2 * SPDX-License-Identifier: BSD-2-Clause
4 * Copyright (c) 2002 Michael Shalayeff.
5 * Copyright (c) 2003 Ryan McBride.
6 * Copyright (c) 2011 Gleb Smirnoff <glebius@FreeBSD.org>
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in the
16 * documentation and/or other materials provided with the distribution.
18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
19 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
21 * IN NO EVENT SHALL THE AUTHOR OR HIS RELATIVES BE LIABLE FOR ANY DIRECT,
22 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
23 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
24 * SERVICES; LOSS OF MIND, USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
27 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
28 * THE POSSIBILITY OF SUCH DAMAGE.
31 #include "opt_netlink.h"
33 #include <sys/cdefs.h>
34 __FBSDID("$FreeBSD$");
38 #include "opt_inet6.h"
40 #include <sys/param.h>
41 #include <sys/systm.h>
42 #include <sys/devctl.h>
44 #include <sys/kernel.h>
45 #include <sys/limits.h>
46 #include <sys/malloc.h>
48 #include <sys/module.h>
51 #include <sys/socket.h>
52 #include <sys/sockio.h>
53 #include <sys/sysctl.h>
54 #include <sys/syslog.h>
55 #include <sys/taskqueue.h>
56 #include <sys/counter.h>
58 #include <net/ethernet.h>
60 #include <net/if_var.h>
61 #include <net/if_dl.h>
62 #include <net/if_llatbl.h>
63 #include <net/if_private.h>
64 #include <net/if_types.h>
65 #include <net/route.h>
68 #if defined(INET) || defined(INET6)
69 #include <netinet/in.h>
70 #include <netinet/in_var.h>
71 #include <netinet/ip_carp.h>
72 #include <netinet/ip_carp_nl.h>
73 #include <netinet/ip.h>
74 #include <machine/in_cksum.h>
77 #include <netinet/ip_var.h>
78 #include <netinet/if_ether.h>
82 #include <netinet/icmp6.h>
83 #include <netinet/ip6.h>
84 #include <netinet6/in6_var.h>
85 #include <netinet6/ip6_var.h>
86 #include <netinet6/scope6_var.h>
87 #include <netinet6/nd6.h>
90 #include <netlink/netlink.h>
91 #include <netlink/netlink_ctl.h>
92 #include <netlink/netlink_generic.h>
93 #include <netlink/netlink_message_parser.h>
95 #include <crypto/sha1.h>
97 static MALLOC_DEFINE(M_CARP, "CARP", "CARP addresses");
100 struct ifnet *sc_carpdev; /* Pointer to parent ifnet. */
101 struct ifaddr **sc_ifas; /* Our ifaddrs. */
102 struct sockaddr_dl sc_addr; /* Our link level address. */
103 struct callout sc_ad_tmo; /* Advertising timeout. */
105 struct callout sc_md_tmo; /* Master down timeout. */
108 struct callout sc_md6_tmo; /* XXX: Master down timeout. */
115 struct in_addr sc_carpaddr;
116 struct in6_addr sc_carpaddr6;
121 enum { INIT = 0, BACKUP, MASTER } sc_state;
123 int sc_sendad_errors;
124 #define CARP_SENDAD_MAX_ERRORS 3
125 int sc_sendad_success;
126 #define CARP_SENDAD_MIN_SUCCESS 3
132 #define CARP_HMAC_PAD 64
133 unsigned char sc_key[CARP_KEY_LEN];
134 unsigned char sc_pad[CARP_HMAC_PAD];
137 TAILQ_ENTRY(carp_softc) sc_list; /* On the carp_if list. */
138 LIST_ENTRY(carp_softc) sc_next; /* On the global list. */
148 TAILQ_HEAD(, carp_softc) cif_vrs;
150 struct ip_moptions cif_imo;
153 struct ip6_moptions cif_im6o;
155 struct ifnet *cif_ifp;
158 #define CIF_PROMISC 0x00000001
161 /* Kernel equivalent of struct carpreq, but with more fields for new features.
169 unsigned char carpr_key[CARP_KEY_LEN];
170 /* Everything above this is identical to carpreq */
171 struct in_addr carpr_addr;
172 struct in6_addr carpr_addr6;
176 * Brief design of carp(4).
178 * Any carp-capable ifnet may have a list of carp softcs hanging off
179 * its ifp->if_carp pointer. Each softc represents one unique virtual
180 * host id, or vhid. The softc has a back pointer to the ifnet. All
181 * softcs are joined in a global list, which has quite limited use.
183 * Any interface address that takes part in CARP negotiation has a
184 * pointer to the softc of its vhid, ifa->ifa_carp. That could be either
185 * AF_INET or AF_INET6 address.
187 * Although, one can get the softc's backpointer to ifnet and traverse
188 * through its ifp->if_addrhead queue to find all interface addresses
189 * involved in CARP, we keep a growable array of ifaddr pointers. This
190 * allows us to avoid grabbing the IF_ADDR_LOCK() in many traversals that
191 * do calls into the network stack, thus avoiding LORs.
195 * Each softc has a lock sc_mtx. It is used to synchronise carp_input_c(),
196 * callout-driven events and ioctl()s.
198 * To traverse the list of softcs on an ifnet we use CIF_LOCK() or carp_sx.
199 * To traverse the global list we use the mutex carp_mtx.
201 * Known issues with locking:
203 * - Sending ad, we put the pointer to the softc in an mtag, and no reference
204 * counting is done on the softc.
205 * - On module unload we may race (?) with packet processing thread
206 * dereferencing our function pointers.
209 /* Accept incoming CARP packets. */
210 VNET_DEFINE_STATIC(int, carp_allow) = 1;
211 #define V_carp_allow VNET(carp_allow)
213 /* Set DSCP in outgoing CARP packets. */
214 VNET_DEFINE_STATIC(int, carp_dscp) = 56;
215 #define V_carp_dscp VNET(carp_dscp)
217 /* Preempt slower nodes. */
218 VNET_DEFINE_STATIC(int, carp_preempt) = 0;
219 #define V_carp_preempt VNET(carp_preempt)
222 VNET_DEFINE_STATIC(int, carp_log) = 1;
223 #define V_carp_log VNET(carp_log)
225 /* Global advskew demotion. */
226 VNET_DEFINE_STATIC(int, carp_demotion) = 0;
227 #define V_carp_demotion VNET(carp_demotion)
229 /* Send error demotion factor. */
230 VNET_DEFINE_STATIC(int, carp_senderr_adj) = CARP_MAXSKEW;
231 #define V_carp_senderr_adj VNET(carp_senderr_adj)
233 /* Iface down demotion factor. */
234 VNET_DEFINE_STATIC(int, carp_ifdown_adj) = CARP_MAXSKEW;
235 #define V_carp_ifdown_adj VNET(carp_ifdown_adj)
237 static int carp_allow_sysctl(SYSCTL_HANDLER_ARGS);
238 static int carp_dscp_sysctl(SYSCTL_HANDLER_ARGS);
239 static int carp_demote_adj_sysctl(SYSCTL_HANDLER_ARGS);
241 SYSCTL_NODE(_net_inet, IPPROTO_CARP, carp, CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
243 SYSCTL_PROC(_net_inet_carp, OID_AUTO, allow,
244 CTLFLAG_VNET | CTLTYPE_INT | CTLFLAG_RWTUN | CTLFLAG_MPSAFE,
245 &VNET_NAME(carp_allow), 0, carp_allow_sysctl, "I",
246 "Accept incoming CARP packets");
247 SYSCTL_PROC(_net_inet_carp, OID_AUTO, dscp,
248 CTLFLAG_VNET | CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
249 0, 0, carp_dscp_sysctl, "I",
250 "DSCP value for carp packets");
251 SYSCTL_INT(_net_inet_carp, OID_AUTO, preempt, CTLFLAG_VNET | CTLFLAG_RW,
252 &VNET_NAME(carp_preempt), 0, "High-priority backup preemption mode");
