Page MenuHomeFreeBSD

lutz_donnerhacke.de (Lutz Donnerhacke)
User

Projects

User Details

User Since
Sep 26 2019, 9:24 AM (68 w, 4 d)

Recent Activity

Yesterday

lutz_donnerhacke.de updated the diff for D21968: netgraph/ng_source: Allow ng_source to inject into any netgraph network.

Bump the date in the man page.

Sun, Jan 17, 8:40 PM
lutz_donnerhacke.de updated the diff for D27968: Add myself (donner) as src committer..
  • Update the day of the commit bit assignment.
Sun, Jan 17, 12:01 PM
lutz_donnerhacke.de added a comment to R9:751e8bc38369: Add committer entries in doc for Lutz Donnerhacke <donner>.

"arc land --hold" generated a detached head locally, with a wrong commit message ("Approved by:" was missing)
After amending the commit and pushing it to git, the wrong message was pushed instead of the amended one.
I'm sorry.

Sun, Jan 17, 11:51 AM

Sat, Jan 16

lutz_donnerhacke.de updated the diff for D27967: Add committer entries in doc for Lutz Donnerhacke <donner>.

Rebase to 31f481ca1c384b8c

Sat, Jan 16, 4:13 PM

Thu, Jan 14

lutz_donnerhacke.de updated the diff for D27967: Add committer entries in doc for Lutz Donnerhacke <donner>.
  • Change OpenPGP key
  • Update the day of the commit bit
Thu, Jan 14, 4:55 PM
lutz_donnerhacke.de added a comment to D28123: netgraph/ng_bridge: become multithreaded.

I also thought about getting rid of ng_bridge from NG_NODE_FORCE_WRITER. Since rcv_data is always called in the NET_EPOCH context, I think we can do it like @kp did it for if_bridge(4) (see D24250).

Thu, Jan 14, 6:41 AM

Wed, Jan 13

lutz_donnerhacke.de added a reviewer for D28144: netgraph/ng_bridge: switch loopCount to counter framework: network.
Wed, Jan 13, 11:23 PM
lutz_donnerhacke.de updated the diff for D28144: netgraph/ng_bridge: switch loopCount to counter framework.
  • Fix style for overlong line
Wed, Jan 13, 11:21 PM
lutz_donnerhacke.de requested review of D28144: netgraph/ng_bridge: switch loopCount to counter framework.
Wed, Jan 13, 11:19 PM
lutz_donnerhacke.de updated the diff for D28141: netgraph/ng_bridge: Make simple internal functions read-only.
  • Fix some formatting, line up comments.
  • Annotate helper functions to handle immutable objects.
Wed, Jan 13, 10:23 PM
lutz_donnerhacke.de added a comment to D28141: netgraph/ng_bridge: Make simple internal functions read-only.

It's far that simple. I missed the difference between

  • "const node_p": a constant pointer to a modifiable node.
  • "struct ng_node const *" : a modifiable pointer to a constant node.
Wed, Jan 13, 9:53 PM
lutz_donnerhacke.de updated the diff for D28123: netgraph/ng_bridge: become multithreaded.

revert the idea of specialized const pointers, it's too confusing

Wed, Jan 13, 8:49 PM
lutz_donnerhacke.de updated the diff for D28141: netgraph/ng_bridge: Make simple internal functions read-only.

revert the idea of specialized "const pointers"

Wed, Jan 13, 8:45 PM
lutz_donnerhacke.de added a reviewer for D28141: netgraph/ng_bridge: Make simple internal functions read-only: network.
Wed, Jan 13, 8:22 PM
lutz_donnerhacke.de requested review of D28141: netgraph/ng_bridge: Make simple internal functions read-only.
Wed, Jan 13, 8:22 PM
lutz_donnerhacke.de updated the diff for D28123: netgraph/ng_bridge: become multithreaded.

Prepare ng_bridge for read-only data paths by providing const pointers.

Wed, Jan 13, 8:12 PM
lutz_donnerhacke.de added a comment to D28123: netgraph/ng_bridge: become multithreaded.

