How to disable tryforward ?
k simon
moremore2 at outlook.com
Thu Oct 31 04:30:29 UTC 2019
Hi, Olivier,
This patch should fix ECMP forwarding as a workaround. I’ve added the “fastforwarding” sysctl knob back and set it’s default value to “1”. Value “0” would disable tryforward(). Maybe the right way is replaced fib4_lookup_nh_basic() with fib4_lookup_nh_ext() in ip_fastfwd.c, but I’m not familiar with it.
--- ip_input.c.orig 2019-10-26 20:33:21.468834000 +0800
+++ ip_input.c 2019-10-31 08:01:42.938504000 +0800
@@ -37,6 +37,7 @@
#include "opt_bootp.h"
#include "opt_ipstealth.h"
#include "opt_ipsec.h"
+#include "opt_mpath.h"
#include "opt_route.h"
#include "opt_rss.h"
@@ -64,6 +65,9 @@
#include <net/if_dl.h>
#include <net/route.h>
#include <net/netisr.h>
+#ifdef RADIX_MPATH
+#include <net/radix_mpath.h>
+#endif
#include <net/rss_config.h>
#include <net/vnet.h>
@@ -115,6 +119,11 @@
&VNET_NAME(ipsendredirects), 0,
"Enable sending IP redirects");
+VNET_DEFINE_STATIC(int, ipfastforward_active) = 1;
+#define V_ipfastforward_active VNET(ipfastforward_active)
+SYSCTL_INT(_net_inet_ip, OID_AUTO, fastforwarding, CTLFLAG_VNET | CTLFLAG_RW,
+ &VNET_NAME(ipfastforward_active), 0, "Enable fast IP forwarding");
+
/*
* XXX - Setting ip_checkinterface mostly implements the receive side of
* the Strong ES model described in RFC 1122, but since the routing table
@@ -566,7 +575,7 @@
* case skip another inbound firewall processing and update
* ip pointer.
*/
- if (V_ipforwarding != 0 && V_ipsendredirects == 0
+ if (V_ipforwarding != 0 && V_ipsendredirects == 0 && V_ipfastforward_active != 0
#if defined(IPSEC) || defined(IPSEC_SUPPORT)
&& (!IPSEC_ENABLED(ipv4) ||
IPSEC_CAPS(ipv4, m, IPSEC_CAP_OPERABLE) == 0)
Simon Ke
20191031
在 2019年10月31日,00:33,Olivier Cochard-Labbé <olivier at freebsd.org<mailto:olivier at freebsd.org>> 写道:
On Wed, Oct 30, 2019 at 9:44 AM k simon <moremore2 at outlook.com<mailto:moremore2 at outlook.com>> wrote:
Hi, Andrey,
OK, I’ve got it. Radix_mpath.h file is not included in input.c. Maybe someone can fix and commit it. Thanks for your reply!
But does including this header file enough to fix ECMP forwarding ?
More information about the freebsd-net
mailing list