svn commit: r253878 - in stable/9: share/man/man4 sys/net
Hiroki Sato
hrs at FreeBSD.org
Fri Aug 2 03:46:46 UTC 2013
Author: hrs
Date: Fri Aug 2 03:46:45 2013
New Revision: 253878
URL: http://svnweb.freebsd.org/changeset/base/253878
Log:
MFC 253751 and 253843:
- Relax the restriction on the member interfaces with LLAs. Two or more
LLAs on the member interfaces are actually harmless when the parent
interface does not have a LLA.
- Add net.link.bridge.allow_llz_overlap. This is a knob to allow LLAs on
a bridge and the member interfaces at the same time. The default is 0.
Approved by: re (marius)
Modified:
stable/9/share/man/man4/bridge.4
stable/9/sys/net/if_bridge.c
Directory Properties:
stable/9/share/man/man4/ (props changed)
stable/9/sys/ (props changed)
Modified: stable/9/share/man/man4/bridge.4
==============================================================================
--- stable/9/share/man/man4/bridge.4 Fri Aug 2 00:20:04 2013 (r253877)
+++ stable/9/share/man/man4/bridge.4 Fri Aug 2 03:46:45 2013 (r253878)
@@ -35,7 +35,7 @@
.\"
.\" $FreeBSD$
.\"
-.Dd July 3, 2013
+.Dd July 27, 2013
.Dt IF_BRIDGE 4
.Os
.Sh NAME
@@ -185,7 +185,7 @@ and applications use both of them.
.Pp
To prevent this situation,
.Nm
-checks whether an link-local scoped IPv6 address is configured on
+checks whether a link-local scoped IPv6 address is configured on
a member interface to be added and the
.Nm
interface.
@@ -194,13 +194,13 @@ When the
interface has IPv6 addresses,
IPv6 addresses on the member interface will be automatically removed
before the interface is added.
-When both
-.Nm
-interface and the existing member interfaces do not have one,
-adding an interface with IPv6 addresses as a new member interface is allowed.
-These means only one interface in the link-local scope zone where the
-.Nm
-interface forms can have link-local scoped IPv6 addresses.
+.Pp
+This behavior can be disabled by setting
+.Xr sysctl 8
+variable
+.Va net.link.bridge.allow_llz_overlap
+to
+.Li 1 .
.Pp
Note that
.Li ACCEPT_RTADV
Modified: stable/9/sys/net/if_bridge.c
==============================================================================
--- stable/9/sys/net/if_bridge.c Fri Aug 2 00:20:04 2013 (r253877)
+++ stable/9/sys/net/if_bridge.c Fri Aug 2 03:46:45 2013 (r253878)
@@ -384,6 +384,12 @@ SYSCTL_INT(_net_link_bridge, OID_AUTO, i
&bridge_inherit_mac, 0,
"Inherit MAC address from the first bridge member");
+static VNET_DEFINE(int, allow_llz_overlap) = 0;
+#define V_allow_llz_overlap VNET(allow_llz_overlap)
+SYSCTL_VNET_INT(_net_link_bridge, OID_AUTO, allow_llz_overlap, CTLFLAG_RW,
+ &VNET_NAME(allow_llz_overlap), 0, "Allow overlap of link-local scope "
+ "zones of a bridge interface and the member interfaces");
+
struct bridge_control {
int (*bc_func)(struct bridge_softc *, void *);
int bc_argsize;
@@ -1064,7 +1070,8 @@ bridge_ioctl_add(struct bridge_softc *sc
*/
/* Check if the parent interface has a link-local scope addr. */
- if (in6ifa_llaonifp(sc->sc_ifp) != NULL) {
+ if (V_allow_llz_overlap == 0 &&
+ in6ifa_llaonifp(sc->sc_ifp) != NULL) {
/*
* If any, remove all inet6 addresses from the member
* interfaces.
@@ -1093,32 +1100,6 @@ bridge_ioctl_add(struct bridge_softc *sc
"IPv6 address scope violation.\n",
ifs->if_xname);
}
- } else {
- struct in6_ifaddr *ia6_m, *ia6_s;
- /*
- * If not, check whether one of the existing member
- * interfaces have inet6 address. If any, remove
- * inet6 addresses on the interface to be added.
- */
- ia6_m = NULL;
- BRIDGE_XLOCK(sc);
- LIST_FOREACH(bif, &sc->sc_iflist, bif_next) {
- ia6_m = in6ifa_llaonifp(bif->bif_ifp);
- if (ia6_m != NULL)
- break;
- }
- BRIDGE_XDROP(sc);
- ia6_s = in6ifa_llaonifp(ifs);
-
- if (ia6_m != NULL && ia6_s != NULL) {
- BRIDGE_UNLOCK(sc);
- in6_ifdetach(ifs);
- BRIDGE_LOCK(sc);
- if_printf(sc->sc_ifp, "IPv6 addresses on %s have "
- "been removed before adding it as a member "
- "to prevent IPv6 address scope violation.\n",
- ifs->if_xname);
- }
}
#endif
/* Allow the first Ethernet member to define the MTU */
More information about the svn-src-all
mailing list