On Fri, 27 Apr 2018 13:59:07 -0400 (EDT)
David Miller <da...@davemloft.net> wrote:
> From: Ahmed Abdelsalam <amsala...@gmail.com>
> Date: Thu, 26 Apr 2018 16:11:11 +0200
>
> > @@ -119,6 +119,9 @@ int seg6_do_srh_encap(struct sk_buff *skb, struct
> > ipv6_sr_
00 00 00 00 00 00 00 00 00 00 b2 00 00
0020: 00 00 00 00 00 00 00 00 00 00 00 02 fc 00 00 a1
0030: 00 00 00 00 00 00 00 00 00 00 00 0a
Signed-off-by: Ahmed Abdelsalam <amsala...@gmail.com>
---
net/ipv6/seg6_iptunnel.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --gi
On Tue, 8 May 2018 14:36:32 +0200
Pablo Neira Ayuso <pa...@netfilter.org> wrote:
> On Wed, Apr 25, 2018 at 05:30:47AM -0500, Ahmed Abdelsalam wrote:
> > This patch extends the libip6t_srh shared library to support matching
> > previous SID, next SID, and last SID.
On Wed, 25 Apr 2018 13:03:04 -0400 (EDT)
David Miller <da...@davemloft.net> wrote:
> From: Ahmed Abdelsalam <amsala...@gmail.com>
> Date: Tue, 24 Apr 2018 20:23:16 +0200
>
> > ECMP (equal-cost multipath) hashes are typically computed on the packets'
> > 5-tuple(s
This patch adds a new exetension to iptables to supprt 'srh' match
The implementation considers revision 7 of the SRH draft.
https://tools.ietf.org/html/draft-ietf-6man-segment-routing-header-07
Signed-off-by: Ahmed Abdelsalam <amsala...@gmail.com>
---
extensions/libip6t
Left
(4) Last Entry
(5) Tag value of SRH
Signed-off-by: Ahmed Abdelsalam <amsala...@gmail.com>
---
include/uapi/linux/netfilter_ipv6/ip6t_srh.h | 63 ++
net/ipv6/netfilter/Kconfig | 9 ++
net/ipv6/netfilter/Makefile | 1 +
net/ipv6/netfilter/ip6t
On Thu, 04 Jan 2018 13:37:33 -0500 (EST)
David Miller <da...@davemloft.net> wrote:
> From: Ahmed Abdelsalam <amsala...@gmail.com>
> Date: Sat, 30 Dec 2017 00:08:32 +0100
>
> > Some functions of seg6local are very useful to process SRv6
> > encapsulated packets
On Sun, 7 Jan 2018 00:40:03 +0100
Pablo Neira Ayuso <pa...@netfilter.org> wrote:
> Hi Ahmed,
>
> On Fri, Dec 29, 2017 at 12:07:52PM +0100, Ahmed Abdelsalam wrote:
> > It allows matching packets based on Segment Routing Header
> > (SRH) information.
> > The im
Left
(4) Last Entry
(5) Tag value of SRH
Signed-off-by: Ahmed Abdelsalam <amsala...@gmail.com>
---
include/uapi/linux/netfilter_ipv6/ip6t_srh.h | 57 ++
net/ipv6/netfilter/Kconfig | 9 ++
net/ipv6/netfilter/Makefile | 1 +
net/ipv6/netfilter/ip6t
On Wed, 10 Jan 2018 16:32:24 +0100
Pablo Neira Ayuso <pa...@netfilter.org> wrote:
> On Fri, Dec 29, 2017 at 12:08:25PM +0100, Ahmed Abdelsalam wrote:
> > This patch adds a new exetension to iptables to supprt 'srh' match
> > The implementation considers revision 7 of the
-clad-spring-segment-routing-service-chaining-00
Signed-off-by: Ahmed Abdelsalam <amsala...@gmail.com>
---
include/uapi/linux/netfilter_ipv6/ip6t_SEG6.h | 18
net/ipv6/netfilter/ip6t_SEG6.c| 113 ++
2 files changed, 131 insertions(+)
create mode
()
(3) seg6_lookup_nexthop
Signed-off-by: Ahmed Abdelsalam <amsala...@gmail.com>
---
include/net/seg6.h| 5 +
net/ipv6/seg6_local.c | 37 -
2 files changed, 25 insertions(+), 17 deletions(-)
diff --git a/include/net/seg6.h b/include/net/seg6.h
This patch adds a new exetension to iptables to supprt IPv6
segment routing 'SEG6' target.
