2 * Copyright (c) 1982, 1986, 1988, 1993
3 * The Regents of the University of California. All rights reserved.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 4. Neither the name of the University nor the names of its contributors
14 * may be used to endorse or promote products derived from this software
15 * without specific prior written permission.
17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * @(#)if_ether.c 8.1 (Berkeley) 6/10/93
33 * Ethernet address resolution protocol.
35 * add "inuse/lock" bit (or ref. count) along with valid bit
38 #include <sys/cdefs.h>
39 __FBSDID("$FreeBSD$");
43 #include <sys/param.h>
44 #include <sys/kernel.h>
46 #include <sys/queue.h>
47 #include <sys/sysctl.h>
48 #include <sys/systm.h>
50 #include <sys/malloc.h>
52 #include <sys/rmlock.h>
53 #include <sys/socket.h>
54 #include <sys/syslog.h>
57 #include <net/if_var.h>
58 #include <net/if_dl.h>
59 #include <net/if_types.h>
60 #include <net/netisr.h>
61 #include <net/ethernet.h>
62 #include <net/route.h>
65 #include <netinet/in.h>
66 #include <netinet/in_fib.h>
67 #include <netinet/in_var.h>
68 #include <net/if_llatbl.h>
69 #include <netinet/if_ether.h>
71 #include <netinet/ip_carp.h>
74 #include <security/mac/mac_framework.h>
76 #define SIN(s) ((const struct sockaddr_in *)(s))
78 static struct timeval arp_lastlog
;
79 static int arp_curpps
;
80 static int arp_maxpps
= 1;
82 /* Simple ARP state machine */
83 enum arp_llinfo_state
{
84 ARP_LLINFO_INCOMPLETE
= 0, /* No LLE data */
85 ARP_LLINFO_REACHABLE
, /* LLE is valid */
86 ARP_LLINFO_VERIFY
, /* LLE is valid, need refresh */
87 ARP_LLINFO_DELETED
, /* LLE is deleted */
90 SYSCTL_DECL(_net_link_ether
);
91 static SYSCTL_NODE(_net_link_ether
, PF_INET
, inet
, CTLFLAG_RW
, 0, "");
92 static SYSCTL_NODE(_net_link_ether
, PF_ARP
, arp
, CTLFLAG_RW
, 0, "");
95 static VNET_DEFINE(int, arpt_keep
) = (20*60); /* once resolved, good for 20
97 static VNET_DEFINE(int, arp_maxtries
) = 5;
98 static VNET_DEFINE(int, arp_proxyall
) = 0;
99 static VNET_DEFINE(int, arpt_down
) = 20; /* keep incomplete entries for
101 static VNET_DEFINE(int, arpt_rexmit
) = 1; /* retransmit arp entries, sec*/
102 VNET_PCPUSTAT_DEFINE(struct arpstat
, arpstat
); /* ARP statistics, see if_arp.h */
103 VNET_PCPUSTAT_SYSINIT(arpstat
);
106 VNET_PCPUSTAT_SYSUNINIT(arpstat
);
109 static VNET_DEFINE(int, arp_maxhold
) = 1;
111 #define V_arpt_keep VNET(arpt_keep)
112 #define V_arpt_down VNET(arpt_down)
113 #define V_arpt_rexmit VNET(arpt_rexmit)
114 #define V_arp_maxtries VNET(arp_maxtries)
115 #define V_arp_proxyall VNET(arp_proxyall)
116 #define V_arp_maxhold VNET(arp_maxhold)
118 SYSCTL_INT(_net_link_ether_inet
, OID_AUTO
, max_age
, CTLFLAG_VNET
| CTLFLAG_RW
,
119 &VNET_NAME(arpt_keep
), 0,
120 "ARP entry lifetime in seconds");
121 SYSCTL_INT(_net_link_ether_inet
, OID_AUTO
, maxtries
, CTLFLAG_VNET
| CTLFLAG_RW
,
122 &VNET_NAME(arp_maxtries
), 0,
123 "ARP resolution attempts before returning error");
124 SYSCTL_INT(_net_link_ether_inet
, OID_AUTO
, proxyall
, CTLFLAG_VNET
| CTLFLAG_RW
,
125 &VNET_NAME(arp_proxyall
), 0,
126 "Enable proxy ARP for all suitable requests");
127 SYSCTL_INT(_net_link_ether_inet
, OID_AUTO
, wait
, CTLFLAG_VNET
| CTLFLAG_RW
,
128 &VNET_NAME(arpt_down
), 0,
129 "Incomplete ARP entry lifetime in seconds");
130 SYSCTL_VNET_PCPUSTAT(_net_link_ether_arp
, OID_AUTO
, stats
, struct arpstat
,
131 arpstat
, "ARP statistics (struct arpstat, net/if_arp.h)");
132 SYSCTL_INT(_net_link_ether_inet
, OID_AUTO
, maxhold
, CTLFLAG_VNET
| CTLFLAG_RW
,
133 &VNET_NAME(arp_maxhold
), 0,
134 "Number of packets to hold per ARP entry");
135 SYSCTL_INT(_net_link_ether_inet
, OID_AUTO
, max_log_per_second
,
136 CTLFLAG_RW
, &arp_maxpps
, 0,
137 "Maximum number of remotely triggered ARP messages that can be "
138 "logged per second");
140 #define ARP_LOG(pri, ...) do { \
141 if (ppsratecheck(&arp_lastlog, &arp_curpps, arp_maxpps)) \
142 log((pri), "arp: " __VA_ARGS__); \
146 static void arpintr(struct mbuf
*);
147 static void arptimer(void *);
149 static void in_arpinput(struct mbuf
*);
152 static void arp_check_update_lle(struct arphdr
*ah
, struct in_addr isaddr
,
153 struct ifnet
*ifp
, int bridged
, struct llentry
*la
);
154 static void arp_mark_lle_reachable(struct llentry
*la
);
155 static void arp_iflladdr(void *arg __unused
, struct ifnet
*ifp
);
157 static eventhandler_tag iflladdr_tag
;
159 static const struct netisr_handler arp_nh
= {
161 .nh_handler
= arpintr
,
162 .nh_proto
= NETISR_ARP
,
163 .nh_policy
= NETISR_POLICY_SOURCE
,
167 * Timeout routine. Age arp_tab entries periodically.
