From 6ee222024200d765a4edfcb4b56cd92bb23695a6 Mon Sep 17 00:00:00 2001 From: asomers Date: Fri, 27 May 2016 22:40:40 +0000 Subject: [PATCH] Always create loopback routes on every fib Always create loopback routes on every fib, for both IPv4 and IPv6 etc/rc.d/routing Create loopback IPv4 and IPv6 routes on every fib at boot. Revert 278302; now that all FIBs have IPv6 loopback routes, the "route add -reject" commands won't fail. tests/etc/rc.d/routing_test.sh Greatly simplify static_ipv6_loopback_route_for_each_fib. It was written under the assumption that loopback routes would be added to a given fib by the kernel as soon as an interface is configured on that fib. However, the logic can be much simpler now that we simply add loopback routes to all fibs at boot. This also removes the need to run the test as root, removes the restriction that net.add_addr_allfibs=0, and removes the need to configure fibs in kyua.conf. Also, add a test case for IPv4 loopback routes Sponsored by: Spectra Logic Corp Differential Revision: https://reviews.freebsd.org/D6582 --- etc/rc.d/routing | 36 ++++++++--- tests/etc/rc.d/routing_test.sh | 113 +++++++-------------------------- 2 files changed, 50 insertions(+), 99 deletions(-) diff --git a/etc/rc.d/routing b/etc/rc.d/routing index 5924486c69c..3d3f5a5ff4f 100755 --- a/etc/rc.d/routing +++ b/etc/rc.d/routing @@ -126,12 +126,31 @@ routing_stop_atm() return 0 } +get_fibmod() +{ + local _fibs + + _fibs=$((`${SYSCTL_N} net.fibs` - 1)) + if [ ${_fibs} -gt 0 ]; then + echo "-fib 0-${_fibs}" + else + echo + fi +} + static_inet() { - local _action _if _skip + local _action _if _skip _fibmod _action=$1 _if=$2 + _fibmod=`get_fibmod` + + # Provide loopback route in all routing tables. This has to come + # first so that any following routes can be added. + static_routes="_loopback ${static_routes}" + route__loopback="-inet 127.0.0.1 -iface lo0 ${_fibmod}" + # Add default route. case ${defaultrouter} in [Nn][Oo] | '') @@ -166,27 +185,24 @@ static_inet() static_inet6() { - local _action _if _skip fibmod fibs allfibs + local _action _if _skip fibmod allfibs _action=$1 _if=$2 - # get the number of FIBs supported. - fibs=$((`${SYSCTL_N} net.fibs` - 1)) - allfibs=`${SYSCTL_N} net.add_addr_allfibs` - if [ "$fibs" -gt 0 ] && [ "$allfibs" -ne 0 ]; then - fibmod="-fib 0-$fibs" - else - fibmod= - fi + fibmod=`get_fibmod` # Add pre-defined static routes first. ipv6_static_routes="_v4mapped _v4compat ${ipv6_static_routes}" ipv6_static_routes="_lla _llma ${ipv6_static_routes}" + ipv6_static_routes="_loopback ${ipv6_static_routes}" # disallow "internal" addresses to appear on the wire ipv6_route__v4mapped="::ffff:0.0.0.0 -prefixlen 96 ::1 -reject ${fibmod}" ipv6_route__v4compat="::0.0.0.0 -prefixlen 96 ::1 -reject ${fibmod}" + # Create a loopback route in every fib + ipv6_route__loopback="::1 -prefixlen 128 -iface lo0 ${fibmod}" + # Disallow link-local unicast packets without outgoing scope # identifiers. However, if you set "ipv6_default_interface", # for the host case, you will allow to omit the identifiers. diff --git a/tests/etc/rc.d/routing_test.sh b/tests/etc/rc.d/routing_test.sh index 693af232ea3..4fd6754192b 100755 --- a/tests/etc/rc.d/routing_test.sh +++ b/tests/etc/rc.d/routing_test.sh @@ -31,108 +31,43 @@ # # $FreeBSD$ -atf_test_case static_ipv6_loopback_route_for_each_fib cleanup -static_ipv6_loopback_route_for_each_fib_head() +atf_test_case static_ipv4_loopback_route_for_each_fib