253 SYSCTL_INT(_net_inet_carp, OID_AUTO, log, CTLFLAG_VNET | CTLFLAG_RW,
254 &VNET_NAME(carp_log), 0, "CARP log level");
255 SYSCTL_PROC(_net_inet_carp, OID_AUTO, demotion,
256 CTLFLAG_VNET | CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
257 0, 0, carp_demote_adj_sysctl, "I",
258 "Adjust demotion factor (skew of advskew)");
259 SYSCTL_INT(_net_inet_carp, OID_AUTO, senderr_demotion_factor,
260 CTLFLAG_VNET | CTLFLAG_RW,
261 &VNET_NAME(carp_senderr_adj), 0, "Send error demotion factor adjustment");
262 SYSCTL_INT(_net_inet_carp, OID_AUTO, ifdown_demotion_factor,
263 CTLFLAG_VNET | CTLFLAG_RW,
264 &VNET_NAME(carp_ifdown_adj), 0,
265 "Interface down demotion factor adjustment");
267 VNET_PCPUSTAT_DEFINE(struct carpstats, carpstats);
268 VNET_PCPUSTAT_SYSINIT(carpstats);
269 VNET_PCPUSTAT_SYSUNINIT(carpstats);
271 #define CARPSTATS_ADD(name, val) \
272 counter_u64_add(VNET(carpstats)[offsetof(struct carpstats, name) / \
273 sizeof(uint64_t)], (val))
274 #define CARPSTATS_INC(name) CARPSTATS_ADD(name, 1)
276 SYSCTL_VNET_PCPUSTAT(_net_inet_carp, OID_AUTO, stats, struct carpstats,
277 carpstats, "CARP statistics (struct carpstats, netinet/ip_carp.h)");
279 #define CARP_LOCK_INIT(sc) mtx_init(&(sc)->sc_mtx, "carp_softc", \
281 #define CARP_LOCK_DESTROY(sc) mtx_destroy(&(sc)->sc_mtx)
282 #define CARP_LOCK_ASSERT(sc) mtx_assert(&(sc)->sc_mtx, MA_OWNED)
283 #define CARP_LOCK(sc) mtx_lock(&(sc)->sc_mtx)
284 #define CARP_UNLOCK(sc) mtx_unlock(&(sc)->sc_mtx)
285 #define CIF_LOCK_INIT(cif) mtx_init(&(cif)->cif_mtx, "carp_if", \
287 #define CIF_LOCK_DESTROY(cif) mtx_destroy(&(cif)->cif_mtx)
288 #define CIF_LOCK_ASSERT(cif) mtx_assert(&(cif)->cif_mtx, MA_OWNED)
289 #define CIF_LOCK(cif) mtx_lock(&(cif)->cif_mtx)
290 #define CIF_UNLOCK(cif) mtx_unlock(&(cif)->cif_mtx)
291 #define CIF_FREE(cif) do { \
293 if (TAILQ_EMPTY(&(cif)->cif_vrs)) \
299 #define CARP_LOG(...) do { \
300 if (V_carp_log > 0) \
301 log(LOG_INFO, "carp: " __VA_ARGS__); \
304 #define CARP_DEBUG(...) do { \
305 if (V_carp_log > 1) \
306 log(LOG_DEBUG, __VA_ARGS__); \
309 #define IFNET_FOREACH_IFA(ifp, ifa) \
310 CK_STAILQ_FOREACH((ifa), &(ifp)->if_addrhead, ifa_link) \
311 if ((ifa)->ifa_carp != NULL)
313 #define CARP_FOREACH_IFA(sc, ifa) \
314 CARP_LOCK_ASSERT(sc); \
316 _i < (sc)->sc_naddrs + (sc)->sc_naddrs6 && \
317 ((ifa) = sc->sc_ifas[_i]) != NULL; \
320 #define IFNET_FOREACH_CARP(ifp, sc) \
321 KASSERT(mtx_owned(&ifp->if_carp->cif_mtx) || \
322 sx_xlocked(&carp_sx), ("cif_vrs not locked")); \
323 TAILQ_FOREACH((sc), &(ifp)->if_carp->cif_vrs, sc_list)
325 #define DEMOTE_ADVSKEW(sc) \
326 (((sc)->sc_advskew + V_carp_demotion > CARP_MAXSKEW) ? \
328 (((sc)->sc_advskew + V_carp_demotion < 0) ? \
329 0 : ((sc)->sc_advskew + V_carp_demotion)))
331 static void carp_input_c(struct mbuf *, struct carp_header *, sa_family_t, int);
332 static struct carp_softc
333 *carp_alloc(struct ifnet *);
334 static void carp_destroy(struct carp_softc *);
335 static struct carp_if
336 *carp_alloc_if(struct ifnet *);
337 static void carp_free_if(struct carp_if *);
338 static void carp_set_state(struct carp_softc *, int, const char* reason);
339 static void carp_sc_state(struct carp_softc *);
340 static void carp_setrun(struct carp_softc *, sa_family_t);
341 static void carp_master_down(void *);
342 static void carp_master_down_locked(struct carp_softc *,
344 static void carp_send_ad(void *);
345 static void carp_send_ad_locked(struct carp_softc *);
346 static void carp_addroute(struct carp_softc *);
347 static void carp_ifa_addroute(struct ifaddr *);
348 static void carp_delroute(struct carp_softc *);
349 static void carp_ifa_delroute(struct ifaddr *);
350 static void carp_send_ad_all(void *, int);
351 static void carp_demote_adj(int, char *);
353 static LIST_HEAD(, carp_softc) carp_list;
354 static struct mtx carp_mtx;
355 static struct sx carp_sx;
356 static struct task carp_sendall_task =
357 TASK_INITIALIZER(0, carp_send_ad_all, NULL);
360 carp_is_supported_if(if_t ifp)
365 switch (ifp->if_type) {
378 carp_hmac_prepare(struct carp_softc *sc)
380 uint8_t version = CARP_VERSION, type = CARP_ADVERTISEMENT;
381 uint8_t vhid = sc->sc_vhid & 0xff;
385 struct in_addr last, cur, in;
388 struct in6_addr last6, cur6, in6;
391 CARP_LOCK_ASSERT(sc);
393 /* Compute ipad from key. */
394 bzero(sc->sc_pad, sizeof(sc->sc_pad));
395 bcopy(sc->sc_key, sc->sc_pad, sizeof(sc->sc_key));
396 for (i = 0; i < sizeof(sc->sc_pad); i++)
397 sc->sc_pad[i] ^= 0x36;
399 /* Precompute first part of inner hash. */
400 SHA1Init(&sc->sc_sha1);
401 SHA1Update(&sc->sc_sha1, sc->sc_pad, sizeof(sc->sc_pad));
402 SHA1Update(&sc->sc_sha1, (void *)&version, sizeof(version));
403 SHA1Update(&sc->sc_sha1, (void *)&type, sizeof(type));
404 SHA1Update(&sc->sc_sha1, (void *)&vhid, sizeof(vhid));
410 cur.s_addr = 0xffffffff;
411 CARP_FOREACH_IFA(sc, ifa) {
412 in.s_addr = ifatoia(ifa)->ia_addr.sin_addr.s_addr;
413 if (ifa->ifa_addr->sa_family == AF_INET &&
414 ntohl(in.s_addr) > ntohl(last.s_addr) &&
415 ntohl(in.s_addr) < ntohl(cur.s_addr)) {
416 cur.s_addr = in.s_addr;
421 SHA1Update(&sc->sc_sha1, (void *)&cur, sizeof(cur));
425 memset(&cur6, 0, sizeof(cur6));
429 memset(&cur6, 0xff, sizeof(cur6));
430 CARP_FOREACH_IFA(sc, ifa) {
431 in6 = ifatoia6(ifa)->ia_addr.sin6_addr;
432 if (IN6_IS_SCOPE_EMBED(&in6))
433 in6.s6_addr16[1] = 0;
434 if (ifa->ifa_addr->sa_family == AF_INET6 &&
435 memcmp(&in6, &last6, sizeof(in6)) > 0 &&
436 memcmp(&in6, &cur6, sizeof(in6)) < 0) {
442 SHA1Update(&sc->sc_sha1, (void *)&cur6, sizeof(cur6));
446 /* convert ipad to opad */
447 for (i = 0; i < sizeof(sc->sc_pad); i++)
448 sc->sc_pad[i] ^= 0x36 ^ 0x5c;
452 carp_hmac_generate(struct carp_softc *sc, uint32_t counter[2],
453 unsigned char md[20])
457 CARP_LOCK_ASSERT(sc);
459 /* fetch first half of inner hash */
460 bcopy(&sc->sc_sha1, &sha1ctx, sizeof(sha1ctx));
462 SHA1Update(&sha1ctx, (void *)counter, sizeof(sc->sc_counter));
463 SHA1Final(md, &sha1ctx);
467 SHA1Update(&sha1ctx, sc->sc_pad, sizeof(sc->sc_pad));
468 SHA1Update(&sha1ctx, md, 20);
469 SHA1Final(md, &sha1ctx);
473 carp_hmac_verify(struct carp_softc *sc, uint32_t counter[2],
474 unsigned char md[20])
476 unsigned char md2[20];
478 CARP_LOCK_ASSERT(sc);
480 carp_hmac_generate(sc, counter, md2);
482 return (bcmp(md, md2, sizeof(md2)));
486 * process input packet.
487 * we have rearranged checks order compared to the rfc,
488 * but it seems more efficient this way or not possible otherwise.