172 struct llentry
*lle
= (struct llentry
*)arg
;
176 if (lle
->la_flags
& LLE_STATIC
) {
180 if (callout_pending(&lle
->lle_timer
)) {
182 * Here we are a bit odd here in the treatment of
183 * active/pending. If the pending bit is set, it got
184 * rescheduled before I ran. The active
185 * bit we ignore, since if it was stopped
186 * in ll_tablefree() and was currently running
187 * it would have return 0 so the code would
188 * not have deleted it since the callout could
189 * not be stopped so we want to go through
190 * with the delete here now. If the callout
191 * was restarted, the pending bit will be back on and
192 * we just want to bail since the callout_reset would
193 * return 1 and our reference would have been removed
194 * by arpresolve() below.
199 ifp
= lle
->lle_tbl
->llt_ifp
;
200 CURVNET_SET(ifp
->if_vnet
);
202 switch (lle
->ln_state
) {
203 case ARP_LLINFO_REACHABLE
:
206 * Expiration time is approaching.
207 * Let's try to refresh entry if it is still
210 * Set r_skip_req to get feedback from
211 * fast path. Change state and re-schedule
217 lle
->ln_state
= ARP_LLINFO_VERIFY
;
218 callout_schedule(&lle
->lle_timer
, hz
* V_arpt_rexmit
);
222 case ARP_LLINFO_VERIFY
:
224 r_skip_req
= lle
->r_skip_req
;
227 if (r_skip_req
== 0 && lle
->la_preempt
> 0) {
228 /* Entry was used, issue refresh request */
230 dst
= lle
->r_l3addr
.addr4
;
232 callout_schedule(&lle
->lle_timer
, hz
* V_arpt_rexmit
);
234 arprequest(ifp
, NULL
, &dst
, NULL
);
238 /* Nothing happened. Reschedule if not too late */
239 if (lle
->la_expire
> time_uptime
) {
240 callout_schedule(&lle
->lle_timer
, hz
* V_arpt_rexmit
);
246 case ARP_LLINFO_INCOMPLETE
:
247 case ARP_LLINFO_DELETED
:
251 if ((lle
->la_flags
& LLE_DELETED
) == 0) {
254 if (lle
->la_flags
& LLE_VALID
)
255 evt
= LLENTRY_EXPIRED
;
257 evt
= LLENTRY_TIMEDOUT
;
258 EVENTHANDLER_INVOKE(lle_event
, lle
, evt
);
261 callout_stop(&lle
->lle_timer
);
263 /* XXX: LOR avoidance. We still have ref on lle. */
268 /* Guard against race with other llentry_free(). */
269 if (lle
->la_flags
& LLE_LINKED
) {
271 lltable_unlink_entry(lle
->lle_tbl
, lle
);
273 IF_AFDATA_UNLOCK(ifp
);
275 size_t pkts_dropped
= llentry_free(lle
);
277 ARPSTAT_ADD(dropped
, pkts_dropped
);
278 ARPSTAT_INC(timeouts
);
284 * Stores link-layer header for @ifp in format suitable for if_output()
285 * into buffer @buf. Resulting header length is stored in @bufsize.
287 * Returns 0 on success.
290 arp_fillheader(struct ifnet
*ifp
, struct arphdr
*ah
, int bcast
, u_char
*buf
,
293 struct if_encap_req ereq
;
296 bzero(buf
, *bufsize
);
297 bzero(&ereq
, sizeof(ereq
));
299 ereq
.bufsize
= *bufsize
;
300 ereq
.rtype
= IFENCAP_LL
;
301 ereq
.family
= AF_ARP
;
302 ereq
.lladdr
= ar_tha(ah
);
303 ereq
.hdata
= (u_char
*)ah
;
305 ereq
.flags
= IFENCAP_FLAG_BROADCAST
;
306 error
= ifp
->if_requestencap(ifp
, &ereq
);
308 *bufsize
= ereq
.bufsize
;
315 * Broadcast an ARP request. Caller specifies:
316 * - arp header source ip address
317 * - arp header target ip address
318 * - arp header source ethernet address
321 arprequest(struct ifnet
*ifp
, const struct in_addr
*sip
,
322 const struct in_addr
*tip
, u_char
*enaddr
)
327 u_char
*carpaddr
= NULL
;
328 uint8_t linkhdr
[LLE_MAX_LINKHDR
];
335 * The caller did not supply a source address, try to find
336 * a compatible one among those assigned to this interface.
