es: 664d6f86868b ("seg6: add support for the SRv6 End.DT4 behavior")
Fixes: 20a081b7984c ("seg6: add VRF support for SRv6 End.DT6 behavior")
Signed-off-by: Andrea Mayer
---
include/uapi/linux/seg6_local.h | 10
net/ipv6/seg6_local.c | 89 ++
Hi Jakub,
thanks for your review.
On Mon, 14 Dec 2020 20:57:40 -0800
Jakub Kicinski wrote:
> >
> > - At compile time we verify that the total number of attributes does not
> >exceed the fixed value of 64. Otherwise, kernel build fails forcing
> >developers to reconsider adding a new
Hi Jakub,
On Tue, 10 Nov 2020 14:50:45 -0800
Jakub Kicinski wrote:
> On Sat, 7 Nov 2020 16:31:35 +0100 Andrea Mayer wrote:
> > Before this patch, a sniffer attached to a VRF used as the receiving
> > interface of L3 tunneled packets detects them as malformed packets and
> &g
Hi Jakub,
many thanks for your review. Please see my responses inline:
On Tue, 10 Nov 2020 14:50:21 -0800
Jakub Kicinski wrote:
> On Sat, 7 Nov 2020 16:31:36 +0100 Andrea Mayer wrote:
> > Depending on the attribute (i.e.: SEG6_LOCAL_SRH, SEG6_LOCAL_TABLE, etc),
> > the p
Hi Jakub,
many thanks for your review. Please see my responses inline:
On Tue, 10 Nov 2020 14:56:55 -0800
Jakub Kicinski wrote:
> On Sat, 7 Nov 2020 16:31:37 +0100 Andrea Mayer wrote:
> > We introduce two callbacks used for customizing the creation/destruction of
> >
Hi Jakub,
many thanks for your review. Please see my responses inline:
On Tue, 10 Nov 2020 15:12:55 -0800
Jakub Kicinski wrote:
> On Sat, 7 Nov 2020 16:31:38 +0100 Andrea Mayer wrote:
> > SRv6 End.DT4 is defined in the SRv6 Network Programming [1].
> >
> > The
Hi Jakub,
On Fri, 13 Nov 2020 13:40:10 -0800
Jakub Kicinski wrote:
> On Fri, 13 Nov 2020 11:40:36 -0800 Jakub Kicinski wrote:
> > > agreed. The v6 variant has existed for a while. The v4 version is
> > > independent.
> >
> > Okay, I'm not sure what's the right call so I asked DaveM.
>
>
Hi Jakub,
Please see my responses inline:
On Fri, 13 Nov 2020 15:54:37 -0800
Jakub Kicinski wrote:
> On Sat, 14 Nov 2020 00:00:24 +0100 Andrea Mayer wrote:
> > On Fri, 13 Nov 2020 13:40:10 -0800
> > Jakub Kicinski wrote:
> >
> > I can tackle the v6 version but how d
Hi Jakub,
On Fri, 13 Nov 2020 18:01:26 -0800
Jakub Kicinski wrote:
> > UAPI solution 2
> >
> > we turn "table" into an optional parameter and we add the "vrftable"
> > optional
> > parameter. DT4 can only be used with the "vrftable" (hence it is a required
> > parameter for DT4).
> > DT6 can
that adds support for the SRv6 End.DT4 behavior;
- Patch 4/4 adds the selftest for SRv6 End.DT4.
I would like to thank David Ahern for his support during the development of
this patch set.
Comments, suggestions and improvements are very welcome!
Thanks,
Andrea Mayer
[1] https://tools.ietf.org/html
during its initialization phase and after all the attributes
have been successfully parsed;
- destroy_state(...): used for calling the custom destructor of the
behavior before it is completely destroyed.
Signed-off-by: Andrea Mayer
---
net/ipv6/seg6_local.c | 57
is not set.
In this case, the mac address of the VRF is copied in both the
destination and the source address of the ethernet header. The protocol
type is set either to IPv4 or IPv6, depending on which L3 packet is
received.