492 carp_input(struct mbuf **mp, int *offp, int proto)
494 struct mbuf *m = *mp;
495 struct ip *ip = mtod(m, struct ip *);
496 struct carp_header *ch;
502 CARPSTATS_INC(carps_ipackets);
506 return (IPPROTO_DONE);
509 iplen = ip->ip_hl << 2;
511 if (m->m_pkthdr.len < iplen + sizeof(*ch)) {
512 CARPSTATS_INC(carps_badlen);
513 CARP_DEBUG("%s: received len %zd < sizeof(struct carp_header) "
514 "on %s\n", __func__, m->m_len - sizeof(struct ip),
515 if_name(m->m_pkthdr.rcvif));
517 return (IPPROTO_DONE);
520 if (iplen + sizeof(*ch) < m->m_len) {
521 if ((m = m_pullup(m, iplen + sizeof(*ch))) == NULL) {
522 CARPSTATS_INC(carps_hdrops);
523 CARP_DEBUG("%s: pullup failed\n", __func__);
524 return (IPPROTO_DONE);
526 ip = mtod(m, struct ip *);
528 ch = (struct carp_header *)((char *)ip + iplen);
531 * verify that the received packet length is
532 * equal to the CARP header
534 len = iplen + sizeof(*ch);
535 if (len > m->m_pkthdr.len) {
536 CARPSTATS_INC(carps_badlen);
537 CARP_DEBUG("%s: packet too short %d on %s\n", __func__,
539 if_name(m->m_pkthdr.rcvif));
541 return (IPPROTO_DONE);
544 if ((m = m_pullup(m, len)) == NULL) {
545 CARPSTATS_INC(carps_hdrops);
546 return (IPPROTO_DONE);
548 ip = mtod(m, struct ip *);
549 ch = (struct carp_header *)((char *)ip + iplen);
551 /* verify the CARP checksum */
553 if (in_cksum(m, len - iplen)) {
554 CARPSTATS_INC(carps_badsum);
555 CARP_DEBUG("%s: checksum failed on %s\n", __func__,
556 if_name(m->m_pkthdr.rcvif));
558 return (IPPROTO_DONE);
562 carp_input_c(m, ch, AF_INET, ip->ip_ttl);
563 return (IPPROTO_DONE);
569 carp6_input(struct mbuf **mp, int *offp, int proto)
571 struct mbuf *m = *mp;
572 struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *);
573 struct carp_header *ch;
576 CARPSTATS_INC(carps_ipackets6);
580 return (IPPROTO_DONE);
583 /* check if received on a valid carp interface */
584 if (m->m_pkthdr.rcvif->if_carp == NULL) {
585 CARPSTATS_INC(carps_badif);
586 CARP_DEBUG("%s: packet received on non-carp interface: %s\n",
587 __func__, if_name(m->m_pkthdr.rcvif));
589 return (IPPROTO_DONE);
592 /* verify that we have a complete carp packet */
593 if (m->m_len < *offp + sizeof(*ch)) {
595 m = m_pullup(m, *offp + sizeof(*ch));
597 CARPSTATS_INC(carps_badlen);
598 CARP_DEBUG("%s: packet size %u too small\n", __func__, len);
599 return (IPPROTO_DONE);
601 ip6 = mtod(m, struct ip6_hdr *);
603 ch = (struct carp_header *)(mtod(m, char *) + *offp);
605 /* verify the CARP checksum */
607 if (in_cksum(m, sizeof(*ch))) {
608 CARPSTATS_INC(carps_badsum);
609 CARP_DEBUG("%s: checksum failed, on %s\n", __func__,
610 if_name(m->m_pkthdr.rcvif));
612 return (IPPROTO_DONE);
616 carp_input_c(m, ch, AF_INET6, ip6->ip6_hlim);
617 return (IPPROTO_DONE);
622 * This routine should not be necessary at all, but some switches
623 * (VMWare ESX vswitches) can echo our own packets back at us,
624 * and we must ignore them or they will cause us to drop out of
627 * We cannot catch all cases of network loops. Instead, what we
628 * do here is catch any packet that arrives with a carp header
629 * with a VHID of 0, that comes from an address that is our own.
630 * These packets are by definition "from us" (even if they are from
631 * a misconfigured host that is pretending to be us).
633 * The VHID test is outside this mini-function.
636 carp_source_is_self(struct mbuf *m, struct ifaddr *ifa, sa_family_t af)
650 ip4 = mtod(m, struct ip *);
651 in4 = ifatoia(ifa)->ia_addr.sin_addr;
652 return (in4.s_addr == ip4->ip_src.s_addr);
656 ip6 = mtod(m, struct ip6_hdr *);
657 in6 = ifatoia6(ifa)->ia_addr.sin6_addr;
658 return (memcmp(&in6, &ip6->ip6_src, sizeof(in6)) == 0);
667 carp_input_c(struct mbuf *m, struct carp_header *ch, sa_family_t af, int ttl)
669 struct ifnet *ifp = m->m_pkthdr.rcvif;
670 struct ifaddr *ifa, *match;
671 struct carp_softc *sc;
672 uint64_t tmp_counter;
673 struct timeval sc_tv, ch_tv;
675 bool multicast = false;
680 * Verify that the VHID is valid on the receiving interface.
682 * There should be just one match. If there are none
683 * the VHID is not valid and we drop the packet. If
684 * there are multiple VHID matches, take just the first
685 * one, for compatibility with previous code. While we're
686 * scanning, check for obvious loops in the network topology
687 * (these should never happen, and as noted above, we may
688 * miss real loops; this is just a double-check).
692 IFNET_FOREACH_IFA(ifp, ifa) {
693 if (match == NULL && ifa->ifa_carp != NULL &&
694 ifa->ifa_addr->sa_family == af &&
695 ifa->ifa_carp->sc_vhid == ch->carp_vhid)
697 if (ch->carp_vhid == 0 && carp_source_is_self(m, ifa, af))
700 ifa = error ? NULL : match;
705 if (error == ELOOP) {
706 CARP_DEBUG("dropping looped packet on interface %s\n",
708 CARPSTATS_INC(carps_badif); /* ??? */
710 CARPSTATS_INC(carps_badvhid);
716 /* verify the CARP version. */
717 if (ch->carp_version != CARP_VERSION) {
718 CARPSTATS_INC(carps_badver);
719 CARP_DEBUG("%s: invalid version %d\n", if_name(ifp),
728 if (ifa->ifa_addr->sa_family == AF_INET) {
729 multicast = IN_MULTICAST(sc->sc_carpaddr.s_addr);
731 multicast = IN6_IS_ADDR_MULTICAST(&sc->sc_carpaddr6);
735 /* verify that the IP TTL is 255, but only if we're not in unicast mode. */
736 if (multicast && ttl != CARP_DFLTTL) {
737 CARPSTATS_INC(carps_badttl);
738 CARP_DEBUG("%s: received ttl %d != 255 on %s\n", __func__,
739 ttl, if_name(m->m_pkthdr.rcvif));
743 if (carp_hmac_verify(sc, ch->carp_counter, ch->carp_md)) {
744 CARPSTATS_INC(carps_badauth);
745 CARP_DEBUG("%s: incorrect hash for VHID %u@%s\n", __func__,
746 sc->sc_vhid, if_name(ifp));
750 tmp_counter = ntohl(ch->carp_counter[0]);
751 tmp_counter = tmp_counter<<32;
752 tmp_counter += ntohl(ch->carp_counter[1]);
754 /* XXX Replay protection goes here */
756 sc->sc_init_counter = 0;
757 sc->sc_counter = tmp_counter;
759 sc_tv.tv_sec = sc->sc_advbase;
760 sc_tv.tv_usec = DEMOTE_ADVSKEW(sc) * 1000000 / 256;
761 ch_tv.tv_sec = ch->carp_advbase;
762 ch_tv.tv_usec = ch->carp_advskew * 1000000 / 256;
764 switch (sc->sc_state) {
769 * If we receive an advertisement from a master who's going to
770 * be more frequent than us, go into BACKUP state.
772 if (timevalcmp(&sc_tv, &ch_tv, >) ||
773 timevalcmp(&sc_tv, &ch_tv, ==)) {
774 callout_stop(&sc->sc_ad_tmo);
775 carp_set_state(sc, BACKUP,
776 "more frequent advertisement received");
783 * If we're pre-empting masters who advertise slower than us,
784 * and this one claims to be slower, treat him as down.
786 if (V_carp_preempt && timevalcmp(&sc_tv, &ch_tv, <)) {
787 carp_master_down_locked(sc,
788 "preempting a slower master");
793 * If the master is going to advertise at such a low frequency
794 * that he's guaranteed to time out, we'd might as well just
795 * treat him as timed out now.
797 sc_tv.tv_sec = sc->sc_advbase * 3;
798 if (timevalcmp(&sc_tv, &ch_tv, <)) {
799 carp_master_down_locked(sc, "master will time out");
804 * Otherwise, we reset the counter and wait for the next
817 carp_prepare_ad(struct mbuf *m, struct carp_softc *sc, struct carp_header *ch)
821 if (sc->sc_init_counter) {
822 /* this could also be seconds since unix epoch */
823 sc->sc_counter = arc4random();
824 sc->sc_counter = sc->sc_counter << 32;
825 sc->sc_counter += arc4random();
829 ch->carp_counter[0] = htonl((sc->sc_counter>>32)&0xffffffff);
830 ch->carp_counter[1] = htonl(sc->sc_counter&0xffffffff);
832 carp_hmac_generate(sc, ch->carp_counter, ch->carp_md);
834 /* Tag packet for carp_output */
835 if ((mtag = m_tag_get(PACKET_TAG_CARP, sizeof(struct carp_softc *),
836 M_NOWAIT)) == NULL) {
838 CARPSTATS_INC(carps_onomem);
841 bcopy(&sc, mtag + 1, sizeof(sc));
842 m_tag_prepend(m, mtag);
848 * To avoid LORs and possible recursions this function shouldn't
849 * be called directly, but scheduled via taskqueue.
852 carp_send_ad_all(void *ctx __unused, int pending __unused)
854 struct carp_softc *sc;
855 struct epoch_tracker et;
859 LIST_FOREACH(sc, &carp_list, sc_next)
860 if (sc->sc_state == MASTER) {
862 CURVNET_SET(sc->sc_carpdev->if_vnet);
863 carp_send_ad_locked(sc);
867 mtx_unlock(&carp_mtx);
871 /* Send a periodic advertisement, executed in callout context. */
873 carp_send_ad(void *v)
875 struct carp_softc *sc = v;
876 struct epoch_tracker et;
879 CARP_LOCK_ASSERT(sc);
880 CURVNET_SET(sc->sc_carpdev->if_vnet);
881 carp_send_ad_locked(sc);
888 carp_send_ad_error(struct carp_softc *sc, int error)
892 * We track errors and successfull sends with this logic:
893 * - Any error resets success counter to 0.