Signed-off-by: Ahmed Abdelsalam <amsala...@gmail.com>
---
extensions/libip6t_SEG6.c| 122 +++
include/linux/netfilter_ipv6/ip6t_SEG6.h | 17 +
2
This patch adds a new option CONFIG_IP6_NF_TARGET_SEG6 to
enable/disable support of iptables SEG6 target.
Signed-off-by: Ahmed Abdelsalam <amsala...@gmail.com>
---
net/ipv6/netfilter/Kconfig | 12
net/ipv6/netfilter/Makefile | 1 +
2 files changed, 13 insertions(+)
diff
This patch adds some test cases for 'SEG6' target.
Signed-off-by: Ahmed Abdelsalam <amsala...@gmail.com>
---
extensions/libip6t_SEG6.t | 5 +
1 file changed, 5 insertions(+)
create mode 100644 extensions/libip6t_SEG6.t
diff --git a/extensions/libip6t_SEG6.t b/extensions/libip6t_SEG6
On Fri, 29 Dec 2017 12:07:52 +0100
Ahmed Abdelsalam <amsala...@gmail.com> wrote:
> It allows matching packets based on Segment Routing Header
> (SRH) information.
> The implementation considers revision 7 of the SRH draft.
> https://tools.ietf.org/html/draft-ietf-6man-segment
) seg6_lookup_nexthop
Signed-off-by: Ahmed Abdelsalam <amsala...@gmail.com>
---
Functions names are prefixed with seg6_
include/net/seg6.h| 5 +
net/ipv6/seg6_local.c | 37 -
2 files changed, 25 insertions(+), 17 deletions(-)
diff --git a/include/net/seg6.h b/i
end trace 71af7d093603885c ]---
Fixes: 8936ef7604c11 ipv6: sr: fix NULL pointer dereference when setting encap
source address
Signed-off-by: Ahmed Abdelsalam <amsala...@gmail.com>
---
I tested the patch for IPv6 and IPv4 traffic
net/ipv6/seg6_iptunnel.c | 2 +-
1 file changed, 1 insertion(+), 1 de
On Fri, 20 Apr 2018 15:38:08 +0100
David Lebrun <dav.leb...@gmail.com> wrote:
> On 04/20/2018 02:58 PM, Ahmed Abdelsalam wrote:
> > In case of seg6 in encap mode, seg6_do_srh_encap() calls set_tun_src()
> > in order to set the src addr of outer IPv6 header.
> >
>
On Tue, 24 Apr 2018 13:16:50 -0400 (EDT)
David Miller <da...@davemloft.net> wrote:
> From: Ahmed Abdelsalam <amsala...@gmail.com>
> Date: Mon, 23 Apr 2018 23:36:59 +0200
>
> > This patch adds a per namespace sysctl, named 'seg6_flowlabel', to be used
> >
nd L2 traffic.
Signed-off-by: Ahmed Abdelsalam <amsala...@gmail.com>
---
include/net/netns/ipv6.h | 1 +
net/ipv6/seg6_iptunnel.c | 24 ++--
net/ipv6/sysctl_net_ipv6.c | 8
3 files changed, 31 insertions(+), 2 deletions(-)
diff --git a/include/net/netns/ipv6.
On Tue, 24 Apr 2018 19:59:55 +0200
Ahmed Abdelsalam <amsala...@gmail.com> wrote:
> This patch has been tested for IPv6, IPv4, and L2 traffic.
>
> Signed-off-by: Ahmed Abdelsalam <amsala...@gmail.com>
> ---
> include/net/netns/ipv6.h | 1 +
> n
affic.
