Date: Wed, 30 Oct 2019 08:44:03 +0000 From: k simon <moremore2@outlook.com> To: "Andrey V. Elsukov" <bu7cher@yandex.ru>, "freebsd-net@freebsd.org" <freebsd-net@freebsd.org> Subject: Re: How to disable tryforward ? Message-ID: <HK0PR03MB32028CD2E125294DB0A4F641EE600@HK0PR03MB3202.apcprd03.prod.outlook.com> In-Reply-To: <SG2PR03MB3212D9A495D60161DBA66C02EE640@SG2PR03MB3212.apcprd03.prod.outlook.com> References: <HK0PR03MB32026778B9D469798DBF9326EE680@HK0PR03MB3202.apcprd03.prod.outlook.com> <aa7a2050-1635-d68e-fb6f-62663156be84@yandex.ru> <SG2PR03MB3212D9A495D60161DBA66C02EE640@SG2PR03MB3212.apcprd03.prod.outlook.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, Andrey, OK, I’ve got it. Radix_mpath.h file is not included in input.c. Maybe someone can fix and commit it. Thanks for your reply! --- ip_input.c.orig 2019-10-26 20:33:21.468834000 +0800 +++ ip_input.c 2019-10-30 12:40:31.765490000 +0800 @@ -37,6 +37,7 @@ #include "opt_bootp.h" #include "opt_ipstealth.h" #include "opt_ipsec.h" +#include "opt_mpath.h" #include "opt_route.h" #include "opt_rss.h" @@ -64,6 +65,9 @@ #include <net/if_dl.h> #include <net/route.h> #include <net/netisr.h> +#ifdef RADIX_MPATH +#include <net/radix_mpath.h> +#endif #include <net/rss_config.h> #include <net/vnet.h> Simon Ke 20191030 > 在 2019年10月27日,00:53,k simon <moremore2@outlook.com> 写道: > > Enable "net.inet.ip.redirect" or patched ip_fastfwd.c tryforward() with "return m;" ,I've tested it yet, but ECMP is not sucessed. Even tried patched ip_input.c with : > --- ip_input.c.orig 2019-10-26 20:33:21.468834000 +0800 > +++ ip_input.c 2019-10-26 20:05:57.523372000 +0800 > @@ -566,6 +566,7 @@ > * case skip another inbound firewall processing and update > * ip pointer. > */ > +#ifndef RADIX_MPATH > if (V_ipforwarding != 0 && V_ipsendredirects == 0 > #if defined(IPSEC) || defined(IPSEC_SUPPORT) > && (!IPSEC_ENABLED(ipv4) || > @@ -580,6 +581,7 @@ > goto ours; > } > } > +#endif > > #if defined(IPSEC) || defined(IPSEC_SUPPORT) > /* > > But it's strange, packets from local do ECMP as expect, other packets (not local, just forward) stick to the first route entry as before. Maybe the problem is not only related with tryforwad(). > > # uname -a > FreeBSD orignal 12.1-STABLE FreeBSD 12.1-STABLE #0 r354079M: Sat Oct 26 19:17:03 CST 2019 root@orignal:/usr/obj/usr/src/amd64.amd64/sys/fb12-r354016-v4 amd64 > > Simon Ke > 20191026 > ________________________________ > 发件人: Andrey V. Elsukov <bu7cher@yandex.ru> > 发送时间: 2019年10月25日 11:31 > 收件人: k simon <moremore2@outlook.com>; freebsd-net@freebsd.org <freebsd-net@freebsd.org> > 主题: Re: How to disable tryforward ? > > On 22.10.2019 08:38, k simon wrote: >> Hi, >> Tryforwad have merged 3 yeas ago, and it haven’t a sysctl to disable it , so ECMP was broken past 3 years. Olivier has fired a bug : https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=225792 , it seems that a few of people cares it. >> Andrey said maybe some ipsec policy can disable tryforward.( https://lists.freebsd.org/pipermail/freebsd-net/2017-February/047203.html. ) I have tried a lot configurations, but failed. Can someone point it out ? >> Thanks! > > AFAIR, tryforward was disabled by default later. > You need to disable icmpredirects to enable tryforward. So, if you don't > need tryforward, just enable ICMP redirects. > > -- > WBR, Andrey V. Elsukov > > _______________________________________________ > freebsd-net@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?HK0PR03MB32028CD2E125294DB0A4F641EE600>