894 * - MAX_ERRORS triggers demotion.
895 * - MIN_SUCCESS successes resets error counter to 0.
896 * - MIN_SUCCESS reverts demotion, if it was triggered before.
899 if (sc->sc_sendad_errors < INT_MAX)
900 sc->sc_sendad_errors++;
901 if (sc->sc_sendad_errors == CARP_SENDAD_MAX_ERRORS) {
902 static const char fmt[] = "send error %d on %s";
903 char msg[sizeof(fmt) + IFNAMSIZ];
905 sprintf(msg, fmt, error, if_name(sc->sc_carpdev));
906 carp_demote_adj(V_carp_senderr_adj, msg);
908 sc->sc_sendad_success = 0;
909 } else if (sc->sc_sendad_errors > 0) {
910 if (++sc->sc_sendad_success >= CARP_SENDAD_MIN_SUCCESS) {
911 if (sc->sc_sendad_errors >= CARP_SENDAD_MAX_ERRORS) {
912 static const char fmt[] = "send ok on %s";
913 char msg[sizeof(fmt) + IFNAMSIZ];
915 sprintf(msg, fmt, if_name(sc->sc_carpdev));
916 carp_demote_adj(-V_carp_senderr_adj, msg);
918 sc->sc_sendad_errors = 0;
924 * Pick the best ifaddr on the given ifp for sending CARP
927 * "Best" here is defined by ifa_preferred(). This function is much
928 * much like ifaof_ifpforaddr() except that we just use ifa_preferred().
930 * (This could be simplified to return the actual address, except that
931 * it has a different format in AF_INET and AF_INET6.)
933 static struct ifaddr *
934 carp_best_ifa(int af, struct ifnet *ifp)
936 struct ifaddr *ifa, *best;
943 CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
944 if (ifa->ifa_addr->sa_family == af &&
945 (best == NULL || ifa_preferred(best, ifa)))
954 carp_send_ad_locked(struct carp_softc *sc)
956 struct carp_header ch;
959 struct carp_header *ch_ptr;
964 CARP_LOCK_ASSERT(sc);
966 advskew = DEMOTE_ADVSKEW(sc);
967 tv.tv_sec = sc->sc_advbase;
968 tv.tv_usec = advskew * 1000000 / 256;
970 ch.carp_version = CARP_VERSION;
971 ch.carp_type = CARP_ADVERTISEMENT;
972 ch.carp_vhid = sc->sc_vhid;
973 ch.carp_advbase = sc->sc_advbase;
974 ch.carp_advskew = advskew;
975 ch.carp_authlen = 7; /* XXX DEFINE */
976 ch.carp_pad1 = 0; /* must be zero */
979 /* XXXGL: OpenBSD picks first ifaddr with needed family. */
985 m = m_gethdr(M_NOWAIT, MT_DATA);
987 CARPSTATS_INC(carps_onomem);
990 len = sizeof(*ip) + sizeof(ch);
991 m->m_pkthdr.len = len;
992 m->m_pkthdr.rcvif = NULL;
994 M_ALIGN(m, m->m_len);
995 if (IN_MULTICAST(sc->sc_carpaddr.s_addr))
996 m->m_flags |= M_MCAST;
997 ip = mtod(m, struct ip *);
998 ip->ip_v = IPVERSION;
999 ip->ip_hl = sizeof(*ip) >> 2;
1000 ip->ip_tos = V_carp_dscp << IPTOS_DSCP_OFFSET;
1001 ip->ip_len = htons(len);
1002 ip->ip_off = htons(IP_DF);
1003 ip->ip_ttl = CARP_DFLTTL;
1004 ip->ip_p = IPPROTO_CARP;
1008 ifa = carp_best_ifa(AF_INET, sc->sc_carpdev);
1011 ifatoia(ifa)->ia_addr.sin_addr.s_addr;
1014 ip->ip_src.s_addr = 0;
1015 ip->ip_dst = sc->sc_carpaddr;
1017 ch_ptr = (struct carp_header *)(&ip[1]);
1018 bcopy(&ch, ch_ptr, sizeof(ch));
1019 if (carp_prepare_ad(m, sc, ch_ptr))
1022 m->m_data += sizeof(*ip);
1023 ch_ptr->carp_cksum = in_cksum(m, len - sizeof(*ip));
1024 m->m_data -= sizeof(*ip);
1026 CARPSTATS_INC(carps_opackets);
1028 carp_send_ad_error(sc, ip_output(m, NULL, NULL, IP_RAWOUTPUT,
1029 &sc->sc_carpdev->if_carp->cif_imo, NULL));
1033 if (sc->sc_naddrs6) {
1034 struct ip6_hdr *ip6;
1036 m = m_gethdr(M_NOWAIT, MT_DATA);
1038 CARPSTATS_INC(carps_onomem);
1041 len = sizeof(*ip6) + sizeof(ch);
1042 m->m_pkthdr.len = len;
1043 m->m_pkthdr.rcvif = NULL;
1045 M_ALIGN(m, m->m_len);
1046 ip6 = mtod(m, struct ip6_hdr *);
1047 bzero(ip6, sizeof(*ip6));
1048 ip6->ip6_vfc |= IPV6_VERSION;
1049 /* Traffic class isn't defined in ip6 struct instead
1050 * it gets offset into flowid field */
1051 ip6->ip6_flow |= htonl(V_carp_dscp << (IPV6_FLOWLABEL_LEN +
1052 IPTOS_DSCP_OFFSET));
1053 ip6->ip6_hlim = CARP_DFLTTL;
1054 ip6->ip6_nxt = IPPROTO_CARP;
1056 /* set the source address */
1057 ifa = carp_best_ifa(AF_INET6, sc->sc_carpdev);
1059 bcopy(IFA_IN6(ifa), &ip6->ip6_src,
1060 sizeof(struct in6_addr));
1063 /* This should never happen with IPv6. */
1064 bzero(&ip6->ip6_src, sizeof(struct in6_addr));
1066 /* Set the multicast destination. */
1067 memcpy(&ip6->ip6_dst, &sc->sc_carpaddr6, sizeof(ip6->ip6_dst));
1068 if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst) ||
1069 IN6_IS_ADDR_LINKLOCAL(&ip6->ip6_dst)) {
1070 if (in6_setscope(&ip6->ip6_dst, sc->sc_carpdev, NULL) != 0) {
1072 CARP_DEBUG("%s: in6_setscope failed\n", __func__);
1077 ch_ptr = (struct carp_header *)(&ip6[1]);
1078 bcopy(&ch, ch_ptr, sizeof(ch));
1079 if (carp_prepare_ad(m, sc, ch_ptr))
1082 m->m_data += sizeof(*ip6);
1083 ch_ptr->carp_cksum = in_cksum(m, len - sizeof(*ip6));
1084 m->m_data -= sizeof(*ip6);
1086 CARPSTATS_INC(carps_opackets6);
1088 carp_send_ad_error(sc, ip6_output(m, NULL, NULL, 0,
1089 &sc->sc_carpdev->if_carp->cif_im6o, NULL, NULL));
1094 callout_reset(&sc->sc_ad_tmo, tvtohz(&tv), carp_send_ad, sc);
1098 carp_addroute(struct carp_softc *sc)
1102 CARP_FOREACH_IFA(sc, ifa)
1103 carp_ifa_addroute(ifa);
1107 carp_ifa_addroute(struct ifaddr *ifa)
1110 switch (ifa->ifa_addr->sa_family) {
1113 in_addprefix(ifatoia(ifa));
1114 ifa_add_loopback_route(ifa,
1115 (struct sockaddr *)&ifatoia(ifa)->ia_addr);
1120 ifa_add_loopback_route(ifa,
1121 (struct sockaddr *)&ifatoia6(ifa)->ia_addr);
1122 nd6_add_ifa_lle(ifatoia6(ifa));
1129 carp_delroute(struct carp_softc *sc)
1133 CARP_FOREACH_IFA(sc, ifa)
1134 carp_ifa_delroute(ifa);
1138 carp_ifa_delroute(struct ifaddr *ifa)
1141 switch (ifa->ifa_addr->sa_family) {
1144 ifa_del_loopback_route(ifa,
1145 (struct sockaddr *)&ifatoia(ifa)->ia_addr);
1146 in_scrubprefix(ifatoia(ifa), LLE_STATIC);
1151 ifa_del_loopback_route(ifa,
1152 (struct sockaddr *)&ifatoia6(ifa)->ia_addr);
1153 nd6_rem_ifa_lle(ifatoia6(ifa), 1);
1160 carp_master(struct ifaddr *ifa)
1162 struct carp_softc *sc = ifa->ifa_carp;
1164 return (sc->sc_state == MASTER);
1169 * Broadcast a gratuitous ARP request containing
1170 * the virtual router MAC address for each IP address
1171 * associated with the virtual router.
