Hey Folks,

Here we are for the fourth Weekly Network Status Update. The big changes last week in the report were streaming of the writing process and sharing the reports on the freebsd-net and freebsd-current mailing lists.

Thanks to everyone that sent me emails with positive feedback or corrections. All feedback is appreciated, it helps me know if anyone is reading these and it keeps me honest.

Next week there will hopefully be some supporting figures giving a summary of over all changes. I have written the svg and gotten awk making stuff up for me, I just need to get awk generating svg.

Goings on

The bugzilla storm continues, from my reading of my inbox it looks like others have gotten involved tidying up old bugs too. It is great to tidy up the bug tracker, but I'm going to continue waiting a bit before I write the tooling to cover new and changed bugs here. Maybe in a week or two.

I didn't get any feedback on writing tooling against phabricator, I think I'll pull interesting reviews into my notes. From a read this morning there wasn't anything particularly stand out to include. If you want to know whats going on you can look for reviews with #netdev and #transport groups.

Fall 2024 FreeBSD Summit

On the 7th and 8th of November 2024 there will be a FreeBSD Summit kindly hosted by NetApp in their San Jose campus.

So far the program includes:

    - Pawel Dawidek, Fudo Security on "FreeBSD Security Improvements"
    - Dorr Clark, NetScaler on “Using FreeBSD in Products"
    - George Neville-Neil on "OSDB: Turning the Tables on Kernel Data"
    - Dr. Marshall Kirk McKusick on “History of the BSD Daemon”
    - And more!

The summit is open to the public, with a registration fee of US $150.

Registration and event information is available here:

Performance issues with vnet jails + epair + bridge

There has been some discussion on the freebsd-net mailing about performance issues with VNET jailed applications. The conversation started in September, cc@ has made some points about the performance methodology. I have encountered this problem, TCP single flow over bridge for me stops at 2.5Gbit/s (on a machine that will do localhost TCP single flow at ~40Gbit/s). The issue is real, but we lack comparisons to other platforms to really motivate improvements.

https://lists.freebsd.org/archives/freebsd-net/2024-September/005510.html

FreeBSD 14.2 Code Slush in Effect

It used to be the case that FreeBSD frozen branches in advance of a release, the freeze was led into by a 'slush' phase where only 'safe' commits were wanted. The Slush phase has started for the 14.2 release. Time to get things MFC'd if you want them in 14.2.

Transport

Netdev

Lots of commits to update the EC2 Elastic Network Adapter by osamaabb@ updating the ena(4) driver to v2.8.0 (and through version v2.7.0 ). Here is one of them:

• ce4cc746bb41 ena: Update driver version to v2.8.0

peterj@ has been working improving support for the Quartz64 SBC and as part of that is fixing things in eqos(4) .

• bf8d4cfe347b eqos: Fix group address filtering.

More updates to Intel network drivers, with igc(4) getting improved AIM mode support (as igb(4) did last week.

• 7763b194d8de igc: txrx function prototype cleanup
• 9dc452b983f0 e1000: txrx function prototype cleanup
• 1b0e41ddffbf igc: Function prototype cleanup
• 542f5d56317e igc: Rename 'struct adapter' to 'struct igc_softc'
• 09526a771afc igc: Add sysctls for some missing MAC stats
• 68b1f5dc5936 igc: Add sysctl for DMA Coalesce
• 669d26e5764f igc: Want AIM at 2.5G
• 516d92304a7f igc: Improve a comment and update copyright dates MFC after: 1 week
• bc9402abdd11 igc: Add AIM

The CFT closed on the axgbe(4) promisc mode change and landed in the tree.

• c7a2636889a6 axgbe: Fix setting promisc mode

Netmap buffer pools have been made NUMA-aware, this may help with performance on systems with multiple memory domains as the buffer locality should be much better.

• 1bae9dc58427 netmap: Make memory pools NUMA-aware

Over in WiFi land rtw89 was turned on after 2 years of being in the tree thanks to improved testing from a group of users.

