2 * Copyright (c) 2002 Michael Shalayeff. All rights reserved.
3 * Copyright (c) 2003 Ryan McBride. All rights reserved.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17 * IN NO EVENT SHALL THE AUTHOR OR HIS RELATIVES BE LIABLE FOR ANY DIRECT,
18 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
19 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
20 * SERVICES; LOSS OF MIND, USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
22 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
23 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
24 * THE POSSIBILITY OF SUCH DAMAGE.
27 #include <sys/cdefs.h>
28 __FBSDID("$FreeBSD$");
32 #include "opt_inet6.h"
34 #include <sys/types.h>
35 #include <sys/param.h>
36 #include <sys/systm.h>
38 #include <sys/kernel.h>
39 #include <sys/limits.h>
40 #include <sys/malloc.h>
42 #include <sys/module.h>
46 #include <sys/protosw.h>
47 #include <sys/sysctl.h>
48 #include <sys/syslog.h>
49 #include <sys/signalvar.h>
50 #include <sys/filio.h>
51 #include <sys/sockio.h>
53 #include <sys/socket.h>
54 #include <sys/vnode.h>
56 #include <machine/stdarg.h>
59 #include <net/ethernet.h>
61 #include <net/iso88025.h>
63 #include <net/if_clone.h>
64 #include <net/if_dl.h>
65 #include <net/if_types.h>
66 #include <net/route.h>
70 #include <netinet/in.h>
71 #include <netinet/in_var.h>
72 #include <netinet/in_systm.h>
73 #include <netinet/ip.h>
74 #include <netinet/ip_var.h>
75 #include <netinet/if_ether.h>
76 #include <machine/in_cksum.h>
80 #include <netinet/icmp6.h>
81 #include <netinet/ip6.h>
82 #include <netinet6/ip6protosw.h>
83 #include <netinet6/ip6_var.h>
84 #include <netinet6/scope6_var.h>
85 #include <netinet6/nd6.h>
88 #include <crypto/sha1.h>
89 #include <netinet/ip_carp.h>
91 #define CARP_IFNAME "carp"
92 static MALLOC_DEFINE(M_CARP, "CARP", "CARP interfaces");
93 SYSCTL_DECL(_net_inet_carp);
96 struct ifnet *sc_ifp; /* Interface clue */
97 struct ifnet *sc_carpdev; /* Pointer to parent interface */
98 struct in_ifaddr *sc_ia; /* primary iface address */
99 struct ip_moptions sc_imo;
101 struct in6_ifaddr *sc_ia6; /* primary iface address v6 */
102 struct ip6_moptions sc_im6o;
104 TAILQ_ENTRY(carp_softc) sc_list;
106 enum { INIT = 0, BACKUP, MASTER } sc_state;
111 int sc_sendad_errors;
112 #define CARP_SENDAD_MAX_ERRORS 3
113 int sc_sendad_success;
114 #define CARP_SENDAD_MIN_SUCCESS 3
120 int sc_advbase; /* seconds */
122 u_int64_t sc_counter;
125 #define CARP_HMAC_PAD 64
126 unsigned char sc_key[CARP_KEY_LEN];
127 unsigned char sc_pad[CARP_HMAC_PAD];
130 struct callout sc_ad_tmo; /* advertisement timeout */
131 struct callout sc_md_tmo; /* master down timeout */
132 struct callout sc_md6_tmo; /* master down timeout */
134 LIST_ENTRY(carp_softc) sc_next; /* Interface clue */
136 #define SC2IFP(sc) ((sc)->sc_ifp)
138 int carp_suppress_preempt = 0;
139 int carp_opts[CARPCTL_MAXID] = { 0, 1, 0, 1, 0, 0 }; /* XXX for now */
140 SYSCTL_NODE(_net_inet, IPPROTO_CARP, carp, CTLFLAG_RW, 0, "CARP");
141 SYSCTL_INT(_net_inet_carp, CARPCTL_ALLOW, allow, CTLFLAG_RW,
142 &carp_opts[CARPCTL_ALLOW], 0, "Accept incoming CARP packets");
143 SYSCTL_INT(_net_inet_carp, CARPCTL_PREEMPT, preempt, CTLFLAG_RW,
144 &carp_opts[CARPCTL_PREEMPT], 0, "high-priority backup preemption mode");
145 SYSCTL_INT(_net_inet_carp, CARPCTL_LOG, log, CTLFLAG_RW,
146 &carp_opts[CARPCTL_LOG], 0, "log bad carp packets");
147 SYSCTL_INT(_net_inet_carp, CARPCTL_ARPBALANCE, arpbalance, CTLFLAG_RW,
148 &carp_opts[CARPCTL_ARPBALANCE], 0, "balance arp responses");
149 SYSCTL_INT(_net_inet_carp, OID_AUTO, suppress_preempt, CTLFLAG_RD,
150 &carp_suppress_preempt, 0, "Preemption is suppressed");
152 struct carpstats carpstats;
153 SYSCTL_STRUCT(_net_inet_carp, CARPCTL_STATS, stats, CTLFLAG_RW,
154 &carpstats, carpstats,
155 "CARP statistics (struct carpstats, netinet/ip_carp.h)");
158 TAILQ_HEAD(, carp_softc) vhif_vrs;
161 struct ifnet *vhif_ifp;
167 static int proto_reg[] = {-1, -1};
169 /* Get carp_if from softc. Valid after carp_set_addr{,6}. */
170 #define SC2CIF(sc) ((struct carp_if *)(sc)->sc_carpdev->if_carp)
172 /* lock per carp_if queue */
173 #define CARP_LOCK_INIT(cif) mtx_init(&(cif)->vhif_mtx, "carp_if", \
175 #define CARP_LOCK_DESTROY(cif) mtx_destroy(&(cif)->vhif_mtx)
176 #define CARP_LOCK_ASSERT(cif) mtx_assert(&(cif)->vhif_mtx, MA_OWNED)
177 #define CARP_LOCK(cif) mtx_lock(&(cif)->vhif_mtx)
178 #define CARP_UNLOCK(cif) mtx_unlock(&(cif)->vhif_mtx)
180 #define CARP_SCLOCK(sc) mtx_lock(&SC2CIF(sc)->vhif_mtx)
181 #define CARP_SCUNLOCK(sc) mtx_unlock(&SC2CIF(sc)->vhif_mtx)
182 #define CARP_SCLOCK_ASSERT(sc) mtx_assert(&SC2CIF(sc)->vhif_mtx, MA_OWNED)
184 #define CARP_LOG(...) do { \
185 if (carp_opts[CARPCTL_LOG] > 0) \
186 log(LOG_INFO, __VA_ARGS__); \
189 #define CARP_DEBUG(...) do { \
190 if (carp_opts[CARPCTL_LOG] > 1) \
191 log(LOG_DEBUG, __VA_ARGS__); \
194 static void carp_hmac_prepare(struct carp_softc *);
195 static void carp_hmac_generate(struct carp_softc *, u_int32_t *,
197 static int carp_hmac_verify(struct carp_softc *, u_int32_t *,
199 static void carp_setroute(struct carp_softc *, int);
200 static void carp_input_c(struct mbuf *, struct carp_header *, sa_family_t);
201 static int carp_clone_create(struct if_clone *, int, caddr_t);
202 static void carp_clone_destroy(struct ifnet *);
203 static void carpdetach(struct carp_softc *, int);
204 static int carp_prepare_ad(struct mbuf *, struct carp_softc *,
205 struct carp_header *);
206 static void carp_send_ad_all(void);
207 static void carp_send_ad(void *);
208 static void carp_send_ad_locked(struct carp_softc *);
209 static void carp_send_arp(struct carp_softc *);
210 static void carp_master_down(void *);
211 static void carp_master_down_locked(struct carp_softc *);
212 static int carp_ioctl(struct ifnet *, u_long, caddr_t);
213 static int carp_looutput(struct ifnet *, struct mbuf *, struct sockaddr *,
215 static void carp_start(struct ifnet *);
216 static void carp_setrun(struct carp_softc *, sa_family_t);
217 static void carp_set_state(struct carp_softc *, int);
218 static int carp_addrcount(struct carp_if *, struct in_ifaddr *, int);
219 enum { CARP_COUNT_MASTER, CARP_COUNT_RUNNING };
221 static void carp_multicast_cleanup(struct carp_softc *);
222 static int carp_set_addr(struct carp_softc *, struct sockaddr_in *);
223 static int carp_del_addr(struct carp_softc *, struct sockaddr_in *);
224 static void carp_carpdev_state_locked(struct carp_if *);
225 static void carp_sc_state_locked(struct carp_softc *);
227 static void carp_send_na(struct carp_softc *);
