git: 0169daa1f2cd - stable/13 - carp: turn net.inet.carp.allow into a RW tunable
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 09 Feb 2023 16:44:37 UTC
The branch stable/13 has been updated by melifaro: URL: https://cgit.FreeBSD.org/src/commit/?id=0169daa1f2cd62394e7d068cbb405d64a8316bbc commit 0169daa1f2cd62394e7d068cbb405d64a8316bbc Author: Boris Lytochkin <lytboris@gmail.com> AuthorDate: 2023-01-29 16:42:40 +0000 Commit: Alexander V. Chernikov <melifaro@FreeBSD.org> CommitDate: 2023-02-09 16:41:34 +0000 carp: turn net.inet.carp.allow into a RW tunable Currently CARP starts announcing its state when initialised, regardless of the state of the other services provided by the server. As a result, the device can become master while still loading the firewall ruleset or initialising long-starting service. This change adds the way to request delayed CARP start by setting the net.inet.carp.allow=0 in the loader.conf. Differential Revision: https://reviews.freebsd.org/D38167 MFC after: 2 weeks (cherry picked from commit ee49c5d33d93a6b10222f64a0dc16590ac2048a0) --- sys/netinet/ip_carp.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/sys/netinet/ip_carp.c b/sys/netinet/ip_carp.c index 71558be619d8..e84a85ebc11e 100644 --- a/sys/netinet/ip_carp.c +++ b/sys/netinet/ip_carp.c @@ -221,8 +221,8 @@ static int carp_demote_adj_sysctl(SYSCTL_HANDLER_ARGS); SYSCTL_NODE(_net_inet, IPPROTO_CARP, carp, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, "CARP"); SYSCTL_PROC(_net_inet_carp, OID_AUTO, allow, - CTLFLAG_VNET | CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, - 0, 0, carp_allow_sysctl, "I", + CTLFLAG_VNET | CTLTYPE_INT | CTLFLAG_RWTUN | CTLFLAG_MPSAFE, + &VNET_NAME(carp_allow), 0, carp_allow_sysctl, "I", "Accept incoming CARP packets"); SYSCTL_PROC(_net_inet_carp, OID_AUTO, dscp, CTLFLAG_VNET | CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, @@ -2238,6 +2238,15 @@ carp_mod_cleanup(void) sx_destroy(&carp_sx); } +static void +ipcarp_sysinit(void) +{ + + /* Load allow as tunable so to postpone carp start after module load */ + TUNABLE_INT_FETCH("net.inet.carp.allow", &V_carp_allow); +} +VNET_SYSINIT(ip_carp, SI_SUB_PROTO_DOMAIN, SI_ORDER_ANY, ipcarp_sysinit, NULL); + static int carp_mod_load(void) {