subject:"\[PATCH net\-2.6.22\] \[IPV6\] FIB6RULE\: Find source address during looking up route."

[PATCH net-2.6.22] [IPV6] FIB6RULE: Find source address during looking up route.

2007-03-27 Thread YOSHIFUJI Hideaki / 吉藤英明

When looking up route for destination with rules with
source address restrictions, we may need to find a source
address for the traffic if not given.

Based on patch from Noriaki TAKAMIYA [EMAIL PROTECTED].

Signed-off-by: YOSHIFUJI Hideaki [EMAIL PROTECTED]
---
 include/linux/fib_rules.h |7 +--
 net/ipv6/fib6_rules.c |   34 +++---
 2 files changed, 36 insertions(+), 5 deletions(-)

diff --git a/include/linux/fib_rules.h b/include/linux/fib_rules.h
index 8270aac..2bbfa87 100644
--- a/include/linux/fib_rules.h
+++ b/include/linux/fib_rules.h
@@ -5,8 +5,11 @@
 #include linux/rtnetlink.h
 
 /* rule is permanent, and cannot be deleted */
-#define FIB_RULE_PERMANENT 1
-#define FIB_RULE_INVERT2
+#define FIB_RULE_PERMANENT 0x0001
+#define FIB_RULE_INVERT0x0002
+
+/* try to find source address in routing lookups */
+#defineFIB_RULE_FIND_SADDR 0x0001
 
 struct fib_rule_hdr
 {
diff --git a/net/ipv6/fib6_rules.c b/net/ipv6/fib6_rules.c
index f0f0e8c..514a743 100644
--- a/net/ipv6/fib6_rules.c
+++ b/net/ipv6/fib6_rules.c
@@ -17,6 +17,7 @@
 
 #include net/fib_rules.h
 #include net/ipv6.h
+#include net/addrconf.h
 #include net/ip6_route.h
 #include net/netlink.h
 
@@ -95,8 +96,27 @@ static int fib6_rule_action(struct fib_rule *rule, struct 
flowi *flp,
if (table)
rt = lookup(table, flp, flags);
 
-   if (rt != ip6_null_entry)
+   if (rt != ip6_null_entry) {
+   struct fib6_rule *r = (struct fib6_rule *)rule;
+
+   /*
+* If we need to find a source address for this traffic,
+* we check the result if it meets requirement of the rule.
+*/
+   if ((rule-flags  FIB_RULE_FIND_SADDR) 
+   r-src.plen  !(flags  RT6_LOOKUP_F_HAS_SADDR)) {
+   struct in6_addr saddr;
+   if (ipv6_get_saddr(rt-u.dst, flp-fl6_dst,
+  saddr))
+   goto again;
+   if (!ipv6_prefix_equal(saddr, r-src.addr,
+  r-src.plen))
+   goto again;
+   ipv6_addr_copy(flp-fl6_src, saddr);
+   }
goto out;
+   }
+again:
dst_release(rt-u.dst);
rt = NULL;
goto out;
@@ -117,9 +137,17 @@ static int fib6_rule_match(struct fib_rule *rule, struct 
flowi *fl, int flags)
!ipv6_prefix_equal(fl-fl6_dst, r-dst.addr, r-dst.plen))
return 0;
 
+   /*
+* If FIB_RULE_FIND_SADDR is set and we do not have a
+* source address for the traffic, we defer check for
+* source address.
+*/
if (r-src.plen) {
-   if (!(flags  RT6_LOOKUP_F_HAS_SADDR) ||
-   !ipv6_prefix_equal(fl-fl6_src, r-src.addr, r-src.plen))
+   if (flags  RT6_LOOKUP_F_HAS_SADDR) {
+   if (!ipv6_prefix_equal(fl-fl6_src, r-src.addr,
+  r-src.plen))
+   return 0;
+   } else if (!(r-common.flags  FIB_RULE_FIND_SADDR))
return 0;
}
 
-- 
1.4.4.1.g562ce

-
To unsubscribe from this list: send the line unsubscribe netdev in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH net-2.6.22] [IPV6] FIB6RULE: Find source address during looking up route.

2007-03-27 Thread Thomas Graf

* YOSHIFUJI Hideaki / ?$B5HF#1QL@ [EMAIL PROTECTED] 2007-03-27 22:45
 When looking up route for destination with rules with
 source address restrictions, we may need to find a source
 address for the traffic if not given.