• 310c31d3f04e rtw89: add man page and hook driver up to the build
• ce15215befa1 rtw89: add missing bsddriver.name assignments for two chipsets
• 7ff12dd25ada rtw8xfw: remove module build dirs for firmware long gone

Updates in the LinuxKPI layer to support updates in iwlwifi

• fa81baa307da LinuxKPI: add cleanup.h for guard DEFINE_GUARD/guard.
• 6621842ccfb4 LinuxKPI: add new dummy headers visibility.h and of_net.h
• 41283b454b7a LinuxKPI: always include linux/kconfig.h
• 8f9567628cb2 LinuxKPI: add time_is_before_jiffies()
• 96190b4fef3b LinuxKPI based WiFi drivers: scripts to extract fwget(8) and port details
• 157e93e0e813 LinuxKPI: pci: rename PCI_IRQ_LEGACY to PCI_IRQ_INTX
• 105331f658e2 LinuxKPI: netdevice: add alloc_netdev_dummy()
• b4c8f251d65f iwlwifi: FreeBSD specific sysctl export update

Minor man page changes, for users this rearranges the HARDWARE section which is an excellent source of truth when trying to buy things.

• fa573868f187 wpi.4: move hardware to HARDWARE + minor cleanup
• 545dbf9d5fad iwn.4: move hardware to HARDWARE + minor cleanup
• 5dbb0b7c19cf man.4: Add .Sh HARDWARE for some wireless drivers for release notes
• 5c59e40bc419 wpa_supplicant: xref relevant wpa_passphrase(8)

Firewalls

The divapp tool for testing divert sockets has been moved from pf specific into the more general netpfil tests area. And divert tests added for ipfw.

• b3e7d4b67ce6 tests: Fix style of netpfil/common/divapp.c
• 9b86b272bfdb tests: Move netpfil/pf/divapp to netpfil/common/
• cc7ec8fe3bca ipfw tests: Add basic coverage of divert(4) use cases

The Scapy port update broke some tests so those needed to be updated:

• 9cd6ab45a446 pf tests: disable epsv for the ftp proxy test
• 2e13459e2aa4 pf tests: fix plfow:v6 after scapy-2.6.0 update
• 9c125336727b pf: convert DIOCGETSRCNODES to netlink
• e85d2c1b0e10 pf: ensure pd->src/pd->dst are valid
• 6b8096fa5f6f netpfil tests: skip checksum verification in pft_ping.py

User Tooling

Ping continues to be an incredibly difficult piece of software to work on. Ping is going to get support for non-root users to control the size of the ICMP request (as it can on other platforms).

• b88df1e893c4 Reapply "sbin/ping: allow normal users to specify larger packets"
• 2926c2594249 ping tests: fix for scapy-2.6.0
• 7bc0cb91a2df Revert "sbin/ping: allow normal users to specify larger packets" It is causing test failures.
• 80a5b26871e9 sbin/ping: allow normal users to specify larger packets

Libxo is a flexible way of generating machine readable output from Unix tools and subsystems, many more tools got complete libxo support this week, here are some to the network tools:

• 95968ea7ec8f netstat(1): Complete libxo transition
• 54ff53d89015 ndp(8): Complete libxo transition
• 417842f90861 arp(8): Complete libxo transition

Other Interesting Changes

I added this section this week because there were quite a few interesting changes going by that weren't networking specific, but still might be of interest.

A new bsd release!

• bdbf50660c51 bsd-family-tree: add macOS 15

Back in July ISA device hints were changed, but the UPDATING message was missed. It is here now:

• 63e282288ed8 UPDATING: Add belated note about hints for old-school ISA devices

In advance of OCI support on FreeBSD, change the name of OCI to ORACLE. That first OCI is Open Container Initiative and the second one is Oracle Cloud Infrastrcuture - simple.

