upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-06-16 20:19:27 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
opnsense-src/sys/netinet
History
Lexi Winter 29a0621084 tcp: allow connections to IPv6 anycast address 
currently, we reject incoming TCP connections to an IPv6 anycast address
based on IETF I-D "draft-itojun-ipv6-tcp-to-anycast-01"[0].  the
rationale is that since RFC2373 prohibits sending IPv6 packets with an
anycast address as the source address, it would be impossible to
establish a TCP connection to such an address since the destination host
could not send any replies.

however, this restriction was lifted in RFC4291 and it is no longer
forbidden to send packets from an anycast address; therefore, it's both
possible and permitted to establish a TCP connection using an anycast
address as src or dst address (or both).

based on the above, delete this restriction and allow people to do this.

while there are certain operational reasons to avoid TCP anycast (such
as the risk of the route changing while the connection is open), these
also apply to IPv4 anycast and are specific to the local environment;
for example, it's perfectly valid to have an anycast address which is
only ever assigned to one node.

[0] https://www.ietf.org/archive/id/draft-itojun-ipv6-tcp-to-anycast-01.txt

Reviewed by:	tuexen, kevans, adrian
Approved by:	kevans (mentor), des (mentor)
Differential Revision:	https://reviews.freebsd.org/D50019
2025-05-19 13:40:26 +01:00
..
cc tcp cc: use tcp_compute_pipe() for pipe in xx_post_recovery() directly 2025-03-17 09:00:50 -04:00
khelp sys: Automated cleanup of cdefs and other formatting 2023-11-26 22:24:00 -07:00
libalias libalias: Handle GetNewPort() errors properly 2025-04-18 15:11:51 +00:00
netdump netdump: Check the return value of ifunit_ref() 2023-10-02 08:09:26 -04:00
tcp_stacks tcp: clear blackbox logging union 2025-04-04 22:10:48 +02:00
accf_data.c sys: Remove $FreeBSD$: one-line .c pattern 2023-08-16 11:54:36 -06:00
accf_dns.c sys: Remove $FreeBSD$: two-line .h pattern 2023-08-16 11:54:11 -06:00
accf_http.c sys: Remove $FreeBSD$: one-line .c pattern 2023-08-16 11:54:36 -06:00
accf_tls.c accf_tls: accept filter that waits for TLS handshake header 2024-04-24 17:53:10 -07:00
dccp.h Decorate IPv4 structures used for byte buffer overlays as packed. 2025-05-04 13:48:04 +02:00
icmp6.h icmp6: Fix ICMP6 message type counters 2025-01-23 19:03:25 +00:00
icmp_var.h netinet: add a probe point for IP, IP6, ICMP, ICMP6, UDP and TCP stats counters 2024-04-08 17:29:59 +02:00
if_ether.c bridge: store a bridge_iflist pointer in ifnet 2025-04-09 09:39:01 +02:00
if_ether.h sys: Remove ancient SCCS tags. 2023-11-26 22:23:30 -07:00
igmp.c igmp: apply net.inet.igmp.default_version to existing interfaces 2025-05-01 09:31:21 +02:00
igmp.h sys: Remove ancient SCCS tags. 2023-11-26 22:23:30 -07:00
igmp_var.h sys: Remove ancient SCCS tags. 2023-11-26 22:23:30 -07:00
in.c bridge: allow IP addresses on members to be disabled 2025-05-05 22:47:36 +01:00
in.h netinet: Make in_canforward() return bool 2025-03-02 23:00:42 +08:00
in_cksum.c sys: Automated cleanup of cdefs and other formatting 2023-11-26 22:24:00 -07:00
in_debug.c sys: Remove $FreeBSD$: one-line .c pattern 2023-08-16 11:54:36 -06:00
in_fib.c sys: Remove $FreeBSD$: one-line .c pattern 2023-08-16 11:54:36 -06:00
in_fib.h sys: Remove $FreeBSD$: two-line .h pattern 2023-08-16 11:54:11 -06:00
in_fib_algo.c sys: Remove $FreeBSD$: one-line .c pattern 2023-08-16 11:54:36 -06:00
in_fib_dxr.c fib_dxr: code hygiene, prune old code, no functional changes 2024-05-17 18:57:25 +02:00
