Page MenuHomeFreeBSD
Differential D40317

carp: add a 'SUPPRESS' state
Needs ReviewPublic
Actions

Authored by kp on May 29 2023, 1:42 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sun, Mar 23, 2:21 AM
Unknown Object (File)
Sat, Mar 1, 1:13 PM
Unknown Object (File)
Tue, Feb 25, 3:11 PM
Unknown Object (File)
Jan 23 2025, 9:29 PM
Unknown Object (File)
Jan 12 2025, 4:31 PM
Unknown Object (File)
Nov 16 2024, 5:51 AM
Unknown Object (File)
Nov 15 2024, 4:39 PM
Unknown Object (File)
Oct 3 2024, 12:08 PM
View All 48 Files
Subscribers
emaste
glebius
imp
rcm
zlei

Details

Reviewers
melifaro
Group Reviewers
network
pfsense
Summary

Introduce a new state for carp interfaces where the link or interface
are down, or net.inet.carp.allow is 0.

The intent is to make it a bit easier for users to figure out why a
given carp address is not negotiating MASTER/BACKUP.

Suggested by: melifaro@
Sponsored by: Rubicon Communications, LLC ("Netgate")

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Passed
Unit
No Test Coverage
Build Status
Buildable 51756
Build 48647: arc lint + arc unit

Event Timeline

kp created this revision.May 29 2023, 1:42 PM
Herald added subscribers: glebius, imp. · View Herald TranscriptMay 29 2023, 1:42 PM
kp requested review of this revision.May 29 2023, 1:42 PM
Harbormaster completed remote builds in B51756: Diff 122564.May 29 2023, 1:42 PM
kp added a comment.May 29 2023, 1:45 PM

There's a rather annoying bug left in this. If we add a carp address on an interface that's down (i.e. IFF_UP is not set) the interface will come up during this, but remain in SUPPRESS state.

That's because the SIOCSIFADDR ioctl is passed to ether_ioctl(), which sets IFF_UP in ifp->if_flags directly, without any event handling. Ordinarily we'd call if_up(), which gives carp a chance to react to the interface coming up. That's not the case here, so it stays in SUPPRESS.

Initial attempts to fix this, by replacing ifp->if_flags |= IFF_UP in ether_ioctl() with if_up(ifp) resulted in ifconfig: ioctl (SIOCAIFADDR): File exists when trying to set an address on the interface. There's clearly an order of operations problem around this, but I don't fully understand it.

In other words: this patch cannot go in as-is (or at least not until the IFF_UP issues are addressed).

zlei added a subscriber: zlei.May 29 2023, 2:00 PM

When I was reviewing the design of CARP, I intended to introduce a new state COMPETING to resolve an annoying bug https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=269908 .

I'm not sure it is right to do so, too little resources for CARP rather than VRRP.

I'd suggest suspend this new feature, until we have a clear state machine.

The intent is to make it a bit easier for users to figure out why a given carp address is not negotiating MASTER/BACKUP.

I think we may have some debug / trace logs for that, other than a new state SUPPRESS.

melifaro added a comment.May 29 2023, 3:58 PM
In D40317#917957, @kp wrote:

There's a rather annoying bug left in this. If we add a carp address on an interface that's down (i.e. IFF_UP is not set) the interface will come up during this, but remain in SUPPRESS state.

That's because the SIOCSIFADDR ioctl is passed to ether_ioctl(), which sets IFF_UP in ifp->if_flags directly, without any event handling. Ordinarily we'd call if_up(), which gives carp a chance to react to the interface coming up. That's not the case here, so it stays in SUPPRESS.

Initial attempts to fix this, by replacing ifp->if_flags |= IFF_UP in ether_ioctl() with if_up(ifp) resulted in ifconfig: ioctl (SIOCAIFADDR): File exists when trying to set an address on the interface. There's clearly an order of operations problem around this, but I don't fully understand it.

In other words: this patch cannot go in as-is (or at least not until the IFF_UP issues are addressed).

I ran into that when using netlink to configure interfaces. I guess we need to issue an eventhandler contification if some of interface flags were changed. I’ll take a look at that

melifaro added a comment.May 30 2023, 12:18 PM

In other words: this patch cannot go in as-is (or at least not until the IFF_UP issues are addressed).

