2 * Copyright (c) 2002 Michael Shalayeff. All rights reserved.
3 * Copyright (c) 2003 Ryan McBride. All rights reserved.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17 * IN NO EVENT SHALL THE AUTHOR OR HIS RELATIVES BE LIABLE FOR ANY DIRECT,
18 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
19 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
20 * SERVICES; LOSS OF MIND, USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
22 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
23 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
24 * THE POSSIBILITY OF SUCH DAMAGE.
27 * $FreeBSD: src/sys/netinet/ip_carp.c,v 1.48 2007/02/02 09:39:09 glebius Exp $
28 * $DragonFly: src/sys/netinet/ip_carp.c,v 1.10 2008/07/27 10:06:57 sephe Exp $
33 #include "opt_inet6.h"
35 #include <sys/param.h>
36 #include <sys/systm.h>
37 #include <sys/kernel.h>
38 #include <sys/in_cksum.h>
39 #include <sys/limits.h>
40 #include <sys/malloc.h>
44 #include <sys/sockio.h>
45 #include <sys/socket.h>
46 #include <sys/sysctl.h>
47 #include <sys/syslog.h>
49 #include <machine/stdarg.h>
50 #include <crypto/sha1.h>
53 #include <net/ethernet.h>
55 #include <net/if_dl.h>
56 #include <net/if_types.h>
57 #include <net/route.h>
58 #include <net/if_clone.h>
61 #include <netinet/in.h>
62 #include <netinet/in_var.h>
63 #include <netinet/in_systm.h>
64 #include <netinet/ip.h>
65 #include <netinet/ip_var.h>
66 #include <netinet/if_ether.h>
70 #include <netinet/icmp6.h>
71 #include <netinet/ip6.h>
72 #include <netinet6/ip6_var.h>
73 #include <netinet6/scope6_var.h>
74 #include <netinet6/nd6.h>
77 #include <netinet/ip_carp.h>
79 #define CARP_IFNAME "carp"
80 #define CARP_IS_RUNNING(ifp) \
81 (((ifp)->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING))
85 struct ifnet *sc_ifp; /* compat shim */
86 struct ifnet *sc_carpdev; /* parent interface */
87 struct in_ifaddr *sc_ia; /* primary iface address */
88 struct ip_moptions sc_imo;
90 struct in6_ifaddr *sc_ia6; /* primary iface address v6 */
91 struct ip6_moptions sc_im6o;
93 TAILQ_ENTRY(carp_softc) sc_list;
95 enum { INIT = 0, BACKUP, MASTER }
101 int sc_sendad_errors;
102 #define CARP_SENDAD_MAX_ERRORS 3
103 int sc_sendad_success;
104 #define CARP_SENDAD_MIN_SUCCESS 3
110 int sc_advbase; /* seconds */
115 #define CARP_HMAC_PAD 64
116 unsigned char sc_key[CARP_KEY_LEN];
117 unsigned char sc_pad[CARP_HMAC_PAD];
120 struct callout sc_ad_tmo; /* advertisement timeout */
121 struct callout sc_md_tmo; /* master down timeout */
122 struct callout sc_md6_tmo; /* master down timeout */
124 LIST_ENTRY(carp_softc) sc_next; /* Interface clue */
126 #define SC2IFP(sc) ((sc)->sc_ifp)
129 TAILQ_HEAD(, carp_softc) vhif_vrs;
132 struct ifnet *vhif_ifp;
135 enum { CARP_COUNT_MASTER, CARP_COUNT_RUNNING };
137 SYSCTL_DECL(_net_inet_carp);
139 static int carp_opts[CARPCTL_MAXID] = { 0, 1, 0, 1, 0, 0 }; /* XXX for now */
140 SYSCTL_INT(_net_inet_carp, CARPCTL_ALLOW, allow, CTLFLAG_RW,
141 &carp_opts[CARPCTL_ALLOW], 0, "Accept incoming CARP packets");
142 SYSCTL_INT(_net_inet_carp, CARPCTL_PREEMPT, preempt, CTLFLAG_RW,
143 &carp_opts[CARPCTL_PREEMPT], 0, "high-priority backup preemption mode");
144 SYSCTL_INT(_net_inet_carp, CARPCTL_LOG, log, CTLFLAG_RW,
145 &carp_opts[CARPCTL_LOG], 0, "log bad carp packets");
146 SYSCTL_INT(_net_inet_carp, CARPCTL_ARPBALANCE, arpbalance, CTLFLAG_RW,
147 &carp_opts[CARPCTL_ARPBALANCE], 0, "balance arp responses");
149 static int carp_suppress_preempt = 0;
150 SYSCTL_INT(_net_inet_carp, OID_AUTO, suppress_preempt, CTLFLAG_RD,
151 &carp_suppress_preempt, 0, "Preemption is suppressed");
153 static struct carpstats carpstats;
154 SYSCTL_STRUCT(_net_inet_carp, CARPCTL_STATS, stats, CTLFLAG_RW,
155 &carpstats, carpstats,
156 "CARP statistics (struct carpstats, netinet/ip_carp.h)");
158 #define CARP_LOG(...) do { \
159 if (carp_opts[CARPCTL_LOG] > 0) \
160 log(LOG_INFO, __VA_ARGS__); \
163 #define CARP_DEBUG(...) do { \
164 if (carp_opts[CARPCTL_LOG] > 1) \
165 log(LOG_DEBUG, __VA_ARGS__); \
168 static void carp_hmac_prepare(struct carp_softc *);
169 static void carp_hmac_generate(struct carp_softc *, uint32_t *,
171 static int carp_hmac_verify(struct carp_softc *, uint32_t *,
173 static void carp_setroute(struct carp_softc *, int);
174 static void carp_input_c(struct mbuf *, struct carp_header *, sa_family_t);
175 static int carp_clone_create(struct if_clone *, int);
176 static void carp_clone_destroy(struct ifnet *);
177 static void carpdetach(struct carp_softc *, int);
178 static int carp_prepare_ad(struct mbuf *, struct carp_softc *,
179 struct carp_header *);
180 static void carp_send_ad_all(void);
181 static void carp_send_ad(void *);
182 static void carp_send_ad_locked(struct carp_softc *);
183 static void carp_send_arp(struct carp_softc *);
184 static void carp_master_down(void *);
185 static void carp_master_down_locked(struct carp_softc *);
186 static int carp_ioctl(struct ifnet *, u_long, caddr_t, struct ucred *);
187 static int carp_looutput(struct ifnet *, struct mbuf *, struct sockaddr *,
189 static void carp_start(struct ifnet *);
190 static void carp_setrun(struct carp_softc *, sa_family_t);
191 static void carp_set_state(struct carp_softc *, int);
192 static int carp_addrcount(struct carp_if *, struct in_ifaddr *, int);
194 static void carp_multicast_cleanup(struct carp_softc *);
195 static int carp_set_addr(struct carp_softc *, struct sockaddr_in *);
196 static int carp_del_addr(struct carp_softc *, struct sockaddr_in *);
197 static void carp_carpdev_state_locked(struct carp_if *);
198 static void carp_sc_state_locked(struct carp_softc *);