341 TAILQ_FOREACH(ifa
, &ifp
->if_addrhead
, ifa_link
) {
342 if (ifa
->ifa_addr
->sa_family
!= AF_INET
)
346 if ((*carp_iamatch_p
)(ifa
, &carpaddr
) == 0)
348 sip
= &IA_SIN(ifa
)->sin_addr
;
351 sip
= &IA_SIN(ifa
)->sin_addr
;
354 if (0 == ((sip
->s_addr
^ tip
->s_addr
) &
355 IA_MASKSIN(ifa
)->sin_addr
.s_addr
))
356 break; /* found it. */
358 IF_ADDR_RUNLOCK(ifp
);
360 printf("%s: cannot find matching address\n", __func__
);
365 enaddr
= carpaddr
? carpaddr
: (u_char
*)IF_LLADDR(ifp
);
367 if ((m
= m_gethdr(M_NOWAIT
, MT_DATA
)) == NULL
)
369 m
->m_len
= sizeof(*ah
) + 2 * sizeof(struct in_addr
) +
371 m
->m_pkthdr
.len
= m
->m_len
;
372 M_ALIGN(m
, m
->m_len
);
373 ah
= mtod(m
, struct arphdr
*);
374 bzero((caddr_t
)ah
, m
->m_len
);
376 mac_netinet_arp_send(ifp
, m
);
378 ah
->ar_pro
= htons(ETHERTYPE_IP
);
379 ah
->ar_hln
= ifp
->if_addrlen
; /* hardware address length */
380 ah
->ar_pln
= sizeof(struct in_addr
); /* protocol address length */
381 ah
->ar_op
= htons(ARPOP_REQUEST
);
382 bcopy(enaddr
, ar_sha(ah
), ah
->ar_hln
);
383 bcopy(sip
, ar_spa(ah
), ah
->ar_pln
);
384 bcopy(tip
, ar_tpa(ah
), ah
->ar_pln
);
385 sa
.sa_family
= AF_ARP
;
388 /* Calculate link header for sending frame */
389 bzero(&ro
, sizeof(ro
));
390 linkhdrsize
= sizeof(linkhdr
);
391 error
= arp_fillheader(ifp
, ah
, 1, linkhdr
, &linkhdrsize
);
392 if (error
!= 0 && error
!= EAFNOSUPPORT
) {
393 ARP_LOG(LOG_ERR
, "Failed to calculate ARP header on %s: %d\n",
394 if_name(ifp
), error
);
398 ro
.ro_prepend
= linkhdr
;
399 ro
.ro_plen
= linkhdrsize
;
402 m
->m_flags
|= M_BCAST
;
403 m_clrprotoflags(m
); /* Avoid confusing lower layers. */
404 (*ifp
->if_output
)(ifp
, m
, &sa
, &ro
);
405 ARPSTAT_INC(txrequests
);
410 * Resolve an IP address into an ethernet address - heavy version.
411 * Used internally by arpresolve().
412 * We have already checked than we can't use existing lle without
413 * modification so we have to acquire LLE_EXCLUSIVE lle lock.
415 * On success, desten and flags are filled in and the function returns 0;
416 * If the packet must be held pending resolution, we return EWOULDBLOCK
417 * On other errors, we return the corresponding error code.
418 * Note that m_freem() handles NULL.
421 arpresolve_full(struct ifnet
*ifp
, int is_gw
, int flags
, struct mbuf
*m
,
422 const struct sockaddr
*dst
, u_char
*desten
, uint32_t *pflags
,
423 struct llentry
**plle
)
425 struct llentry
*la
= NULL
, *la_tmp
;
426 struct mbuf
*curr
= NULL
;
427 struct mbuf
*next
= NULL
;
437 if ((flags
& LLE_CREATE
) == 0) {
438 IF_AFDATA_RLOCK(ifp
);
439 la
= lla_lookup(LLTABLE(ifp
), LLE_EXCLUSIVE
, dst
);
440 IF_AFDATA_RUNLOCK(ifp
);
442 if (la
== NULL
&& (ifp
->if_flags
& (IFF_NOARP
| IFF_STATICARP
)) == 0) {
443 la
= lltable_alloc_entry(LLTABLE(ifp
), 0, dst
);
446 "arpresolve: can't allocate llinfo for %s on %s\n",
447 inet_ntoa(SIN(dst
)->sin_addr
), if_name(ifp
));
452 IF_AFDATA_WLOCK(ifp
);
454 la_tmp
= lla_lookup(LLTABLE(ifp
), LLE_EXCLUSIVE
, dst
);
455 /* Prefer ANY existing lle over newly-created one */
457 lltable_link_entry(LLTABLE(ifp
), la
);
458 IF_AFDATA_WUNLOCK(ifp
);
459 if (la_tmp
!= NULL
) {
460 lltable_free_entry(LLTABLE(ifp
), la
);
469 if ((la
->la_flags
& LLE_VALID
) &&
470 ((la
->la_flags
& LLE_STATIC
) || la
->la_expire
> time_uptime
)) {
471 if (flags
& LLE_ADDRONLY
) {
472 lladdr
= la
->ll_addr
;
473 ll_len
= ifp
->if_addrlen
;
475 lladdr
= la
->r_linkdata
;
476 ll_len
= la
->r_hdrlen
;
478 bcopy(lladdr
, desten
, ll_len
);
480 /* Check if we have feedback request from arptimer() */
481 if (la
->r_skip_req
!= 0) {
483 la
->r_skip_req
= 0; /* Notify that entry was used */
487 *pflags
= la
->la_flags
& (LLE_VALID
|LLE_IFADDR
);
496 renew
= (la
->la_asked
== 0 || la
->la_expire
!= time_uptime
);
498 * There is an arptab entry, but no ethernet address
499 * response yet. Add the mbuf to the list, dropping
500 * the oldest packet if we have exceeded the system
504 if (la
->la_numheld
>= V_arp_maxhold
) {
505 if (la
->la_hold
!= NULL
) {
506 next
= la
->la_hold
->m_nextpkt
;
507 m_freem(la
->la_hold
);
510 ARPSTAT_INC(dropped
);
513 if (la
->la_hold
!= NULL
) {
515 while (curr
->m_nextpkt
!= NULL
)
516 curr
= curr
->m_nextpkt
;
523 * Return EWOULDBLOCK if we have tried less than arp_maxtries. It
524 * will be masked by ether_output(). Return EHOSTDOWN/EHOSTUNREACH
525 * if we have already sent arp_maxtries ARP requests. Retransmit the
526 * ARP request, but not faster than one request per second.
528 if (la
->la_asked
< V_arp_maxtries
)
529 error
= EWOULDBLOCK
; /* First request. */
531 error
= is_gw
!= 0 ? EHOSTUNREACH
: EHOSTDOWN
;
537 la
->la_expire
= time_uptime
;
538 canceled
= callout_reset(&la
->lle_timer
, hz
* V_arpt_down
,
544 arprequest(ifp
, NULL
, &SIN(dst
)->sin_addr
, NULL
);
553 * Resolve an IP address into an ethernet address.