• 1be84d745bcc release: move OCI to ORACLE

Please Send Feedback

This weeks report took much longer to write because I was speaking to/at the kind people that joined the stream. Thanks for kp@ and mgdm for keeping me company.

I would love to know if this summary was any help, if it was, or if you think I should cover other thing please let me know (thj@freebsd.org).

If you find a typo or have a correct let me know and I'll thank you at the end here.

You can see all prior posts here. ( rss )

My work on FreeBSD is supported by the FreeBSD Foundation , you can contribute to improving FreeBSD with code, documentation or financially by donating to the FreeBSD Foundation .

I thought it would be a lot of fun to run Dwarf Fortress on the Pinebook Pro. Take this deceptively CPU intensive game, run it via a amd64->arm64 translation layer on a mediocre SOC.

df has a native Linux build which is nice to avoid too much translation (WINE is never fun to configure), so this seem straight forward. I will save you the details, but this resulted in a Pinebook Pro with neither X or WiFi drivers installed.

apt is a hell of a drug.

FreeBSD has as Linux Compat layer , maybe getting df running on FreeBSD would be relatively easy?

No.

The packaged CentOS layer seems to be EOL and I'm not sure what is coming next. I wasn't able to figure out easily how to get SDL2_image to be picked up. There are still lots of linker references to libmd 6 floating around and that was enough hassle.

Searching packages I stumbled onto this gem, linux-dwarffortress .

Is running df on FreeBSD easy?

Yes!

$ sudo pkg install linux-dwarffortress
$ dwarffortress

It is version 0.47.05 from back in 2021, but that is good enough for me.

I will try box64 on Linux when the Pocket Reform eventually shows up.

Hey folks, here we are rounding out another week of development. This Network Status Report is an experiment I am making on documenting what has been happening in the FreeBSD network stack by generating reports with the help of some simple tooling. This is the third such report, but the first one I've really told anyone about.

The previous reports are available here , some context and goals are available in the first weeks report .

A big change for this week is streaming of the report writing process. I'm hoping that by being more open about this there will be a weekly chance for community engagement - at least for people that like the network stack.

Goings on

Since last week I have integrated collating notes into my tooling (and if you consumed the stream broke the script a little). This means I can capture things going by on the mailing lists more easily for discussion later.

The bugzilla storm continues, when it starts to slow down I'll review pulling in interesting bugs.

What I want from reviews and bugs is a list of interesting things in the last week. That might be new items, but it is also likely to be items that have had a change in the last week, lots of comments, or have finally closed. Landing commits aren't so interesting. I think I have the bugzilla query sorted out, but I cannot for the life of me get sense from the phabricator API.

If you can generate queries that sort of match what I want AND they will give me plain text summaries as helpful as a git --oneline I'd love to see them.

Fall 2024 FreeBSD Summit

On the 7th and 8th of November 2024 there will be a FreeBSD Summit kindly hosted by NetApp in their San Jose campus.

So far the program includes:

• Pawel Dawidek, Fudo Security on "FreeBSD Security Improvements"
• Dorr Clark, NetScaler on “Using FreeBSD in Products"
• George Neville-Neil on "OSDB: Turning the Tables on Kernel Data"
• Dr. Marshall Kirk McKusick on “History of the BSD Daemon”
• And more!

The summit is open to the public, with a registration fee of US $150.

Registration and event information is available here:

axgbe CFT

zlei@ has an open call for testing for come changes to the axgbe driver. This changes how the axgbe driver handles the promisc flag, zlei@ doesn't have hardware available to test. If you use axgbe then you should test and report results on the phabricator review.

https://reviews.freebsd.org/D46794

Transport

Oddly not TCP caught in my filter this week, but there have been some improvements around the SCTP API.