I ran into that when using netlink to configure interfaces. I guess we need to issue an eventhandler contification if some of interface flags were changed. I’ll take a look at that

I've raised D40332 to address lack of notifications to carp and the rest of the system.

melifaro added a comment.Jun 2 2023, 4:49 PM
In D40317#918251, @melifaro wrote:

In other words: this patch cannot go in as-is (or at least not until the IFF_UP issues are addressed).

I ran into that when using netlink to configure interfaces. I guess we need to issue an eventhandler contification if some of interface flags were changed. I’ll take a look at that

I've raised D40332 to address lack of notifications to carp and the rest of the system.

This one got committed.

rcm added a subscriber: rcm.Jun 8 2023, 1:37 PM
rcm added inline comments.
sys/netinet/ip_carp.h
131

Should this be bumped to 3?

kp added inline comments.Jun 8 2023, 1:40 PM
sys/netinet/ip_carp.h
131

It should, but we should probably also improve the parsing on the set state side of things, because I don't think we want users to manually set 'SUPPRESS' (or to allow users to manually leave that state, for that matter).

melifaro added inline comments.Jun 8 2023, 2:09 PM
sys/netinet/ip_carp.h
131

I don't have the domain knowledge on the carp implementation and I don't hold any opinion on whether the state machine should be extended or not.

Personally I'd consider two things here:

  1. does the state machine change simplify (or help) kernel handling?
  2. does the state machine change simplify (or help) user handling?

If the answer for the first question is "no" then, maybe, (2) may be achieved by the other means (e.g. just providing string hint for the userland) ?

glebius added a comment.Jun 8 2023, 5:59 PM

This creates invariant (sc_suppress == 1 && sc_state == SUPPRESS || sc_suppress == 0 && sc_state != SUPPRESS). I'm not in favor of this change, but if it goes in, I would suggest to remove sc_suppress fields and use sc_state as a flag of suppressed state.

emaste added a subscriber: emaste.Mar 19 2024, 6:28 PM

Revision Contents
Changeset List

PathSize
sys/
netinet/
2 lines
9 lines

Diff 122564

View Options

sys/netinet/ip_carp.h

Show First 20 LinesShow All 121 Lines▼ Show 20 Lines
/* /*
* Configuration structure for SIOCSVH SIOCGVH * Configuration structure for SIOCSVH SIOCGVH
*/ */
struct carpreq { struct carpreq {
int carpr_count; int carpr_count;
int carpr_vhid; int carpr_vhid;
#define CARP_MAXVHID 255 #define CARP_MAXVHID 255
int carpr_state; int carpr_state;
#define CARP_STATES "INIT", "BACKUP", "MASTER" #define CARP_STATES "INIT", "BACKUP", "MASTER", "SUPPRESS"
#define CARP_MAXSTATE 2 #define CARP_MAXSTATE 2
rcmUnsubmitted
Not Done
Inline Actions

Should this be bumped to 3?

rcm: Should this be bumped to 3?
kpAuthorUnsubmitted
Not Done
Inline Actions

It should, but we should probably also improve the parsing on the set state side of things, because I don't think we want users to manually set 'SUPPRESS' (or to allow users to manually leave that state, for that matter).

kp: It should, but we should probably also improve the parsing on the set state side of things…
melifaroUnsubmitted
Not Done
Inline Actions

I don't have the domain knowledge on the carp implementation and I don't hold any opinion on whether the state machine should be extended or not.

Personally I'd consider two things here:

  1. does the state machine change simplify (or help) kernel handling?
  2. does the state machine change simplify (or help) user handling?

