softc *sc = xsc;
1565 struct netmsg_carp *cmsg = &sc->sc_md_msg;
1567 KASSERT(mycpuid == 0, ("%s not on cpu0 but on cpu%d\n",
1568 __func__, mycpuid));
1571 if (cmsg->base.lmsg.ms_flags & MSGF_DONE)
1572 lwkt_sendmsg(cpu_portfn(0), &cmsg->base.lmsg);
1577 carp_master_down_timeout_dispatch(netmsg_t msg)
1579 struct netmsg_carp *cmsg = (struct netmsg_carp *)msg;
1580 struct carp_softc *sc = cmsg->nc_softc;
1584 lwkt_replymsg(&cmsg->base.lmsg, 0);
1587 CARP_DEBUG("%s: BACKUP -> MASTER (master timed out)\n",
1588 sc->sc_if.if_xname);
1590 carp_master_down(sc);
1595 carp_master_down(struct carp_softc *sc)
1597 switch (sc->sc_state) {
1599 kprintf("%s: master_down event in INIT state\n",
1600 sc->sc_if.if_xname);
1607 carp_set_state(sc, MASTER);
1614 carp_setroute(sc, RTM_ADD);
1620 * When in backup state, af indicates whether to reset the master down timer
1621 * for v4 or v6. If it's set to zero, reset the ones which are already pending.
1624 carp_setrun(struct carp_softc *sc, sa_family_t af)
1626 struct ifnet *cifp = &sc->sc_if;
1629 if (sc->sc_carpdev == NULL) {
1630 carp_set_state(sc, INIT);
1634 if ((cifp->if_flags & IFF_RUNNING) && sc->sc_vhid > 0 &&
1635 (sc->sc_naddrs || sc->sc_naddrs6)) {
1638 carp_setroute(sc, RTM_DELETE);
1642 switch (sc->sc_state) {
1644 if (carp_opts[CARPCTL_PREEMPT] && !carp_suppress_preempt) {
1650 CARP_DEBUG("%s: INIT -> MASTER (preempting)\n",
1652 carp_set_state(sc, MASTER);
1653 carp_setroute(sc, RTM_ADD);
1655 CARP_DEBUG("%s: INIT -> BACKUP\n", cifp->if_xname);
1656 carp_set_state(sc, BACKUP);
1657 carp_setroute(sc, RTM_DELETE);
1663 callout_stop(&sc->sc_ad_tmo);
1664 tv.tv_sec = 3 * sc->sc_advbase;
1665 tv.tv_usec = sc->sc_advskew * 1000000 / 256;
1669 callout_reset(&sc->sc_md_tmo, tvtohz_high(&tv),
1670 carp_master_down_timeout, sc);
1675 callout_reset(&sc->sc_md6_tmo, tvtohz_high(&tv),
1676 carp_master_down_timeout, sc);
1681 callout_reset(&sc->sc_md_tmo, tvtohz_high(&tv),
1682 carp_master_down_timeout, sc);
1684 callout_reset(&sc->sc_md6_tmo, tvtohz_high(&tv),
1685 carp_master_down_timeout, sc);
1691 tv.tv_sec = sc->sc_advbase;
1692 tv.tv_usec = sc->sc_advskew * 1000000 / 256;
1693 callout_reset(&sc->sc_ad_tmo, tvtohz_high(&tv),
1694 carp_send_ad_timeout, sc);
1700 carp_multicast_cleanup(struct carp_softc *sc)
1702 struct ip_moptions *imo = &sc->sc_imo;
1704 if (imo->imo_num_memberships == 0)
1706 KKASSERT(imo->imo_num_memberships == 1);
1708 in_delmulti(imo->imo_membership[0]);
1709 imo->imo_membership[0] = NULL;
1710 imo->imo_num_memberships = 0;
1711 imo->imo_multicast_ifp = NULL;
1716 carp_multicast6_cleanup(struct carp_softc *sc)
1718 struct ip6_moptions *im6o = &sc->sc_im6o;
1720 while (!LIST_EMPTY(&im6o->im6o_memberships)) {
1721 struct in6_multi_mship *imm =
1722 LIST_FIRST(&im6o->im6o_memberships);
1724 LIST_REMOVE(imm, i6mm_chain);
1725 in6_leavegroup(imm);
1727 im6o->im6o_multicast_ifp = NULL;
1732 carp_ioctl_getvhaddr_dispatch(netmsg_t msg)
1734 struct netmsg_carp *cmsg = (struct netmsg_carp *)msg;
1735 struct carp_softc *sc = cmsg->nc_softc;
1736 const struct carp_vhaddr *vha;
1737 struct ifcarpvhaddr *carpa, *carpa0;
1738 int count, len, error = 0;
1743 TAILQ_FOREACH(vha, &sc->sc_vha_list, vha_link)
1746 if (cmsg->nc_datalen == 0) {
1747 cmsg->nc_datalen = count * sizeof(*carpa);
1749 } else if (count == 0 || cmsg->nc_datalen < sizeof(*carpa)) {
1750 cmsg->nc_datalen = 0;
1753 len = min(cmsg->nc_datalen, sizeof(*carpa) * count);
1754 KKASSERT(len >= sizeof(*carpa));
