Page MenuHomeFreeBSD

ae (Andrey V. Elsukov)
User

Projects

User Details

User Since
Jun 4 2014, 7:25 AM (224 w, 2 d)

Recent Activity

Yesterday

ae committed rS338857: Fix possible NULL pointer dereference in ffec_alloc_mbufcl()..
Fix possible NULL pointer dereference in ffec_alloc_mbufcl().
Fri, Sep 21, 1:44 PM

Thu, Sep 20

ae committed rS338839: Add new field max_hdrsize to struct encap_config..
Add new field max_hdrsize to struct encap_config.
Thu, Sep 20, 7:45 PM
ae added a comment to D16654: IPv6 transport for bsnmp.

Hi, Harti, we have used IPv6 transport several weeks now, and it seems all works good. Do you want to see the full final patch that we use?

Thu, Sep 20, 12:41 PM

Wed, Sep 19

ae added a comment to D17180: Fix changing the MTU for tun/tap devices via TUNSIFINFO/TAPSIFINFO iotcl.

So I can update the patch to cover also if_tap.c, but for the other tunnelling interfaces could you elaborate why they are also affected?

Wed, Sep 19, 5:18 PM
ae added a comment to D17230: Update udp6_output() inp locking to avoid concurrency issues with route cache updates.

Maybe add the macro to deduplicate the code? It repeats 4 times...

#define INP_COND_UNLOCK(inp, locked)   \
    if ((locked) == UH_WLOCKED)
        INP_WUNLOCK(inp);
    else
        INP_RUNLOCK(inp);
Wed, Sep 19, 3:54 PM
ae added a comment to D17180: Fix changing the MTU for tun/tap devices via TUNSIFINFO/TAPSIFINFO iotcl.

It seems the problem, when old MTU is used after changing MTU on interface, also affects all tunneling interfaces gif, gre, ipsec etc. Also, for me it would be better to hide AF-related things like nd6_setmtu() in the rt_updatemtu() implementation.

Wed, Sep 19, 2:37 PM

Tue, Sep 18

ae created D17214: Add handling for appearing/disappearing of ingress address for if_gre(4).
Tue, Sep 18, 10:34 AM
ae added a child revision for D17134: Implement handling for appearing/disappearing of ingress address for tunneling interfaces: D17214: Add handling for appearing/disappearing of ingress address for if_gre(4).
Tue, Sep 18, 10:34 AM

Mon, Sep 17

ae updated the diff for D17190: Rework if_ipsec(4) to use epoch(9)-based locking model..

Upload the full diff.

Mon, Sep 17, 3:41 PM
ae updated the diff for D17190: Rework if_ipsec(4) to use epoch(9)-based locking model..

Deduplicate the code that deletes softc from srchash.
And add another IPSEC_WAIT() to fix possible race in ipsec_if_input().

Mon, Sep 17, 3:37 PM
ae created D17190: Rework if_ipsec(4) to use epoch(9)-based locking model..
Mon, Sep 17, 10:38 AM
ae committed rS338708: Restore outbound packets capturing for if_gre(4). It was missed in r335048..
Restore outbound packets capturing for if_gre(4). It was missed in r335048.
Mon, Sep 17, 10:10 AM
ae added a reviewer for D17180: Fix changing the MTU for tun/tap devices via TUNSIFINFO/TAPSIFINFO iotcl: melifaro.
Mon, Sep 17, 10:02 AM

Fri, Sep 14

ae updated the summary of D17171: Do not allow use `create` keyword as hostname when ifconfig(8) invoked for already existing interface.
Fri, Sep 14, 10:43 AM
ae created D17171: Do not allow use `create` keyword as hostname when ifconfig(8) invoked for already existing interface.
Fri, Sep 14, 10:41 AM

Wed, Sep 12

ae created D17134: Implement handling for appearing/disappearing of ingress address for tunneling interfaces.
Wed, Sep 12, 4:13 PM

Tue, Sep 11

ae added a reviewer for D17100: Extend ifaddr_event to pass ifaddr and event type to handler: np.
Tue, Sep 11, 12:09 PM

Mon, Sep 10

ae added a reviewer for D17100: Extend ifaddr_event to pass ifaddr and event type to handler: network.
Mon, Sep 10, 12:49 PM
ae created D17100: Extend ifaddr_event to pass ifaddr and event type to handler.
Mon, Sep 10, 12:48 PM

Sat, Sep 8

ae created D17079: Add sadb_x_sa2 extension header to SADB_ACQUIRE request.
Sat, Sep 8, 1:04 PM

Wed, Sep 5

ae accepted D17039: Implement "ipfw fwd" for incoming IPv4 packets on fast forwarding path.
Wed, Sep 5, 10:46 AM

Tue, Sep 4

ae added inline comments to D16654: IPv6 transport for bsnmp.
Tue, Sep 4, 1:48 PM

Mon, Sep 3

ae accepted D17007: Appl RO_INVALIDATE_CACHE() to more netinet6 code.
Mon, Sep 3, 5:24 PM
ae accepted D17005: Adjust inp_route to inp_route6 in netinet6 code.
Mon, Sep 3, 5:23 PM
ae accepted D17004: Remove code duplicating in route.h.
Mon, Sep 3, 5:20 PM

Fri, Aug 31

ae added a comment to D16654: IPv6 transport for bsnmp.