1174 carp_send_arp(struct carp_softc *sc)
1177 struct in_addr addr;
1181 CARP_FOREACH_IFA(sc, ifa) {
1182 if (ifa->ifa_addr->sa_family != AF_INET)
1184 addr = ((struct sockaddr_in *)ifa->ifa_addr)->sin_addr;
1185 arp_announce_ifaddr(sc->sc_carpdev, addr, LLADDR(&sc->sc_addr));
1190 carp_iamatch(struct ifaddr *ifa, uint8_t **enaddr)
1192 struct carp_softc *sc = ifa->ifa_carp;
1194 if (sc->sc_state == MASTER) {
1195 *enaddr = LLADDR(&sc->sc_addr);
1205 carp_send_na(struct carp_softc *sc)
1207 static struct in6_addr mcast = IN6ADDR_LINKLOCAL_ALLNODES_INIT;
1209 struct in6_addr *in6;
1211 CARP_FOREACH_IFA(sc, ifa) {
1212 if (ifa->ifa_addr->sa_family != AF_INET6)
1216 nd6_na_output(sc->sc_carpdev, &mcast, in6,
1217 ND_NA_FLAG_OVERRIDE, 1, NULL);
1218 DELAY(1000); /* XXX */
1223 * Returns ifa in case it's a carp address and it is MASTER, or if the address
1224 * matches and is not a carp address. Returns NULL otherwise.
1227 carp_iamatch6(struct ifnet *ifp, struct in6_addr *taddr)
1234 CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1235 if (ifa->ifa_addr->sa_family != AF_INET6)
1237 if (!IN6_ARE_ADDR_EQUAL(taddr, IFA_IN6(ifa)))
1239 if (ifa->ifa_carp && ifa->ifa_carp->sc_state != MASTER)
1250 carp_macmatch6(struct ifnet *ifp, struct mbuf *m, const struct in6_addr *taddr)
1256 IFNET_FOREACH_IFA(ifp, ifa)
1257 if (ifa->ifa_addr->sa_family == AF_INET6 &&
1258 IN6_ARE_ADDR_EQUAL(taddr, IFA_IN6(ifa))) {
1259 struct carp_softc *sc = ifa->ifa_carp;
1262 mtag = m_tag_get(PACKET_TAG_CARP,
1263 sizeof(struct carp_softc *), M_NOWAIT);
1265 /* Better a bit than nothing. */
1266 return (LLADDR(&sc->sc_addr));
1268 bcopy(&sc, mtag + 1, sizeof(sc));
1269 m_tag_prepend(m, mtag);
1271 return (LLADDR(&sc->sc_addr));
1279 carp_forus(struct ifnet *ifp, u_char *dhost)
1281 struct carp_softc *sc;
1282 uint8_t *ena = dhost;
1284 if (ena[0] || ena[1] || ena[2] != 0x5e || ena[3] || ena[4] != 1)
1287 CIF_LOCK(ifp->if_carp);
1288 IFNET_FOREACH_CARP(ifp, sc) {
1290 * CARP_LOCK() is not here, since would protect nothing, but
1291 * cause deadlock with if_bridge, calling this under its lock.
1293 if (sc->sc_state == MASTER && !bcmp(dhost, LLADDR(&sc->sc_addr),
1295 CIF_UNLOCK(ifp->if_carp);
1299 CIF_UNLOCK(ifp->if_carp);
1304 /* Master down timeout event, executed in callout context. */
1306 carp_master_down(void *v)
1308 struct carp_softc *sc = v;
1309 struct epoch_tracker et;
1311 NET_EPOCH_ENTER(et);
1312 CARP_LOCK_ASSERT(sc);
1314 CURVNET_SET(sc->sc_carpdev->if_vnet);
1315 if (sc->sc_state == BACKUP) {
1316 carp_master_down_locked(sc, "master timed out");
1325 carp_master_down_locked(struct carp_softc *sc, const char *reason)
1329 CARP_LOCK_ASSERT(sc);
1331 switch (sc->sc_state) {
1333 carp_set_state(sc, MASTER, reason);
1334 carp_send_ad_locked(sc);
1347 panic("carp: VHID %u@%s: master_down event in %s state\n",
1349 if_name(sc->sc_carpdev),
1350 sc->sc_state ? "MASTER" : "INIT");
1357 * When in backup state, af indicates whether to reset the master down timer
1358 * for v4 or v6. If it's set to zero, reset the ones which are already pending.
1361 carp_setrun(struct carp_softc *sc, sa_family_t af)
1365 CARP_LOCK_ASSERT(sc);
1367 if ((sc->sc_carpdev->if_flags & IFF_UP) == 0 ||
1368 sc->sc_carpdev->if_link_state != LINK_STATE_UP ||
1369 (sc->sc_naddrs == 0 && sc->sc_naddrs6 == 0) ||
1373 switch (sc->sc_state) {
1375 carp_set_state(sc, BACKUP, "initialization complete");
1379 callout_stop(&sc->sc_ad_tmo);
1380 tv.tv_sec = 3 * sc->sc_advbase;
1381 tv.tv_usec = sc->sc_advskew * 1000000 / 256;
1385 callout_reset(&sc->sc_md_tmo, tvtohz(&tv),
1386 carp_master_down, sc);
1391 callout_reset(&sc->sc_md6_tmo, tvtohz(&tv),
1392 carp_master_down, sc);
1398 callout_reset(&sc->sc_md_tmo, tvtohz(&tv),
1399 carp_master_down, sc);
1403 callout_reset(&sc->sc_md6_tmo, tvtohz(&tv),
1404 carp_master_down, sc);
1410 tv.tv_sec = sc->sc_advbase;
1411 tv.tv_usec = sc->sc_advskew * 1000000 / 256;
1412 callout_reset(&sc->sc_ad_tmo, tvtohz(&tv),
1419 * Setup multicast structures.
1422 carp_multicast_setup(struct carp_if *cif, sa_family_t sa)
1424 struct ifnet *ifp = cif->cif_ifp;
1431 struct ip_moptions *imo = &cif->cif_imo;
1432 struct in_mfilter *imf;
1433 struct in_addr addr;
1435 if (ip_mfilter_first(&imo->imo_head) != NULL)
1438 imf = ip_mfilter_alloc(M_WAITOK, 0, 0);
1439 ip_mfilter_init(&imo->imo_head);
1440 imo->imo_multicast_vif = -1;
1442 addr.s_addr = htonl(INADDR_CARP_GROUP);
1443 if ((error = in_joingroup(ifp, &addr, NULL,
1444 &imf->imf_inm)) != 0) {
1445 ip_mfilter_free(imf);
1449 ip_mfilter_insert(&imo->imo_head, imf);
1450 imo->imo_multicast_ifp = ifp;
1451 imo->imo_multicast_ttl = CARP_DFLTTL;
1452 imo->imo_multicast_loop = 0;
1459 struct ip6_moptions *im6o = &cif->cif_im6o;
1460 struct in6_mfilter *im6f[2];
1461 struct in6_addr in6;
1463 if (ip6_mfilter_first(&im6o->im6o_head))
1466 im6f[0] = ip6_mfilter_alloc(M_WAITOK, 0, 0);
1467 im6f[1] = ip6_mfilter_alloc(M_WAITOK, 0, 0);
1469 ip6_mfilter_init(&im6o->im6o_head);
1470 im6o->im6o_multicast_hlim = CARP_DFLTTL;
1471 im6o->im6o_multicast_ifp = ifp;
1473 /* Join IPv6 CARP multicast group. */
1474 bzero(&in6, sizeof(in6));
1475 in6.s6_addr16[0] = htons(0xff02);
1476 in6.s6_addr8[15] = 0x12;
1477 if ((error = in6_setscope(&in6, ifp, NULL)) != 0) {
1478 ip6_mfilter_free(im6f[0]);
1479 ip6_mfilter_free(im6f[1]);
1482 if ((error = in6_joingroup(ifp, &in6, NULL, &im6f[0]->im6f_in6m, 0)) != 0) {
1483 ip6_mfilter_free(im6f[0]);
1484 ip6_mfilter_free(im6f[1]);
1488 /* Join solicited multicast address. */
1489 bzero(&in6, sizeof(in6));
1490 in6.s6_addr16[0] = htons(0xff02);
1491 in6.s6_addr32[1] = 0;
1492 in6.s6_addr32[2] = htonl(1);
1493 in6.s6_addr32[3] = 0;
1494 in6.s6_addr8[12] = 0xff;
1496 if ((error = in6_setscope(&in6, ifp, NULL)) != 0) {
1497 ip6_mfilter_free(im6f[0]);
1498 ip6_mfilter_free(im6f[1]);
1502 if ((error = in6_joingroup(ifp, &in6, NULL, &im6f[1]->im6f_in6m, 0)) != 0) {
1503 in6_leavegroup(im6f[0]->im6f_in6m, NULL);
1504 ip6_mfilter_free(im6f[0]);
1505 ip6_mfilter_free(im6f[1]);
1508 ip6_mfilter_insert(&im6o->im6o_head, im6f[0]);
1509 ip6_mfilter_insert(&im6o->im6o_head, im6f[1]);
1519 * Free multicast structures.
