From owner-svn-src-all@FreeBSD.ORG Fri Aug 2 03:46:46 2013 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 14EC9D51; Fri, 2 Aug 2013 03:46:46 +0000 (UTC) (envelope-from hrs@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 01CEC227B; Fri, 2 Aug 2013 03:46:46 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.7/8.14.7) with ESMTP id r723kjAN062571; Fri, 2 Aug 2013 03:46:45 GMT (envelope-from hrs@svn.freebsd.org) Received: (from hrs@localhost) by svn.freebsd.org (8.14.7/8.14.5/Submit) id r723kjMU062569; Fri, 2 Aug 2013 03:46:45 GMT (envelope-from hrs@svn.freebsd.org) Message-Id: <201308020346.r723kjMU062569@svn.freebsd.org> From: Hiroki Sato Date: Fri, 2 Aug 2013 03:46:45 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-9@freebsd.org Subject: svn commit: r253878 - in stable/9: share/man/man4 sys/net X-SVN-Group: stable-9 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Aug 2013 03:46:46 -0000 Author: hrs Date: Fri Aug 2 03:46:45 2013 New Revision: 253878 URL: http://svnweb.freebsd.org/changeset/base/253878 Log: MFC 253751 and 253843: - Relax the restriction on the member interfaces with LLAs. Two or more LLAs on the member interfaces are actually harmless when the parent interface does not have a LLA. - Add net.link.bridge.allow_llz_overlap. This is a knob to allow LLAs on a bridge and the member interfaces at the same time. The default is 0. Approved by: re (marius) Modified: stable/9/share/man/man4/bridge.4 stable/9/sys/net/if_bridge.c Directory Properties: stable/9/share/man/man4/ (props changed) stable/9/sys/ (props changed) Modified: stable/9/share/man/man4/bridge.4 ============================================================================== --- stable/9/share/man/man4/bridge.4 Fri Aug 2 00:20:04 2013 (r253877) +++ stable/9/share/man/man4/bridge.4 Fri Aug 2 03:46:45 2013 (r253878) @@ -35,7 +35,7 @@ .\" .\" $FreeBSD$ .\" -.Dd July 3, 2013 +.Dd July 27, 2013 .Dt IF_BRIDGE 4 .Os .Sh NAME @@ -185,7 +185,7 @@ and applications use both of them. .Pp To prevent this situation, .Nm -checks whether an link-local scoped IPv6 address is configured on +checks whether a link-local scoped IPv6 address is configured on a member interface to be added and the .Nm interface. @@ -194,13 +194,13 @@ When the interface has IPv6 addresses, IPv6 addresses on the member interface will be automatically removed before the interface is added. -When both -.Nm -interface and the existing member interfaces do not have one, -adding an interface with IPv6 addresses as a new member interface is allowed. -These means only one interface in the link-local scope zone where the -.Nm -interface forms can have link-local scoped IPv6 addresses. +.Pp +This behavior can be disabled by setting +.Xr sysctl 8 +variable +.Va net.link.bridge.allow_llz_overlap +to +.Li 1 . .Pp Note that .Li ACCEPT_RTADV Modified: stable/9/sys/net/if_bridge.c ============================================================================== --- stable/9/sys/net/if_bridge.c Fri Aug 2 00:20:04 2013 (r253877) +++ stable/9/sys/net/if_bridge.c Fri Aug 2 03:46:45 2013 (r253878) @@ -384,6 +384,12 @@ SYSCTL_INT(_net_link_bridge, OID_AUTO, i &bridge_inherit_mac, 0, "Inherit MAC address from the first bridge member"); +static VNET_DEFINE(int, allow_llz_overlap) = 0; +#define V_allow_llz_overlap VNET(allow_llz_overlap) +SYSCTL_VNET_INT(_net_link_bridge, OID_AUTO, allow_llz_overlap, CTLFLAG_RW, + &VNET_NAME(allow_llz_overlap), 0, "Allow overlap of link-local scope " + "zones of a bridge interface and the member interfaces"); + struct bridge_control { int (*bc_func)(struct bridge_softc *, void *); int bc_argsize; @@ -1064,7 +1070,8 @@ bridge_ioctl_add(struct bridge_softc *sc */ /* Check if the parent interface has a link-local scope addr. */ - if (in6ifa_llaonifp(sc->sc_ifp) != NULL) { + if (V_allow_llz_overlap == 0 && + in6ifa_llaonifp(sc->sc_ifp) != NULL) { /* * If any, remove all inet6 addresses from the member * interfaces. @@ -1093,32 +1100,6 @@ bridge_ioctl_add(struct bridge_softc *sc "IPv6 address scope violation.\n", ifs->if_xname); } - } else { - struct in6_ifaddr *ia6_m, *ia6_s; - /* - * If not, check whether one of the existing member - * interfaces have inet6 address. If any, remove - * inet6 addresses on the interface to be added. - */ - ia6_m = NULL; - BRIDGE_XLOCK(sc); - LIST_FOREACH(bif, &sc->sc_iflist, bif_next) { - ia6_m = in6ifa_llaonifp(bif->bif_ifp); - if (ia6_m != NULL) - break; - } - BRIDGE_XDROP(sc); - ia6_s = in6ifa_llaonifp(ifs); - - if (ia6_m != NULL && ia6_s != NULL) { - BRIDGE_UNLOCK(sc); - in6_ifdetach(ifs); - BRIDGE_LOCK(sc); - if_printf(sc->sc_ifp, "IPv6 addresses on %s have " - "been removed before adding it as a member " - "to prevent IPv6 address scope violation.\n", - ifs->if_xname); - } } #endif /* Allow the first Ethernet member to define the MTU */