556 arpresolve_addr(struct ifnet
*ifp
, int flags
, const struct sockaddr
*dst
,
557 char *desten
, uint32_t *pflags
, struct llentry
**plle
)
561 flags
|= LLE_ADDRONLY
;
562 error
= arpresolve_full(ifp
, 0, flags
, NULL
, dst
, desten
, pflags
, plle
);
568 * Lookups link header based on an IP address.
570 * ifp is the interface we use
571 * is_gw != 0 if @dst represents gateway to some destination
572 * m is the mbuf. May be NULL if we don't have a packet.
573 * dst is the next hop,
574 * desten is the storage to put LL header.
575 * flags returns subset of lle flags: LLE_VALID | LLE_IFADDR
577 * On success, full/partial link header and flags are filled in and
578 * the function returns 0.
579 * If the packet must be held pending resolution, we return EWOULDBLOCK
580 * On other errors, we return the corresponding error code.
581 * Note that m_freem() handles NULL.
584 arpresolve(struct ifnet
*ifp
, int is_gw
, struct mbuf
*m
,
585 const struct sockaddr
*dst
, u_char
*desten
, uint32_t *pflags
,
586 struct llentry
**plle
)
588 struct llentry
*la
= NULL
;
596 if (m
->m_flags
& M_BCAST
) {
599 ifp
->if_broadcastaddr
, ifp
->if_addrlen
);
602 if (m
->m_flags
& M_MCAST
) {
604 ETHER_MAP_IP_MULTICAST(&SIN(dst
)->sin_addr
, desten
);
609 IF_AFDATA_RLOCK(ifp
);
610 la
= lla_lookup(LLTABLE(ifp
), plle
? LLE_EXCLUSIVE
: LLE_UNLOCKED
, dst
);
611 if (la
!= NULL
&& (la
->r_flags
& RLLE_VALID
) != 0) {
612 /* Entry found, let's copy lle info */
613 bcopy(la
->r_linkdata
, desten
, la
->r_hdrlen
);
615 *pflags
= LLE_VALID
| (la
->r_flags
& RLLE_IFADDR
);
616 /* Check if we have feedback request from arptimer() */
617 if (la
->r_skip_req
!= 0) {
619 la
->r_skip_req
= 0; /* Notify that entry was used */
627 IF_AFDATA_RUNLOCK(ifp
);
632 IF_AFDATA_RUNLOCK(ifp
);
634 return (arpresolve_full(ifp
, is_gw
, la
== NULL
? LLE_CREATE
: 0, m
, dst
,
635 desten
, pflags
, plle
));
639 * Common length and type checks are done here,
640 * then the protocol-specific routine is called.
643 arpintr(struct mbuf
*m
)
650 ifp
= m
->m_pkthdr
.rcvif
;
652 if (m
->m_len
< sizeof(struct arphdr
) &&
653 ((m
= m_pullup(m
, sizeof(struct arphdr
))) == NULL
)) {
654 ARP_LOG(LOG_NOTICE
, "packet with short header received on %s\n",
658 ar
= mtod(m
, struct arphdr
*);
660 /* Check if length is sufficient */
661 if (m
->m_len
< arphdr_len(ar
)) {
662 m
= m_pullup(m
, arphdr_len(ar
));
664 ARP_LOG(LOG_NOTICE
, "short packet received on %s\n",
668 ar
= mtod(m
, struct arphdr
*);
673 switch (ntohs(ar
->ar_hrd
)) {
675 hlen
= ETHER_ADDR_LEN
; /* RFC 826 */
679 hlen
= 6; /* RFC 1390, FDDI_ADDR_LEN */
683 hlen
= 1; /* RFC 1201, ARC_ADDR_LEN */
686 case ARPHRD_INFINIBAND
:
687 hlen
= 20; /* RFC 4391, INFINIBAND_ALEN */
688 layer
= "infiniband";
690 case ARPHRD_IEEE1394
:
691 hlen
= 0; /* SHALL be 16 */ /* RFC 2734 */
695 * Restrict too long hardware addresses.
696 * Currently we are capable of handling 20-byte
697 * addresses ( sizeof(lle->ll_addr) )
699 if (ar
->ar_hln
>= 20)
704 "packet with unknown hardware format 0x%02d received on "
705 "%s\n", ntohs(ar
->ar_hrd
), if_name(ifp
));
710 if (hlen
!= 0 && hlen
!= ar
->ar_hln
) {
712 "packet with invalid %s address length %d received on %s\n",
713 layer
, ar
->ar_hln
, if_name(ifp
));
718 ARPSTAT_INC(received
);
719 switch (ntohs(ar
->ar_pro
)) {
731 * ARP for Internet protocols on 10 Mb/s Ethernet.
732 * Algorithm is that given in RFC 826.
733 * In addition, a sanity check is performed on the sender
734 * protocol address, to catch impersonators.
735 * We no longer handle negotiations for use of trailer protocol:
736 * Formerly, ARP replied for protocol type ETHERTYPE_TRAIL sent
737 * along with IP replies if we wanted trailers sent to us,
738 * and also sent them in response to IP replies.
739 * This allowed either end to announce the desire to receive
741 * We no longer reply to requests for ETHERTYPE_TRAIL protocol either,
742 * but formerly didn't normally send requests.