1522 carp_multicast_cleanup(struct carp_if *cif, sa_family_t sa)
1525 struct ip_moptions *imo = &cif->cif_imo;
1526 struct in_mfilter *imf;
1529 struct ip6_moptions *im6o = &cif->cif_im6o;
1530 struct in6_mfilter *im6f;
1532 sx_assert(&carp_sx, SA_XLOCKED);
1537 if (cif->cif_naddrs != 0)
1540 while ((imf = ip_mfilter_first(&imo->imo_head)) != NULL) {
1541 ip_mfilter_remove(&imo->imo_head, imf);
1542 in_leavegroup(imf->imf_inm, NULL);
1543 ip_mfilter_free(imf);
1549 if (cif->cif_naddrs6 != 0)
1552 while ((im6f = ip6_mfilter_first(&im6o->im6o_head)) != NULL) {
1553 ip6_mfilter_remove(&im6o->im6o_head, im6f);
1554 in6_leavegroup(im6f->im6f_in6m, NULL);
1555 ip6_mfilter_free(im6f);
1563 carp_output(struct ifnet *ifp, struct mbuf *m, const struct sockaddr *sa)
1566 struct carp_softc *sc;
1571 switch (sa->sa_family) {
1584 mtag = m_tag_find(m, PACKET_TAG_CARP, NULL);
1588 bcopy(mtag + 1, &sc, sizeof(sc));
1590 switch (sa->sa_family) {
1592 if (! IN_MULTICAST(ntohl(sc->sc_carpaddr.s_addr)))
1596 if (! IN6_IS_ADDR_MULTICAST(&sc->sc_carpaddr6))
1600 panic("Unknown af");
1603 /* Set the source MAC address to the Virtual Router MAC Address. */
1604 switch (ifp->if_type) {
1608 struct ether_header *eh;
1610 eh = mtod(m, struct ether_header *);
1611 eh->ether_shost[0] = 0;
1612 eh->ether_shost[1] = 0;
1613 eh->ether_shost[2] = 0x5e;
1614 eh->ether_shost[3] = 0;
1615 eh->ether_shost[4] = 1;
1616 eh->ether_shost[5] = sc->sc_vhid;
1620 printf("%s: carp is not supported for the %d interface type\n",
1621 if_name(ifp), ifp->if_type);
1622 return (EOPNOTSUPP);
1628 static struct carp_softc*
1629 carp_alloc(struct ifnet *ifp)
1631 struct carp_softc *sc;
1632 struct carp_if *cif;
1634 sx_assert(&carp_sx, SA_XLOCKED);
1636 if ((cif = ifp->if_carp) == NULL)
1637 cif = carp_alloc_if(ifp);
1639 sc = malloc(sizeof(*sc), M_CARP, M_WAITOK|M_ZERO);
1641 sc->sc_advbase = CARP_DFLTINTV;
1642 sc->sc_vhid = -1; /* required setting */
1643 sc->sc_init_counter = 1;
1644 sc->sc_state = INIT;
1646 sc->sc_ifasiz = sizeof(struct ifaddr *);
1647 sc->sc_ifas = malloc(sc->sc_ifasiz, M_CARP, M_WAITOK|M_ZERO);
1648 sc->sc_carpdev = ifp;
1650 sc->sc_carpaddr.s_addr = htonl(INADDR_CARP_GROUP);
1651 sc->sc_carpaddr6.s6_addr16[0] = IPV6_ADDR_INT16_MLL;
1652 sc->sc_carpaddr6.s6_addr8[15] = 0x12;
1656 callout_init_mtx(&sc->sc_md_tmo, &sc->sc_mtx, CALLOUT_RETURNUNLOCKED);
1659 callout_init_mtx(&sc->sc_md6_tmo, &sc->sc_mtx, CALLOUT_RETURNUNLOCKED);
1661 callout_init_mtx(&sc->sc_ad_tmo, &sc->sc_mtx, CALLOUT_RETURNUNLOCKED);
1664 TAILQ_INSERT_TAIL(&cif->cif_vrs, sc, sc_list);
1667 mtx_lock(&carp_mtx);
1668 LIST_INSERT_HEAD(&carp_list, sc, sc_next);
1669 mtx_unlock(&carp_mtx);
1675 carp_grow_ifas(struct carp_softc *sc)
1677 struct ifaddr **new;
1679 new = malloc(sc->sc_ifasiz * 2, M_CARP, M_WAITOK | M_ZERO);
1681 bcopy(sc->sc_ifas, new, sc->sc_ifasiz);
1682 free(sc->sc_ifas, M_CARP);
1689 carp_destroy(struct carp_softc *sc)
1691 struct ifnet *ifp = sc->sc_carpdev;
1692 struct carp_if *cif = ifp->if_carp;
1694 sx_assert(&carp_sx, SA_XLOCKED);
1696 if (sc->sc_suppress)
1697 carp_demote_adj(-V_carp_ifdown_adj, "vhid removed");
1701 TAILQ_REMOVE(&cif->cif_vrs, sc, sc_list);
1704 mtx_lock(&carp_mtx);
1705 LIST_REMOVE(sc, sc_next);
1706 mtx_unlock(&carp_mtx);
1708 callout_drain(&sc->sc_ad_tmo);
1710 callout_drain(&sc->sc_md_tmo);
1713 callout_drain(&sc->sc_md6_tmo);
1715 CARP_LOCK_DESTROY(sc);
1717 free(sc->sc_ifas, M_CARP);
1721 static struct carp_if*
1722 carp_alloc_if(struct ifnet *ifp)
1724 struct carp_if *cif;
1727 cif = malloc(sizeof(*cif), M_CARP, M_WAITOK|M_ZERO);
1729 if ((error = ifpromisc(ifp, 1)) != 0)
1730 printf("%s: ifpromisc(%s) failed: %d\n",
1731 __func__, if_name(ifp), error);
1733 cif->cif_flags |= CIF_PROMISC;
1737 TAILQ_INIT(&cif->cif_vrs);
1742 IF_ADDR_WUNLOCK(ifp);
1748 carp_free_if(struct carp_if *cif)
1750 struct ifnet *ifp = cif->cif_ifp;
1752 CIF_LOCK_ASSERT(cif);
1753 KASSERT(TAILQ_EMPTY(&cif->cif_vrs), ("%s: softc list not empty",
1757 ifp->if_carp = NULL;
1758 IF_ADDR_WUNLOCK(ifp);
1760 CIF_LOCK_DESTROY(cif);
1762 if (cif->cif_flags & CIF_PROMISC)
1770 carp_carprcp(void *arg, struct carp_softc *sc, int priv)
1772 struct carpreq *carpr = arg;
1775 carpr->carpr_state = sc->sc_state;
1776 carpr->carpr_vhid = sc->sc_vhid;
1777 carpr->carpr_advbase = sc->sc_advbase;
1778 carpr->carpr_advskew = sc->sc_advskew;
1780 bcopy(sc->sc_key, carpr->carpr_key, sizeof(carpr->carpr_key));
1782 bzero(carpr->carpr_key, sizeof(carpr->carpr_key));
1789 carp_ioctl_set(if_t ifp, struct carpkreq *carpr)
1791 struct epoch_tracker et;
1792 struct carp_softc *sc = NULL;
1796 if (carpr->carpr_vhid <= 0 || carpr->carpr_vhid > CARP_MAXVHID ||
1797 carpr->carpr_advbase < 0 || carpr->carpr_advskew < 0) {
1802 IFNET_FOREACH_CARP(ifp, sc)
1803 if (sc->sc_vhid == carpr->carpr_vhid)
1807 sc = carp_alloc(ifp);
1809 sc->sc_vhid = carpr->carpr_vhid;
1810 LLADDR(&sc->sc_addr)[0] = 0;
1811 LLADDR(&sc->sc_addr)[1] = 0;
1812 LLADDR(&sc->sc_addr)[2] = 0x5e;
1813 LLADDR(&sc->sc_addr)[3] = 0;
1814 LLADDR(&sc->sc_addr)[4] = 1;
1815 LLADDR(&sc->sc_addr)[5] = sc->sc_vhid;
1818 if (carpr->carpr_advbase > 0) {
1819 if (carpr->carpr_advbase > 255 ||
1820 carpr->carpr_advbase < CARP_DFLTINTV) {
1824 sc->sc_advbase = carpr->carpr_advbase;
1826 if (carpr->carpr_advskew >= 255) {
1830 sc->sc_advskew = carpr->carpr_advskew;
1831 if (carpr->carpr_addr.s_addr != INADDR_ANY)
1832 sc->sc_carpaddr = carpr->carpr_addr;
1833 if (! IN6_IS_ADDR_UNSPECIFIED(&carpr->carpr_addr6)) {
1834 memcpy(&sc->sc_carpaddr6, &carpr->carpr_addr6,
1835 sizeof(sc->sc_carpaddr6));
1837 if (carpr->carpr_key[0] != '\0') {
1838 bcopy(carpr->carpr_key, sc->sc_key, sizeof(sc->sc_key));
1839 carp_hmac_prepare(sc);
1841 if (sc->sc_state != INIT &&
1842 carpr->carpr_state != sc->sc_state) {
1843 switch (carpr->carpr_state) {
1845 callout_stop(&sc->sc_ad_tmo);
1846 carp_set_state(sc, BACKUP,
1847 "user requested via ifconfig");
1852 NET_EPOCH_ENTER(et);
1853 carp_master_down_locked(sc,
1854 "user requested via ifconfig");
1869 carp_ioctl_get(if_t ifp, struct ucred *cred, struct carpreq *carpr,
1870 bool (*outfn)(void *, struct carp_softc *, int), void *arg)
