diff options
author | ume <ume@FreeBSD.org> | 2005-08-13 19:55:06 +0000 |
---|---|---|
committer | ume <ume@FreeBSD.org> | 2005-08-13 19:55:06 +0000 |
commit | 08a5c349d1e009be6a5f88841a4614ededa28683 (patch) | |
tree | 8ea1ca2a7aaf2437bf4a4cf601629fcdade3c414 | |
parent | 4f61404d8e41eb956b27cfbb4cc0dde976bc5b35 (diff) | |
download | FreeBSD-src-08a5c349d1e009be6a5f88841a4614ededa28683.zip FreeBSD-src-08a5c349d1e009be6a5f88841a4614ededa28683.tar.gz |
added a knob to enable path MTU discovery for multicast packets.
(by default, it is disabled)
Submitted by: suz
Obtained from: KAME
-rw-r--r-- | sys/netinet6/in6.h | 6 | ||||
-rw-r--r-- | sys/netinet6/in6_proto.c | 3 | ||||
-rw-r--r-- | sys/netinet6/ip6_mroute.c | 32 | ||||
-rw-r--r-- | sys/netinet6/ip6_var.h | 1 |
4 files changed, 28 insertions, 14 deletions
diff --git a/sys/netinet6/in6.h b/sys/netinet6/in6.h index 6e5aaeb..d0435f6 100644 --- a/sys/netinet6/in6.h +++ b/sys/netinet6/in6.h @@ -593,10 +593,14 @@ struct ip6_mtuinfo { #define IPV6CTL_USE_DEFAULTZONE 39 /* use default scope zone */ #define IPV6CTL_MAXFRAGS 41 /* max fragments */ +#if 0 +#define IPV6CTL_IFQ 42 /* ip6intrq node */ +#define IPV6CTL_ISATAPRTR 43 /* isatap router */ +#endif +#define IPV6CTL_MCAST_PMTU 44 /* enable pMTU discovery for multicast? */ /* New entries should be added here from current IPV6CTL_MAXID value. */ /* to define items, should talk with KAME guys first, for *BSD compatibility */ -/* 42-44 is already used in KAME */ #define IPV6CTL_STEALTH 45 #define IPV6CTL_MAXID 46 #endif /* __BSD_VISIBLE */ diff --git a/sys/netinet6/in6_proto.c b/sys/netinet6/in6_proto.c index ce95796..a791360 100644 --- a/sys/netinet6/in6_proto.c +++ b/sys/netinet6/in6_proto.c @@ -307,6 +307,7 @@ int ip6_gif_hlim = 0; int ip6_use_deprecated = 1; /* allow deprecated addr (RFC2462 5.5.4) */ int ip6_rr_prune = 5; /* router renumbering prefix * walk list every 5 sec. */ +int ip6_mcast_pmtu = 0; /* enable pMTU discovery for multicast? */ int ip6_v6only = 1; int ip6_keepfaith = 0; @@ -450,6 +451,8 @@ SYSCTL_INT(_net_inet6_ip6, IPV6CTL_USE_DEFAULTZONE, use_defaultzone, CTLFLAG_RW, &ip6_use_defzone, 0,""); SYSCTL_INT(_net_inet6_ip6, IPV6CTL_MAXFRAGS, maxfrags, CTLFLAG_RW, &ip6_maxfrags, 0, ""); +SYSCTL_INT(_net_inet6_ip6, IPV6CTL_MCAST_PMTU, + mcast_pmtu, CTLFLAG_RW, &ip6_mcast_pmtu, 0, ""); #ifdef IPSTEALTH SYSCTL_INT(_net_inet6_ip6, IPV6CTL_STEALTH, stealth, CTLFLAG_RW, &ip6stealth, 0, ""); diff --git a/sys/netinet6/ip6_mroute.c b/sys/netinet6/ip6_mroute.c index 9c19660..7a87d8d 100644 --- a/sys/netinet6/ip6_mroute.c +++ b/sys/netinet6/ip6_mroute.c @@ -106,6 +106,7 @@ #include <netinet/in.h> #include <netinet/in_var.h> +#include <netinet/icmp6.h> #include <netinet/ip6.h> #include <netinet6/ip6_var.h> @@ -1553,21 +1554,26 @@ phyint_send(ip6, mifp, m) mifp - mif6table, error); #endif } else { -#ifdef MULTICAST_PMTUD - icmp6_error(mb_copy, ICMP6_PACKET_TOO_BIG, 0, linkmtu); -#else + /* + * pMTU discovery is intentionally disabled by default, since + * various router may notify pMTU in multicast, which can be + * a DDoS to a router + */ + if (ip6_mcast_pmtu) + icmp6_error(mb_copy, ICMP6_PACKET_TOO_BIG, 0, linkmtu); + else { #ifdef MRT6DEBUG - if (mrt6debug & DEBUG_XMIT) - log(LOG_DEBUG, - "phyint_send: packet too big on %s o %s g %s" - " size %d(discarded)\n", - if_name(ifp), - ip6_sprintf(&ip6->ip6_src), - ip6_sprintf(&ip6->ip6_dst), - mb_copy->m_pkthdr.len); + if (mrt6debug & DEBUG_XMIT) + log(LOG_DEBUG, + "phyint_send: packet too big on %s o %s " + "g %s size %d(discarded)\n", + if_name(ifp), + ip6_sprintf(&ip6->ip6_src), + ip6_sprintf(&ip6->ip6_dst), + mb_copy->m_pkthdr.len); #endif /* MRT6DEBUG */ - m_freem(mb_copy); /* simply discard the packet */ -#endif + m_freem(mb_copy); /* simply discard the packet */ + } } splx(s); diff --git a/sys/netinet6/ip6_var.h b/sys/netinet6/ip6_var.h index 9a99873..f88f125 100644 --- a/sys/netinet6/ip6_var.h +++ b/sys/netinet6/ip6_var.h @@ -295,6 +295,7 @@ extern int ip6_gif_hlim; /* Hop limit for gif encap packet */ extern int ip6_use_deprecated; /* allow deprecated addr as source */ extern int ip6_rr_prune; /* router renumbering prefix * walk list every 5 sec. */ +extern int ip6_mcast_pmtu; /* enable pMTU discovery for multicast? */ extern int ip6_v6only; extern struct socket *ip6_mrouter; /* multicast routing daemon */ |