in_gif.c sys: Remove $FreeBSD$: one-line .c pattern 2023-08-16 11:54:36 -06:00
in_jail.c netinet: use in_broadcast() inline 2025-02-21 18:11:06 -08:00
in_kdtrace.c netinet: default mib counter probe points off 2024-11-20 09:52:48 +01:00
in_kdtrace.h netinet: default mib counter probe points off 2024-11-20 09:52:48 +01:00
in_mcast.c netinet: Remove stale references to Giant from comments 2024-01-27 13:51:13 -05:00
in_pcb.c inpcb: push multicast case local address selection logic into in_pcbladdr() 2025-03-22 16:37:37 -07:00
in_pcb.h inpcb: retire two-level port hash database 2025-03-06 22:58:35 -08:00
in_pcb_var.h inpcb: retire two-level port hash database 2025-03-06 22:58:35 -08:00
in_prot.c Fix 'security.bsd.see_jail_proc' by using cr_bsd_visible() 2023-09-28 11:59:08 -03:00
in_proto.c sys: Remove ancient SCCS tags. 2023-11-26 22:23:30 -07:00
in_rmx.c netinet: rename in_broadcast() to in_ifnet_broadcast() 2025-02-21 18:10:53 -08:00
in_rss.c sys: Remove $FreeBSD$: two-line .c pattern 2023-08-16 11:54:30 -06:00
in_rss.h sys: Remove $FreeBSD$: two-line .h pattern 2023-08-16 11:54:11 -06:00
in_systm.h netinet: Make in_systm.h self-contained 2025-05-03 20:44:45 +00:00
in_var.h in: add in_mask2len() 2024-12-17 11:07:12 +01:00
ip.h Decorate IPv4 structures used for byte buffer overlays as packed. 2025-05-04 13:48:04 +02:00
ip6.h netinet: Define IPv6 ECN mask 2024-01-03 12:56:28 -05:00
ip_carp.c carp: Use static initializers 2025-03-06 12:51:44 +08:00
ip_carp.h carp: support VRRPv3 2024-05-08 13:19:03 +02:00
ip_carp_nl.h carp: support VRRPv3 2024-05-08 13:19:03 +02:00
ip_divert.c netinet: rename in_broadcast() to in_ifnet_broadcast() 2025-02-21 18:10:53 -08:00
ip_divert.h sys: Remove $FreeBSD$: two-line .h pattern 2023-08-16 11:54:11 -06:00
ip_dummynet.h dummynet: add simple gilbert-elliott channel model 2023-12-17 13:20:45 +01:00
ip_ecn.c sys: Remove $FreeBSD$: one-line .c pattern 2023-08-16 11:54:36 -06:00
ip_ecn.h sys: Remove $FreeBSD$: one-line .c comment pattern 2023-08-16 11:54:24 -06:00
ip_encap.c sys: Remove $FreeBSD$: one-line .c pattern 2023-08-16 11:54:36 -06:00
ip_encap.h sys: Remove $FreeBSD$: one-line .c comment pattern 2023-08-16 11:54:24 -06:00
ip_fastfwd.c netinet: use in_broadcast() inline 2025-02-21 18:11:06 -08:00
ip_fw.h ipfw: migrate ipfw to 32-bit size rule numbers 2025-03-03 21:15:17 +03:00
ip_gre.c netinet: allow per protocol random IP id control, single out IPSEC 2025-03-04 08:45:32 -08:00
ip_icmp.c netinet: Do not forward or ICMP response to INADDR_ANY 2025-03-02 23:00:42 +08:00
ip_icmp.h sys: Remove ancient SCCS tags. 2023-11-26 22:23:30 -07:00
ip_id.c netinet: allow per protocol random IP id control, single out IPSEC 2025-03-04 08:45:32 -08:00
ip_input.c netinet: Make in_canforward() return bool 2025-03-02 23:00:42 +08:00
ip_mroute.c netinet: allow per protocol random IP id control, single out IPSEC 2025-03-04 08:45:32 -08:00
ip_mroute.h sys: Remove ancient SCCS tags. 2023-11-26 22:23:30 -07:00
ip_options.c netinet*: Add assertions for some places that don't support M_EXTPG mbufs 2024-10-31 16:32:32 -04:00
ip_options.h sys: Remove $FreeBSD$: two-line .h pattern 2023-08-16 11:54:11 -06:00
ip_output.c ip_output(): style 2025-03-10 22:16:58 +02:00
ip_reass.c vm_lowmem: Fix signature mismatches in vm_lowmem callbacks 2025-03-04 20:18:52 -05:00
ip_var.h Decorate IPv4 structures used for byte buffer overlays as packed. 2025-05-04 13:48:04 +02:00
pim.h Decorate IPv4 structures used for byte buffer overlays as packed. 2025-05-04 13:48:04 +02:00