• 4466a97e83fd sctp: check locking requirements
• e1a09d1e9df3 sctp: make sctp_free_ifn() static
• 2e9761eb80f3 sctp: cleanup sctp_delete_ifn
• 91a9e4e01dab sctp: propagate cap rights on sctp_peeloff
• e4550c9aa06a capsicum-test: include SCTP tests
• 1d83090d850f capsicum-test: skip SCTP tests if SCTP not available

tuexen@ has been doing some review of locking and socket options. Generally the socket layer is quite complex, getting this right is difficult.

• 3326ab87cc22 getsockopt: improve locking for SOL_SOCKET level socket options

Netdev

kbowling@ MFC'd a lot of stuff from the Intel driver changes we covered the past two weeks. That is great news if you are on a stable branch of FreeBSD.

A big change is the re-addition of Adaptive Interrupt Mode for the e1000 series NICS (including lem , em and igb ). AIM gives a balance between latency when there are relatively low packet rates and performance when the link is very busy.

In most cases kbowling@ says:

this might be worth a few sys% on common CPUs, but may be meaningful when
multiplied such as if_lagg, if_bridge and forwarding setups.

• 3e501ef89667 e1000: Re-add AIM

In WiFi land bz@ landed a nice rtw89 panic fix:

• 41b746e05231 LinuxKPI: 802.11: fix ieee80211_schedule_txq() to avoid rtw89 panic

And we see some other bits of tidying up in cxgbe , mlx5 and iflib .

• 8e5b07dd0885 mlx5_ipsec: add enough #ifdef IPSEC_OFFLOAD to make LINT_NOIP compilable
• 2851aafe96c1 mlx5 ipsec_offload: ensure that driver does not dereference dead sahindex
• 52e5a66eac22 cxgbe(4): Use correct synchronization when marking the adapter offline.
• 816100089283 iflib: Make iflib_stop() static

Firewalls

A mixture of tidy ups with several changes coming through from OpenBSD. If I were to guess (and I am!) many of these are from presentations and conversations at EuroBSDCon. If I were to ask kp@ he would tell me this was part of an ongoing continuous maintenance project sponsored by Netgate.

• 8978a080cfa7 pf: remove redundant arguments to pf_state_key_addr_setup()
• 9a405864e0cf pf: move the mbuf into struct pf_pdesc too
• 08b53c6efcae pf: remove switch (af) default cases
• b4a42589116b pf: put kif into struct pf_pdesc
• 739731b8ca80 pf: consolidate pf function parameters
• 9414b8dbf1e4 pf: unify some IPv4/IPv6 code in pf_setup_pdesc()
• 05896f1ef8be pf: move pf_test_rule() out of pf_setup_pdesc()
• abc8996e7fa6 pf: deduplicate IPv4 and IPv6 code that handles fragments
• 5de77e952a2f pf: remove the last hand-rolled IPv6 extension header loop
• 7b033960e15a pf: stricter address family checks in icmp-in-icmp
• 5c3d74eca642 pf: add ttl to pf_pdesc
• 7d0f8cd93bce pf: ensure that we won't enter an endless loop
• 8de7f8ed5eef pf: reduce IPv6 header parsing code duplication
• 6562157dfad0 pfctl: avoid possible SIGSEGV when wrong tos option
• ee9f418c8041 pfctl: correctly print skip steps in -vv mode
• d01949e8a210 pf.conf.5: sync documentation with code on the matter of max state limit behavior
• 34aa6f2c2db5 pflogd: Move struct definitions out of header file

And the continued netlinkification of pf .

• 48f5bf8be6fa pf: convert DIOCGETRULESET to netlink
• 25e0f8f99f54 pf: convert DIOCGETRULESETS to netlink

igoro@ made some tidy up commits to dummymbuf. While I have seen commits go by I hadn't looked into dummymbuf(4) yet. This is test kernel module for unusual mbuf layouts which hooks into the pfil (firewall) layer.

• dfcb8de5ef80 dummymbuf: Log the entire rule set if no delimiters are present
• 6bd8d85579a1 dummymbuf: Fix code style
• 9f146a81d2b3 dummymbuf: Validate syntax upon write to net.dummymbuf.rules sysctl

For continued compatibility with libpcap some struct definitions for pflogd were moved out of the header file, preventing others from using them.