Out of curiosity, what sort of rules would have this flag set?
The majority of lookups don't provide a valid source address.
This new address search could become very expensive, because
none of the results are cached.

 Signed-off-by: YOSHIFUJI Hideaki [EMAIL PROTECTED]
 ---
  include/linux/fib_rules.h |7 +--
  net/ipv6/fib6_rules.c |   34 +++---
  2 files changed, 36 insertions(+), 5 deletions(-)
 
 diff --git a/include/linux/fib_rules.h b/include/linux/fib_rules.h
 index 8270aac..2bbfa87 100644
 --- a/include/linux/fib_rules.h
 +++ b/include/linux/fib_rules.h
 @@ -5,8 +5,11 @@
  #include linux/rtnetlink.h
  
  /* rule is permanent, and cannot be deleted */
 -#define FIB_RULE_PERMANENT   1
 -#define FIB_RULE_INVERT  2
 +#define FIB_RULE_PERMANENT   0x0001
 +#define FIB_RULE_INVERT  0x0002
 +
 +/* try to find source address in routing lookups */
 +#define  FIB_RULE_FIND_SADDR 0x0001
  
  struct fib_rule_hdr
  {

This chunk won't apply to latest net-2.6.22, I've added two more
flags yesterday.
-
To unsubscribe from this list: send the line unsubscribe netdev in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH net-2.6.22] [IPV6] FIB6RULE: Find source address during looking up route.

2007-03-27 Thread YOSHIFUJI Hideaki / 吉藤英明

In article [EMAIL PROTECTED] (at Tue, 27 Mar 2007 16:25:19 +0200), Thomas 
Graf [EMAIL PROTECTED] says:

 * YOSHIFUJI Hideaki / ?$B5HF#1QL@ [EMAIL PROTECTED] 2007-03-27 22:45
  When looking up route for destination with rules with
  source address restrictions, we may need to find a source
  address for the traffic if not given.
 
 Out of curiosity, what sort of rules would have this flag set?
 The majority of lookups don't provide a valid source address.
 This new address search could become very expensive, because
 none of the results are cached.

This flags is used for Mobile IPv6.

Well, for non-connected sockets on hosts, yes,
the process might not be light-weight.
But, on routers, or once the socket is connected,
source address should be always set.

 This chunk won't apply to latest net-2.6.22, I've added two more
 flags yesterday.

Oops,... I'll send rebased version...

--yoshfuji
-
To unsubscribe from this list: send the line unsubscribe netdev in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH net-2.6.22] [IPV6] FIB6RULE: Find source address during looking up route.

2007-03-27 Thread Noriaki TAKAMIYA

Hi,

 Wed, 28 Mar 2007 12:49:40 +0900 (JST)
 [Subject: Re: [PATCH net-2.6.22] [IPV6] FIB6RULE: Find source address during 
 looking up route.]
 YOSHIFUJI Hideaki / 吉藤英明 [EMAIL PROTECTED] wrote...

  Out of curiosity, what sort of rules would have this flag set?
  The majority of lookups don't provide a valid source address.
  This new address search could become very expensive, because
  none of the results are cached.
 
 This flags is used for Mobile IPv6.
 
 Well, for non-connected sockets on hosts, yes,
 the process might not be light-weight.
 But, on routers, or once the socket is connected,
 source address should be always set.

  Even if you set the rule which has the condition regarding as the
  source address, this rule is not selected for the first packet
  because the source address is not chosen yet.

  This fix is required to do source address based routing using
  fib6_rules.

#Even if the same routing with subtrees, the same problem is caused.

  Regards,

--
Noriaki TAKAMIYA
-
To unsubscribe from this list: send the line unsubscribe netdev in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH net-2.6.22] [IPV6] FIB6RULE: Find source address during looking up route.

Re: [PATCH net-2.6.22] [IPV6] FIB6RULE: Find source address during looking up route.

Re: [PATCH net-2.6.22] [IPV6] FIB6RULE: Find source address during looking up route.

Re: [PATCH net-2.6.22] [IPV6] FIB6RULE: Find source address during looking up route.

4 matches

Site Navigation

Mail list logo

Footer information