From patchwork Tue Mar 28 06:42:22 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nobuhiro MIKI X-Patchwork-Id: 1762174 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.133; helo=smtp2.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=yahoo-corp.jp header.i=@yahoo-corp.jp header.a=rsa-sha256 header.s=selector1 header.b=UDV/ja/a; dkim-atps=neutral Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4Pm0Vz6l98z1yYV for ; Tue, 28 Mar 2023 17:43:07 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id C7ADF41776; Tue, 28 Mar 2023 06:43:04 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org C7ADF41776 Authentication-Results: smtp2.osuosl.org; dkim=fail reason="signature verification failed" (1024-bit key, unprotected) header.d=yahoo-corp.jp header.i=@yahoo-corp.jp header.a=rsa-sha256 header.s=selector1 header.b=UDV/ja/a X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id J8XksnAxc0ow; Tue, 28 Mar 2023 06:42:58 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [IPv6:2605:bc80:3010:104::8cd3:938]) by smtp2.osuosl.org (Postfix) with ESMTPS id 1A36241590; Tue, 28 Mar 2023 06:42:57 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org 1A36241590 Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id A886EC0096; Tue, 28 Mar 2023 06:42:53 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from smtp3.osuosl.org (smtp3.osuosl.org [140.211.166.136]) by lists.linuxfoundation.org (Postfix) with ESMTP id 7675DC0036 for ; Tue, 28 Mar 2023 06:42:48 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp3.osuosl.org (Postfix) with ESMTP id DC49F60ABD for ; Tue, 28 Mar 2023 06:42:47 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp3.osuosl.org DC49F60ABD Authentication-Results: smtp3.osuosl.org; dkim=pass (1024-bit key, unprotected) header.d=yahoo-corp.jp header.i=@yahoo-corp.jp header.a=rsa-sha256 header.s=selector1 header.b=UDV/ja/a X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp3.osuosl.org ([127.0.0.1]) by localhost (smtp3.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WnTukRAUCEDs for ; Tue, 28 Mar 2023 06:42:46 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.8.0 DKIM-Filter: OpenDKIM Filter v2.11.0 smtp3.osuosl.org 9C67460E96 Received: from corp-ob07.yahoo-corp.jp (corp-ob07.yahoo-corp.jp [183.79.94.94]) by smtp3.osuosl.org (Postfix) with ESMTPS id 9C67460E96 for ; Tue, 28 Mar 2023 06:42:45 +0000 (UTC) Received: from JPN01-OS0-obe.outbound.protection.outlook.com (mail-os0jpn01lp2105.outbound.protection.outlook.com [104.47.23.105]) by corp-ob07.yahoo-corp.jp (Postfix) with ESMTPS id 28F5C19FB185 for ; Tue, 28 Mar 2023 15:42:43 +0900 (JST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XUYpWhpwJKKy4q9k8FcNLz9Ep/m1ZNAAsYqsKH43xKNLcVSQBLqTNXULg+d7KsfwEUW9hIstFfZDmTAWUauH8jnu0iRI6PQ07JmiwamK/7ll7lB/em2jzEaIgROf2bqRQ98RjwNtwKjlBbOTwxreT4FCwdmlTn8yPwUBi542mKZ1JuBXfSX2aAK1Mh89RZVdwZd+MDNmro8Wb5tbdqfm5VnmgJ7FbZ2zgiMHPLd6VqjdEIcsQ3qIzOIFXEk9cE3nQaoqoRKmaJ5/SrQIyqzU80pm1nWfdZnqgEfjkGUHlKu34CdKiyJhdbiHhDwSDd/6PyL4FFuQ3asonW1a1dQ2SA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=6dqDKEm8oqFfX/ucDjPn4PMPU4WcSroNyASRvu4LpKM=; b=QeFRAaLWldVQqKxpsNcevKUxNpchHpWw5pjnrGj+yPlhE5DebHH6dT9uNo/Bd1u6co6RuNAUiYfOM5OHkUGKTBCko7KhU6JerPifaSBL0RtGK8xv3bmrOT8oIFfiyd87wJ4Zm8SACRauiXCuT/DyfIzMQ/MUdOF4InmuHyK5qrxEE/ac1iovUDLwW6/viEchpIRv1mAZzh2FW9F/n/UjVk0XRSY/pqULReQGh/pTiBNpdiJ3bebPpkdUR4S+d5PuzRUaLt/qoFV3PXT15UGI3DfzhIJy6uKCWMqoqNnOha5zf0bKT/OeypM4zmpK58goFakJl8arg+gTttlUgCiAsQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=yahoo-corp.jp; dmarc=pass action=none header.from=yahoo-corp.jp; dkim=pass header.d=yahoo-corp.jp; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo-corp.jp; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=6dqDKEm8oqFfX/ucDjPn4PMPU4WcSroNyASRvu4LpKM=; b=UDV/ja/aTRgu7+jweUAYZBjUR0aoOmtdP+BpTm6+MvUeymssu1iRhreOV3QSYs8Oxd6x9pKE5f5u/zUDa9ahMrU/s2H2Rw0KfWcqQQjDx6O3PoMn225CR8HAwIP1O+QP/ifoymNAvUa1X3pNPUo0EdvHuL3o4cAi+FwwL7zS90I= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=yahoo-corp.jp; Received: from TY2PR01MB4107.jpnprd01.prod.outlook.com (2603:1096:404:d8::23) by OS7PR01MB11871.jpnprd01.prod.outlook.com (2603:1096:604:23d::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6222.33; Tue, 28 Mar 2023 06:42:40 +0000 Received: from TY2PR01MB4107.jpnprd01.prod.outlook.com ([fe80::b10b:489e:5dfa:58b1]) by TY2PR01MB4107.jpnprd01.prod.outlook.com ([fe80::b10b:489e:5dfa:58b1%4]) with mapi id 15.20.6222.030; Tue, 28 Mar 2023 06:42:40 +0000 From: Nobuhiro MIKI To: dev@openvswitch.org Date: Tue, 28 Mar 2023 15:42:22 +0900 Message-Id: <20230328064223.51144-5-nmiki@yahoo-corp.jp> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230328064223.51144-1-nmiki@yahoo-corp.jp> References: <20230328064223.51144-1-nmiki@yahoo-corp.jp> X-ClientProxiedBy: TYCP286CA0043.JPNP286.PROD.OUTLOOK.COM (2603:1096:400:29d::14) To TY2PR01MB4107.jpnprd01.prod.outlook.com (2603:1096:404:d8::23) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: TY2PR01MB4107:EE_|OS7PR01MB11871:EE_ X-MS-Office365-Filtering-Correlation-Id: e0810502-709f-4a2d-b5e8-08db2f57a041 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: cu53Rk0Vl8hH5AE03h6fxDetZSQCIv0XYJSXNUwNjIpRQsi9c98mzzk+Mmxs/qemR+n11llQ1tRgSwOenB9EX/WgUTyOQv0YVPvZFvbwKiC0EXaw69ZTtX9125bqU7vGMtcR5Z1dD4aVW5OVj3xftfpOb/E8J7w9Pp0sSIBb1HXBZf5Dneh9Xk1l8DdSZmKy1VFGrno1WQkHzA5l+7LKPMJrrELHsKVIacSVCKbeDQX3ZvFGMtzKIFBPdFAiRVmJir5ruwp9kB7HK8wdTP0bM/Fp6FIs00x0IFRk6zd62ZHSsaDLeFX8k8tHmZpGkZbdDfFf0jTSIOTHYIRkc7LBL/OhD7dh1u7kTl2ubTI0JeJjuq/SKdSt0ttanxeYr8M02GY6HIIUtE/egH3oDMotcqFyegzw4vtFcDGis2aa9JuX7imA4A+3HEn1PyX6k/CtbVjCrcJ/vgqxTAdxJ5R23z14vDP4ESxT1nxb/o+h71Fq1KXj3E78XXdq+5raX5Hk0XORC3mHsWlXApfok7oidBWpCMVwAS65QQzTKMTYlCYqlD4/2kHSvoX66qSViyH58NzoifHl9nKKbCdL3FW10p2VrltSrOixW+0o/w6X49y8/7W4EhgkfLhRExMXeo76 X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:TY2PR01MB4107.jpnprd01.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230028)(4636009)(396003)(346002)(366004)(39860400002)(136003)(376002)(451199021)(38350700002)(86362001)(36756003)(2906002)(107886003)(478600001)(966005)(6666004)(6486002)(2616005)(6512007)(52116002)(38100700002)(83380400001)(316002)(4326008)(6916009)(5660300002)(8676002)(66556008)(66476007)(66946007)(82960400001)(6506007)(186003)(1076003)(26005)(8936002)(30864003)(41300700001)(21314003); DIR:OUT; SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: ZuNwTudXr7Jl+ijHZDFsW6exhxbmpkhN08P04bS5CW0DFsN0LY7ZjpmcpyIh6cZkAByjOQ/iDPTmj025mB6QWbtLRk1khwHg6UUDWp7Dj6dHCbqbkviova4yUeJarMVB7mNh1/WrTh2dvgyo9MIyAMTmnLD5V20pRnPGOtjJECyTHnKrT7/5toK7aKt81ZT1i6+YwEAWoLOgnFgExHMbPbDMN5i7ZjxcCShB+v9GkcNcMJkPRFtUa9L+soPMiYJcdMTstFgE0wi2qCfTeMs1OGP6d3QG11JB5ZdGf8sQ+KKtYfMYCXX+BBJICYDqd+Qkfi2wRSjDbhY5jQsnMAgHL7FxxI6K5fBUjs2m9a/nQfWyIz44WFHdbY50NoSk93j1BqrDhgLzEhUNW1tsjsBGUEj9MSZzLDCmeLbDFgkgCYuEMg14/I4Us+Uq5wje6pwmSFCI7wRxBdLGYqezYeND0GfbgkNkVvq5/VPw+0D/ioJFPH/d/bYSA4hqXdFtqNnRKvDFwNtp9Q6fTeE9wVxaIwsgpReG0pC6MkTNOkHTkbm4D1BsLUuyEDyM2nDbpUac3JisXG7FSCM6eALudK3ZOqDX2fGd/reeoTY7XWtTl00XLt6c/96ATfMRE4FXTBR7zQK6ENUkL2u1ETCOhE4MZMqXPylbPfdXhqijf4d4c/9aCXd0pGsUkqr+MaUvImZzg0FALa8fuApG5R9OvX1mySsgVe3A0rfeYuQ3SFcUZlEYJLCbkrb47z/b+JB6nYuvkU5yRqIrCbwCAmiWJSNVt/0lrDqglUkLCu14I45C+U/bIlTNivkLMdZBuJIxuMk9SKlwK9us/ZPLq1ENiEAayNTB84GkqOQFFjGUwX9XDPiKJNQx5olQ32SWvrJplxrCar5xjdpmJ1OZkcMUmaFQZ+h7VZZyZz3QOGXLvRAroDq9iEnSFOgcl4MnfsUA07/hJZs3HTXyqrFHBp3SHASkHUUURtO58sBC/8b1Sl4iNI6LelqFfSq89aLX2EXDwexvk63MrDM0ja/THsKf7Y93NHAX2yuDuS3qXlkJYAaAGV3lETlblKvmlMjZG9pD1xdyECItzqZMd7mZoFxEb+9Q/EakPJkT40eZ9vstIdvamkcgX7BjFaP4mmwUT7K9TYdMV0EiFON4iryl/iPIGY3uR3HGtVdfS2JKFK8uCsmd8pg1foh1fyZZ2AmQYFS5/inaX5FZyS4d0MdMKSD440YbxXiVuXw4/idI7XAD0kj8lEo/GQhhPgNDOztushA3T+0FCc7soPTT6wVgoju7Rgv2SX2FiJv9TrZK4ORdBCwxLiq89BrWsWMULvhi3aImXhqfkCpbE9HrPwhZd7tIiBnbHl9X4unrTUlUw8guK/zeJdY/ov4HLiOvAxTYMABCwyGjC+Fhnai3Yll/CBeh4oO0SXvxq5blMeTiGxNBgcpLUtgQx9rQp9dU3qP/4YzMV5gsNP64vDfKvUWpucTniM4w78J0lzn+p1dEVMbzbsa8Zhlqzo8puOBShkQVoZjrvivjaMyhOqy64Veuh4JzYs1nUk+/2FtjEMUmouelK22dxPYzMjNv9oLR2j8PEiKlGZFX X-OriginatorOrg: yahoo-corp.jp X-MS-Exchange-CrossTenant-Network-Message-Id: e0810502-709f-4a2d-b5e8-08db2f57a041 X-MS-Exchange-CrossTenant-AuthSource: TY2PR01MB4107.jpnprd01.