228 static int carp_set_addr6(struct carp_softc *, struct sockaddr_in6 *);
229 static int carp_del_addr6(struct carp_softc *, struct sockaddr_in6 *);
230 static void carp_multicast6_cleanup(struct carp_softc *);
233 static LIST_HEAD(, carp_softc) carpif_list;
234 static struct mtx carp_mtx;
235 IFC_SIMPLE_DECLARE(carp, 0);
237 static eventhandler_tag if_detach_event_tag;
239 static __inline u_int16_t
240 carp_cksum(struct mbuf *m, int len)
242 return (in_cksum(m, len));
246 carp_hmac_prepare(struct carp_softc *sc)
248 u_int8_t version = CARP_VERSION, type = CARP_ADVERTISEMENT;
249 u_int8_t vhid = sc->sc_vhid & 0xff;
253 struct in_addr last, cur, in;
256 struct in6_addr last6, cur6, in6;
262 /* XXX: possible race here */
264 /* compute ipad from key */
265 bzero(sc->sc_pad, sizeof(sc->sc_pad));
266 bcopy(sc->sc_key, sc->sc_pad, sizeof(sc->sc_key));
267 for (i = 0; i < sizeof(sc->sc_pad); i++)
268 sc->sc_pad[i] ^= 0x36;
270 /* precompute first part of inner hash */
271 SHA1Init(&sc->sc_sha1);
272 SHA1Update(&sc->sc_sha1, sc->sc_pad, sizeof(sc->sc_pad));
273 SHA1Update(&sc->sc_sha1, (void *)&version, sizeof(version));
274 SHA1Update(&sc->sc_sha1, (void *)&type, sizeof(type));
275 SHA1Update(&sc->sc_sha1, (void *)&vhid, sizeof(vhid));
281 cur.s_addr = 0xffffffff;
282 IF_ADDR_LOCK(SC2IFP(sc));
283 TAILQ_FOREACH(ifa, &SC2IFP(sc)->if_addrlist, ifa_list) {
284 in.s_addr = ifatoia(ifa)->ia_addr.sin_addr.s_addr;
285 if (ifa->ifa_addr->sa_family == AF_INET &&
286 ntohl(in.s_addr) > ntohl(last.s_addr) &&
287 ntohl(in.s_addr) < ntohl(cur.s_addr)) {
288 cur.s_addr = in.s_addr;
292 IF_ADDR_UNLOCK(SC2IFP(sc));
294 SHA1Update(&sc->sc_sha1, (void *)&cur, sizeof(cur));
298 memset(&cur6, 0, sizeof(cur6));
302 memset(&cur6, 0xff, sizeof(cur6));
303 IF_ADDR_LOCK(SC2IFP(sc));
304 TAILQ_FOREACH(ifa, &SC2IFP(sc)->if_addrlist, ifa_list) {
305 in6 = ifatoia6(ifa)->ia_addr.sin6_addr;
306 if (IN6_IS_SCOPE_EMBED(&in6))
307 in6.s6_addr16[1] = 0;
308 if (ifa->ifa_addr->sa_family == AF_INET6 &&
309 memcmp(&in6, &last6, sizeof(in6)) > 0 &&
310 memcmp(&in6, &cur6, sizeof(in6)) < 0) {
315 IF_ADDR_UNLOCK(SC2IFP(sc));
317 SHA1Update(&sc->sc_sha1, (void *)&cur6, sizeof(cur6));
321 /* convert ipad to opad */
322 for (i = 0; i < sizeof(sc->sc_pad); i++)
323 sc->sc_pad[i] ^= 0x36 ^ 0x5c;
330 carp_hmac_generate(struct carp_softc *sc, u_int32_t counter[2],
331 unsigned char md[20])
335 /* fetch first half of inner hash */
336 bcopy(&sc->sc_sha1, &sha1ctx, sizeof(sha1ctx));
338 SHA1Update(&sha1ctx, (void *)counter, sizeof(sc->sc_counter));
339 SHA1Final(md, &sha1ctx);
343 SHA1Update(&sha1ctx, sc->sc_pad, sizeof(sc->sc_pad));
344 SHA1Update(&sha1ctx, md, 20);
345 SHA1Final(md, &sha1ctx);
349 carp_hmac_verify(struct carp_softc *sc, u_int32_t counter[2],
350 unsigned char md[20])
352 unsigned char md2[20];
354 CARP_SCLOCK_ASSERT(sc);
356 carp_hmac_generate(sc, counter, md2);
358 return (bcmp(md, md2, sizeof(md2)));
362 carp_setroute(struct carp_softc *sc, int cmd)
368 CARP_SCLOCK_ASSERT(sc);
371 TAILQ_FOREACH(ifa, &SC2IFP(sc)->if_addrlist, ifa_list) {
372 if (ifa->ifa_addr->sa_family == AF_INET &&
373 sc->sc_carpdev != NULL) {
374 int count = carp_addrcount(
375 (struct carp_if *)sc->sc_carpdev->if_carp,
376 ifatoia(ifa), CARP_COUNT_MASTER);
378 if ((cmd == RTM_ADD && count == 1) ||
379 (cmd == RTM_DELETE && count == 0))
380 rtinit(ifa, cmd, RTF_UP | RTF_HOST);
387 carp_clone_create(struct if_clone *ifc, int unit, caddr_t params)
390 struct carp_softc *sc;
393 sc = malloc(sizeof(*sc), M_CARP, M_WAITOK|M_ZERO);
394 ifp = SC2IFP(sc) = if_alloc(IFT_ETHER);
400 sc->sc_flags_backup = 0;
402 sc->sc_advbase = CARP_DFLTINTV;
403 sc->sc_vhid = -1; /* required setting */
405 sc->sc_init_counter = 1;
406 sc->sc_naddrs = sc->sc_naddrs6 = 0; /* M_ZERO? */
407 sc->sc_imo.imo_membership = (struct in_multi **)malloc(
408 (sizeof(struct in_multi *) * IP_MIN_MEMBERSHIPS), M_CARP,
410 sc->sc_imo.imo_mfilters = NULL;
411 sc->sc_imo.imo_max_memberships = IP_MIN_MEMBERSHIPS;
412 sc->sc_imo.imo_multicast_vif = -1;
414 sc->sc_im6o.im6o_membership = (struct in6_multi **)malloc(
415 (sizeof(struct in6_multi *) * IPV6_MIN_MEMBERSHIPS), M_CARP,
417 sc->sc_im6o.im6o_mfilters = NULL;
418 sc->sc_im6o.im6o_max_memberships = IPV6_MIN_MEMBERSHIPS;
419 sc->sc_im6o.im6o_multicast_hlim = CARP_DFLTTL;
422 callout_init(&sc->sc_ad_tmo, CALLOUT_MPSAFE);
423 callout_init(&sc->sc_md_tmo, CALLOUT_MPSAFE);
424 callout_init(&sc->sc_md6_tmo, CALLOUT_MPSAFE);
427 if_initname(ifp, CARP_IFNAME, unit);
428 ifp->if_mtu = ETHERMTU;
429 ifp->if_flags = IFF_LOOPBACK;
430 ifp->if_ioctl = carp_ioctl;
431 ifp->if_output = carp_looutput;
432 ifp->if_start = carp_start;
433 ifp->if_type = IFT_CARP;
434 ifp->if_snd.ifq_maxlen = ifqmaxlen;
437 bpfattach(SC2IFP(sc), DLT_NULL, sizeof(u_int32_t));
439 LIST_INSERT_HEAD(&carpif_list, sc, sc_next);
440 mtx_unlock(&carp_mtx);
445 carp_clone_destroy(struct ifnet *ifp)
447 struct carp_softc *sc = ifp->if_softc;
451 carpdetach(sc, 1); /* Returns unlocked. */
454 LIST_REMOVE(sc, sc_next);
455 mtx_unlock(&carp_mtx);
458 if_free_type(ifp, IFT_ETHER);
459 free(sc->sc_imo.imo_membership, M_CARP);
461 free(sc->sc_im6o.im6o_membership, M_CARP);
467 * This function can be called on CARP interface destroy path,
468 * and in case of the removal of the underlying interface as
469 * well. We differentiate these two cases. In the latter case
470 * we do not cleanup our multicast memberships, since they
471 * are already freed. Also, in the latter case we do not
472 * release the lock on return, because the function will be
473 * called once more, for another CARP instance on the same
477 carpdetach(struct carp_softc *sc, int unlock)
481 callout_stop(&sc->sc_ad_tmo);
482 callout_stop(&sc->sc_md_tmo);
483 callout_stop(&sc->sc_md6_tmo);
486 carp_suppress_preempt--;
489 if (sc->sc_sendad_errors >= CARP_SENDAD_MAX_ERRORS)
490 carp_suppress_preempt--;
491 sc->sc_sendad_errors = 0;
493 carp_set_state(sc, INIT);
494 SC2IFP(sc)->if_flags &= ~IFF_UP;
497 carp_multicast_cleanup(sc);
499 carp_multicast6_cleanup(sc);
502 if (sc->sc_carpdev != NULL) {
503 cif = (struct carp_if *)sc->sc_carpdev->if_carp;
504 CARP_LOCK_ASSERT(cif);
505 TAILQ_REMOVE(&cif->vhif_vrs, sc, sc_list);
506 if (!--cif->vhif_nvrs) {
507 ifpromisc(sc->sc_carpdev, 0);
508 sc->sc_carpdev->if_carp = NULL;
509 CARP_LOCK_DESTROY(cif);
513 sc->sc_carpdev = NULL;
517 /* Detach an interface from the carp. */
519 carp_ifdetach(void *arg __unused, struct ifnet *ifp)
521 struct carp_if *cif = (struct carp_if *)ifp->if_carp;
522 struct carp_softc *sc, *nextsc;
528 * XXX: At the end of for() cycle the lock will be destroyed.
