It may happen that the interface is up but not yet running
when we issue the rejoin_ipv6_mcast_groups(). This can be
fixed by calling this function again right after the iface
is set to 'running' state in the notify_iface_up handler.
Signed-off-by: Marcin Kajor <marcin.kajor@nordicsemi.no>
When calling net_if_get_default(), print a warning if no
network interfaces are found. This helps debugging mysterious
crashes.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
When trying to get IPv6 prefix, if there are no network interfaces
then the net_if_get_default() will return NULL but we should not
crash at that point but return gracefully.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Making default preferred time much closer to default valid time
so that the served addresses are much shorter time in deprecated
state where they cannot be utilized. This is important in Zephyr
as there are limited number of IPv6 addresses that can be allocated
to the network interface.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
We usually cannot use context->local for established TCP connections
because the local address is not updated for TCP if we are bound to
any address. So create helper that try to figure out the end point
addresses.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add support for IPv6 Source Address Selection defined in RFC 5014.
This commit does not add any address selection support to getaddrinfo()
as described in the RFC. The AI_EXTFLAGS symbol and also the ai_eflags
to hints is added but they are not used by the code.
The public/temporary address selection is only done internally by
the net_if_ipv6_select_src_addr_hint() according to flags set by
setsockopt().
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add reference counting to network interface address (for both
IPv4 and IPv6) so that the address is not removed if there are
sockets using it. If the interface address is removed while there
are sockets using it, the connectivity will fail for the said
socket.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add events to be generated when privacy extension is enabled
or disabled, or when allow/deny filter is added or deleted.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
If IPv6 privacy extension is enabled, then we need to select
proper public or temporary IPv6 source address when sending the
packet.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
This creates support for IPv6 privacy extensions which is described
in RFC 8981. This will also add API that can be used to add IPv6
prefixes to a allow or deny list privacy extension filter.
The code will create temporary IPv6 addresses from prefixes that
are advertised by Router Advertisement messages. The temporary
IPv6 addresses are then expired according to lifetime and removed.
Fixes#9349
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
This commit adds transmission of MLDv2 reports whenever a multicast
routing entry is added or removed when suitable (it checks if the
given interface itself has joined the group).
Signed-off-by: Konrad Derda <konrad.derda@nordicsemi.no>
This commit introduces a new option CONFIG_NET_MCAST_ROUTE_MLD_REPORTS
which appends multiacst routes to MLDv2 reports. These records are
intended to inform reports' recipients about potential listeners on
the other interfaces.
Signed-off-by: Konrad Derda <konrad.derda@nordicsemi.no>
The size field in net_buf should not be used directly as then
the optional headroom will not be taken into account.
There is the net_buf_max_len() API that should be used instead.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Due to recent changes in hostap to move few buffers from heap->stack (to
improve the reliability of allocations) this has increased the stack
size and with another recent change to increase the max polling sockets
this puts over the 4096 stack size for net_mgmt causing stack overflow.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
In case of successful submission, the reference shouldn't be put down,
this only should done on error cases.
As reference is put down on success, during the buffer unref, no action
is taken due to an uint8 overflow (ref is now 255), so, the buf->frags
isn't cleared properly and the next time the frags is used and when L2
inserts a second frag, the first head frag and next frag are same (due
to buffer re-use) causing an infinite loop in either net_buf_frag_last
or net_pkt_get_len.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
The IPv6 address lifetime timers are kept in a slist, but
the code that adds the entry to the list does not check
whether the item is already in the list. This will cause
problems when trying to remove the address from the list.
Normally this is not causing issues, but if the function
net_if_ipv6_addr_update_lifetime() is called multiple times
before the address expires, then the item was added to the
slist multiple times.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
In order to save memory, a single multicast routing entry now
contains configurable number of network interfaces.
Signed-off-by: Konrad Derda <konrad.derda@nordicsemi.no>
This commit adds a check to determine if the packet wasn't already
forwarded to a given interface.
Signed-off-by: Konrad Derda <konrad.derda@nordicsemi.no>
This commmit changes the way of iterating over multicast routing
entries from explicit for-loop to ARRAY_FOR_EACH_PTR().
Signed-off-by: Konrad Derda <konrad.derda@nordicsemi.no>
In case FIN packet included data bytes, Zephyr would ignore the
data. It wasn't passed to the application, and it wasn't considered
when bumping the ACK counter. This ended out in connection timing out,
instead of being properly terminated.
Fix this, by refactoring FIN processing in TCP_ESTABLISHED state.
Instead of handling FIN/FIN,ACK/FIN,ACK,PSH cases separately, have a
common handler when FIN flag is present, and when ACK flag is present
along with FIN. When FIN is present, take any potentially incoming data
into account.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Remove IPSP support from the tree.
It has no maintainers, and is regularly broken. The fact that it's
nontrivial to set-up in linux makes it hard to fix reported issues.
Signed-off-by: Jonathan Rico <jonathan.rico@nordicsemi.no>
Commit e99b5228a1 changed the default
networking behavior on qemu platforms, as the SLIP_TAP driver no longer
selected Ethernet L2. In results, qemu platforms in default
configuration had no network interface to work with.