200 static void carp_send_na(struct carp_softc *);
201 static int carp_set_addr6(struct carp_softc *, struct sockaddr_in6 *);
202 static int carp_del_addr6(struct carp_softc *, struct sockaddr_in6 *);
203 static void carp_multicast6_cleanup(struct carp_softc *);
206 static MALLOC_DEFINE(M_CARP, "CARP", "CARP interfaces");
208 static LIST_HEAD(, carp_softc) carpif_list;
210 static struct if_clone carp_cloner =
211 IF_CLONE_INITIALIZER(CARP_IFNAME, carp_clone_create, carp_clone_destroy,
214 static eventhandler_tag carp_ifdetach_event;
217 carp_hmac_prepare(struct carp_softc *sc)
219 uint8_t version = CARP_VERSION, type = CARP_ADVERTISEMENT;
220 uint8_t vhid = sc->sc_vhid & 0xff;
221 struct ifaddr_container *ifac;
227 /* XXX: possible race here */
229 /* compute ipad from key */
230 bzero(sc->sc_pad, sizeof(sc->sc_pad));
231 bcopy(sc->sc_key, sc->sc_pad, sizeof(sc->sc_key));
232 for (i = 0; i < sizeof(sc->sc_pad); i++)
233 sc->sc_pad[i] ^= 0x36;
235 /* precompute first part of inner hash */
236 SHA1Init(&sc->sc_sha1);
237 SHA1Update(&sc->sc_sha1, sc->sc_pad, sizeof(sc->sc_pad));
238 SHA1Update(&sc->sc_sha1, (void *)&version, sizeof(version));
239 SHA1Update(&sc->sc_sha1, (void *)&type, sizeof(type));
240 SHA1Update(&sc->sc_sha1, (void *)&vhid, sizeof(vhid));
242 TAILQ_FOREACH(ifac, &SC2IFP(sc)->if_addrheads[mycpuid], ifa_link) {
243 struct ifaddr *ifa = ifac->ifa;
245 if (ifa->ifa_addr->sa_family == AF_INET)
246 SHA1Update(&sc->sc_sha1,
247 (void *)&ifatoia(ifa)->ia_addr.sin_addr.s_addr,
248 sizeof(struct in_addr));
252 TAILQ_FOREACH(ifac, &SC2IFP(sc)->if_addrheads[mycpuid], ifa_link) {
253 struct ifaddr *ifa = ifac->ifa;
255 if (ifa->ifa_addr->sa_family == AF_INET6) {
256 in6 = ifatoia6(ifa)->ia_addr.sin6_addr;
257 in6_clearscope(&in6);
258 SHA1Update(&sc->sc_sha1, (void *)&in6, sizeof(in6));
263 /* convert ipad to opad */
264 for (i = 0; i < sizeof(sc->sc_pad); i++)
265 sc->sc_pad[i] ^= 0x36 ^ 0x5c;
269 carp_hmac_generate(struct carp_softc *sc, uint32_t counter[2],
270 unsigned char md[20])
274 /* fetch first half of inner hash */
275 bcopy(&sc->sc_sha1, &sha1ctx, sizeof(sha1ctx));
277 SHA1Update(&sha1ctx, (void *)counter, sizeof(sc->sc_counter));
278 SHA1Final(md, &sha1ctx);
282 SHA1Update(&sha1ctx, sc->sc_pad, sizeof(sc->sc_pad));
283 SHA1Update(&sha1ctx, md, 20);
284 SHA1Final(md, &sha1ctx);
288 carp_hmac_verify(struct carp_softc *sc, uint32_t counter[2],
289 unsigned char md[20])
291 unsigned char md2[20];
293 carp_hmac_generate(sc, counter, md2);
294 return (bcmp(md, md2, sizeof(md2)));
298 carp_setroute(struct carp_softc *sc, int cmd)
300 struct ifaddr_container *ifac;
303 TAILQ_FOREACH(ifac, &SC2IFP(sc)->if_addrheads[mycpuid], ifa_link) {
304 struct ifaddr *ifa = ifac->ifa;
306 if (ifa->ifa_addr->sa_family == AF_INET &&
307 sc->sc_carpdev != NULL) {
308 int count = carp_addrcount(
309 (struct carp_if *)sc->sc_carpdev->if_carp,
310 ifatoia(ifa), CARP_COUNT_MASTER);
312 if ((cmd == RTM_ADD && count == 1) ||
313 (cmd == RTM_DELETE && count == 0))
314 rtinit(ifa, cmd, RTF_UP | RTF_HOST);
317 if (ifa->ifa_addr->sa_family == AF_INET6) {
329 carp_clone_create(struct if_clone *ifc, int unit)
331 struct carp_softc *sc;
334 sc = kmalloc(sizeof(*sc), M_CARP, M_WAITOK | M_ZERO);
335 ifp = sc->sc_ifp = &sc->sc_if;
337 sc->sc_flags_backup = 0;
339 sc->sc_advbase = CARP_DFLTINTV;
340 sc->sc_vhid = -1; /* required setting */
342 sc->sc_init_counter = 1;
343 sc->sc_naddrs = sc->sc_naddrs6 = 0;
346 sc->sc_im6o.im6o_multicast_hlim = CARP_DFLTTL;
349 callout_init(&sc->sc_ad_tmo);
350 callout_init(&sc->sc_md_tmo);
351 callout_init(&sc->sc_md6_tmo);
354 if_initname(ifp, CARP_IFNAME, unit);
355 ifp->if_mtu = ETHERMTU;
356 ifp->if_flags = IFF_LOOPBACK;
357 ifp->if_ioctl = carp_ioctl;
358 ifp->if_output = carp_looutput;
359 ifp->if_start = carp_start;
360 ifp->if_type = IFT_CARP;
361 ifp->if_snd.ifq_maxlen = ifqmaxlen;
363 if_attach(ifp, NULL);
364 bpfattach(ifp, DLT_NULL, sizeof(u_int));
367 LIST_INSERT_HEAD(&carpif_list, sc, sc_next);
374 carp_clone_destroy(struct ifnet *ifp)
376 struct carp_softc *sc = ifp->if_softc;
381 LIST_REMOVE(sc, sc_next);
389 * This function can be called on CARP interface destroy path,
390 * and in case of the removal of the underlying interface as
391 * well. We differentiate these two cases. In the latter case
392 * we do not cleanup our multicast memberships, since they
396 carpdetach(struct carp_softc *sc, int unlock)
400 callout_stop(&sc->sc_ad_tmo);
401 callout_stop(&sc->sc_md_tmo);
402 callout_stop(&sc->sc_md6_tmo);
405 carp_suppress_preempt--;
408 if (sc->sc_sendad_errors >= CARP_SENDAD_MAX_ERRORS)
409 carp_suppress_preempt--;
410 sc->sc_sendad_errors = 0;
412 carp_set_state(sc, INIT);
413 SC2IFP(sc)->if_flags &= ~IFF_UP;
416 carp_multicast_cleanup(sc);
418 carp_multicast6_cleanup(sc);
421 if (sc->sc_carpdev != NULL) {
422 cif = (struct carp_if *)sc->sc_carpdev->if_carp;
423 TAILQ_REMOVE(&cif->vhif_vrs, sc, sc_list);
424 if (!--cif->vhif_nvrs) {
425 ifpromisc(sc->sc_carpdev, 0);
426 sc->sc_carpdev->if_carp = NULL;
429 sc->sc_carpdev = NULL;
433 /* Detach an interface from the carp. */
435 carp_ifdetach(void *arg __unused, struct ifnet *ifp)
437 struct carp_if *cif = (struct carp_if *)ifp->if_carp;
438 struct carp_softc *sc, *nextsc;
443 for (sc = TAILQ_FIRST(&cif->vhif_vrs); sc; sc = nextsc) {
444 nextsc = TAILQ_NEXT(sc, sc_list);
450 * process input packet.
451 * we have rearranged checks order compared to the rfc,
452 * but it seems more efficient this way or not possible otherwise.
455 carp_input(struct mbuf *m, ...)
