ip6_if.c revision 54da87551d31470e88e39052db26c879b30bf2f8
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2007 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
/*
* Copyright (c) 1990 Mentat Inc.
*/
#pragma ident "%Z%%M% %I% %E% SMI"
/*
* This file contains the interface control functions for IPv6.
*/
#include <sys/sysmacros.h>
#include <sys/isa_defs.h>
#include <netinet/igmp_var.h>
#include <inet/ip_multi.h>
#include <inet/ipclassifier.h>
static in6_addr_t ipv6_ll_template =
static ipif_t *
/*
* These two functions, ipif_lookup_group_v6() and ill_lookup_group_v6(),
* are called when an application does not specify an interface to be
* used for multicast traffic. It calls ire_lookup_multi_v6() to look
* for an interface route for the specified multicast group. Doing
* this allows the administrator to add prefix routes for multicast to
* indicate which interface to be used for multicast traffic in the above
* scenario. The route could be for all multicast (ff00::/8), for a single
* multicast group (a /128 route) or anything in between. If there is no
* such multicast route, we just find any multicast capable interface and
* return it.
*/
ipif_t *
{
return (ipif);
}
}
ill_t *
{
return (ill);
}
return (NULL);
return (ill);
}
/*
* Look for an ipif with the specified interface address and destination.
* The destination address is used only for matching point-to-point interfaces.
*/
static ipif_t *
{
*error = 0;
/*
* First match all the point-to-point interfaces
* before looking at non-point-to-point interfaces.
* This is done to avoid returning non-point-to-point
* ipif instead of unnumbered point-to-point ipif.
*/
GRAB_CONN_LOCK(q);
/* Allow the ipif to be down */
if_addr)) &&
dst))) {
if (IPIF_CAN_LOOKUP(ipif)) {
return (ipif);
} else if (IPIF_CAN_WAIT(ipif, q)) {
ill);
*error = EINPROGRESS;
return (NULL);
}
}
}
}
/* lookup the ipif based on interface address */
return (ipif);
}
/*
* Look for an ipif with the specified address. For point-point links
* we look for matches on either the destination address and the local
* address, but we ignore the check on the local address if IPIF_UNNUMBERED
* is set.
* Matches on a specific ill if match_ill is set.
*/
/* ARGSUSED */
ipif_t *
{
*error = 0;
/*
* Repeat twice, first based on local addresses and
* next time for pointopoint.
*/
continue;
}
GRAB_CONN_LOCK(q);
continue;
/* Allow the ipif to be down */
if ((!ptp && (IN6_ARE_ADDR_EQUAL(
addr))) {
if (IPIF_CAN_LOOKUP(ipif)) {
return (ipif);
} else if (IPIF_CAN_WAIT(ipif, q)) {
ill);
*error = EINPROGRESS;
return (NULL);
}
}
}
}
/* If we already did the ptp case, then we are done */
if (ptp) {
return (NULL);
}
goto repeat;
}
/*
* Look for an ipif with the specified address. For point-point links
* we look for matches on either the destination address and the local
* address, but we ignore the check on the local address if IPIF_UNNUMBERED
* is set.
* Matches on a specific ill if match_ill is set.
* Return the zoneid for the ipif. ALL_ZONES if none found.
*/
{
/*
* Repeat twice, first based on local addresses and
* next time for pointopoint.
*/
continue;
}
/* Allow the ipif to be down */
if ((!ptp && (IN6_ARE_ADDR_EQUAL(
addr)) &&
/*
* If ipif_zoneid was ALL_ZONES then we have
* a trusted extensions shared IP address.
* In that case GLOBAL_ZONEID works to send.
*/
return (zoneid);
}
}
}
/* If we already did the ptp case, then we are done */
if (ptp) {
return (ALL_ZONES);
}
goto repeat;
}
/*
* Perform various checks to verify that an address would make sense as a local
* interface address. This is currently only called when an attempt is made
* to set a local address.
*
* Does not allow a v4-mapped address, an address that equals the subnet
* anycast address, ... a multicast address, ...
*/
{
if (IN6_IS_ADDR_UNSPECIFIED(addr))
return (B_TRUE); /* Allow all zeros */
/*
* Don't allow all zeroes or host part, but allow
* all ones netmask.
*/
if (IN6_IS_ADDR_V4MAPPED(addr) ||
return (B_FALSE);
return (B_TRUE);
}
/*
* Perform various checks to verify that an address would make sense as a
*/
{
if (IN6_IS_ADDR_UNSPECIFIED(addr))
return (B_TRUE); /* Allow all zeros */
if (IN6_IS_ADDR_V4MAPPED(addr) ||
return (B_FALSE);
return (B_TRUE);
}
/*
* ip_rt_add_v6 is called to add an IPv6 route to the forwarding table.
* ipif_arg is passed in to associate it with the correct interface
* (for link-local destinations and gateways).
*/
/* ARGSUSED1 */
int
{
int match_flags = MATCH_IRE_TYPE;
int error;
/*
* Prevent routes with a zero gateway from being created (since
* interfaces can currently be plumbed and brought up with no assigned
* address).
*/
return (ENETUNREACH);
/*
* If this is the case of RTF_HOST being set, then we set the netmask
* to all ones (regardless if one was supplied).
*/
mask = &ipv6_all_ones;
/*
* Get the ipif, if any, corresponding to the gw_addr
*/
else if (error == EINPROGRESS) {
ip1dbg(("ip_rt_add_v6: null and EINPROGRESS"));
return (error);
}
/*
* GateD will attempt to create routes with a loopback interface
* address as the gateway and with RTF_GATEWAY set. We allow
* these routes to be added, but create them as interface routes
* since the gateway is an interface address.
*/
flags &= ~RTF_GATEWAY;
if (ipif_refheld)
return (EEXIST);
}
ip1dbg(("ipif_up_done: 0x%p creating IRE 0x%x"
"for 0x%x\n", (void *)ipif,
ire = ire_create_v6(
mask,
NULL,
NULL,
NULL,
NULL,
ipif,
NULL,
0,
0,
NULL,
NULL,
ipst);
if (ipif_refheld)
return (ENOMEM);
}
if (error == 0)
goto save_ire;
/*
* In the result of failure, ire_add() will have already
* deleted the ire in question, so there is no need to
* do that here.