531 for (sc = TAILQ_FIRST(&cif->vhif_vrs); sc; sc = nextsc) {
532 nextsc = TAILQ_NEXT(sc, sc_list);
538 * process input packet.
539 * we have rearranged checks order compared to the rfc,
540 * but it seems more efficient this way or not possible otherwise.
543 carp_input(struct mbuf *m, int hlen)
545 struct ip *ip = mtod(m, struct ip *);
546 struct carp_header *ch;
549 CARPSTATS_INC(carps_ipackets);
551 if (!carp_opts[CARPCTL_ALLOW]) {
556 /* check if received on a valid carp interface */
557 if (m->m_pkthdr.rcvif->if_carp == NULL) {
558 CARPSTATS_INC(carps_badif);
559 CARP_DEBUG("carp_input: packet received on non-carp "
561 m->m_pkthdr.rcvif->if_xname);
566 /* verify that the IP TTL is 255. */
567 if (ip->ip_ttl != CARP_DFLTTL) {
568 CARPSTATS_INC(carps_badttl);
569 CARP_DEBUG("carp_input: received ttl %d != 255 on %s\n",
571 m->m_pkthdr.rcvif->if_xname);
576 iplen = ip->ip_hl << 2;
578 if (m->m_pkthdr.len < iplen + sizeof(*ch)) {
579 CARPSTATS_INC(carps_badlen);
580 CARP_DEBUG("carp_input: received len %zd < "
581 "sizeof(struct carp_header) on %s\n",
582 m->m_len - sizeof(struct ip),
583 m->m_pkthdr.rcvif->if_xname);
588 if (iplen + sizeof(*ch) < m->m_len) {
589 if ((m = m_pullup(m, iplen + sizeof(*ch))) == NULL) {
590 CARPSTATS_INC(carps_hdrops);
591 CARP_DEBUG("carp_input: pullup failed\n");
594 ip = mtod(m, struct ip *);
596 ch = (struct carp_header *)((char *)ip + iplen);
599 * verify that the received packet length is
600 * equal to the CARP header
602 len = iplen + sizeof(*ch);
603 if (len > m->m_pkthdr.len) {
604 CARPSTATS_INC(carps_badlen);
605 CARP_DEBUG("carp_input: packet too short %d on %s\n",
607 m->m_pkthdr.rcvif->if_xname);
612 if ((m = m_pullup(m, len)) == NULL) {
613 CARPSTATS_INC(carps_hdrops);
616 ip = mtod(m, struct ip *);
617 ch = (struct carp_header *)((char *)ip + iplen);
619 /* verify the CARP checksum */
621 if (carp_cksum(m, len - iplen)) {
622 CARPSTATS_INC(carps_badsum);
623 CARP_DEBUG("carp_input: checksum failed on %s\n",
624 m->m_pkthdr.rcvif->if_xname);
630 carp_input_c(m, ch, AF_INET);
635 carp6_input(struct mbuf **mp, int *offp, int proto)
637 struct mbuf *m = *mp;
638 struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *);
639 struct carp_header *ch;
642 CARPSTATS_INC(carps_ipackets6);
644 if (!carp_opts[CARPCTL_ALLOW]) {
646 return (IPPROTO_DONE);
649 /* check if received on a valid carp interface */
650 if (m->m_pkthdr.rcvif->if_carp == NULL) {
651 CARPSTATS_INC(carps_badif);
652 CARP_DEBUG("carp6_input: packet received on non-carp "
654 m->m_pkthdr.rcvif->if_xname);
656 return (IPPROTO_DONE);
659 /* verify that the IP TTL is 255 */
660 if (ip6->ip6_hlim != CARP_DFLTTL) {
661 CARPSTATS_INC(carps_badttl);
662 CARP_DEBUG("carp6_input: received ttl %d != 255 on %s\n",
664 m->m_pkthdr.rcvif->if_xname);
666 return (IPPROTO_DONE);
669 /* verify that we have a complete carp packet */
671 IP6_EXTHDR_GET(ch, struct carp_header *, m, *offp, sizeof(*ch));
673 CARPSTATS_INC(carps_badlen);
674 CARP_DEBUG("carp6_input: packet size %u too small\n", len);
675 return (IPPROTO_DONE);
679 /* verify the CARP checksum */
681 if (carp_cksum(m, sizeof(*ch))) {
682 CARPSTATS_INC(carps_badsum);
683 CARP_DEBUG("carp6_input: checksum failed, on %s\n",
684 m->m_pkthdr.rcvif->if_xname);
686 return (IPPROTO_DONE);
690 carp_input_c(m, ch, AF_INET6);
691 return (IPPROTO_DONE);
696 carp_input_c(struct mbuf *m, struct carp_header *ch, sa_family_t af)
698 struct ifnet *ifp = m->m_pkthdr.rcvif;
699 struct carp_softc *sc;
700 u_int64_t tmp_counter;
701 struct timeval sc_tv, ch_tv;
703 /* verify that the VHID is valid on the receiving interface */
704 CARP_LOCK(ifp->if_carp);
705 TAILQ_FOREACH(sc, &((struct carp_if *)ifp->if_carp)->vhif_vrs, sc_list)
706 if (sc->sc_vhid == ch->carp_vhid)
709 if (!sc || !((SC2IFP(sc)->if_flags & IFF_UP) &&
710 (SC2IFP(sc)->if_drv_flags & IFF_DRV_RUNNING))) {
711 CARPSTATS_INC(carps_badvhid);
712 CARP_UNLOCK(ifp->if_carp);
717 getmicrotime(&SC2IFP(sc)->if_lastchange);
718 SC2IFP(sc)->if_ipackets++;
719 SC2IFP(sc)->if_ibytes += m->m_pkthdr.len;
721 if (bpf_peers_present(SC2IFP(sc)->if_bpf)) {
722 struct ip *ip = mtod(m, struct ip *);
725 /* BPF wants net byte order */
726 ip->ip_len = htons(ip->ip_len + (ip->ip_hl << 2));
727 ip->ip_off = htons(ip->ip_off);
728 bpf_mtap2(SC2IFP(sc)->if_bpf, &af1, sizeof(af1), m);
731 /* verify the CARP version. */
732 if (ch->carp_version != CARP_VERSION) {
733 CARPSTATS_INC(carps_badver);
734 SC2IFP(sc)->if_ierrors++;
735 CARP_UNLOCK(ifp->if_carp);
736 CARP_DEBUG("%s; invalid version %d\n",
737 SC2IFP(sc)->if_xname,
743 /* verify the hash */
744 if (carp_hmac_verify(sc, ch->carp_counter, ch->carp_md)) {
745 CARPSTATS_INC(carps_badauth);
746 SC2IFP(sc)->if_ierrors++;
747 CARP_UNLOCK(ifp->if_carp);
748 CARP_DEBUG("%s: incorrect hash\n", SC2IFP(sc)->if_xname);
753 tmp_counter = ntohl(ch->carp_counter[0]);
754 tmp_counter = tmp_counter<<32;
755 tmp_counter += ntohl(ch->carp_counter[1]);
757 /* XXX Replay protection goes here */
759 sc->sc_init_counter = 0;
760 sc->sc_counter = tmp_counter;
762 sc_tv.tv_sec = sc->sc_advbase;
763 if (carp_suppress_preempt && sc->sc_advskew < 240)
764 sc_tv.tv_usec = 240 * 1000000 / 256;
766 sc_tv.tv_usec = sc->sc_advskew * 1000000 / 256;
767 ch_tv.tv_sec = ch->carp_advbase;
768 ch_tv.tv_usec = ch->carp_advskew * 1000000 / 256;
770 switch (sc->sc_state) {
775 * If we receive an advertisement from a master who's going to
776 * be more frequent than us, go into BACKUP state.
778 if (timevalcmp(&sc_tv, &ch_tv, >) ||
779 timevalcmp(&sc_tv, &ch_tv, ==)) {
780 callout_stop(&sc->sc_ad_tmo);
781 CARP_LOG("%s: MASTER -> BACKUP "
782 "(more frequent advertisement received)\n",
783 SC2IFP(sc)->if_xname);
784 carp_set_state(sc, BACKUP);
786 carp_setroute(sc, RTM_DELETE);
791 * If we're pre-empting masters who advertise slower than us,
792 * and this one claims to be slower, treat him as down.
794 if (carp_opts[CARPCTL_PREEMPT] &&
795 timevalcmp(&sc_tv, &ch_tv, <)) {
796 CARP_LOG("%s: BACKUP -> MASTER "
797 "(preempting a slower master)\n",
798 SC2IFP(sc)->if_xname);
799 carp_master_down_locked(sc);
804 * If the master is going to advertise at such a low frequency
805 * that he's guaranteed to time out, we'd might as well just
806 * treat him as timed out now.