457 struct ip *ip = mtod(m, struct ip *);
458 struct carp_header *ch;
463 iphlen = __va_arg(ap, int);
466 carpstats.carps_ipackets++;
468 if (!carp_opts[CARPCTL_ALLOW]) {
473 /* Check if received on a valid carp interface */
474 if (m->m_pkthdr.rcvif->if_carp == NULL) {
475 carpstats.carps_badif++;
476 CARP_LOG("carp_input: packet received on non-carp "
478 m->m_pkthdr.rcvif->if_xname);
483 /* Verify that the IP TTL is CARP_DFLTTL. */
484 if (ip->ip_ttl != CARP_DFLTTL) {
485 carpstats.carps_badttl++;
486 CARP_LOG("carp_input: received ttl %d != %d on %s\n",
487 ip->ip_ttl, CARP_DFLTTL,
488 m->m_pkthdr.rcvif->if_xname);
493 /* Minimal CARP packet size */
494 len = iphlen + sizeof(*ch);
497 * Verify that the received packet length is
498 * not less than the CARP header
500 if (m->m_pkthdr.len < len) {
501 carpstats.carps_badlen++;
502 CARP_LOG("packet too short %d on %s\n", m->m_pkthdr.len,
503 m->m_pkthdr.rcvif->if_xname);
508 /* Make sure that CARP header is contiguous */
509 if (len > m->m_len) {
510 m = m_pullup(m, len);
512 carpstats.carps_hdrops++;
513 CARP_LOG("carp_input: m_pullup failed\n");
516 ip = mtod(m, struct ip *);
518 ch = (struct carp_header *)((uint8_t *)ip + iphlen);
520 /* Verify the CARP checksum */
521 if (in_cksum_skip(m, len, iphlen)) {
522 carpstats.carps_badsum++;
523 CARP_LOG("carp_input: checksum failed on %s\n",
524 m->m_pkthdr.rcvif->if_xname);
528 carp_input_c(m, ch, AF_INET);
533 carp6_input(struct mbuf **mp, int *offp, int proto)
535 struct mbuf *m = *mp;
536 struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *);
537 struct carp_header *ch;
540 carpstats.carps_ipackets6++;
542 if (!carp_opts[CARPCTL_ALLOW]) {
544 return (IPPROTO_DONE);
547 /* check if received on a valid carp interface */
548 if (m->m_pkthdr.rcvif->if_carp == NULL) {
549 carpstats.carps_badif++;
550 CARP_LOG("carp6_input: packet received on non-carp "
552 m->m_pkthdr.rcvif->if_xname);
554 return (IPPROTO_DONE);
557 /* verify that the IP TTL is 255 */
558 if (ip6->ip6_hlim != CARP_DFLTTL) {
559 carpstats.carps_badttl++;
560 CARP_LOG("carp6_input: received ttl %d != 255 on %s\n",
562 m->m_pkthdr.rcvif->if_xname);
564 return (IPPROTO_DONE);
567 /* verify that we have a complete carp packet */
569 IP6_EXTHDR_GET(ch, struct carp_header *, m, *offp, sizeof(*ch));
571 carpstats.carps_badlen++;
572 CARP_LOG("carp6_input: packet size %u too small\n", len);
573 return (IPPROTO_DONE);
576 /* verify the CARP checksum */
577 if (in_cksum_range(m, 0, *offp, sizeof(*ch))) {
578 carpstats.carps_badsum++;
579 CARP_LOG("carp6_input: checksum failed, on %s\n",
580 m->m_pkthdr.rcvif->if_xname);
582 return (IPPROTO_DONE);
585 carp_input_c(m, ch, AF_INET6);
586 return (IPPROTO_DONE);
591 carp_input_c(struct mbuf *m, struct carp_header *ch, sa_family_t af)
593 struct ifnet *ifp = m->m_pkthdr.rcvif;
594 struct carp_softc *sc;
595 uint64_t tmp_counter;
596 struct timeval sc_tv, ch_tv;
598 /* verify that the VHID is valid on the receiving interface */
599 TAILQ_FOREACH(sc, &((struct carp_if *)ifp->if_carp)->vhif_vrs, sc_list)
600 if (sc->sc_vhid == ch->carp_vhid)
603 if (!sc || !CARP_IS_RUNNING(SC2IFP(sc))) {
604 carpstats.carps_badvhid++;
609 getmicrotime(&SC2IFP(sc)->if_lastchange);
610 SC2IFP(sc)->if_ipackets++;
611 SC2IFP(sc)->if_ibytes += m->m_pkthdr.len;
613 if (SC2IFP(sc)->if_bpf) {
614 struct ip *ip = mtod(m, struct ip *);
616 /* BPF wants net byte order */
617 ip->ip_len = htons(ip->ip_len + (ip->ip_hl << 2));
618 ip->ip_off = htons(ip->ip_off);
619 bpf_mtap(SC2IFP(sc)->if_bpf, m);
622 /* verify the CARP version. */
623 if (ch->carp_version != CARP_VERSION) {
624 carpstats.carps_badver++;
625 SC2IFP(sc)->if_ierrors++;
626 CARP_LOG("%s; invalid version %d\n",
627 SC2IFP(sc)->if_xname,
633 /* verify the hash */
634 if (carp_hmac_verify(sc, ch->carp_counter, ch->carp_md)) {
635 carpstats.carps_badauth++;
636 SC2IFP(sc)->if_ierrors++;
637 CARP_LOG("%s: incorrect hash\n", SC2IFP(sc)->if_xname);
642 tmp_counter = ntohl(ch->carp_counter[0]);
643 tmp_counter = tmp_counter<<32;
644 tmp_counter += ntohl(ch->carp_counter[1]);
646 /* XXX Replay protection goes here */
648 sc->sc_init_counter = 0;
649 sc->sc_counter = tmp_counter;
651 sc_tv.tv_sec = sc->sc_advbase;
652 if (carp_suppress_preempt && sc->sc_advskew < 240)
653 sc_tv.tv_usec = 240 * 1000000 / 256;
655 sc_tv.tv_usec = sc->sc_advskew * 1000000 / 256;
656 ch_tv.tv_sec = ch->carp_advbase;
657 ch_tv.tv_usec = ch->carp_advskew * 1000000 / 256;
659 switch (sc->sc_state) {
665 * If we receive an advertisement from a master who's going to
666 * be more frequent than us, go into BACKUP state.
668 if (timevalcmp(&sc_tv, &ch_tv, >) ||
669 timevalcmp(&sc_tv, &ch_tv, ==)) {
670 callout_stop(&sc->sc_ad_tmo);
671 CARP_DEBUG("%s: MASTER -> BACKUP "
672 "(more frequent advertisement received)\n",
673 SC2IFP(sc)->if_xname);
674 carp_set_state(sc, BACKUP);
676 carp_setroute(sc, RTM_DELETE);
682 * If we're pre-empting masters who advertise slower than us,
683 * and this one claims to be slower, treat him as down.
685 if (carp_opts[CARPCTL_PREEMPT] &&
686 timevalcmp(&sc_tv, &ch_tv, <)) {
687 CARP_DEBUG("%s: BACKUP -> MASTER "
688 "(preempting a slower master)\n",
689 SC2IFP(sc)->if_xname);
690 carp_master_down_locked(sc);
695 * If the master is going to advertise at such a low frequency
696 * that he's guaranteed to time out, we'd might as well just
697 * treat him as timed out now.