1756 carpa0 = carpa = kmalloc(len, M_TEMP, M_WAITOK | M_NULLOK | M_ZERO);
1757 if (carpa == NULL) {
1763 TAILQ_FOREACH(vha, &sc->sc_vha_list, vha_link) {
1764 if (len < sizeof(*carpa))
1767 carpa->carpa_flags = vha->vha_flags;
1768 carpa->carpa_addr.sin_family = AF_INET;
1769 carpa->carpa_addr.sin_addr = vha->vha_ia->ia_addr.sin_addr;
1771 carpa->carpa_baddr.sin_family = AF_INET;
1772 if (vha->vha_iaback == NULL) {
1773 carpa->carpa_baddr.sin_addr.s_addr = INADDR_ANY;
1775 carpa->carpa_baddr.sin_addr =
1776 vha->vha_iaback->ia_addr.sin_addr;
1781 len -= sizeof(*carpa);
1783 cmsg->nc_datalen = sizeof(*carpa) * count;
1784 KKASSERT(cmsg->nc_datalen > 0);
1786 cmsg->nc_data = carpa0;
1790 lwkt_replymsg(&cmsg->base.lmsg, error);
1794 carp_ioctl_getvhaddr(struct carp_softc *sc, struct ifdrv *ifd)
1796 struct ifnet *ifp = &sc->arpcom.ac_if;
1797 struct netmsg_carp cmsg;
1800 ASSERT_IFNET_SERIALIZED_ALL(ifp);
1801 ifnet_deserialize_all(ifp);
1803 bzero(&cmsg, sizeof(cmsg));
1804 netmsg_init(&cmsg.base, NULL, &curthread->td_msgport, 0,
1805 carp_ioctl_getvhaddr_dispatch);
1807 cmsg.nc_datalen = ifd->ifd_len;
1809 error = lwkt_domsg(cpu_portfn(0), &cmsg.base.lmsg, 0);
1812 if (cmsg.nc_data != NULL) {
1813 error = copyout(cmsg.nc_data, ifd->ifd_data,
1815 kfree(cmsg.nc_data, M_TEMP);
1817 ifd->ifd_len = cmsg.nc_datalen;
1819 KASSERT(cmsg.nc_data == NULL,
1820 ("%s temp vhaddr is alloc upon error\n", __func__));
1823 ifnet_serialize_all(ifp);
1828 carp_config_vhaddr(struct carp_softc *sc, struct carp_vhaddr *vha,
1829 struct in_ifaddr *ia_del)
1832 struct in_ifaddr *ia_if;
1833 struct in_ifaddr_container *iac;
1834 const struct sockaddr_in *sin;
1838 KKASSERT(vha->vha_ia != NULL);
1840 sin = &vha->vha_ia->ia_addr;
1841 iaddr = ntohl(sin->sin_addr.s_addr);
1845 TAILQ_FOREACH(iac, &in_ifaddrheads[mycpuid], ia_link) {
1846 struct in_ifaddr *ia = iac->ia;
1851 if (ia->ia_ifp->if_type == IFT_CARP)
1854 if ((ia->ia_ifp->if_flags & IFF_UP) == 0)
1857 /* and, yeah, we need a multicast-capable iface too */
1858 if ((ia->ia_ifp->if_flags & IFF_MULTICAST) == 0)
1861 if ((iaddr & ia->ia_subnetmask) == ia->ia_subnet) {
1862 if (sin->sin_addr.s_addr ==
1863 ia->ia_addr.sin_addr.s_addr)
1867 else if (sc->sc_carpdev != NULL &&
1868 sc->sc_carpdev == ia->ia_ifp)
1873 carp_deactivate_vhaddr(sc, vha, FALSE);
1877 ifp = ia_if->ia_ifp;
1879 /* XXX Don't allow parent iface to be changed */
1880 if (sc->sc_carpdev != NULL && sc->sc_carpdev != ifp)
1883 return carp_activate_vhaddr(sc, vha, ifp, ia_if, own);
1887 carp_add_addr(struct carp_softc *sc, struct ifaddr *carp_ifa)
1889 struct carp_vhaddr *vha_new;
1890 struct in_ifaddr *carp_ia;
1892 struct carp_vhaddr *vha;
1895 KKASSERT(carp_ifa->ifa_addr->sa_family == AF_INET);
1896 carp_ia = ifatoia(carp_ifa);
1899 TAILQ_FOREACH(vha, &sc->sc_vha_list, vha_link)
1900 KKASSERT(vha->vha_ia != NULL && vha->vha_ia != carp_ia);
1903 vha_new = kmalloc(sizeof(*vha_new), M_CARP, M_WAITOK | M_ZERO);
1904 vha_new->vha_ia = carp_ia;
1905 carp_insert_vhaddr(sc, vha_new);
1907 if (carp_config_vhaddr(sc, vha_new, NULL) != 0) {
1909 * If the above configuration fails, it may only mean
1910 * that the new address is problematic. However, the
1911 * carp(4) interface may already have several working
1912 * addresses. Since the expected behaviour of
1913 * SIOC[AS]IFADDR is to put the NIC into working state,
1914 * we try starting the state machine manually here with
1915 * the hope that the carp(4)'s previously working
1916 * addresses still could be brought up.