744 static int log_arp_wrong_iface
= 1;
745 static int log_arp_movements
= 1;
746 static int log_arp_permanent_modify
= 1;
747 static int allow_multicast
= 0;
749 SYSCTL_INT(_net_link_ether_inet
, OID_AUTO
, log_arp_wrong_iface
, CTLFLAG_RW
,
750 &log_arp_wrong_iface
, 0,
751 "log arp packets arriving on the wrong interface");
752 SYSCTL_INT(_net_link_ether_inet
, OID_AUTO
, log_arp_movements
, CTLFLAG_RW
,
753 &log_arp_movements
, 0,
754 "log arp replies from MACs different than the one in the cache");
755 SYSCTL_INT(_net_link_ether_inet
, OID_AUTO
, log_arp_permanent_modify
, CTLFLAG_RW
,
756 &log_arp_permanent_modify
, 0,
757 "log arp replies from MACs different than the one in the permanent arp entry");
758 SYSCTL_INT(_net_link_ether_inet
, OID_AUTO
, allow_multicast
, CTLFLAG_RW
,
759 &allow_multicast
, 0, "accept multicast addresses");
762 in_arpinput(struct mbuf
*m
)
764 struct rm_priotracker in_ifa_tracker
;
766 struct ifnet
*ifp
= m
->m_pkthdr
.rcvif
;
767 struct llentry
*la
= NULL
, *la_tmp
;
769 struct in_ifaddr
*ia
;
771 struct in_addr isaddr
, itaddr
, myaddr
;
772 u_int8_t
*enaddr
= NULL
;
774 int bridged
= 0, is_bridge
= 0;
776 struct sockaddr_in sin
;
777 struct sockaddr
*dst
;
778 struct nhop4_basic nh4
;
779 uint8_t linkhdr
[LLE_MAX_LINKHDR
];
785 sin
.sin_len
= sizeof(struct sockaddr_in
);
786 sin
.sin_family
= AF_INET
;
787 sin
.sin_addr
.s_addr
= 0;
791 if (ifp
->if_type
== IFT_BRIDGE
)
795 * We already have checked that mbuf contains enough contiguous data
796 * to hold entire arp message according to the arp header.
798 ah
= mtod(m
, struct arphdr
*);
801 * ARP is only for IPv4 so we can reject packets with
802 * a protocol length not equal to an IPv4 address.
804 if (ah
->ar_pln
!= sizeof(struct in_addr
)) {
805 ARP_LOG(LOG_NOTICE
, "requested protocol length != %zu\n",
806 sizeof(struct in_addr
));
810 if (allow_multicast
== 0 && ETHER_IS_MULTICAST(ar_sha(ah
))) {
811 ARP_LOG(LOG_NOTICE
, "%*D is multicast\n",
812 ifp
->if_addrlen
, (u_char
*)ar_sha(ah
), ":");
816 op
= ntohs(ah
->ar_op
);
817 (void)memcpy(&isaddr
, ar_spa(ah
), sizeof (isaddr
));
818 (void)memcpy(&itaddr
, ar_tpa(ah
), sizeof (itaddr
));
820 if (op
== ARPOP_REPLY
)
821 ARPSTAT_INC(rxreplies
);
824 * For a bridge, we want to check the address irrespective
825 * of the receive interface. (This will change slightly
826 * when we have clusters of interfaces).
828 IN_IFADDR_RLOCK(&in_ifa_tracker
);
829 LIST_FOREACH(ia
, INADDR_HASH(itaddr
.s_addr
), ia_hash
) {
830 if (((bridged
&& ia
->ia_ifp
->if_bridge
== ifp
->if_bridge
) ||
831 ia
->ia_ifp
== ifp
) &&
832 itaddr
.s_addr
== ia
->ia_addr
.sin_addr
.s_addr
&&
833 (ia
->ia_ifa
.ifa_carp
== NULL
||
834 (*carp_iamatch_p
)(&ia
->ia_ifa
, &enaddr
))) {
835 ifa_ref(&ia
->ia_ifa
);
836 IN_IFADDR_RUNLOCK(&in_ifa_tracker
);
840 LIST_FOREACH(ia
, INADDR_HASH(isaddr
.s_addr
), ia_hash
)
841 if (((bridged
&& ia
->ia_ifp
->if_bridge
== ifp
->if_bridge
) ||
842 ia
->ia_ifp
== ifp
) &&
843 isaddr
.s_addr
== ia
->ia_addr
.sin_addr
.s_addr
) {
844 ifa_ref(&ia
->ia_ifa
);
845 IN_IFADDR_RUNLOCK(&in_ifa_tracker
);
849 #define BDG_MEMBER_MATCHES_ARP(addr, ifp, ia) \
850 (ia->ia_ifp->if_bridge == ifp->if_softc && \
851 !bcmp(IF_LLADDR(ia->ia_ifp), IF_LLADDR(ifp), ifp->if_addrlen) && \
852 addr == ia->ia_addr.sin_addr.s_addr)
854 * Check the case when bridge shares its MAC address with
855 * some of its children, so packets are claimed by bridge
856 * itself (bridge_input() does it first), but they are really
857 * meant to be destined to the bridge member.
860 LIST_FOREACH(ia
, INADDR_HASH(itaddr
.s_addr
), ia_hash
) {
861 if (BDG_MEMBER_MATCHES_ARP(itaddr
.s_addr
, ifp
, ia
)) {
862 ifa_ref(&ia
->ia_ifa
);
864 IN_IFADDR_RUNLOCK(&in_ifa_tracker
);
869 #undef BDG_MEMBER_MATCHES_ARP
870 IN_IFADDR_RUNLOCK(&in_ifa_tracker
);
873 * No match, use the first inet address on the receive interface
874 * as a dummy address for the rest of the function.
877 TAILQ_FOREACH(ifa
, &ifp
->if_addrhead
, ifa_link
)
878 if (ifa
->ifa_addr
->sa_family
== AF_INET
&&
879 (ifa
->ifa_carp
== NULL
||
880 (*carp_iamatch_p
)(ifa
, &enaddr
))) {
883 IF_ADDR_RUNLOCK(ifp
);
886 IF_ADDR_RUNLOCK(ifp
);
889 * If bridging, fall back to using any inet address.