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 28 Mar 2023 06:42:40.2500 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: a208d369-cd4e-4f87-b119-98eaf31df2c3 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: GUB7c6NgOgSauhJ+KuG6UjyXZyT6TpRR2MPvkJfh9dSqwvkEWoLKM0vWRM/zGBxLaaiKzHDz5OHwxtXU6B/YjA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: OS7PR01MB11871 Subject: [ovs-dev] [PATCH v11 4/5] userspace: Add SRv6 tunnel support. X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" SRv6 (Segment Routing IPv6) tunnel vport is responsible for encapsulation and decapsulation the inner packets with IPv6 header and an extended header called SRH (Segment Routing Header). See spec in: https://datatracker.ietf.org/doc/html/rfc8754 This patch implements SRv6 tunneling in userspace datapath. It uses `remote_ip` and `local_ip` options as with existing tunnel protocols. It also adds a dedicated `srv6_segs` option to define a sequence of routers called segment list. Signed-off-by: Nobuhiro MIKI --- Documentation/faq/configuration.rst | 21 +++++ Documentation/faq/releases.rst | 1 + NEWS | 2 + include/linux/openvswitch.h | 1 + include/sparse/netinet/in.h | 1 + lib/dpif-netlink-rtnl.c | 5 ++ lib/dpif-netlink.c | 5 ++ lib/netdev-native-tnl.c | 127 ++++++++++++++++++++++++++++ lib/netdev-native-tnl.h | 10 +++ lib/netdev-vport.c | 53 ++++++++++++ lib/netdev.h | 4 + lib/packets.h | 11 +++ lib/tnl-ports.c | 5 +- ofproto/ofproto-dpif-xlate.c | 3 + tests/system-kmod-macros.at | 8 ++ tests/system-traffic.at | 119 ++++++++++++++++++++++++++ tests/system-userspace-macros.at | 6 ++ tests/tunnel.at | 56 ++++++++++++ 18 files changed, 437 insertions(+), 1 deletion(-) diff --git a/Documentation/faq/configuration.rst b/Documentation/faq/configuration.rst index dc6c92446f98..4df390dc2d9d 100644 --- a/Documentation/faq/configuration.rst +++ b/Documentation/faq/configuration.rst @@ -238,6 +238,27 @@ Q: Does Open vSwitch support GTP-U? set int gtpu0 type=gtpu options:key= \ options:remote_ip=172.31.1.1 +Q: Does Open vSwitch support SRv6? + + A: Yes. Starting with version 3.2, the Open vSwitch userspace + datapath supports SRv6 (Segment Routing over IPv6). The following + example shows tunneling to fc00:300::1 via fc00:100::1 and fc00:200::1. + In the current implementation, if "IPv6 in IPv6" or "IPv4 in IPv6" packets + are routed to this interface, and these packets are not SRv6 packets, they + may be dropped, so be careful in workloads with a mix of these tunnels. + Also note the following restrictions: + + * Segment list length is limited to 6. + * SRv6 packets with other than segments_left = 0 are simply dropped. + + :: + + $ ovs-vsctl add-br br0 + $ ovs-vsctl add-port br0 srv6_0 -- \ + set int srv6_0 type=srv6 \ + options:remote_ip=fc00:100::1 \ + options:srv6_segs="fc00:100::1,fc00:200::1,fc00:300::1" + Q: How do I connect two bridges? A: First, why do you want to do this? Two connected bridges are not much diff --git a/Documentation/faq/releases.rst b/Documentation/faq/releases.rst index 9e1b42262000..9fb679e307d9 100644 --- a/Documentation/faq/releases.rst +++ b/Documentation/faq/releases.rst @@ -151,6 +151,7 @@ Q: Are all features available with all datapaths? Tunnel - ERSPAN 4.18 2.10 2.10 NO Tunnel - ERSPAN-IPv6 4.18 2.10 2.10 NO Tunnel - GTP-U NO NO 2.14 NO + Tunnel - SRv6 NO NO 3.2 NO Tunnel - Bareudp 5.7 NO NO NO QoS - Policing YES 1.1 2.6 NO QoS - Shaping YES 1.1 NO NO diff --git a/NEWS b/NEWS index 8771ee618aed..a8d77a75a248 100644 --- a/NEWS +++ b/NEWS @@ -21,6 +21,8 @@ Post-v3.1.0 * ovs-vswitchd will keep the CAP_SYS_RAWIO capability when started with the --hw-rawio-access command line option. This allows the process extra privileges when mapping physical interconnect memory. + - SRv6 Tunnel Protocol + * Only support for userspace datapath. v3.1.0 - 16 Feb 2023 diff --git a/include/linux/openvswitch.h b/include/linux/openvswitch.h index bc8f74991849..e305c331516b 100644 --- a/include/linux/openvswitch.h +++ b/include/linux/openvswitch.h @@ -254,6 +254,7 @@ enum ovs_vport_type { OVS_VPORT_TYPE_IP6GRE = 109, OVS_VPORT_TYPE_GTPU = 110, OVS_VPORT_TYPE_BAREUDP = 111, /* Bareudp tunnel. */ + OVS_VPORT_TYPE_SRV6 = 112, /* SRv6 tunnel. */ __OVS_VPORT_TYPE_MAX }; diff --git a/include/sparse/netinet/in.h b/include/sparse/netinet/in.h index 21deceb28d41..00927281643a 100644 --- a/include/sparse/netinet/in.h +++ b/include/sparse/netinet/in.h @@ -68,6 +68,7 @@ struct sockaddr_in6 { #define IPPROTO_HOPOPTS 0 #define IPPROTO_ICMP 1 #define IPPROTO_IGMP 2 +#define IPPROTO_IPIP 4 #define IPPROTO_TCP 6 #define IPPROTO_UDP 17 #define IPPROTO_ROUTING 43 diff --git a/lib/dpif-netlink-rtnl.c b/lib/dpif-netlink-rtnl.c index 4fc42daed2d9..5788294ae0d7 100644 --- a/lib/dpif-netlink-rtnl.c +++ b/lib/dpif-netlink-rtnl.c @@ -129,6 +129,8 @@ vport_type_to_kind(enum ovs_vport_type type, } case OVS_VPORT_TYPE_GTPU: return NULL; + case OVS_VPORT_TYPE_SRV6: + return "srv6"; case OVS_VPORT_TYPE_BAREUDP: return "bareudp"; case OVS_VPORT_TYPE_NETDEV: @@ -319,6 +321,7 @@ dpif_netlink_rtnl_verify(const struct netdev_tunnel_config *tnl_cfg, case OVS_VPORT_TYPE_LISP: case OVS_VPORT_TYPE_STT: case OVS_VPORT_TYPE_GTPU: + case OVS_VPORT_TYPE_SRV6: case OVS_VPORT_TYPE_UNSPEC: case __OVS_VPORT_TYPE_MAX: default: @@ -411,6 +414,7 @@ dpif_netlink_rtnl_create(const struct netdev_tunnel_config *tnl_cfg, case OVS_VPORT_TYPE_LISP: case OVS_VPORT_TYPE_STT: case OVS_VPORT_TYPE_GTPU: + case OVS_VPORT_TYPE_SRV6: case OVS_VPORT_TYPE_UNSPEC: case __OVS_VPORT_TYPE_MAX: default: @@ -519,6 +523,7 @@ dpif_netlink_rtnl_port_destroy(const char *name, const char *type) case OVS_VPORT_TYPE_ERSPAN: case OVS_VPORT_TYPE_IP6ERSPAN: case OVS_VPORT_TYPE_IP6GRE: + case OVS_VPORT_TYPE_SRV6: case OVS_VPORT_TYPE_BAREUDP: return dpif_netlink_rtnl_destroy(name); case OVS_VPORT_TYPE_NETDEV: diff --git a/lib/dpif-netlink.c b/lib/dpif-netlink.c index ebe7b5cb1452..55b5b0a8549a 100644 --- a/lib/dpif-netlink.c +++ b/lib/dpif-netlink.c @@ -919,6 +919,9 @@ get_vport_type(const struct dpif_netlink_vport *vport) case OVS_VPORT_TYPE_GTPU: return "gtpu"; + case OVS_VPORT_TYPE_SRV6: + return "srv6"; + case OVS_VPORT_TYPE_BAREUDP: return "bareudp"; @@ -957,6 +960,8 @@ netdev_to_ovs_vport_type(const char *type) return OVS_VPORT_TYPE_GRE; } else if (!strcmp(type, "gtpu")) { return OVS_VPORT_TYPE_GTPU; + } else if (!strcmp(type, "srv6")) { + return OVS_VPORT_TYPE_SRV6; } else if (!strcmp(type, "bareudp")) { return OVS_VPORT_TYPE_BAREUDP; } else { diff --git a/lib/netdev-native-tnl.c b/lib/netdev-native-tnl.c index b89dfdd52a86..7d40c40738de 100644 --- a/lib/netdev-native-tnl.c +++ b/lib/netdev-native-tnl.c @@ -845,6 +845,133 @@ netdev_gtpu_build_header(const struct netdev *netdev, return 0; } +int +netdev_srv6_build_header(const struct netdev *netdev, + struct ovs_action_push_tnl *data, + const struct netdev_tnl_build_header_params *params) +{ + struct netdev_vport *dev = netdev_vport_cast(netdev); + struct netdev_tunnel_config *tnl_cfg; + const struct in6_addr *segs; + struct srv6_base_hdr *srh; + struct in6_addr *s; + ovs_be16 dl_type; + int err = 0; + int nr_segs; + int i; + + ovs_mutex_lock(&dev->mutex); + tnl_cfg = &dev->tnl_cfg; + + if (tnl_cfg->srv6_num_segs) { + nr_segs = tnl_cfg->srv6_num_segs; + segs = tnl_cfg->srv6_segs; + } else { + /* + * If explicit segment list setting is omitted, tunnel destination + * is considered to be the first segment list. + */ + nr_segs = 1; + segs = ¶ms->flow->tunnel.ipv6_dst; + } + + if (!ipv6_addr_equals(&segs[0], ¶ms->flow->tunnel.ipv6_dst)) { + err = EINVAL; + goto out; + } + + srh = netdev_tnl_ip_build_header(data, params, IPPROTO_ROUTING); + srh->rt_hdr.segments_left = nr_segs - 1; + srh->rt_hdr.type = IPV6_SRCRT_TYPE_4; + srh->rt_hdr.hdrlen = 2 * nr_segs; + srh->last_entry = nr_segs - 1; + srh->flags = 0; + srh->tag = 0; + + dl_type = params->flow->dl_type; + if (dl_type == htons(ETH_TYPE_IP)) { + srh->rt_hdr.nexthdr = IPPROTO_IPIP; + } else if (dl_type == htons(ETH_TYPE_IPV6)) { + srh->rt_hdr.nexthdr = IPPROTO_IPV6; + } + + s = ALIGNED_CAST(struct in6_addr *, + (char *) srh + sizeof *srh); + for (i = 0; i < nr_segs; i++) { + /* Segment list is written to the header in reverse order. */ + memcpy(s, &segs[nr_segs - i - 1], sizeof *s); + s++; + } + + data->header_len += sizeof *srh + 8 * srh->rt_hdr.hdrlen; + data->tnl_type = OVS_VPORT_TYPE_SRV6; +out: + ovs_mutex_unlock(&dev->mutex); + + return err; +} + +void +netdev_srv6_push_header(const struct netdev *netdev OVS_UNUSED, + struct dp_packet *packet OVS_UNUSED, + const struct ovs_action_push_tnl *data OVS_UNUSED) +{ + int ip_tot_size; + + netdev_tnl_push_ip_header(packet, data->header, + data->header_len, &ip_tot_size); +} + +struct dp_packet * +netdev_srv6_pop_header(struct dp_packet *packet) +{ + const struct ovs_16aligned_ip6_hdr *nh = dp_packet_l3(packet); + size_t size = dp_packet_l3_size(packet) - IPV6_HEADER_LEN; + struct pkt_metadata *md = &packet->md; + struct flow_tnl *tnl = &md->tunnel; + const struct ip6_rt_hdr *rt_hdr; + uint8_t nw_proto = nh->ip6_nxt; + const void *data = nh + 1; + uint8_t nw_frag = 0; + unsigned int hlen; + + /* + * Verifies that the routing header is present in the IPv6 + * extension headers and that its type is SRv6. + */ + if (!parse_ipv6_ext_hdrs(&data, &size, &nw_proto, &nw_frag, + NULL, &rt_hdr)) { + goto err; + } + + if (!rt_hdr || rt_hdr->type != IPV6_SRCRT_TYPE_4) { + goto err; + } + + if (rt_hdr->segments_left > 0) { + VLOG_WARN_RL(&err_rl, "invalid srv6 segments_left=%d\n", + rt_hdr->segments_left); + goto err; + } + + if (rt_hdr->nexthdr == IPPROTO_IPIP) { + packet->packet_type = htonl(PT_IPV4); + } else if (rt_hdr->nexthdr == IPPROTO_IPV6) { + packet->packet_type = htonl(PT_IPV6); + } else { + goto err; + } + + pkt_metadata_init_tnl(md); + netdev_tnl_ip_extract_tnl_md(packet, tnl, &hlen); + dp_packet_reset_packet(packet, hlen); + + return packet; +err: + dp_packet_delete(packet); + return NULL; +} + struct dp_packet * netdev_vxlan_pop_header(struct dp_packet *packet) { diff --git a/lib/netdev-native-tnl.h b/lib/netdev-native-tnl.h index 22ae2ce5369b..4dad8f978cc6 100644 --- a/lib/netdev-native-tnl.h +++ b/lib/netdev-native-tnl.h @@ -65,6 +65,16 @@ netdev_gtpu_build_header(const struct netdev *netdev, struct ovs_action_push_tnl *data, const struct netdev_tnl_build_header_params *p); +struct dp_packet *netdev_srv6_pop_header(struct dp_packet *); + +void netdev_srv6_push_header(const struct netdev *, + struct dp_packet *, + const struct ovs_action_push_tnl *); + +int netdev_srv6_build_header(const struct netdev *, + struct ovs_action_push_tnl *, + const struct netdev_tnl_build_header_params *); + void netdev_tnl_push_udp_header(const struct netdev *netdev, struct dp_packet *packet, diff --git a/lib/netdev-vport.c b/lib/netdev-vport.c index 3b39278650d3..663ee8606c3b 100644 --- a/lib/netdev-vport.c +++ b/lib/netdev-vport.c @@ -424,6 +424,35 @@ parse_tunnel_ip(const char *value, bool accept_mcast, bool *flow, return 0; } +static int +parse_srv6_segs(char *s, struct in6_addr *segs, uint8_t *num_segs) +{ + char *save_ptr = NULL; + char *token; + + if (!s) { + return EINVAL; + } + + *num_segs = 0; + + while ((token = strtok_r(s, ",", &save_ptr)) != NULL) { + if (*num_segs == SRV6_MAX_SEGS) { + return EINVAL; + } + + if (inet_pton(AF_INET6, token, segs) != 1) { + return EINVAL; + } + + segs++; + (*num_segs)++; + s = NULL; + } + + return 0; +} + enum tunnel_layers { TNL_L2 = 1 << 0, /* 1 if a tunnel type can carry Ethernet traffic. */ TNL_L3 = 1 << 1 /* 1 if a tunnel type can carry L3 traffic. */ @@ -443,6 +472,8 @@ tunnel_supported_layers(const char *type, return TNL_L3; } else if (!strcmp(type, "bareudp")) { return TNL_L3; + } else if (!strcmp(type, "srv6")) { + return TNL_L3; } else { return TNL_L2; } @@ -750,6 +781,17 @@ set_tunnel_config(struct netdev *dev_, const struct smap *args, char **errp) goto out; } } + } else if (!strcmp(node->key, "srv6_segs")) { + err = parse_srv6_segs(node->value, + tnl_cfg.srv6_segs, + &tnl_cfg.srv6_num_segs); + + switch (err) { + case EINVAL: + ds_put_format(&errors, "%s: bad %s 'srv6_segs'\n", + name, node->value); + break; + } } else if (!strcmp(node->key, "payload_type")) { if (!strcmp(node->value, "mpls")) { tnl_cfg.payload_ethertype = htons(ETH_TYPE_MPLS); @@ -1290,6 +1332,17 @@ netdev_vport_tunnel_register(void) }, {{NULL, NULL, 0, 0}} }, + { "srv6_sys", + { + TUNNEL_FUNCTIONS_COMMON, + .type = "srv6", + .build_header = netdev_srv6_build_header, + .push_header = netdev_srv6_push_header, + .pop_header = netdev_srv6_pop_header, + .get_ifindex = NETDEV_VPORT_GET_IFINDEX, + }, + {{NULL, NULL, 0, 0}} + }, }; static struct ovsthread_once once = OVSTHREAD_ONCE_INITIALIZER; diff --git a/lib/netdev.h b/lib/netdev.h index acf174927d24..ff207f56c28c 100644 --- a/lib/netdev.h +++ b/lib/netdev.h @@ -140,6 +140,10 @@ struct netdev_tunnel_config { bool erspan_idx_flow; bool erspan_dir_flow; bool erspan_hwid_flow; + + uint8_t srv6_num_segs; + #define SRV6_MAX_SEGS 6 + struct in6_addr srv6_segs[SRV6_MAX_SEGS]; }; void netdev_run(void); diff --git a/lib/packets.h b/lib/packets.h index 70cd072228ae..83e0f6d95f36 100644 --- a/lib/packets.h +++ b/lib/packets.h @@ -1523,6 +1523,17 @@ BUILD_ASSERT_DECL(sizeof(struct vxlanhdr) == 8); #define VXLAN_F_GPE 0x4000 #define VXLAN_HF_GPE 0x04000000 +/* SRv6 protocol header. */ +#define IPV6_SRCRT_TYPE_4 4 +#define SRV6_BASE_HDR_LEN 8 +struct srv6_base_hdr { + struct ip6_rt_hdr rt_hdr; + uint8_t last_entry; + uint8_t flags; + ovs_be16 tag; +}; +BUILD_ASSERT_DECL(sizeof(struct srv6_base_hdr) == SRV6_BASE_HDR_LEN); + /* Input values for PACKET_TYPE macros have to be in host byte order. * The _BE postfix indicates result is in network byte order. Otherwise result * is in host byte order. */ diff --git a/lib/tnl-ports.c b/lib/tnl-ports.c index 829457ee50f0..f16409a0bf08 100644 --- a/lib/tnl-ports.c +++ b/lib/tnl-ports.c @@ -126,7 +126,7 @@ map_insert(odp_port_t port, struct eth_addr mac, struct in6_addr *addr, /* XXX: No fragments support. */ match.wc.masks.nw_frag = FLOW_NW_FRAG_MASK; - /* 'tp_port' is zero for GRE tunnels. In this case it + /* 'tp_port' is zero for GRE and SRv6 tunnels. In this case it * doesn't make sense to match on UDP port numbers. */ if (tp_port) { match.wc.masks.tp_dst = OVS_BE16_MAX; @@ -174,6 +174,9 @@ tnl_type_to_nw_proto(const char type[], uint8_t nw_protos[2]) } else if (!strcmp(type, "gre") || !strcmp(type, "erspan") || !strcmp(type, "ip6erspan") || !strcmp(type, "ip6gre")) { nw_protos[0] = IPPROTO_GRE; + } else if (!strcmp(type, "srv6")) { + nw_protos[0] = IPPROTO_IPIP; + nw_protos[1] = IPPROTO_IPV6; } } diff --git a/ofproto/ofproto-dpif-xlate.c b/ofproto/ofproto-dpif-xlate.c index a9cf3cbee0be..15c814d6285b 100644 --- a/ofproto/ofproto-dpif-xlate.c +++ b/ofproto/ofproto-dpif-xlate.c @@ -3632,6 +3632,9 @@ propagate_tunnel_data_to_flow(struct xlate_ctx *ctx, struct eth_addr dmac, case OVS_VPORT_TYPE_BAREUDP: nw_proto = IPPROTO_UDP; break; + case OVS_VPORT_TYPE_SRV6: + nw_proto = IPPROTO_IPIP; + break; case OVS_VPORT_TYPE_LISP: case OVS_VPORT_TYPE_STT: case OVS_VPORT_TYPE_UNSPEC: diff --git a/tests/system-kmod-macros.at b/tests/system-kmod-macros.at index 822a80618d6f..fb15a5a7ce03 100644 --- a/tests/system-kmod-macros.at +++ b/tests/system-kmod-macros.at @@ -202,6 +202,14 @@ m4_define([OVS_CHECK_KERNEL_EXCL], AT_SKIP_IF([ ! ( test $version -lt $1 || ( test $version -eq $1 && test $sublevel -lt $2 ) || test $version -gt $3 || ( test $version -eq $3 && test $sublevel -gt $4 ) ) ]) ]) +# OVS_CHECK_SRV6() +# +# The kernel datapath does not support this feature. +m4_define([OVS_CHECK_SRV6], +[ + AT_SKIP_IF([:]) +]) + # CHECK_LATER_IPV6_FRAGMENTS() # # Upstream kernels beetween 4.20 and 5.19 are not parsing IPv6 fragments diff --git a/tests/system-traffic.at b/tests/system-traffic.at index 39a48175271e..65bae736f00e 100644 --- a/tests/system-traffic.at +++ b/tests/system-traffic.at @@ -1164,6 +1164,125 @@ OVS_WAIT_UNTIL([cat p0.pcap | grep -E "IP6 fc00:100::100 > fc00:100::1: GREv0, . OVS_TRAFFIC_VSWITCHD_STOP AT_CLEANUP +AT_SETUP([datapath - ping over srv6 tunnel]) +OVS_CHECK_TUNNEL_TSO() +OVS_CHECK_SRV6() + +OVS_TRAFFIC_VSWITCHD_START() + +ADD_NAMESPACES(at_ns0) +ADD_NAMESPACES(at_ns1) +NS_EXEC([at_ns0], [sysctl -w net.ipv6.conf.default.seg6_enabled=1]) +NS_EXEC([at_ns0], [sysctl -w net.ipv4.conf.default.forwarding=1]) +NS_EXEC([at_ns0], [sysctl -w