*/
if (ipif_refheld)
return (error);
}
}
/*
* Traditionally, interface routes are ones where RTF_GATEWAY isn't set
* and the gateway address provided is one of the system's interface
* addresses. By using the routing socket interface and supplying an
* RTA_IFP sockaddr with an interface index, an alternate method of
* specifying an interface route to be created is available which uses
* the interface index that specifies the outgoing interface rather than
* the address of an outgoing interface (which may not be able to
* uniquely identify an interface). When coupled with the RTF_GATEWAY
* flag, routes can be specified which not only specify the next-hop to
* be used when routing to a certain prefix, but also which outgoing
* interface should be used.
*
* Previously, interfaces would have unique addresses assigned to them
* and so the address assigned to a particular interface could be used
* to identify a particular interface. One exception to this was the
* case of an unnumbered interface (where IPIF_UNNUMBERED was set).
*
* With the advent of IPv6 and its link-local addresses, this
* restriction was relaxed and interfaces could share addresses between
* themselves. In fact, typically all of the link-local interfaces on
* an IPv6 node or router will have the same link-local address. In
* order to differentiate between these interfaces, the use of an
* interface index is necessary and this index can be carried inside a
* RTA_IFP sockaddr (which is actually a sockaddr_dl). One restriction
* of using the interface index, however, is that all of the ipif's that
* are part of an ill have the same index and so the RTA_IFP sockaddr
* cannot be used to differentiate between ipif's (or logical
* interfaces) that belong to the same ill (physical interface).
*
* For example, in the following case involving IPv4 interfaces and
* logical interfaces
*
* 192.0.2.32 255.255.255.224 192.0.2.33 U if0
* 192.0.2.32 255.255.255.224 192.0.2.34 U if0:1
* 192.0.2.32 255.255.255.224 192.0.2.35 U if0:2
*
* the ipif's corresponding to each of these interface routes can be
* uniquely identified by the "gateway" (actually interface address).
*
* In this case involving multiple IPv6 default routes to a particular
* link-local gateway, the use of RTA_IFP is necessary to specify which
* default route is of interest:
*
* default fe80::123:4567:89ab:cdef U if0
* default fe80::123:4567:89ab:cdef U if1
*/
/* RTF_GATEWAY not set */
if (!(flags & RTF_GATEWAY)) {
ip2dbg(("ip_rt_add_v6: gateway security attributes "
"cannot be set with interface route\n"));
if (ipif_refheld)
return (EINVAL);
}
/*
* As the interface index specified with the RTA_IFP sockaddr is
* the same for all ipif's off of an ill, the matching logic
* below uses MATCH_IRE_ILL if such an index was specified.
* This means that routes sharing the same prefix when added
* using a RTA_IFP sockaddr must have distinct interface
* indices (namely, they must be on distinct ill's).
*
* On the other hand, since the gateway address will usually be
* different for each ipif on the system, the matching logic
* uses MATCH_IRE_IPIF in the case of a traditional interface
* route. This means that interface routes for the same prefix
* can be created if they belong to distinct ipif's and if a
* RTA_IFP sockaddr is not present.
*/
if (ipif_refheld) {
}
} else {
/*
* Check the ipif corresponding to the gw_addr
*/
return (ENETUNREACH);
}
/*
* We check for an existing entry at this point.
*/
if (ipif_refheld)
return (EEXIST);
}
/*
* Create a copy of the IRE_LOOPBACK, IRE_IF_NORESOLVER or
* IRE_IF_RESOLVER with the modified address and netmask.
*/
ire = ire_create_v6(
mask,
NULL,
NULL,
NULL,
stq,
ipif,
NULL,
0,
0,
NULL,
NULL,
ipst);
if (ipif_refheld)
return (ENOMEM);
}
/*
* Some software (for example, GateD and Sun Cluster) attempts
* to create (what amount to) IRE_PREFIX routes with the
* loopback address as the gateway. This is primarily done to
* set up prefixes with the RTF_REJECT flag set (for example,
* when generating aggregate routes.)
*
* If the IRE type (as defined by ipif->ipif_net_type) is
* IRE_LOOPBACK, then we map the request into a
* IRE_IF_NORESOLVER.
*
* Needless to say, the real IRE_LOOPBACK is NOT created by this
* routine, but rather using ire_create_v6() directly.
*/
if (error == 0)
goto save_ire;
/*
* In the result of failure, ire_add() will have already
* deleted the ire in question, so there is no need to
* do that here.
*/
if (ipif_refheld)
return (error);
}
if (ipif_refheld) {
}
/*
* Get an interface IRE for the specified gateway.
* If we don't have an IRE_IF_NORESOLVER or IRE_IF_RESOLVER for the
* gateway, it is currently unreachable and we fail the request
* accordingly.
*/
return (ENETUNREACH);
/*
* We create one of three types of IREs as a result of this request
* based on the netmask. A netmask of all ones (which is automatically
* assumed when RTF_HOST is set) results in an IRE_HOST being created.
* An all zeroes netmask implies a default route so an IRE_DEFAULT is
* created. Otherwise, an IRE_PREFIX route is created for the
* destination prefix.
*/
else if (IN6_IS_ADDR_UNSPECIFIED(mask))
type = IRE_DEFAULT;
else
type = IRE_PREFIX;
/* check for a duplicate entry */
return (EEXIST);
}
/* Security attribute exists */
/* find or create the gateway credentials group */
/* we hold reference to it upon success */
return (ENOMEM);
}
/*
* Create and add the security attribute to the group; a
* reference to the group is made upon allocating a new
* entry successfully. If it finds an already-existing
* entry for the security attribute in the group, it simply
* returns it and no new reference is made to the group.
*/
/* release reference held by gcgrp_lookup */
return (ENOMEM);
}
}
/* Create the IRE. */
ire = ire_create_v6(
dst_addr, /* dest address */
mask, /* mask */
/* src address assigned by the caller? */
gw_addr, /* gateway address */
NULL, /* no src nce */
NULL, /* no recv-from queue */
NULL, /* no send-to queue */
NULL,
0,
0,
gc, /* security attribute */
NULL,
ipst);
/*
* The ire holds a reference to the 'gc' and the 'gc' holds a
* reference to the 'gcgrp'. We can now release the extra reference
* the 'gcgrp' acquired in the gcgrp_lookup, if it was not used.
*/
if (gcgrp_xtraref)
GC_REFRELE(gc);
return (ENOMEM);
}
/*
* POLICY: should we allow an RTF_HOST with address INADDR_ANY?
*/
/* Add the new IRE. */
/*
* In the result of failure, ire_add() will have already
* deleted the ire in question, so there is no need to
* do that here.