Lutz, do you have any plans for the upcoming changes?

Wed, Jan 13, 11:41 AM
lutz_donnerhacke.de updated the summary of D28123: netgraph/ng_bridge: become multithreaded.
Wed, Jan 13, 8:47 AM
lutz_donnerhacke.de updated the summary of D28123: netgraph/ng_bridge: become multithreaded.
Wed, Jan 13, 8:46 AM
lutz_donnerhacke.de updated the diff for D28125: netgraph/ng_bridge: switch to counter framework.

Reversing errornously included stacked commit.

Wed, Jan 13, 6:23 AM
lutz_donnerhacke.de updated the diff for D28125: netgraph/ng_bridge: switch to counter framework.

Choose better names as suggested by melifaro.

Wed, Jan 13, 6:20 AM
lutz_donnerhacke.de added a comment to D28125: netgraph/ng_bridge: switch to counter framework.

LGTM. Does it really depend on D28123?

Wed, Jan 13, 6:10 AM
lutz_donnerhacke.de accepted D28128: Create new in6_purgeifaddr() which purges bound ifa prefix if it gets unused..
Wed, Jan 13, 5:49 AM

Tue, Jan 12

lutz_donnerhacke.de added a reviewer for D28125: netgraph/ng_bridge: switch to counter framework: network.
Tue, Jan 12, 10:35 PM
lutz_donnerhacke.de retitled D28123: netgraph/ng_bridge: become multithreaded from netgraph/ng_bridge :become multithreaded to netgraph/ng_bridge: become multithreaded.
Tue, Jan 12, 10:33 PM
lutz_donnerhacke.de retitled D28123: netgraph/ng_bridge: become multithreaded from netgraph/ng_bridge:become multithreaded to netgraph/ng_bridge :become multithreaded.
Tue, Jan 12, 10:33 PM
lutz_donnerhacke.de requested review of D28125: netgraph/ng_bridge: switch to counter framework.
Tue, Jan 12, 10:27 PM
lutz_donnerhacke.de requested review of D28123: netgraph/ng_bridge: become multithreaded.
Tue, Jan 12, 9:38 PM

Fri, Jan 8

lutz_donnerhacke.de updated the diff for D23963: netgraph/ng_bridge: Introduce "uplink" ports without MAC learning.

Converted local repository from subversion to git

Fri, Jan 8, 12:06 PM

Tue, Jan 5

lutz_donnerhacke.de added a comment to D27968: Add myself (donner) as src committer..

I'd like to use the following commit message

Tue, Jan 5, 10:25 AM
lutz_donnerhacke.de requested review of D27968: Add myself (donner) as src committer..
Tue, Jan 5, 10:23 AM
lutz_donnerhacke.de added a comment to D27967: Add committer entries in doc for Lutz Donnerhacke <donner>.

I'd suggest to use the following commit message

Add committer entries for Lutz Donnerhacke <donner>
Tue, Jan 5, 10:16 AM
lutz_donnerhacke.de added a comment to D27967: Add committer entries in doc for Lutz Donnerhacke <donner>.

I do not have access to freefall at the moment, but from the current developer list, I'd assume, the name "donner" is free to be assigned.
The name is also my IRC-nick, so I'd like to keep them consistent.

Tue, Jan 5, 10:13 AM
lutz_donnerhacke.de requested review of D27967: Add committer entries in doc for Lutz Donnerhacke <donner>.
Tue, Jan 5, 10:11 AM

Sun, Jan 3

lutz_donnerhacke.de added a comment to D27783: wg(4): Add a man page.

Please add the description of the parameters (wgkey, wgport, ...) or point to the appropriate part in ifconfig(8) man page.

Sun, Jan 3, 3:49 PM
lutz_donnerhacke.de added a comment to D27783: wg(4): Add a man page.

