Re: vmd: fix i8259 race condition, vioblk hang

Hi, I tested your patch and it is a great improvement for me. My vms are hanging reproducible without your fix. Thank you Florian Am Di., 29. Aug. 2023 um 18:01 Uhr schrieb Dave Voutila : > > Dave Voutila writes: > > > mbuhl@ found an issue where the emulated virtio block device can > >

Re: ospf6d: depend on

Hi, successfully tested. I like the feature! Some (mostly cosmetic) comments inline. Index: ospfe.c === RCS file: /cvs/src/usr.sbin/ospf6d/ospfe.c,v retrieving revision 1.51 diff -u -p -r1.51 ospfe.c --- ospfe.c 12 Aug 2017

Re: ospfd: change control socket to ospfd.sock.

Please initialize *sockname with NULL, then OK . On 07/11/18 00:33, Remi Locherer wrote: Hi, This changes the name of the ospfd control socket to include the rdomain. It's similar to what bgpd does. OK? Remi Index: ospfd/ospfd.c

pledge ospf6d

Hi, this adds pledge to the ospf6d route decision engine and the ospf engine. It is compared to the ospfd quite simple, since ospf6d does not support reload, rdomains and kif-interfaces. ok? friehm Index: ospfe.c === RCS file:

ospf6d: Do not try to change cloning routes into gateway routes

Hi, If intra area prefixes move from one router to another router, cloning routes may become gateway routes and contrary. The kernel does not allow to change the flags RTF_GATEWAY / RTF_CLONING in RTM_CHANGE messages, but ospf6d tries this anyway. The result is a broken route. Instead of

ospfd: track gateway addresses of cloning routes

Hi, since we use multiple cloning routes (mpath) if more than one ip address exists in the same network, the routes are distinguished by their gateway address, which is the associated interface address. The ospfd has to track the gateway addresses so that kroute_matchgw() is able to find the

Remove DELAY(1000) from ip_carp.c

Hi, Several people, including myself, asked why we need the DELAY(1000) in netinet/ip_carp.c. It exists since the initial revision of carp(4). Nobody can exactly explain why it was added and tests work fine without it. I would like to remove it, since it blocks unlocking efforts of tb@ und mpi@.

Re: mpath cloning routes and cloned routes

On 02/19/18 11:01, Martin Pieuchot wrote: On 14/02/18(Wed) 21:53, Florian Riehm wrote: If we delete cloning routes, we also delete their cloned routes. This doesn't make sense if we delete a multipath cloning route and may result in broken gateway routes: That's a bug! # netstat -rn | grep

mpath cloning routes and cloned routes

Hi, If we delete cloning routes, we also delete their cloned routes. This doesn't make sense if we delete a multipath cloning route and may result in broken gateway routes: # netstat -rn | grep 192.168.178 default192.168.178.1 UGS5 4939 -12 iwn0

Re: carp_ourether() tweak

ok. friehm On 01/22/18 11:58, Martin Pieuchot wrote: Check if `if_carp' is empty inside carp_ourether() instead of outside. ok? Index: net/if_bridge.c === RCS file: /cvs/src/sys/net/if_bridge.c,v retrieving revision 1.301 diff

Re: merge vlan and carp input back into ether_input

On 01/11/18 14:51, Martin Pieuchot wrote: On 11/01/18(Thu) 21:59, David Gwynne wrote: [...] when you say i break carp balancing, are you talking about the removal of the PACKET_TAG_CARP_BAL_IP tagging? PACKET_TAG_CARP_BAL_IP is only used in carp_lsdrop to clear the M_MCAST flag on the mbuf.

Re: Add reset option to boot command of ddb(4)

2/17(Wed) 19:09, Florian Riehm wrote: Hi, This patch follows bluhm's attempt for a ddb command 'boot reset'. My first attempt was not architecture aware. Tested on i386 by bluhm@ and on amd64 by me. I don't understand why we need to add "boot reset"? To not fix ddb(4) and keep

Re: Add reset option to boot command of ddb(4)

I will prepare a new diff including the other architecures and try to find people who can test it. I have had such a diff already but then I decided to remove the untested parts because I didn't want to submit untested code. friehm On 12/13/17 21:59, Theo de Raadt wrote: As it is, this diff

Add reset option to boot command of ddb(4)