808 sc_tv.tv_sec = sc->sc_advbase * 3;
809 if (timevalcmp(&sc_tv, &ch_tv, <)) {
810 CARP_LOG("%s: BACKUP -> MASTER "
811 "(master timed out)\n",
812 SC2IFP(sc)->if_xname);
813 carp_master_down_locked(sc);
818 * Otherwise, we reset the counter and wait for the next
825 CARP_UNLOCK(ifp->if_carp);
832 carp_prepare_ad(struct mbuf *m, struct carp_softc *sc, struct carp_header *ch)
835 struct ifnet *ifp = SC2IFP(sc);
837 if (sc->sc_init_counter) {
838 /* this could also be seconds since unix epoch */
839 sc->sc_counter = arc4random();
840 sc->sc_counter = sc->sc_counter << 32;
841 sc->sc_counter += arc4random();
845 ch->carp_counter[0] = htonl((sc->sc_counter>>32)&0xffffffff);
846 ch->carp_counter[1] = htonl(sc->sc_counter&0xffffffff);
848 carp_hmac_generate(sc, ch->carp_counter, ch->carp_md);
850 /* Tag packet for carp_output */
851 mtag = m_tag_get(PACKET_TAG_CARP, sizeof(struct ifnet *), M_NOWAIT);
854 SC2IFP(sc)->if_oerrors++;
857 bcopy(&ifp, (caddr_t)(mtag + 1), sizeof(struct ifnet *));
858 m_tag_prepend(m, mtag);
864 carp_send_ad_all(void)
866 struct carp_softc *sc;
869 LIST_FOREACH(sc, &carpif_list, sc_next) {
870 if (sc->sc_carpdev == NULL)
873 if ((SC2IFP(sc)->if_flags & IFF_UP) &&
874 (SC2IFP(sc)->if_drv_flags & IFF_DRV_RUNNING) &&
875 sc->sc_state == MASTER)
876 carp_send_ad_locked(sc);
879 mtx_unlock(&carp_mtx);
883 carp_send_ad(void *v)
885 struct carp_softc *sc = v;
888 carp_send_ad_locked(sc);
893 carp_send_ad_locked(struct carp_softc *sc)
895 struct carp_header ch;
897 struct carp_header *ch_ptr;
899 int len, advbase, advskew;
901 CARP_SCLOCK_ASSERT(sc);
903 /* bow out if we've lost our UPness or RUNNINGuiness */
904 if (!((SC2IFP(sc)->if_flags & IFF_UP) &&
905 (SC2IFP(sc)->if_drv_flags & IFF_DRV_RUNNING))) {
909 advbase = sc->sc_advbase;
910 if (!carp_suppress_preempt || sc->sc_advskew > 240)
911 advskew = sc->sc_advskew;
915 tv.tv_usec = advskew * 1000000 / 256;
918 ch.carp_version = CARP_VERSION;
919 ch.carp_type = CARP_ADVERTISEMENT;
920 ch.carp_vhid = sc->sc_vhid;
921 ch.carp_advbase = advbase;
922 ch.carp_advskew = advskew;
923 ch.carp_authlen = 7; /* XXX DEFINE */
924 ch.carp_pad1 = 0; /* must be zero */
931 MGETHDR(m, M_DONTWAIT, MT_HEADER);
933 SC2IFP(sc)->if_oerrors++;
934 CARPSTATS_INC(carps_onomem);
935 /* XXX maybe less ? */
936 if (advbase != 255 || advskew != 255)
937 callout_reset(&sc->sc_ad_tmo, tvtohz(&tv),
941 len = sizeof(*ip) + sizeof(ch);
942 m->m_pkthdr.len = len;
943 m->m_pkthdr.rcvif = NULL;
945 MH_ALIGN(m, m->m_len);
946 m->m_flags |= M_MCAST;
947 ip = mtod(m, struct ip *);
948 ip->ip_v = IPVERSION;
949 ip->ip_hl = sizeof(*ip) >> 2;
950 ip->ip_tos = IPTOS_LOWDELAY;
952 ip->ip_id = ip_newid();
954 ip->ip_ttl = CARP_DFLTTL;
955 ip->ip_p = IPPROTO_CARP;
957 ip->ip_src.s_addr = sc->sc_ia->ia_addr.sin_addr.s_addr;
958 ip->ip_dst.s_addr = htonl(INADDR_CARP_GROUP);
960 ch_ptr = (struct carp_header *)(&ip[1]);
961 bcopy(&ch, ch_ptr, sizeof(ch));
962 if (carp_prepare_ad(m, sc, ch_ptr))
965 m->m_data += sizeof(*ip);
966 ch_ptr->carp_cksum = carp_cksum(m, len - sizeof(*ip));
967 m->m_data -= sizeof(*ip);
969 getmicrotime(&SC2IFP(sc)->if_lastchange);
970 SC2IFP(sc)->if_opackets++;
971 SC2IFP(sc)->if_obytes += len;
972 CARPSTATS_INC(carps_opackets);
974 if (ip_output(m, NULL, NULL, IP_RAWOUTPUT, &sc->sc_imo, NULL)) {
975 SC2IFP(sc)->if_oerrors++;
976 if (sc->sc_sendad_errors < INT_MAX)
977 sc->sc_sendad_errors++;
978 if (sc->sc_sendad_errors == CARP_SENDAD_MAX_ERRORS) {
979 carp_suppress_preempt++;
980 if (carp_suppress_preempt == 1) {
986 sc->sc_sendad_success = 0;
988 if (sc->sc_sendad_errors >= CARP_SENDAD_MAX_ERRORS) {
989 if (++sc->sc_sendad_success >=
990 CARP_SENDAD_MIN_SUCCESS) {
991 carp_suppress_preempt--;
992 sc->sc_sendad_errors = 0;
995 sc->sc_sendad_errors = 0;
1001 struct ip6_hdr *ip6;
1003 MGETHDR(m, M_DONTWAIT, MT_HEADER);
1005 SC2IFP(sc)->if_oerrors++;
1006 CARPSTATS_INC(carps_onomem);
1007 /* XXX maybe less ? */
1008 if (advbase != 255 || advskew != 255)
1009 callout_reset(&sc->sc_ad_tmo, tvtohz(&tv),
1013 len = sizeof(*ip6) + sizeof(ch);
1014 m->m_pkthdr.len = len;
1015 m->m_pkthdr.rcvif = NULL;
1017 MH_ALIGN(m, m->m_len);
1018 m->m_flags |= M_MCAST;
1019 ip6 = mtod(m, struct ip6_hdr *);
1020 bzero(ip6, sizeof(*ip6));
1021 ip6->ip6_vfc |= IPV6_VERSION;
1022 ip6->ip6_hlim = CARP_DFLTTL;
1023 ip6->ip6_nxt = IPPROTO_CARP;
1024 bcopy(&sc->sc_ia6->ia_addr.sin6_addr, &ip6->ip6_src,
1025 sizeof(struct in6_addr));
1026 /* set the multicast destination */
1028 ip6->ip6_dst.s6_addr16[0] = htons(0xff02);
1029 ip6->ip6_dst.s6_addr8[15] = 0x12;
1030 if (in6_setscope(&ip6->ip6_dst, sc->sc_carpdev, NULL) != 0) {
1031 SC2IFP(sc)->if_oerrors++;
1033 CARP_DEBUG("%s: in6_setscope failed\n", __func__);
1037 ch_ptr = (struct carp_header *)(&ip6[1]);
1038 bcopy(&ch, ch_ptr, sizeof(ch));
1039 if (carp_prepare_ad(m, sc, ch_ptr))
1042 m->m_data += sizeof(*ip6);
1043 ch_ptr->carp_cksum = carp_cksum(m, len - sizeof(*ip6));
1044 m->m_data -= sizeof(*ip6);
1046 getmicrotime(&SC2IFP(sc)->if_lastchange);
1047 SC2IFP(sc)->if_opackets++;
1048 SC2IFP(sc)->if_obytes += len;
1049 CARPSTATS_INC(carps_opackets6);
1051 if (ip6_output(m, NULL, NULL, 0, &sc->sc_im6o, NULL, NULL)) {
1052 SC2IFP(sc)->if_oerrors++;
1053 if (sc->sc_sendad_errors < INT_MAX)
1054 sc->sc_sendad_errors++;
1055 if (sc->sc_sendad_errors == CARP_SENDAD_MAX_ERRORS) {
1056 carp_suppress_preempt++;
1057 if (carp_suppress_preempt == 1) {
1063 sc->sc_sendad_success = 0;
1065 if (sc->sc_sendad_errors >= CARP_SENDAD_MAX_ERRORS) {
1066 if (++sc->sc_sendad_success >=
1067 CARP_SENDAD_MIN_SUCCESS) {
1068 carp_suppress_preempt--;
1069 sc->sc_sendad_errors = 0;
1072 sc->sc_sendad_errors = 0;
1077 if (advbase != 255 || advskew != 255)
1078 callout_reset(&sc->sc_ad_tmo, tvtohz(&tv),
1084 * Broadcast a gratuitous ARP request containing
1085 * the virtual router MAC address for each IP address
1086 * associated with the virtual router.