Signed-off-by: Andrea Mayer
---
drivers/net/vrf.c | 78
-with-srv6
[3] https://patchwork.ozlabs.org/patch/799837/
Signed-off-by: Andrea Mayer
---
net/ipv6/seg6_local.c | 204 ++
1 file changed, 204 insertions(+)
diff --git a/net/ipv6/seg6_local.c b/net/ipv6/seg6_local.c
index f70687e1b8a9..d47b76581dfa 100644
--- a/net
this selftest is designed for evaluating the new SRv6 End.DT4 behavior
used, in this example, for implementing IPv4 L3 VPN use cases.
Signed-off-by: Andrea Mayer
---
.../selftests/net/srv6_end_dt4_l3vpn_test.sh | 490 ++
1 file changed, 490 insertions(+)
create mode 100755
during its initialization phase and after all the attributes
have been parsed successfully;
- destroy_state(...): used for calling the custom destructor of the
behavior before it is completely destroyed.
Signed-off-by: Andrea Mayer
---
net/ipv6/seg6_local.c | 49
this selftest is designed for evaluating the new SRv6 End.DT4 behavior
used, in this example, for implementing IPv4 L3 VPN use cases.
Signed-off-by: Andrea Mayer
Reviewed-by: David Ahern
---
.../selftests/net/srv6_end_dt4_l3vpn_test.sh | 494 ++
1 file changed, 494 insertions
t;,
"vrftable": 200,
"dev": "eth0",
"metric": 1024,
"flags": [ ],
"pref": "medium"
} ]
Signed-off-by: Paolo Lungaroni
Signed-off-by: Andrea Mayer
---
include/uapi/linux/seg6_local.h | 1 +
ip/
v6-network-programming
[2]
https://speakerdeck.com/line_developers/line-data-center-networking-with-srv6
Signed-off-by: Andrea Mayer
---
include/uapi/linux/seg6_local.h | 1 +
net/ipv6/seg6_local.c | 290
2 files changed, 291 insertions(+)
diff --git
is not set.
In this case, the mac address of the VRF is copied in both the
destination and the source address of the ethernet header. The protocol
type is set either to IPv4 or IPv6, depending on which L3 packet is
received.
Signed-off-by: Andrea Mayer
Reviewed-by: David Ahern
---
drivers/net
the
information needed to handle a given attribute are contained in only
one place;
4) it facilitates the integration with new features introduced in further
patches.
Signed-off-by: Andrea Mayer
---
net/ipv6/seg6_local.c | 80 +--
1 file changed, 70
that the instances of SRv6 End.DT6 legacy and End.DT6 VRF
mode can coexist in the same system/configuration without problems.
[1] https://tools.ietf.org/html/draft-ietf-spring-srv6-network-programming
Signed-off-by: Andrea Mayer
---
net/ipv6/seg6_local.c | 76 +++
1 file
are very welcome!
Thanks,
Andrea Mayer
v3
notes about the build bot:
- apparently the ',' (comma) in the subject prefix confused the build bot.
Removed the ',' in favor of ' ' (space).
Thanks to David Ahern and Konstantin Ryabitsev for shedding light on this
fact.
Thanks also
.
>From the userspace point of view, the support for optional attributes DO
NOT require any changes to the userspace applications, i.e: iproute2
unless new attributes (required or optional) are needed.
Signed-off-by: Andrea Mayer
---
net/ipv6/seg6_local.c |
this selftest is designed for evaluating the new SRv6 End.DT6 (VRF) behavior
used, in this example, for implementing IPv6 L3 VPN use cases.
Signed-off-by: Andrea Mayer
Signed-off-by: Paolo Lungaroni
---
.../selftests/net/srv6_end_dt6_l3vpn_test.sh | 502 ++
1 file changed, 502
v6-network-programming
[2]
https://speakerdeck.com/line_developers/line-data-center-networking-with-srv6
Signed-off-by: Andrea Mayer
---
include/uapi/linux/seg6_local.h | 1 +
net/ipv6/seg6_local.c | 287
2 files changed, 288 insertions(+)
diff --git
.