Signed-off-by: Ahmed Abdelsalam <amsala...@gmail.com>
---
include/net/netns/ipv6.h | 1 +
net/ipv6/seg6_iptunnel.c | 24 ++--
net/ipv6/sysctl_net_ipv6.c | 8
3 files changed, 31 insertions(+), 2 deletions(-)
diff --git a/include/net/netns/ipv6.h b/
This patch extends the libip6t_srh shared library to support matching
previous SID, next SID, and last SID.
Signed-off-by: Ahmed Abdelsalam <amsala...@gmail.com>
---
extensions/libip6t_srh.c| 287 ++--
include/linux/netfilter_ipv6/ip6t_srh.h
previous SID, next SID,
and last SID.
Signed-off-by: Ahmed Abdelsalam <amsala...@gmail.com>
---
include/uapi/linux/netfilter_ipv6/ip6t_srh.h | 43 ++-
net/ipv6/netfilter/ip6t_srh.c| 173 +--
2 files changed, 205 insertions(+), 11 deletions(-)
diff
On Sun, 22 Apr 2018 21:06:04 -0400 (EDT)
David Miller <da...@davemloft.net> wrote:
> From: Ahmed Abdelsalam <amsala...@gmail.com>
> Date: Fri, 20 Apr 2018 15:58:05 +0200
>
> > In case of seg6 in encap mode, seg6_do_srh_encap() calls set_tun_src()
> > in order
This patch adds some test-cases to "libip6t_srh.t" for matching previous SID,
next SID, and last SID.
Signed-off-by: Ahmed Abdelsalam <amsala...@gmail.com>
---
extensions/libip6t_srh.t | 4
1 file changed, 4 insertions(+)
diff --git a/extensions/libip6t_srh.t b/extensio
This patch extends the libip6t_srh shared library to support matching
previous SID, next SID, and last SID.
Signed-off-by: Ahmed Abdelsalam <amsala...@gmail.com>
---
extensions/libip6t_srh.c| 65 -
include/linux/netfilter_ipv6/ip6t_srh.
previous SID, next SID, and
last SID.
Signed-off-by: Ahmed Abdelsalam <amsala...@gmail.com>
---
include/uapi/linux/netfilter_ipv6/ip6t_srh.h | 22 +--
net/ipv6/netfilter/ip6t_srh.c| 41 +++-
2 files changed, 60 insertions(+), 3 deletions(-)
On Mon, 23 Apr 2018 22:08:44 +0200
Florian Westphal <f...@strlen.de> wrote:
> Ahmed Abdelsalam <amsala...@gmail.com> wrote:
> > > > @@ -50,6 +62,12 @@ struct ip6t_srh {
> > > > __u8segs_left;
> > > > __u8
IPv6 (0 for IPv4/L2)
1 Compute the flowlabel using seg6_make_flowlabel()
Signed-off-by: Ahmed Abdelsalam <amsala...@gmail.com>
---
include/net/netns/ipv6.h | 1 +
net/ipv6/sysctl_net_ipv6.c | 8
2 files changed, 9 insertions(+)
diff --git a/include/net/netns/ipv6.h b/inclu
"seg6_flowlabel"
sysctl value.
This patch has been tested for IPv6, IPv4, and L2 traffic.
Signed-off-by: Ahmed Abdelsalam <amsala...@gmail.com>
---
net/ipv6/seg6_iptunnel.c | 24 ++--
1 file changed, 22 insertions(+), 2 deletions(-)
diff --git a/net/ipv6/seg6_iptun
On Mon, 23 Apr 2018 19:30:47 +0200
Pablo Neira Ayuso <pa...@netfilter.org> wrote:
> On Mon, Apr 23, 2018 at 05:48:22AM -0500, Ahmed Abdelsalam wrote:
> > Signed-off-by: Ahmed Abdelsalam <amsala...@gmail.com>
> > ---
> > include/uapi/linux/netfilter_ipv6/ip6t_sr
) IPv6 traffic: src_IP, dst_IP, L4 proto, and flowlabel of inner packet.