Hi, This patch follows bluhm's attempt for a ddb command 'boot reset'. My first attempt was not architecture aware. Tested on i386 by bluhm@ and on amd64 by me. ok? friehm Index: share/man/man4/ddb.4 === RCS file:

Add reset option to boot command of ddb(4)

Hi, Sometimes I see systems hanging in ddb(4) after panic(9) and the "boot reboot" command doesn't work anymore, i.e. of filesystem or locking issues. Bluhm@ suggested to me to use "call cpu_reset" in such situations. I would like to introduce a command 'boot reset' to do this. ok? friehm

Re: close cron sockets in child processes

On 10/23/17 09:05, Jeremie Courreges-Anglas wrote: On Fri, Oct 20 2017, "Todd C. Miller" <todd.mil...@courtesan.com> wrote: On Fri, 20 Oct 2017 16:25:32 +0200, Florian Riehm wrote: cron(8) opens /var/run/cron.sock for communication with crontab(1). The forked cronjobs have

close cron sockets in child processes

Hi, cron(8) opens /var/run/cron.sock for communication with crontab(1). The forked cronjobs have the socked still open. This prevents restarting cron while a job is running: (CRON) DEATH (already running) I think cron's children should not inherit sockets. ok? friehm Index:

Re: ospfd: add IMSG_IFADDRADD to deal with "sh /etc/netstart if"

On 08/23/17 00:22, Florian Riehm wrote: On 08/21/17 18:57, Remi Locherer wrote: On Mon, Jul 24, 2017 at 04:59:46PM +0200, Remi Locherer wrote: On Fri, Jul 21, 2017 at 06:24:06PM +0200, Remi Locherer wrote: On Fri, Jul 21, 2017 at 02:45:03PM +0200, Florian Riehm wrote: On 06/25/17 23:47, Remi

Re: ospfd: add IMSG_IFADDRADD to deal with "sh /etc/netstart if"

On 08/21/17 18:57, Remi Locherer wrote: On Mon, Jul 24, 2017 at 04:59:46PM +0200, Remi Locherer wrote: On Fri, Jul 21, 2017 at 06:24:06PM +0200, Remi Locherer wrote: On Fri, Jul 21, 2017 at 02:45:03PM +0200, Florian Riehm wrote: On 06/25/17 23:47, Remi Locherer wrote: Hi, ospfd does

Re: [patch] ospfd: exporting default gateway via route label (fix ROUNDUP)

On 03/03/14 00:33, Florian Riehm wrote: > Hi all, > > ospfd can't export the default gateway via route label because > get_rtaddrs gets confused by a netmask (RTAX_NETMASK) of 0 because > sa->sa_len in get_rtaddrs is 0 and ROUNDUP then returns 0 also. > > The bug

Re: ospfd: add IMSG_IFADDRADD to deal with "sh /etc/netstart if"

On 06/25/17 23:47, Remi Locherer wrote: > Hi, > > ospfd does not react nicely when running "sh /etc/netstart if". > > This is because adding the same address again do an interface results > in RTM_DELADDR and RTM_NEWADDR. ospfd handles the former but the later. > If this happens ospfd says

Re: Route priority support for ospf6d

Thanks, I commited it to move forward. On 06/09/17 15:41, Claudio Jeker wrote: > On Fri, Jun 09, 2017 at 03:28:07PM +0200, Alexander Bluhm wrote: >> On Wed, May 31, 2017 at 02:29:03PM +0200, Florian Riehm wrote: >>> @@ -359,6 +333,7 @@ kr_fib_decouple(void) >>> void

Route priority support for ospf6d

Hi, this diff adds priority support to ospf6d. Mostly based on the following ospfd commit: cvs diff -D "2008-12-11" -D "2008-12-13" Additionally I removed the RTF_UP from hdr.rtm_flags in send_rtmsg(). Ospfd and bgpd also don't set the flag. The next steps will be to add support for ospf6ctl

Re: Fix carp(4) balancing ip: replace mac address hack with mbuf tag

On 05/28/17 16:09, Martin Pieuchot wrote: > On 28/05/17(Sun) 16:02, Florian Riehm wrote: >> [...] >> Ok, new diff below. > > I overlooked something! See below: Good catch! I also forgot SRPL_LEAVE. fixed. Index: share