So, local TCP communications using IPv6 link-local addresses also affected by routing caching. Note, should be used addresses that are configured on non-loopback interfaces.
Simple test:

Fri, Aug 31, 7:53 AM
ae updated subscribers of D16654: IPv6 transport for bsnmp.
Fri, Aug 31, 7:39 AM

Thu, Aug 30

ae added a comment to D16654: IPv6 transport for bsnmp.

So, I finally found the cause of strange behavior. It is due to the route caching. Reverting of this change makes it working https://svnweb.freebsd.org/base/head/sys/netinet6/udp6_usrreq.c?r1=304545&r2=304713

Thu, Aug 30, 2:25 PM

Tue, Aug 28

ae added inline comments to D16654: IPv6 transport for bsnmp.
Tue, Aug 28, 11:01 AM
ae added inline comments to D16654: IPv6 transport for bsnmp.
Tue, Aug 28, 10:01 AM
ae added inline comments to D16654: IPv6 transport for bsnmp.
Tue, Aug 28, 8:13 AM
ae committed rS338343: MFC r337736:.
MFC r337736:
Tue, Aug 28, 7:24 AM

Mon, Aug 27

ae added inline comments to D16654: IPv6 transport for bsnmp.
Mon, Aug 27, 8:38 PM
ae added a comment to D16654: IPv6 transport for bsnmp.

Hi, Harti, can you upload the full patch that contains Makefile changes? :)

Mon, Aug 27, 10:58 AM

Thu, Aug 23

ae committed rS338244: MFC r337536:.
MFC r337536:
Thu, Aug 23, 1:07 PM
ae added inline comments to D16851: Add support for header chain validation on IPv6 Fragments (RFC7112).
Thu, Aug 23, 11:18 AM
ae added a comment to D16851: Add support for header chain validation on IPv6 Fragments (RFC7112).
In D16851#359111, @thj wrote:

What you think, if we make non-static ip6_checkfirstfrag() function, that can also be used by ipfw/pf/ipfil etc.?

I understand from conversations during BSDCam that ipfw relies on frag6 for fragment input processing.
I have no problem exposing this function for other users.

Thu, Aug 23, 11:05 AM
ae added a comment to D16851: Add support for header chain validation on IPv6 Fragments (RFC7112).
In D16851#359108, @ae wrote:

Also, I think ipfw/pf needs an additional look to correctly handle this too.

Thu, Aug 23, 10:50 AM
ae added a comment to D16851: Add support for header chain validation on IPv6 Fragments (RFC7112).

Also, I think ipfw/pf needs an additional look to correctly handle this too.

Thu, Aug 23, 10:47 AM

Aug 22 2018

ae added a comment to D16808: fix vlan locking to permit sx acquisition in ioctl calls.

@ae tested the original diff (D11370) and found that the lock overhead did have a measurable decrease in their forwarding performance. I'd be curious to see if there's a win here in taking the liveness-locking back out.

Aug 22 2018, 3:39 PM
ae added inline comments to D16808: fix vlan locking to permit sx acquisition in ioctl calls.
Aug 22 2018, 12:47 PM

Aug 16 2018

ae added a comment to D16654: IPv6 transport for bsnmp.

I'll try to use this patch in several days and will report.

Aug 16 2018, 1:22 PM
ae added inline comments to D16654: IPv6 transport for bsnmp.
Aug 16 2018, 1:20 PM
ae committed rS337902: MFC r337469:.
MFC r337469:
Aug 16 2018, 9:42 AM
ae committed rS337900: Properly initialize IP version in IPv6 header. This was missed in r334673..
Properly initialize IP version in IPv6 header. This was missed in r334673.
Aug 16 2018, 9:19 AM

Aug 14 2018

ae committed rS337736: Restore ability to send ICMP and ICMPv6 redirects..
Restore ability to send ICMP and ICMPv6 redirects.
Aug 14 2018, 7:54 AM

Aug 12 2018

ae added inline comments to D16654: IPv6 transport for bsnmp.
Aug 12 2018, 4:52 PM
ae added a comment to D16654: IPv6 transport for bsnmp.