net.ipv6.conf.default.forwarding=1]) +NS_EXEC([at_ns0], [sysctl -w net.ipv6.conf.all.seg6_enabled=1]) +NS_EXEC([at_ns0], [sysctl -w net.ipv4.conf.all.forwarding=1]) +NS_EXEC([at_ns0], [sysctl -w net.ipv6.conf.all.forwarding=1]) + +dnl Set up underlay link from host into the namespace 'at_ns0' +dnl using veth pair. Kernel side tunnel endpoint (SID) is +dnl 'fc00:a::1/128', so add it to the route. +ADD_BR([br-underlay]) +ADD_VETH(p0, at_ns0, br-underlay, "fc00::1/64", [], [], "nodad") +AT_CHECK([ovs-ofctl add-flow br-underlay "actions=normal"]) +AT_CHECK([ip addr add dev br-underlay "fc00::100/64" nodad]) +AT_CHECK([ip link set dev br-underlay up]) +AT_CHECK([ip route add fc00:a::1/128 dev br-underlay via fc00::1]) + +dnl Set up tunnel endpoints on OVS outside the namespace. +ADD_OVS_TUNNEL6([srv6], [br0], [at_srv6], [fc00:a::1], [10.100.100.100/24]) +AT_CHECK([ovs-vsctl set bridge br0 other_config:hwaddr=aa:55:aa:55:00:00]) +AT_CHECK([ip route add 10.1.1.0/24 dev br0 via 10.100.100.1]) +AT_CHECK([arp -s 10.100.100.1 aa:55:aa:55:00:01]) +AT_CHECK([ovs-ofctl add-flow br0 in_port=LOCAL,actions=output:at_srv6]) +AT_CHECK([ovs-ofctl add-flow br0 in_port=at_srv6,actions=mod_dl_dst:aa:55:aa:55:00:00,output:LOCAL]) + +dnl Set up tunnel endpoints on the namespace 'at_ns0', +dnl and overlay port on the namespace 'at_ns1' +ADD_VETH_NS([at_ns0], [veth0], [10.1.1.2/24], [at_ns1], [veth1], [10.1.1.1/24]) +NS_CHECK_EXEC([at_ns0], [ip sr tunsrc set fc00:a::1]) +NS_CHECK_EXEC([at_ns0], [ip route add 10.100.100.0/24 encap seg6 mode encap segs fc00::100 dev p0]) +NS_CHECK_EXEC([at_ns0], [ip -6 route add fc00:a::1 encap seg6local action End.DX4 nh4 0.0.0.0 dev veth0]) +NS_CHECK_EXEC([at_ns1], [ip route add 10.100.100.0/24 via 10.1.1.2 dev veth1]) + +dnl Linux seems to take a little time to get its IPv6 stack in order. Without +dnl waiting, we get occasional failures due to the following error: +dnl "connect: Cannot assign requested address" +OVS_WAIT_UNTIL([ip netns exec at_ns0 ping6 -c 1 fc00::100]) + +dnl First, check the underlay. +NS_CHECK_EXEC([at_ns0], [ping6 -q -c 3 -i 0.3 -w 2 fc00::100 | FORMAT_PING], [0], [dnl +3 packets transmitted, 3 received, 0% packet loss, time 0ms +]) + +dnl Okay, now check the overlay. +NS_CHECK_EXEC([at_ns1], [ping -q -c 3 -i 0.3 -w 2 10.100.100.100 | FORMAT_PING], [0], [dnl +3 packets transmitted, 3 received, 0% packet loss, time 0ms +]) + +OVS_TRAFFIC_VSWITCHD_STOP +AT_CLEANUP + +AT_SETUP([datapath - ping6 over srv6 tunnel]) +OVS_CHECK_TUNNEL_TSO() +OVS_CHECK_SRV6() + +OVS_TRAFFIC_VSWITCHD_START() + +ADD_NAMESPACES(at_ns0) +ADD_NAMESPACES(at_ns1) +NS_EXEC([at_ns0], [sysctl -w net.ipv6.conf.default.seg6_enabled=1]) +NS_EXEC([at_ns0], [sysctl -w net.ipv6.conf.default.forwarding=1]) +NS_EXEC([at_ns0], [sysctl -w net.ipv6.conf.all.seg6_enabled=1]) +NS_EXEC([at_ns0], [sysctl -w net.ipv6.conf.all.forwarding=1]) + +dnl Set up underlay link from host into the namespace 'at_ns0' +dnl using veth pair. Kernel side tunnel endpoint (SID) is +dnl 'fc00:a::1/128', so add it to the route. +ADD_BR([br-underlay]) +ADD_VETH(p0, at_ns0, br-underlay, "fc00::1/64", [], [], "nodad") +AT_CHECK([ovs-ofctl add-flow br-underlay "actions=normal"]) +AT_CHECK([ip addr add dev br-underlay "fc00::100/64" nodad]) +AT_CHECK([ip link set dev br-underlay up]) +AT_CHECK([ip -6 route add fc00:a::1/128 dev br-underlay via fc00::1]) + +dnl Set up tunnel endpoints on OVS outside the namespace. +ADD_OVS_TUNNEL6([srv6], [br0], [at_srv6], [fc00:a::1], [fc00:100::100/64]) +AT_CHECK([ovs-vsctl set bridge br0 other_config:hwaddr=aa:55:aa:55:00:00]) +dnl [sleep infinity] +AT_CHECK([ip addr add dev br0 fc00:100::100/64]) +AT_CHECK([ip -6 route add fc00:1::1/128 dev br0 via fc00:100::1]) +AT_CHECK([ip -6 neigh add fc00:100::1 lladdr aa:55:aa:55:00:01 dev br0]) +AT_CHECK([ovs-ofctl add-flow br0 in_port=LOCAL,actions=output:at_srv6]) +AT_CHECK([ovs-ofctl add-flow br0 in_port=at_srv6,actions=mod_dl_dst:aa:55:aa:55:00:00,output:LOCAL]) + +dnl Set up tunnel endpoints on the namespace 'at_ns0', +dnl and overlay port on the namespace 