1089 carp_send_arp(struct carp_softc *sc)
1093 TAILQ_FOREACH(ifa, &SC2IFP(sc)->if_addrlist, ifa_list) {
1095 if (ifa->ifa_addr->sa_family != AF_INET)
1098 /* arprequest(sc->sc_carpdev, &in, &in, IF_LLADDR(sc->sc_ifp)); */
1099 arp_ifinit2(sc->sc_carpdev, ifa, IF_LLADDR(sc->sc_ifp));
1101 DELAY(1000); /* XXX */
1107 carp_send_na(struct carp_softc *sc)
1110 struct in6_addr *in6;
1111 static struct in6_addr mcast = IN6ADDR_LINKLOCAL_ALLNODES_INIT;
1113 TAILQ_FOREACH(ifa, &SC2IFP(sc)->if_addrlist, ifa_list) {
1115 if (ifa->ifa_addr->sa_family != AF_INET6)
1118 in6 = &ifatoia6(ifa)->ia_addr.sin6_addr;
1119 nd6_na_output(sc->sc_carpdev, &mcast, in6,
1120 ND_NA_FLAG_OVERRIDE, 1, NULL);
1121 DELAY(1000); /* XXX */
1127 carp_addrcount(struct carp_if *cif, struct in_ifaddr *ia, int type)
1129 struct carp_softc *vh;
1133 CARP_LOCK_ASSERT(cif);
1135 TAILQ_FOREACH(vh, &cif->vhif_vrs, sc_list) {
1136 if ((type == CARP_COUNT_RUNNING &&
1137 (SC2IFP(vh)->if_flags & IFF_UP) &&
1138 (SC2IFP(vh)->if_drv_flags & IFF_DRV_RUNNING)) ||
1139 (type == CARP_COUNT_MASTER && vh->sc_state == MASTER)) {
1140 IF_ADDR_LOCK(SC2IFP(vh));
1141 TAILQ_FOREACH(ifa, &SC2IFP(vh)->if_addrlist,
1143 if (ifa->ifa_addr->sa_family == AF_INET &&
1144 ia->ia_addr.sin_addr.s_addr ==
1145 ifatoia(ifa)->ia_addr.sin_addr.s_addr)
1148 IF_ADDR_UNLOCK(SC2IFP(vh));
1155 carp_iamatch(struct ifnet *ifp, struct in_ifaddr *ia,
1156 struct in_addr *isaddr, u_int8_t **enaddr)
1158 struct carp_if *cif;
1159 struct carp_softc *vh;
1160 int index, count = 0;
1166 if (carp_opts[CARPCTL_ARPBALANCE]) {
1168 * XXX proof of concept implementation.
1169 * We use the source ip to decide which virtual host should
1170 * handle the request. If we're master of that virtual host,
1171 * then we respond, otherwise, just drop the arp packet on
1174 count = carp_addrcount(cif, ia, CARP_COUNT_RUNNING);
1176 /* should never reach this */
1181 /* this should be a hash, like pf_hash() */
1182 index = ntohl(isaddr->s_addr) % count;
1185 TAILQ_FOREACH(vh, &cif->vhif_vrs, sc_list) {
1186 if ((SC2IFP(vh)->if_flags & IFF_UP) &&
1187 (SC2IFP(vh)->if_drv_flags & IFF_DRV_RUNNING)) {
1188 IF_ADDR_LOCK(SC2IFP(vh));
1189 TAILQ_FOREACH(ifa, &SC2IFP(vh)->if_addrlist,
1191 if (ifa->ifa_addr->sa_family ==
1193 ia->ia_addr.sin_addr.s_addr ==
1194 ifatoia(ifa)->ia_addr.sin_addr.s_addr) {
1195 if (count == index) {
1198 *enaddr = IF_LLADDR(vh->sc_ifp);
1199 IF_ADDR_UNLOCK(SC2IFP(vh));
1203 IF_ADDR_UNLOCK(SC2IFP(vh));
1211 IF_ADDR_UNLOCK(SC2IFP(vh));
1215 TAILQ_FOREACH(vh, &cif->vhif_vrs, sc_list) {
1216 if ((SC2IFP(vh)->if_flags & IFF_UP) &&
1217 (SC2IFP(vh)->if_drv_flags & IFF_DRV_RUNNING) &&
1218 ia->ia_ifp == SC2IFP(vh) &&
1219 vh->sc_state == MASTER) {
1220 *enaddr = IF_LLADDR(vh->sc_ifp);
1232 carp_iamatch6(struct ifnet *ifp, struct in6_addr *taddr)
1234 struct carp_if *cif;
1235 struct carp_softc *vh;
1240 TAILQ_FOREACH(vh, &cif->vhif_vrs, sc_list) {
1241 IF_ADDR_LOCK(SC2IFP(vh));
1242 TAILQ_FOREACH(ifa, &SC2IFP(vh)->if_addrlist, ifa_list) {
1243 if (IN6_ARE_ADDR_EQUAL(taddr,
1244 &ifatoia6(ifa)->ia_addr.sin6_addr) &&
1245 (SC2IFP(vh)->if_flags & IFF_UP) &&
1246 (SC2IFP(vh)->if_drv_flags & IFF_DRV_RUNNING) &&
1247 vh->sc_state == MASTER) {
1249 IF_ADDR_UNLOCK(SC2IFP(vh));
1254 IF_ADDR_UNLOCK(SC2IFP(vh));
1262 carp_macmatch6(struct ifnet *ifp, struct mbuf *m, const struct in6_addr *taddr)
1265 struct carp_if *cif;
1266 struct carp_softc *sc;
1271 TAILQ_FOREACH(sc, &cif->vhif_vrs, sc_list) {
1272 IF_ADDR_LOCK(SC2IFP(sc));
1273 TAILQ_FOREACH(ifa, &SC2IFP(sc)->if_addrlist, ifa_list) {
1274 if (IN6_ARE_ADDR_EQUAL(taddr,
1275 &ifatoia6(ifa)->ia_addr.sin6_addr) &&
1276 (SC2IFP(sc)->if_flags & IFF_UP) &&
1277 (SC2IFP(sc)->if_drv_flags & IFF_DRV_RUNNING)) {
1278 struct ifnet *ifp = SC2IFP(sc);
1279 mtag = m_tag_get(PACKET_TAG_CARP,
1280 sizeof(struct ifnet *), M_NOWAIT);
1282 /* better a bit than nothing */
1283 IF_ADDR_UNLOCK(SC2IFP(sc));
1285 return (IF_LLADDR(sc->sc_ifp));
1287 bcopy(&ifp, (caddr_t)(mtag + 1),
1288 sizeof(struct ifnet *));
1289 m_tag_prepend(m, mtag);
1291 IF_ADDR_UNLOCK(SC2IFP(sc));
1293 return (IF_LLADDR(sc->sc_ifp));
1296 IF_ADDR_UNLOCK(SC2IFP(sc));
1305 carp_forus(struct ifnet *ifp, u_char *dhost)
1307 struct carp_if *cif;
1308 struct carp_softc *vh;
1309 u_int8_t *ena = dhost;
1311 if (ena[0] || ena[1] || ena[2] != 0x5e || ena[3] || ena[4] != 1)
1316 TAILQ_FOREACH(vh, &cif->vhif_vrs, sc_list)
1317 if ((SC2IFP(vh)->if_flags & IFF_UP) &&
1318 (SC2IFP(vh)->if_drv_flags & IFF_DRV_RUNNING) &&
1319 vh->sc_state == MASTER &&
1320 !bcmp(dhost, IF_LLADDR(vh->sc_ifp), ETHER_ADDR_LEN)) {
1322 return (SC2IFP(vh));
1330 carp_master_down(void *v)
1332 struct carp_softc *sc = v;
1335 carp_master_down_locked(sc);
1340 carp_master_down_locked(struct carp_softc *sc)
1343 CARP_SCLOCK_ASSERT(sc);
1345 switch (sc->sc_state) {
1347 printf("%s: master_down event in INIT state\n",
1348 SC2IFP(sc)->if_xname);
1353 carp_set_state(sc, MASTER);
1354 carp_send_ad_locked(sc);
1360 carp_setroute(sc, RTM_ADD);
1366 * When in backup state, af indicates whether to reset the master down timer
1367 * for v4 or v6. If it's set to zero, reset the ones which are already pending.