Fix this, by restoring select for NET_L2_ETHERNET, but this time in
NET_SLIP_TAP. The difference is that SLIP_TAP is a generic driver
config, which could be enabled on any platform, so not changing the
behavior here, while NET_SLIP_TAP is a config dedicated for qemu only,
so it's reasonable to enable all that's needed to get SLIP to work with
qemu by default.
As there were circular Kconfig dependencies, move the respective qemu
configs outside of NET_RAW_MODE if block (as this caused the circular
dependency with ETH_DRIVER_RAW_MODE). Also, remove dependency to
NET_L2_BT, as it made little sense there, and also caused dependency
problems.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Running out of connection contexts is most likely due to app
misconfiguration, therefore it's useful to get an explicit information
that context allocation failed.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
If the packet cloning fails (can easily happen when working with
loopback interface and when having low net_buf count), then
print a warning to the user. Error could also be possible but
as the situation might correct itself in this case, the warning
should be enough.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
If we fail to join all nodes or solicit node multicast groups
when the interface is down, then there is no need to print an
error message. The groups are automatically re-joined when the
interface comes up.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
For debugging purposes it would be nice to see the verdict
printed as a string instead of number.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
This commit fixes an issue where due to inverted logic (static function
returned 0 on success but the caller expected true/false) the MLDv2
reports were silently dropped.
Signed-off-by: Konrad Derda <konrad.derda@nordicsemi.no>
Deprecate CONFIG_NET_TCP_ACK_TIMEOUT as it is redundant with the
combination of CONFIG_NET_TCP_INIT_RETRANSMISSION_TIMEOUT and
CONFIG_NET_TCP_RETRY_COUNT. The total retransmission timeout (i. e.
waiting for ACK) should depend on the individual retransmission timeout
and retry count, having separate config is simply ambiguous and
confusing for users.
Moreover, the config was currently only used during TCP handshake, and
for that purpose we could use the very same timeout that is used for the
FIN timeout. Therefore, repurpose the fin_timeout_ms to be a generic,
maximum timeout at the TCP stack.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Instead of having a single config specifying the memory pool size for
variable-sized net buffers, have a separate one for TX and RX for better
configuration granularity when optimizing memory usage of the
application.
Deprecate the old configuration but use its value as a default (for now)
for the new configs. This will need to change when the config is
deleted.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
If an IPv6 address was added to the interface while the
interface was down, its solicited node multicast address
is not joined properly and IPv6 communication will to
other hosts will fail. So make sure to rejoin all the
solicited node multicast groups that were joined already
when the network inteface is going up.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add debug information to print when the network L2 enable
callback is called and fails. Useful to see this information
as at that point the interface goes down.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Start any pending IPv6 DAD timers when interface comes up.
If IPv6 addresses have been added to the network interface when
it was down, the addresses would never work properly if the DAD
is not done.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Instead of printing just a network interface pointer, print
also the interface index so debugging is a bit faster as no
lookup from interface listing is needed.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
No need to do the checks any more because user has specified
the VLAN count and so many VLAN virtual interface are already
created.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
When setting a name to a network interface, verify that no other
interface has the same name as that would make very difficult to
select an interface by a name.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Refactor the IP tunneling support as the input callback was removed
in previous commit. The data will flow through the recv callback now
as expected.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The final ACK check during passive close was wrong - we should not
compare its SEQ number with the ACK number we've sent last, but rather
compare the ACK number it acknowledges matches our current SEQ number on
the connection. This ensures, that the ACK received is really
acknowledging the FIN packet we've sent from our side, and is not just
some earlier retransmission. Currently the latter could be the case, and
we've closed the connection prematurely. In result, when the real "final
ACK" arrived, the TCP stack replied with RST.
Subsequently, we should increment the SEQ number on the connection after
sending FIN packet, so that we are able to identify final ACK correctly,
just as it's done in active close cases.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Debugging IPv6 Neighbor Discovery issues requires to enable full IPv6
logs, which can get bloated given it provides logs for every single
packet. We should be able to focus on IPv6 ND logs only, hence introduce
a separate log module for IPv6 ND.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
IGMP queries sent out by a proxy querier can have
a source IP address 0.0.0.0
Allow these incoming packets.
Fixes#69917
Signed-off-by: Savin Weeraratne <savin.weeraratne@audinate.com>
When we receive Router Advertisement with life time,
we will add this as default router, like typing command "net iface"
and has show below
IPv6 default router :
fe80:xxxx::xxxx
When this default router is backend A and
we ping backend B with link local address,
we will use default router A and send echo request
to backend A instead of B, which will receive Redirect and no reply.
Fix it by link local address does not check route.
Signed-off-by: Fengming Ye <frank.ye@nxp.com>
Debug logs in helper functions like tcp_unsent_len() or
tcp_window_full() are not very helpful and generate a heavy, unnecessary
log output. Therefore, tcp_unsent_len() will no longer generate log, and
tcp_window_full() will print out a log only when the window is actually
full, which could be an useful information.
Also, reduce the log load during TX, as currently redundant logs were
printed in tcp_out_ext(), tcp_send_process_no_lock() and finally in
tcp_send().
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
If send the igmp packet when lower interface is down, the packet will be
freed twice and show error log. Remove the net_pkt_unref in igmp_send(),
and let the caller free it.
Signed-off-by: Maochen Wang <maochen.wang@nxp.com>