699 sc_tv.tv_sec = sc->sc_advbase * 3;
700 if (timevalcmp(&sc_tv, &ch_tv, <)) {
701 CARP_DEBUG("%s: BACKUP -> MASTER "
702 "(master timed out)\n",
703 SC2IFP(sc)->if_xname);
704 carp_master_down_locked(sc);
709 * Otherwise, we reset the counter and wait for the next
719 carp_prepare_ad(struct mbuf *m, struct carp_softc *sc, struct carp_header *ch)
722 struct ifnet *ifp = SC2IFP(sc);
724 if (sc->sc_init_counter) {
725 /* this could also be seconds since unix epoch */
726 sc->sc_counter = karc4random();
727 sc->sc_counter = sc->sc_counter << 32;
728 sc->sc_counter += karc4random();
733 ch->carp_counter[0] = htonl((sc->sc_counter>>32)&0xffffffff);
734 ch->carp_counter[1] = htonl(sc->sc_counter&0xffffffff);
736 carp_hmac_generate(sc, ch->carp_counter, ch->carp_md);
738 /* Tag packet for carp_output */
739 mtag = m_tag_get(PACKET_TAG_CARP, sizeof(struct ifnet *), MB_DONTWAIT);
742 SC2IFP(sc)->if_oerrors++;
745 bcopy(&ifp, (caddr_t)(mtag + 1), sizeof(struct ifnet *));
746 m_tag_prepend(m, mtag);
752 carp_send_ad_all(void)
754 struct carp_softc *sc;
756 LIST_FOREACH(sc, &carpif_list, sc_next) {
757 if (sc->sc_carpdev == NULL)
760 if (CARP_IS_RUNNING(SC2IFP(sc)) && sc->sc_state == MASTER)
761 carp_send_ad_locked(sc);
766 carp_send_ad(void *v)
768 struct carp_softc *sc = v;
770 carp_send_ad_locked(sc);
774 carp_send_ad_locked(struct carp_softc *sc)
776 struct carp_header ch;
778 struct carp_header *ch_ptr;
780 int len, advbase, advskew;
782 /* bow out if we've lost our UPness or RUNNINGuiness */
783 if (!CARP_IS_RUNNING(SC2IFP(sc))) {
787 advbase = sc->sc_advbase;
788 if (!carp_suppress_preempt || sc->sc_advskew > 240)
789 advskew = sc->sc_advskew;
793 tv.tv_usec = advskew * 1000000 / 256;
796 ch.carp_version = CARP_VERSION;
797 ch.carp_type = CARP_ADVERTISEMENT;
798 ch.carp_vhid = sc->sc_vhid;
799 ch.carp_advbase = advbase;
800 ch.carp_advskew = advskew;
801 ch.carp_authlen = 7; /* XXX DEFINE */
802 ch.carp_pad1 = 0; /* must be zero */
809 MGETHDR(m, M_NOWAIT, MT_HEADER);
811 SC2IFP(sc)->if_oerrors++;
812 carpstats.carps_onomem++;
813 /* XXX maybe less ? */
814 if (advbase != 255 || advskew != 255)
815 callout_reset(&sc->sc_ad_tmo, tvtohz_high(&tv),
819 len = sizeof(*ip) + sizeof(ch);
820 m->m_pkthdr.len = len;
821 m->m_pkthdr.rcvif = NULL;
823 MH_ALIGN(m, m->m_len);
824 m->m_flags |= M_MCAST;
825 ip = mtod(m, struct ip *);
826 ip->ip_v = IPVERSION;
827 ip->ip_hl = sizeof(*ip) >> 2;
828 ip->ip_tos = IPTOS_LOWDELAY;
830 ip->ip_id = ip_newid();
832 ip->ip_ttl = CARP_DFLTTL;
833 ip->ip_p = IPPROTO_CARP;
835 ip->ip_src.s_addr = sc->sc_ia->ia_addr.sin_addr.s_addr;
836 ip->ip_dst.s_addr = htonl(INADDR_CARP_GROUP);
838 ch_ptr = (struct carp_header *)(&ip[1]);
839 bcopy(&ch, ch_ptr, sizeof(ch));
840 if (carp_prepare_ad(m, sc, ch_ptr))
842 ch_ptr->carp_cksum = in_cksum_skip(m, len, sizeof(*ip));
844 getmicrotime(&SC2IFP(sc)->if_lastchange);
845 SC2IFP(sc)->if_opackets++;
846 SC2IFP(sc)->if_obytes += len;
847 carpstats.carps_opackets++;
849 if (ip_output(m, NULL, NULL, IP_RAWOUTPUT, &sc->sc_imo, NULL)) {
850 SC2IFP(sc)->if_oerrors++;
851 if (sc->sc_sendad_errors < INT_MAX)
852 sc->sc_sendad_errors++;
853 if (sc->sc_sendad_errors == CARP_SENDAD_MAX_ERRORS) {
854 carp_suppress_preempt++;
855 if (carp_suppress_preempt == 1) {
859 sc->sc_sendad_success = 0;
861 if (sc->sc_sendad_errors >= CARP_SENDAD_MAX_ERRORS) {
862 if (++sc->sc_sendad_success >=
863 CARP_SENDAD_MIN_SUCCESS) {
864 carp_suppress_preempt--;
865 sc->sc_sendad_errors = 0;
868 sc->sc_sendad_errors = 0;
877 MGETHDR(m, M_NOWAIT, MT_HEADER);
879 SC2IFP(sc)->if_oerrors++;
880 carpstats.carps_onomem++;
881 /* XXX maybe less ? */
882 if (advbase != 255 || advskew != 255)
883 callout_reset(&sc->sc_ad_tmo, tvtohz_high(&tv),
887 len = sizeof(*ip6) + sizeof(ch);
888 m->m_pkthdr.len = len;
889 m->m_pkthdr.rcvif = NULL;
891 MH_ALIGN(m, m->m_len);
892 m->m_flags |= M_MCAST;
893 ip6 = mtod(m, struct ip6_hdr *);
894 bzero(ip6, sizeof(*ip6));
895 ip6->ip6_vfc |= IPV6_VERSION;
896 ip6->ip6_hlim = CARP_DFLTTL;
897 ip6->ip6_nxt = IPPROTO_CARP;
898 bcopy(&sc->sc_ia6->ia_addr.sin6_addr, &ip6->ip6_src,
899 sizeof(struct in6_addr));
900 /* set the multicast destination */
902 ip6->ip6_dst.s6_addr16[0] = htons(0xff02);
903 ip6->ip6_dst.s6_addr8[15] = 0x12;
904 if (in6_setscope(&ip6->ip6_dst, sc->sc_carpdev, NULL) != 0) {
905 SC2IFP(sc)->if_oerrors++;
907 CARP_LOG("%s: in6_setscope failed\n", __func__);
911 ch_ptr = (struct carp_header *)(&ip6[1]);
912 bcopy(&ch, ch_ptr, sizeof(ch));
913 if (carp_prepare_ad(m, sc, ch_ptr))
915 ch_ptr->carp_cksum = in_cksum_skip(m, len, sizeof(*ip6));
917 getmicrotime(&SC2IFP(sc)->if_lastchange);
918 SC2IFP(sc)->if_opackets++;
919 SC2IFP(sc)->if_obytes += len;
920 carpstats.carps_opackets6++;
922 if (ip6_output(m, NULL, NULL, 0, &sc->sc_im6o, NULL, NULL)) {
923 SC2IFP(sc)->if_oerrors++;
924 if (sc->sc_sendad_errors < INT_MAX)
925 sc->sc_sendad_errors++;
926 if (sc->sc_sendad_errors == CARP_SENDAD_MAX_ERRORS) {
927 carp_suppress_preempt++;
928 if (carp_suppress_preempt == 1) {
932 sc->sc_sendad_success = 0;
934 if (sc->sc_sendad_errors >= CARP_SENDAD_MAX_ERRORS) {
935 if (++sc->sc_sendad_success >=
936 CARP_SENDAD_MIN_SUCCESS) {
937 carp_suppress_preempt--;
938 sc->sc_sendad_errors = 0;
941 sc->sc_sendad_errors = 0;
947 if (advbase != 255 || advskew != 255)
948 callout_reset(&sc->sc_ad_tmo, tvtohz_high(&tv),
953 * Broadcast a gratuitous ARP request containing
954 * the virtual router MAC address for each IP address
955 * associated with the virtual router.