1370 carp_setrun(struct carp_softc *sc, sa_family_t af)
1374 if (sc->sc_carpdev == NULL) {
1375 SC2IFP(sc)->if_drv_flags &= ~IFF_DRV_RUNNING;
1376 carp_set_state(sc, INIT);
1379 CARP_SCLOCK_ASSERT(sc);
1381 if (SC2IFP(sc)->if_flags & IFF_UP &&
1382 sc->sc_vhid > 0 && (sc->sc_naddrs || sc->sc_naddrs6) &&
1383 sc->sc_carpdev->if_link_state == LINK_STATE_UP)
1384 SC2IFP(sc)->if_drv_flags |= IFF_DRV_RUNNING;
1386 SC2IFP(sc)->if_drv_flags &= ~IFF_DRV_RUNNING;
1387 carp_setroute(sc, RTM_DELETE);
1391 switch (sc->sc_state) {
1393 if (carp_opts[CARPCTL_PREEMPT] && !carp_suppress_preempt) {
1394 carp_send_ad_locked(sc);
1399 CARP_LOG("%s: INIT -> MASTER (preempting)\n",
1400 SC2IFP(sc)->if_xname);
1401 carp_set_state(sc, MASTER);
1402 carp_setroute(sc, RTM_ADD);
1404 CARP_LOG("%s: INIT -> BACKUP\n", SC2IFP(sc)->if_xname);
1405 carp_set_state(sc, BACKUP);
1406 carp_setroute(sc, RTM_DELETE);
1411 callout_stop(&sc->sc_ad_tmo);
1412 tv.tv_sec = 3 * sc->sc_advbase;
1413 tv.tv_usec = sc->sc_advskew * 1000000 / 256;
1417 callout_reset(&sc->sc_md_tmo, tvtohz(&tv),
1418 carp_master_down, sc);
1423 callout_reset(&sc->sc_md6_tmo, tvtohz(&tv),
1424 carp_master_down, sc);
1429 callout_reset(&sc->sc_md_tmo, tvtohz(&tv),
1430 carp_master_down, sc);
1432 callout_reset(&sc->sc_md6_tmo, tvtohz(&tv),
1433 carp_master_down, sc);
1438 tv.tv_sec = sc->sc_advbase;
1439 tv.tv_usec = sc->sc_advskew * 1000000 / 256;
1440 callout_reset(&sc->sc_ad_tmo, tvtohz(&tv),
1447 carp_multicast_cleanup(struct carp_softc *sc)
1449 struct ip_moptions *imo = &sc->sc_imo;
1450 u_int16_t n = imo->imo_num_memberships;
1452 /* Clean up our own multicast memberships */
1454 if (imo->imo_membership[n] != NULL) {
1455 in_delmulti(imo->imo_membership[n]);
1456 imo->imo_membership[n] = NULL;
1459 KASSERT(imo->imo_mfilters == NULL,
1460 ("%s: imo_mfilters != NULL", __func__));
1461 imo->imo_num_memberships = 0;
1462 imo->imo_multicast_ifp = NULL;
1467 carp_multicast6_cleanup(struct carp_softc *sc)
1469 struct ip6_moptions *im6o = &sc->sc_im6o;
1470 u_int16_t n = im6o->im6o_num_memberships;
1473 if (im6o->im6o_membership[n] != NULL) {
1474 in6_mc_leave(im6o->im6o_membership[n], NULL);
1475 im6o->im6o_membership[n] = NULL;
1478 KASSERT(im6o->im6o_mfilters == NULL,
1479 ("%s: im6o_mfilters != NULL", __func__));
1480 im6o->im6o_num_memberships = 0;
1481 im6o->im6o_multicast_ifp = NULL;
1486 carp_set_addr(struct carp_softc *sc, struct sockaddr_in *sin)
1489 struct carp_if *cif;
1490 struct in_ifaddr *ia, *ia_if;
1491 struct ip_moptions *imo = &sc->sc_imo;
1492 struct in_addr addr;
1493 u_long iaddr = htonl(sin->sin_addr.s_addr);
1496 if (sin->sin_addr.s_addr == 0) {
1497 if (!(SC2IFP(sc)->if_flags & IFF_UP))
1498 carp_set_state(sc, INIT);
1500 SC2IFP(sc)->if_flags |= IFF_UP;
1509 /* we have to do it by hands to check we won't match on us */
1510 ia_if = NULL; own = 0;
1512 TAILQ_FOREACH(ia, &V_in_ifaddrhead, ia_link) {
1513 /* and, yeah, we need a multicast-capable iface too */
1514 if (ia->ia_ifp != SC2IFP(sc) &&
1515 (ia->ia_ifp->if_flags & IFF_MULTICAST) &&
1516 (iaddr & ia->ia_subnetmask) == ia->ia_subnet) {
1519 if (sin->sin_addr.s_addr ==
1520 ia->ia_addr.sin_addr.s_addr)
1526 IN_IFADDR_RUNLOCK();
1527 return (EADDRNOTAVAIL);
1531 ifa_ref(&ia->ia_ifa);
1532 IN_IFADDR_RUNLOCK();
1536 if (ifp == NULL || (ifp->if_flags & IFF_MULTICAST) == 0 ||
1537 (imo->imo_multicast_ifp && imo->imo_multicast_ifp != ifp)) {
1538 ifa_free(&ia->ia_ifa);
1539 return (EADDRNOTAVAIL);
1542 if (imo->imo_num_memberships == 0) {
1543 addr.s_addr = htonl(INADDR_CARP_GROUP);
1544 if ((imo->imo_membership[0] = in_addmulti(&addr, ifp)) ==
1546 ifa_free(&ia->ia_ifa);
1549 imo->imo_num_memberships++;
1550 imo->imo_multicast_ifp = ifp;
1551 imo->imo_multicast_ttl = CARP_DFLTTL;
1552 imo->imo_multicast_loop = 0;
1555 if (!ifp->if_carp) {
1557 cif = malloc(sizeof(*cif), M_CARP,
1563 if ((error = ifpromisc(ifp, 1))) {
1568 CARP_LOCK_INIT(cif);
1570 cif->vhif_ifp = ifp;
1571 TAILQ_INIT(&cif->vhif_vrs);
1575 struct carp_softc *vr;
1577 cif = (struct carp_if *)ifp->if_carp;
1579 TAILQ_FOREACH(vr, &cif->vhif_vrs, sc_list)
1580 if (vr != sc && vr->sc_vhid == sc->sc_vhid) {
1587 sc->sc_carpdev = ifp;
1589 { /* XXX prevent endless loop if already in queue */
1590 struct carp_softc *vr, *after = NULL;
1592 cif = (struct carp_if *)ifp->if_carp;
1594 /* XXX: cif should not change, right? So we still hold the lock */
1595 CARP_LOCK_ASSERT(cif);
1597 TAILQ_FOREACH(vr, &cif->vhif_vrs, sc_list) {
1600 if (vr->sc_vhid < sc->sc_vhid)
1605 /* We're trying to keep things in order */
1606 if (after == NULL) {
1607 TAILQ_INSERT_TAIL(&cif->vhif_vrs, sc, sc_list);
1609 TAILQ_INSERT_AFTER(&cif->vhif_vrs, after, sc, sc_list);
1616 SC2IFP(sc)->if_flags |= IFF_UP;
1619 carp_sc_state_locked(sc);
1623 ifa_free(&ia->ia_ifa); /* XXXRW: should hold reference for softc. */
1628 in_delmulti(imo->imo_membership[--imo->imo_num_memberships]);
1629 ifa_free(&ia->ia_ifa);
1634 carp_del_addr(struct carp_softc *sc, struct sockaddr_in *sin)
1638 if (!--sc->sc_naddrs) {
1639 struct carp_if *cif = (struct carp_if *)sc->sc_carpdev->if_carp;
1640 struct ip_moptions *imo = &sc->sc_imo;
1643 callout_stop(&sc->sc_ad_tmo);
1644 SC2IFP(sc)->if_flags &= ~IFF_UP;
1645 SC2IFP(sc)->if_drv_flags &= ~IFF_DRV_RUNNING;
1647 in_delmulti(imo->imo_membership[--imo->imo_num_memberships]);
1648 imo->imo_multicast_ifp = NULL;
1649 TAILQ_REMOVE(&cif->vhif_vrs, sc, sc_list);
1650 if (!--cif->vhif_nvrs) {
1651 sc->sc_carpdev->if_carp = NULL;
1652 CARP_LOCK_DESTROY(cif);
1664 carp_set_addr6(struct carp_softc *sc, struct sockaddr_in6 *sin6)
1667 struct carp_if *cif;
1668 struct in6_ifaddr *ia, *ia_if;
1669 struct ip6_moptions *im6o = &sc->sc_im6o;
1670 struct in6_addr in6;
1675 if (IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) {
1676 if (!(SC2IFP(sc)->if_flags & IFF_UP))
1677 carp_set_state(sc, INIT);
1679 SC2IFP(sc)->if_flags |= IFF_UP;
1688 /* we have to do it by hands to check we won't match on us */
1689 ia_if = NULL; own = 0;
1691 TAILQ_FOREACH(ia, &V_in6_ifaddrhead, ia_link) {
1694 for (i = 0; i < 4; i++) {
1695 if ((sin6->sin6_addr.s6_addr32[i] &
1696 ia->ia_prefixmask.sin6_addr.s6_addr32[i]) !=
1697 (ia->ia_addr.sin6_addr.s6_addr32[i] &