*/
if (error != 0) {
return (error);
}
if (flags & RTF_MULTIRT) {
/*
* Invoke the CGTP (multirouting) filtering module
* to add the dst address in the filtering database.
* Replicated inbound packets coming from that address
* will be filtered to discard the duplicates.
* It is not necessary to call the CGTP filter hook
* when the dst address is a multicast, because an
* IP source address cannot be a multicast.
*/
if ((ip_cgtp_filter_ops != NULL) &&
&ire->ire_addr_v6,
if (res != 0) {
return (res);
}
}
}
/*
* Now that the prefix IRE entry has been created, delete any
* existing gateway IRE cache entries as well as any IRE caches
* using the gateway, and force them to be created through
* ip_newroute_v6.
*/
}
}
/*
* Save enough information so that we can recreate the IRE if
* the interface goes down and then up. The metrics associated
* with the route will be saved as well when rts_setmetrics() is
* called after the IRE has been created. In the case where
* memory cannot be allocated, none of this information will be
* saved.
*/
}
}
/*
* Store the ire that was successfully added into where ire_arg
* points to so that callers don't have to look it up
* themselves (but they are responsible for ire_refrele()ing
* the ire when they are finished with it).
*/
} else {
}
if (ipif_refheld)
return (0);
}
/*
* ip_rt_delete_v6 is called to delete an IPv6 route.
* ipif_arg is passed in to associate it with the correct interface
* (for link-local destinations and gateways).
*/
/* ARGSUSED4 */
int
{
int err = 0;
/*
* If this is the case of RTF_HOST being set, then we set the netmask
* to all ones. Otherwise, we use the netmask if one was supplied.
*/
mask = &ipv6_all_ones;
} else if (rtm_addrs & RTA_NETMASK) {
}
/*
* Note that RTF_GATEWAY is never set on a delete, therefore
* we check if the gateway address is one of our interfaces first,
* and fall back on RTF_GATEWAY routes.
*
* This makes it possible to delete an original
* IRE_IF_NORESOLVER/IRE_IF_RESOLVER - consistent with SunOS 4.1.
*
* As the interface index specified with the RTA_IFP sockaddr is the
* same for all ipif's off of an ill, the matching logic below uses
* MATCH_IRE_ILL if such an index was specified. This means a route
* sharing the same prefix and interface index as the the route
* intended to be deleted might be deleted instead if a RTA_IFP sockaddr
* is specified in the request.
*
* On the other hand, since the gateway address will usually be
* different for each ipif on the system, the matching logic
* uses MATCH_IRE_IPIF in the case of a traditional interface
* route. This means that interface routes for the same prefix can be
* uniquely identified if they belong to distinct ipif's and if a
* RTA_IFP sockaddr is not present.
*
* For more detail on specifying routes by gateway address and by
* interface index, see the comments in ip_rt_add_v6().
*/
ipst);
} else {
}
match_flags, ipst);
} else if (err == EINPROGRESS) {
return (err);
} else {
err = 0;
}
/*
* At this point, the gateway address is not one of our own
* addresses or a matching interface route was not found. We
* set the IRE type to lookup based on whether
* this is a host route, a default route or just a prefix.
*
* If an ipif_arg was passed in, then the lookup is based on an
* interface index so MATCH_IRE_ILL is added to match_flags.
* In any case, MATCH_IRE_IPIF is cleared and MATCH_IRE_GW is
* set as the route being looked up is not a traditional
* interface route.
*/
else if (IN6_IS_ADDR_UNSPECIFIED(mask))
type = IRE_DEFAULT;
else
type = IRE_PREFIX;
}
if (ipif_refheld) {
}
return (ESRCH);
/*
* Invoke the CGTP (multirouting) filtering module
* to remove the dst address from the filtering database.
* Packets coming from that address will no longer be
* filtered to remove duplicates.
*/
if (ip_cgtp_filter_ops != NULL &&
}
}
/* Remove from ipif_saved_ire_mp list if it is there */
/*
* On a given ipif, the triple of address, gateway and
* mask is unique for each saved IRE (in the case of
* ordinary interface routes, the gateway address is
* all-zeroes).
*/
&ire->ire_addr_v6) &&
&gw_addr_v6) &&
&ire->ire_mask_v6)) {
break;
}
}
}
return (err);
}
/*
* Derive a token from the link layer address.
*/
{
int i;
return (B_FALSE);
for (i = 0; i < 4; i++)
(uint32_t)0xffffffff;
return (B_TRUE);
}
/*
* Create a link-local address from a token.
*/
static void
{
int i;
for (i = 0; i < 4; i++) {
}
}
/*
* Set a nice default address for either automatic tunnels tsrc/96 or
* 6to4 tunnels 2002:<tsrc>::1/64
*/
static void
{
return;
/*
* Check the tunnel type by examining q_next->q_ptr
*/
/* this is an automatic tunnel */
&ipif->ipif_v6net_mask);
/* this is a 6to4 tunnel */
(void) ip_plen_to_mask_v6(IPV6_PREFIX_LEN,
&ipif->ipif_v6net_mask);
/* create a 6to4 address from the IPv4 tsrc */
} else {
ip1dbg(("ipif_set_tun_auto_addr: Unknown tunnel type"));
return;
}
}
/*
* Set link local for ipif_id 0 of a configured tunnel based on the
* tsrc or tdst parameter
* For tunnels over IPv4 use the IPv4 address prepended with 32 zeros as
* the token.
* For tunnels over IPv6 use the low-order 64 bits of the "inner" IPv6 address
* as the token for the "outer" link.
*/
void
{
/* The first ipif must be id zero. */
/* no link local for automatic tunnels */
return;
}
} else {
s6addr =
}
}
/* Set the token if it isn't already set */
} else {
s6addr =
}
}
/*
* Attempt to set the link local address if it isn't set.
*/
(void) ipif_setlinklocal(ipif);
}
}
/*
* Is it not possible to set the link local address?
* The address can be set if the token is set, and the token
* isn't too long.
* Return B_TRUE if the address can't be set, or B_FALSE if it can.
*/
{
return (B_TRUE);
return (B_FALSE);
}
/*
* Generate a link-local address from the token.
* Return zero if the address was set, or non-zero if it couldn't be set.
*/
int
{
if (ipif_cant_setlinklocal(ipif))
return (-1);
} else {
}
return (0);
}
/*
* This function sets up the multicast mappings in NDP.