891 IN_IFADDR_RLOCK(&in_ifa_tracker
);
892 if (!bridged
|| (ia
= TAILQ_FIRST(&V_in_ifaddrhead
)) == NULL
) {
893 IN_IFADDR_RUNLOCK(&in_ifa_tracker
);
896 ifa_ref(&ia
->ia_ifa
);
897 IN_IFADDR_RUNLOCK(&in_ifa_tracker
);
900 enaddr
= (u_int8_t
*)IF_LLADDR(ifp
);
901 carped
= (ia
->ia_ifa
.ifa_carp
!= NULL
);
902 myaddr
= ia
->ia_addr
.sin_addr
;
903 ifa_free(&ia
->ia_ifa
);
904 if (!bcmp(ar_sha(ah
), enaddr
, ifp
->if_addrlen
))
905 goto drop
; /* it's from me, ignore it. */
906 if (!bcmp(ar_sha(ah
), ifp
->if_broadcastaddr
, ifp
->if_addrlen
)) {
907 ARP_LOG(LOG_NOTICE
, "link address is broadcast for IP address "
908 "%s!\n", inet_ntoa(isaddr
));
912 if (ifp
->if_addrlen
!= ah
->ar_hln
) {
913 ARP_LOG(LOG_WARNING
, "from %*D: addr len: new %d, "
914 "i/f %d (ignored)\n", ifp
->if_addrlen
,
915 (u_char
*) ar_sha(ah
), ":", ah
->ar_hln
,
921 * Warn if another host is using the same IP address, but only if the
922 * IP address isn't 0.0.0.0, which is used for DHCP only, in which
923 * case we suppress the warning to avoid false positive complaints of
924 * potential misconfiguration.
926 if (!bridged
&& !carped
&& isaddr
.s_addr
== myaddr
.s_addr
&&
927 myaddr
.s_addr
!= 0) {
928 ARP_LOG(LOG_ERR
, "%*D is using my IP address %s on %s!\n",
929 ifp
->if_addrlen
, (u_char
*)ar_sha(ah
), ":",
930 inet_ntoa(isaddr
), ifp
->if_xname
);
935 if (ifp
->if_flags
& IFF_STATICARP
)
938 bzero(&sin
, sizeof(sin
));
939 sin
.sin_len
= sizeof(struct sockaddr_in
);
940 sin
.sin_family
= AF_INET
;
941 sin
.sin_addr
= isaddr
;
942 dst
= (struct sockaddr
*)&sin
;
943 IF_AFDATA_RLOCK(ifp
);
944 la
= lla_lookup(LLTABLE(ifp
), LLE_EXCLUSIVE
, dst
);
945 IF_AFDATA_RUNLOCK(ifp
);
947 arp_check_update_lle(ah
, isaddr
, ifp
, bridged
, la
);
948 else if (itaddr
.s_addr
== myaddr
.s_addr
) {
950 * Request/reply to our address, but no lle exists yet.
951 * Calculate full link prepend to use in lle.
953 linkhdrsize
= sizeof(linkhdr
);
954 if (lltable_calc_llheader(ifp
, AF_INET
, ar_sha(ah
), linkhdr
,
955 &linkhdrsize
, &lladdr_off
) != 0)
958 /* Allocate new entry */
959 la
= lltable_alloc_entry(LLTABLE(ifp
), 0, dst
);
963 * lle creation may fail if source address belongs
964 * to non-directly connected subnet. However, we
965 * will try to answer the request instead of dropping
970 lltable_set_entry_addr(ifp
, la
, linkhdr
, linkhdrsize
,
973 IF_AFDATA_WLOCK(ifp
);
975 la_tmp
= lla_lookup(LLTABLE(ifp
), LLE_EXCLUSIVE
, dst
);
978 * Check if lle still does not exists.
979 * If it does, that means that we either
980 * 1) have configured it explicitly, via
981 * 1a) 'arp -s' static entry or
982 * 1b) interface address static record
984 * 2) it was the result of sending first packet to-host
986 * 3) it was another arp reply packet we handled in
989 * In all cases except 3) we definitely need to prefer
990 * existing lle. For the sake of simplicity, prefer any
991 * existing lle over newly-create one.
994 lltable_link_entry(LLTABLE(ifp
), la
);
995 IF_AFDATA_WUNLOCK(ifp
);
997 if (la_tmp
== NULL
) {
998 arp_mark_lle_reachable(la
);
1001 /* Free newly-create entry and handle packet */
1002 lltable_free_entry(LLTABLE(ifp
), la
);
1005 arp_check_update_lle(ah
, isaddr
, ifp
, bridged
, la
);
1006 /* arp_check_update_lle() returns @la unlocked */
1011 if (op
!= ARPOP_REQUEST
)
1013 ARPSTAT_INC(rxrequests
);
1015 if (itaddr
.s_addr
== myaddr
.s_addr
) {
1016 /* Shortcut.. the receiving interface is the target. */
1017 (void)memcpy(ar_tha(ah
), ar_sha(ah
), ah
->ar_hln
);
1018 (void)memcpy(ar_sha(ah
), enaddr
, ah
->ar_hln
);
1020 struct llentry
*lle
= NULL
;
1022 sin
.sin_addr
= itaddr
;
1023 IF_AFDATA_RLOCK(ifp
);
1024 lle
= lla_lookup(LLTABLE(ifp
), 0, (struct sockaddr
*)&sin
);
1025 IF_AFDATA_RUNLOCK(ifp
);
1027 if ((lle
!= NULL
) && (lle
->la_flags
& LLE_PUB
)) {
1028 (void)memcpy(ar_tha(ah
), ar_sha(ah
), ah
->ar_hln
);
1029 (void)memcpy(ar_sha(ah
), lle
->ll_addr
, ah
->ar_hln
);
1036 if (!V_arp_proxyall
)
1039 /* XXX MRT use table 0 for arp reply */
1040 if (fib4_lookup_nh_basic(0, itaddr
, 0, 0, &nh4
) != 0)
1044 * Don't send proxies for nodes on the same interface
1045 * as this one came out of, or we'll get into a fight
1046 * over who claims what Ether address.