2) IPv4 traffic: src_IP, dst_IP, L4 proto, src_port, and dst_port
3) L2 traffic: depends on what kind of traffic carried into the L2
frame. IPv6 and IPv4 traffic works as discussed 1) and 2)
Signed-off-by: Ahmed Abdelsalam
00 00 00 00 00 00 00 00 00 00 b2 00 00
0020: 00 00 00 00 00 00 00 00 00 00 00 02 fc 00 00 a1
0030: 00 00 00 00 00 00 00 00 00 00 00 0a
Signed-off-by: Ahmed Abdelsalam
---
net/ipv6/seg6_iptunnel.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/ipv6/seg6_iptunnel.c
On Fri, 27 Apr 2018 13:59:07 -0400 (EDT)
David Miller wrote:
> From: Ahmed Abdelsalam
> Date: Thu, 26 Apr 2018 16:11:11 +0200
>
> > @@ -119,6 +119,9 @@ int seg6_do_srh_encap(struct sk_buff *skb, struct
> > ipv6_sr_hdr *osrh, int proto)
> > int hdrlen, t
On Wed, 25 Apr 2018 13:03:04 -0400 (EDT)
David Miller wrote:
> From: Ahmed Abdelsalam
> Date: Tue, 24 Apr 2018 20:23:16 +0200
>
> > ECMP (equal-cost multipath) hashes are typically computed on the packets'
> > 5-tuple(src IP, dst IP, src port, dst port, L4 proto).
>
) IPv6 traffic: src_IP, dst_IP, L4 proto, and flowlabel of inner packet.
2) IPv4 traffic: src_IP, dst_IP, L4 proto, src_port, and dst_port
3) L2 traffic: depends on what kind of traffic carried into the L2
frame. IPv6 and IPv4 traffic works as discussed 1) and 2)
Signed-off-by: Ahmed Abdelsalam
On Tue, 8 May 2018 14:36:32 +0200
Pablo Neira Ayuso wrote:
> On Wed, Apr 25, 2018 at 05:30:47AM -0500, Ahmed Abdelsalam wrote:
> > This patch extends the libip6t_srh shared library to support matching
> > previous SID, next SID, and last SID.
>
> Applied, thanks.
>
&
On Sun, 7 Jan 2018 00:40:03 +0100
Pablo Neira Ayuso wrote:
> Hi Ahmed,
>
> On Fri, Dec 29, 2017 at 12:07:52PM +0100, Ahmed Abdelsalam wrote:
> > It allows matching packets based on Segment Routing Header
> > (SRH) information.
> > The implementation considers
Left
(4) Last Entry
(5) Tag value of SRH
Signed-off-by: Ahmed Abdelsalam
---
include/uapi/linux/netfilter_ipv6/ip6t_srh.h | 57 ++
net/ipv6/netfilter/Kconfig | 9 ++
net/ipv6/netfilter/Makefile | 1 +
net/ipv6/netfilter/ip6t_srh.c| 161
On Wed, 10 Jan 2018 16:32:24 +0100
Pablo Neira Ayuso wrote:
> On Fri, Dec 29, 2017 at 12:08:25PM +0100, Ahmed Abdelsalam wrote:
> > This patch adds a new exetension to iptables to supprt 'srh' match
> > The implementation considers revision 7 of the SRH draft.
> > https:
On Thu, 04 Jan 2018 13:37:33 -0500 (EST)
David Miller wrote:
> From: Ahmed Abdelsalam
> Date: Sat, 30 Dec 2017 00:08:32 +0100
>
> > Some functions of seg6local are very useful to process SRv6
> > encapsulated packets
> >
> > This patch exports some funct
This patch adds a new exetension to iptables to supprt 'srh' match
The implementation considers revision 7 of the SRH draft.
https://tools.ietf.org/html/draft-ietf-6man-segment-routing-header-07
Signed-off-by: Ahmed Abdelsalam
---
extensions/libip6t_srh.c| 283
Left
(4) Last Entry
(5) Tag value of SRH
Signed-off-by: Ahmed Abdelsalam
---
include/uapi/linux/netfilter_ipv6/ip6t_srh.h | 63 ++
net/ipv6/netfilter/Kconfig | 9 ++
net/ipv6/netfilter/Makefile | 1 +
net/ipv6/netfilter/ip6t_srh.c| 165
end trace 71af7d093603885c ]---
Fixes: 8936ef7604c11 ipv6: sr: fix NULL pointer dereference when setting encap
source address
Signed-off-by: Ahmed Abdelsalam
---
I tested the patch for IPv6 and IPv4 traffic
net/ipv6/seg6_iptunnel.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a
On Fri, 20 Apr 2018 15:38:08 +0100
David Lebrun wrote:
> On 04/20/2018 02:58 PM, Ahmed Abdelsalam wrote:
> > In case of seg6 in encap mode, seg6_do_srh_encap() calls set_tun_src()
> > in order to set the src addr of outer IPv6 header.
