have chosen different (and more traditional) stateless/statuful
NAT64 as translation mechanism. Last non-trivial commits to both
faith(4) and faithd(8) happened more than 12 years ago, so I assume
it is time to drop RFC3142 in FreeBSD.
No objections from: net@
addresses generated by an address range specification. The default
value is 2048. This can be increased by setting $netif_ipexpand_max
in rc.conf.
- Fix warning messages when an address range spec exceeds the upper limit.
PR: 186841
$alias used to hold alias number, but now it carries full variable name,
so messages were tuned to account for that.
Other fixes:
- eliminate unneeded double spaces;
- tell user where inet/inet6 keywords are expected to be.
Reviewed by: hrs
MFC after: 1 week
the first alias had to be _alias0 and processing stopped at the first non-
defined variable (preventing gaps). Allowing gaps gives the administrator
the ability to group aliases in an adhoc manner and also lifts the
requirement to renumber aliases simply to comment-out an existing one.
Aliases are processed in numerical ascending order.
Discussed on: -rc
MFC after: 1 week
IPX was a network transport protocol in Novell's NetWare network operating
system from late 80s and then 90s. The NetWare itself switched to TCP/IP
as default transport in 1998. Later, in this century the Novell Open
Enterprise Server became successor of Novell NetWare. The last release
that claimed to still support IPX was OES 2 in 2007. Routing equipment
vendors (e.g. Cisco) discontinued support for IPX in 2011.
Thus, IPX won't be supported in FreeBSD 11.0-RELEASE.
subinterfaces) after they are created. Interfaces are already started
by devd invoking /etc/pccard_ether when they are created, so the explicit
calls in childif_create() resulted in interfaces being started twice.
Note that interfaces created via cloned_interfaces are not explicitly
started but depend on the devd mechanism already.
MFC after: 1 week
The ng_create_one() and ng_mkpeer() functions in network.subr are
now not used anywhere, but I left them, since they can be useful
in future in netgraph scripting.
Submitted by: pluknet
is ignored except for "rc.d/netif vnet{up,down} ifn" because a jail is
usually created after interface initialization on boot time.
"rc.d/netif vnetup ifn" moves ifn into the specified jail. It is
designed to be used in other scripts like rc.d/jail, not automatically
invoked during the interface initialization.
Approved by: re (kib)
noafif() is true. The following warning message was displayed when
pflog0 interface existed, for example:
ifconfig: ioctl(SIOCGIFINFO_IN6): Protocol family not supported
Reported by: bz
Approved by: re (gjb)
as "epair0" in $cloned_interfaces and "epair0[ab]" in the others in
rc.conf like the following:
cloned_interfaces="epair0"
ifconfig_epair0a="inet 192.168.1.1/24"
ifconfig_epair0b="inet 192.168.2.1/24"
/etc/rc.d/netif now accepts both "netif start epair0" and "netif start
epair0a".
Approved by: re (kib)
"/etc/rc.d/netif stop XXX". The old globbing pattern failed to account for the
possibility of a tab occuring before "inet".
Reviewed by: will
Approved by: ken (mentor, implicit)
MFC after: Never (bug affects head only)
Sponsored by: Spectra Logic
Newly-configured systems should use $cloned_interfaces.
- Call clone_{up,down}() and ifnet_rename() in rc.d/netif {start,stop}.
ifnet_rename() now accepts an interface name list as its argument.
- Add rc.d/netif clear. The "clear" subcommand is basically equivalent to
"stop" but it does not call clone_down().
- Add "ifname:sticky" keyword into $cloned_interfaces. If :sticky is
specified, the interface will not be destroyed in rc.d/netif stop.
- Add cloned_interfaces_sticky={YES,NO}. This variable globally sets
:sticky keyword above for all interfaces. The default value is NO.
When cloned_interfaces_sticky=YES, :nosticky keyword can be used to
override it on per interface basis.
- inet 192.0.2.1-10 netmask 255.255.255.0 (inet range spec + ifconfig options)
- inet6 2001:db8:1::1-f prefixlen 60 (inet6 range spec + ifconfig options)
If prefixlen or netmask option is specified with CIDR notation at
the same time, the option is used.
Tested by: Michael Grimm
MFC after: 3 days
notation like 2001:db8:1:1.
- Use eui64 flag in ifconfig(8) instead of network6_getladdr()[*] for
interface indentifier part.
Suggested by: ume [*]
MFC after: 3 days
Not only this is a bit cleaner, it allows multiple instances of hostapd to be
running on the system host, useful for simultaneous dual-band WiFi.
This is similar to ifconfig_wlanX="WPA" but it uses /etc/hostapd-wlanX.conf.
Compatibility with hostapd_enable=YES/NO was kept.
Reviewed by: adrian
This is an extended version of ipv4_addr_IF which supports both IPv4 and
IPv6, and multiple range specifications. To avoid to generate too many
addresses, the maximum number of the generated addresses is currently
limited to 31.
- Add $ifconfig_IF_aliases, which accepts multiple IP aliases in a variable.
- ipv6_prefix_IF now supports !/64 prefix length. In addition to the old
64-bit format (2001:db8:1:1), a full 128-bit format like 2001:db8:1:1::/64
is supported.
- Replace ifconfig command with $IFCONFIG_CMD variable to support
a dry-run mode in the future.
- Remove IP aliases before removing all of IPv4 addresses when doing
"rc.d/netif down".