* Unlike ARP, there are no mapping_mps here. We delete the
* mapping nces and add a new one.
*
* Returns non-zero on error and 0 on success.
*/
int
{
int err = 0;
/*
* Delete the mapping nce. Normally these should not exist
* as a previous ipif_down -> ipif_ndp_down should have deleted
* all the nces. But they can exist if ip_rput_dlpi_writer
* calls this when PHYI_MULTI_BCAST is set.
*/
}
/*
* Get media specific v6 mapping information. Note that
* nd_lla_len can be 0 for tunnels.
*/
return (ENOMEM);
/*
* Determine the broadcast address.
*/
if (ill->ill_sap_length < 0)
else
/*
* Check PHYI_MULTI_BCAST and possible length of physical
* address to determine if we use the mapping or the
* broadcast address.
*/
&v6_extract_mask))) {
return (E2BIG);
}
/* Use the link-layer broadcast address for MULTI_BCAST */
} else {
}
&v6_mcast_addr, /* v6 address */
&v6_mcast_mask, /* v6 mask */
&mnce);
if (err == 0) {
} else {
}
}
}
return (err);
}
/*
* Get the resolver set up for a new interface address. (Always called
* as writer.)
*/
int
{
int err = 0;
ip1dbg(("ipif_ndp_up(%s:%u)\n",
/*
* ND not supported on XRESOLV interfaces. If ND support (multicast)
* added later, take out this check.
*/
return (0);
}
/*
* Need to setup multicast mapping only when the first
* interface is coming UP.
*/
if (ill->ill_ipif_up_count == 0 &&
/*
* We set the multicast before setting up the mapping for
* local address because ipif_ndp_setup_multicast does
* ndp_walk to delete nces which will delete the mapping
* for local address also if we added the mapping for
* local address first.
*/
if (err != 0)
return (err);
}
/* Permanent entries don't need NUD */
flags |= NCE_F_ISROUTER;
flags |= NCE_F_ANYCAST;
if (ill->ill_move_in_progress) {
/*
* Addresses are failing over to this ill.
* Don't wait for NUD to see this change.
* Publish our new link-layer address.
*/
flags |= NCE_F_UNSOL_ADV;
}
}
addr,
0,
ND_PROBE, /* Causes Duplicate Address Detection to run */
&nce);
switch (err) {
case 0:
ip1dbg(("ipif_ndp_up: NCE created for %s\n",
break;
case EINPROGRESS:
ip1dbg(("ipif_ndp_up: running DAD now for %s\n",
break;
case EEXIST:
ip1dbg(("ipif_ndp_up: NCE already exists for %s\n",
}
return (err);
default:
ip1dbg(("ipif_ndp_up: NCE creation failed %s\n",
}
return (err);
}
} else {
/* No local NCE for this entry */
}
return (0);
}
/* Remove all cache entries for this logical interface */
void
{
B_FALSE);
}
}
/*
* Remove mapping and all other nces dependent on this ill
* when the last ipif is going away.
*/
}
}
/*
* Used when an interface comes up to recreate any extra routes on this
* interface.
*/
static ire_t **
{
if (ipif_saved_irep == NULL) {
return (NULL);
}
char buf[INET6_ADDRSTRLEN];
/*
* When the ire was initially created and then added in
* ip_rt_add_v6(), it was created either using
* ipif->ipif_net_type in the case of a traditional interface
* route, or as one of the IRE_OFFSUBNET types (with the
* exception of IRE_HOST type redirect ire which is created by
* icmp_redirect_v6() and which we don't need to save or
* recover). In the case where ipif->ipif_net_type was
* IRE_LOOPBACK, ip_rt_add_v6() will update the ire_type to
* IRE_IF_NORESOLVER before calling ire_add_v6() to satisfy
* software like GateD and Sun Cluster which creates routes
* using the the loopback interface's address as a gateway.
*
* As ifrt->ifrt_type reflects the already updated ire_type,
* ire_create_v6() will be called in the same way here as in
* ip_rt_add_v6(), namely using ipif->ipif_net_type when the
* route looks like a traditional interface route (where
* ifrt->ifrt_type & IRE_INTERFACE is true) and otherwise
* using the saved ifrt->ifrt_type. This means that in
* the case where ipif->ipif_net_type is IRE_LOOPBACK,
* the ire created by ire_create_v6() will be an IRE_LOOPBACK,
* it will then be turned into an IRE_IF_NORESOLVER and then
* added by ire_add_v6().
*/
? &ifrt->ifrt_v6src_addr
: &ipif->ipif_v6src_addr;
gateway_addr = NULL;
} else {
}
/*
* Create a copy of the IRE with the saved address and netmask.
*/
ip1dbg(("ipif_recover_ire_v6: creating IRE %s (%d) for %s/%d\n",
ire = ire_create_v6(
&ifrt->ifrt_v6addr,
&ifrt->ifrt_v6mask,
NULL,
rfq,
stq,
type,
ipif,
NULL,
0,
0,
NULL,
NULL,
ipst);
return (NULL);
}
/*
* Some software (for example, GateD and Sun Cluster) attempts
* to create (what amount to) IRE_PREFIX routes with the
* loopback address as the gateway. This is primarily done to
* set up prefixes with the RTF_REJECT flag set (for example,
* when generating aggregate routes.)
*
* If the IRE type (as defined by ipif->ipif_net_type) is
* IRE_LOOPBACK, then we map the request into a
* IRE_IF_NORESOLVER.
*/
/*
* ire held by ire_add, will be refreled' in ipif_up_done
* towards the end
*/
irep++;
}
return (ipif_saved_irep);
}
/*
* Return the scope of the given IPv6 address. If the address is an
* IPv4 mapped IPv6 address, return the scope of the corresponding
* IPv4 address.
*/
{
if (IN6_IS_ADDR_V4MAPPED(addr)) {
return (IP6_SCOPE_LINKLOCAL);
return (IP6_SCOPE_SITELOCAL);
return (IP6_SCOPE_GLOBAL);
}
if (IN6_IS_ADDR_MULTICAST(addr))
return (IN6_ADDR_MC_SCOPE(addr));
/* link-local and loopback addresses are of link-local scope */
if (IN6_IS_ADDR_LINKLOCAL(addr) ||
return (IP6_SCOPE_LINKLOCAL);
if (IN6_IS_ADDR_SITELOCAL(addr))
return (IP6_SCOPE_SITELOCAL);
return (IP6_SCOPE_GLOBAL);
}
/*
* Returns the length of the common prefix of a1 and a2, as per
* CommonPrefixLen() defined in RFC 3484.