> >
> > The net_device
On Sun, 22 Apr 2018 21:06:04 -0400 (EDT)
David Miller wrote:
> From: Ahmed Abdelsalam
> Date: Fri, 20 Apr 2018 15:58:05 +0200
>
> > In case of seg6 in encap mode, seg6_do_srh_encap() calls set_tun_src()
> > in order to set the src addr of outer IPv6 header.
> >
>
This patch adds some test-cases to "libip6t_srh.t" for matching previous SID,
next SID, and last SID.
Signed-off-by: Ahmed Abdelsalam
---
extensions/libip6t_srh.t | 4
1 file changed, 4 insertions(+)
diff --git a/extensions/libip6t_srh.t b/extensions/libip6t_srh.t
index 08897d
This patch extends the libip6t_srh shared library to support matching
previous SID, next SID, and last SID.
Signed-off-by: Ahmed Abdelsalam
---
extensions/libip6t_srh.c| 65 -
include/linux/netfilter_ipv6/ip6t_srh.h | 22 ++-
2 files
previous SID, next SID, and
last SID.
Signed-off-by: Ahmed Abdelsalam
---
include/uapi/linux/netfilter_ipv6/ip6t_srh.h | 22 +--
net/ipv6/netfilter/ip6t_srh.c| 41 +++-
2 files changed, 60 insertions(+), 3 deletions(-)
diff --git a/include/uapi
On Mon, 23 Apr 2018 19:30:47 +0200
Pablo Neira Ayuso wrote:
> On Mon, Apr 23, 2018 at 05:48:22AM -0500, Ahmed Abdelsalam wrote:
> > Signed-off-by: Ahmed Abdelsalam
> > ---
> > include/uapi/linux/netfilter_ipv6/ip6t_srh.h | 22 +--
> > ne
On Mon, 23 Apr 2018 22:08:44 +0200
Florian Westphal wrote:
> Ahmed Abdelsalam wrote:
> > > > @@ -50,6 +62,12 @@ struct ip6t_srh {
> > > > __u8segs_left;
> > > > __u8last_entry;
>
IPv6 (0 for IPv4/L2)
1 Compute the flowlabel using seg6_make_flowlabel()
Signed-off-by: Ahmed Abdelsalam
---
include/net/netns/ipv6.h | 1 +
net/ipv6/sysctl_net_ipv6.c | 8
2 files changed, 9 insertions(+)
diff --git a/include/net/netns/ipv6.h b/include/net/netns/ipv6.h
index
"seg6_flowlabel"
sysctl value.
This patch has been tested for IPv6, IPv4, and L2 traffic.
Signed-off-by: Ahmed Abdelsalam
---
net/ipv6/seg6_iptunnel.c | 24 ++--
1 file changed, 22 insertions(+), 2 deletions(-)
diff --git a/net/ipv6/seg6_iptunnel.c b/net/ipv6/seg6_iptunn
On Tue, 24 Apr 2018 13:16:50 -0400 (EDT)
David Miller wrote:
> From: Ahmed Abdelsalam
> Date: Mon, 23 Apr 2018 23:36:59 +0200
>
> > This patch adds a per namespace sysctl, named 'seg6_flowlabel', to be used
> > by seg6_do_srh_encap() to control the behaviour of setting th
nd L2 traffic.
Signed-off-by: Ahmed Abdelsalam
---
include/net/netns/ipv6.h | 1 +
net/ipv6/seg6_iptunnel.c | 24 ++--
net/ipv6/sysctl_net_ipv6.c | 8
3 files changed, 31 insertions(+), 2 deletions(-)
diff --git a/include/net/netns/ipv6.h b/include/net/netns/ipv6.h
affic.