>From the userspace point of view, the support for optional attributes DO
NOT require any changes to the userspace applications, i.e: iproute2
unless new attributes (required or optional) are needed.
Signed-off-by: Andrea Mayer
---
net/ipv6/seg6_local.c |
during its initialization phase and after all the attributes
have been parsed successfully;
- destroy_state(...): used for calling the custom destructor of the
behavior before it is completely destroyed.
Signed-off-by: Andrea Mayer
---
net/ipv6/seg6_local.c | 49
is not set.
In this case, the mac address of the VRF is copied in both the
destination and the source address of the ethernet header. The protocol
type is set either to IPv4 or IPv6, depending on which L3 packet is
received.
Signed-off-by: Andrea Mayer
Reviewed-by: David Ahern
---
drivers/net
this selftest is designed for evaluating the new SRv6 End.DT4 behavior
used, in this example, for implementing IPv4 L3 VPN use cases.
Signed-off-by: Andrea Mayer
Reviewed-by: David Ahern
---
.../selftests/net/srv6_end_dt4_l3vpn_test.sh | 494 ++
1 file changed, 494 insertions
the
information needed to handle a given attribute are contained in only
one place;
4) it facilitates the integration with new features introduced in further
patches.
Signed-off-by: Andrea Mayer
---
net/ipv6/seg6_local.c | 80 +--
1 file changed, 70
this selftest is designed for evaluating the new SRv6 End.DT6 (VRF) behavior
used, in this example, for implementing IPv6 L3 VPN use cases.
Signed-off-by: Andrea Mayer
Signed-off-by: Paolo Lungaroni
---
.../selftests/net/srv6_end_dt6_l3vpn_test.sh | 502 ++
1 file changed, 502
d.DT6 (VRF mode) behaviors, is provided in a different
patchset that will follow shortly.
I would like to thank David Ahern for his support during the development of
this patchset.
Comments, suggestions and improvements are very welcome!
Thanks,
Andrea Mayer
v4
seg6: add support for the SRv6 End.DT
that the instances of SRv6 End.DT6 legacy and End.DT6 VRF
mode can coexist in the same system/configuration without problems.
[1] https://tools.ietf.org/html/draft-ietf-spring-srv6-network-programming
Signed-off-by: Andrea Mayer
---
net/ipv6/seg6_local.c | 76 +++
1 file
Hi Jakub,
thanks for your review.
On Tue, 24 Nov 2020 15:40:17 -0800
Jakub Kicinski wrote:
> On Mon, 23 Nov 2020 19:28:53 +0100 Andrea Mayer wrote:
> > +static int cmp_nla_vrftable(struct seg6_local_lwt *a, struct
> > seg6_local_lwt *b)
> > +{
> > + stru
Hi Jakub,
On Tue, 24 Nov 2020 15:49:04 -0800
Jakub Kicinski wrote:
> LGTM! Please address the nit and repost without the iproute2 patch.
Thanks for the review of the patchset.
> Mixing the iproute2 patch in has confused patchwork:
>
>
is not set.
In this case, the mac address of the VRF is copied in both the
destination and the source address of the ethernet header. The protocol
type is set either to IPv4 or IPv6, depending on which L3 packet is
received.
Signed-off-by: Andrea Mayer
---
drivers/net/vrf.c | 78
during its initialization phase and after all the attributes
have been parsed successfully;
- destroy_state(...): used for calling the custom destructor of the
behavior before it is completely destroyed.
Signed-off-by: Andrea Mayer
---
net/ipv6/seg6_local.c | 64
-with-srv6
[3] https://patchwork.ozlabs.org/patch/799837/
Signed-off-by: Andrea Mayer
---
net/ipv6/seg6_local.c | 205 ++
1 file changed, 205 insertions(+)
diff --git a/net/ipv6/seg6_local.c b/net/ipv6/seg6_local.c
index 4b0f155d641d..a41074acd43e 100644
--- a/net
.
Comments, suggestions and improvements are very welcome!