Sure the interface index is not the best thing in a config file, but this is how all the interface-related stuff in SNMP works. The primary key is the interface index. As far as I understand it was once supposed to be constant even through reboots, but this is obviously not the case anymore. I see several options to make this more useable:

  • use the dns(16) address type. This allows using interface names for the scope of link local addresses.
  • add functions to the config parser. One function might resolve interface names or descriptions to interfaces indexes.
  • add functionality for GET/GETNEXT to the config parser. This is more tricky than it seems since this requires more control of the initialization order.
Aug 12 2018, 4:44 PM

Aug 10 2018

ae committed rS337574: Restore the behaviour changed in r337536, when bad `ipfw delete` command.
Restore the behaviour changed in r337536, when bad `ipfw delete` command
Aug 10 2018, 2:10 PM
ae added a comment to D16654: IPv6 transport for bsnmp.

Hi, Harti, while I was on the vacation, you made the patch :)
You can take a look to what I did before the vacation https://people.freebsd.org/~ae/bsnmpd_ipv6.diff
It is incomplete, but I started to make it differently. Maybe you will find something interesting.

Aug 10 2018, 10:37 AM
ae added inline comments to D16654: IPv6 transport for bsnmp.
Aug 10 2018, 10:28 AM
ae committed rS337568: Remove unneeded ipsec-related includes..
Remove unneeded ipsec-related includes.
Aug 10 2018, 7:24 AM
ae closed D16637: Remove ipsec includes from tcp_hpts.
Aug 10 2018, 7:24 AM

Aug 9 2018

ae created D16647: Add ability to switch the output method for NAT64 in run-time .
Aug 9 2018, 3:44 PM
ae committed rS337536: If -q flag is specified, do not complain when we are trying to delete.
If -q flag is specified, do not complain when we are trying to delete
Aug 9 2018, 12:46 PM

Aug 8 2018

ae committed rS337469: Use host byte order when comparing mss values..
Use host byte order when comparing mss values.
Aug 8 2018, 5:32 PM
ae committed rS337462: MFC r331098 (by melifaro):.
MFC r331098 (by melifaro):
Aug 8 2018, 4:17 PM
ae committed rS337461: MFC r336132:.
MFC r336132:
Aug 8 2018, 4:11 PM
ae committed rS337460: MFC r336405:.
MFC r336405:
Aug 8 2018, 4:09 PM

Jul 19 2018

ae committed rS336468: MFC r336219:.
MFC r336219:
Jul 19 2018, 7:30 AM

Jul 17 2018

ae committed rS336405: Move invoking of callout_stop(&lle->lle_timer) into llentry_free()..
Move invoking of callout_stop(&lle->lle_timer) into llentry_free().
Jul 17 2018, 11:33 AM
ae closed D4605: Properly stop timer before freeing link level entries for IPv4 and IPv6.
Jul 17 2018, 11:33 AM

Jul 16 2018

ae committed rS336334: MFC r335795,335796:.
MFC r335795,335796:
Jul 16 2018, 10:32 AM

Jul 12 2018

ae committed rS336219: Use correct size when we are allocating array for skipto index..
Use correct size when we are allocating array for skipto index.
Jul 12 2018, 11:38 AM

Jul 11 2018

ae added a comment to D16216: ipsec: Convert OCF consumer to pointer-style interface.

I have no objection.

Jul 11 2018, 11:39 AM

Jul 9 2018

ae closed D1776: New options for ipfw - record-state, set-limit and skip-immediate-action - for simpler rulesets.
Jul 9 2018, 11:35 AM
ae committed rS336132: Add "record-state", "set-limit" and "defer-action" rule options to ipfw..
Add "record-state", "set-limit" and "defer-action" rule options to ipfw.
Jul 9 2018, 11:35 AM
ae committed rS336131: Deduplicate the code..
Deduplicate the code.
Jul 9 2018, 11:03 AM
ae closed D16162: Add generic function if_tunnel_check_nesting() and use it in tunneling interfaces.
Jul 9 2018, 11:03 AM

Jul 6 2018

ae created D16162: Add generic function if_tunnel_check_nesting() and use it in tunneling interfaces.
Jul 6 2018, 11:45 AM

Jul 5 2018

ae committed rS335986: MFC r335759:.
MFC r335759:
Jul 5 2018, 3:37 PM

Jun 29 2018

ae committed rS335795: Make debug output produced by `setkey -x` command a more human readable..
Make debug output produced by `setkey -x` command a more human readable.
Jun 29 2018, 2:00 PM
ae closed D16036: Make PF_KEY dump produced by `setkey -x` a more human readable .
Jun 29 2018, 1:59 PM

Jun 28 2018

ae committed rS335760: Add NULL pointer check..
Add NULL pointer check.
Jun 28 2018, 11:39 AM
ae committed rS335759: Remove extra "ipfw" from example..
Remove extra "ipfw" from example.
Jun 28 2018, 9:42 AM

