1 /* failover.h 2 3 Definitions for address trees... */ 4 5 /* 6 * Copyright (c) 2004-2017 by Internet Systems Consortium, Inc. ("ISC") 7 * Copyright (c) 2000-2003 by Internet Software Consortium 8 * 9 * This Source Code Form is subject to the terms of the Mozilla Public 10 * License, v. 2.0. If a copy of the MPL was not distributed with this 11 * file, You can obtain one at http://mozilla.org/MPL/2.0/. 12 * 13 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES 14 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 15 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR 16 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 17 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 18 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT 19 * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 20 * 21 * Internet Systems Consortium, Inc. 22 * 950 Charter Street 23 * Redwood City, CA 94063 24 * <info@isc.org> 25 * https://www.isc.org/ 26 * 27 */ 28 29 #if defined (FAILOVER_PROTOCOL) 30 struct failover_option_info { 31 int code; 32 const char *name; 33 enum { FT_UINT8, FT_IPADDR, FT_UINT32, FT_BYTES, FT_TEXT_OR_BYTES, 34 FT_DDNS, FT_DDNS1, FT_UINT16, FT_TEXT, 35 FT_UNDEF, FT_DIGEST } type; 36 int num_present; 37 int offset; 38 u_int32_t bit; 39 }; 40 41 typedef struct { 42 unsigned count; 43 u_int8_t *data; 44 } failover_option_t; 45 46 /* Failover configuration defaults. */ 47 #ifndef DEFAULT_MAX_BALANCE_TIME 48 # define DEFAULT_MAX_BALANCE_TIME 3600 49 #endif 50 51 #ifndef DEFAULT_MIN_BALANCE_TIME 52 # define DEFAULT_MIN_BALANCE_TIME 60 53 #endif 54 55 #ifndef DEFAULT_MAX_LEASE_MISBALANCE 56 # define DEFAULT_MAX_LEASE_MISBALANCE 15 57 #endif 58 59 #ifndef DEFAULT_MAX_LEASE_OWNERSHIP 60 # define DEFAULT_MAX_LEASE_OWNERSHIP 10 61 #endif 62 63 #ifndef DEFAULT_MAX_FLYING_UPDATES 64 # define DEFAULT_MAX_FLYING_UPDATES 100 65 #endif 66 67 #ifndef DEFAULT_MAX_RESPONSE_DELAY 68 # define DEFAULT_MAX_RESPONSE_DELAY 20 69 #endif 70 71 /* 72 * IANA has assigned ports 647 ("dhcp-failover") and 847 ("dhcp-failover2"). 73 * Of these, only port 647 is mentioned in the -12 draft revision. We're not 74 * sure if they are supposed to indicate primary and secondary? No matter, 75 * we'll stick to the -12 draft revision level. 76 */ 77 #ifndef DEFAULT_FAILOVER_PORT 78 # define DEFAULT_FAILOVER_PORT 647 79 #endif 80 81 #define FM_OFFSET(x) (long)(&(((failover_message_t *)0) -> x)) 82 83 /* All of the below definitions are mandated by draft-ietf-dhc-failover-12. 84 * The Sections referenced are Sections within that document of that 85 * version, and may be different in other documents of other versions. 86 */ 87 88 /* Failover message options from Section 12: */ 89 #define FTO_ADDRESSES_TRANSFERRED 1 90 #define FTB_ADDRESSES_TRANSFERRED 0x00000002 91 #define FTO_ASSIGNED_IP_ADDRESS 2 92 #define FTB_ASSIGNED_IP_ADDRESS 0x00000004 93 #define FTO_BINDING_STATUS 3 94 #define FTB_BINDING_STATUS 0x00000008 95 #define FTO_CLIENT_IDENTIFIER 4 96 #define FTB_CLIENT_IDENTIFIER 0x00000010 97 #define FTO_CHADDR 5 98 #define FTB_CHADDR 0x00000020 99 #define FTO_CLTT 6 100 #define FTB_CLTT 0x00000040 101 #define FTO_REPLY_OPTIONS 7 102 #define FTB_REPLY_OPTIONS 0x00000080 103 #define FTO_REQUEST_OPTIONS 8 104 #define FTB_REQUEST_OPTIONS 0x00000100 105 #define FTO_DDNS 9 106 #define FTB_DDNS 0x00000200 107 #define FTO_DELAYED_SERVICE 10 108 #define FTB_DELAYED_SERVICE 0x00000400 109 #define FTO_HBA 11 110 #define FTB_HBA 0x00000800 111 #define FTO_IP_FLAGS 12 112 #define FTB_IP_FLAGS 0x00001000 113 #define FTO_LEASE_EXPIRY 13 114 #define FTB_LEASE_EXPIRY 0x00002000 115 #define FTO_MAX_UNACKED 14 116 #define FTB_MAX_UNACKED 0x00004000 117 #define FTO_MCLT 15 118 #define FTB_MCLT 0x00008000 119 #define FTO_MESSAGE 16 120 #define FTB_MESSAGE 0x00010000 121 #define FTO_MESSAGE_DIGEST 17 122 #define FTB_MESSAGE_DIGEST 0x00020000 123 #define FTO_POTENTIAL_EXPIRY 18 124 #define FTB_POTENTIAL_EXPIRY 0x00040000 125 #define FTO_RECEIVE_TIMER 19 126 #define FTB_RECEIVE_TIMER 0x00080000 127 #define FTO_PROTOCOL_VERSION 20 128 #define FTB_PROTOCOL_VERSION 0x00100000 129 #define FTO_REJECT_REASON 21 130 #define FTB_REJECT_REASON 0x00200000 131 #define FTO_RELATIONSHIP_NAME 22 132 #define FTB_RELATIONSHIP_NAME 0x00400000 133 #define FTO_SERVER_FLAGS 23 134 #define FTB_SERVER_FLAGS 0x00800000 135 #define FTO_SERVER_STATE 24 136 #define FTB_SERVER_STATE 0x01000000 137 #define FTO_STOS 25 138 #define FTB_STOS 0x02000000 139 #define FTO_TLS_REPLY 26 140 #define FTB_TLS_REPLY 0x04000000 141 #define FTO_TLS_REQUEST 27 142 #define FTB_TLS_REQUEST 0x08000000 143 #define FTO_VENDOR_CLASS 28 144 #define FTB_VENDOR_CLASS 0x10000000 145 #define FTO_VENDOR_OPTIONS 29 146 #define FTB_VENDOR_OPTIONS 0x20000000 147 148 #define FTO_MAX FTO_VENDOR_OPTIONS 149 150 /* Failover protocol message types from Section 6.1: */ 151 #define FTM_POOLREQ 1 152 #define FTM_POOLRESP 2 153 #define FTM_BNDUPD 3 154 #define FTM_BNDACK 4 155 #define FTM_CONNECT 5 156 #define FTM_CONNECTACK 6 157 #define FTM_UPDREQALL 7 158 #define FTM_UPDDONE 8 159 #define FTM_UPDREQ 9 160 #define FTM_STATE 10 161 #define FTM_CONTACT 11 162 #define FTM_DISCONNECT 12 163 164 #define FTM_MAX FTM_DISCONNECT 165 166 /* Reject reasons from Section 12.21: */ 167 #define FTR_ILLEGAL_IP_ADDR 1 168 #define FTR_FATAL_CONFLICT 2 169 #define FTR_MISSING_BINDINFO 3 170 #define FTR_TIMEMISMATCH 4 171 #define FTR_INVALID_MCLT 5 172 #define FTR_MISC_REJECT 6 173 #define FTR_DUP_CONNECTION 7 174 #define FTR_INVALID_PARTNER 8 175 #define FTR_TLS_UNSUPPORTED 9 176 #define FTR_TLS_UNCONFIGURED 10 177 #define FTR_TLS_REQUIRED 11 178 #define FTR_DIGEST_UNSUPPORTED 12 179 #define FTR_DIGEST_UNCONFIGURED 13 180 #define FTR_VERSION_MISMATCH 14 181 #define FTR_OUTDATED_BIND_INFO 15 182 #define FTR_LESS_CRIT_BIND_INFO 16 183 #define FTR_NO_TRAFFIC 17 184 #define FTR_HBA_CONFLICT 18 185 #define FTR_IP_NOT_RESERVED 19 186 #define FTR_IP_DIGEST_FAILURE 20 187 #define FTR_IP_MISSING_DIGEST 21 188 #define FTR_UNKNOWN 254 189 190 /* Message size limitations defined in Section 6.1: */ 191 #define DHCP_FAILOVER_MIN_MESSAGE_SIZE 12 192 #define DHCP_FAILOVER_MAX_MESSAGE_SIZE 2048 193 194 /* Failover server flags from Section 12.23: */ 195 #define FTF_SERVER_STARTUP 1 196 197 /* DDNS flags