1873 struct carp_softc *sc;
1875 if (carpr->carpr_vhid < 0 || carpr->carpr_vhid > CARP_MAXVHID)
1877 if (carpr->carpr_count < 1)
1879 if (ifp->if_carp == NULL)
1882 priveleged = (priv_check_cred(cred, PRIV_NETINET_CARP) == 0);
1883 if (carpr->carpr_vhid != 0) {
1884 IFNET_FOREACH_CARP(ifp, sc)
1885 if (sc->sc_vhid == carpr->carpr_vhid)
1890 if (! outfn(arg, sc, priveleged))
1892 carpr->carpr_count = 1;
1897 IFNET_FOREACH_CARP(ifp, sc)
1900 if (count > carpr->carpr_count)
1903 IFNET_FOREACH_CARP(ifp, sc) {
1904 if (! outfn(arg, sc, priveleged))
1906 carpr->carpr_count = count;
1914 carp_ioctl(struct ifreq *ifr, u_long cmd, struct thread *td)
1916 struct carpreq carpr;
1917 struct carpkreq carprk = { };
1921 if ((error = copyin(ifr_data_get_ptr(ifr), &carpr, sizeof carpr)))
1924 ifp = ifunit_ref(ifr->ifr_name);
1925 if ((error = carp_is_supported_if(ifp)) != 0)
1928 if ((ifp->if_flags & IFF_MULTICAST) == 0) {
1929 error = EADDRNOTAVAIL;
1936 if ((error = priv_check(td, PRIV_NETINET_CARP)))
1939 memcpy(&carprk, &carpr, sizeof(carpr));
1940 error = carp_ioctl_set(ifp, &carprk);
1944 error = carp_ioctl_get(ifp, td->td_ucred, &carpr,
1945 carp_carprcp, &carpr);
1947 error = copyout(&carpr,
1948 (char *)ifr_data_get_ptr(ifr),
1949 carpr.carpr_count * sizeof(carpr));
1955 sx_xunlock(&carp_sx);
1965 carp_get_vhid(struct ifaddr *ifa)
1968 if (ifa == NULL || ifa->ifa_carp == NULL)
1971 return (ifa->ifa_carp->sc_vhid);
1975 carp_attach(struct ifaddr *ifa, int vhid)
1977 struct ifnet *ifp = ifa->ifa_ifp;
1978 struct carp_if *cif = ifp->if_carp;
1979 struct carp_softc *sc;
1982 KASSERT(ifa->ifa_carp == NULL, ("%s: ifa %p attached", __func__, ifa));
1984 switch (ifa->ifa_addr->sa_family) {
1993 return (EPROTOTYPE);
1997 if (ifp->if_carp == NULL) {
1998 sx_xunlock(&carp_sx);
1999 return (ENOPROTOOPT);
2002 IFNET_FOREACH_CARP(ifp, sc)
2003 if (sc->sc_vhid == vhid)
2006 sx_xunlock(&carp_sx);
2010 error = carp_multicast_setup(cif, ifa->ifa_addr->sa_family);
2013 sx_xunlock(&carp_sx);
2017 index = sc->sc_naddrs + sc->sc_naddrs6 + 1;
2018 if (index > sc->sc_ifasiz / sizeof(struct ifaddr *))
2021 switch (ifa->ifa_addr->sa_family) {
2039 sc->sc_ifas[index - 1] = ifa;
2041 carp_hmac_prepare(sc);
2045 sx_xunlock(&carp_sx);
2051 carp_detach(struct ifaddr *ifa, bool keep_cif)
2053 struct ifnet *ifp = ifa->ifa_ifp;
2054 struct carp_if *cif = ifp->if_carp;
2055 struct carp_softc *sc = ifa->ifa_carp;
2058 KASSERT(sc != NULL, ("%s: %p not attached", __func__, ifa));
2064 index = sc->sc_naddrs + sc->sc_naddrs6;
2065 for (i = 0; i < index; i++)
2066 if (sc->sc_ifas[i] == ifa)
2068 KASSERT(i < index, ("%s: %p no backref", __func__, ifa));
2069 for (; i < index - 1; i++)
2070 sc->sc_ifas[i] = sc->sc_ifas[i+1];
2071 sc->sc_ifas[index - 1] = NULL;
2073 switch (ifa->ifa_addr->sa_family) {
2088 carp_ifa_delroute(ifa);
2089 carp_multicast_cleanup(cif, ifa->ifa_addr->sa_family);
2091 ifa->ifa_carp = NULL;
2094 carp_hmac_prepare(sc);
2097 if (!keep_cif && sc->sc_naddrs == 0 && sc->sc_naddrs6 == 0)
2105 sx_xunlock(&carp_sx);
2109 carp_set_state(struct carp_softc *sc, int state, const char *reason)
2112 CARP_LOCK_ASSERT(sc);
2114 if (sc->sc_state != state) {
2115 const char *carp_states[] = { CARP_STATES };
2116 char subsys[IFNAMSIZ+5];
2118 snprintf(subsys, IFNAMSIZ+5, "%u@%s", sc->sc_vhid,
2119 if_name(sc->sc_carpdev));
2121 CARP_LOG("%s: %s -> %s (%s)\n", subsys,
2122 carp_states[sc->sc_state], carp_states[state], reason);
2124 sc->sc_state = state;
2126 devctl_notify("CARP", subsys, carp_states[state], NULL);
2131 carp_linkstate(struct ifnet *ifp)
2133 struct carp_softc *sc;
2135 CIF_LOCK(ifp->if_carp);
2136 IFNET_FOREACH_CARP(ifp, sc) {
2141 CIF_UNLOCK(ifp->if_carp);
2145 carp_sc_state(struct carp_softc *sc)
2148 CARP_LOCK_ASSERT(sc);
2150 if (sc->sc_carpdev->if_link_state != LINK_STATE_UP ||
2151 !(sc->sc_carpdev->if_flags & IFF_UP) ||
2153 callout_stop(&sc->sc_ad_tmo);
2155 callout_stop(&sc->sc_md_tmo);
2158 callout_stop(&sc->sc_md6_tmo);
2160 carp_set_state(sc, INIT, "hardware interface down");
2162 if (!sc->sc_suppress)
2163 carp_demote_adj(V_carp_ifdown_adj, "interface down");
2164 sc->sc_suppress = 1;
2166 carp_set_state(sc, INIT, "hardware interface up");
2168 if (sc->sc_suppress)
2169 carp_demote_adj(-V_carp_ifdown_adj, "interface up");
2170 sc->sc_suppress = 0;
2175 carp_demote_adj(int adj, char *reason)
2177 atomic_add_int(&V_carp_demotion, adj);
2178 CARP_LOG("demoted by %d to %d (%s)\n", adj, V_carp_demotion, reason);
2179 taskqueue_enqueue(taskqueue_swi, &carp_sendall_task);
2183 carp_allow_sysctl(SYSCTL_HANDLER_ARGS)
2186 struct carp_softc *sc;
2189 error = sysctl_handle_int(oidp, &new, 0, req);
2190 if (error || !req->newptr)
2193 if (V_carp_allow != new) {
2196 mtx_lock(&carp_mtx);
2197 LIST_FOREACH(sc, &carp_list, sc_next) {
2199 if (curvnet == sc->sc_carpdev->if_vnet)
2203 mtx_unlock(&carp_mtx);
2210 carp_dscp_sysctl(SYSCTL_HANDLER_ARGS)
2215 error = sysctl_handle_int(oidp, &new, 0, req);
2216 if (error || !req->newptr)
2219 if (new < 0 || new > 63)
2228 carp_demote_adj_sysctl(SYSCTL_HANDLER_ARGS)
2232 new = V_carp_demotion;
2233 error = sysctl_handle_int(oidp, &new, 0, req);
2234 if (error || !req->newptr)
2237 carp_demote_adj(new, "sysctl");
2243 nlattr_get_carp_key(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target)
2245 if (__predict_false(NLA_DATA_LEN(nla) > CARP_KEY_LEN))
2248 memcpy(target, NLA_DATA_CONST(nla), NLA_DATA_LEN(nla));
2252 struct carp_nl_send_args {
2253 struct nlmsghdr *hdr;
2254 struct nl_pstate *npt;
2258 carp_nl_send(void *arg, struct carp_softc *sc, int priv)
2260 struct carp_nl_send_args *nlsa = arg;
2261 struct nlmsghdr *hdr = nlsa->hdr;
2262 struct nl_pstate *npt = nlsa->npt;
2263 struct nl_writer *nw = npt->nw;
2264 struct genlmsghdr *ghdr_new;
2266 if (!nlmsg_reply(nw, hdr, sizeof(struct genlmsghdr))) {
2271 ghdr_new = nlmsg_reserve_object(nw, struct genlmsghdr);
2272 if (ghdr_new == NULL) {
2277 ghdr_new->cmd = CARP_NL_CMD_GET;
2278 ghdr_new->version = 0;
2279 ghdr_new->reserved = 0;
2283 nlattr_add_u32(nw, CARP_NL_VHID, sc->sc_vhid);
2284 nlattr_add_u32(nw, CARP_NL_STATE, sc->sc_state);
2285 nlattr_add_s32(nw, CARP_NL_ADVBASE, sc->sc_advbase);
