| Message ID | 20201202130517.4967-1-andrea.mayer@uniroma2.it |
|---|---|
| Headers | show |
| Series | seg6: add support for SRv6 End.DT4/DT6 behavior | expand |
Before this patch, each SRv6 behavior specifies a set of required attributes that must be provided by the userspace application when such behavior is going to be instantiated. If at least one of the required attributes is not provided, the creation of the behavior fails. The SRv6 behavior framework lacks a way to manage optional attributes. By definition, an optional attribute for a SRv6 behavior consists of an attribute which may or may not be provided by the userspace. Therefore, if an optional attribute is missing (and thus not supplied by the user) the creation of the behavior goes ahead without any issue. This patch explicitly differentiates the required attributes from the optional attributes. In particular, each behavior can declare a set of required attributes and a set of optional ones. The semantic of the required attributes remains *totally* unaffected by this patch. The introduction of the optional attributes does NOT impact on the backward compatibility of the existing SRv6 behaviors. It is essential to note that if an (optional or required) attribute is supplied to a SRv6 behavior which does not expect it, the behavior simply discards such attribute without generating any error or warning. This operating mode remained unchanged both before and after the introduction of the optional attributes extension. The optional attributes are one of the key components used to implement the SRv6 End.DT6 behavior based on the Virtual Routing and Forwarding (VRF) framework. The optional attributes make possible the coexistence of the already existing SRv6 End.DT6 implementation with the new SRv6 End.DT6 VRF-based implementation without breaking any backward compatibility. Further details on the SRv6 End.DT6 behavior (VRF mode) are reported in subsequent patches.
On Wed, 2 Dec 2020 14:05:09 +0100 Andrea Mayer wrote: > This patchset provides support for the SRv6 End.DT4 and End.DT6 (VRF mode) > behaviors. > > The SRv6 End.DT4 behavior is used to implement multi-tenant IPv4 L3 VPNs. It > decapsulates the received packets and performs IPv4 routing lookup in the > routing table of the tenant. The SRv6 End.DT4 Linux implementation leverages a > VRF device in order to force the routing lookup into the associated routing > table. > The SRv6 End.DT4 behavior is defined in the SRv6 Network Programming [1]. > > The Linux kernel already offers an implementation of the SRv6 End.DT6 behavior > which allows us to set up IPv6 L3 VPNs over SRv6 networks. This new > implementation of DT6 is based on the same VRF infrastructure already exploited > for implementing the SRv6 End.DT4 behavior. The aim of the new SRv6 End.DT6 in > VRF mode consists in simplifying the construction of IPv6 L3 VPN services in > the multi-tenant environment. > Currently, the two SRv6 End.DT6 implementations (legacy and VRF mode) > coexist seamlessly and can be chosen according to the context and the user > preferences. > > - Patch 1 is needed to solve a pre-existing issue with tunneled packets > when a sniffer is attached; > > - Patch 2 improves the management of the seg6local attributes used by the > SRv6 behaviors; > > - Patch 3 adds support for optional attributes in SRv6 behaviors; > > - Patch 4 introduces two callbacks used for customizing the > creation/destruction of a SRv6 behavior; > > - Patch 5 is the core patch that adds support for the SRv6 End.DT4 > behavior; > > - Patch 6 introduces the VRF support for SRv6 End.DT6 behavior; > > - Patch 7 adds the selftest for SRv6 End.DT4 behavior; > > - Patch 8 adds the selftest for SRv6 End.DT6 (VRF mode) behavior. > > Regarding iproute2, the support for the new "vrftable" attribute, required by > both SRv6 End.DT4 and End.DT6 (VRF mode) behaviors, is provided in a different > patchset that will follow shortly. > > I would like to thank David Ahern for his support during the development of > this patchset. Applied, thank you!
