In order to support CARP interfaces kernel was taught to handle more

than one interface in one subnet. However, some userland apps rely on the believe that this configuration is impossible. Add a sysctl switch net.inet.ip.same_prefix_carp_only. If the switch is on, then kernel will refuse to add an additional interface to already connected subnet unless the interface is CARP. Default value is off. PR: bin/82306 In collaboration with: mlaier
2026-05-28 04:12:45 -04:00 · 2005-08-18 10:34:30 +00:00 · 2005-08-18 10:34:30 +00:00 · 1ae954096e
commit 1ae954096e
parent 4ed7018006
1 changed files with 12 additions and 2 deletions
--- a/sys/netinet/in.c
+++ b/sys/netinet/in.c
@ -67,6 +67,10 @@ static int	in_ifinit(struct ifnet *,
 static int subnetsarelocal = 0;
 SYSCTL_INT(_net_inet_ip, OID_AUTO, subnets_are_local, CTLFLAG_RW,
 	&subnetsarelocal, 0, "Treat all subnets as directly connected");
+static int sameprefixcarponly = 0;
+SYSCTL_INT(_net_inet_ip, OID_AUTO, same_prefix_carp_only, CTLFLAG_RW,
+	&sameprefixcarponly, 0,
+	"Refuse to create same prefixes on different interfaces");

 /*
 * The IPv4 multicast list (in_multihead and associated structures) are
@ -824,8 +828,14 @@ in_addprefix(target, flags)
 		 * If we got a matching prefix route inserted by other
 		 * interface address, we are done here.
 		 */
-		if (ia->ia_flags & IFA_ROUTE)
-			return 0;
+		if (ia->ia_flags & IFA_ROUTE) {
+			if (sameprefixcarponly &&
+			    target->ia_ifp->if_type != IFT_CARP &&
+			    ia->ia_ifp->if_type != IFT_CARP)
+				return (EEXIST);
+			else
+				return (0);
+		}
 	}

 	/*