1698 ia->ia_prefixmask.sin6_addr.s6_addr32[i]))
1701 /* and, yeah, we need a multicast-capable iface too */
1702 if (ia->ia_ifp != SC2IFP(sc) &&
1703 (ia->ia_ifp->if_flags & IFF_MULTICAST) &&
1707 if (IN6_ARE_ADDR_EQUAL(&sin6->sin6_addr,
1708 &ia->ia_addr.sin6_addr))
1714 IN6_IFADDR_RUNLOCK();
1715 return (EADDRNOTAVAIL);
1718 ifa_ref(&ia->ia_ifa);
1719 IN6_IFADDR_RUNLOCK();
1722 if (ifp == NULL || (ifp->if_flags & IFF_MULTICAST) == 0 ||
1723 (im6o->im6o_multicast_ifp && im6o->im6o_multicast_ifp != ifp)) {
1724 ifa_free(&ia->ia_ifa);
1725 return (EADDRNOTAVAIL);
1728 if (!sc->sc_naddrs6) {
1729 struct in6_multi *in6m;
1731 im6o->im6o_multicast_ifp = ifp;
1733 /* join CARP multicast address */
1734 bzero(&in6, sizeof(in6));
1735 in6.s6_addr16[0] = htons(0xff02);
1736 in6.s6_addr8[15] = 0x12;
1737 if (in6_setscope(&in6, ifp, NULL) != 0)
1740 error = in6_mc_join(ifp, &in6, NULL, &in6m, 0);
1743 im6o->im6o_membership[0] = in6m;
1744 im6o->im6o_num_memberships++;
1746 /* join solicited multicast address */
1747 bzero(&in6, sizeof(in6));
1748 in6.s6_addr16[0] = htons(0xff02);
1749 in6.s6_addr32[1] = 0;
1750 in6.s6_addr32[2] = htonl(1);
1751 in6.s6_addr32[3] = sin6->sin6_addr.s6_addr32[3];
1752 in6.s6_addr8[12] = 0xff;
1753 if (in6_setscope(&in6, ifp, NULL) != 0)
1756 error = in6_mc_join(ifp, &in6, NULL, &in6m, 0);
1759 im6o->im6o_membership[1] = in6m;
1760 im6o->im6o_num_memberships++;
1763 if (!ifp->if_carp) {
1764 cif = malloc(sizeof(*cif), M_CARP,
1770 if ((error = ifpromisc(ifp, 1))) {
1775 CARP_LOCK_INIT(cif);
1777 cif->vhif_ifp = ifp;
1778 TAILQ_INIT(&cif->vhif_vrs);
1782 struct carp_softc *vr;
1784 cif = (struct carp_if *)ifp->if_carp;
1786 TAILQ_FOREACH(vr, &cif->vhif_vrs, sc_list)
1787 if (vr != sc && vr->sc_vhid == sc->sc_vhid) {
1794 sc->sc_carpdev = ifp;
1796 { /* XXX prevent endless loop if already in queue */
1797 struct carp_softc *vr, *after = NULL;
1799 cif = (struct carp_if *)ifp->if_carp;
1800 CARP_LOCK_ASSERT(cif);
1802 TAILQ_FOREACH(vr, &cif->vhif_vrs, sc_list) {
1805 if (vr->sc_vhid < sc->sc_vhid)
1810 /* We're trying to keep things in order */
1811 if (after == NULL) {
1812 TAILQ_INSERT_TAIL(&cif->vhif_vrs, sc, sc_list);
1814 TAILQ_INSERT_AFTER(&cif->vhif_vrs, after, sc, sc_list);
1821 SC2IFP(sc)->if_flags |= IFF_UP;
1824 carp_sc_state_locked(sc);
1828 ifa_free(&ia->ia_ifa); /* XXXRW: should hold reference for softc. */
1833 if (!sc->sc_naddrs6)
1834 carp_multicast6_cleanup(sc);
1835 ifa_free(&ia->ia_ifa);
1840 carp_del_addr6(struct carp_softc *sc, struct sockaddr_in6 *sin6)
1844 if (!--sc->sc_naddrs6) {
1845 struct carp_if *cif = (struct carp_if *)sc->sc_carpdev->if_carp;
1848 callout_stop(&sc->sc_ad_tmo);
1849 SC2IFP(sc)->if_flags &= ~IFF_UP;
1850 SC2IFP(sc)->if_drv_flags &= ~IFF_DRV_RUNNING;
1852 carp_multicast6_cleanup(sc);
1853 TAILQ_REMOVE(&cif->vhif_vrs, sc, sc_list);
1854 if (!--cif->vhif_nvrs) {
1855 CARP_LOCK_DESTROY(cif);
1856 sc->sc_carpdev->if_carp = NULL;
1867 carp_ioctl(struct ifnet *ifp, u_long cmd, caddr_t addr)
1869 struct carp_softc *sc = ifp->if_softc, *vr;
1870 struct carpreq carpr;
1873 struct ifaliasreq *ifra;
1874 int locked = 0, error = 0;
1876 ifa = (struct ifaddr *)addr;
1877 ifra = (struct ifaliasreq *)addr;
1878 ifr = (struct ifreq *)addr;
1882 switch (ifa->ifa_addr->sa_family) {
1885 SC2IFP(sc)->if_flags |= IFF_UP;
1886 bcopy(ifa->ifa_addr, ifa->ifa_dstaddr,
1887 sizeof(struct sockaddr));
1888 error = carp_set_addr(sc, satosin(ifa->ifa_addr));
1893 SC2IFP(sc)->if_flags |= IFF_UP;
1894 error = carp_set_addr6(sc, satosin6(ifa->ifa_addr));
1898 error = EAFNOSUPPORT;
1904 switch (ifa->ifa_addr->sa_family) {
1907 SC2IFP(sc)->if_flags |= IFF_UP;
1908 bcopy(ifa->ifa_addr, ifa->ifa_dstaddr,
1909 sizeof(struct sockaddr));
1910 error = carp_set_addr(sc, satosin(&ifra->ifra_addr));
1915 SC2IFP(sc)->if_flags |= IFF_UP;
1916 error = carp_set_addr6(sc, satosin6(&ifra->ifra_addr));
1920 error = EAFNOSUPPORT;
1926 switch (ifa->ifa_addr->sa_family) {
1929 error = carp_del_addr(sc, satosin(&ifra->ifra_addr));
1934 error = carp_del_addr6(sc, satosin6(&ifra->ifra_addr));
1938 error = EAFNOSUPPORT;
1944 if (sc->sc_carpdev) {
1948 if (sc->sc_state != INIT && !(ifr->ifr_flags & IFF_UP)) {
1949 callout_stop(&sc->sc_ad_tmo);
1950 callout_stop(&sc->sc_md_tmo);
1951 callout_stop(&sc->sc_md6_tmo);
1952 if (sc->sc_state == MASTER)
1953 carp_send_ad_locked(sc);
1954 carp_set_state(sc, INIT);
1956 } else if (sc->sc_state == INIT && (ifr->ifr_flags & IFF_UP)) {
1957 SC2IFP(sc)->if_flags |= IFF_UP;
1963 error = priv_check(curthread, PRIV_NETINET_CARP);
1966 if ((error = copyin(ifr->ifr_data, &carpr, sizeof carpr)))
1969 if (sc->sc_carpdev) {
1973 if (sc->sc_state != INIT && carpr.carpr_state != sc->sc_state) {
1974 switch (carpr.carpr_state) {
1976 callout_stop(&sc->sc_ad_tmo);
1977 carp_set_state(sc, BACKUP);
1979 carp_setroute(sc, RTM_DELETE);
1982 carp_master_down_locked(sc);
1988 if (carpr.carpr_vhid > 0) {
1989 if (carpr.carpr_vhid > 255) {
1993 if (sc->sc_carpdev) {
1994 struct carp_if *cif;
1995 cif = (struct carp_if *)sc->sc_carpdev->if_carp;
1996 TAILQ_FOREACH(vr, &cif->vhif_vrs, sc_list)
1998 vr->sc_vhid == carpr.carpr_vhid) {
2002 if (error == EEXIST)
2005 sc->sc_vhid = carpr.carpr_vhid;
2006 IF_LLADDR(sc->sc_ifp)[0] = 0;
2007 IF_LLADDR(sc->sc_ifp)[1] = 0;
2008 IF_LLADDR(sc->sc_ifp)[2] = 0x5e;
2009 IF_LLADDR(sc->sc_ifp)[3] = 0;
2010 IF_LLADDR(sc->sc_ifp)[4] = 1;
2011 IF_LLADDR(sc->sc_ifp)[5] = sc->sc_vhid;
2014 if (carpr.carpr_advbase > 0 || carpr.carpr_advskew > 0) {
2015 if (carpr.carpr_advskew >= 255) {
2019 if (carpr.carpr_advbase > 255) {
2023 sc->sc_advbase = carpr.carpr_advbase;
2024 sc->sc_advskew = carpr.carpr_advskew;
2027 bcopy(carpr.carpr_key, sc->sc_key, sizeof(sc->sc_key));
2037 /* XXX: lockless read */
2038 bzero(&carpr, sizeof(carpr));
2039 carpr.carpr_state = sc->sc_state;
2040 carpr.carpr_vhid = sc->sc_vhid;
2041 carpr.carpr_advbase = sc->sc_advbase;
2042 carpr.carpr_advskew = sc->sc_advskew;
2043 error = priv_check(curthread, PRIV_NETINET_CARP);
2045 bcopy(sc->sc_key, carpr.carpr_key,
2046 sizeof(carpr.carpr_key));
2047 error = copyout(&carpr, ifr->ifr_data, sizeof(carpr));
2057 carp_hmac_prepare(sc);
2063 * XXX: this is looutput. We should eventually use it from there.
