Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

support freebsd's fib feature #550

Open
wants to merge 7 commits into
base: master
Choose a base branch
from
Open

support freebsd's fib feature #550

wants to merge 7 commits into from
+92 −8

Conversation

cnbatch
Copy link

@cnbatch cnbatch commented May 7, 2024

This patch is to support FreeBSD's FIB feature.

When using FreeBSD's setfib command to launch OpenVPN in other FIB (routing table), the interface's IP address was not added to correct routing table, and then the routing entries couldn't be added successfully:
https://forums.freebsd.org/threads/freebsd-14-and-route-in-non-zero-fib.91099/
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=278295

This is duo to ifconfig command does not retrieve FIB number of current envirnment which is set by setfib. It only accepts fib N parameter.
route command can retrieve FIB number of current envirnment, the following routing entries will be added to correct routing table. But if the interface's IP address was not added correct routing table, route command will fail.

flichtenheld
flichtenheld requested changes May 8, 2024
View reviewed changes
src/openvpn/tun.c Show resolved Hide resolved
src/openvpn/tun.c Outdated Show resolved Hide resolved
src/openvpn/tun.c Outdated Show resolved Hide resolved
@schwabe
Copy link
Contributor

schwabe commented May 8, 2024

I am wondewring if the ifconfig behaviour is intended behaviour or if we working around a bug in ifconfig here in OpenVPN.

@schwabe
Copy link
Contributor

schwabe commented May 8, 2024

There are also build failures related to macOS.

@flichtenheld
Copy link
Member

There are also build failures related to macOS.

Yeah, these are related to the code that was not moved correctly.

cnbatch and others added 3 commits May 8, 2024 21:40
@cnbatch @flichtenheld
Update src/openvpn/tun.c
c97fb48 
Co-authored-by: Frank Lichtenheld <frank@lichtenheld.com>
@cnbatch
indentation fix
48c9778
@cnbatch
indentation fix
12a26ac
cnbatch
cnbatch commented May 8, 2024
View reviewed changes
Copy link
Author

@cnbatch cnbatch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

all changes have made

@cnbatch
Copy link
Author

cnbatch commented Sep 1, 2024

Sorry, it seems I misunderstood earlier.
This doesn't appear to be a FreeBSD bug but rather a requirement of ifconfig. According to FreeBSD's documentation, if a FIB number needs to be specified, it must be explicitly stated it in ifconfig; otherwise, the default FIB (main route table) will be used:
https://man.freebsd.org/cgi/man.cgi?ifconfig

fib	fib_number
	       Specify interface FIB.  A FIB fib_number	 is  assigned  to  all
	       frames  or  packets received on that interface.	The FIB	is not
	       inherited, e.g.,	vlans or other sub-interfaces will use the de-
	       fault FIB (0) irrespective of the parent	interface's FIB.   The
	       kernel  needs  to be tuned to support more than the default FIB
	       using the  ROUTETABLES  kernel  configuration  option,  or  the
	       net.fibs	tunable.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@flichtenheld flichtenheld flichtenheld requested changes

Assignees
No one assigned
Labels
enhancement FreeBSD
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@cnbatch @schwabe @flichtenheld