Re: Fix carp(4) balancing ip: replace mac address hack with mbuf tag

On 05/28/17 14:04, Martin Pieuchot wrote: > On 28/05/17(Sun) 13:58, Florian Riehm wrote: >> On 05/28/17 11:33, Martin Pieuchot wrote: >>> On 28/05/17(Sun) 10:34, Florian Riehm wrote: >>>> Hi, >>>> >>>> after the fix for carp balancing i

Re: Fix carp(4) balancing ip: replace mac address hack with mbuf tag

On 05/28/17 11:33, Martin Pieuchot wrote: > On 28/05/17(Sun) 10:34, Florian Riehm wrote: >> Hi, >> >> after the fix for carp balancing ip-stealth is in, here is the fix for >> balancing ip. > > Great! > >> >> Non-stealth balancing traffic needs som

Fix carp(4) balancing ip: replace mac address hack with mbuf tag

Hi, after the fix for carp balancing ip-stealth is in, here is the fix for balancing ip. Non-stealth balancing traffic needs some special treatment since it contains layer 3 unicast inside layer 2 multicast. Now the idea is to deal at layer 2 (ether_input()) with the multicast frames like

Fix carp balancing ip-stealth

Hi, This patch fixes the carp mode 'balancing ip-stealth'. Problem: System A carp1: flags=8843 mtu 1500 lladdr 00:00:5e:00:01:01 description: Carp-intern index 7 priority 15 llprio 3 carp: carpdev vio2 advbase 1 balancing

Re: multipath / route priority support for ospf6d

On 05/12/17 18:07, Florian Riehm wrote: > Hi, > > our QA reports issues with the ospf6d since the kernel uses more multipath > routes. > It exits after certain topology changes with: > rde_send_change_kroute: no valid nexthop found > > Since the kernel uses more mu

multipath / route priority support for ospf6d

Hi, our QA reports issues with the ospf6d since the kernel uses more multipath routes. It exits after certain topology changes with: rde_send_change_kroute: no valid nexthop found Since the kernel uses more multipath routes, the lack of multipath support in ospf6d became a problem. The

Re: [patch] Fix carp(4) with balancing ip / ip-stealth

On 03/31/16 10:14, Martin Pieuchot wrote: > On 30/03/16(Wed) 18:04, Florian Riehm wrote: >> On 03/01/16 23:03, Martin Pieuchot wrote: >>> On 18/02/16(Thu) 16:46, Florian Riehm wrote: >>>> On 02/16/16 11:23, Martin Pieuchot wrote: >>>>> On 12/02/16(Fr

Re: [patch] Fix carp(4) with balancing ip / ip-stealth

On 03/01/16 23:03, Martin Pieuchot wrote: > On 18/02/16(Thu) 16:46, Florian Riehm wrote: >> On 02/16/16 11:23, Martin Pieuchot wrote: >>> On 12/02/16(Fri) 16:33, Florian Riehm wrote: >>>> Hi Tech, >>>> >>>> I have noticed that CARP I

Re: Route priorities missing in route messages

On 03/24/16 15:47, Alexander Bluhm wrote: > On Thu, Mar 24, 2016 at 03:03:18PM +0100, Florian Riehm wrote: >> -void rt_missmsg(int, struct rt_addrinfo *, int, u_int, int, u_int); >> +void rt_missmsg(int, struct rt_addrinfo *, int, u_char, u_int, int, >> u_in

Route priorities missing in route messages

Hi, Routing daemons like ospfd use two interfaces to obtain route information from the kernel: - sysctl - route messages Route information from sysctl contain correct route priorities, route messages not. This can lead to incorrect routes inside the daemons. If daemons see routes with different

Re: [patch] Fix carp(4) with balancing ip / ip-stealth

On 02/16/16 11:23, Martin Pieuchot wrote: > On 12/02/16(Fri) 16:33, Florian Riehm wrote: >> Hi Tech, >> >> I have noticed that CARP IP-Balancing is broken, so I am testing and >> fixing it. >> >> The first problem came in with this commit: >> http://

[patch] Fix carp(4) with balancing ip / ip-stealth

Hi Tech, I have noticed that CARP IP-Balancing is broken, so I am testing and fixing it. The first problem came in with this commit: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/net/if_ethersubr.c.diff?r1=1.176=1.177 It enforces that outgoing packets use the src mac of the carp interface

