On 06 Apr 2014, at 17:05, Bjoern A. Zeeb <bzeeb-li...@lists.zabbadoz.net> wrote:
>
> On 06 Apr 2014, at 11:42 , Michael Tuexen <michael.tue...@lurchi.franken.de>
> wrote:
>
>> On 05 Apr 2014, at 23:02, Bernd Walter <ti...@cicely7.cicely.de> wrote:
>>
>>> So far I've tested this on FreeBSD-9.2 BETA2 r254053M only.
>>> The modifications are to allow IPv6 multicast support within jail
>>> which only makes a difference for multicast addresses and some multicast
>>> loopback checksum bugs - both changes are open PR.
>>>
>>> I've created an AF_INET6 SCTP one to many socket to receive incoming
>>> messages.
>>> The process was started within a jail.
>>> Now netstat -anW lists all host IPv6 IPs, not just those of the jail.
>>> Also not sure why this AF_INET6 socket is shown as sctp46.
>> This should be handled as a v6 only socket depending on your
>> setting of net.inet6.ip6.v6only sysctl variable by the SCTP stack.
>> However, netstat has no information about this and can not distinguish
>> between sctp6 and sctp46, so it reports sctp46 always. You can file
>> a PR about this.
>>
>> The questions about the addresses and the jails: The SCTP code has
>> no jail specific code. If you bind a socket to the wildcard address
>> (which is what to do by not binding at all), the SCTP stack lists
>> all addresses it know about. I'm not sure what would happen, if
>> you send a packet to an address not owned by the jail.
>> You might want to file a separate PR about the support of jails.
>
> Aehm, the SCTP code was filtering addresses at one point and made sure only
> jail-visible addresses were seen or bound very much like normal PCB handling.
> If this is not the case (anymore) SCTP shall not be allowed inside jails
> again.
Can you point me to the "normal PCB handling"? Maybe I'm just overlooking
something...
Best regards
Michael
>
>
>
>
>>
>> Best regards
>> Michael
>>>
>>> This is the relevant C++ code part to open the socket:
>>> int
>>> setup_sctp_socket(uint16_t port)
>>> {
>>> int sc = socket(AF_INET6, SOCK_SEQPACKET, IPPROTO_SCTP);
>>> {
>>> // reuse address
>>> long val = 1;
>>> setsockopt(sc, SOL_SOCKET, SO_REUSEADDR, &val, sizeof(val));
>>> // XXX error handling
>>> }
>>> {
>>> // no delay
>>> long val = 1;
>>> setsockopt(sc, SOL_SOCKET, SCTP_NODELAY, &val, sizeof(val));
>>> // XXX error handling
>>> }
>>> {
>>> // eeor mode (last write needs MSG_EOR to declare end of
>>> message)
>>> // Linux has MSG_MORE negative send flag
>>> long val = 1;
>>> setsockopt(sc, SOL_SOCKET, SCTP_EXPLICIT_EOR, &val,
>>> sizeof(val));
>>> // XXX error handling
>>> }
>>> #if 0
>>> {
>>> struct sctp_initmsg init;
>>> bzero(&init, sizeof(init));
>>> init.sinit_num_ostreams = HDB_STREAMS;
>>> init.sinit_max_instreams = HDB_STREAMS;
>>> // SOL_SCTP instead of IPPROTO_SCTP on Linux
>>> setsockopt(sc, IPPROTO_SCTP, SCTP_INITMSG, &init,
>>> (socklen_t)sizeof(struct sctp_initmsg));
>>> // XXX error handling
>>> }
>>> #endif
>>> {
>>> struct sockaddr_in6 addr;
>>> bzero(&addr, sizeof(addr));
>>> addr.sin6_len = sizeof(addr);
>>> addr.sin6_family = AF_INET6;
>>> addr.sin6_port = htons(port);
>>> bind(sc, (struct sockaddr *)&addr, sizeof(struct sockaddr_in));
>>> // XXX error handling
>>> }
>>> {
>>> // enable heartbeats at 1000ms
>>> struct sctp_paddrparams paddr_params;
>>> bzero(&paddr_params, sizeof(paddr_params));
>>> paddr_params.spp_address.ss_family = AF_INET6;
>>> paddr_params.spp_flags = SPP_HB_ENABLE;
>>> paddr_params.spp_hbinterval = 1000;
>>> // SOL_SCTP instead of IPPROTO_SCTP on Linux
>>> setsockopt(sc, IPPROTO_SCTP, SCTP_PEER_ADDR_PARAMS,
>>> &paddr_params, sizeof(paddr_params));
>>> // XXX error handling
>>> }
>>> {
>>> struct sctp_event_subscribe events;
>>> bzero(&events, sizeof(events));
>>>
>>> events.sctp_data_io_event = 1; // we need io_events to know
>>> where the message came from
>>>
>>> // subscribe to other events as well for testing
>>> events.sctp_association_event = 1;
>>> events.sctp_address_event = 1;
>>> events.sctp_send_failure_event = 1;
>>> events.sctp_peer_error_event = 1;
>>> events.sctp_shutdown_event = 1;
>>> events.sctp_partial_delivery_event = 1;
>>> events.sctp_adaptation_layer_event = 1;
>>> events.sctp_authentication_event = 1;
>>> events.sctp_sender_dry_event = 1;
>>> events.sctp_stream_reset_event = 1;
>>>
>>> setsockopt(sc, IPPROTO_SCTP, SCTP_EVENTS, &events,
>>> sizeof(events));
>>> // XXX error handling
>>> }
>>> {
>>> // setup send and receive buffers (default on FreeBSD 9.x)
>>> long val;
>>> val = 1864135;
>>> setsockopt(sc, SOL_SOCKET, SO_RCVBUF, &val, sizeof(val));
>>> // XXX error handling
>>> val = 1864135;
>>> setsockopt(sc, SOL_SOCKET, SO_SNDBUF, &val, sizeof(val));
>>> // XXX error handling
>>> }
>>> listen (sc, 1); // listen is required to allow incoming associations,
>>> but no listen queue
>>> // XXX error handling
>>>
>>> return sc;
>>> }
>>>
>>> --
>>> B.Walter <be...@bwct.de> http://www.bwct.de
>>> Modbus/TCP Ethernet I/O Baugruppen, ARM basierte FreeBSD Rechner uvm.
>>> _______________________________________________
>>> freebsd-net@freebsd.org mailing list
>>> http://lists.freebsd.org/mailman/listinfo/freebsd-net
>>> To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
>>>
>>
>> _______________________________________________
>> freebsd-net@freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-net
>> To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
>
> —
> Bjoern A. Zeeb ????????? ??? ??????? ??????:
> '??? ??? ???? ?????? ??????? ?? ?? ??????? ??????? ??? ????? ????? ????
> ?????? ?? ????? ????', ????????? ?????????, "??? ????? ?? ?????", ?.???
>
>
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