pim_var.h sys: Remove $FreeBSD$: two-line .h pattern 2023-08-16 11:54:11 -06:00
raw_ip.c netinet: allow per protocol random IP id control, single out IPSEC 2025-03-04 08:45:32 -08:00
sctp.h sys: Automated cleanup of cdefs and other formatting 2023-11-26 22:24:00 -07:00
sctp_asconf.c sctp: improve debug output 2024-10-24 13:19:14 +02:00
sctp_asconf.h sctp: cleanup cdefs.h include 2023-08-18 15:25:34 +02:00
sctp_auth.c sctp: cleanup locking for notifications 2023-09-08 16:20:51 +02:00
sctp_auth.h sctp: cleanup SCTP AUTH related notification 2023-09-08 13:13:43 +02:00
sctp_bsd_addr.c sctp: ensure correct sctp_gather_internal_ifa_flags usage 2025-05-05 22:50:42 +02:00
sctp_bsd_addr.h sctp: cleanup cdefs.h include 2023-08-18 15:25:34 +02:00
sctp_cc_functions.c sctp: cleanup cdefs.h include 2023-08-18 15:25:34 +02:00
sctp_constants.h sctp: make sure all SCTP RESET notifications use sctp_ulp_notify() 2023-09-08 14:19:56 +02:00
sctp_crc32.c sys: Remove $FreeBSD$: one-line .c pattern 2023-08-16 11:54:36 -06:00
sctp_crc32.h sctp: cleanup cdefs.h include 2023-08-18 15:25:34 +02:00
sctp_header.h sctp: store heartbeat creation time as time_t 2024-05-10 20:40:15 +02:00
sctp_indata.c sctp: improve input validation for data chunks 2024-08-03 13:27:18 +02:00
sctp_indata.h sctp: cleanup cdefs.h include 2023-08-18 15:25:34 +02:00
sctp_input.c sctp: store cookie secret change time as time_t 2024-05-10 20:14:16 +02:00
sctp_input.h sctp: cleanup cdefs.h include 2023-08-18 15:25:34 +02:00
sctp_kdtrace.c sys: Automated cleanup of cdefs and other formatting 2023-11-26 22:24:00 -07:00
sctp_kdtrace.h sctp: cleanup cdefs.h include 2023-08-18 15:25:34 +02:00
sctp_lock_bsd.h sctp: cleanup cdefs.h include 2023-08-18 15:25:34 +02:00
sctp_module.c sys: Remove $FreeBSD$: one-line .c pattern 2023-08-16 11:54:36 -06:00
sctp_os.h sockets: don't malloc/free sockaddr memory on getpeername/getsockname 2023-11-30 08:31:10 -08:00
sctp_os_bsd.h netinet: rename in_broadcast() to in_ifnet_broadcast() 2025-02-21 18:10:53 -08:00
sctp_output.c netinet: allow per protocol random IP id control, single out IPSEC 2025-03-04 08:45:32 -08:00
sctp_output.h sctp: improve sending of packets containing an INIT ACK chunk 2024-02-24 19:16:36 +01:00
sctp_pcb.c sctp: compute address flags only for IPv6 addresses 2025-05-05 22:43:50 +02:00
sctp_pcb.h sctp: improve handling of address changes 2024-11-03 10:20:08 +01:00
sctp_peeloff.c sctp: cleanup cdefs.h include 2023-08-18 15:25:34 +02:00
sctp_peeloff.h sctp: cleanup cdefs.h include 2023-08-18 15:25:34 +02:00
sctp_ss_functions.c sctp: cleanup cdefs.h include 2023-08-18 15:25:34 +02:00
sctp_structs.h sctp: cleanup handling of graceful shutdown of the peer 2023-08-19 12:35:49 +02:00
sctp_syscalls.c sctp: propagate cap rights on sctp_peeloff 2024-10-08 20:36:50 -04:00
sctp_sysctl.c sctp: don't report unusable addresses via sysctl interface 2025-05-05 00:28:52 +02:00
sctp_sysctl.h sctp: cleanup cdefs.h include 2023-08-18 15:25:34 +02:00
sctp_timer.c sys: Automated cleanup of cdefs and other formatting 2023-11-26 22:24:00 -07:00
sctp_timer.h sctp: cleanup cdefs.h include 2023-08-18 15:25:34 +02:00
sctp_uio.h sctp: cleanup cdefs.h include 2023-08-18 15:25:34 +02:00
sctp_usrreq.c netinet: Fix getcred sysctl handlers to do nothing if no input is given 2025-03-20 01:33:44 +00:00
sctp_var.h sockets: make pr_shutdown fully protocol specific method 2024-01-16 10:30:37 -08:00
sctputil.c netinet: use in_broadcast() inline 2025-02-21 18:11:06 -08:00
sctputil.h sctp: make sure all SCTP RESET notifications use sctp_ulp_notify() 2023-09-08 14:19:56 +02:00