1918 carp_hmac_prepare(sc);
1919 carp_set_state(sc, INIT);
1925 carp_del_addr(struct carp_softc *sc, struct ifaddr *carp_ifa)
1927 struct carp_vhaddr *vha;
1928 struct in_ifaddr *carp_ia;
1930 KKASSERT(carp_ifa->ifa_addr->sa_family == AF_INET);
1931 carp_ia = ifatoia(carp_ifa);
1933 TAILQ_FOREACH(vha, &sc->sc_vha_list, vha_link) {
1934 KKASSERT(vha->vha_ia != NULL);
1935 if (vha->vha_ia == carp_ia)
1938 KASSERT(vha != NULL, ("no corresponding vhaddr %p\n", carp_ifa));
1941 * Remove the vhaddr from the list before deactivating
1942 * the vhaddr, so that the HMAC could be correctly
1943 * updated in carp_deactivate_vhaddr()
1945 carp_remove_vhaddr(sc, vha);
1947 carp_deactivate_vhaddr(sc, vha, FALSE);
1952 carp_config_addr(struct carp_softc *sc, struct ifaddr *carp_ifa)
1954 struct carp_vhaddr *vha;
1955 struct in_ifaddr *carp_ia;
1957 KKASSERT(carp_ifa->ifa_addr->sa_family == AF_INET);
1958 carp_ia = ifatoia(carp_ifa);
1960 TAILQ_FOREACH(vha, &sc->sc_vha_list, vha_link) {
1961 KKASSERT(vha->vha_ia != NULL);
1962 if (vha->vha_ia == carp_ia)
1965 KASSERT(vha != NULL, ("no corresponding vhaddr %p\n", carp_ifa));
1967 /* Remove then reinsert, to keep the vhaddr list sorted */
1968 carp_remove_vhaddr(sc, vha);
1969 carp_insert_vhaddr(sc, vha);
1971 if (carp_config_vhaddr(sc, vha, NULL) != 0) {
1972 /* See the comment in carp_add_addr() */
1973 carp_hmac_prepare(sc);
1974 carp_set_state(sc, INIT);
1983 carp_set_addr6(struct carp_softc *sc, struct sockaddr_in6 *sin6)
1986 struct carp_if *cif;
1987 struct in6_ifaddr *ia, *ia_if;
1988 struct ip6_moptions *im6o = &sc->sc_im6o;
1989 struct in6_multi_mship *imm;
1990 struct in6_addr in6;
1993 if (IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) {
1998 /* we have to do it by hands to check we won't match on us */
1999 ia_if = NULL; own = 0;
2000 for (ia = in6_ifaddr; ia; ia = ia->ia_next) {
2003 for (i = 0; i < 4; i++) {
2004 if ((sin6->sin6_addr.s6_addr32[i] &
2005 ia->ia_prefixmask.sin6_addr.s6_addr32[i]) !=
2006 (ia->ia_addr.sin6_addr.s6_addr32[i] &
2007 ia->ia_prefixmask.sin6_addr.s6_addr32[i]))
2010 /* and, yeah, we need a multicast-capable iface too */
2011 if (ia->ia_ifp != &sc->sc_if &&
2012 (ia->ia_ifp->if_flags & IFF_MULTICAST) &&
2016 if (IN6_ARE_ADDR_EQUAL(&sin6->sin6_addr,
2017 &ia->ia_addr.sin6_addr))
2023 return (EADDRNOTAVAIL);
2027 if (ifp == NULL || (ifp->if_flags & IFF_MULTICAST) == 0 ||
2028 (im6o->im6o_multicast_ifp && im6o->im6o_multicast_ifp != ifp))
2029 return (EADDRNOTAVAIL);
2031 if (!sc->sc_naddrs6) {
2032 im6o->im6o_multicast_ifp = ifp;
2034 /* join CARP multicast address */
2035 bzero(&in6, sizeof(in6));
2036 in6.s6_addr16[0] = htons(0xff02);
2037 in6.s6_addr8[15] = 0x12;
2038 if (in6_setscope(&in6, ifp, NULL) != 0)
2040 if ((imm = in6_joingroup(ifp, &in6, &error)) == NULL)
2042 LIST_INSERT_HEAD(&im6o->im6o_memberships, imm, i6mm_chain);
2044 /* join solicited multicast address */
2045 bzero(&in6, sizeof(in6));
2046 in6.s6_addr16[0] = htons(0xff02);
2047 in6.s6_addr32[1] = 0;
2048 in6.s6_addr32[2] = htonl(1);
2049 in6.s6_addr32[3] = sin6->sin6_addr.s6_addr32[3];
2050 in6.s6_addr8[12] = 0xff;
2051 if (in6_setscope(&in6, ifp, NULL) != 0)
2053 if ((imm = in6_joingroup(ifp, &in6, &error)) == NULL)
2055 LIST_INSERT_HEAD(&im6o->im6o_memberships, imm, i6mm_chain);
2059 if (!ifp->if_carp) {
2060 cif = kmalloc(sizeof(*cif), M_CARP, M_WAITOK | M_ZERO);
2062 if ((error = ifpromisc(ifp, 1))) {
2067 TAILQ_INIT(&cif->vhif_vrs);
2070 struct carp_softc *vr;
2073 TAILQ_FOREACH(vr, &cif->vhif_vrs, sc_list) {
2074 if (vr != sc && vr->sc_vhid == sc->sc_vhid) {
2082 sc->sc_carpdev = ifp;
2085 { /* XXX prevent endless loop if already in queue */
2086 struct carp_softc *vr, *after = NULL;