'at_ns1' +ADD_VETH_NS([at_ns0], [veth0], [fc00:1::2/64], [at_ns1], [veth1], [fc00:1::1/64]) +NS_CHECK_EXEC([at_ns0], [ip sr tunsrc set fc00:a::1]) +NS_CHECK_EXEC([at_ns0], [ip -6 route add fc00:100::0/64 encap seg6 mode encap segs fc00::100 dev p0]) +NS_CHECK_EXEC([at_ns0], [ip -6 route add fc00:a::1 encap seg6local action End.DX6 nh6 :: dev veth0]) +NS_CHECK_EXEC([at_ns1], [ip -6 route add fc00:100::/64 via fc00:1::2 dev veth1]) + +dnl Linux seems to take a little time to get its IPv6 stack in order. Without +dnl waiting, we get occasional failures due to the following error: +dnl "connect: Cannot assign requested address" +OVS_WAIT_UNTIL([ip netns exec at_ns0 ping6 -c 1 fc00::100]) +OVS_WAIT_UNTIL([ip netns exec at_ns1 ping6 -c 1 fc00:100::100]) + +dnl First, check the underlay. +NS_CHECK_EXEC([at_ns0], [ping6 -q -c 3 -i 0.3 -w 2 fc00::100 | FORMAT_PING], [0], [dnl +3 packets transmitted, 3 received, 0% packet loss, time 0ms +]) + +dnl Okay, now check the overlay. +NS_CHECK_EXEC([at_ns1], [ping6 -q -c 3 -i 0.3 -w 2 fc00:100::100 | FORMAT_PING], [0], [dnl +3 packets transmitted, 3 received, 0% packet loss, time 0ms +]) + +OVS_TRAFFIC_VSWITCHD_STOP +AT_CLEANUP + AT_SETUP([datapath - clone action]) OVS_TRAFFIC_VSWITCHD_START() diff --git a/tests/system-userspace-macros.at b/tests/system-userspace-macros.at index 610fa2e94ae8..482079386a43 100644 --- a/tests/system-userspace-macros.at +++ b/tests/system-userspace-macros.at @@ -301,6 +301,12 @@ m4_define([OVS_CHECK_KERNEL_EXCL], AT_SKIP_IF([:]) ]) +# OVS_CHECK_SRV6() +m4_define([OVS_CHECK_SRV6], + [AT_SKIP_IF([! ip -6 route add fc00::1/96 encap seg6 mode encap dev lo 2>&1 >/dev/null]) + AT_CHECK([ip -6 route del fc00::1/96 2>&1 >/dev/null]) + OVS_CHECK_FIREWALL()]) + # CHECK_LATER_IPV6_FRAGMENTS() # # Userspace is parsing later IPv6 fragments correctly. diff --git a/tests/tunnel.at b/tests/tunnel.at index 78cc3f3e99a6..ddeb66bc9fb7 100644 --- a/tests/tunnel.at +++ b/tests/tunnel.at @@ -1223,3 +1223,59 @@ AT_CHECK([ovs-vsctl add-port br0 p1 -- set int p1 type=dummy]) OVS_APP_EXIT_AND_WAIT([ovs-vswitchd]) OVS_APP_EXIT_AND_WAIT([ovsdb-server])] AT_CLEANUP + +AT_SETUP([tunnel - SRV6 basic]) +OVS_VSWITCHD_START([add-port br0 p1 -- set Interface p1 type=dummy \ + ofport_request=1 \ + -- add-port br0 p2 -- set Interface p2 type=srv6 \ + options:remote_ip=flow \ + ofport_request=2]) +OVS_VSWITCHD_DISABLE_TUNNEL_PUSH_POP + +dnl First setup dummy interface IP address, then add the route +dnl so that tnl-port table can get valid IP address for the device. +AT_CHECK([ovs-appctl netdev-dummy/ip6addr br0 fc00::1/64], [0], [OK +]) +AT_CHECK([ovs-appctl ovs/route/add fc00::0/64 br0], [0], [OK +]) +AT_CHECK([ovs-appctl ovs/route/show], [0], [dnl +Route Table: +User: fc00::/64 dev br0 SRC fc00::1 +]) + +AT_DATA([flows.txt], [dnl +in_port=1,actions=set_field:fc00::2->tun_ipv6_dst,output:2 +in_port=2,actions=1 +]) +AT_CHECK([ovs-ofctl add-flows br0 flows.txt]) + +AT_CHECK([ovs-appctl dpif/show | tail -n +3], [0], [dnl + br0 65534/100: (dummy-internal) + p1 1/1: (dummy) + p2 2/6: (srv6: remote_ip=flow) +]) + +AT_CHECK([ovs-appctl tnl/ports/show |sort], [0], [dnl +Listening ports: +srv6_sys (6) ref_cnt=1 +srv6_sys (6) ref_cnt=1 +]) + +AT_CHECK([ovs-appctl ofproto/list-tunnels], [0], [dnl +port 6: p2 (srv6: ::->flow, key=0, legacy_l3, dp port=6, ttl=64) +]) + +dnl Encap: ipv4 inner packet +AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(1),eth(src=50:54:00:00:00:05,dst=50:54:00:00:00:07),eth_type(0x0800),ipv4(src=192.168.0.1,dst=192.168.0.2,proto=6,tos=4,ttl=128,frag=no),tcp(src=8,dst=9)'], [0], [stdout]) +AT_CHECK([tail -1 stdout], [0], + [Datapath actions: set(tunnel(ipv6_dst=fc00::2,ttl=64,flags(df))),pop_eth,6 +]) + +dnl Encap: ipv6 inner packet +AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(1),eth(src=50:54:00:00:00:05,dst=50:54:00:00:00:07),eth_type(0x86dd),ipv6(src=2001:cafe::92,dst=2001:cafe::88,label=0,proto=47,tclass=0x0,hlimit=64)'], [0], [stdout]) +AT_CHECK([tail -1 stdout], [0], + [Datapath actions: set(tunnel(ipv6_dst=fc00::2,ttl=64,flags(df))),pop_eth,6 +]) + +OVS_VSWITCHD_STOP +AT_CLEANUP