*/
static int
{
int i;
for (i = 0; i < 4; i++) {
i *= 32;
mask = 0x80000000u;
mask >>= 1;
i++;
}
return (i);
}
}
return (IPV6_ABITS);
}
#define IPIF_VALID_IPV6_SOURCE(ipif) \
(ipif)->ipif_addr_ready)
/* source address candidate */
typedef struct candidate {
/* The properties of this candidate */
int cand_common_pref;
int cand_pref_len;
} cand_t;
/* information about the destination for source address selection */
typedef struct dstinfo {
const in6_addr_t *dst_addr;
char *dst_label;
} dstinfo_t;
/*
* The following functions are rules used to select a source address in
* ipif_select_source_v6(). Each rule compares a current candidate (cc)
* against the best candidate (bc). Each rule has three possible outcomes;
* the candidate is preferred over the best candidate (CAND_PREFER), the
* candidate is not preferred over the best candidate (CAND_AVOID), or the
* candidate is of equal value as the best candidate (CAND_TIE).
*
* These rules are part of a greater "Default Address Selection for IPv6"
* sheme, which is standards based work coming out of the IETF ipv6 working
* group. The IETF document defines both IPv6 source address selection and
* destination address ordering. The rules defined here implement the IPv6
* source address selection. Destination address ordering is done by
* libnsl, and uses a similar set of rules to implement the sorting.
*
* Most of the rules are defined by the RFC and are not typically altered. The
* last rule, number 8, has language that allows for local preferences. In the
* scheme below, this means that new Solaris rules should normally go between
* rule_ifprefix and rule_prefix.
*/
ip_stack_t *);
/* Prefer an address if it is equal to the destination address. */
/* ARGSUSED3 */
static rule_res_t
{
if (!bc->cand_isdst_set) {
bc->cand_isdst =
}
cc->cand_isdst =
return (CAND_TIE);
else if (cc->cand_isdst)
return (CAND_PREFER);
else
return (CAND_AVOID);
}
/*
* Prefer addresses that are of closest scope to the destination. Always
* prefer addresses that are of greater scope than the destination over
* those that are of lesser scope than the destination.
*/
/* ARGSUSED3 */
static rule_res_t
{
if (!bc->cand_scope_set) {
}
return (CAND_AVOID);
else
return (CAND_PREFER);
return (CAND_PREFER);
else
return (CAND_AVOID);
} else {
return (CAND_TIE);
}
}
/*
* Prefer non-deprecated source addresses.
*/
/* ARGSUSED2 */
static rule_res_t
{
if (!bc->cand_isdeprecated_set) {
}
return (CAND_TIE);
else if (cc->cand_isdeprecated)
return (CAND_AVOID);
else
return (CAND_PREFER);
}
/*
* Prefer source addresses that have the IPIF_PREFERRED flag set. This
* rule must be before rule_interface because the flag could be set on any
* interface, not just the interface being used for outgoing packets (for
* example, the IFF_PREFERRED could be set on an address assigned to the
* loopback interface).
*/
/* ARGSUSED2 */
static rule_res_t
{
if (!bc->cand_ispreferred_set) {
}
return (CAND_TIE);
else if (cc->cand_ispreferred)
return (CAND_PREFER);
else
return (CAND_AVOID);
}
/*
* Prefer source addresses that are assigned to the outgoing interface, or
* to an interface that is in the same IPMP group as the outgoing
* interface.
*/
/* ARGSUSED3 */
static rule_res_t
{
/*
* If dstinfo->dst_restrict_ill is set, this rule is unnecessary
* since we know all candidates will be on the same link.
*/
if (dstinfo->dst_restrict_ill)
return (CAND_TIE);
if (!bc->cand_matchedinterface_set) {
}
return (CAND_TIE);
else if (cc->cand_matchedinterface)
return (CAND_PREFER);
else
return (CAND_AVOID);
}
/*
* Prefer source addresses whose label matches the destination's label.
*/
static rule_res_t
{
char *label;
if (!bc->cand_matchedlabel_set) {
}
return (CAND_TIE);
else if (cc->cand_matchedlabel)
return (CAND_PREFER);
else
return (CAND_AVOID);
}
/*
* Prefer public addresses over temporary ones. An application can reverse
* the logic of this rule and prefer temporary addresses by using the
* IPV6_SRC_PREFERENCES socket option.
*/
/* ARGSUSED3 */
static rule_res_t
{
if (!bc->cand_istmp_set) {
}
return (CAND_TIE);
return (CAND_PREFER);
return (CAND_PREFER);
else
return (CAND_AVOID);
}
/*
* Prefer source addresses with longer matching prefix with the destination
* under the interface mask. This gets us on the same subnet before applying
* any Solaris-specific rules.
*/
/* ARGSUSED3 */
static rule_res_t
{
if (!bc->cand_pref_eq_set) {
}
if (bc->cand_pref_eq) {
if (cc->cand_pref_eq) {
if (!bc->cand_pref_len_set) {
bc->cand_pref_len =
}
return (CAND_TIE);
return (CAND_AVOID);
else
return (CAND_PREFER);
} else {
return (CAND_AVOID);
}
} else {
if (cc->cand_pref_eq)
return (CAND_PREFER);
else
return (CAND_TIE);
}
}
/*
* Prefer to use zone-specific addresses when possible instead of all-zones
* addresses.
*/
/* ARGSUSED2 */
static rule_res_t
{
return (CAND_TIE);
return (CAND_AVOID);
else
return (CAND_PREFER);
}
/*
* Prefer to use DHCPv6 (first) and static addresses (second) when possible
* instead of statelessly autoconfigured addresses.
*
* This is done after trying all other preferences (and before the final tie
* breaker) so that, if all else is equal, we select addresses configured by
* DHCPv6 over other addresses. We presume that DHCPv6 addresses, unlike
* stateless autoconfigured addresses, are deliberately configured by an
* administrator, and thus are correctly set up in DNS and network packet
* filters.
*/
/* ARGSUSED2 */
static rule_res_t
{
#define ATYPE(x) \
return (CAND_TIE);
return (CAND_PREFER);
else
return (CAND_AVOID);
}
/*
* Prefer source addresses with longer matching prefix with the destination.
* We do the longest matching prefix calculation by doing an xor of both
* addresses with the destination, and pick the address with the longest string
* of leading zeros, as per CommonPrefixLen() defined in RFC 3484.
