=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/74.html,v retrieving revision 1.66 retrieving revision 1.67 diff -c -r1.66 -r1.67 *** www/74.html 2023/10/14 16:02:49 1.66 --- www/74.html 2023/10/14 17:21:15 1.67 *************** *** 604,613 ****

Changes in the network stack:

In pf(4), - when redirecting locally generated IP packets to - userland with divert-packet rules, the packets may have no checksum - due to hardware offloading. Calculate the checksum in that case.
Sync the use of getuptime(9) in the Neighbour Discovery (ND) code with ARP. --- 604,609 ---- *************** *** 625,633 **** neighbor advertisement, as described in RFC9131, to the all-routers multicast address so all routers on the same link will learn the path back to the address. -
In pf(4), - relax the implementation of the "pass all" rule so all - forms of neighbor advertisements are allowed in either direction.
Inbound portion of RFC9131. Routers can create new neighbor cache entries when receiving a valid Neighbor Advertisement.
Implement RFC9131 and create new neighbor cache entries --- 621,626 ---- *************** *** 638,659 **** software, but pass it down to the interface layer. Add sysctl(8) net.inet.tcp.tso.
Do not calculate IP, TCP, UDP checksums on loopback (lo(4)) interfaces. -
Fix a bug in pf(4) - where nat-to clould fail to insert a state - due to conflict on chosen source port number.
Implement TCP send offloading, for now in software only. This is meant as a fallback if network hardware does not support TSO.
Use TSO (TCP Segmentation Offload) and LRO (Large Receive Offload) on the loopback interface to transfer TCP faster,
Fix path MTU discovery for TCP LRO/TSO when forwarding. when tcplro is activated on lo(4). !
Close all pf(4) transactions before opening a new one when ! retrieving the ruleset. Fixes leaking transactions which can be ! problematic when processes run a long time. Introduce a new ioctl ! DIOCXEND in pf(4) so applications such as snmpd(8) and systat(1) can ! safely retrieve rules. !
Close all pf(4) ! transactions before opening a new one when
Convert the tcp_now() time counter to 64 bits to avoid 32 bits wrap around after changing tcp_now() ticks to milliseconds. --- 631,667 ---- software, but pass it down to the interface layer. Add sysctl(8) net.inet.tcp.tso.
Do not calculate IP, TCP, UDP checksums on loopback (lo(4)) interfaces.
Implement TCP send offloading, for now in software only. This is meant as a fallback if network hardware does not support TSO.
Use TSO (TCP Segmentation Offload) and LRO (Large Receive Offload) on the loopback interface to transfer TCP faster,
Fix path MTU discovery for TCP LRO/TSO when forwarding. when tcplro is activated on lo(4). !
Speed up the ! ioctl(2) request ! DIOCGETRULE ! such that pfctl(8) ! can retrieve all pf(4) ! rules from the kernel in linear rather than in quadratic time. ! To protect the kernel from memory exhaustion, ! userland processes now have to release tickets obtained with ! DIOCGETRULES ! by issuing the new ! ioctl(2) request ! DIOCXEND. ! In particular, snmpd(8) ! and systat(1) ! now do that. !
In pf(4), ! relax the implementation of the pass all rule so all ! forms of neighbor advertisements are allowed in either direction. !
In pf(4), ! when redirecting locally generated IP packets to userland with ! divert-packet rules, the packets may have no checksum ! due to hardware offloading. Calculate the checksum in that case. !
Fix a bug in pf(4) ! where nat-to could fail to insert a state ! due to conflict on chosen source port number.
Convert the tcp_now() time counter to 64 bits to avoid 32 bits wrap around after changing tcp_now() ticks to milliseconds. *************** *** 828,836 **** rad(8), update the default timers for prefix preferred and valid lifetimes to use the values from RFC 9096. -
In pfctl(8), - speed up how pf(4) - rules are retrieved from the kernel.
In slaacd(8), remove artificial limit of 2 hours on a PIO lifetime.
Make ypldap(8) --- 836,841 ----