From: Alexander Bluhm Subject: Re: Remove net.inet6.ip6.auto_flowlabel knob. To: tech Date: Mon, 15 Sep 2025 18:39:37 +0200 On Mon, Sep 15, 2025 at 04:45:02PM +0200, Florian Obser wrote: > There is no reason not to do flowlabels. > > OK? OK bluhm@ > diff --git lib/libc/sys/sysctl.2 lib/libc/sys/sysctl.2 > index b4a34f2748c..412ead4fa01 100644 > --- lib/libc/sys/sysctl.2 > +++ lib/libc/sys/sysctl.2 > @@ -1842,7 +1842,6 @@ The currently defined protocols and names are: > .It icmp6 Ta nd6_mmaxtries Ta integer Ta yes > .It icmp6 Ta nd6_umaxtries Ta integer Ta yes > .It icmp6 Ta redirtimeout Ta integer Ta yes > -.It ip6 Ta auto_flowlabel Ta integer Ta yes > .It ip6 Ta dad_count Ta integer Ta yes > .It ip6 Ta dad_pending Ta integer Ta yes > .It ip6 Ta defmcasthlim Ta integer Ta yes > @@ -1919,11 +1918,6 @@ constant in IPv6 neighbor discovery specification > The variable specifies the lifetime of routing entries generated by > incoming ICMPv6 redirects. > .Pp > -.It Li ip6.auto_flowlabel Pq Va net.inet6.ip6.auto_flowlabel > -On connected transport protocol packets, > -fill the IPv6 flowlabel field to help intermediate routers identify > -packet flows. > -.Pp > .It Li ip6.dad_count Pq Va net.inet6.ip6.dad_count > This variable configures the number of IPv6 DAD > .Pq duplicated address detection > diff --git sys/netinet6/in6.h sys/netinet6/in6.h > index a6826e8756e..21d387e8167 100644 > --- sys/netinet6/in6.h > +++ sys/netinet6/in6.h > @@ -619,7 +619,7 @@ ifatoia6(struct ifaddr *ifa) > { 0, 0 }, \ > { "hdrnestlimit", CTLTYPE_INT }, \ > { "dad_count", CTLTYPE_INT }, \ > - { "auto_flowlabel", CTLTYPE_INT }, \ > + { 0, 0 }, \ > { "defmcasthlim", CTLTYPE_INT }, \ > { 0, 0 }, \ > { 0, 0 }, \ > diff --git sys/netinet6/in6_pcb.c sys/netinet6/in6_pcb.c > index a23203bf274..5577eba12e6 100644 > --- sys/netinet6/in6_pcb.c > +++ sys/netinet6/in6_pcb.c > @@ -334,10 +334,8 @@ in6_pcbconnect(struct inpcb *inp, struct mbuf *nam) > mtx_leave(&table->inpt_mtx); > > inp->inp_flowinfo &= ~IPV6_FLOWLABEL_MASK; > - if (atomic_load_int(&ip6_auto_flowlabel)) { > - inp->inp_flowinfo |= > - (htonl(ip6_randomflowlabel()) & IPV6_FLOWLABEL_MASK); > - } > + inp->inp_flowinfo |= > + (htonl(ip6_randomflowlabel()) & IPV6_FLOWLABEL_MASK); > #if NSTOEPLITZ > 0 > inp->inp_flowid = stoeplitz_ip6port(&inp->inp_faddr6, > &inp->inp_laddr6, inp->inp_fport, inp->inp_lport); > @@ -730,10 +728,8 @@ in6_pcbset_addr(struct inpcb *inp, const struct sockaddr_in6 *fsin6, > mtx_leave(&table->inpt_mtx); > > inp->inp_flowinfo &= ~IPV6_FLOWLABEL_MASK; > - if (atomic_load_int(&ip6_auto_flowlabel)) { > - inp->inp_flowinfo |= > - (htonl(ip6_randomflowlabel()) & IPV6_FLOWLABEL_MASK); > - } > + inp->inp_flowinfo |= > + (htonl(ip6_randomflowlabel()) & IPV6_FLOWLABEL_MASK); > #if NSTOEPLITZ > 0 > inp->inp_flowid = stoeplitz_ip6port(&inp->inp_faddr6, > &inp->inp_laddr6, inp->inp_fport, inp->inp_lport); > diff --git sys/netinet6/in6_proto.c sys/netinet6/in6_proto.c > index 1f13bba4191..1e74ef6b401 100644 > --- sys/netinet6/in6_proto.c > +++ sys/netinet6/in6_proto.c > @@ -360,7 +360,6 @@ int ip6_maxfrags = 200; /* [a] */ > int ip6_hdrnestlimit = 10; /* [a] appropriate? */ > int ip6_dad_count = 1; /* [a] DupAddrDetectionTransmits */ > int ip6_dad_pending; /* number of currently running DADs */ > -int ip6_auto_flowlabel = 1; /* [a] */ > int ip6_mcast_pmtu = 0; /* [a] enable pMTU discovery for multicast? */ > int ip6_neighborgcthresh = 2048; /* [a] Threshold # of NDP entries for GC */ > int ip6_maxdynroutes = 4096; /* [a] Max # of routes created via redirect */ > diff --git sys/netinet6/ip6_input.c sys/netinet6/ip6_input.c > index 37680d7fe52..4de688e4690 100644 > --- sys/netinet6/ip6_input.c > +++ sys/netinet6/ip6_input.c > @@ -1449,7 +1449,6 @@ const struct sysctl_bounded_args ipv6ctl_vars[] = { > { IPV6CTL_MAXFRAGPACKETS, &ip6_maxfragpackets, 0, 1000 }, > { IPV6CTL_HDRNESTLIMIT, &ip6_hdrnestlimit, 0, 100 }, > { IPV6CTL_DAD_COUNT, &ip6_dad_count, 0, 10 }, > - { IPV6CTL_AUTO_FLOWLABEL, &ip6_auto_flowlabel, 0, 1 }, > { IPV6CTL_DEFMCASTHLIM, &ip6_defmcasthlim, 0, 255 }, > { IPV6CTL_MAXFRAGS, &ip6_maxfrags, 0, 1000 }, > { IPV6CTL_MFORWARDING, &ip6_mforwarding, 0, 1 }, > diff --git sys/netinet6/ip6_var.h sys/netinet6/ip6_var.h > index 37f733dfd7d..075be22d3c5 100644 > --- sys/netinet6/ip6_var.h > +++ sys/netinet6/ip6_var.h > @@ -293,8 +293,6 @@ extern int ip6_hdrnestlimit; /* upper limit of # of extension headers */ > extern int ip6_dad_count; /* DupAddrDetectionTransmits */ > extern int ip6_dad_pending; /* number of currently running DADs */ > > -extern int ip6_auto_flowlabel; > - > extern const struct pr_usrreqs rip6_usrreqs; > > struct inpcb; > > -- > In my defence, I have been left unsupervised.