from Section 12.9. These are really their names. */ 198 #define FTF_DDNS_C 0x0001 199 #define FTF_DDNS_A 0x0002 200 #define FTF_DDNS_D 0x0004 201 #define FTF_DDNS_P 0x0008 202 203 /* FTO_IP_FLAGS contents from Section 12.12: */ 204 #define FTF_IP_FLAG_RESERVE 0x0001 205 #define FTF_IP_FLAG_BOOTP 0x0002 206 207 /* FTO_MESSAGE_DIGEST Type Codes from Section 12.17: */ 208 #define FTT_MESSAGE_DIGEST_HMAC_MD5 0x01 209 210 typedef struct failover_message { 211 int refcnt; 212 struct failover_message *next; 213 214 int options_present; 215 216 u_int32_t time; 217 u_int32_t xid; 218 u_int8_t type; 219 220 /* One-byte options. */ 221 u_int8_t binding_status; 222 u_int8_t delayed_service; 223 u_int8_t protocol_version; 224 u_int8_t reject_reason; 225 u_int8_t server_flags; 226 u_int8_t server_state; 227 u_int8_t tls_reply; 228 u_int8_t tls_request; 229 230 /* Two-byte options. */ 231 u_int16_t ip_flags; 232 233 /* Four-byte options. */ 234 u_int32_t addresses_transferred; 235 u_int32_t assigned_addr; 236 u_int32_t cltt; 237 u_int32_t expiry; 238 u_int32_t max_unacked; 239 u_int32_t mclt; 240 u_int32_t potential_expiry; 241 u_int32_t receive_timer; 242 u_int32_t stos; 243 244 /* Arbitrary field options. */ 245 failover_option_t chaddr; 246 failover_option_t client_identifier; 247 failover_option_t hba; 248 failover_option_t message; 249 failover_option_t message_digest; 250 failover_option_t relationship_name; 251 failover_option_t reply_options; 252 failover_option_t request_options; 253 failover_option_t vendor_class; 254 failover_option_t vendor_options; 255 256 /* Special contents options. */ 257 ddns_fqdn_t ddns; 258 } failover_message_t; 259 260 typedef struct { 261 OMAPI_OBJECT_PREAMBLE; 262 struct option_cache *peer_address; 263 unsigned peer_port; 264 int options_present; 265 enum dhcp_flink_state { 266 dhcp_flink_start, 267 dhcp_flink_message_length_wait, 268 dhcp_flink_message_wait, 269 dhcp_flink_disconnected, 270 dhcp_flink_state_max 271 } state; 272 failover_message_t *imsg; 273 struct _dhcp_failover_state *state_object; 274 u_int16_t imsg_len; 275 unsigned imsg_count; 276 u_int8_t imsg_payoff; /* Pay*load* offset. :') */ 277 u_int32_t xid; 278 } dhcp_failover_link_t; 279 280 typedef struct _dhcp_failover_listener { 281 OMAPI_OBJECT_PREAMBLE; 282 struct _dhcp_failover_listener *next; 283 omapi_addr_t address; 284 } dhcp_failover_listener_t; 285 #endif /* FAILOVER_PROTOCOL */ 286 287 /* A failover peer's running state. */ 288 enum failover_state { 289 unknown_state = 0, /* XXX: Not a standard state. */ 290 startup = 1, 291 normal = 2, 292 communications_interrupted = 3, 293 partner_down = 4, 294 potential_conflict = 5, 295 recover = 6, 296 paused = 7, 297 shut_down = 8, 298 recover_done = 9, 299 resolution_interrupted = 10, 300 conflict_done = 11, 301 302 /* Draft revision 12 of the failover protocol documents a RECOVER-WAIT 303 * state, but does not enumerate its value in the section 12.24 304 * table. ISC DHCP 3.0.x used value 254 even though the state was 305 * not documented at all. For the time being, we will continue to use 306 * this value. 