2090 TAILQ_FOREACH(vr, &cif->vhif_vrs, sc_list) {
2093 if (vr->sc_vhid < sc->sc_vhid)
2098 /* We're trying to keep things in order */
2100 TAILQ_INSERT_TAIL(&cif->vhif_vrs, sc, sc_list);
2102 TAILQ_INSERT_AFTER(&cif->vhif_vrs, after, sc, sc_list);
2116 /* clean up multicast memberships */
2117 if (!sc->sc_naddrs6) {
2118 while (!LIST_EMPTY(&im6o->im6o_memberships)) {
2119 imm = LIST_FIRST(&im6o->im6o_memberships);
2120 LIST_REMOVE(imm, i6mm_chain);
2121 in6_leavegroup(imm);
2128 carp_del_addr6(struct carp_softc *sc, struct sockaddr_in6 *sin6)
2132 if (!--sc->sc_naddrs6) {
2133 struct carp_if *cif = sc->sc_carpdev->if_carp;
2134 struct ip6_moptions *im6o = &sc->sc_im6o;
2136 callout_stop(&sc->sc_ad_tmo);
2138 while (!LIST_EMPTY(&im6o->im6o_memberships)) {
2139 struct in6_multi_mship *imm =
2140 LIST_FIRST(&im6o->im6o_memberships);
2142 LIST_REMOVE(imm, i6mm_chain);
2143 in6_leavegroup(imm);
2145 im6o->im6o_multicast_ifp = NULL;
2147 TAILQ_REMOVE(&cif->vhif_vrs, sc, sc_list);
2148 if (TAILQ_EMPTY(&cif->vhif_vrs)) {
2149 sc->sc_carpdev->if_carp = NULL;
2150 kfree(cif, M_IFADDR);
2161 carp_ioctl(struct ifnet *ifp, u_long cmd, caddr_t addr, struct ucred *cr)
2163 struct carp_softc *sc = ifp->if_softc;
2164 struct ifreq *ifr = (struct ifreq *)addr;
2165 struct ifdrv *ifd = (struct ifdrv *)addr;
2168 ASSERT_IFNET_SERIALIZED_ALL(ifp);
2174 if (ifp->if_flags & IFF_UP) {
2175 if ((ifp->if_flags & IFF_RUNNING) == 0)
2177 } else if (ifp->if_flags & IFF_RUNNING) {
2178 carp_ioctl_stop(sc);
2183 error = carp_ioctl_setvh(sc, ifr->ifr_data, cr);
2187 error = carp_ioctl_getvh(sc, ifr->ifr_data, cr);
2191 switch (ifd->ifd_cmd) {
2193 error = carp_ioctl_getdevname(sc, ifd);
2197 error = carp_ioctl_getvhaddr(sc, ifd);
2207 error = ether_ioctl(ifp, cmd, addr);
2216 carp_ioctl_stop_dispatch(netmsg_t msg)
2218 struct netmsg_carp *cmsg = (struct netmsg_carp *)msg;
2219 struct carp_softc *sc = cmsg->nc_softc;
2225 lwkt_replymsg(&cmsg->base.lmsg, 0);
2229 carp_ioctl_stop(struct carp_softc *sc)
2231 struct ifnet *ifp = &sc->arpcom.ac_if;
2232 struct netmsg_carp cmsg;
2234 ASSERT_IFNET_SERIALIZED_ALL(ifp);
2236 ifnet_deserialize_all(ifp);
2238 bzero(&cmsg, sizeof(cmsg));
2239 netmsg_init(&cmsg.base, NULL, &curthread->td_msgport, 0,
2240 carp_ioctl_stop_dispatch);
2243 lwkt_domsg(cpu_portfn(0), &cmsg.base.lmsg, 0);
2245 ifnet_serialize_all(ifp);
2249 carp_ioctl_setvh_dispatch(netmsg_t msg)
2251 struct netmsg_carp *cmsg = (struct netmsg_carp *)msg;
2252 struct carp_softc *sc = cmsg->nc_softc;
2253 struct ifnet *ifp = &sc->arpcom.ac_if;
2254 const struct carpreq *carpr = cmsg->nc_data;
2260 if ((ifp->if_flags & IFF_RUNNING) &&
2261 sc->sc_state != INIT && carpr->carpr_state != sc->sc_state) {
2262 switch (carpr->carpr_state) {
2264 callout_stop(&sc->sc_ad_tmo);
2265 carp_set_state(sc, BACKUP);
2267 carp_setroute(sc, RTM_DELETE);
2271 carp_master_down(sc);
2278 if (carpr->carpr_vhid > 0) {
2279 if (carpr->carpr_vhid > 255) {
2283 if (sc->sc_carpdev) {
2284 struct carp_if *cif = sc->sc_carpdev->if_carp;
2285 struct carp_softc_container *scc;
2287 TAILQ_FOREACH(scc, cif, scc_link) {
2288 struct carp_softc *vr = scc->scc_softc;
2291 vr->sc_vhid == carpr->carpr_vhid) {
2297 sc->sc_vhid = carpr->carpr_vhid;
2299 IF_LLADDR(ifp)[5] = sc->sc_vhid;
2300 bcopy(IF_LLADDR(ifp), sc->arpcom.ac_enaddr,
2305 if (carpr->carpr_advbase > 0 || carpr->carpr_advskew > 0) {
2306 if (carpr->carpr_advskew >= 255) {
2310 if (carpr->carpr_advbase > 255) {
2314 sc->sc_advbase = carpr->carpr_advbase;
2315 sc->sc_advskew = carpr->carpr_advskew;
2318 bcopy(carpr->carpr_key, sc->sc_key, sizeof(sc->sc_key));
2326 carp_hmac_prepare(sc);
2329 lwkt_replymsg(&cmsg->base.lmsg, error);
2333 carp_ioctl_setvh(struct carp_softc *sc, void *udata, struct ucred *cr)