958 carp_send_arp(struct carp_softc *sc)
960 struct ifaddr_container *ifac;
962 TAILQ_FOREACH(ifac, &SC2IFP(sc)->if_addrheads[mycpuid], ifa_link) {
963 struct ifaddr *ifa = ifac->ifa;
965 if (ifa->ifa_addr->sa_family != AF_INET)
967 arp_ifinit2(sc->sc_carpdev, ifa, IF_LLADDR(sc->sc_ifp));
969 DELAY(1000); /* XXX */
975 carp_send_na(struct carp_softc *sc)
977 struct ifaddr_container *ifac;
978 struct in6_addr *in6;
979 static struct in6_addr mcast = IN6ADDR_LINKLOCAL_ALLNODES_INIT;
981 TAILQ_FOREACH(ifac, &SC2IFP(sc)->if_addrheads[mycpuid], ifa_link) {
982 struct ifaddr *ifa = ifac->ifa;
984 if (ifa->ifa_addr->sa_family != AF_INET6)
987 in6 = &ifatoia6(ifa)->ia_addr.sin6_addr;
988 nd6_na_output(sc->sc_carpdev, &mcast, in6,
989 ND_NA_FLAG_OVERRIDE, 1, NULL);
990 DELAY(1000); /* XXX */
996 carp_addrcount(struct carp_if *cif, struct in_ifaddr *ia, int type)
998 struct carp_softc *vh;
1001 TAILQ_FOREACH(vh, &cif->vhif_vrs, sc_list) {
1002 if ((type == CARP_COUNT_RUNNING &&
1003 CARP_IS_RUNNING(SC2IFP(vh))) ||
1004 (type == CARP_COUNT_MASTER && vh->sc_state == MASTER)) {
1005 struct ifaddr_container *ifac;
1007 TAILQ_FOREACH(ifac, &SC2IFP(vh)->if_addrheads[mycpuid],
1009 struct ifaddr *ifa = ifac->ifa;
1011 if (ifa->ifa_addr->sa_family == AF_INET &&
1012 ia->ia_addr.sin_addr.s_addr ==
1013 ifatoia(ifa)->ia_addr.sin_addr.s_addr)
1022 carp_iamatch(void *v, struct in_ifaddr *ia,
1023 struct in_addr *isaddr, uint8_t **enaddr)
1025 struct carp_if *cif = v;
1026 struct carp_softc *vh;
1027 int index, count = 0;
1029 if (carp_opts[CARPCTL_ARPBALANCE]) {
1031 * XXX proof of concept implementation.
1032 * We use the source ip to decide which virtual host should
1033 * handle the request. If we're master of that virtual host,
1034 * then we respond, otherwise, just drop the arp packet on
1037 count = carp_addrcount(cif, ia, CARP_COUNT_RUNNING);
1039 /* should never reach this */
1043 /* this should be a hash, like pf_hash() */
1044 index = ntohl(isaddr->s_addr) % count;
1047 TAILQ_FOREACH(vh, &cif->vhif_vrs, sc_list) {
1048 if (CARP_IS_RUNNING(SC2IFP(vh))) {
1049 struct ifaddr_container *ifac;
1052 &SC2IFP(vh)->if_addrheads[mycpuid], ifa_link) {
1053 struct ifaddr *ifa = ifac->ifa;
1055 if (ifa->ifa_addr->sa_family ==
1057 ia->ia_addr.sin_addr.s_addr ==
1058 ifatoia(ifa)->ia_addr.sin_addr.s_addr) {
1059 if (count == index) {
1060 if (vh->sc_state == MASTER) {
1061 *enaddr = IF_LLADDR(vh->sc_ifp);
1073 TAILQ_FOREACH(vh, &cif->vhif_vrs, sc_list) {
1074 if (CARP_IS_RUNNING(SC2IFP(vh)) &&
1075 vh->sc_state == MASTER) {
1076 *enaddr = IF_LLADDR(vh->sc_ifp);
1086 carp_iamatch6(void *v, struct in6_addr *taddr)
1088 struct carp_if *cif = v;
1089 struct carp_softc *vh;
1091 TAILQ_FOREACH(vh, &cif->vhif_vrs, sc_list) {
1092 struct ifaddr_container *ifac;
1094 TAILQ_FOREACH(ifac, &SC2IFP(vh)->if_addrheads[mycpuid],
1096 struct ifaddr *ifa = ifac->ifa;
1098 if (IN6_ARE_ADDR_EQUAL(taddr,
1099 &ifatoia6(ifa)->ia_addr.sin6_addr) &&
1100 CARP_IS_RUNNING(SC2IFP(vh)) &&
1101 vh->sc_state == MASTER) {
1110 carp_macmatch6(void *v, struct mbuf *m, const struct in6_addr *taddr)
1113 struct carp_if *cif = v;
1114 struct carp_softc *sc;
1116 TAILQ_FOREACH(sc, &cif->vhif_vrs, sc_list) {
1117 struct ifaddr_container *ifac;
1119 TAILQ_FOREACH(ifac, &SC2IFP(sc)->if_addrheads[mycpuid],
1121 struct ifaddr *ifa = ifac->ifa;
1123 if (IN6_ARE_ADDR_EQUAL(taddr,
1124 &ifatoia6(ifa)->ia_addr.sin6_addr) &&
1125 CARP_IS_RUNNING(SC2IFP(sc))) {
1126 struct ifnet *ifp = SC2IFP(sc);
1127 mtag = m_tag_get(PACKET_TAG_CARP,
1128 sizeof(struct ifnet *), MB_DONTWAIT);
1130 /* better a bit than nothing */
1131 return (IF_LLADDR(sc->sc_ifp));
1133 bcopy(&ifp, (caddr_t)(mtag + 1),
1134 sizeof(struct ifnet *));
1135 m_tag_prepend(m, mtag);
1137 return (IF_LLADDR(sc->sc_ifp));
1146 carp_forus(void *v, void *dhost)
1148 struct carp_if *cif = v;
1149 struct carp_softc *vh;
1150 uint8_t *ena = dhost;
1153 * XXX: See here for check on MAC adr is not for virtual use
1157 if (ena[0] || ena[1] || ena[2] != 0x5e || ena[3] || ena[4] != 1)
1160 TAILQ_FOREACH(vh, &cif->vhif_vrs, sc_list) {
1161 if (CARP_IS_RUNNING(SC2IFP(vh)) && vh->sc_state == MASTER &&
1162 !bcmp(dhost, IF_LLADDR(vh->sc_ifp), ETHER_ADDR_LEN)) {
1163 return (SC2IFP(vh));
1170 carp_master_down(void *v)
1172 struct carp_softc *sc = v;
1174 lwkt_serialize_enter(sc->sc_ifp->if_serializer);
1175 carp_master_down_locked(sc);
1176 lwkt_serialize_exit(sc->sc_ifp->if_serializer);
1180 carp_master_down_locked(struct carp_softc *sc)
1182 switch (sc->sc_state) {
1184 kprintf("%s: master_down event in INIT state\n",
1185 SC2IFP(sc)->if_xname);
1192 carp_set_state(sc, MASTER);
1193 carp_send_ad_locked(sc);
1199 carp_setroute(sc, RTM_ADD);
1205 * When in backup state, af indicates whether to reset the master down timer
1206 * for v4 or v6. If it's set to zero, reset the ones which are already pending.