User Tooling

Fix stopping sendmail during shutdown.

• 8751fbe36ff0 rc.d/sendmail: Fix stopping service during shutdown

And finally a big change to kyua, skipped tests no longer report as passing.

• 99689201a1eb kyua: Do not count skipped as passed in test cmd

Please Send Feedback

As with last week are are at ~50 minutes as I get to this part of the report.

I am going to disseminate this one much further, probably to the freebsd-net and current mailing lists.

I would love to know if this summary was any help, if it was, or if you think I should cover other thing please let me know (thj@freebsd.org).

If you find a typo or have a correct let me know and I'll thank you at the end here.

• Boris asked for there to be an rss feed, so there is now one here
• Graham Perrin hight lighted a typo in the tags ( tags->tag ) link.
• Jim Thompson told me off for guessing.

You can see all prior posts here. ( rss )

My work on FreeBSD is supported by the FreeBSD Foundation , you can contribute to improving FreeBSD with code, documentation or financially by donating to the FreeBSD Foundation .

Here we are for round 2, last weeks report can be and a little context found here: FreeBSD Network Status Week 39 2024 .

All of the reports so far are available via the networkstatus tag on my blog.

Goings on

Since last week I haven't touched any of the tooling, I have been busy doing something else and it is a good exercise in making these reports "minimal touch". There are some manual edits in the generated template I have had to make today which I will roll into the generation script.

I do read my email (no matter what I might claim) so most commits going by aren't completely new to me.

I am yet to add tooling for getting reviews and interesting bugs, reviews I'm not sure how to figure out as phabricator doesn't have a friendly API. My email contains everything in #transport , #network and #wireless so worst case I just read from email.

Bugzilla has a useable API, Mark Linimon (linimon@) is doing a heroic review of old bugs and squashing those which are out of date. That might be important for you for two reasons, if you have an old bug you care about you should respond to the bug email or it'll be closed and it makes a search of the form "what changed in the last week" far too noisy to interpret right now.

I still plan to include bugs and reviews though.

One point of discussion this week was support of NOINET6 in the kernel build. Users reported that NOINET6 build has been failing due to some changes in pf and two questions were raised. Why are you disabling IPv6 is left for a higher power to explain. Support for non-standard kernel builds is going to get a statement in the handbook or similar to clarify how what is expected of users and developers when running something other than GENERIC.

Anyway, what has been going on in the network stack this week?

My log command

git log --format="%h" --after="last week" --before="now"

found 133 commits from which I thought 39 were relevant for this update.

Transport

The regular #transport meeting occured yesterday . I think a good summary of the meeting and the last week of commits is covered by the second commit in my list 'small cleanup'. The #transport group make continual progress and this call is tracking a few longer running reviews.

• 519981e3c09c tcp_output: Clear FIN if tcp_m_copym truncates output length
• 2eacb0841c7d tcp: small cleanup
• 57671d5ccc81 tcp: further cleanup old options
• 01eb635d1295 tcp: improve mbuf handling when processing SYN segments
• a2e4f45480c2 tcp: whitespace cleanup
• cbc9438f0505 tcp: improve ref count handling when processing SYN

I took the call as an opportunity to ask about netdump performance having done one for the first time. teuxen@ made some debugging suggestions and in email after the call we think performance should be ok on 'data center' links. Certainly better than the 5Mbit/s I saw in my test. I will do some more investigation once my current project starts generating enough crash dump to be a problem.