2286 nlattr_add_s32(nw, CARP_NL_ADVSKEW, sc->sc_advskew);
2287 nlattr_add_in_addr(nw, CARP_NL_ADDR, &sc->sc_carpaddr);
2288 nlattr_add_in6_addr(nw, CARP_NL_ADDR6, &sc->sc_carpaddr6);
2291 nlattr_add(nw, CARP_NL_KEY, sizeof(sc->sc_key), sc->sc_key);
2295 if (! nlmsg_end(nw)) {
2303 struct nl_carp_parsed {
2304 unsigned int ifindex;
2310 char key[CARP_KEY_LEN];
2311 struct in_addr addr;
2312 struct in6_addr addr6;
2315 #define _IN(_field) offsetof(struct genlmsghdr, _field)
2316 #define _OUT(_field) offsetof(struct nl_carp_parsed, _field)
2318 static const struct nlattr_parser nla_p_set[] = {
2319 { .type = CARP_NL_VHID, .off = _OUT(vhid), .cb = nlattr_get_uint32 },
2320 { .type = CARP_NL_STATE, .off = _OUT(state), .cb = nlattr_get_uint32 },
2321 { .type = CARP_NL_ADVBASE, .off = _OUT(advbase), .cb = nlattr_get_uint32 },
2322 { .type = CARP_NL_ADVSKEW, .off = _OUT(advskew), .cb = nlattr_get_uint32 },
2323 { .type = CARP_NL_KEY, .off = _OUT(key), .cb = nlattr_get_carp_key },
2324 { .type = CARP_NL_IFINDEX, .off = _OUT(ifindex), .cb = nlattr_get_uint32 },
2325 { .type = CARP_NL_ADDR, .off = _OUT(addr), .cb = nlattr_get_in_addr },
2326 { .type = CARP_NL_ADDR6, .off = _OUT(addr6), .cb = nlattr_get_in6_addr },
2327 { .type = CARP_NL_IFNAME, .off = _OUT(ifname), .cb = nlattr_get_string },
2329 static const struct nlfield_parser nlf_p_set[] = {
2331 NL_DECLARE_PARSER(carp_parser, struct genlmsghdr, nlf_p_set, nla_p_set);
2337 carp_nl_get(struct nlmsghdr *hdr, struct nl_pstate *npt)
2339 struct nl_carp_parsed attrs = { };
2340 struct carp_nl_send_args args;
2341 struct carpreq carpr = { };
2342 struct epoch_tracker et;
2346 error = nl_parse_nlmsg(hdr, &carp_parser, npt, &attrs);
2350 NET_EPOCH_ENTER(et);
2351 if (attrs.ifname != NULL)
2352 ifp = ifunit_ref(attrs.ifname);
2353 else if (attrs.ifindex != 0)
2354 ifp = ifnet_byindex_ref(attrs.ifindex);
2357 if ((error = carp_is_supported_if(ifp)) != 0)
2360 hdr->nlmsg_flags |= NLM_F_MULTI;
2364 carpr.carpr_vhid = attrs.vhid;
2365 carpr.carpr_count = CARP_MAXVHID;
2368 error = carp_ioctl_get(ifp, nlp_get_cred(npt->nlp), &carpr,
2369 carp_nl_send, &args);
2370 sx_xunlock(&carp_sx);
2372 if (! nlmsg_end_dump(npt->nw, error, hdr))
2383 carp_nl_set(struct nlmsghdr *hdr, struct nl_pstate *npt)
2385 struct nl_carp_parsed attrs = { };
2386 struct carpkreq carpr;
2387 struct epoch_tracker et;
2391 error = nl_parse_nlmsg(hdr, &carp_parser, npt, &attrs);
2395 if (attrs.vhid <= 0 || attrs.vhid > CARP_MAXVHID)
2397 if (attrs.state > CARP_MAXSTATE)
2399 if (attrs.advbase < 0 || attrs.advskew < 0)
2401 if (attrs.advbase > 255)
2403 if (attrs.advskew >= 255)
2406 NET_EPOCH_ENTER(et);
2407 if (attrs.ifname != NULL)
2408 ifp = ifunit_ref(attrs.ifname);
2409 else if (attrs.ifindex != 0)
2410 ifp = ifnet_byindex_ref(attrs.ifindex);
2413 if ((error = carp_is_supported_if(ifp)) != 0)
2416 if ((ifp->if_flags & IFF_MULTICAST) == 0) {
2417 error = EADDRNOTAVAIL;
2421 carpr.carpr_count = 1;
2422 carpr.carpr_vhid = attrs.vhid;
2423 carpr.carpr_state = attrs.state;
2424 carpr.carpr_advbase = attrs.advbase;
2425 carpr.carpr_advskew = attrs.advskew;
2426 carpr.carpr_addr = attrs.addr;
2427 carpr.carpr_addr6 = attrs.addr6;
2429 memcpy(&carpr.carpr_key, &attrs.key, sizeof(attrs.key));
2432 error = carp_ioctl_set(ifp, &carpr);
2433 sx_xunlock(&carp_sx);
2442 static const struct nlhdr_parser *all_parsers[] = {
2446 static const struct genl_cmd carp_cmds[] = {
2448 .cmd_num = CARP_NL_CMD_GET,
2449 .cmd_name = "SIOCGVH",
2450 .cmd_cb = carp_nl_get,
2451 .cmd_flags = GENL_CMD_CAP_DO | GENL_CMD_CAP_DUMP |
2452 GENL_CMD_CAP_HASPOL,
2455 .cmd_num = CARP_NL_CMD_SET,
2456 .cmd_name = "SIOCSVH",
2457 .cmd_cb = carp_nl_set,
2458 .cmd_flags = GENL_CMD_CAP_DO | GENL_CMD_CAP_HASPOL,
2459 .cmd_priv = PRIV_NETINET_CARP,
2464 carp_nl_register(void)
2466 bool ret __diagused;
2467 int family_id __diagused;
2469 NL_VERIFY_PARSERS(all_parsers);
2470 family_id = genl_register_family(CARP_NL_FAMILY_NAME, 0, 2,
2472 MPASS(family_id != 0);
2474 ret = genl_register_cmds(CARP_NL_FAMILY_NAME, carp_cmds,
2475 NL_ARRAY_LEN(carp_cmds));
2480 carp_nl_unregister(void)
2482 genl_unregister_family(CARP_NL_FAMILY_NAME);
2486 carp_mod_cleanup(void)
2489 carp_nl_unregister();
2492 (void)ipproto_unregister(IPPROTO_CARP);
2493 carp_iamatch_p = NULL;
2496 (void)ip6proto_unregister(IPPROTO_CARP);
2497 carp_iamatch6_p = NULL;
2498 carp_macmatch6_p = NULL;
2500 carp_ioctl_p = NULL;
2501 carp_attach_p = NULL;
2502 carp_detach_p = NULL;
2503 carp_get_vhid_p = NULL;
2504 carp_linkstate_p = NULL;
2505 carp_forus_p = NULL;
2506 carp_output_p = NULL;
2507 carp_demote_adj_p = NULL;
2508 carp_master_p = NULL;
2509 mtx_unlock(&carp_mtx);
2510 taskqueue_drain(taskqueue_swi, &carp_sendall_task);
2511 mtx_destroy(&carp_mtx);
2512 sx_destroy(&carp_sx);
2516 ipcarp_sysinit(void)
2519 /* Load allow as tunable so to postpone carp start after module load */
2520 TUNABLE_INT_FETCH("net.inet.carp.allow", &V_carp_allow);
2522 VNET_SYSINIT(ip_carp, SI_SUB_PROTO_DOMAIN, SI_ORDER_ANY, ipcarp_sysinit, NULL);
2529 mtx_init(&carp_mtx, "carp_mtx", NULL, MTX_DEF);
2530 sx_init(&carp_sx, "carp_sx");
2531 LIST_INIT(&carp_list);
2532 carp_get_vhid_p = carp_get_vhid;
2533 carp_forus_p = carp_forus;
2534 carp_output_p = carp_output;
2535 carp_linkstate_p = carp_linkstate;
2536 carp_ioctl_p = carp_ioctl;
2537 carp_attach_p = carp_attach;
2538 carp_detach_p = carp_detach;
2539 carp_demote_adj_p = carp_demote_adj;
2540 carp_master_p = carp_master;
2542 carp_iamatch6_p = carp_iamatch6;
2543 carp_macmatch6_p = carp_macmatch6;
2544 err = ip6proto_register(IPPROTO_CARP, carp6_input, NULL);
2546 printf("carp: error %d registering with INET6\n", err);
2552 carp_iamatch_p = carp_iamatch;
2553 err = ipproto_register(IPPROTO_CARP, carp_input, NULL);
2555 printf("carp: error %d registering with INET\n", err);
2567 carp_modevent(module_t mod, int type, void *data)
2571 return carp_mod_load();
2574 mtx_lock(&carp_mtx);
2575 if (LIST_EMPTY(&carp_list))
2578 mtx_unlock(&carp_mtx);
2590 static moduledata_t carp_mod = {
2596 DECLARE_MODULE(carp, carp_mod, SI_SUB_PROTO_DOMAIN, SI_ORDER_ANY);
projects / FreeBSD / FreeBSD.git / blob