The example is more instructive, if it is split between two machines and follow the two step setup. Do not try to automate the communication by a script, it's erronous and not instructive. Remember to always use documentaion IP addresses (RFC 5737)

Sun, Jan 3, 3:45 PM
lutz_donnerhacke.de added inline comments to D27783: wg(4): Add a man page.
Sun, Jan 3, 10:56 AM

Sat, Jan 2

lutz_donnerhacke.de accepted D27880: pf tests: Test case for PR229092.
Sat, Jan 2, 5:27 PM
lutz_donnerhacke.de added inline comments to D27880: pf tests: Test case for PR229092.
Sat, Jan 2, 12:50 PM

Fri, Jan 1

lutz_donnerhacke.de added inline comments to D27880: pf tests: Test case for PR229092.
Fri, Jan 1, 8:13 PM
lutz_donnerhacke.de added a comment to D23586: ipfw_nat: Perfomance of accessing multiple nat tables.

This patch causes a hanging kernel, if the ipfw ruleset is modified under stress.
To modify the ruleset, the system needs to be rebooted.

Fri, Jan 1, 11:03 AM

Wed, Dec 30

lutz_donnerhacke.de added a comment to D27764: pfctl: Stop sharing pf_ruleset.c with the kernel.

Given, that the old file was included by user space programms, I'd suggest to include some lines like

#ifndef KERNEL
# error "Kernel onle file! Please include ...."
#endif
Wed, Dec 30, 9:44 AM

Thu, Dec 24

lutz_donnerhacke.de updated the diff for D22076: netgraph/ng_vlan_rotate: IEEE 802.1ad VLAN manipulation netgraph node type (new type).

Updated to revision 368820.

Thu, Dec 24, 10:33 PM
lutz_donnerhacke.de updated the diff for D23850: netgraph: Allow larger messages in communication between kernel and user-space.

Updated to revision 368820.

Thu, Dec 24, 10:33 PM

Dec 18 2020

lutz_donnerhacke.de added a comment to D27675: Use more light-weight versions of routing lookup functions in ng_netflow..

Excellent example how to apply the new API.

Dec 18 2020, 9:23 PM
lutz_donnerhacke.de accepted D27661: pf: Use counter_u64 for pf_state byte/packet tracking.
Dec 18 2020, 11:59 AM
lutz_donnerhacke.de accepted D27662: netgraph: Fix ng_ether's shutdown handing.

I was confused by your "we will clear priv->ifp in the ng_ether detach callback" sentence.
Clarified for me.

Dec 18 2020, 1:29 AM

Dec 3 2020

lutz_donnerhacke.de added a comment to D27416: Add IPv4/IPv6 rtentry prefix accessors..

Using the accessor functions and given the fact, that only continuous netmasks are allowed (not yet), the route-prefix could be shrinked by storing the prefix length instead of the mask.
The accessor function can then return the mask from a static netmask table.

Dec 3 2020, 8:56 AM

Dec 1 2020

lutz_donnerhacke.de accepted D27416: Add IPv4/IPv6 rtentry prefix accessors..
Dec 1 2020, 7:47 AM

Nov 30 2020

lutz_donnerhacke.de added inline comments to D27416: Add IPv4/IPv6 rtentry prefix accessors..
Nov 30 2020, 6:52 AM
lutz_donnerhacke.de added a comment to D27416: Add IPv4/IPv6 rtentry prefix accessors..

Do I understand correctly, that dst contains an explicit bitmask, which is assumed to be continuous?

Nov 30 2020, 6:50 AM

Nov 29 2020

lutz_donnerhacke.de updated the diff for D22076: netgraph/ng_vlan_rotate: IEEE 802.1ad VLAN manipulation netgraph node type (new type).

Updated to revision 368146.

Nov 29 2020, 1:33 PM

Nov 26 2020

lutz_donnerhacke.de accepted D27382: [ng_socket] Don't take the SOCKBUF_LOCK() twice in the RX data path..

This patch seems to complicate things at the first glance.
But in the end, the sowakeup() call itself is the problem.
It requires to be called while holding the lock and releases it.