307 */ 308 recover_wait = 254 309 }; 310 311 /* Service states are simplifications of failover states, particularly 312 useful because the startup state isn't actually implementable as a 313 separate failover state without maintaining a state stack. */ 314 315 enum service_state { 316 unknown_service_state, 317 cooperating, 318 not_cooperating, 319 service_partner_down, 320 not_responding, 321 service_startup 322 }; 323 324 #if defined (FAILOVER_PROTOCOL) 325 typedef struct _dhcp_failover_config { 326 struct option_cache *address; 327 int port; 328 u_int32_t max_flying_updates; 329 enum failover_state state; 330 TIME stos; 331 u_int32_t max_response_delay; 332 } dhcp_failover_config_t; 333 334 typedef struct _dhcp_failover_state { 335 OMAPI_OBJECT_PREAMBLE; 336 struct _dhcp_failover_state *next; 337 char *name; /* Name of this failover instance. */ 338 dhcp_failover_config_t me; /* My configuration. */ 339 dhcp_failover_config_t partner; /* Partner's configuration. */ 340 enum failover_state saved_state; /* Saved state during startup. */ 341 struct data_string server_identifier; /* Server identifier (IP addr) */ 342 u_int32_t mclt; 343 344 u_int8_t *hba; /* Hash bucket array for load balancing. */ 345 int load_balance_max_secs; 346 347 u_int32_t max_lease_misbalance, max_lease_ownership; 348 u_int32_t max_balance, min_balance; 349 TIME last_balance, sched_balance; 350 351 u_int32_t auto_partner_down; 352 353 enum service_state service_state; 354 const char *nrr; /* Printable reason why we're in the 355 not_responding service state (empty 356 string if we are responding. */ 357 358 dhcp_failover_link_t *link_to_peer; /* Currently-established link 359 to peer. */ 360 361 enum { 362 primary, secondary 363 } i_am; /* We are primary or secondary in this relationship. */ 364 365 TIME last_packet_sent; /* Timestamp on last packet we sent. */ 366 TIME last_timestamp_received; /* The last timestamp we sent that 367 has been returned by our partner. */ 368 TIME skew; /* The skew between our clock and our partner's. */ 369 struct lease *update_queue_head; /* List of leases we haven't sent 370 to peer. */ 371 struct lease *update_queue_tail; 372 373 struct lease *ack_queue_head; /* List of lease updates the peer 374 hasn't yet acked. */ 375 struct lease *ack_queue_tail; 376 377 struct lease *send_update_done; /* When we get a BNDACK for this 378 lease, send an UPDDONE message. */ 379 int cur_unacked_updates; /* Number of updates we've sent 380 that have not yet been acked. */ 381 382 /* List of messages which we haven't 383 acked yet. */ 384 failover_message_t *toack_queue_head; 385 failover_message_t *toack_queue_tail; 386 int pending_acks; /* Number of messages in the toack 387 queue. */ 388 int pool_count; /* Number of pools referencing this 389 failover state object. */ 390 int curUPD; /* If an UPDREQ* message is in motion, 391 this value indicates which one. */ 392 u_int32_t updxid; /* XID of UPDREQ* message in action. */ 393 } dhcp_failover_state_t; 394 395 extern int check_secs_byte_order; /* check byte order of secs field when true */ 396 397 #define DHCP_FAILOVER_VERSION 1 398 #endif /* FAILOVER_PROTOCOL */ 399