Netdev

Last week saw a flurry of driver updates, this week looks to just be follow ups to that work. Some commits to the Intel driver which were updated last week:

• 33ed9bdca307 igc: Add NVM/firmware prints and sysctl
• a40ecb6f7405 igc: Remove non-existent legacy absolute and packet timers
• 1e3b1870ad2a ixgbe: Switch if_sriov read/write back to ixgbe_mbx APIs
• 911b3c3aa648 Revert "e1000: Remove redundant EITR shift from igb"
• 26439b57877c e1000: Remove redundant EITR shift from igb
• 9bf9164fc8aa e1000: Clean up ITR/EITR in preparation for AIM

And some tidy ups in other places:

• 7643141e9314 if_enc(4): Make enc_add_hhooks() void
• 9ba8670a8b17 cxgbe(4): Allow t4_tom to be unloaded safely.
• cc110bbec6d2 cxgbe/t4_tom: Remove duplicate unlock in t4_tom_deactivate.

dougm@ has been doing some on the the rounding logic in libkern which hit mlx:

• 5a5da24fc85a mlx5: optimize ilog2 calculation
• 3873b9a8b3a5 mlx4: use is_power_of_2

For WiFI there is some organising in LinuxKPI 80211.

• 0b325167f60d LinuxKPI: 802.11: move functions between header files

Firewalls

Lots of change in pf, I would say this falls into the category of "continuous improvement". pf changes are about half of the network stack stuff I pulled out this week and while there are no major features. Small steps are how things get really good.

• 65074f6f3115 pf: fix double ruleset evaluation for fragments sent to dummynet
• 1c82bbd8650a pf: Fix NOINET and NOINET6 build.
• e5c64b2662ff pf: replace union pf_krule_ptr with struct pf_krule in in-kernel structs
• 6bbef793552c pf: Remove struct pf_pdesc->nat_rule
• 1b745d8b23e4 pf: move normalisation into pf_setup_pdesc()
• 288bec2b2bd1 pf: fold pf_test_fragment() into pf_test_rule()
• 8e3d252901e8 pf: Split pf_map_addr()
• 37881f65eacd pf: pf_clear_srcnodes() is always called with NULL
• 86fc6f838ed2 pf: make pf_setup_pdesc() a static function
• f8e994296328 pf: remove ip(6) header argument from pf_reassemble(6)()
• 39f615e90ca3 pf: rename the pf_pdesc field rh_cnt to badopts
• 7fe42038b269 pf: fix max-src-conn when rules are added via netlink
• e8ff5e565c24 pf: fix incorrect parsing of state export filter
• 27f54be50bba pf: merge pf_test() and pf_test6()
• c17a0f62da17 pf tests: use unique pid files for inetd processes
• 3ec4fbdd98f2 pf tests: Add test for max-src-states
• 6ffd4aeba5b9 pf tests: add a test for max-src-conn

User Tooling

Bug fixes in nfs and a robustness change in the dhclient code.

• eb345e05ac66 nfsd: Fix close handling when vfs.nfsd.enable_locallocks=1
• 6df05714da16 Revert "nfscl: Enable support for the Lookup+Open RPC"
• f321956d9806 nfsd.c: Synchronize error handling
• 38c63b52830c dhclient: Ignore vendor-identifying DHCP options defined in RFC 3925

Please Send Feedback

End of writing this week is at ~50 minutes this week, which makes two reports done at an hour each. I'll use those 10 minutes to fix the generation stuff I hand wrote today. Or make coffee.

Fewer tent pole features coming through, but those can't land everyday. I am in two minds about how frequently this should run, a monthly report would be more likely to always carry some meat, but then I would loose an entire Friday once a month to writing about work rather than doing it and I think that would make me a bit sad.

I would love to know if this summary was any help, if it was, or if you think I should cover other thing please let me know (thj@freebsd.org).

If you find a typo or have a correct let me know and I'll thank you at the end here.

Thanks to: - mgdm

You can see all prior posts here. ( rss )

My work on FreeBSD is supported by the FreeBSD Foundation , you can contribute to improving FreeBSD with code, documentation or financially by donating to the FreeBSD Foundation .