1209 carp_setrun(struct carp_softc *sc, sa_family_t af)
1213 if (sc->sc_carpdev == NULL) {
1214 SC2IFP(sc)->if_flags &= ~IFF_RUNNING;
1215 carp_set_state(sc, INIT);
1219 if (SC2IFP(sc)->if_flags & IFF_UP &&
1220 sc->sc_vhid > 0 && (sc->sc_naddrs || sc->sc_naddrs6)) {
1221 SC2IFP(sc)->if_flags |= IFF_RUNNING;
1223 SC2IFP(sc)->if_flags &= ~IFF_RUNNING;
1224 carp_setroute(sc, RTM_DELETE);
1228 switch (sc->sc_state) {
1230 if (carp_opts[CARPCTL_PREEMPT] && !carp_suppress_preempt) {
1231 carp_send_ad_locked(sc);
1236 CARP_DEBUG("%s: INIT -> MASTER (preempting)\n",
1237 SC2IFP(sc)->if_xname);
1238 carp_set_state(sc, MASTER);
1239 carp_setroute(sc, RTM_ADD);
1241 CARP_DEBUG("%s: INIT -> BACKUP\n",
1242 SC2IFP(sc)->if_xname);
1243 carp_set_state(sc, BACKUP);
1244 carp_setroute(sc, RTM_DELETE);
1250 callout_stop(&sc->sc_ad_tmo);
1251 tv.tv_sec = 3 * sc->sc_advbase;
1252 tv.tv_usec = sc->sc_advskew * 1000000 / 256;
1256 callout_reset(&sc->sc_md_tmo, tvtohz_high(&tv),
1257 carp_master_down, sc);
1262 callout_reset(&sc->sc_md6_tmo, tvtohz_high(&tv),
1263 carp_master_down, sc);
1268 callout_reset(&sc->sc_md_tmo, tvtohz_high(&tv),
1269 carp_master_down, sc);
1271 callout_reset(&sc->sc_md6_tmo, tvtohz_high(&tv),
1272 carp_master_down, sc);
1278 tv.tv_sec = sc->sc_advbase;
1279 tv.tv_usec = sc->sc_advskew * 1000000 / 256;
1280 callout_reset(&sc->sc_ad_tmo, tvtohz_high(&tv),
1287 carp_multicast_cleanup(struct carp_softc *sc)
1289 struct ip_moptions *imo = &sc->sc_imo;
1290 uint16_t n = imo->imo_num_memberships;
1292 /* Clean up our own multicast memberships */
1294 if (imo->imo_membership[n] != NULL) {
1295 in_delmulti(imo->imo_membership[n]);
1296 imo->imo_membership[n] = NULL;
1299 imo->imo_num_memberships = 0;
1300 imo->imo_multicast_ifp = NULL;
1305 carp_multicast6_cleanup(struct carp_softc *sc)
1307 struct ip6_moptions *im6o = &sc->sc_im6o;
1309 while (!LIST_EMPTY(&im6o->im6o_memberships)) {
1310 struct in6_multi_mship *imm =
1311 LIST_FIRST(&im6o->im6o_memberships);
1313 LIST_REMOVE(imm, i6mm_chain);
1314 in6_leavegroup(imm);
1316 im6o->im6o_multicast_ifp = NULL;
1321 carp_set_addr(struct carp_softc *sc, struct sockaddr_in *sin)
1324 struct carp_if *cif;
1325 struct in_ifaddr *ia, *ia_if;
1326 struct in_ifaddr_container *iac;
1327 struct ip_moptions *imo = &sc->sc_imo;
1328 struct in_addr addr;
1329 u_long iaddr = htonl(sin->sin_addr.s_addr);
1332 if (sin->sin_addr.s_addr == 0) {
1333 if (!(SC2IFP(sc)->if_flags & IFF_UP))
1334 carp_set_state(sc, INIT);
1336 SC2IFP(sc)->if_flags |= IFF_UP;
1340 /* we have to do it by hands to check we won't match on us */
1341 ia_if = NULL; own = 0;
1342 TAILQ_FOREACH(iac, &in_ifaddrheads[mycpuid], ia_link) {
1345 /* and, yeah, we need a multicast-capable iface too */
1346 if (ia->ia_ifp != SC2IFP(sc) &&
1347 (ia->ia_ifp->if_flags & IFF_MULTICAST) &&
1348 (iaddr & ia->ia_subnetmask) == ia->ia_subnet) {
1351 if (sin->sin_addr.s_addr ==
1352 ia->ia_addr.sin_addr.s_addr)
1358 return (EADDRNOTAVAIL);
1363 if (ifp == NULL || (ifp->if_flags & IFF_MULTICAST) == 0 ||
1364 (imo->imo_multicast_ifp && imo->imo_multicast_ifp != ifp))
1365 return (EADDRNOTAVAIL);
1367 if (imo->imo_num_memberships == 0) {
1368 addr.s_addr = htonl(INADDR_CARP_GROUP);
1369 if ((imo->imo_membership[0] = in_addmulti(&addr, ifp)) == NULL)
1371 imo->imo_num_memberships++;
1372 imo->imo_multicast_ifp = ifp;
1373 imo->imo_multicast_ttl = CARP_DFLTTL;
1374 imo->imo_multicast_loop = 0;
1377 if (!ifp->if_carp) {
1378 MALLOC(cif, struct carp_if *, sizeof(*cif), M_CARP,
1380 if ((error = ifpromisc(ifp, 1))) {
1385 cif->vhif_ifp = ifp;
1386 TAILQ_INIT(&cif->vhif_vrs);
1389 struct carp_softc *vr;
1391 cif = (struct carp_if *)ifp->if_carp;
1392 TAILQ_FOREACH(vr, &cif->vhif_vrs, sc_list) {
1393 if (vr != sc && vr->sc_vhid == sc->sc_vhid) {
1400 sc->sc_carpdev = ifp;
1402 { /* XXX prevent endless loop if already in queue */
1403 struct carp_softc *vr, *after = NULL;
1405 cif = (struct carp_if *)ifp->if_carp;
1407 TAILQ_FOREACH(vr, &cif->vhif_vrs, sc_list) {
1410 if (vr->sc_vhid < sc->sc_vhid)
1415 /* We're trying to keep things in order */
1417 TAILQ_INSERT_TAIL(&cif->vhif_vrs, sc, sc_list);
1419 TAILQ_INSERT_AFTER(&cif->vhif_vrs, after, sc, sc_list);
1425 SC2IFP(sc)->if_flags |= IFF_UP;
1429 carp_sc_state_locked(sc);
1435 in_delmulti(imo->imo_membership[--imo->imo_num_memberships]);
1440 carp_del_addr(struct carp_softc *sc, struct sockaddr_in *sin)
1444 if (!--sc->sc_naddrs) {
1445 struct carp_if *cif = (struct carp_if *)sc->sc_carpdev->if_carp;
1446 struct ip_moptions *imo = &sc->sc_imo;
1448 callout_stop(&sc->sc_ad_tmo);
1449 SC2IFP(sc)->if_flags &= ~(IFF_UP | IFF_RUNNING);
1451 in_delmulti(imo->imo_membership[--imo->imo_num_memberships]);
1452 imo->imo_multicast_ifp = NULL;
1453 TAILQ_REMOVE(&cif->vhif_vrs, sc, sc_list);
1454 if (!--cif->vhif_nvrs) {
1455 sc->sc_carpdev->if_carp = NULL;
1456 FREE(cif, M_IFADDR);
1464 carp_set_addr6(struct carp_softc *sc, struct sockaddr_in6 *sin6)
1467 struct carp_if *cif;