Signed-off-by: Ahmed Abdelsalam
---
include/net/netns/ipv6.h | 1 +
net/ipv6/seg6_iptunnel.c | 24 ++--
net/ipv6/sysctl_net_ipv6.c | 8
3 files changed, 31 insertions(+), 2 deletions(-)
diff --git a/include/net/netns/ipv6.h b/include/net/netns/ipv6.h
On Tue, 24 Apr 2018 19:59:55 +0200
Ahmed Abdelsalam wrote:
> This patch has been tested for IPv6, IPv4, and L2 traffic.
>
> Signed-off-by: Ahmed Abdelsalam
> ---
> include/net/netns/ipv6.h | 1 +
> net/ipv6/seg6_iptunnel.c | 24 ++--
> net/ipv6/s
previous SID, next SID,
and last SID.
Signed-off-by: Ahmed Abdelsalam
---
include/uapi/linux/netfilter_ipv6/ip6t_srh.h | 43 ++-
net/ipv6/netfilter/ip6t_srh.c| 173 +--
2 files changed, 205 insertions(+), 11 deletions(-)
diff --git a/include/uapi/linux
This patch extends the libip6t_srh shared library to support matching
previous SID, next SID, and last SID.
Signed-off-by: Ahmed Abdelsalam
---
extensions/libip6t_srh.c| 287 ++--
include/linux/netfilter_ipv6/ip6t_srh.h | 43 -
2 files changed
()
(3) seg6_lookup_nexthop
Signed-off-by: Ahmed Abdelsalam
---
include/net/seg6.h| 5 +
net/ipv6/seg6_local.c | 37 -
2 files changed, 25 insertions(+), 17 deletions(-)
diff --git a/include/net/seg6.h b/include/net/seg6.h
index 099bad5..b637778 100644
-clad-spring-segment-routing-service-chaining-00
Signed-off-by: Ahmed Abdelsalam
---
include/uapi/linux/netfilter_ipv6/ip6t_SEG6.h | 18
net/ipv6/netfilter/ip6t_SEG6.c| 113 ++
2 files changed, 131 insertions(+)
create mode 100644 include/uapi/linux
This patch adds some test cases for 'SEG6' target.
Signed-off-by: Ahmed Abdelsalam
---
extensions/libip6t_SEG6.t | 5 +
1 file changed, 5 insertions(+)
create mode 100644 extensions/libip6t_SEG6.t
diff --git a/extensions/libip6t_SEG6.t b/extensions/libip6t_SEG6.t
new file mode 100644
This patch adds a new exetension to iptables to supprt IPv6
segment routing 'SEG6' target.
Signed-off-by: Ahmed Abdelsalam
---
extensions/libip6t_SEG6.c| 122 +++
include/linux/netfilter_ipv6/ip6t_SEG6.h | 17 +
2 files changed, 139 insertions
This patch adds a new option CONFIG_IP6_NF_TARGET_SEG6 to
enable/disable support of iptables SEG6 target.
Signed-off-by: Ahmed Abdelsalam
---
net/ipv6/netfilter/Kconfig | 12
net/ipv6/netfilter/Makefile | 1 +
2 files changed, 13 insertions(+)
diff --git a/net/ipv6/netfilter
On Fri, 29 Dec 2017 12:07:52 +0100
Ahmed Abdelsalam wrote:
> It allows matching packets based on Segment Routing Header
> (SRH) information.
> The implementation considers revision 7 of the SRH draft.
> https://tools.ietf.org/html/draft-ietf-6man-segment-routing-header-07
&g
) seg6_lookup_nexthop
Signed-off-by: Ahmed Abdelsalam
---
Functions names are prefixed with seg6_
include/net/seg6.h| 5 +
net/ipv6/seg6_local.c | 37 -
2 files changed, 25 insertions(+), 17 deletions(-)
diff --git a/include/net/seg6.h b/include/net/seg6.h
index
This patch allows copying the DSCP from inner IPv4 header to the
outer IPv6 header, when doing SRv6 Encapsulation.