Thanks,
Andrea Mayer
v2
no changes made: resubmitted after false build report.
v1
improve comments;
add new patch 2/5 titled: seg6: improve management of behavior attributes
seg6: add support for the SRv6 End.DT4 behavior
- remove
the
information needed to handle a given attribute are contained in only
one place;
4) it facilitates the integration with new features introduced in further
patches.
Signed-off-by: Andrea Mayer
---
net/ipv6/seg6_local.c | 103 ++
1 file changed, 93
this selftest is designed for evaluating the new SRv6 End.DT4 behavior
used, in this example, for implementing IPv4 L3 VPN use cases.
Signed-off-by: Andrea Mayer
---
.../selftests/net/srv6_end_dt4_l3vpn_test.sh | 494 ++
1 file changed, 494 insertions(+)
create mode 100755
is not set.
In this case, the mac address of the VRF is copied in both the
destination and the source address of the ethernet header. The protocol
type is set either to IPv4 or IPv6, depending on which L3 packet is
received.
Signed-off-by: Andrea Mayer
---
drivers/net/vrf.c | 78
this selftest is designed for evaluating the new SRv6 End.DT4 behavior
used, in this example, for implementing IPv4 L3 VPN use cases.
Signed-off-by: Andrea Mayer
---
.../selftests/net/srv6_end_dt4_l3vpn_test.sh | 494 ++
1 file changed, 494 insertions(+)
create mode 100755
.
Comments, suggestions and improvements are very welcome!
Thanks,
Andrea Mayer
v1
improve comments;
add new patch 2/5 titled: seg6: improve management of behavior attributes
seg6: add support for the SRv6 End.DT4 behavior
- remove the inline keyword in the definition of fib6_config_get_net
the
information needed to handle a given attribute are contained in only
one place;
4) it facilitates the integration with new features introduced in further
patches.
Signed-off-by: Andrea Mayer
---
net/ipv6/seg6_local.c | 103 ++
1 file changed, 93
-with-srv6
[3] https://patchwork.ozlabs.org/patch/799837/
Signed-off-by: Andrea Mayer
---
net/ipv6/seg6_local.c | 205 ++
1 file changed, 205 insertions(+)
diff --git a/net/ipv6/seg6_local.c b/net/ipv6/seg6_local.c
index 4b0f155d641d..a41074acd43e 100644
--- a/net
during its initialization phase and after all the attributes
have been parsed successfully;
- destroy_state(...): used for calling the custom destructor of the
behavior before it is completely destroyed.
Signed-off-by: Andrea Mayer
---
net/ipv6/seg6_local.c | 64
Hi David,
thanks for your time.
On Wed, 3 Feb 2021 08:59:40 -0700
David Ahern wrote:
> On 2/2/21 11:56 AM, Andrea Mayer wrote:
> > diff --git a/net/ipv6/seg6_local.c b/net/ipv6/seg6_local.c
> > index b07f7c1c82a4..7cc50d506902 100644
> > --- a/net/ipv6/seg6_local
roblem, providing a
solution and inspiring this patch.
Thanks to Jakub Kicinski for his useful suggestions during the design of
this patch.
Signed-off-by: Andrea Mayer
---
net/ipv6/seg6_local.c | 68 +--
1 file changed, 40 insertions(+), 28 deletions(-)
-by: Andrea Mayer
---
drivers/net/vrf.c | 273 +-
1 file changed, 268 insertions(+), 5 deletions(-)
diff --git a/drivers/net/vrf.c b/drivers/net/vrf.c
index 43928a1c2f2a..098fdabaa4c5 100644
--- a/drivers/net/vrf.c
+++ b/drivers/net/vrf.c
@@ -21,6 +21,7
for routing packets.
I would like to thank David Ahern for his constant and valuable support during
the design and development phases of this patch set.
Comments, suggestions and improvements are very welcome!
Thanks,
Andrea Mayer
v1
l3mdev: add infrastructure for table to VRF mapping
During the initialization phase of the VRF module, the callback for table
to VRF device lookup is registered in l3mdev.