This is an experiment in creating tooling driven reports from the FreeBSD development ecosystem, git, code review and bug tracking. The goal is to provide an insight into what has happened in FreeBSD in the last little while, but with limited time to gather, assess and write up what is going on. I am only going to focus on "networking", which for this week was about a third of all commits to main (last week it was about half).

It is a process that will lead to things being missed, don't feel bad, let me know and I'll add the stuff you think is important.

This report was generated on Friday 27th September 2024 for the period between "last week" and "now" as git understand them. The git log command was:

git log --format="%h" --after="last week" --before="now"

With this report the tooling lets me take or leave commits and generates urls and such, but only on the FreeBSD main branch. I'll add stable branches for future reports, but first I want to see what can be done in the allotted time.

I also have searches and a little tooling for dealing with bugs (bugzilla) and reviews (phabricator), but neither of these platforms are as friendly to program as git. That should tell you what they are like.

I plan to write a few of these and if there is demand decided if the time investment is worth it. I'm only going to continue if I think it is worth the work.

Goings on

There are two important events invisible to the development system in the last week, EuroBSDcon and the accompanying DevSummit . While they could show up, it doesn't look like anyone used the "Event:" tag on a commit to main in apart from one GSoc commit earlier in the month.

Stab week ran without much happening, there is 1 reported issue discovered with ixl(4) which has been reverted .

170 commits matched my log command and I thought 64 of them were "networking" based on a cursory glance.

Transport

The regular #transport meeting coincided with the FreeBSD DevSummit. The next meeting is on the 3rd of October 2024, if you have issues with transport protocols (TCP, UDP, SCTP) or the socket layer please join, there is a public meeting link on each agenda page ( accessible via this wiki page ). It is more business like than chat ops, which helps us mostly keep the meetings to less than the planned hour.

Two sets of changes landed in my filter, the MAC change is the first in some further work tidying up the MAC SYN code.

• 78e1b031d2e8 tcp: improve MAC error handling for SYN segments
• 2fb778fab893 MAC: improve handling of listening sockets
• 3f2792166aee MAC: improve consistency in error handling

The second are tidying up stuff in the TCP stack. The last remanent of a broken attempt to control burstiness of the TCP stack 20 years ago. We turned it back on a couple of years ago and I'm pretty sure it deadlocked connections immediately. TCP is very difficult.

• a00c3a94bf64 tcp: remove remnants of 20+ year old disabled code from d912c694ee00
• 87fbd9fc7fc5 tcp: remove unused socket option names

Netdev

Most of the changes this week land in device drivers, it is most of the kernel after all.

bz@ did some git to add missing tracking for vendored Linux WiFi drivers. The commits are 'empty', but contain evil:

This was done using what I'd call "git magic" provided by Ed no one
else will hopefully ever need again.

• e3b12ef6f74e Merge remote-tracking branch 'freebsd/vendor/Linux/rtw89'
• 3c0de76f06ef Merge remote-tracking branch 'freebsd/vendor/Linux/rtw88'
• c9f9342a481d Merge remote-tracking branch 'freebsd/vendor/Linux/mt76'
• bbd5885bfc15 Merge remote-tracking branch 'freebsd/vendor/Linux/iwlwifi'
• d8f6658c9a37 Merge remote-tracking branch 'freebsd/vendor/Linux/ath12k'
• 182375d342bc Merge remote-tracking branch 'freebsd/vendor/Linux/ath11k'
• 114f709b088c Merge remote-tracking branch 'freebsd/vendor/Linux/ath10k'
• 413c5e9082a7 Merge remote-tracking branch 'freebsd/vendor/Linux/ath-common'

Improvements and updates to e1000 (igb, em) have been coming in from kbowling@, with igb updated to 2.25.28-fbsd:

