summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorYuxiang Zhu <vfreex@gmail.com>2022-07-09 17:38:29 +0800
committerGitHub <noreply@github.com>2022-07-09 11:38:29 +0200
commit07a4920b17c3741b50ffcb596d4433b54f7e529e (patch)
tree9b1a886424fe862b31bfd612cf3944b30bfc73ba /src
parent0e761c303145d2440a9ecd730c530333ef7b777f (diff)
downloadvyos-1x-07a4920b17c3741b50ffcb596d4433b54f7e529e.tar.gz
vyos-1x-07a4920b17c3741b50ffcb596d4433b54f7e529e.zip
ip: T4517: add option to enable directed broadcast forwarding
Directed broadcast is described in rfc1812#section-5.3.5.2 and rfc2644. By default Linux kernel doesn't forward directed broadcast packets unless both of `/proc/sys/net/ipv4/conf/all/bc_forwarding` and `/proc/sys/net/ipv4/conf/$iface/bc_forwarding` are set to 1.
Diffstat (limited to 'src')
-rwxr-xr-xsrc/conf_mode/system-ip.py5
-rw-r--r--src/etc/sysctl.d/30-vyos-router.conf6
2 files changed, 11 insertions, 0 deletions
diff --git a/src/conf_mode/system-ip.py b/src/conf_mode/system-ip.py
index 05fc3a97a..a0e1e0e50 100755
--- a/src/conf_mode/system-ip.py
+++ b/src/conf_mode/system-ip.py
@@ -64,6 +64,11 @@ def apply(opt):
value = '0' if (tmp != None) else '1'
write_file('/proc/sys/net/ipv4/conf/all/forwarding', value)
+ # enable/disable IPv4 directed broadcast forwarding
+ tmp = dict_search('disable_directed_broadcast_forwarding', opt)
+ value = '0' if (tmp != None) else '1'
+ write_file('/proc/sys/net/ipv4/conf/all/bc_forwarding', value)
+
# configure multipath
tmp = dict_search('multipath.ignore_unreachable_nexthops', opt)
value = '1' if (tmp != None) else '0'
diff --git a/src/etc/sysctl.d/30-vyos-router.conf b/src/etc/sysctl.d/30-vyos-router.conf
index e03d3a29c..4feb7e09a 100644
--- a/src/etc/sysctl.d/30-vyos-router.conf
+++ b/src/etc/sysctl.d/30-vyos-router.conf
@@ -27,6 +27,12 @@ net.ipv4.conf.all.arp_announce=2
# Enable packet forwarding for IPv4
net.ipv4.ip_forward=1
+# Enable directed broadcast forwarding feature described in rfc1812#section-5.3.5.2 and rfc2644.
+# Note that setting the 'all' entry to 1 doesn't enable directed broadcast forwarding on all interfaces.
+# To enable directed broadcast forwarding on an interface, both the 'all' entry and the input interface entry should be set to 1.
+net.ipv4.conf.all.bc_forwarding=1
+net.ipv4.conf.default.bc_forwarding=0
+
# if a primary address is removed from an interface promote the
# secondary address if available
net.ipv4.conf.all.promote_secondaries=1