1048 if (nh4
.nh_ifp
== ifp
)
1051 (void)memcpy(ar_tha(ah
), ar_sha(ah
), ah
->ar_hln
);
1052 (void)memcpy(ar_sha(ah
), enaddr
, ah
->ar_hln
);
1055 * Also check that the node which sent the ARP packet
1056 * is on the interface we expect it to be on. This
1057 * avoids ARP chaos if an interface is connected to the
1061 /* XXX MRT use table 0 for arp checks */
1062 if (fib4_lookup_nh_basic(0, isaddr
, 0, 0, &nh4
) != 0)
1064 if (nh4
.nh_ifp
!= ifp
) {
1065 ARP_LOG(LOG_INFO
, "proxy: ignoring request"
1066 " from %s via %s\n",
1067 inet_ntoa(isaddr
), ifp
->if_xname
);
1072 printf("arp: proxying for %s\n", inet_ntoa(itaddr
));
1077 if (itaddr
.s_addr
== myaddr
.s_addr
&&
1078 IN_LINKLOCAL(ntohl(itaddr
.s_addr
))) {
1079 /* RFC 3927 link-local IPv4; always reply by broadcast. */
1080 #ifdef DEBUG_LINKLOCAL
1081 printf("arp: sending reply for link-local addr %s\n",
1084 m
->m_flags
|= M_BCAST
;
1085 m
->m_flags
&= ~M_MCAST
;
1087 /* default behaviour; never reply by broadcast. */
1088 m
->m_flags
&= ~(M_BCAST
|M_MCAST
);
1090 (void)memcpy(ar_tpa(ah
), ar_spa(ah
), ah
->ar_pln
);
1091 (void)memcpy(ar_spa(ah
), &itaddr
, ah
->ar_pln
);
1092 ah
->ar_op
= htons(ARPOP_REPLY
);
1093 ah
->ar_pro
= htons(ETHERTYPE_IP
); /* let's be sure! */
1094 m
->m_len
= sizeof(*ah
) + (2 * ah
->ar_pln
) + (2 * ah
->ar_hln
);
1095 m
->m_pkthdr
.len
= m
->m_len
;
1096 m
->m_pkthdr
.rcvif
= NULL
;
1097 sa
.sa_family
= AF_ARP
;
1100 /* Calculate link header for sending frame */
1101 bzero(&ro
, sizeof(ro
));
1102 linkhdrsize
= sizeof(linkhdr
);
1103 error
= arp_fillheader(ifp
, ah
, 0, linkhdr
, &linkhdrsize
);
1106 * arp_fillheader() may fail due to lack of support inside encap request
1107 * routing. This is not necessary an error, AF_ARP can/should be handled
1110 if (error
!= 0 && error
!= EAFNOSUPPORT
) {
1111 ARP_LOG(LOG_ERR
, "Failed to calculate ARP header on %s: %d\n",
1112 if_name(ifp
), error
);
1116 ro
.ro_prepend
= linkhdr
;
1117 ro
.ro_plen
= linkhdrsize
;
1120 m_clrprotoflags(m
); /* Avoid confusing lower layers. */
1121 (*ifp
->if_output
)(ifp
, m
, &sa
, &ro
);
1122 ARPSTAT_INC(txreplies
);
1131 * Checks received arp data against existing @la.
1132 * Updates lle state/performs notification if necessary.
1135 arp_check_update_lle(struct arphdr
*ah
, struct in_addr isaddr
, struct ifnet
*ifp
,
1136 int bridged
, struct llentry
*la
)
1139 struct mbuf
*m_hold
, *m_hold_next
;
1140 uint8_t linkhdr
[LLE_MAX_LINKHDR
];
1144 LLE_WLOCK_ASSERT(la
);
1146 /* the following is not an error when doing bridging */
1147 if (!bridged
&& la
->lle_tbl
->llt_ifp
!= ifp
) {
1148 if (log_arp_wrong_iface
)
1149 ARP_LOG(LOG_WARNING
, "%s is on %s "
1150 "but got reply from %*D on %s\n",
1152 la
->lle_tbl
->llt_ifp
->if_xname
,
1153 ifp
->if_addrlen
, (u_char
*)ar_sha(ah
), ":",
1158 if ((la
->la_flags
& LLE_VALID
) &&
1159 bcmp(ar_sha(ah
), la
->ll_addr
, ifp
->if_addrlen
)) {
1160 if (la
->la_flags
& LLE_STATIC
) {
1162 if (log_arp_permanent_modify
)
1164 "%*D attempts to modify "
1165 "permanent entry for %s on %s\n",
1167 (u_char
*)ar_sha(ah
), ":",
1168 inet_ntoa(isaddr
), ifp
->if_xname
);
1171 if (log_arp_movements
) {
1172 ARP_LOG(LOG_INFO
, "%s moved from %*D "
1176 (u_char
*)&la
->ll_addr
, ":",
1177 ifp
->if_addrlen
, (u_char
*)ar_sha(ah
), ":",
1182 /* Calculate full link prepend to use in lle */
1183 linkhdrsize
= sizeof(linkhdr
);
1184 if (lltable_calc_llheader(ifp
, AF_INET
, ar_sha(ah
), linkhdr
,
1185 &linkhdrsize
, &lladdr_off
) != 0)
1188 /* Check if something has changed */
1189 if (memcmp(la
->r_linkdata
, linkhdr
, linkhdrsize
) != 0 ||
1190 (la
->la_flags
& LLE_VALID
) == 0) {
1191 /* Try to perform LLE update */
1192 if (lltable_try_set_entry_addr(ifp
, la
, linkhdr
, linkhdrsize
,
1196 /* Clear fast path feedback request if set */
1200 arp_mark_lle_reachable(la
);
1203 * The packets are all freed within the call to the output
1206 * NB: The lock MUST be released before the call to the
1209 if (la
->la_hold
!= NULL
) {
1210 m_hold
= la
->la_hold
;
1213 lltable_fill_sa_entry(la
, &sa
);
1215 for (; m_hold
!= NULL
; m_hold
= m_hold_next
) {
1216 m_hold_next
= m_hold
->m_nextpkt
;
1217 m_hold
->m_nextpkt
= NULL
;
1218 /* Avoid confusing lower layers. */
1219 m_clrprotoflags(m_hold
);
1220 (*ifp
->if_output
)(ifp
, m_hold
, &sa
, NULL
);
1227 arp_mark_lle_reachable(struct llentry
*la
)
1229 int canceled
, wtime
;
1231 LLE_WLOCK_ASSERT(la
);
1233 la
->ln_state
= ARP_LLINFO_REACHABLE
;
1234 EVENTHANDLER_INVOKE(lle_event
, la
, LLENTRY_RESOLVED
);
1236 if (!(la
->la_flags
& LLE_STATIC
)) {
1238 la
->la_expire
= time_uptime
+ V_arpt_keep
;
1239 wtime
= V_arpt_keep
- V_arp_maxtries
* V_arpt_rexmit
;
1241 wtime
= V_arpt_keep
;
1242 canceled
= callout_reset(&la
->lle_timer
,
1243 hz
* wtime
, arptimer
, la
);
1248 la
->la_preempt
= V_arp_maxtries
;
1252 * Add pernament link-layer record for given interface address.
