CFR: FIB handling improvements
    Alan Somers 
    asomers at freebsd.org
       
    Wed Aug 21 19:06:54 UTC 2013
    
    
  
On Wed, Aug 21, 2013 at 12:20 PM, Hiroki Sato <hrs at freebsd.org> wrote:
> Will Andrews <will at firepipe.net> wrote
>   in <CADBaqmi6c7v8ojry8uViRi9tK18n8_RaDrP+UjvcmEN9guWm3w at mail.gmail.com>:
>
> wi> Please review: http://people.freebsd.org/~will/fix-fib-issues.1.diff
> wi>
> wi> This patch includes fixes for several issues relating to FIBs:
> wi>
> wi> * Use of dhclient with non-zero FIBs.  With this patch, it is possible
> wi> to use DHCP on a specific interface with a non-zero FIB and have it
> wi> work correctly with this rc.conf snippet:
> wi>
> wi> ifconfig_em1="SYNCDHCP"
> wi> dhclient_fib_em1=1
>
>  I think the target FIB should be handled by dhclient, not in the rc.d
>  scripts.  More specifically, dhclient should call SIOCGIFFIB ioctl to
>  obtain ifp->if_fib and use it if defined.  It allows the following
>  configuration which is much simpler and reliable:
>
>  ifconfig_em1="fib 1 SYNCDHCP"
>
I think your  proposal would be incompatible with assigning multiple
addresses on different fibs to the same interface.  An unusual
configuration, but valid.   With such a configuration, dhclient would need
to get its fibnum from the rc scripts instead of using the interface fib as
reported by the kernel.  In general, I don't think that the interface fib
should be used to setup host and subnet routes.
>
> wi> * Always add loopback routes for non-zero FIBs, for both IPv4 and
> wi> IPv6.  Arguably, this could be a policy issue, but it is currently
> wi> less-than-trivial to specify (in rc.conf) that a route needs to be
> wi> applied to every FIB.
>
>  I am not sure why this is needed.  Are the loopback host routes
>  installed into all of the FIBs automatically when lo0 is initialized?
>
>  Even if it is required, get_fibmod() is not necessary.  The following
>  should work:
>
>  # route add -inet 127.0.0.1/8 -iface lo0 -fib all
>
> wi> * Having two or more FIBs whose interfaces share the same prefix and
> wi> netmask.  This involves adding fibnum arguments to ifa_ifwithnet() and
> wi> ifa_ifwithdstaddr(), and checking it within.
> wi>
> wi> * Setting the FIB on a network interface.  rtinit1() looks it up via
> wi> the current process context, so we must be calling setfib(2) from
> wi> within ifconfig.
> wi>
> wi> * Creating & deleting loopback routes now works correctly for
> wi> non-default FIBs, by using the interface's FIB instead of always 0.
> wi>
> wi> Commits would be made on each of these issues separately, but since
> wi> they are all related, I thought it would be easier for others to
> wi> evaluate them with context.
>
>  The other changes look reasonable to me (but not tested yet).
>
> -- Hiroki
>
    
    
More information about the freebsd-net
mailing list