This allows forwarding packet across the SRv6 fabric based on their
original traffic class.
Signed-off-by: Ahmed Abdelsalam
---
net/ipv6/seg6_iptunnel.c | 36
The problem was the declaration of tos.
Fixed and new patch is sent.
On 03/08/2020 21:48, Jakub Kicinski wrote:
On Mon, 3 Aug 2020 18:14:17 + Ahmed Abdelsalam wrote:
This patch allows copying the DSCP from inner IPv4 header to the
outer IPv6 header, when doing SRv6 Encapsulation
]
https://www.cisco.com/c/en/us/td/docs/routers/asr9000/software/asr9k-r6-6/segment-routing/configuration/guide/b-segment-routing-cg-asr9000-66x/b-segment-routing-cg-asr9000-66x_chapter_011.html#id_94209
On 06/08/2020 02:40, David Miller wrote:
From: Ahmed Abdelsalam
Date: Tue, 4 Aug 2020 07:40
On 26/08/2020 02:45, David Ahern wrote:
On 8/25/20 5:45 PM, Ahmed Abdelsalam wrote:
Hi David
The seg6 encap is implemented through the seg6_lwt rather than
seg6_local_lwt.
ok. I don't know the seg6 code; just taking a guess from a quick look.
We can add a flag(SEG6_IPTUNNEL_DSCP
On 26/08/2020 21:41, David Ahern wrote:
On 8/26/20 6:12 AM, Ahmed Abdelsalam wrote:
On 26/08/2020 02:45, David Ahern wrote:
On 8/25/20 5:45 PM, Ahmed Abdelsalam wrote:
Hi David
The seg6 encap is implemented through the seg6_lwt rather than
seg6_local_lwt.
ok. I don't know the seg6
This patch allows copying the DSCP from inner IPv4 header to the
outer IPv6 header, when doing SRv6 Encapsulation.
This allows forwarding packet across the SRv6 fabric based on their
original traffic class.
Signed-off-by: Ahmed Abdelsalam
---
net/ipv6/seg6_iptunnel.c | 37
This patch allows copying the DSCP from inner IPv4 header to the
outer IPv6 header, when doing SRv6 Encapsulation.
This allows forwarding packet across the SRv6 fabric based on their
original traffic class.
Signed-off-by: Ahmed Abdelsalam
---
net/ipv6/seg6_iptunnel.c | 36
ired for using link local addresses,
> > so this change breaks perfectly legitimate configurations.
> >
> > Can we instead only warn about the missing OIF, and only do that when
> > nh is link local?
> >
> End.X is defined as an adjacency-sid and is used to select a specific link to
> a
> neighbor for both global and link-local addresses. The intention was
> to drop the
> packet even for global addresses if the route via the specific
> interface is not found.
> Alternatively(believe semantically correct for End.X definition) I
> could do a neighbor lookup
> for nexthop address over specific interface and send the packet out.
>
> > Also doesn't SEG6_LOCAL_ACTION_END_DX6 need a similar treatment?
>
> Yes. I will update the patch for End.DX6 based on the patch finalized for
> End.X.
--
Ahmed Abdelsalam
We are submitting the patch for End.DT4. End.DX4 is already there.
So the optional parameter and OIF applies directly to End.X/End.DX6/End.DX4.
On Tue, 20 Oct 2020 11:28:29 +0200
Ahmed Abdelsalam wrote:
> Jakub, Reji,
>
> Andrea (CC'ed) and I have been working on a patch that co
On Tue, 20 Oct 2020 18:05:47 +0530
Reji Thomas wrote:
> Hi Ahmed,
>
>
> On Tue, Oct 20, 2020 at 3:04 PM Ahmed Abdelsalam
> wrote:
> >
> > We are submitting the patch for End.DT4. End.DX4 is already there.
> >
> > So the optional parameter and OIF ap
On 25/08/2020 03:11, David Miller wrote:
From: Ahmed Abdelsalam
Date: Mon, 24 Aug 2020 08:51:24 +
This patch allows copying the DSCP from inner IPv4 header to the
outer IPv6 header, when doing SRv6 Encapsulation.
