From patchwork Thu Jun 20 15:55:27 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: William Tu X-Patchwork-Id: 1119538 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=openvswitch.org (client-ip=140.211.169.12; helo=mail.linuxfoundation.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="cOe0rdGi"; dkim-atps=neutral Received: from mail.linuxfoundation.org (mail.linuxfoundation.org [140.211.169.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 45V5yx3Bmnz9s3l for ; Fri, 21 Jun 2019 01:56:24 +1000 (AEST) Received: from mail.linux-foundation.org (localhost [127.0.0.1]) by mail.linuxfoundation.org (Postfix) with ESMTP id D3E94D7D; Thu, 20 Jun 2019 15:56:22 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@mail.linuxfoundation.org Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 6C531C9E for ; Thu, 20 Jun 2019 15:56:21 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-pf1-f194.google.com (mail-pf1-f194.google.com [209.85.210.194]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id A570F7DB for ; Thu, 20 Jun 2019 15:56:20 +0000 (UTC) Received: by mail-pf1-f194.google.com with SMTP id r1so1899823pfq.12 for ; Thu, 20 Jun 2019 08:56:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:subject:date:message-id; bh=/jXJHvyqD95gHMIa2OlK4rbMpBCqZerMi4KF5JjkZyw=; b=cOe0rdGi8g7htMRVGVv+3qA21dNXhbf2Nv4zgPexFC+DSM045sOlr2zyLEM9CFkhSH pP70XsYs017ZaHPQSvCJpVg2oFl3X3W9PK4L6lLa0XojxdAoIYuOXDzNEZTBgqSdXDdY qr70yAHtsP+AyL61T2L5AaxSOt/BLRiK4CzhBwGUVKBbISV5lbuTQmera0mggIs337ar wSTwSNIqmBYaMQbPU5CM6c/Bpoq6Y9p9DQnXUgBw2JIZu0jjvL4Er746w+iCpnI4N26L o/oXuEM+ZqGJ8XLhczGZSUyKwHVxzLWmiFvSgmW6tjUBj2TSpjXSRwQgc9yo1N3oOMkH a1Og== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id; bh=/jXJHvyqD95gHMIa2OlK4rbMpBCqZerMi4KF5JjkZyw=; b=fBHwou9+dOntTshT723hQPpfKYCC/N/Wr+yP1naLrgXNiDBT5hKqNKW9alji7ajznV 7N8q8PeCd1vLqQXAar22SmCSsKJ5Bou+QaXPGzD/htnS36EmuCGbRSo0RMndtZm05iYM rWTIwIf4pVTKAwJveCrm1oQMHSKLflo2BGCaYSI/WVnbaXrUMLWneHvf1weP+1qs8Ouy QdKQvaKZJLlr1QS+RGBDIEGAxtzmF2Zr6A9O5RZyVA3KKaq2i00d86JJE1lAr+OC+1bK my22z1d6GoxoFF4FHz+llfSArHz2/TmAk/aS6TNUsxyK5peL9tnGwxU1pXLfyaE3ZBrT N8PA== X-Gm-Message-State: APjAAAUtW6YoJEjb2NrBJHLDWOVydh3rYpULLnnvBb6NmM38/bLC+lrK 5++06zqo1jyy79EqqmU3EAp4tvHt X-Google-Smtp-Source: APXvYqxZpGbp72UOIe0jYqgVxjRgW2jiP8cj4f3VlgYOh2W40gk2Dnt99lT0rWOFCZvM4qN1aQ3wNw== X-Received: by 2002:a17:90a:216f:: with SMTP id a102mr332996pje.29.1561046179881; Thu, 20 Jun 2019 08:56:19 -0700 (PDT) Received: from sc9-mailhost3.vmware.com ([66.170.99.2]) by smtp.gmail.com with ESMTPSA id 27sm35887pgl.82.2019.06.20.08.56.19 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 20 Jun 2019 08:56:19 -0700 (PDT) From: William Tu To: dev@openvswitch.org, gvrose8192@gmail.com, elibr@mellanox.com Date: Thu, 20 Jun 2019 08:55:27 -0700 Message-Id: <1561046127-102875-1-git-send-email-u9012063@gmail.com> X-Mailer: git-send-email 2.7.4 X-Spam-Status: No, score=-1.7 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_ENVFROM_END_DIGIT,FREEMAIL_FROM, RCVD_IN_DNSWL_NONE autolearn=no version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Subject: [ovs-dev] [PATCHv2] tunnel: add ip6gretap support. X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: ovs-dev-bounces@openvswitch.org Errors-To: ovs-dev-bounces@openvswitch.org The patch adds ip6gretap support. Tunnel type ip6gretap is a layer 2 GRE tunnel over IPv6, carrying inner ethernet packets and encap with GRE header with outer IPv6 header. I tested it by running: # make check-kernel under kernel 5.2 and for userspace: # make check TESTSUITEFLAGS='-k ip6gretap' Signed-off-by: William Tu Tested-by: Greg Rose Reviewed-by: Greg Rose --- v1-v2: rebase to master --- Documentation/faq/configuration.rst | 12 +++++++ NEWS | 1 + datapath/linux/compat/ip6_gre.c | 2 +- lib/dpif-netlink-rtnl.c | 2 +- lib/dpif-netlink.c | 4 ++- lib/netdev-vport.c | 4 +-- lib/tnl-ports.c | 3 +- tests/system-traffic.at | 40 ++++++++++++++++++++++ tests/tunnel-push-pop-ipv6.at | 68 +++++++++++++++++++++++++++++++++++++ 9 files changed, 130 insertions(+), 6 deletions(-) diff --git a/Documentation/faq/configuration.rst b/Documentation/faq/configuration.rst index cb2c6b4eca98..c9bcfa8a790d 100644 --- a/Documentation/faq/configuration.rst +++ b/Documentation/faq/configuration.rst @@ -212,6 +212,18 @@ Q: Does Open vSwitch support ERSPAN? options:erspan_ver=2 options:erspan_dir=1 \ options:erspan_hwid=4 +Q: Does Open vSwitch support IPv6 GRE? + + A: Yes. L2 tunnel interface GRE over IPv6 is supported. + L3 GRE tunnel over IPv6 is not supported. + + :: + + $ ovs-vsctl add-br br0 + $ ovs-vsctl add-port br0 at_gretap0 -- \ + set int at_gretap0 type=ip6gretap \ + options:remote_ip=fc00:100::1 + Q: How do I connect two bridges? A: First, why do you want to do this? Two connected bridges are not much diff --git a/NEWS b/NEWS index a38ab258fc6c..c7e84ed7931d 100644 --- a/NEWS +++ b/NEWS @@ -47,6 +47,7 @@ Post-v2.11.0 - Linux datapath: * Support for the kernel versions 4.19.x and 4.20.x. * Support for the kernel version 5.0.x. + - Add L2 GRE tunnel over IPv6 support. v2.11.0 - 19 Feb 2019 diff --git a/datapath/linux/compat/ip6_gre.c b/datapath/linux/compat/ip6_gre.c index ca4e66133570..ab50c72d0753 100644 --- a/datapath/linux/compat/ip6_gre.c +++ b/datapath/linux/compat/ip6_gre.c @@ -2550,7 +2550,7 @@ static struct rtnl_link_ops ip6gre_link_ops __read_mostly = { }; static struct rtnl_link_ops ip6gre_tap_ops __read_mostly = { - .kind = "ip6gre", + .kind = "ip6gretap", .maxtype = RPL_IFLA_GRE_MAX, .policy = ip6gre_policy, .priv_size = sizeof(struct ip6_tnl), diff --git a/lib/dpif-netlink-rtnl.c b/lib/dpif-netlink-rtnl.c index 2e23a8c14fcf..d666f239aeed 100644 --- a/lib/dpif-netlink-rtnl.c +++ b/lib/dpif-netlink-rtnl.c @@ -104,7 +104,7 @@ vport_type_to_kind(enum ovs_vport_type type, case OVS_VPORT_TYPE_IP6ERSPAN: return "ip6erspan"; case OVS_VPORT_TYPE_IP6GRE: - return "ip6gre"; + return "ip6gretap"; case OVS_VPORT_TYPE_NETDEV: case OVS_VPORT_TYPE_INTERNAL: case OVS_VPORT_TYPE_LISP: diff --git a/lib/dpif-netlink.c b/lib/dpif-netlink.c index ba80a0079181..fc1d1591975e 100644 --- a/lib/dpif-netlink.c +++ b/lib/dpif-netlink.c @@ -699,7 +699,7 @@ get_vport_type(const struct dpif_netlink_vport *vport) return "ip6erspan"; case OVS_VPORT_TYPE_IP6GRE: - return "ip6gre"; + return "ip6gretap"; case OVS_VPORT_TYPE_UNSPEC: case __OVS_VPORT_TYPE_MAX: @@ -730,6 +730,8 @@ netdev_to_ovs_vport_type(const char *type) return OVS_VPORT_TYPE_ERSPAN; } else if (!strcmp(type, "ip6erspan")) { return OVS_VPORT_TYPE_IP6ERSPAN; + } else if (!strcmp(type, "ip6gretap")) { + return OVS_VPORT_TYPE_IP6GRE; } else if (!strcmp(type, "ip6gre")) { return OVS_VPORT_TYPE_IP6GRE; } else if (!strcmp(type, "gre")) { diff --git a/lib/netdev-vport.c b/lib/netdev-vport.c index 92a256af16ed..5a20415529eb 100644 --- a/lib/netdev-vport.c +++ b/lib/netdev-vport.c @@ -1212,10 +1212,10 @@ netdev_vport_tunnel_register(void) }, {{NULL, NULL, 0, 0}} }, - { "ip6gre_sys", + { "ip6gretap_sys", { TUNNEL_FUNCTIONS_COMMON, - .type = "ip6gre", + .type = "ip6gretap", .build_header = netdev_gre_build_header, .push_header = netdev_gre_push_header, .pop_header = netdev_gre_pop_header diff --git a/lib/tnl-ports.c b/lib/tnl-ports.c index 17353046cc6e..62065c0027cd 100644 --- a/lib/tnl-ports.c +++ b/lib/tnl-ports.c @@ -172,7 +172,8 @@ tnl_type_to_nw_proto(const char type[]) return IPPROTO_TCP; } if (!strcmp(type, "gre") || !strcmp(type, "erspan") || - !strcmp(type, "ip6erspan") || !strcmp(type, "ip6gre")) { + !strcmp(type, "ip6erspan") || !strcmp(type, "ip6gre") || + !strcmp(type, "ip6gretap")) { return IPPROTO_GRE; } if (!strcmp(type, "vxlan")) { diff --git a/tests/system-traffic.at b/tests/system-traffic.at index d23ee897b0b2..43056733794a 100644 --- a/tests/system-traffic.at +++ b/tests/system-traffic.at @@ -340,6 +340,46 @@ NS_CHECK_EXEC([at_ns0], [ping -s 3200 -q -c 3 -i 0.3 -w 2 10.1.1.100 | FORMAT_PI OVS_TRAFFIC_VSWITCHD_STOP AT_CLEANUP +AT_SETUP([datapath - ping over ip6gretap tunnel]) +OVS_CHECK_KERNEL_EXCL(3, 10, 4, 