2335 struct ifnet *ifp = &sc->arpcom.ac_if;
2336 struct netmsg_carp cmsg;
2337 struct carpreq carpr;
2340 ASSERT_IFNET_SERIALIZED_ALL(ifp);
2341 ifnet_deserialize_all(ifp);
2343 error = priv_check_cred(cr, PRIV_ROOT, NULL_CRED_OKAY);
2347 error = copyin(udata, &carpr, sizeof(carpr));
2351 bzero(&cmsg, sizeof(cmsg));
2352 netmsg_init(&cmsg.base, NULL, &curthread->td_msgport, 0,
2353 carp_ioctl_setvh_dispatch);
2355 cmsg.nc_data = &carpr;
2357 error = lwkt_domsg(cpu_portfn(0), &cmsg.base.lmsg, 0);
2360 ifnet_serialize_all(ifp);
2365 carp_ioctl_getvh_dispatch(netmsg_t msg)
2367 struct netmsg_carp *cmsg = (struct netmsg_carp *)msg;
2368 struct carp_softc *sc = cmsg->nc_softc;
2369 struct carpreq *carpr = cmsg->nc_data;
2373 carpr->carpr_state = sc->sc_state;
2374 carpr->carpr_vhid = sc->sc_vhid;
2375 carpr->carpr_advbase = sc->sc_advbase;
2376 carpr->carpr_advskew = sc->sc_advskew;
2377 bcopy(sc->sc_key, carpr->carpr_key, sizeof(carpr->carpr_key));
2381 lwkt_replymsg(&cmsg->base.lmsg, 0);
2385 carp_ioctl_getvh(struct carp_softc *sc, void *udata, struct ucred *cr)
2387 struct ifnet *ifp = &sc->arpcom.ac_if;
2388 struct netmsg_carp cmsg;
2389 struct carpreq carpr;
2392 ASSERT_IFNET_SERIALIZED_ALL(ifp);
2393 ifnet_deserialize_all(ifp);
2395 bzero(&cmsg, sizeof(cmsg));
2396 netmsg_init(&cmsg.base, NULL, &curthread->td_msgport, 0,
2397 carp_ioctl_getvh_dispatch);
2399 cmsg.nc_data = &carpr;
2401 lwkt_domsg(cpu_portfn(0), &cmsg.base.lmsg, 0);
2403 error = priv_check_cred(cr, PRIV_ROOT, NULL_CRED_OKAY);
2405 bzero(carpr.carpr_key, sizeof(carpr.carpr_key));
2407 error = copyout(&carpr, udata, sizeof(carpr));
2409 ifnet_serialize_all(ifp);
2414 carp_ioctl_getdevname_dispatch(netmsg_t msg)
2416 struct netmsg_carp *cmsg = (struct netmsg_carp *)msg;
2417 struct carp_softc *sc = cmsg->nc_softc;
2418 char *devname = cmsg->nc_data;
2420 bzero(devname, sizeof(devname));
2423 if (sc->sc_carpdev != NULL)
2424 strlcpy(devname, sc->sc_carpdev->if_xname, sizeof(devname));
2427 lwkt_replymsg(&cmsg->base.lmsg, 0);
2431 carp_ioctl_getdevname(struct carp_softc *sc, struct ifdrv *ifd)
2433 struct ifnet *ifp = &sc->arpcom.ac_if;
2434 struct netmsg_carp cmsg;
2435 char devname[IFNAMSIZ];
2438 ASSERT_IFNET_SERIALIZED_ALL(ifp);
2440 if (ifd->ifd_len != sizeof(devname))
2443 ifnet_deserialize_all(ifp);
2445 bzero(&cmsg, sizeof(cmsg));
2446 netmsg_init(&cmsg.base, NULL, &curthread->td_msgport, 0,
2447 carp_ioctl_getdevname_dispatch);
2449 cmsg.nc_data = devname;
2451 lwkt_domsg(cpu_portfn(0), &cmsg.base.lmsg, 0);
2453 error = copyout(devname, ifd->ifd_data, sizeof(devname));
2455 ifnet_serialize_all(ifp);
2460 carp_init_dispatch(netmsg_t msg)
2462 struct netmsg_carp *cmsg = (struct netmsg_carp *)msg;
2463 struct carp_softc *sc = cmsg->nc_softc;
2467 sc->sc_if.if_flags |= IFF_RUNNING;
2468 carp_hmac_prepare(sc);
2469 carp_set_state(sc, INIT);
2474 lwkt_replymsg(&cmsg->base.lmsg, 0);
2478 carp_init(void *xsc)
2480 struct carp_softc *sc = xsc;
2481 struct ifnet *ifp = &sc->arpcom.ac_if;
2482 struct netmsg_carp cmsg;
2484 ASSERT_IFNET_SERIALIZED_ALL(ifp);
2486 ifnet_deserialize_all(ifp);
2488 bzero(&cmsg, sizeof(cmsg));
2489 netmsg_init(&cmsg.base, NULL, &curthread->td_msgport, 0,
2490 carp_init_dispatch);
2493 lwkt_domsg(cpu_portfn(0), &cmsg.base.lmsg, 0);
2495 ifnet_serialize_all(ifp);
2499 carp_output(struct ifnet *ifp, struct mbuf *m, struct sockaddr *dst,
2502 struct carp_softc *sc = ifp->if_softc;
2503 struct ifnet *carpdev;
2507 carpdev = sc->sc_carpdev;
2508 if (carpdev != NULL) {
2511 * CARP's ifp is passed to backing device's
2514 carpdev->if_output(ifp, m, dst, rt);
2517 error = ENETUNREACH;
2525 * Start output on carp interface. This function should never be called.