Hello: This series was applied to netdev/net-next.git (refs/heads/master): On Wed, 2 Dec 2020 14:05:09 +0100 you wrote: > This patchset provides support for the SRv6 End.DT4 and End.DT6 (VRF mode) > behaviors. > > The SRv6 End.DT4 behavior is used to implement multi-tenant IPv4 L3 VPNs. It > decapsulates the received packets and performs IPv4 routing lookup in the > routing table of the tenant. The SRv6 End.DT4 Linux implementation leverages a > VRF device in order to force the routing lookup into the associated routing > table. > The SRv6 End.DT4 behavior is defined in the SRv6 Network Programming [1]. > > [...] Here is the summary with links: - [net-next,v4,1/8] vrf: add mac header for tunneled packets when sniffer is attached https://git.kernel.org/netdev/net-next/c/048939088220 - [net-next,v4,2/8] seg6: improve management of behavior attributes https://git.kernel.org/netdev/net-next/c/964adce526a4 - [net-next,v4,3/8] seg6: add support for optional attributes in SRv6 behaviors https://git.kernel.org/netdev/net-next/c/0a3021f1d4e5 - [net-next,v4,4/8] seg6: add callbacks for customizing the creation/destruction of a behavior https://git.kernel.org/netdev/net-next/c/cfdf64a03406 - [net-next,v4,5/8] seg6: add support for the SRv6 End.DT4 behavior https://git.kernel.org/netdev/net-next/c/664d6f86868b - [net-next,v4,6/8] seg6: add VRF support for SRv6 End.DT6 behavior https://git.kernel.org/netdev/net-next/c/20a081b7984c - [net-next,v4,7/8] selftests: add selftest for the SRv6 End.DT4 behavior https://git.kernel.org/netdev/net-next/c/2195444e09b4 - [net-next,v4,8/8] selftests: add selftest for the SRv6 End.DT6 (VRF) behavior https://git.kernel.org/netdev/net-next/c/2bc035538e16 You are awesome, thank you! -- Deet-doot-dot, I am a bot. https://korg.docs.kernel.org/patchwork/pwbot.html
This patchset provides support for the SRv6 End.DT4 and End.DT6 (VRF mode) behaviors. The SRv6 End.DT4 behavior is used to implement multi-tenant IPv4 L3 VPNs. It decapsulates the received packets and performs IPv4 routing lookup in the routing table of the tenant. The SRv6 End.DT4 Linux implementation leverages a VRF device in order to force the routing lookup into the associated routing table. The SRv6 End.DT4 behavior is defined in the SRv6 Network Programming [1]. The Linux kernel already offers an implementation of the SRv6 End.DT6 behavior which allows us to set up IPv6 L3 VPNs over SRv6 networks. This new implementation of DT6 is based on the same VRF infrastructure already exploited for implementing the SRv6 End.DT4 behavior. The aim of the new SRv6 End.DT6 in VRF mode consists in simplifying the construction of IPv6 L3 VPN services in the multi-tenant environment. Currently, the two SRv6 End.DT6 implementations (legacy and VRF mode) coexist seamlessly and can be chosen according to the context and the user preferences. - Patch 1 is needed to solve a pre-existing issue with tunneled packets when a sniffer is attached; - Patch 2 improves the management of the seg6local attributes used by the SRv6 behaviors; - Patch 3 adds support for optional attributes in SRv6 behaviors; - Patch 4 introduces two callbacks used for customizing the creation/destruction of a SRv6 behavior; - Patch 5 is the core patch that adds support for the SRv6 End.DT4 behavior; - Patch 6 introduces the VRF support for SRv6 End.DT6 behavior; - Patch 7 adds the selftest for SRv6 End.DT4 behavior; - Patch 8 adds the selftest for SRv6 End.DT6 (VRF mode) behavior. Regarding iproute2, the support for the new "vrftable" attribute, required by both SRv6 End.DT4 and End.DT6 (VRF mode) behaviors, is provided in a different patchset that will follow shortly. I would like to thank David Ahern