1468 struct in6_ifaddr *ia, *ia_if;
1469 struct ip6_moptions *im6o = &sc->sc_im6o;
1470 struct in6_multi_mship *imm;
1471 struct in6_addr in6;
1474 if (IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) {
1475 if (!(SC2IFP(sc)->if_flags & IFF_UP))
1476 carp_set_state(sc, INIT);
1478 SC2IFP(sc)->if_flags |= IFF_UP;
1483 /* we have to do it by hands to check we won't match on us */
1484 ia_if = NULL; own = 0;
1485 for (ia = in6_ifaddr; ia; ia = ia->ia_next) {
1488 for (i = 0; i < 4; i++) {
1489 if ((sin6->sin6_addr.s6_addr32[i] &
1490 ia->ia_prefixmask.sin6_addr.s6_addr32[i]) !=
1491 (ia->ia_addr.sin6_addr.s6_addr32[i] &
1492 ia->ia_prefixmask.sin6_addr.s6_addr32[i]))
1495 /* and, yeah, we need a multicast-capable iface too */
1496 if (ia->ia_ifp != SC2IFP(sc) &&
1497 (ia->ia_ifp->if_flags & IFF_MULTICAST) &&
1501 if (IN6_ARE_ADDR_EQUAL(&sin6->sin6_addr,
1502 &ia->ia_addr.sin6_addr))
1508 return (EADDRNOTAVAIL);
1512 if (ifp == NULL || (ifp->if_flags & IFF_MULTICAST) == 0 ||
1513 (im6o->im6o_multicast_ifp && im6o->im6o_multicast_ifp != ifp))
1514 return (EADDRNOTAVAIL);
1516 if (!sc->sc_naddrs6) {
1517 im6o->im6o_multicast_ifp = ifp;
1519 /* join CARP multicast address */
1520 bzero(&in6, sizeof(in6));
1521 in6.s6_addr16[0] = htons(0xff02);
1522 in6.s6_addr8[15] = 0x12;
1523 if (in6_setscope(&in6, ifp, NULL) != 0)
1525 if ((imm = in6_joingroup(ifp, &in6, &error)) == NULL)
1527 LIST_INSERT_HEAD(&im6o->im6o_memberships, imm, i6mm_chain);
1529 /* join solicited multicast address */
1530 bzero(&in6, sizeof(in6));
1531 in6.s6_addr16[0] = htons(0xff02);
1532 in6.s6_addr32[1] = 0;
1533 in6.s6_addr32[2] = htonl(1);
1534 in6.s6_addr32[3] = sin6->sin6_addr.s6_addr32[3];
1535 in6.s6_addr8[12] = 0xff;
1536 if (in6_setscope(&in6, ifp, NULL) != 0)
1538 if ((imm = in6_joingroup(ifp, &in6, &error)) == NULL)
1540 LIST_INSERT_HEAD(&im6o->im6o_memberships, imm, i6mm_chain);
1543 if (!ifp->if_carp) {
1544 MALLOC(cif, struct carp_if *, sizeof(*cif), M_CARP,
1546 if ((error = ifpromisc(ifp, 1))) {
1551 cif->vhif_ifp = ifp;
1552 TAILQ_INIT(&cif->vhif_vrs);
1555 struct carp_softc *vr;
1557 cif = (struct carp_if *)ifp->if_carp;
1558 TAILQ_FOREACH(vr, &cif->vhif_vrs, sc_list) {
1559 if (vr != sc && vr->sc_vhid == sc->sc_vhid) {
1566 sc->sc_carpdev = ifp;
1568 { /* XXX prevent endless loop if already in queue */
1569 struct carp_softc *vr, *after = NULL;
1571 cif = (struct carp_if *)ifp->if_carp;
1573 TAILQ_FOREACH(vr, &cif->vhif_vrs, sc_list) {
1576 if (vr->sc_vhid < sc->sc_vhid)
1581 /* We're trying to keep things in order */
1583 TAILQ_INSERT_TAIL(&cif->vhif_vrs, sc, sc_list);
1585 TAILQ_INSERT_AFTER(&cif->vhif_vrs, after, sc, sc_list);
1591 SC2IFP(sc)->if_flags |= IFF_UP;
1594 carp_sc_state_locked(sc);
1600 /* clean up multicast memberships */
1601 if (!sc->sc_naddrs6) {
1602 while (!LIST_EMPTY(&im6o->im6o_memberships)) {
1603 imm = LIST_FIRST(&im6o->im6o_memberships);
1604 LIST_REMOVE(imm, i6mm_chain);
1605 in6_leavegroup(imm);
1612 carp_del_addr6(struct carp_softc *sc, struct sockaddr_in6 *sin6)
1616 if (!--sc->sc_naddrs6) {
1617 struct carp_if *cif = (struct carp_if *)sc->sc_carpdev->if_carp;
1618 struct ip6_moptions *im6o = &sc->sc_im6o;
1620 callout_stop(&sc->sc_ad_tmo);
1621 SC2IFP(sc)->if_flags &= ~(IFF_UP | IFF_RUNNING);
1623 while (!LIST_EMPTY(&im6o->im6o_memberships)) {
1624 struct in6_multi_mship *imm =
1625 LIST_FIRST(&im6o->im6o_memberships);
1627 LIST_REMOVE(imm, i6mm_chain);
1628 in6_leavegroup(imm);
1630 im6o->im6o_multicast_ifp = NULL;
1631 TAILQ_REMOVE(&cif->vhif_vrs, sc, sc_list);
1632 if (!--cif->vhif_nvrs) {
1633 sc->sc_carpdev->if_carp = NULL;
1634 FREE(cif, M_IFADDR);
1642 carp_ioctl(struct ifnet *ifp, u_long cmd, caddr_t addr, struct ucred *cr)
1644 struct carp_softc *sc = ifp->if_softc, *vr;
1645 struct carpreq carpr;
1648 struct ifaliasreq *ifra;
1651 ifa = (struct ifaddr *)addr;
1652 ifra = (struct ifaliasreq *)addr;
1653 ifr = (struct ifreq *)addr;
1657 switch (ifa->ifa_addr->sa_family) {
1660 SC2IFP(sc)->if_flags |= IFF_UP;
1661 bcopy(ifa->ifa_addr, ifa->ifa_dstaddr,
1662 sizeof(struct sockaddr));
1663 error = carp_set_addr(sc, satosin(ifa->ifa_addr));
1668 SC2IFP(sc)->if_flags |= IFF_UP;
1669 error = carp_set_addr6(sc, satosin6(ifa->ifa_addr));
1673 error = EAFNOSUPPORT;
1679 switch (ifa->ifa_addr->sa_family) {
1682 SC2IFP(sc)->if_flags |= IFF_UP;
1683 bcopy(ifa->ifa_addr, ifa->ifa_dstaddr,
1684 sizeof(struct sockaddr));
1685 error = carp_set_addr(sc, satosin(&ifra->ifra_addr));
1690 SC2IFP(sc)->if_flags |= IFF_UP;
1691 error = carp_set_addr6(sc, satosin6(&ifra->ifra_addr));
1695 error = EAFNOSUPPORT;
1701 switch (ifa->ifa_addr->sa_family) {
1704 error = carp_del_addr(sc, satosin(&ifra->ifra_addr));
1709 error = carp_del_addr6(sc, satosin6(&ifra->ifra_addr));
1713 error = EAFNOSUPPORT;
1719 if (sc->sc_state != INIT && !(ifr->ifr_flags & IFF_UP)) {
1720 callout_stop(&sc->sc_ad_tmo);
1721 callout_stop(&sc->sc_md_tmo);
1722 callout_stop(&sc->sc_md6_tmo);
1723 if (sc->sc_state == MASTER)
1724 carp_send_ad_locked(sc);