2066 carp_looutput(struct ifnet *ifp, struct mbuf *m, struct sockaddr *dst,
2070 struct rtentry *rt = NULL;
2072 M_ASSERTPKTHDR(m); /* check if we have the packet header */
2076 if (rt && rt->rt_flags & (RTF_REJECT|RTF_BLACKHOLE)) {
2078 return (rt->rt_flags & RTF_BLACKHOLE ? 0 :
2079 rt->rt_flags & RTF_HOST ? EHOSTUNREACH : ENETUNREACH);
2083 ifp->if_obytes += m->m_pkthdr.len;
2085 /* BPF writes need to be handled specially. */
2086 if (dst->sa_family == AF_UNSPEC) {
2087 bcopy(dst->sa_data, &af, sizeof(af));
2088 dst->sa_family = af;
2092 switch (dst->sa_family) {
2099 printf("carp_looutput: af=%d unexpected\n", dst->sa_family);
2101 return (EAFNOSUPPORT);
2104 return(if_simloop(ifp, m, dst->sa_family, 0));
2108 * Start output on carp interface. This function should never be called.
2111 carp_start(struct ifnet *ifp)
2114 printf("%s: start called\n", ifp->if_xname);
2119 carp_output(struct ifnet *ifp, struct mbuf *m, struct sockaddr *sa,
2123 struct carp_softc *sc;
2124 struct ifnet *carp_ifp;
2129 switch (sa->sa_family) {
2142 mtag = m_tag_find(m, PACKET_TAG_CARP, NULL);
2146 bcopy(mtag + 1, &carp_ifp, sizeof(struct ifnet *));
2147 sc = carp_ifp->if_softc;
2149 /* Set the source MAC address to Virtual Router MAC Address */
2150 switch (ifp->if_type) {
2153 struct ether_header *eh;
2155 eh = mtod(m, struct ether_header *);
2156 eh->ether_shost[0] = 0;
2157 eh->ether_shost[1] = 0;
2158 eh->ether_shost[2] = 0x5e;
2159 eh->ether_shost[3] = 0;
2160 eh->ether_shost[4] = 1;
2161 eh->ether_shost[5] = sc->sc_vhid;
2165 struct fddi_header *fh;
2167 fh = mtod(m, struct fddi_header *);
2168 fh->fddi_shost[0] = 0;
2169 fh->fddi_shost[1] = 0;
2170 fh->fddi_shost[2] = 0x5e;
2171 fh->fddi_shost[3] = 0;
2172 fh->fddi_shost[4] = 1;
2173 fh->fddi_shost[5] = sc->sc_vhid;
2176 case IFT_ISO88025: {
2177 struct iso88025_header *th;
2178 th = mtod(m, struct iso88025_header *);
2179 th->iso88025_shost[0] = 3;
2180 th->iso88025_shost[1] = 0;
2181 th->iso88025_shost[2] = 0x40 >> (sc->sc_vhid - 1);
2182 th->iso88025_shost[3] = 0x40000 >> (sc->sc_vhid - 1);
2183 th->iso88025_shost[4] = 0;
2184 th->iso88025_shost[5] = 0;
2188 printf("%s: carp is not supported for this interface type\n",
2190 return (EOPNOTSUPP);
2197 carp_set_state(struct carp_softc *sc, int state)
2202 CARP_SCLOCK_ASSERT(sc);
2204 if (sc->sc_state == state)
2207 sc->sc_state = state;
2210 link_state = LINK_STATE_DOWN;
2213 link_state = LINK_STATE_UP;
2216 link_state = LINK_STATE_UNKNOWN;
2219 if_link_state_change(SC2IFP(sc), link_state);
2223 carp_carpdev_state(struct ifnet *ifp)
2225 struct carp_if *cif;
2229 carp_carpdev_state_locked(cif);
2234 carp_carpdev_state_locked(struct carp_if *cif)
2236 struct carp_softc *sc;
2238 TAILQ_FOREACH(sc, &cif->vhif_vrs, sc_list)
2239 carp_sc_state_locked(sc);
2243 carp_sc_state_locked(struct carp_softc *sc)
2245 CARP_SCLOCK_ASSERT(sc);
2247 if (sc->sc_carpdev->if_link_state != LINK_STATE_UP ||
2248 !(sc->sc_carpdev->if_flags & IFF_UP)) {
2249 sc->sc_flags_backup = SC2IFP(sc)->if_flags;
2250 SC2IFP(sc)->if_flags &= ~IFF_UP;
2251 SC2IFP(sc)->if_drv_flags &= ~IFF_DRV_RUNNING;
2252 callout_stop(&sc->sc_ad_tmo);
2253 callout_stop(&sc->sc_md_tmo);
2254 callout_stop(&sc->sc_md6_tmo);
2255 carp_set_state(sc, INIT);
2257 if (!sc->sc_suppress) {
2258 carp_suppress_preempt++;
2259 if (carp_suppress_preempt == 1) {
2265 sc->sc_suppress = 1;
2267 SC2IFP(sc)->if_flags |= sc->sc_flags_backup;
2268 carp_set_state(sc, INIT);
2270 if (sc->sc_suppress)
2271 carp_suppress_preempt--;
2272 sc->sc_suppress = 0;
2279 extern struct domain inetdomain;
2280 static struct protosw in_carp_protosw = {
2281 .pr_type = SOCK_RAW,
2282 .pr_domain = &inetdomain,
2283 .pr_protocol = IPPROTO_CARP,
2284 .pr_flags = PR_ATOMIC|PR_ADDR,
2285 .pr_input = carp_input,
2286 .pr_output = (pr_output_t *)rip_output,
2287 .pr_ctloutput = rip_ctloutput,
2288 .pr_usrreqs = &rip_usrreqs
2293 extern struct domain inet6domain;
2294 static struct ip6protosw in6_carp_protosw = {
2295 .pr_type = SOCK_RAW,
2296 .pr_domain = &inet6domain,
2297 .pr_protocol = IPPROTO_CARP,
2298 .pr_flags = PR_ATOMIC|PR_ADDR,
2299 .pr_input = carp6_input,
2300 .pr_output = rip6_output,
2301 .pr_ctloutput = rip6_ctloutput,
2302 .pr_usrreqs = &rip6_usrreqs
2307 carp_mod_cleanup(void)
2310 if (if_detach_event_tag == NULL)
2312 EVENTHANDLER_DEREGISTER(ifnet_departure_event, if_detach_event_tag);
2313 if_clone_detach(&carp_cloner);
2315 if (proto_reg[CARP_INET] == 0) {
2316 (void)ipproto_unregister(IPPROTO_CARP);
2317 pf_proto_unregister(PF_INET, IPPROTO_CARP, SOCK_RAW);
2318 proto_reg[CARP_INET] = -1;
2320 carp_iamatch_p = NULL;
2323 if (proto_reg[CARP_INET6] == 0) {
2324 (void)ip6proto_unregister(IPPROTO_CARP);
2325 pf_proto_unregister(PF_INET6, IPPROTO_CARP, SOCK_RAW);
2326 proto_reg[CARP_INET6] = -1;
2328 carp_iamatch6_p = NULL;
2329 carp_macmatch6_p = NULL;
2331 carp_linkstate_p = NULL;
2332 carp_forus_p = NULL;
2333 carp_output_p = NULL;
2334 mtx_destroy(&carp_mtx);
2342 if_detach_event_tag = EVENTHANDLER_REGISTER(ifnet_departure_event,
2343 carp_ifdetach, NULL, EVENTHANDLER_PRI_ANY);
2344 if (if_detach_event_tag == NULL)
2346 mtx_init(&carp_mtx, "carp_mtx", NULL, MTX_DEF);
2347 LIST_INIT(&carpif_list);
2348 if_clone_attach(&carp_cloner);
2349 carp_linkstate_p = carp_carpdev_state;
2350 carp_forus_p = carp_forus;
2351 carp_output_p = carp_output;
2353 carp_iamatch6_p = carp_iamatch6;
2354 carp_macmatch6_p = carp_macmatch6;
2355 proto_reg[CARP_INET6] = pf_proto_register(PF_INET6,
2356 (struct protosw *)&in6_carp_protosw);
2357 if (proto_reg[CARP_INET6] != 0) {
2358 printf("carp: error %d attaching to PF_INET6\n",
2359 proto_reg[CARP_INET6]);
2363 err = ip6proto_register(IPPROTO_CARP);
2365 printf("carp: error %d registering with INET6\n", err);
2371 carp_iamatch_p = carp_iamatch;
2372 proto_reg[CARP_INET] = pf_proto_register(PF_INET, &in_carp_protosw);
2373 if (proto_reg[CARP_INET] != 0) {
2374 printf("carp: error %d attaching to PF_INET\n",
2375 proto_reg[CARP_INET]);
2379 err = ipproto_register(IPPROTO_CARP);
2381 printf("carp: error %d registering with INET\n", err);
2390 carp_modevent(module_t mod, int type, void *data)
2394 return carp_mod_load();
2398 * XXX: For now, disallow module unloading by default due to
2399 * a race condition where a thread may dereference one of the
2400 * function pointer hooks after the module has been
2401 * unloaded, during processing of a packet, causing a panic.
2403 #ifdef CARPMOD_CAN_UNLOAD
2417 static moduledata_t carp_mod = {
2423 DECLARE_MODULE(carp, carp_mod, SI_SUB_PROTO_DOMAIN, SI_ORDER_ANY);
projects / FreeBSD / releng / 8.2.git / blob