This allows forwarding packet across the SRv6 fabric based
this feature.
Signed-off-by: Ahmed Abdelsalam
---
include/net/netns/ipv6.h | 1 +
net/ipv6/seg6_iptunnel.c | 37 -
net/ipv6/sysctl_net_ipv6.c | 9 +
3 files changed, 30 insertions(+), 17 deletions(-)
diff --git a/include/net/netns/ipv6.h b/include
This patch adds a documentation for seg6_inherit_inner_ipv4_dscp
sysctl into Documentation/networking/ip-sysctl.rst
Signed-off-by: Ahmed Abdelsalam
---
Documentation/networking/ip-sysctl.rst | 5 +
1 file changed, 5 insertions(+)
diff --git a/Documentation/networking/ip-sysctl.rst
b
This patch adds a documentation for seg6_inherit_inner_ipv4_dscp
sysctl into Documentation/networking/ip-sysctl.rst
Signed-off-by: Ahmed Abdelsalam
---
Documentation/networking/ip-sysctl.rst | 5 +
1 file changed, 5 insertions(+)
diff --git a/Documentation/networking/ip-sysctl.rst
b
On 25/08/2020 17:51, Jakub Kicinski wrote:
On Tue, 25 Aug 2020 12:18:44 + Ahmed Abdelsalam wrote:
+ Enable the SRv6 encapsulation to inherit the DSCP value of the inner
IPv4 packet.
+
+ Default: FALSE (Do not inherit DSCP)
+
``conf/default/*``:
Change the interface
this feature.
Signed-off-by: Ahmed Abdelsalam
---
include/net/netns/ipv6.h | 1 +
net/ipv6/seg6_iptunnel.c | 37 -
net/ipv6/sysctl_net_ipv6.c | 9 +
3 files changed, 30 insertions(+), 17 deletions(-)
diff --git a/include/net/netns/ipv6.h b/include
On 25/08/2020 18:45, David Ahern wrote:
On 8/25/20 10:02 AM, Ahmed Abdelsalam wrote:
This patch allows SRv6 encapsulation to inherit the DSCP value of
the inner IPv4 packet.
This allows forwarding packet across the SRv6 fabric based on their
original traffic class.
The option is controlled
Hi David,
Sorry for the late reply. I'm on PTO with limited email access.
I will revise the patch in the next weeks and make outer IPv6 header
inherit Hop limit from Inner packet for the IPv6 case.
Ahmed
On 08/08/2020 02:43, David Miller wrote:
From: Ahmed Abdelsalam
Date: Thu, 6 Aug
() to validate the SRH as per RFC8754.
Signed-off-by: Ahmed Abdelsalam
---
net/ipv6/seg6.c | 8 +++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/net/ipv6/seg6.c b/net/ipv6/seg6.c
index 4c7e0a27fa9c..e37d2b34cacc 100644
--- a/net/ipv6/seg6.c
+++ b/net/ipv6/seg6.c
@@ -28,6 +28,7 @@
bool
I will refactor the code of this function and submit a new patch.
Ahmed
On 31/07/2020 01:44, David Miller wrote:
From: Ahmed Abdelsalam
Date: Tue, 28 Jul 2020 12:20:44 +
This patch allows copying the DSCP from inner IPv4 header to the
outer IPv6 header, when doing SRv6 Encapsulation
This patch allows copying the DSCP from inner IPv4 header to the
outer IPv6 header, when doing SRv6 Encapsulation.
This allows forwarding packet across the SRv6 fabric based on their
original traffic class.
Signed-off-by: Ahmed Abdelsalam
---
net/ipv6/seg6_iptunnel.c | 11 ++-
1 file
-by: syzbot+e8c028b62439eac42...@syzkaller.appspotmail.com
Reported-by: YueHaibing
Fixes: 0cb7498f234e ("seg6: fix SRH processing to comply with RFC8754")
Signed-off-by: Ahmed Abdelsalam
---
include/net/seg6.h | 2 +-
net/core/filter.c| 2 +-
net/ipv6/ipv6_sockglue.c | 2 +-
90 matches
Mail list logo