2528 carp_start(struct ifnet *ifp)
2530 panic("%s: start called\n", ifp->if_xname);
2534 carp_serialize(struct ifnet *ifp __unused,
2535 enum ifnet_serialize slz __unused)
2540 carp_deserialize(struct ifnet *ifp __unused,
2541 enum ifnet_serialize slz __unused)
2546 carp_tryserialize(struct ifnet *ifp __unused,
2547 enum ifnet_serialize slz __unused)
2555 carp_serialize_assert(struct ifnet *ifp __unused,
2556 enum ifnet_serialize slz __unused, boolean_t serialized __unused)
2560 #endif /* INVARIANTS */
2563 carp_set_state(struct carp_softc *sc, int state)
2565 struct ifnet *cifp = &sc->sc_if;
2567 if (sc->sc_state == state)
2569 sc->sc_state = state;
2571 switch (sc->sc_state) {
2573 cifp->if_link_state = LINK_STATE_DOWN;
2577 cifp->if_link_state = LINK_STATE_UP;
2581 cifp->if_link_state = LINK_STATE_UNKNOWN;
2588 carp_group_demote_adj(struct ifnet *ifp, int adj)
2590 struct ifg_list *ifgl;
2595 TAILQ_FOREACH(ifgl, &ifp->if_groups, ifgl_next) {
2596 if (!strcmp(ifgl->ifgl_group->ifg_group, IFG_ALL))
2598 dm = &ifgl->ifgl_group->ifg_carp_demoted;
2605 if (adj > 0 && *dm == 1)
2607 CARP_LOG("%s demoted group %s to %d", ifp->if_xname,
2608 ifgl->ifgl_group->ifg_group, *dm);
2616 carp_carpdev_state(void *v)
2618 struct carp_if *cif = v;
2619 struct carp_softc *sc;
2623 TAILQ_FOREACH(sc, &cif->vhif_vrs, sc_list)
2630 carp_sc_state(struct carp_softc *sc)
2632 if (!(sc->sc_carpdev->if_flags & IFF_UP)) {
2633 callout_stop(&sc->sc_ad_tmo);
2634 callout_stop(&sc->sc_md_tmo);
2635 callout_stop(&sc->sc_md6_tmo);
2636 carp_set_state(sc, INIT);
2638 if (!sc->sc_suppress) {
2639 carp_suppress_preempt++;
2640 if (carp_suppress_preempt == 1)
2643 sc->sc_suppress = 1;
2645 carp_set_state(sc, INIT);
2647 if (sc->sc_suppress)
2648 carp_suppress_preempt--;
2649 sc->sc_suppress = 0;
2655 carp_stop(struct carp_softc *sc, int detach)
2657 sc->sc_if.if_flags &= ~IFF_RUNNING;
2659 callout_stop(&sc->sc_ad_tmo);
2660 callout_stop(&sc->sc_md_tmo);
2661 callout_stop(&sc->sc_md6_tmo);
2663 if (!detach && sc->sc_state == MASTER)
2666 if (sc->sc_suppress)
2667 carp_suppress_preempt--;
2668 sc->sc_suppress = 0;
2670 if (sc->sc_sendad_errors >= CARP_SENDAD_MAX_ERRORS)
2671 carp_suppress_preempt--;
2672 sc->sc_sendad_errors = 0;
2673 sc->sc_sendad_success = 0;
2675 carp_set_state(sc, INIT);
2680 carp_suspend(struct carp_softc *sc, int detach)
2682 struct ifnet *cifp = &sc->sc_if;
2684 carp_stop(sc, detach);
2686 /* Retain the running state, if we are not dead yet */
2687 if (!sc->sc_dead && (cifp->if_flags & IFF_UP))
2688 cifp->if_flags |= IFF_RUNNING;
2692 carp_activate_vhaddr(struct carp_softc *sc, struct carp_vhaddr *vha,
2693 struct ifnet *ifp, struct in_ifaddr *ia_if, int own)
2695 struct ip_moptions *imo = &sc->sc_imo;
2696 struct carp_if *ocif = ifp->if_carp;
2699 KKASSERT(vha->vha_ia != NULL);
2701 KASSERT(ia_if != NULL, ("NULL backing address\n"));
2702 KASSERT(vha->vha_iaback == NULL, ("%p is already activated\n", vha));
2703 KASSERT((vha->vha_flags & CARP_VHAF_OWNER) == 0,
2704 ("inactive vhaddr %p is the address owner\n", vha));
2706 KASSERT(sc->sc_carpdev == NULL || sc->sc_carpdev == ifp,
2707 ("%s is already on %s\n", sc->sc_if.if_xname,
2708 sc->sc_carpdev->if_xname));
2711 KASSERT(sc->sc_carpdev == NULL,
2712 ("%s is already on %s\n", sc->sc_if.if_xname,
2713 sc->sc_carpdev->if_xname));
2715 error = ifpromisc(ifp, 1);
2719 struct carp_softc_container *scc;
2721 TAILQ_FOREACH(scc, ocif, scc_link) {
2722 struct carp_softc *vr = scc->scc_softc;
2724 if (vr != sc && vr->sc_vhid == sc->sc_vhid)
2729 ifp->if_carp = carp_if_insert(ocif, sc);
2730 KASSERT(ifp->if_carp != NULL, ("%s carp_if_insert failed\n", __func__));
2733 sc->sc_carpdev = ifp;
2736 * Make sure that all protocol threads see the sc_carpdev and
2739 netmsg_service_sync();
2741 if (ocif != NULL && ifp->if_carp != ocif) {
2743 * The old carp list could be safely free now,
2744 * since no one can access it.
2749 vha->vha_iaback = ia_if;
2753 vha->vha_flags |= CARP_VHAF_OWNER;
2755 /* XXX save user configured advskew? */
2759 carp_addroute_vhaddr(sc, vha);
2762 * Join the multicast group only after the backing interface
2763 * has been hooked with the CARP interface.