Signed-off-by: Andrea Mayer
---
drivers/net/vrf.c | 59 +++
1 file changed, 55 insertions(+), 4 deletions(-)
diff --git a/drivers
to net.vrf.strict_mode=1, a check
is performed to verify that all tables have at most one VRF associated,
otherwise the switch is not allowed.
The net.vrf.strict_mode parameter is per network namespace.
Signed-off-by: Andrea Mayer
---
drivers/net/vrf.c | 118 ++
1 file
The new strict mode functionality is tested in different configurations and
on different network namespaces.
Signed-off-by: Andrea Mayer
---
.../selftests/net/vrf_strict_mode_test.sh | 390 ++
1 file changed, 390 insertions(+)
create mode 100755 tools/testing/selftests/net
offer the lookup function (table to VRF device).
Signed-off-by: Andrea Mayer
---
include/net/l3mdev.h | 39 +++
net/l3mdev/l3mdev.c | 93
2 files changed, 132 insertions(+)
diff --git a/include/net/l3mdev.h b/include/net/l3mdev.h
During the initialization phase of the VRF module, the callback for table
to VRF device lookup is registered in l3mdev.
Signed-off-by: Andrea Mayer
---
drivers/net/vrf.c | 59 +++
1 file changed, 55 insertions(+), 4 deletions(-)
diff --git a/drivers
offer the lookup function (table to VRF device).
Signed-off-by: Andrea Mayer
---
include/net/l3mdev.h | 37 +
net/l3mdev/l3mdev.c | 95
2 files changed, 132 insertions(+)
diff --git a/include/net/l3mdev.h b/include/net/l3mdev.h
index
for routing packets.
I would like to thank David Ahern for his constant and valuable support during
the design and development phases of this patch set.
Comments, suggestions and improvements are very welcome!
Thanks,
Andrea Mayer
[1]
https://lore.kernel.org/netdev/20200307205916.15646-1-sha..
The new strict mode functionality is tested in different configurations and
on different network namespaces.
Signed-off-by: Andrea Mayer
---
.../selftests/net/vrf_strict_mode_test.sh | 390 ++
1 file changed, 390 insertions(+)
create mode 100755 tools/testing/selftests/net
to net.vrf.strict_mode=1, a check
is performed to verify that all tables have at most one VRF associated,
otherwise the switch is not allowed.
The net.vrf.strict_mode parameter is per network namespace.
Signed-off-by: Andrea Mayer
---
drivers/net/vrf.c | 119 ++
1 file
-by: Andrea Mayer
---
drivers/net/vrf.c | 272 +-
1 file changed, 267 insertions(+), 5 deletions(-)
diff --git a/drivers/net/vrf.c b/drivers/net/vrf.c
index 43928a1c2f2a..f772aac6a04c 100644
--- a/drivers/net/vrf.c
+++ b/drivers/net/vrf.c
@@ -21,6 +21,7
On Fri, 12 Jun 2020 10:05:49 -0700
Dinesh G Dutt wrote:
> Thanks for doing this Andrea. This is a very important patch. I'll let
> the others comment on the specificity of the patch, but strict mode=1
> should be the default .
>
> Dinesh
Hi Dinesh,
thanks for your comments! I chose to
On Fri, 12 Jun 2020 10:51:48 -0700
Jakub Kicinski wrote:
> net/l3mdev/l3mdev.c:12:1: warning: symbol 'l3mdev_lock' was not declared.
> Should it be static?
>
> Please make sure it doesn't add errors with W=1 C=1 :)
Hi Jakub,
thanks for your feedback.
sorry, I did not want to add more
On Fri, 12 Jun 2020 10:52:27 -0700
Jakub Kicinski wrote:
> drivers/net/vrf.c:1771:49: warning: incorrect type in argument 3 (different
> address spaces)
> drivers/net/vrf.c:1771:49:expected void *
> drivers/net/vrf.c:1771:49:got void [noderef] *buffer
> drivers/net/vrf.c:1785:35:
Hi Stephen,
thanks for your questions.