Nov 26 2020, 5:48 PM

Nov 20 2020

lutz_donnerhacke.de added a comment to D22076: netgraph/ng_vlan_rotate: IEEE 802.1ad VLAN manipulation netgraph node type (new type).

Mark annotations as done.

Nov 20 2020, 10:49 AM
lutz_donnerhacke.de updated the diff for D22076: netgraph/ng_vlan_rotate: IEEE 802.1ad VLAN manipulation netgraph node type (new type).

Updated to latest revision and fixed copyright annotations.

Nov 20 2020, 10:47 AM

Nov 18 2020

lutz_donnerhacke.de added a comment to D27268: New netgraph node: macfilter.

Thank you for the work. In principle the functionality can be emulated by ng_bpf as well, but this kind of node is easier to use.

Nov 18 2020, 3:28 PM

Nov 2 2020

lutz_donnerhacke.de added a comment to D27023: igmp: convert igmpstat to use PCPU counters.

OTOH even read-only access may fail without proper locking: There is no guaranty to read an unaligned multi-byte value while it's modified.
A separate function may keep the locking code locally, if necessary.
It may copy the struct into a (static) "read-only" buffer under the lock.

Can you expand on what you mean by 'unaligned'?

Nov 2 2020, 8:04 PM
lutz_donnerhacke.de added a comment to D27023: igmp: convert igmpstat to use PCPU counters.

OTOH even read-only access may fail without proper locking: There is no guaranty to read an unaligned multi-byte value while it's modified.
A separate function may keep the locking code locally, if necessary.
It may copy the struct into a (static) "read-only" buffer under the lock.

Nov 2 2020, 12:01 AM

Nov 1 2020

lutz_donnerhacke.de added a comment to D27023: igmp: convert igmpstat to use PCPU counters.

If necessary, I'd like to change it to a read-only function call, which is exposed instead.

const struct igmpstat  * get_global_igmp_stat();
Nov 1 2020, 11:56 PM

Oct 25 2020

lutz_donnerhacke.de updated the diff for D22076: netgraph/ng_vlan_rotate: IEEE 802.1ad VLAN manipulation netgraph node type (new type).

Updated to revision 367040.

Oct 25 2020, 4:54 PM
lutz_donnerhacke.de updated the diff for D23586: ipfw_nat: Perfomance of accessing multiple nat tables.

Updated to revision 367040.

Oct 25 2020, 4:53 PM

Oct 21 2020

lutz_donnerhacke.de added inline comments to D26436: Add support for stacked VLANs (IEEE 802.1ad, AKA Q-in-Q)..
Oct 21 2020, 3:25 PM · network
lutz_donnerhacke.de added a comment to D26436: Add support for stacked VLANs (IEEE 802.1ad, AKA Q-in-Q)..

May I point you to D22076, which deals with vlan stacking, too.
And may I point you to D24179, which removes a show stopper for vlan stacking on Intel devices.

Oct 21 2020, 3:22 PM · network

Oct 15 2020

lutz_donnerhacke.de added a comment to D26755: Add hash table lookup for IPv6 raw sockets..

I do not understand, why you do not need to calculate the hash during the delete operation.

Oct 15 2020, 6:15 AM

Oct 13 2020

lutz_donnerhacke.de added a comment to D26755: Add hash table lookup for IPv6 raw sockets..

It's quite a lot of code. So the question is, why this effort?

Oct 13 2020, 5:45 AM

Oct 12 2020

lutz_donnerhacke.de accepted D26742: pf: Create a kif for flags.
Oct 12 2020, 9:28 AM
lutz_donnerhacke.de added inline comments to D26742: pf: Create a kif for flags.
Oct 12 2020, 6:53 AM

Oct 5 2020

lutz_donnerhacke.de added a comment to D26672: [RFC] Implement sticky SO_REUSEPORT_LB socket option.

I'd like to split the functionality of load balancing from terminating.
If you have an TCP/UDP load balancer (i.e. Linux IPVS), you can distribute you load in a very generic way between different physical servers, jails, or processes.
But that's just my feeling to avoid duplicated complexity.

