> 20.05.2019, 07:50, "Rodney W. Grimes" <free...@gndrsh.dnsmgr.net>: > >> ?Author: melifaro > >> ?Date: Sun May 19 21:49:56 2019 > >> ?New Revision: 347982 > >> ?URL: https://svnweb.freebsd.org/changeset/base/347982 > >> > >> ?Log: > >> ???Fix rt_ifa selection during loopback route insertion process. > >> ?????Currently such routes are added with a link-level IFA, which is > >> ?????plain wrong. Only after the insertion they get fixed by the special > >> ?????link_rtrequest() ifa handler. This behaviour complicates routing code > >> ?????and makes ifa selection more complex. > >> ???Streamline this process by explicitly moving link_rtrequest() logic > >> ?????to the pre-insertion rt_getifa_fib() ifa selector. Avoid calling all > >> ?????this logic in the loopback route case by explicitly specifying > >> ?????proper rt_ifa inside the ifa_maintain_loopback_route().? > >> > >> ???MFC after: 2 weeks > >> ???Differential Revision: https://reviews.freebsd.org/D20076 > > > > I shall again state that from a routing protocol perspecitive > > and a POLA perspective having the kernel doing route maintanance > > of any kind is fundementally wrong. > > > > I still continue to stronly object to ifa_maintain_loopback_route > > code even being present in our kernel. Having these routes > > is a micro optimization at best, and cause issues when real > > and actual routing protocols are in use. > I agree with that. It indeed causes decent amount of complications and I (as > another router type person) prefer to have it gone as well. > However, one has to carefully check uRPF functionality in our firewalls, > implement fib-aware in_localip_more (and its IPv6 counterpart) to make it > happen.
How about we implement the simplest next step, make this behavior either a kernel compile time option with #ifdef, and/or a sysctl to turn it off with a bit that defaults to current behavior while we investigate the harder solution? > > Bruce Evans and myself have locally killed this code, and > > just about every router type person I show it to gets ill > > seeing it. > > > > Show many another system that does this and I might reconsider, > > but I have never ever seen one. > > > >> ?Modified: > >> ???head/sys/net/if.c > >> ???head/sys/net/route.c ... > > > > Rod Grimes rgri...@freebsd.org -- Rod Grimes rgri...@freebsd.org _______________________________________________ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