1725 carp_set_state(sc, INIT);
1727 } else if (sc->sc_state == INIT && (ifr->ifr_flags & IFF_UP)) {
1728 SC2IFP(sc)->if_flags |= IFF_UP;
1734 error = suser_cred(cr, NULL_CRED_OKAY);
1737 if ((error = copyin(ifr->ifr_data, &carpr, sizeof carpr)))
1740 if (sc->sc_state != INIT && carpr.carpr_state != sc->sc_state) {
1741 switch (carpr.carpr_state) {
1743 callout_stop(&sc->sc_ad_tmo);
1744 carp_set_state(sc, BACKUP);
1746 carp_setroute(sc, RTM_DELETE);
1750 carp_master_down_locked(sc);
1757 if (carpr.carpr_vhid > 0) {
1758 if (carpr.carpr_vhid > 255) {
1762 if (sc->sc_carpdev) {
1763 struct carp_if *cif;
1764 cif = (struct carp_if *)sc->sc_carpdev->if_carp;
1765 TAILQ_FOREACH(vr, &cif->vhif_vrs, sc_list) {
1767 vr->sc_vhid == carpr.carpr_vhid)
1771 sc->sc_vhid = carpr.carpr_vhid;
1772 IF_LLADDR(sc->sc_ifp)[0] = 0;
1773 IF_LLADDR(sc->sc_ifp)[1] = 0;
1774 IF_LLADDR(sc->sc_ifp)[2] = 0x5e;
1775 IF_LLADDR(sc->sc_ifp)[3] = 0;
1776 IF_LLADDR(sc->sc_ifp)[4] = 1;
1777 IF_LLADDR(sc->sc_ifp)[5] = sc->sc_vhid;
1780 if (carpr.carpr_advbase > 0 || carpr.carpr_advskew > 0) {
1781 if (carpr.carpr_advskew >= 255) {
1785 if (carpr.carpr_advbase > 255) {
1789 sc->sc_advbase = carpr.carpr_advbase;
1790 sc->sc_advskew = carpr.carpr_advskew;
1793 bcopy(carpr.carpr_key, sc->sc_key, sizeof(sc->sc_key));
1803 bzero(&carpr, sizeof(carpr));
1804 carpr.carpr_state = sc->sc_state;
1805 carpr.carpr_vhid = sc->sc_vhid;
1806 carpr.carpr_advbase = sc->sc_advbase;
1807 carpr.carpr_advskew = sc->sc_advskew;
1808 error = suser_cred(cr, NULL_CRED_OKAY);
1810 bcopy(sc->sc_key, carpr.carpr_key,
1811 sizeof(carpr.carpr_key));
1813 error = copyout(&carpr, ifr->ifr_data, sizeof(carpr));
1819 carp_hmac_prepare(sc);
1824 * XXX: this is looutput. We should eventually use it from there.
1827 carp_looutput(struct ifnet *ifp, struct mbuf *m, struct sockaddr *dst,
1832 M_ASSERTPKTHDR(m); /* check if we have the packet header */
1834 if (rt && rt->rt_flags & (RTF_REJECT|RTF_BLACKHOLE)) {
1836 return (rt->rt_flags & RTF_BLACKHOLE ? 0 :
1837 rt->rt_flags & RTF_HOST ? EHOSTUNREACH : ENETUNREACH);
1841 ifp->if_obytes += m->m_pkthdr.len;
1843 /* BPF writes need to be handled specially. */
1844 if (dst->sa_family == AF_UNSPEC) {
1845 bcopy(dst->sa_data, &af, sizeof(af));
1846 dst->sa_family = af;
1850 switch (dst->sa_family) {
1859 return (EAFNOSUPPORT);
1862 return (if_simloop(ifp, m, dst->sa_family, 0));
1866 * Start output on carp interface. This function should never be called.
1869 carp_start(struct ifnet *ifp)
1872 kprintf("%s: start called\n", ifp->if_xname);
1877 carp_output(struct ifnet *ifp, struct mbuf *m, struct sockaddr *sa,
1881 struct carp_softc *sc;
1882 struct ifnet *carp_ifp;
1883 struct ether_header *eh;
1888 switch (sa->sa_family) {
1901 mtag = m_tag_find(m, PACKET_TAG_CARP, NULL);
1905 bcopy(mtag + 1, &carp_ifp, sizeof(struct ifnet *));
1906 sc = carp_ifp->if_softc;
1908 /* Set the source MAC address to Virtual Router MAC Address */
1909 switch (ifp->if_type) {
1912 eh = mtod(m, struct ether_header *);
1913 eh->ether_shost[0] = 0;
1914 eh->ether_shost[1] = 0;
1915 eh->ether_shost[2] = 0x5e;
1916 eh->ether_shost[3] = 0;
1917 eh->ether_shost[4] = 1;
1918 eh->ether_shost[5] = sc->sc_vhid;
1922 if_printf(ifp, "carp is not supported for this "
1923 "interface type\n");
1924 return (EOPNOTSUPP);
1930 carp_set_state(struct carp_softc *sc, int state)
1932 if (sc->sc_state == state)
1935 sc->sc_state = state;
1938 SC2IFP(sc)->if_link_state = LINK_STATE_DOWN;
1942 SC2IFP(sc)->if_link_state = LINK_STATE_UP;
1946 SC2IFP(sc)->if_link_state = LINK_STATE_UNKNOWN;
1949 rt_ifmsg(SC2IFP(sc));
1953 carp_carpdev_state(void *v)
1955 struct carp_if *cif = v;
1957 carp_carpdev_state_locked(cif);
1961 carp_carpdev_state_locked(struct carp_if *cif)
1963 struct carp_softc *sc;
1965 TAILQ_FOREACH(sc, &cif->vhif_vrs, sc_list)
1966 carp_sc_state_locked(sc);
1970 carp_sc_state_locked(struct carp_softc *sc)
1972 if (!(sc->sc_carpdev->if_flags & IFF_UP)) {
1973 sc->sc_flags_backup = SC2IFP(sc)->if_flags;
1974 SC2IFP(sc)->if_flags &= ~(IFF_UP | IFF_RUNNING);
1975 callout_stop(&sc->sc_ad_tmo);
1976 callout_stop(&sc->sc_md_tmo);
1977 callout_stop(&sc->sc_md6_tmo);
1978 carp_set_state(sc, INIT);
1980 if (!sc->sc_suppress) {
1981 carp_suppress_preempt++;
1982 if (carp_suppress_preempt == 1)
1985 sc->sc_suppress = 1;
1987 SC2IFP(sc)->if_flags |= sc->sc_flags_backup;
1988 carp_set_state(sc, INIT);
1990 if (sc->sc_suppress)
1991 carp_suppress_preempt--;
1992 sc->sc_suppress = 0;
1997 carp_modevent(module_t mod, int type, void *data)
2001 LIST_INIT(&carpif_list);
2002 carp_ifdetach_event =
2003 EVENTHANDLER_REGISTER(ifnet_detach_event, carp_ifdetach, NULL,
2004 EVENTHANDLER_PRI_ANY);
2005 if_clone_attach(&carp_cloner);
2009 EVENTHANDLER_DEREGISTER(ifnet_detach_event,
2010 carp_ifdetach_event);
2011 if_clone_detach(&carp_cloner);
2020 static moduledata_t carp_mod = {
2025 DECLARE_MODULE(carp, carp_mod, SI_SUB_PSEUDO, SI_ORDER_ANY);
projects / dragonfly.git / blob