Add support for IP_LOCAL_PORT_RANGE socket option. The option
supports both IPv4 and IPv6 sockets although the type is IPPROTO_IP.
The option can be used to enforce the ephemeral port number selection
to be in certain range.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Make sure that we cannot connect to IPv4 multicast or broadcast
destination address for a TCP socket.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
This is helper is only needed in socket multicast interface selection
where we need to get one address from the interface so that it will
tell (when getsockopt() is used), the interface IPv4 address where
multicast packets will be sent. This is private function which is not
needed in public headers so place the prototype to net_private.h file.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Do the selection same way as in IPv6 so that if user supplies
unspecified destination address, the default interface is selected
the same way.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Some of the network tests require that source and destination
addresses are not swapped so allow test to control the address
swapping from the test.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
After we take the true MTU into account, we need to send proper
number of bytes (multiple of 8) in one IPv6 fragment.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
If PMTU is enabled, then use the MTU value from it instead of always
using network interface MTU.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
If PMTU is enabled, then use the MTU value from it instead of always
using network interface MTU.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add IPV6_MTU IPv6 socket option and implement getsockopt() and
setsockopt() calls for the option.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add IP_MTU IPv4 socket option and implement getsockopt()
call for the option. The IP_MTU option does not support
setsockopt() call.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Send a network management event for a changed path MTU value.
Both IPv4 and IPv6 have their own events as we cannot mix these
because how the network event numbering space is implemented.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Catch "Destination Unreachable" ICMPv4 messages and update PMTU for
a given destination IPv4 address.
Use that PMTU when sending data to the destination.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Show information whether PMTU is enabled or not.
Show pmtu destination cache content with "net pmtu"
command. The "net pmtu flush" can be used to clear the
cache.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Catch "Packet Too Big" ICMPv6 messages and update PMTU for
a given destination IPv6 address.
Use that PMTU when sending data to the destination.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Print more cases when the packet is dropped, and also print
the upper layer verdict for the packet.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
This adds generic code that can be used by both IPv4 and IPv6
Path MTU Discovery mechanism. The actual PMTU support for each
protocol family is in subsequent commits.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
This implements support for RFC 7217 which describes a method
to have stable IPv6 Interface Identifiers to be used with IPv6
Stateless Address Autoconfiguration (SLAAC). The stable IIDs are used
to provide enhanced privacy so that an IPv6 address configured using
this method is stable within each subnet, but the corresponding
Interface Identifier changes when the host moves from one network
to another. This method is meant to be an alternative to generating
Interface Identifiers based on hardware (MAC) addresses,
such that the benefits of stable addresses can be achieved without
sacrificing the security and privacy of users.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
If trying to parse a string like 192.0.2.2:80/foobar and
setting the length to 12 which means to parse the IP address
and port, the parsing failed because it used one extra character
from the string. This issue was not present if the input string
was terminated after the port number.
Add a test case to catch this problem.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
If we could not fragment the IPv6 packet, then drop it and do
not try to send it. Let the upper layer re-send the packet if
needed. It is causing more trouble if we try to send the packet
and not honor the MTU setting.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
If we could not fragment the IPv4 packet, then drop it and do
not try to send it. Let the upper layer re-send the packet if
needed. It is causing more trouble if we try to send the packet
and not honor the MTU setting.
Fixes#81021
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The second condition needs to check ARP probes only
The ACD is not properly implemented as described in RFC5227 ch. 2.1.1
The implementation incorrectly detects an IP conflict, if an ARP request
is received for the target IP.
The reason is that the current implementation checks for ARP requests
instead of ARP probes.
Signed-off-by: Andreas Huber <andreas.huber@ch.sauter-bc.com>
Originally, the net_mgmt task priority is very low. Based on roaming
implementation, roaming is triggered in net_mgmt task. When running UDP
test while doing roaming, the net_mgmt task won't have much chance to
run and roaming can't be triggered.
Increase it to 3, which is same value of supplicant task.
Signed-off-by: Hui Bai <hui.bai@nxp.com>
If CONFIG_NET_PKT_ALLOC_STATS is enabled, then "net mem" command
can show net_pkt allocation statistics like succeed / failed
allocation counts, average sizes and allocation time.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Add igmp.h file to declare definitions for IGMP that are not meant te be
included by the application but can be used in e.g. tests.
Signed-off-by: Ibe Van de Veire <ibe.vandeveire@basalte.be>
According to RFC2236 section 2.5, the IGMP message may be longer then 8
bytes. The rest of the bytes should be ignored.
Signed-off-by: Ibe Van de Veire <ibe.vandeveire@basalte.be>
The header length of the net ip packet was calculated using only the
net_pkt_ip_hdr_len function. The correct header length should be
calculated by adding net_pkt_ip_hdr_len and net_pkt_ipv4_opts_len. This
resulted in an incorrect IGMP version type in case of IGMPv2 message
(when IGMPv3 was enabled). The IGMP message was not parsed correctly and
therefore dropped.