Oct 5 2020, 8:37 PM
lutz_donnerhacke.de added a comment to D26672: [RFC] Implement sticky SO_REUSEPORT_LB socket option.

Do I understand correctly, that this (heavy) patch works around the deficiencies of an unfit user space program?

Oct 5 2020, 4:39 PM

Sep 30 2020

lutz_donnerhacke.de added a comment to D26586: ng_l2tp: Fix synchronization with node shutdown or reset.

In order to prevent this race, the node should be know. that it's in shutdown. This way the callout can skip the reinvocation.
Another solution would be to free the c_arg argument manually.

Sep 30 2020, 6:54 AM

Sep 29 2020

lutz_donnerhacke.de added inline comments to D26586: ng_l2tp: Fix synchronization with node shutdown or reset.
Sep 29 2020, 8:13 PM
lutz_donnerhacke.de added a comment to D21968: netgraph/ng_source: Allow ng_source to inject into any netgraph network.

Do you have any performance measurements?
Is it have advantages over injecting packets through ng_socket(4) or ng_device(4)?

Sep 29 2020, 7:51 PM
lutz_donnerhacke.de updated the diff for D21965: usr.sbin/ngctl: Generate more compact GraphWiz output.

Fix typo and style.

Sep 29 2020, 7:44 PM
lutz_donnerhacke.de added a comment to D21965: usr.sbin/ngctl: Generate more compact GraphWiz output.

In the example compact output, the edge labels overlap and are hard to read, at least with default layout settings using dot(1) or webgraphviz. Is it possible to fix it easily?

Sep 29 2020, 7:34 PM

Sep 25 2020

lutz_donnerhacke.de updated the diff for D22076: netgraph/ng_vlan_rotate: IEEE 802.1ad VLAN manipulation netgraph node type (new type).

Rebase to r366170.

Sep 25 2020, 7:28 PM
lutz_donnerhacke.de updated the diff for D21968: netgraph/ng_source: Allow ng_source to inject into any netgraph network.

Rebase to r366170.

Sep 25 2020, 7:27 PM
lutz_donnerhacke.de updated the diff for D21965: usr.sbin/ngctl: Generate more compact GraphWiz output.

Rebase to r366170.

Sep 25 2020, 7:27 PM
lutz_donnerhacke.de updated the diff for D22140: netgraph/ng_tag: Variable length data can not be set for all length.

Rebase to r366170.

Sep 25 2020, 7:27 PM
lutz_donnerhacke.de updated the diff for D23727: netgraph/ng_one2many: Clarification in comments about copy mode.

Rebase to r366170.

Sep 25 2020, 7:26 PM
lutz_donnerhacke.de updated the diff for D23963: netgraph/ng_bridge: Introduce "uplink" ports without MAC learning.

Rebase to r366170.

Sep 25 2020, 7:26 PM
lutz_donnerhacke.de updated the diff for D23840: netgraph/ng_base: Allow larger BINARY2ASCII conversions.

Rebase to r366170.

Sep 25 2020, 7:25 PM
lutz_donnerhacke.de updated the diff for D23850: netgraph: Allow larger messages in communication between kernel and user-space.

Rebase to r366170.

Sep 25 2020, 7:25 PM
lutz_donnerhacke.de updated the diff for D24179: ixl: Permit 802.1ad frames to pass though the chip.

Rebase to r366170.

Sep 25 2020, 7:24 PM
lutz_donnerhacke.de updated the diff for D23586: ipfw_nat: Perfomance of accessing multiple nat tables.

Rebase to r366170.

Sep 25 2020, 7:24 PM
lutz_donnerhacke.de updated the diff for D22110: netgraph/ng_car: Add color marking code.

Rebase to r366170.

Sep 25 2020, 7:23 PM
lutz_donnerhacke.de added a comment to D26548: ng_l2tp: Fix callout synchronization in the RACK timeout handler.

Indeed, there seems to be a race in ng_l2tp_seq_xack_timeout() as well.