for his support during the development of this patchset. Comments, suggestions and improvements are very welcome! Thanks, Andrea Mayer v4 seg6: add support for the SRv6 End.DT4 behavior - remove IS_ERR() checks in cmp_nla_vrftable(), thanks to Jakub Kicinski. remove patch for iproute2: - mixing the iproute2 patch with this patchset confused patchwork. v3 notes about the build bot: - apparently the ',' (comma) in the subject prefix confused the build bot. Removed the ',' in favor of ' ' (space). Thanks to David Ahern and Konstantin Ryabitsev for shedding light on this fact. Thanks also to Nathan Chancellor for trying to build the patchset v2 by simulating the bot issue. add new patch for iproute2: - [9/9] seg6: add support for vrftable attribute in End.DT4/DT6 behaviors add new patch: - [8/9] selftests: add selftest for the SRv6 End.DT6 (VRF) behavior add new patch: - [6/9] seg6: add VRF support for SRv6 End.DT6 behavior add new patch: - [3/9] seg6: add support for optional attributes in SRv6 behaviors selftests: add selftest for the SRv6 End.DT4 behavior - keep David Ahern's review tag since the code wasn't changed. Thanks to David Ahern for his review. seg6: add support for the SRv6 End.DT4 behavior - remove useless error in seg6_end_dt4_build(); - remove #ifdef/#endif stubs for DT4 when CONFIG_NET_L3_MASTER_DEV is not defined; - fix coding style. Thanks to Jakub Kicinski for his review and for all his suggestions. seg6: add callbacks for customizing the creation/destruction of a behavior - remove typedef(s) slwt_{build/destroy}_state_t; - fix coding style: remove empty lines, trivial comments and rename labels in the seg6_local_build_state() function. Thanks to Jakub Kicinski for his review and for all his suggestions. seg6: improve management of behavior attributes - remove defensive programming approach in destroy_attr_srh(), destroy_attr_bpf() and destroy_attrs(); - change the __destroy_attrs() function signature, renaming the 'end' argument 'parsed_max'. Now, the __destroy_attrs() keeps only the 'parsed_max' and 'slwt' arguments. Thanks to Jakub Kicinski for his review and for all his suggestions. vrf: add mac header for tunneled packets when sniffer is attached - keep David Ahern's review tag since the code wasn't changed. Thanks to Jakub Kicinski for pointing it out and David Ahern for his review. v2 no changes made: resubmitted after false build report. v1 improve comments; add new patch 2/5 titled: seg6: improve management of behavior attributes seg6: add support for the SRv6 End.DT4 behavior - remove the inline keyword in the definition of fib6_config_get_net(). selftests: add selftest for the SRv6 End.DT4 behavior - add check for the vrf sysctl [1] https://tools.ietf.org/html/draft-ietf-spring-srv6-network-programming Andrea Mayer (8): vrf: add mac header for tunneled packets when sniffer is attached seg6: improve management of behavior attributes seg6: add support for optional attributes in SRv6 behaviors seg6: add callbacks for customizing the creation/destruction of a behavior seg6: add support for the SRv6 End.DT4 behavior seg6: add VRF support for SRv6 End.DT6 behavior selftests: add selftest for the SRv6 End.DT4 behavior selftests: add selftest for the SRv6 End.DT6 (VRF) behavior drivers/net/vrf.c | 78 ++- include/uapi/linux/seg6_local.h | 1 + net/ipv6/seg6_local.c | 590 +++++++++++++++++- .../selftests/net/srv6_end_dt4_l3vpn_test.sh | 494 +++++++++++++++ .../selftests/net/srv6_end_dt6_l3vpn_test.sh | 502 +++++++++++++++ 5 files changed, 1646 insertions(+), 19 deletions(-) create mode 100755 tools/testing/selftests/net/srv6_end_dt4_l3vpn_test.sh create mode 100755 tools/testing/selftests/net/srv6_end_dt6_l3vpn_test.sh