If the answer for the first question is "no" then, maybe, (2) may be achieved by the other means (e.g. just providing string hint for the userland) ?

melifaro: I don't have the domain knowledge on the carp implementation and I don't hold any opinion on…
int carpr_advskew; int carpr_advskew;
#define CARP_MAXSKEW 240 #define CARP_MAXSKEW 240
int carpr_advbase; int carpr_advbase;
unsigned char carpr_key[CARP_KEY_LEN]; unsigned char carpr_key[CARP_KEY_LEN];
}; };
#define SIOCSVH _IOWR('i', 245, struct ifreq) #define SIOCSVH _IOWR('i', 245, struct ifreq)
#define SIOCGVH _IOWR('i', 246, struct ifreq) #define SIOCGVH _IOWR('i', 246, struct ifreq)
Show All 40 Lines
View Options

sys/netinet/ip_carp.c

Show First 20 LinesShow All 112 Lines▼ Show 20 Lines#endif
int sc_advskew; int sc_advskew;
int sc_advbase; int sc_advbase;
struct in_addr sc_carpaddr; struct in_addr sc_carpaddr;
struct in6_addr sc_carpaddr6; struct in6_addr sc_carpaddr6;
int sc_naddrs; int sc_naddrs;
int sc_naddrs6; int sc_naddrs6;
int sc_ifasiz; int sc_ifasiz;
enum { INIT = 0, BACKUP, MASTER } sc_state; enum { INIT = 0, BACKUP, MASTER, SUPPRESS } sc_state;
int sc_suppress; int sc_suppress;
int sc_sendad_errors; int sc_sendad_errors;
#define CARP_SENDAD_MAX_ERRORS 3 #define CARP_SENDAD_MAX_ERRORS 3
int sc_sendad_success; int sc_sendad_success;
#define CARP_SENDAD_MIN_SUCCESS 3 #define CARP_SENDAD_MIN_SUCCESS 3
int sc_init_counter; int sc_init_counter;
uint64_t sc_counter; uint64_t sc_counter;
▲ Show 20 LinesShow All 627 Lines▼ Show 20 Linescarp_input_c(struct mbuf *m, struct carp_header *ch, sa_family_t af, int ttl)
sc->sc_counter = tmp_counter; sc->sc_counter = tmp_counter;
sc_tv.tv_sec = sc->sc_advbase; sc_tv.tv_sec = sc->sc_advbase;
sc_tv.tv_usec = DEMOTE_ADVSKEW(sc) * 1000000 / 256; sc_tv.tv_usec = DEMOTE_ADVSKEW(sc) * 1000000 / 256;
ch_tv.tv_sec = ch->carp_advbase; ch_tv.tv_sec = ch->carp_advbase;
ch_tv.tv_usec = ch->carp_advskew * 1000000 / 256; ch_tv.tv_usec = ch->carp_advskew * 1000000 / 256;
switch (sc->sc_state) { switch (sc->sc_state) {
case SUPPRESS:
case INIT: case INIT:
break; break;
case MASTER: case MASTER:
/* /*
* If we receive an advertisement from a master who's going to * If we receive an advertisement from a master who's going to
* be more frequent than us, go into BACKUP state. * be more frequent than us, go into BACKUP state.
*/ */
if (timevalcmp(&sc_tv, &ch_tv, >) || if (timevalcmp(&sc_tv, &ch_tv, >) ||
▲ Show 20 LinesShow All 563 Lines▼ Show 20 Lines#ifdef INET
carp_send_arp(sc); carp_send_arp(sc);
#endif #endif
#ifdef INET6 #ifdef INET6
carp_send_na(sc); carp_send_na(sc);
#endif #endif
carp_setrun(sc, 0); carp_setrun(sc, 0);
carp_addroute(sc); carp_addroute(sc);
break; break;
case SUPPRESS:
case INIT: case INIT:
case MASTER: case MASTER:
#ifdef INVARIANTS #ifdef INVARIANTS
panic("carp: VHID %u@%s: master_down event in %s state\n", panic("carp: VHID %u@%s: master_down event in %s state\n",
sc->sc_vhid, sc->sc_vhid,
if_name(sc->sc_carpdev), if_name(sc->sc_carpdev),
