[PATCH] IP_SENDIF option; rework ip_output() source selection logic
Bruce M Simpson
bms at incunabulum.net
Sun Mar 4 22:25:07 UTC 2007
Thanks to andre making a start on this, I have managed to get the
IP_SENDIF option implemented today in p4 bms_netdev. Here's a patch
For those who are new to this work:
IP_SENDIF is broadly an analogue of the Linux socket option
SO_BINDTODEVICE. It is used to bypass the traditional BSD source
interface selection logic. It is a sledgehammer hack used to output
datagrams on a specific interface which may not yet have an address,
e.g. for DHCP. Judicious use of this option, together with IP_ONESBCAST,
will make it possible for dhclient to run without BPF support in the
There are a few remaining issues around this code which need to be dealt
with. These are:
* Fix IP_SENDIF and IP_SENDSRCADDR for unbound sockets.
This goes without saying. For these options to be useful the socket
should not have to be bound anywhere. The fact that IP_SENDSRCADDR is
currently broken contradicts both our documentation and UNIX Network
Programming Vol 1 3rd Edition.
* Allow IP_SENDIF to be used from the raw IP output path.
Some people might want to do this.
* Add a specific privilege level for IP_SENDIF.
Currently it requires the 'open raw socket' privilege, as it is Not
* Disable hardware checksums on output, if we have to do that.
My testing with msk(4) suggests this might not be needed.
When/if we adopt NetBSD's source selection policy concept (e.g. for
fully supporting link-local IPv4) this code will most likely have to be
updated, and/or when/if we adopt equal-cost multipath.
The hack IP_ONESBCAST itself may eventually be eliminated by doing
things slightly differently in the forwarding trie i.e. using interface
preference and/or IP_SENDIF and populating the trie with 255.255.255.255
More information about the freebsd-net