Signed-off-by: Ibe Van de Veire <ibe.vandeveire@basalte.be>
IPv6 based interface lookups doesn't require native IP stack support,
hence reflect that in the API.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
IPv6 MLD API was so far defined in an internal header. This does not
seem correct though, as application code should be able to join/leave
multicast groups, hence the API should be exposed in a public header,
just as it is done for its IPv4 countepart - IGMP.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Net offloading doesn't need net TC threads to be enabled as they're used
by the native stack. This fixes build if CONFIG_NET_OFFLOAD is enabled
but native stack is disabled.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
In case NET_NATIVE is disabled, certain network stack components do not
need to be compiled. Otherwise, they could throw errors if
--no-gc-sections compiler options is enabled.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
The stack size for the event_mon_stack task may need to be larger than the
default 1024 to avoid crashes. It should be configurable through Kconfig
so that source code doesn't need to be modified to increase it.
Signed-off-by: Dave Rensberger <davidr@beechwoods.com>
A null check for the TCP connection `conn` was added at the start of
the function, but the previous checks were not removed, leading to
a redundant null check, which is unnecessary.
Signed-off-by: Pisit Sawangvonganan <pisit@ndrsolution.com>
Resetting the connect semaphore from tcp_conn_unref() prevents the
ref/unref mechanism from being used freely when needed. Therefore, move
the code responsible for resetting pending connection to
tcp_conn_close() (called only when the connection is being closed on
behalf of the TCP stack, for instance due to RST being received) and to
net_tcp_put() (connection closed on behalf of the application).
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
It is possible that TCP connect() will fail if for example network
interface does not have IP address set. In this case we close
the connection during net_tcp_connect() but do not set the return
code properly. This looks in the application like the connection
succeeded even if it was not.
As the tcp_in() call in net_tcp_connect() might close the connection,
we just take extra ref count while calling tcp_in(). Otherwise we
might access already freed connection.
Before the fix:
net_tcp_connect: context: 0x80757c0, local: 0.0.0.0, remote: 192.0.2.2
net_tcp_connect: conn: 0x8087320 src: 0.0.0.0, dst: 192.0.2.2
tcp_in: [LISTEN Seq=1604170158 Ack=0]
tcp_conn_close_debug: conn: 0x8087320 closed by TCP stack (tcp_in():3626)
tcp_conn_close_debug: LISTEN->CLOSED
tcp_conn_unref: conn: 0x8087320, ref_count=1
net_tcp_connect: conn: 0x8087320, ret=0
After the fix:
net_tcp_connect: context: 0x80757c0, local: 0.0.0.0, remote: 192.0.2.2
net_tcp_connect: conn: 0x8087320 src: 0.0.0.0, dst: 192.0.2.2
tcp_conn_ref: conn: 0x8087320, ref_count: 2
tcp_in: [LISTEN Seq=1604170158 Ack=0]
tcp_conn_close_debug: conn: 0x8087320 closed by TCP stack (tcp_in():3626)
tcp_conn_close_debug: LISTEN->CLOSED
tcp_conn_unref: conn: 0x8087320, ref_count=2
net_tcp: tcp_conn_unref: conn: 0x8087320, ref_count=1
net_tcp: net_tcp_connect: conn: 0x8087320, ret=-128
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The IPv6 branch of net_tcp_endpoint_copy() was accidentally made
conditional on CONFIG_NET_IPV4 rather than CONFIG_NET_IPV6.
Signed-off-by: Ben Wolsieffer <benwolsieffer@gmail.com>
If DNS statistics is enabled in Kconfig, then start to collect it.
This is useful in order to see how many DNS requests/responses
received or sent, and also see the amount of dropped DNS packets.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Make sure we check the checksum offloading capabilities correctly
for VLAN interfaces. Use the real Ethernet interface when doing the
check.
Fixes#78724
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
User can set CONFIG_NET_SHELL_SHOW_DISABLED_COMMANDS=n to prevent
unused net-shell commands from showing. This can save flash as
the disabled commands will not be shown in net-shell listing.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
It shouldn't be needed to enable native networking to be able to
add/delete IP addresses on network interfaces.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
IPv4 Kconfig options which only affect native IPv4 stack should be
dependent on NET_NATIVE_IPV4, similarly as it's done for IPv6.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Running IPv6 on STM32H743 using eth_stm32_hal I had to extend
the timeout between the attempts to send Router Solicitation packets
from 1 second to 2 seconds. Else it looked liked the packet never
got sent (checked using tcpdump).
Signed-off-by: Stefan Petersen <spe@ciellt.se>
Deadloop happens when CONFIG_NET_ROUTING and VLAN are enabled.
In function net_ipv6_prepare_for_send(), pkt->iface will be
updated with net_pkt_set_iface(pkt, iface) in 2 scenarios:
1. ip_hdr->dst is onlink
2. check_route or nbr_lookup
VLAN is virtual-iface which attaches to a physical-iface. Each
time a packet being sent to a VLAN port will invoke twice of
the net_send_data(). The 1st time, pkt->iface is set to virtual
iface and the 2nd time to physical iface.
However in above 2 scenarios, at the 2nd time of calling the
net_send_data(), the pkt-iface will be changed back to virtual
iface. The system runs into a deadloop. This can be proved by
enabling CONFIG_NET_ROUTING with the VLAN sample.
The main purpose for net_ipv6_prepare_for_send() is to set the
right ll_dst address. If the ll_dst address is already set, then
no need to go through it again. If the packet has done with the
forwarding and set the ll_dst, then no need to check_route again.
And, the pkt->iface will not be changed back to virtual iface.
Fixes: #77402
Signed-off-by: Shrek Wang <shrek.wang@nxp.com>