sc->sc_state ? "MASTER" : "INIT"); sc->sc_state ? "MASTER" : "INIT");
#endif #endif
Show All 14 Linescarp_setrun(struct carp_softc *sc, sa_family_t af)
if ((sc->sc_carpdev->if_flags & IFF_UP) == 0 || if ((sc->sc_carpdev->if_flags & IFF_UP) == 0 ||
sc->sc_carpdev->if_link_state != LINK_STATE_UP || sc->sc_carpdev->if_link_state != LINK_STATE_UP ||
(sc->sc_naddrs == 0 && sc->sc_naddrs6 == 0) || (sc->sc_naddrs == 0 && sc->sc_naddrs6 == 0) ||
!V_carp_allow) !V_carp_allow)
return; return;
switch (sc->sc_state) { switch (sc->sc_state) {
case SUPPRESS:
case INIT: case INIT:
carp_set_state(sc, BACKUP, "initialization complete"); carp_set_state(sc, BACKUP, "initialization complete");
carp_setrun(sc, 0); carp_setrun(sc, 0);
break; break;
case BACKUP: case BACKUP:
callout_stop(&sc->sc_ad_tmo); callout_stop(&sc->sc_ad_tmo);
tv.tv_sec = 3 * sc->sc_advbase; tv.tv_sec = 3 * sc->sc_advbase;
tv.tv_usec = sc->sc_advskew * 1000000 / 256; tv.tv_usec = sc->sc_advskew * 1000000 / 256;
▲ Show 20 LinesShow All 451 Lines▼ Show 20 Linescarp_ioctl_set(if_t ifp, struct carpkreq *carpr)
if (! IN6_IS_ADDR_UNSPECIFIED(&carpr->carpr_addr6)) { if (! IN6_IS_ADDR_UNSPECIFIED(&carpr->carpr_addr6)) {
memcpy(&sc->sc_carpaddr6, &carpr->carpr_addr6, memcpy(&sc->sc_carpaddr6, &carpr->carpr_addr6,
sizeof(sc->sc_carpaddr6)); sizeof(sc->sc_carpaddr6));
} }
if (carpr->carpr_key[0] != '\0') { if (carpr->carpr_key[0] != '\0') {
bcopy(carpr->carpr_key, sc->sc_key, sizeof(sc->sc_key)); bcopy(carpr->carpr_key, sc->sc_key, sizeof(sc->sc_key));
carp_hmac_prepare(sc); carp_hmac_prepare(sc);
} }
if (sc->sc_state != INIT && if (sc->sc_state != INIT && sc->sc_state != SUPPRESS &&
carpr->carpr_state != sc->sc_state) { carpr->carpr_state != sc->sc_state) {
switch (carpr->carpr_state) { switch (carpr->carpr_state) {
case BACKUP: case BACKUP:
callout_stop(&sc->sc_ad_tmo); callout_stop(&sc->sc_ad_tmo);
carp_set_state(sc, BACKUP, carp_set_state(sc, BACKUP,
"user requested via ifconfig"); "user requested via ifconfig");
carp_setrun(sc, 0); carp_setrun(sc, 0);
carp_delroute(sc); carp_delroute(sc);
▲ Show 20 LinesShow All 302 Lines▼ Show 20 Lines if (sc->sc_carpdev->if_link_state != LINK_STATE_UP ||
!V_carp_allow) { !V_carp_allow) {
callout_stop(&sc->sc_ad_tmo); callout_stop(&sc->sc_ad_tmo);
#ifdef INET #ifdef INET
callout_stop(&sc->sc_md_tmo); callout_stop(&sc->sc_md_tmo);
#endif #endif
#ifdef INET6 #ifdef INET6
callout_stop(&sc->sc_md6_tmo); callout_stop(&sc->sc_md6_tmo);
#endif #endif
carp_set_state(sc, INIT, "hardware interface down"); carp_set_state(sc, SUPPRESS, "hardware interface down");
carp_setrun(sc, 0); carp_setrun(sc, 0);
if (!sc->sc_suppress) if (!sc->sc_suppress)
carp_demote_adj(V_carp_ifdown_adj, "interface down"); carp_demote_adj(V_carp_ifdown_adj, "interface down");
sc->sc_suppress = 1; sc->sc_suppress = 1;
} else { } else {
carp_set_state(sc, INIT, "hardware interface up"); carp_set_state(sc, INIT, "hardware interface up");
carp_setrun(sc, 0); carp_setrun(sc, 0);
if (sc->sc_suppress) if (sc->sc_suppress)
▲ Show 20 LinesShow All 428 LinesShow Last 20 Lines