- Add a DAD wait to network6_getladdr() because it is possible to fail to
configure an EUI64 address when ipv6_prefix_IF is specified.
A summary of the supported ifconfig_* variables is as follows:
# IPv4 configuration.
ifconfig_em0="inet 192.168.0.1"
# IPv6 configuration.
ifconfig_em0_ipv6="inet6 2001:db8::1/64"
# IPv4 address range spec. Now deprecated.
ipv4_addr_em0="10.2.1.1-10"
# IPv6 alias.
ifconfig_em0_alias0="inet6 2001:db8:5::1 prefixlen 70"
# IPv4 alias.
ifconfig_em0_alias1="inet 10.2.2.1/24"
# IPv4 alias with range spec w/o AF keyword (backward compat).
ifconfig_em0_alias2="10.3.1.1-10/32"
# IPv6 alias with range spec.
ifconfig_em0_alias3="inet6 2001:db8:20-2f::1/64"
# ifconfig_IF_aliases is just like ifconfig_IF_aliasN.
ifconfig_em0_aliases="inet 10.3.3.201-204/24 inet6 2001:db8:210-213::1/64 inet 10.1.1.1/24"
# IPv6 alias (backward compat)
ipv6_ifconfig_em0_alias0="inet6 2001:db8:f::1/64"
# IPv6 alias w/o AF keyword (backward compat)
ipv6_ifconfig_em0_alias1="2001:db8:f:1::1/64"
# IPv6 prefix.
ipv6_prefix_em0="2001:db8::/64"
Tested by: Kimmo Paasiala
- ipv6_enable + ipv6_gateway_enable should unset ACCEPT_RTADV by default for
backward compatibility.
- Configurations in ipv6_prefix_IF should be recognized even if there is no
ifconfig_IF_ipv6.
- DAD wait should be performed at once, not on a per-interface basis, if
possible. This fixes an issue that a system with a lot of IPv6-capable
interfaces takes too long for booting.
MFC after: 1 week
(r225485). When setting an interface name to it, the following
configurations will be enabled:
1. "no_radr" is set to all IPv6 interfaces automatically.
2. "-no_radr accept_rtadv" will be set only for $ipv6_cpe_wanif. This is
done just before evaluating $ifconfig_IF_ipv6 in the rc.d scripts (this
means you can manually supersede this configuration if necessary).
3. The node will add RA-sending routers to the default router list
even if net.inet6.ip6.forwarding=1.
This mode is added to conform to RFC 6204 (a router which connects
the end-user network to a service provider network). To enable
packet forwarding, you still need to set ipv6_gateway_enable=YES.
Note that accepting router entries into the default router list when
packet forwarding capability and a routing daemon are enabled can
result in messing up the routing table. To minimize such unexpected
behaviors, "no_radr" is set on all interfaces but $ipv6_cpe_wanif.
Approved by: re (bz)
parameters accepting them (such as description, group).
Changes discussed on freebsd-rc.
PR: conf/156675
Reported by: "Alexander V. Chernikov" <melifaro att ipfw ru>
Suggested by: hrs
Analyzed with: Alexander V. Chernikov via IRC
MFC after: 2 weeks
If not specified, network.subr will add it automatically if we have
INET support (1).
In network.subr only call the address family up/down functions
if the respective AF is available.
Switch to new kern.features variables for inet and inet6 as the
inet sysctl tree is also available for IPv6-only kernels leading
to unexpected results.
Suggested by: hrs (1)
Reviewed by: hrs
Sponsored by: The FreeBSD Foundation
Sponsored by: iXsystems
MFC after: 20 days
Now that printf(1) is a shell builtin, there is no need to emulate it
anymore. The external printf(1) is /usr/bin/printf and therefore may not be
available in early boot.
It may be faster to use printf directly but the function is useful for
compatibility.
The $ip6addrctl_policy is a variable to choose a pre-defined address
selection policy set by ip6addrctl(8).
The keyword "ipv4_prefer" sets IPv4-preferred one described in Section 10.3,
the keyword "ipv6_prefer" sets IPv6-preferred one in Section 2.1 in RFC 3484,
respectively. When "AUTO" is specified, it attempts to read
/etc/ip6addrctl.conf first. If it is found, it reads and installs it as
a policy table. If not, either of the two pre-defined policy tables is
chosen automatically according to $ipv6_activate_all_interfaces.
When $ipv6_activate_all_interfaces=NO, interfaces which have no corresponding
$ifconfig_IF_ipv6 is marked as IFDISABLED for security reason.
The default values are ip6addrctl_policy=AUTO and
ipv6_activate_all_interfaces=NO.
Discussed with: ume and bz
wlan interfaces) from being automatically reloaded via devd shutdown
event handlers.
- Revert part of my previous changes to call ifn_stop on subinterfaces
when an interface is detached. It is better to destroy the interfaces
first so that an 'ifconfig foo0.blah down' doesn't result in ifconfig
auto-loading if_foo.ko. The ifconfig command will not be invoked if
foo0.blah is gone when ifn_stop() is called. Furthermore, it is not
necessary to explicitly invoke ifn_stop() after the subinterface is
destroyed as devd will already do that.
- Pass -n to ifconfig when destroying interfaces so that destroying a
cloned interface does not kldload any drivers.
Reviewed by: dougb
MFC after: 4 days