On Sat, 13 Jun 2020 12:28:59 -0700
Stephen Hemminger wrote:
> > +
> > +* Conversely, shared_table is decreased when a vrf is de-associated
> > +* from a table with exactly two associated vrfs.
> > +*/
> > + int shared_tables;
>
> Should this
On Sat, 13 Jun 2020 18:34:25 -0600
David Ahern wrote:
> On 6/13/20 4:53 PM, Andrea Mayer wrote:
> > Hi Stephen,
> > thanks for your questions.
> >
> > On Sat, 13 Jun 2020 12:28:59 -0700
> > Stephen Hemminger wrote:
> >
> >>> +
> >>&
On Sat, 13 Jun 2020 18:37:09 -0600
David Ahern wrote:
> On 6/12/20 10:49 AM, Andrea Mayer wrote:
> > @@ -37,6 +45,15 @@ struct l3mdev_ops {
> >
> > #ifdef CONFIG_NET_L3_MASTER_DEV
> >
> > +int l3mdev_table_lookup_register(enum l3mdev_type l3type,
> >
On Mon, 7 Dec 2020 14:45:03 +
Colin King wrote:
> From: Colin Ian King
>
> Shifting the integer value 1 is evaluated using 32-bit arithmetic
> and then used in an expression that expects a unsigned long value
> leads to a potential integer overflow. Fix this by using the BIT
> macro to
: 0489390882202 ("vrf: add mac header for tunneled packets when sniffer is
attached")
Signed-off-by: Andrea Mayer
---
drivers/net/vrf.c | 110 +++---
1 file changed, 55 insertions(+), 55 deletions(-)
diff --git a/drivers/net/vrf.c b/drivers/net/v
on compared to scenario (1).
Comments, suggestions and improvements are very welcome!
Thanks,
Andrea
[2] https://www.cloudlab.us
Andrea Mayer (1):
seg6: add counters support for SRv6 Behaviors
include/uapi/linux/seg6_local.h | 8 ++
net/ipv6/seg6_local.c | 133 ++
d
line, i.e.:
$ ip -s -6 route show 2001:db8::1
2001:db8::1 encap seg6local action End packets 0 bytes 0 errors 0 dev eth0
[1] https://www.rfc-editor.org/rfc/rfc8986.html#name-counters
Signed-off-by: Andrea Mayer
---
include/uapi/linux/seg6_local.h | 8 ++
net/ipv6/seg6_loc
On Wed, 7 Apr 2021 13:24:04 -0700
Jakub Kicinski wrote:
> On Wed, 7 Apr 2021 20:03:32 +0200 Andrea Mayer wrote:
> > This patch provides counters for SRv6 Behaviors as defined in [1], section
> > 6. For each SRv6 Behavior instance, the counters defined in [1] are:
> >
&g
ole
single structure. This is to address compatibility issues that might
arise from having different versions of kernel/iproute2.
Thanks to David Ahern for bringing attention to this.
- include cover letter in the commit message, thanks to David Ahern.
[2] https://www.cloudlab.us
Signed-off-by: Andrea M
There is a comment spelling mistake "interfarence" -> "interference" in
function parse_nla_action(). Fix it.
Signed-off-by: Andrea Mayer
---
net/ipv6/seg6_local.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/ipv6/seg6_local.c b/net/ipv6/seg6_loc
On Wed, 7 Apr 2021 16:55:41 -0600
David Ahern wrote:
> On 4/7/21 12:03 PM, Andrea Mayer wrote:
> > diff --git a/include/uapi/linux/seg6_local.h
> > b/include/uapi/linux/seg6_local.h
> > index 3b39ef1dbb46..ae5e3fd12b73 100644
> > --- a/include/uapi/linux/seg6_loc
useful suggestions during the design of
this patch.
v2:
- remove the SEG6_LOCAL_MAX_SUPP which is not strictly needed: it can
be derived from the unsigned long type. Thanks to David Ahern for
pointing it out.
Signed-off-by: Andrea Mayer
---
net/ipv6/seg6_local.
76 matches
Mail list logo