Jun 27 2018

ae added a reviewer for D16036: Make PF_KEY dump produced by `setkey -x` a more human readable : emeric.poupon_stormshield.eu.
Jun 27 2018, 8:18 PM
ae created D16036: Make PF_KEY dump produced by `setkey -x` a more human readable .
Jun 27 2018, 12:16 PM

Jun 21 2018

ae committed rS335474: MFC r335133:.
MFC r335133:
Jun 21 2018, 11:24 AM
ae committed rS335473: MFC r335133:.
MFC r335133:
Jun 21 2018, 10:51 AM

Jun 19 2018

ae committed rS335362: Move BPFIF_* macro definitions into .c file, where struct bpf_if is.
Move BPFIF_* macro definitions into .c file, where struct bpf_if is
Jun 19 2018, 10:35 AM

Jun 16 2018

ae committed rS335262: Fix typo..
Fix typo.
Jun 16 2018, 7:21 PM
ae committed rS335250: Switch RIB and RADIX_NODE_HEAD lock from rwlock(9) to rmlock(9)..
Switch RIB and RADIX_NODE_HEAD lock from rwlock(9) to rmlock(9).
Jun 16 2018, 8:27 AM
ae closed D15789: Switch RIB and RADIX_NODE_HEAD lock from rwlock(9) to rmlock(9).
Jun 16 2018, 8:26 AM

Jun 15 2018

ae added a comment to D15789: Switch RIB and RADIX_NODE_HEAD lock from rwlock(9) to rmlock(9).
In D15789#334391, @bz wrote:

right; I wonder if you could add about 500k routes for IPv4 and about (no idea 50k let's think ahead?) for IPv6 and then do about 25 route updates per second randomly in the address space; that would be an amazingly interesting test case (especially if you can provide the framework for that somewhere). I guess to see the initial table one could get an MRT dump from say https://www.ripe.net/analyse/internet-measurements/routing-information-service-ris/ris-raw-data or some of the others https://bgpstream.caida.org/data . I am neither saying you have to or that this should prevent this change from going in; it's just one of the things I have thought of for years related to some similar changes and others to have as a "router test bed scenario".

Jun 15 2018, 10:05 AM

Jun 14 2018

ae committed rS335144: Add missing BPF_MTAP2() for outbound packets..
Add missing BPF_MTAP2() for outbound packets.
Jun 14 2018, 3:04 PM
ae committed rS335141: Convert if_me(4) driver to use encap_lookup_t method and be lockless on.
Convert if_me(4) driver to use encap_lookup_t method and be lockless on
Jun 14 2018, 2:53 PM
ae committed rS335133: In m_megapullup() use m_getjcl() to allocate 9k or 16k mbuf when requested..
In m_megapullup() use m_getjcl() to allocate 9k or 16k mbuf when requested.
Jun 14 2018, 11:16 AM
ae committed rS335129: Add NULL check like the rest of code has..
Add NULL check like the rest of code has.
Jun 14 2018, 9:36 AM
ae committed rS335128: Remove stale comment. in6_ifdetach() can be called from places.
Remove stale comment. in6_ifdetach() can be called from places
Jun 14 2018, 9:30 AM

Jun 13 2018

ae created D15789: Switch RIB and RADIX_NODE_HEAD lock from rwlock(9) to rmlock(9).
Jun 13 2018, 11:51 AM
ae committed rS335048: Rework if_gre(4) to use encap_lookup_t method to speedup lookup.
Rework if_gre(4) to use encap_lookup_t method to speedup lookup
Jun 13 2018, 11:11 AM
ae committed rS335033: MFC r334875:.
MFC r334875:
Jun 13 2018, 7:17 AM
ae committed rS335032: MFC r334707:.
MFC r334707:
Jun 13 2018, 7:16 AM
ae committed rS335031: MFC r334324:.
MFC r334324:
Jun 13 2018, 7:14 AM

Jun 9 2018

ae committed rS334875: Explicitly change the link state when we assingn an address..
Explicitly change the link state when we assingn an address.
Jun 9 2018, 9:57 AM

Jun 8 2018

ae committed rS334836: MFC r333403:.
MFC r333403:
Jun 8 2018, 10:09 AM
ae committed rS334835: MFC r333400:.
MFC r333400:
Jun 8 2018, 9:53 AM

Jun 6 2018

ae abandoned D15391: Use m_copyback() to write delayed checksum into mbuf, when a checksum is not located in first mbuf in the chain .

Committed in rS334707 and rS334709.

Jun 6 2018, 4:37 PM
ae committed rS334709: Make in_delayed_cksum() be similar to IPv6 implementation..
Make in_delayed_cksum() be similar to IPv6 implementation.
Jun 6 2018, 1:02 PM
ae committed rS334707: Use m_copyback() function to write delayed checksum when it isn't located.
Use m_copyback() function to write delayed checksum when it isn't located
Jun 6 2018, 10:46 AM