*/
/* ARGSUSED3 */
static rule_res_t
{
if (!bc->cand_common_pref_set) {
}
return (CAND_TIE);
return (CAND_AVOID);
else
return (CAND_PREFER);
}
/*
* Last rule: we must pick something, so just prefer the current best
* candidate.
*/
/* ARGSUSED */
static rule_res_t
{
return (CAND_AVOID);
}
/*
* Determine the best source address given a destination address and a
* destination ill. If no suitable source address is found, it returns
* NULL. If there is a usable address pointed to by the usesrc
* (i.e ill_usesrc_ifindex != 0) then return that first since it is more
* fine grained (i.e per interface)
*
* This implementation is based on the "Default Address Selection for IPv6"
* specification produced by the IETF IPv6 working group. It has been
* implemented so that the list of addresses is only traversed once (the
* specification's algorithm could traverse the list of addresses once for
* every rule).
*
* The restrict_ill argument restricts the algorithm to chose a source
* address that is assigned to the destination ill or an ill in the same
* IPMP group as the destination ill. This is used when the destination
* address is a link-local or multicast address, and when
* ipv6_strict_dst_multihoming is turned on.
*
* src_prefs is the caller's set of source address preferences. If source
* address selection is being called to determine the source address of a
* connected socket (from ip_bind_connected_v6()), then the preferences are
* taken from conn_src_preferences. These preferences can be set on a
* per-socket basis using the IPV6_SRC_PREFERENCES socket option. The only
* preference currently implemented is for rfc3041 temporary addresses.
*/
ipif_t *
{
char dstr[INET6_ADDRSTRLEN];
char sstr[INET6_ADDRSTRLEN];
/*
* The list of ordering rules. They are applied in the order they
* appear in the list.
*
* Solaris doesn't currently support Mobile IPv6, so there's no
* rule_mipv6 corresponding to rule 4 in the specification.
*/
rule_ifprefix, /* local rules after this */
rule_prefix, /* local rules before this */
rule_must_be_last, /* must always be last */
};
/*
* Check if there is a usable src address pointed to by the
* usesrc ifindex. This has higher precedence since it is
* finer grained (i.e per interface) v/s being system wide.
*/
if (dstill->ill_usesrc_ifindex != 0) {
if ((usesrc_ill =
} else {
return (NULL);
}
} else {
}
/*
* If we're dealing with an unlabeled destination on a labeled system,
* make sure that we ignore source addresses that are incompatible with
* the destination's default label. That destination's default label
* must dominate the minimum label on the source address.
*
* (Note that this has to do with Trusted Solaris. It's not related to
* the labels described by ip6_asp_lookup.)
*/
if (is_system_labeled()) {
return (NULL);
}
}
/*
* Section three of the I-D states that for multicast and
* link-local destinations, the candidate set must be restricted to
* an interface that is on the same link as the outgoing interface.
* Also, when ipv6_strict_dst_multihoming is turned on, always
* restrict the source address to the destination link as doing
* otherwise will almost certainly cause problems.
*/
if (restrict_ill == RESTRICT_TO_NONE)
else
} else {
}
/*
* Take a pass through the list of IPv6 interfaces to chose the
* best possible source address. If restrict_ill is true, we only
* iterate through the ill's that are in the same IPMP group as the
* destination's outgoing ill. If restrict_ill is false, we walk
* the entire list of IPv6 ill's.
*/
} else {
}
} else {
}
/*
* Global and site local addresses will failover and
* will be available on the new ill.
* But link local addresses don't move.
*/
(PHYI_OFFLINE | PHYI_FAILED))
goto next_ill;
if (!IPIF_VALID_IPV6_SOURCE(ipif))
continue;
continue;
/*
* Check compatibility of local address for
* destination's default label if we're on a labeled
* system. Incompatible addresses can't be used at
* all and must be skipped over.
*/
continue;
incompat =
if (incompat)
continue;
}
if (first_candidate) {
/*
* This is first valid address in the list.
* It is automatically the best candidate
* so far.
*/
continue;
}
/*
* Compare this current candidate (curr_c) with the
* best candidate (best_c) by applying the
* comparison rules in order until one breaks the
* tie.
*/
/* Apply a comparison rule. */
ipst);
if (rule_result == CAND_AVOID) {
/*
* The best candidate is still the
* best candidate. Forget about
* this current candidate and go on
* to the next one.
*/
break;
} else if (rule_result == CAND_PREFER) {
/*
* This candidate is prefered. It
* becomes the best candidate so
* far. Go on to the next address.
*/
break;
}
/* We have a tie, apply the next rule. */
}
/*
* The last rule must be a tie breaker rule and
* must never produce a tie. At this point, the
* candidate should have either been rejected, or
* have been prefered as the best candidate so far.
*/
}
/*
* We may be walking the linked-list of ill's in an
* IPMP group or traversing the IPv6 ill avl tree. If it is a
* usesrc ILL then it can't be part of IPMP group and we
* will exit the while loop.
*/
else
}
ip1dbg(("ipif_select_source_v6(%s, %s) -> %s\n",
if (usesrc_ill != NULL)
return (NULL);
}
if (IPIF_CAN_LOOKUP(ipif)) {
return (ipif);
}
ip1dbg(("ipif_select_source_v6 cannot lookup ipif %p"
" returning null \n", (void *)ipif));
return (NULL);
}
/*
* If old_ipif is not NULL, see if ipif was derived from old
* ipif and if so, recreate the interface route by re-doing
* source address selection. This happens when ipif_down ->
* ipif_update_other_ipifs calls us.
*
* If old_ipif is NULL, just redo the source address selection
* if needed. This happens when illgrp_insert or ipif_up_done_v6
* calls us.
*/
void
{
if (!(ipif->ipif_flags &
/*
* Can't possibly have borrowed the source
* from old_ipif.
*/
return;
}
/*
* Is there any work to be done? No work if the address
* is INADDR_ANY, loopback or NOLOCAL or ANYCAST (
* ipif_select_source_v6() does not borrow addresses from
* NOLOCAL and ANYCAST interfaces).
*/
(old_ipif->ipif_flags &
(IPIF_NOLOCAL|IPIF_ANYCAST)))) {
return;
}
/*
* Perform the same checks as when creating the
* IRE_INTERFACE in ipif_up_done_v6.
*/
return;
return;
return;
/*
* We know that ipif uses some other source for its
* IRE_INTERFACE. Is it using the source of this
* old_ipif?