Re: libssl patch available

On 03/11/15 21:42, Ted Unangst wrote: Thanks to Florian Riehm for pointing out that 5.6 was still vulnerable to FREAK. Thanks to Steffen Ulrich for testing. He has found the problem. Also thanks to tedu@ for the fix. Florian

Re: Sending route messages for local routes or cloning routes

Hi Martin, Thanks for your diff! Regardless of my problem it makes our code more clear. The loop in rt_newaddrmsg() was ugly. Here's a diff that should generate a RTM_ADD message for every CLONING route added while keeping the existing RTM_NEWADDR/RTM_DELADDR logic. dhclient(8) is happy

Sending route messages for local routes or cloning routes

Hi Martin, as requested in your commit message I would like to tell you about a regression with the introduced local routes: Before OpenBSD 5.6 it was possible to add route labels to interfaces and tell ospfd to redistribute all labeled routes. After adding an address to a labeled interface a

Re: Sending route messages for local routes or cloning routes

On 12/23/14 11:59, Martin Pieuchot wrote: Would it make sense to remove the loop in rt_newaddrmsg which generates the two route messages? Instead of this rt_newaddrmsg sends only the RTM_NEWADDR / RTM_DELADDR message and the other message gets send after creating/deleting the cloning

Fix some vulnerabilities in file(1)

://www.freebsd.org/security/advisories/FreeBSD-SA-14:28.file.asc . I will submit it if the first part is committed to make reviewers job easier. Regards Florian Riehm Index: ascmagic.c === RCS file: /cvs/src/usr.bin/file/ascmagic.c,v retrieving

Disable NOINET6 for carp parent interfaces automatically

Hi, in OpenBSD 5.6 NOINET6 gets disabled on a carp interface after configuring an ipv6 address. Additionally you have to disable NOINET6 at the physical interface or ip6_output() will fail because carp_send_ad() could not determine an ipv6 source address via ifaof_ifpforaddr(). The attached

Behavior of changing routes on OpenBSD 5.6

Hi tech, since OpenBSD 5.6 route change messages can change the interface of a route (rt_ifa) even if a message doesn't seem to require it because of a changed gateway or stuff like that. I would like to ask if it's a regression or if the new behavior is intended. Example: (only for testing - it

Re: openospfd router-priority

On 08/19/14 21:45, Tim Epkes wrote: All, I had implemented a network using openospf and initially left router-priorities off. Problem is I kept coming up FULL/OTHER and would not get routes. I changed the router priority values (not to match as when I matched got the same). I changed one

[Patch] Add router alert option to igmp packets

Hi tech, our IGMP packets don't contain router alert options. According rfc 2236 (Internet Group Management Protocol, Version 2) packets without this option have to be ignored. Some layer 3 switches are blocking our igmp packets because of that. The following patch is based on a FreeBSD patch

Re: [Patch] Add router alert option to igmp packets

On 04/26/14 20:35, Alexander Bluhm wrote: /* * To avoid byte-swapping the same value over and over again. */ FreeBSD has code matching this comment. In OpenBSD the code is gone and so should the comment. Of course that is unrelated to this diff. I have

[patch] ospfd: exporting default gateway via route label (fix ROUNDUP)

Hi all, ospfd can't export the default gateway via route label because get_rtaddrs gets confused by a netmask (RTAX_NETMASK) of 0 because sa-sa_len in get_rtaddrs is 0 and ROUNDUP then returns 0 also. The bug has been fixed in ospf6d in the same way a couple of years ago. Ospf6d uses the ROUNDUP

[Patch] ospfd: allow router lsa with 0 links

Hi Claudio, could you please have a look to the following patch. It removes a check that tries to make sure, a router lsa has at least one link. I have seen a problem with the check in the following situation: On a router with only one ospf speaking interface, the link on this interface goes

[Patch] Add rtlabel to rt_newaddrmsg

Hi tech@, I'm using the ospfd with redistribute rtlabel statements. If I add new addresses to interfaces with a route label, ospfd will not notice it, because the route messages don't contain the route label. Please have a look to the attached patch. It adds the route label, so ospfd can handle

rtsock: Why shouldn't rt flags be changeable in RTM_CHANGE messages?

Hi, because of a bug in ospf6d I tried to allow ospf6d to change cloning routes to gateway routes and the other way around. I've noticed there is a check which tries to forbid this, but the check is broken. It allows to toggle ALL rt flags, if ONE common bit in RTF_FMASK and rtm_fmask is set.