• 930a1e6f3d2d e1000: Delay safe_pause switch until SI_SUB_CLOCKS
• 9bf9164fc8aa e1000: Clean up ITR/EITR in preparation for AIM
• 1c578f1c9311 e1000: Clean up legacy absolute and packet timers
• c9021340a326 e1000: Add sysctl for igb(4) DMA Coalesce
• 2e78e568c268 e1000: Handle igb EEE sysctl
• aa7d086ad946 e1000: Add sysctls for some missing MAC stats
• 5f6964d9fbf6 e1000: drop NEEDGIANT from em_sysctl_debug_info use
• c11a0649b972 e1000: drop NEEDGIANT on em_sysctl_reg_handler uses
• f6e1b5679211 e1000: remove NEEDGIANT from a couple sysctls
• ddfec1fb6814 e1000: Update igb driver version to 2.5.28-fbsd

ix/ixgbe has been updated to the latest release (ix-3.3.38) from Intel .

• e3a6e916dbba ixgbe: fix misleading indentation in ixgbe_phy
• a924b5ee6a1b ixgbe: fix fw_recovery_mode callout
• b6cd053e6da9 ixgbe: update if_sriov with ix-3.3.38 changes
• f72de14ea132 ixgbe: update if_ix and ixgbe api with ix-3.3.38 changes
• 0acea458f82d ixgbe: update ixgbe_mbx with ix-3.3.38 changes
• e06918b94ac4 ixgbe: update ixgbe_phy with ix-3.3.38 changes
• c41a0eeea0d6 ixgbe: update if_bypass to ix-3.3.38
• 36c516b31136 ixgbe: update if_sriov to use the new mailbox apis

The ixl revert mentioned in the stab week report went in:

• bf085659dac9 Revert "ixl: Increase tx/rx ring size to 8160"

On top of this there has been a bunch of tidying up of old code in bfp, iflib and other places by zlei@.

Firewalls

Work has continued to keep FreeBSD pf the best tested firewall:

• f28d5ac5c4a4 pf tests: fix max_states test
• 67bd1d072190 pf tests: Add max states test
• 6aeaadf68def pf tests: Remove nargs from single arguments
• 7b7e39221ec9 pf tests: Speed up divert-to.sh test cases

And some general tidying also landed.

• 4f9e688708f1 pf: merge pf_scrub_ip() and pf_scrub_ip6()
• 6d51791d2832 pf: remove pointless CURVNET_SET
• 905db4aa8877 pf: dedupe layer 4 protocol code in pf_setup_pdesc()
• dd04fa71a8cb pf: remove unused argument 'h' from various function
• 93e96359c980 libpfctl: ensure we return useful error codes

User tooling

tcpdump has been updated to 4.99.5

• 0a7e5f1f02aa tcpdump: Update to 4.99.5

There have been further commits to nuageinit, which I'm not sure is 100% on topic for a network status report. I do think it is one of the most interesting new tools to be added to FreeBSD for a long time and I'm hoping it'll get a raft of documentation and features to remove the need for cloud-init cloud-init at all.

• e72457c4f516 nuageinit: tests: Cleanup

netstat saw some small updates to libxo output and the ntp man page got some attention.

• d00827a9ca0b Revert "netstat: Resolve duplicate "dropped-packets" key from libxo output"
• 674b96f58b9c netstat: Add missing "shutdown-ack-timer" key to libxo output
• 94567c8641e2 netstat: Resolve duplicate "dropped-packets" key from libxo output
• c7a33fe37d76 ntp: Improve descriptions in man pages

Please send feedback

As I write this my timer is at 58 minutes , so the 1 hour goal seems doable.

I plan to add interesting bugs and reviews, once I figure out how to get them from the relevant places. Once the tooling is more than sparkling git log I'll put it up on a repo somewhere.

I would love to know if this summary was any help, if it was, or if you think I should cover other thing please let me know (thj@freebsd.org).

If you find a typo or have a correct let me know and I'll thank you at the end here.

Thanks to typos and feedback from: - mgdm - hibby - brd@

You can see all prior posts here. ( rss )

My work on FreeBSD is supported by the FreeBSD Foundation , you can contribute to improving FreeBSD with code, documentation or financially by donating to the Foundation .