*/
return;
&ipif_ire->ire_src_addr_v6)) {
return;
}
if (ip_debug > 2) {
/* ip1dbg */
pr_addr_dbg("ipif_recreate_interface_routes_v6: deleting IRE"
}
/*
* Can't use our source address. Select a different source address
* for the IRE_INTERFACE. We restrict interface route source
* address selection to ipif's assigned to the same link as the
* interface.
*/
if (ip6_asp_can_lookup(ipst)) {
ipif->ipif_zoneid);
}
/* Last resort - all ipif's have IPIF_NOLOCAL */
} else {
}
ire = ire_create_v6(
NULL, /* no gateway */
NULL, /* no src nce */
NULL, /* no recv from queue */
stq, /* send-to queue */
ipif,
NULL,
0,
0,
0,
NULL,
NULL,
ipst);
int error;
/*
* We don't need ipif_ire anymore. We need to delete
* before we add so that ire_add does not detect
* duplicates.
*/
/* Held in ire_add */
}
}
/*
* Either we are falling through from above or could not
* allocate a replacement.
*/
if (ip6_asp_table_held)
if (nipif_refheld)
}
/*
* This old_ipif is going away.
*
* Determine if any other ipif's are using our address as
* ipif_v6lcl_addr (due to those being IPIF_NOLOCAL, IPIF_ANYCAST, or
* IPIF_DEPRECATED).
* Find the IRE_INTERFACE for such ipif's and recreate them
* to use an different source address following the rules in
* ipif_up_done_v6.
*
* This function takes an illgrp as an argument so that illgrp_delete
* can call this to update source address even after deleting the
* old_ipif->ipif_ill from the ill group.
*/
void
{
char buf[INET6_ADDRSTRLEN];
ip1dbg(("ipif_update_other_ipifs_v6(%s, %s)\n",
/*
* If this part of a group, look at all ills as ipif_select_source
* borrows a source address across all the ills in the group.
*/
/* Don't need a lock since this is a writer */
continue;
}
}
}
/*
* Perform an attach and bind to get phys addr plus info_req for
* the physical device.
* q and mp represents an ioctl which will be queued waiting for
* completion of the DLPI message exchange.
* MUST be called on an ill queue. Can not set conn_pending_ill for that
* reason thus the DL_PHYS_ADDR_ACK code does not assume ill_pending_q.
*
* Returns EINPROGRESS when mp has been consumed by queueing it on
* ill_pending_mp and the ioctl will complete in ip_rput.
*/
int
{
sizeof (t_scalar_t), DL_PHYS_ADDR_REQ);
if (v6token_mp == NULL)
goto bad;
sizeof (t_scalar_t), DL_PHYS_ADDR_REQ);
goto bad;
}
/*
* Allocate a DL_NOTIFY_REQ and set the notifications we want.
*/
goto bad;
sizeof (t_scalar_t), DL_PHYS_ADDR_REQ);
goto bad;
sizeof (dl_info_req_t) + sizeof (dl_info_ack_t),
goto bad;
goto bad;
goto bad;
/* If we need to attach, pre-alloc and initialize the mblk */
if (ill->ill_needs_attach) {
goto bad;
}
/*
* Here we are going to delay the ioctl ack until after
* ACKs from DL_PHYS_ADDR_REQ. So need to save the
* original ioctl message before sending the requests
*/
/* ipsq_pending_mp_add won't fail since we pass in a NULL connp */
/*
* Set ill_phys_addr_pend to zero. It will be set to the addr_type of
* the DL_PHYS_ADDR_REQ in ill_dlpi_send() and ill_dlpi_done(). It will
*/
ill->ill_phys_addr_pend = 0;
ip1dbg(("ill_dl_phys: attach\n"));
}
}
/*
* This operation will complete in ip_rput_dlpi_writer with either
* a DL_PHYS_ADDR_ACK or DL_ERROR_ACK.
*/
return (EINPROGRESS);
bad:
return (ENOMEM);
}
/*
* DLPI is up.
* Create all the IREs associated with an interface bring up multicast.
* Set the interface flag and finish other initialization
* that potentially had to be differed to after DL_BIND_ACK.
*/
int
{
int err;
char buf[INET6_ADDRSTRLEN];
int ipif_saved_ire_cnt;
int cnt;
ip1dbg(("ipif_up_done_v6(%s:%u)\n",
/* Check if this is a loopback interface */
/*
* If all other interfaces for this ill are down or DEPRECATED,
* or otherwise unsuitable for source address selection, remove
* any IRE_CACHE entries for this ill to make sure source
* address selection gets to take this new ipif into account.
* No need to hold ill_lock while traversing the ipif list since
* we are writer
*/
if (((tmp_ipif->ipif_flags &
continue;
/* first useable pre-existing interface */
break;
}
if (flush_ire_cache)
/*
* Figure out which way the send-to queue should go. Only
* IRE_IF_RESOLVER or IRE_IF_NORESOLVER should show up here.
*/
switch (ill->ill_net_type) {
case IRE_IF_RESOLVER:
break;
case IRE_IF_NORESOLVER:
case IRE_LOOPBACK:
break;
default:
return (EINVAL);
}
if (IS_LOOPBACK(ill)) {
/*
* lo0:1 and subsequent ipifs were marked IRE_LOCAL in
* ipif_lookup_on_name(), but in the case of zones we can have
* several loopback addresses on lo0. So all the interfaces with
* loopback addresses need to be marked IRE_LOOPBACK.
*/
else
}
/*
* Can't use our source address. Select a different
* source address for the IRE_INTERFACE and IRE_LOCAL
*/
if (ip6_asp_can_lookup(ipst)) {
}
else
} else {
}
/*
* If we're on a labeled system then make sure that zone-
* private addresses have proper remote host database entries.
*/
if (is_system_labeled() &&
if (ip6opt_ls == 0) {
return (EINVAL);
}
if (!tsol_check_interface_address(ipif))
return (EINVAL);
}
/* Register the source address for __sin6_src_id */
if (err != 0) {
if (src_ipif_held)
if (ip6_asp_table_held)
return (err);
}
/*
* If the interface address is set, create the LOCAL
* or LOOPBACK IRE.