This looks like it could cause transmission of a ZLB with stale NR or NS, again in rare circumstances. I don't think it will cause a kernel panic.

Sep 25 2020, 6:38 PM
lutz_donnerhacke.de accepted D26548: ng_l2tp: Fix callout synchronization in the RACK timeout handler.

My problem is, that I do not understand, how this race condition can happen at all.
Sure, the fix seems obvious and does not harm, so let's go with it.

Sep 25 2020, 5:34 PM
lutz_donnerhacke.de added a comment to D26548: ng_l2tp: Fix callout synchronization in the RACK timeout handler.

Can you please point me to the bug report?

The PR that Aleksandr noted, https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=241133

A pfsense developer also reported seeing a null pointer dereference in ng_l2tp_seq_rack_timeout(), apparently because seq->xwin[0] == 0. Apparently the panic was observed even after this commit: https://svnweb.freebsd.org/base?view=revision&revision=353027 .

Sep 25 2020, 5:09 PM
lutz_donnerhacke.de added a comment to D26548: ng_l2tp: Fix callout synchronization in the RACK timeout handler.

Is the bug reproducible in a test environment?
Did someone try to compile with INVARIANTS (in order to bring L2TP_SEQ_CHECK into life)?

Sep 25 2020, 4:19 PM
lutz_donnerhacke.de added a comment to D26548: ng_l2tp: Fix callout synchronization in the RACK timeout handler.

Can you please point me to the bug report?
We are running this node in a large scale production environment (with remote LAC at different carriers) and did not observe such an issue before.

Sep 25 2020, 9:21 AM

Sep 20 2020

lutz_donnerhacke.de added inline comments to D26488: Add additional example to ng_bpf(4).
Sep 20 2020, 7:09 PM · network
lutz_donnerhacke.de accepted D26489: IP address parsing in netgraph eating too many characters.

I'm fine with this fix for a special case.
I agree, that a more complete approach would be fine, but this can be done in a later stage.

Sep 20 2020, 7:04 PM · network
lutz_donnerhacke.de accepted D26488: Add additional example to ng_bpf(4).

May you please provide a full context diff?
See https://wiki.freebsd.org/Phabricator

Sep 20 2020, 12:08 PM · network

Sep 18 2020

lutz_donnerhacke.de added a comment to D26449: Stage 2: Introduce scalable route multipath.

Heavy patch, looks promising overall.

Sep 18 2020, 6:02 AM

Sep 14 2020

lutz_donnerhacke.de added a comment to D26420: New netgraph nodetype: ng_antispoof.

Does this match your requirements?

Yes, it absolutely does. Thank you very much!

Sep 14 2020, 6:55 PM · network
lutz_donnerhacke.de added a comment to D26420: New netgraph nodetype: ng_antispoof.

To be honest, I did not recognize ng_bpf would do that. I will reevaluate my requirements based on that.

Sep 14 2020, 7:03 AM · network
lutz_donnerhacke.de added a comment to D26420: New netgraph nodetype: ng_antispoof.

I had another look into ng_bpf and I still do not understand how to express the required directionality in a tcpdump filter.

Sep 14 2020, 6:53 AM · network

Sep 13 2020

lutz_donnerhacke.de requested changes to D26420: New netgraph nodetype: ng_antispoof.

Can you please explain, what your node has in favor of ng_bpf (which is scripted with an arbitrary tcpdump expression)?
Currently I see a lot of parsing complexity moving into the kernel, which lacks a lot of expressiveness.

Sep 13 2020, 1:31 PM · network

Sep 10 2020

lutz_donnerhacke.de added a comment to D26358: ipfw: fix compatibility with frag and older rule sets.
In D26358#586750, @ae wrote:

I think this patch is too complicated. Can you properly test this patch instead? https://people.freebsd.org/~ae/ipfw_frag.diff

Sep 10 2020, 10:23 AM

Sep 4 2020

lutz_donnerhacke.de accepted D26324: net: Mitigate vnet / epair cleanup races.
Sep 4 2020, 4:00 PM