2765 KASSERT(imo->imo_multicast_ifp == NULL ||
2766 imo->imo_multicast_ifp == &sc->sc_if,
2767 ("%s didn't leave mcast group on %s\n",
2768 sc->sc_if.if_xname, imo->imo_multicast_ifp->if_xname));
2770 if (imo->imo_num_memberships == 0) {
2771 struct in_addr addr;
2773 addr.s_addr = htonl(INADDR_CARP_GROUP);
2774 imo->imo_membership[0] = in_addmulti(&addr, &sc->sc_if);
2775 if (imo->imo_membership[0] == NULL) {
2776 carp_deactivate_vhaddr(sc, vha, FALSE);
2780 imo->imo_num_memberships++;
2781 imo->imo_multicast_ifp = &sc->sc_if;
2782 imo->imo_multicast_ttl = CARP_DFLTTL;
2783 imo->imo_multicast_loop = 0;
2786 carp_hmac_prepare(sc);
2787 carp_set_state(sc, INIT);
2793 carp_deactivate_vhaddr(struct carp_softc *sc, struct carp_vhaddr *vha,
2794 boolean_t del_iaback)
2796 KKASSERT(vha->vha_ia != NULL);
2798 carp_hmac_prepare(sc);
2800 if (vha->vha_iaback == NULL) {
2801 KASSERT((vha->vha_flags & CARP_VHAF_OWNER) == 0,
2802 ("inactive vhaddr %p is the address owner\n", vha));
2806 vha->vha_flags &= ~CARP_VHAF_OWNER;
2807 carp_delroute_vhaddr(sc, vha, del_iaback);
2809 KKASSERT(sc->sc_naddrs > 0);
2810 vha->vha_iaback = NULL;
2812 if (!sc->sc_naddrs) {
2813 if (sc->sc_naddrs6) {
2814 carp_multicast_cleanup(sc);
2817 carp_detach(sc, 0, del_iaback);
2823 carp_link_addrs(struct carp_softc *sc, struct ifnet *ifp, struct ifaddr *ifa_if)
2825 struct carp_vhaddr *vha;
2826 struct in_ifaddr *ia_if;
2828 KKASSERT(ifa_if->ifa_addr->sa_family == AF_INET);
2829 ia_if = ifatoia(ifa_if);
2832 * Test each inactive vhaddr against the newly added address.
2833 * If the newly added address could be the backing address,
2834 * then activate the matching vhaddr.
2836 TAILQ_FOREACH(vha, &sc->sc_vha_list, vha_link) {
2837 const struct in_ifaddr *ia;
2841 if (vha->vha_iaback != NULL)
2845 iaddr = ntohl(ia->ia_addr.sin_addr.s_addr);
2847 if ((iaddr & ia_if->ia_subnetmask) != ia_if->ia_subnet)
2851 if (ia->ia_addr.sin_addr.s_addr ==
2852 ia_if->ia_addr.sin_addr.s_addr)
2855 carp_activate_vhaddr(sc, vha, ifp, ia_if, own);
2860 carp_unlink_addrs(struct carp_softc *sc, struct ifnet *ifp,
2861 struct ifaddr *ifa_if)
2863 struct carp_vhaddr *vha;
2864 struct in_ifaddr *ia_if;
2866 KKASSERT(ifa_if->ifa_addr->sa_family == AF_INET);
2867 ia_if = ifatoia(ifa_if);
2870 * Ad src address is deleted; set it to NULL.
2871 * Following loop will try pick up a new ad src address
2872 * if one of the vhaddr could retain its backing address.
2874 if (sc->sc_ia == ia_if)
2878 * Test each active vhaddr against the deleted address.
2879 * If the deleted address is vhaddr address's backing
2880 * address, then deactivate the vhaddr.
2882 TAILQ_FOREACH(vha, &sc->sc_vha_list, vha_link) {
2883 if (vha->vha_iaback == NULL)
2886 if (vha->vha_iaback == ia_if)
2887 carp_deactivate_vhaddr(sc, vha, TRUE);
2888 else if (sc->sc_ia == NULL)
2889 sc->sc_ia = vha->vha_iaback;
2894 carp_update_addrs(struct carp_softc *sc, struct ifaddr *ifa_del)
2896 struct carp_vhaddr *vha;
2898 KKASSERT(sc->sc_carpdev == NULL);
2900 TAILQ_FOREACH(vha, &sc->sc_vha_list, vha_link)
2901 carp_config_vhaddr(sc, vha, ifatoia(ifa_del));
2905 carp_ifaddr(void *arg __unused, struct ifnet *ifp,
2906 enum ifaddr_event event, struct ifaddr *ifa)
2908 struct carp_softc *sc;
2912 if (ifa->ifa_addr->sa_family != AF_INET)
2915 KASSERT(&curthread->td_msgport == cpu_portfn(0),
2916 ("not in netisr0"));
2918 if (ifp->if_type == IFT_CARP) {
2920 * Address is changed on carp(4) interface
2923 case IFADDR_EVENT_ADD:
2924 carp_add_addr(ifp->if_softc, ifa);
2927 case IFADDR_EVENT_CHANGE:
2928 carp_config_addr(ifp->if_softc, ifa);
2931 case IFADDR_EVENT_DELETE:
2932 carp_del_addr(ifp->if_softc, ifa);
2939 * Address is changed on non-carp(4) interface
2941 if ((ifp->if_flags & IFF_MULTICAST) == 0)
2944 LIST_FOREACH(sc, &carpif_list, sc_next) {
2945 if (sc->sc_carpdev != NULL && sc->sc_carpdev != ifp) {
2946 /* Not the parent iface; skip */
2951 case IFADDR_EVENT_ADD:
2952 carp_link_addrs(sc, ifp, ifa);
2955 case IFADDR_EVENT_DELETE:
2956 if (sc->sc_carpdev != NULL) {
2957 carp_unlink_addrs(sc, ifp, ifa);
2958 if (sc->sc_carpdev == NULL) {
2960 * We no longer have the parent
2961 * interface, however, certain
2962 * virtual addresses, which are
2963 * not used because they can't
2964 * match the previous parent
2965 * interface's addresses, may now
2966 * match different interface's
2969 carp_update_addrs(sc, ifa);
2973 * The carp(4) interface didn't have a
2974 * parent iface, so it is not possible
2975 * that it will contain any address to
2981 case IFADDR_EVENT_CHANGE:
2982 if (sc->sc_carpdev == NULL) {
2984 * The carp(4) interface didn't have a
2985 * parent iface, so it is not possible
2986 * that it will contain any address to
2989 carp_link_addrs(sc, ifp, ifa);
2992 * First try breaking tie with the old
2993 * address. Then see whether we could
2994 * link certain vhaddr to the new address.