cleanup +static_ipv4_loopback_route_for_each_fib_head() { - atf_set "descr" "Every FIB should have a static IPv6 loopback route" - atf_set "require.user" "root" - atf_set "require.config" "fibs" - atf_set "require.progs" "sysrc" + atf_set "descr" "Every FIB should have a static IPv4 loopback route" } -static_ipv6_loopback_route_for_each_fib_body() +static_ipv4_loopback_route_for_each_fib_body() { - # Configure the TAP interface to use an RFC5737 nonrouteable address - # and a non-default fib - ADDR="192.0.2.2" - SUBNET="192.0.2.0" - MASK="24" + local nfibs fib + nfibs=`sysctl -n net.fibs` - # Check system configuration - if [ 0 != `sysctl -n net.add_addr_allfibs` ]; then - atf_skip "This test requires net.add_addr_allfibs=0" - fi - - get_fibs 1 - get_tap - - # Configure a TAP interface in /etc/rc.conf. Register the sysrc - # variable for cleanup. - echo "ifconfig_${TAP}" >> "sysrc_vars_to_cleanup" - sysrc ifconfig_${TAP}="${ADDR}/${MASK} fib ${FIB0}" - - # Start the interface - service netif start ${TAP} - # Check for an IPv6 loopback route - setfib ${FIB0} netstat -rn -f inet6 | grep -q "^::1.*lo0$" - if [ 0 -eq $? ]; then - atf_pass - else - setfib ${FIB0} netstat -rn -f inet6 - atf_fail "Did not find an IPv6 loopback route" - fi -} -static_ipv6_loopback_route_for_each_fib_cleanup() -{ - cleanup_sysrc - cleanup_tap + # Check for an IPv4 loopback route + for fib in `seq 0 $((${nfibs} - 1))`; do + atf_check -o match:"interface: lo0" -s exit:0 \ + setfib -F ${fib} route -4 get 127.0.0.1 + done } -atf_init_test_cases() +atf_test_case static_ipv6_loopback_route_for_each_fib cleanup +static_ipv6_loopback_route_for_each_fib_head() { - atf_add_test_case static_ipv6_loopback_route_for_each_fib + atf_set "descr" "Every FIB should have a static IPv6 loopback route" } - -# Looks up one or more fibs from the configuration data and validates them. -# Returns the results in the env varilables FIB0, FIB1, etc. -# parameter numfibs The number of fibs to lookup -get_fibs() +static_ipv6_loopback_route_for_each_fib_body() { - NUMFIBS=$1 - net_fibs=`sysctl -n net.fibs` - i=0 - while [ $i -lt "$NUMFIBS" ]; do - fib=`atf_config_get "fibs" | \ - awk -v i=$(( i + 1 )) '{print $i}'` - echo "fib is ${fib}" - eval FIB${i}=${fib} - if [ "$fib" -ge "$net_fibs" ]; then - msg="The ${i}th configured fib is ${fub}, which is " - msg="$msg not less than net.fibs (${net_fibs})" - atf_skip "$msg" - fi - i=$(( $i + 1 )) - done -} - + local nfibs fib + nfibs=`sysctl -n net.fibs` -# Creates a new tap(4) interface, registers it for cleanup, and returns the -# name via the environment variable TAP -get_tap() -{ - local TAPN=0 - while ! ifconfig tap${TAPN} create > /dev/null 2>&1; do - if [ "$TAPN" -ge 8 ]; then - atf_skip "Could not create a tap(4) interface" - else - TAPN=$(($TAPN + 1)) - fi + # Check for an IPv6 loopback route + for fib in `seq 0 $((${nfibs} - 1))`; do + atf_check -o match:"interface: lo0" -s exit:0 \ + setfib -F ${fib} route -6 get ::1 done - local TAPD=tap${TAPN} - # Record the TAP device so we can clean it up later - echo ${TAPD} >> "tap_devices_to_cleanup" - TAP=${TAPD} } -cleanup_sysrc() +atf_init_test_cases() { - for var in `cat "sysrc_vars_to_cleanup"`; do - sysrc -x $var - done + atf_add_test_case static_ipv4_loopback_route_for_each_fib + atf_add_test_case static_ipv6_loopback_route_for_each_fib } -cleanup_tap() -{ - for TAPD in `cat "tap_devices_to_cleanup"`; do - ifconfig ${TAPD} destroy - done -} -- 2.45.0