siftr.c siftr: remove pointless assertion 2024-11-14 11:39:12 -08:00
tcp.h Decorate IPv4 structures used for byte buffer overlays as packed. 2025-05-04 13:48:04 +02:00
tcp_accounting.h Move access to tcp's t_logstate into inline functions and provide new tracepoint and bbpoint capabilities. 2023-03-16 11:43:16 -04:00
tcp_ecn.c tcp: commonize check for more data to send, style changes 2024-01-26 01:20:35 +01:00
tcp_ecn.h tcp: AccECN access ACE field by shifting bits 2024-01-26 00:16:22 +01:00
tcp_fastopen.c tcp_fastopen: Fix a typo in a source code comment 2024-01-22 21:49:47 +01:00
tcp_fastopen.h sockets: remove unused KPIs to manipulate sockets 2024-03-18 08:50:30 -07:00
tcp_fsm.h sys: Remove ancient SCCS tags. 2023-11-26 22:23:30 -07:00
tcp_hostcache.c tcp: use const argument in the TCP hostcache KPI 2024-11-20 16:30:42 -08:00
tcp_hpts.c tcp: clear blackbox logging union 2025-04-04 22:10:48 +02:00
tcp_hpts.h HTPS has actually three states not two so the macro needs to account for that. 2024-03-01 15:21:15 -05:00
tcp_input.c tcp: allow connections to IPv6 anycast address 2025-05-19 13:40:26 +01:00
tcp_log_buf.c tcp: cleanup 2025-04-07 18:49:05 +02:00
tcp_log_buf.h tcp: remove struct tcp_log_rack 2025-04-04 23:34:30 +02:00
tcp_lro.c tcp: make tcp_lro_flush() static 2024-09-05 17:44:33 +02:00
tcp_lro.h tcp: make tcp_lro_flush() static 2024-09-05 17:44:33 +02:00
tcp_lro_hpts.c tcp: define tcp_lro_log() only when TCP_BLACKBOX is defined 2024-11-17 19:21:01 +01:00
tcp_offload.c tcp_fill_info(): Change lock assertion on INPCB to locked only 2023-08-22 20:33:49 +02:00
tcp_offload.h sockets: remove unused KPIs to manipulate sockets 2024-03-18 08:50:30 -07:00
tcp_output.c tcp: remove support for TCPPCAP 2025-03-31 16:55:39 +02:00
tcp_ratelimit.c tcp_ratelimit: Use static initializers 2025-03-06 12:51:45 +08:00
tcp_ratelimit.h tcp_ratelimit: provide an api for drivers to release ratesets at detach 2024-08-05 12:51:35 -04:00
tcp_reass.c tcp: change SOCKBUF_* macros to SOCK_[RECV|SEND]BUF_* macros 2024-11-14 02:08:12 +01:00
tcp_sack.c tcp: properly reset sackhint values when SACK recovery is done 2025-01-13 10:13:45 -08:00
tcp_seq.h sys: Remove ancient SCCS tags. 2023-11-26 22:23:30 -07:00
tcp_stats.c sys: Automated cleanup of cdefs and other formatting 2023-11-26 22:24:00 -07:00
tcp_subr.c tcp: clear blackbox logging union 2025-04-04 22:10:48 +02:00
tcp_syncache.c inpcb: gc unused argument of in_pcbconnect() 2024-11-14 11:39:13 -08:00
tcp_syncache.h tcp: remove TCP_OFFLOAD_DISABLE 2024-09-15 11:44:49 +02:00
tcp_timer.c tcp: fix the initial CWND when a SYN retransmission happened 2024-11-05 09:52:42 +01:00
tcp_timer.h sys: Remove ancient SCCS tags. 2023-11-26 22:23:30 -07:00
tcp_timewait.c tcp: improve consistency 2024-04-06 10:02:06 +02:00
tcp_usrreq.c Remove remaining mentions of pr_usrreq. 2025-05-08 16:29:15 +02:00
tcp_var.h Remove remaining mentions of pr_usrreq. 2025-05-08 16:29:15 +02:00
tcpip.h sys: Remove ancient SCCS tags. 2023-11-26 22:23:30 -07:00
toecore.c Remove remaining mentions of pr_usrreq. 2025-05-08 16:29:15 +02:00
toecore.h Remove remaining mentions of pr_usrreq. 2025-05-08 16:29:15 +02:00
udp.h Decorate IPv4 structures used for byte buffer overlays as packed. 2025-05-04 13:48:04 +02:00
udp_usrreq.c netinet: Fix getcred sysctl handlers to do nothing if no input is given 2025-03-20 01:33:44 +00:00
udp_var.h udp: Add a sysctl to modify listening socket FIB inheritance 2025-02-06 14:15:41 +00:00
udplite.h sys: Remove $FreeBSD$: two-line .h pattern 2023-08-16 11:54:11 -06:00