1254 static __noinline
void
1255 arp_add_ifa_lle(struct ifnet
*ifp
, const struct sockaddr
*dst
)
1257 struct llentry
*lle
, *lle_tmp
;
1260 * Interface address LLE record is considered static
1261 * because kernel code relies on LLE_STATIC flag to check
1262 * if these entries can be rewriten by arp updates.
1264 lle
= lltable_alloc_entry(LLTABLE(ifp
), LLE_IFADDR
| LLE_STATIC
, dst
);
1266 log(LOG_INFO
, "arp_ifinit: cannot create arp "
1267 "entry for interface address\n");
1271 IF_AFDATA_WLOCK(ifp
);
1273 /* Unlink any entry if exists */
1274 lle_tmp
= lla_lookup(LLTABLE(ifp
), LLE_EXCLUSIVE
, dst
);
1275 if (lle_tmp
!= NULL
)
1276 lltable_unlink_entry(LLTABLE(ifp
), lle_tmp
);
1278 lltable_link_entry(LLTABLE(ifp
), lle
);
1279 IF_AFDATA_WUNLOCK(ifp
);
1281 if (lle_tmp
!= NULL
)
1282 EVENTHANDLER_INVOKE(lle_event
, lle_tmp
, LLENTRY_EXPIRED
);
1284 EVENTHANDLER_INVOKE(lle_event
, lle
, LLENTRY_RESOLVED
);
1286 if (lle_tmp
!= NULL
)
1287 lltable_free_entry(LLTABLE(ifp
), lle_tmp
);
1291 arp_ifinit(struct ifnet
*ifp
, struct ifaddr
*ifa
)
1293 const struct sockaddr_in
*dst_in
;
1294 const struct sockaddr
*dst
;
1296 if (ifa
->ifa_carp
!= NULL
)
1299 dst
= ifa
->ifa_addr
;
1300 dst_in
= (const struct sockaddr_in
*)dst
;
1302 if (ntohl(dst_in
->sin_addr
.s_addr
) == INADDR_ANY
)
1304 arp_announce_ifaddr(ifp
, dst_in
->sin_addr
, IF_LLADDR(ifp
));
1306 arp_add_ifa_lle(ifp
, dst
);
1310 arp_announce_ifaddr(struct ifnet
*ifp
, struct in_addr addr
, u_char
*enaddr
)
1313 if (ntohl(addr
.s_addr
) != INADDR_ANY
)
1314 arprequest(ifp
, &addr
, &addr
, enaddr
);
1318 * Sends gratuitous ARPs for each ifaddr to notify other
1319 * nodes about the address change.
1321 static __noinline
void
1322 arp_handle_ifllchange(struct ifnet
*ifp
)
1326 TAILQ_FOREACH(ifa
, &ifp
->if_addrhead
, ifa_link
) {
1327 if (ifa
->ifa_addr
->sa_family
== AF_INET
)
1328 arp_ifinit(ifp
, ifa
);
1333 * A handler for interface link layer address change event.
1336 arp_iflladdr(void *arg __unused
, struct ifnet
*ifp
)
1339 lltable_update_ifaddr(LLTABLE(ifp
));
1341 if ((ifp
->if_flags
& IFF_UP
) != 0)
1342 arp_handle_ifllchange(ifp
);
1349 if (IS_DEFAULT_VNET(curvnet
)) {
1350 netisr_register(&arp_nh
);
1351 iflladdr_tag
= EVENTHANDLER_REGISTER(iflladdr_event
,
1352 arp_iflladdr
, NULL
, EVENTHANDLER_PRI_ANY
);
1356 netisr_register_vnet(&arp_nh
);
1359 VNET_SYSINIT(vnet_arp_init
, SI_SUB_PROTO_DOMAIN
, SI_ORDER_SECOND
,
1364 * We have to unregister ARP along with IP otherwise we risk doing INADDR_HASH
1365 * lookups after destroying the hash. Ideally this would go on SI_ORDER_3.5.
1368 vnet_arp_destroy(__unused
void *arg
)
1371 netisr_unregister_vnet(&arp_nh
);
1373 VNET_SYSUNINIT(vnet_arp_uninit
, SI_SUB_PROTO_DOMAIN
, SI_ORDER_THIRD
,
1374 vnet_arp_destroy
, NULL
);