*/
ip1dbg(("ipif_up_done_v6: creating IRE %d for %s\n",
*irep++ = ire_create_v6(
&ipv6_all_ones, /* mask */
NULL, /* no gateway */
&ip_loopback_mtu_v6plus, /* max frag size */
NULL,
NULL, /* no send-to queue */
ipif, /* interface */
NULL,
0,
0,
NULL,
NULL,
ipst);
}
/*
* Set up the IRE_IF_RESOLVER or IRE_IF_NORESOLVER, as appropriate.
* Note that atun interfaces have an all-zero ipif_v6subnet.
* Thus we allow a zero subnet as long as the mask is non-zero.
*/
/* ipif_v6subnet is ipif_v6pp_dst_addr for pt-pt */
} else {
}
ip1dbg(("ipif_up_done_v6: creating if IRE %d for %s\n",
*irep++ = ire_create_v6(
&v6addr, /* dest pref */
&route_mask, /* mask */
NULL, /* no gateway */
NULL, /* no src nce */
NULL, /* no recv from queue */
stq, /* send-to queue */
ipif,
NULL,
0,
0,
NULL,
NULL,
ipst);
}
/*
* Setup 2002::/16 route, if this interface is a 6to4 tunnel
*/
(ill->ill_is_6to4tun)) {
/*
* Destination address is 2002::/16
*/
#ifdef _BIG_ENDIAN
#else
#endif /* _BIG_ENDIAN */
char buf2[INET6_ADDRSTRLEN];
/*
* check to see if this route has already been added for
* this tunnel interface.
*/
ip1dbg(("ipif_up_done_v6: creating if IRE %d for %s",
*irep++ = ire_create_v6(
&prefix_addr, /* 2002:: */
&prefix_mask, /* ffff:: */
NULL, /* gateway */
NULL, /* no src nce */
NULL, /* no rfq */
IRE_IF_NORESOLVER, /* type */
ipif, /* interface */
NULL, /* v6cmask */
0,
0,
NULL,
NULL,
ipst);
} else {
}
}
/* If an earlier ire_create failed, get out now */
irep1--;
ip1dbg(("ipif_up_done_v6: NULL ire found in"
" ire_array\n"));
goto bad;
}
}
/*
* Need to atomically check for ip_addr_availablity_check
* now under ill_g_lock, and if it fails got bad, and remove
* from group also
*/
ill->ill_ipif_up_count++;
if (err != 0) {
/*
* Our address may already be up on the same ill. In this case,
* the external resolver entry for our ipif replaced the one for
* the other ipif. So we don't want to delete it (otherwise the
* other ipif would be unable to send packets).
* ip_addr_availability_check() identifies this case for us and
* returns EADDRINUSE; we need to turn it into EADDRNOTAVAIL
* which is the expected error code.
*/
if (err == EADDRINUSE) {
}
err = EADDRNOTAVAIL;
}
ill->ill_ipif_up_count--;
goto bad;
}
/*
* Add in all newly created IREs. We want to add before
* we call ifgrp_insert which wants to know whether
* IRE_IF_RESOLVER exists or not.
*
* NOTE : We refrele the ire though we may branch to "bad"
* later on where we do ire_delete. This is okay
* because nobody can delete it as we are running
* exclusively.
*/
irep1--;
/* Shouldn't be adding any bcast ire's */
/*
* refheld by ire_add. refele towards the end of the func
*/
}
if (ip6_asp_table_held) {
}
/*
* Form groups if possible.
*
* If we are supposed to be in a ill_group with a name, insert it
* now as we know that at least one ipif is UP. Otherwise form
* nameless groups.
*
* If ip_enable_group_ifs is set and ipif address is not ::0, insert
* this ipif into the appropriate interface group, or create a
* new one. If this is already in a nameless group, we try to form
* a bigger group looking at other ills potentially sharing this
* ipif's prefix.
*/
if (phyi->phyint_groupname_len != 0) {
if (err != 0) {
ip1dbg(("ipif_up_done_v6: illgrp allocation "
"failed, error %d\n", err));
goto bad;
}
}
}
/* Recover any additional IRE_IF_[NO]RESOLVER entries for this ipif */
/*
* Need to recover all multicast memberships in the driver.
* This had to be deferred until we had attached.
*/
}
/* Join the allhosts multicast address and the solicited node MC */
if (!loopback) {
/*
* See whether anybody else would benefit from the
* new ipif that we added. We call this always rather
* than while adding a non-IPIF_NOLOCAL/DEPRECATED/ANYCAST
* ipif for the benefit of illgrp_insert (done above)
* which does not do source address selection as it does
* not want to re-create interface routes that we are
* having reference to it here.
*/
}
irep1--;
/* was held in ire_add */
ire_refrele(*irep1);
}
}
/* was held in ire_add */
ire_refrele(*irep1);
}
}
if (ipif->ipif_addr_ready) {
}
if (ipif_saved_irep != NULL) {
ipif_saved_ire_cnt * sizeof (ire_t *));
}
if (src_ipif_held)
return (0);
bad:
if (ip6_asp_table_held)
/*
* We don't have to bother removing from ill groups because
*
* 1) For groups with names, we insert only when the first ipif
* comes up. In that case if it fails, it will not be in any
* group. So, we need not try to remove for that case.
*
* 2) For groups without names, either we tried to insert ipif_ill
* in a group as singleton or found some other group to become
* a bigger group. For the former, if it fails we don't have
* anything to do as ipif_ill is not in the group and for the
* latter, there are no failures in illgrp_insert/illgrp_delete
* (ENOMEM can't occur for this. Check ifgrp_insert).
*/
irep--;
ire_delete(*irep);
if (ire_added)
ire_refrele(*irep);
}
}
if (ipif_saved_irep != NULL) {
ipif_saved_ire_cnt * sizeof (ire_t *));
}
if (src_ipif_held)
return (err);
}
/*
* Delete an ND entry and the corresponding IRE_CACHE entry if it exists.
*/
/* ARGSUSED */
int
{
/* Only allow for logical unit zero i.e. not on "le0:17" */
return (EINVAL);
return (EINVAL);
return (EAFNOSUPPORT);
return (ESRCH);
return (0);
}
/*
* Return nbr cache info.
*/
/* ARGSUSED */
int
{
/* Only allow for logical unit zero i.e. not on "le0:17" */
return (EINVAL);
return (EINVAL);
return (EAFNOSUPPORT);
return (EINVAL);
}
/*
* Perform an update of the nd entry for the specified address.
*/
/* ARGSUSED */
int
{
/* Only allow for logical unit zero i.e. not on "le0:17" */
return (EINVAL);
return (EINVAL);
return (EAFNOSUPPORT);
}