2995 * If that fails, i.e. carpdev is NULL,
2996 * we try a global update.
2998 * NOTE: The above order is critical.
3000 carp_unlink_addrs(sc, ifp, ifa);
3001 carp_link_addrs(sc, ifp, ifa);
3002 if (sc->sc_carpdev == NULL) {
3004 * See the comment in the above
3005 * IFADDR_EVENT_DELETE block.
3007 carp_update_addrs(sc, NULL);
3019 carp_proto_ctlinput(netmsg_t msg)
3021 int cmd = msg->ctlinput.nm_cmd;
3022 struct sockaddr *sa = msg->ctlinput.nm_arg;
3023 struct in_ifaddr_container *iac;
3027 TAILQ_FOREACH(iac, &in_ifaddrheads[mycpuid], ia_link) {
3028 struct in_ifaddr *ia = iac->ia;
3029 struct ifnet *ifp = ia->ia_ifp;
3031 if (ifp->if_type == IFT_CARP)
3034 if (ia->ia_ifa.ifa_addr == sa) {
3035 if (cmd == PRC_IFDOWN) {
3036 carp_ifaddr(NULL, ifp, IFADDR_EVENT_DELETE,
3038 } else if (cmd == PRC_IFUP) {
3039 carp_ifaddr(NULL, ifp, IFADDR_EVENT_ADD,
3047 lwkt_replymsg(&msg->lmsg, 0);
3053 lwkt_gettoken(&carp_tok);
3059 lwkt_reltoken(&carp_tok);
3063 carp_parent(struct ifnet *cifp)
3065 struct carp_softc *sc;
3067 ASSERT_LWKT_TOKEN_HELD(&carp_tok);
3069 KKASSERT(cifp->if_type == IFT_CARP);
3070 sc = cifp->if_softc;
3072 return sc->sc_carpdev;
3075 #define rtinitflags(x) \
3076 (((x)->ia_ifp->if_flags & (IFF_LOOPBACK | IFF_POINTOPOINT)) \
3080 carp_addroute_vhaddr(struct carp_softc *sc, struct carp_vhaddr *vha)
3082 struct in_ifaddr *ia, *iaback;
3085 if (sc->sc_state != MASTER)
3089 KKASSERT(ia != NULL);
3091 iaback = vha->vha_iaback;
3092 KKASSERT(iaback != NULL);
3094 rtinit(&iaback->ia_ifa, RTM_DELETE, rtinitflags(iaback));
3095 in_ifadown(&iaback->ia_ifa, 1);
3096 iaback->ia_flags &= ~IFA_ROUTE;
3098 error = rtinit(&ia->ia_ifa, RTM_ADD, rtinitflags(ia) | RTF_UP);
3100 ia->ia_flags |= IFA_ROUTE;
3105 carp_delroute_vhaddr(struct carp_softc *sc, struct carp_vhaddr *vha,
3106 boolean_t del_iaback)
3108 struct in_ifaddr *ia, *iaback;
3111 KKASSERT(ia != NULL);
3113 iaback = vha->vha_iaback;
3114 KKASSERT(iaback != NULL);
3116 rtinit(&ia->ia_ifa, RTM_DELETE, rtinitflags(ia));
3117 in_ifadown(&ia->ia_ifa, 1);
3118 ia->ia_flags &= ~IFA_ROUTE;
3120 if (!del_iaback && (iaback->ia_ifp->if_flags & IFF_UP)) {
3123 error = rtinit(&iaback->ia_ifa, RTM_ADD,
3124 rtinitflags(iaback) | RTF_UP);
3126 iaback->ia_flags |= IFA_ROUTE;
3131 carp_modevent(module_t mod, int type, void *data)
3135 LIST_INIT(&carpif_list);
3136 carp_ifdetach_event =
3137 EVENTHANDLER_REGISTER(ifnet_detach_event, carp_ifdetach, NULL,
3138 EVENTHANDLER_PRI_ANY);
3140 EVENTHANDLER_REGISTER(ifaddr_event, carp_ifaddr, NULL,
3141 EVENTHANDLER_PRI_FIRST);
3142 if_clone_attach(&carp_cloner);
3146 EVENTHANDLER_DEREGISTER(ifnet_detach_event,
3147 carp_ifdetach_event);
3148 EVENTHANDLER_DEREGISTER(ifaddr_event,
3150 if_clone_detach(&carp_cloner);
3159 static moduledata_t carp_mod = {
3164 DECLARE_MODULE(carp, carp_mod, SI_SUB_PSEUDO, SI_ORDER_ANY);
projects / dragonfly.git / blob