15) +OVS_CHECK_GRE() +OVS_CHECK_ERSPAN() + +OVS_TRAFFIC_VSWITCHD_START() +ADD_BR([br-underlay]) + +AT_CHECK([ovs-ofctl add-flow br0 "actions=normal"]) +AT_CHECK([ovs-ofctl add-flow br-underlay "actions=normal"]) + +ADD_NAMESPACES(at_ns0) + +dnl Set up underlay link from host into the namespace using veth pair. +ADD_VETH(p0, at_ns0, br-underlay, "fc00:100::1/96", [], [], nodad) +AT_CHECK([ip addr add dev br-underlay "fc00:100::100/96" nodad]) +AT_CHECK([ip link set dev br-underlay up]) + +dnl Set up tunnel endpoints on OVS outside the namespace and with a native +dnl linux device inside the namespace. +ADD_OVS_TUNNEL6([ip6gretap], [br0], [at_gretap0], [fc00:100::1], [10.1.1.100/24], + []) +ADD_NATIVE_TUNNEL6([ip6gretap], [ns_gretap0], [at_ns0], [fc00:100::100], + [10.1.1.1/24], [local fc00:100::1]) + +OVS_WAIT_UNTIL([ip netns exec at_ns0 ping6 -c 2 fc00:100::100]) + +dnl First, check the underlay +NS_CHECK_EXEC([at_ns0], [ping6 -q -c 3 -i 0.3 -w 2 fc00:100::100 | FORMAT_PING], [0], [dnl +3 packets transmitted, 3 received, 0% packet loss, time 0ms +]) + +dnl Okay, now check the overlay with different packet sizes +NS_CHECK_EXEC([at_ns0], [ping -q -c 3 -i 0.3 -w 2 10.1.1.100 | FORMAT_PING], [0], [dnl +3 packets transmitted, 3 received, 0% packet loss, time 0ms +]) +OVS_TRAFFIC_VSWITCHD_STOP +AT_CLEANUP + + AT_SETUP([datapath - ping over erspan v1 tunnel]) OVS_CHECK_KERNEL_EXCL(3, 10, 4, 15) OVS_CHECK_GRE() diff --git a/tests/tunnel-push-pop-ipv6.at b/tests/tunnel-push-pop-ipv6.at index cbdd5a32f719..07dd6ab504a0 100644 --- a/tests/tunnel-push-pop-ipv6.at +++ b/tests/tunnel-push-pop-ipv6.at @@ -1,5 +1,73 @@ AT_BANNER([tunnel_push_pop_ipv6]) +AT_SETUP([tunnel_push_pop_ipv6 - ip6gretap]) + +OVS_VSWITCHD_START([add-port br0 p0 -- set Interface p0 type=dummy ofport_request=1 other-config:hwaddr=aa:55:aa:55:00:00]) +AT_CHECK([ovs-vsctl add-br int-br -- set bridge int-br datapath_type=dummy], [0]) +AT_CHECK([ovs-vsctl add-port int-br t2 -- set Interface t2 type=ip6gretap \ + options:remote_ip=2001:cafe::92 ofport_request=2\ + ], [0]) + +AT_CHECK([ovs-appctl dpif/show], [0], [dnl +dummy@ovs-dummy: hit:0 missed:0 + br0: + br0 65534/100: (dummy-internal) + p0 1/1: (dummy) + int-br: + int-br 65534/2: (dummy-internal) + t2 2/6: (ip6gretap: remote_ip=2001:cafe::92) +]) + +dnl First setup dummy interface IP address, then add the route +dnl so that tnl-port table can get valid IP address for the device. +AT_CHECK([ovs-appctl netdev-dummy/ip6addr br0 2001:cafe::88/24], [0], [OK +]) +AT_CHECK([ovs-appctl netdev-dummy/ip4addr br0 1.1.2.88/24], [0], [OK +]) +AT_CHECK([ovs-appctl ovs/route/add 2001:cafe::92/24 br0], [0], [OK +]) + +AT_CHECK([ovs-ofctl add-flow br0 action=normal]) + +dnl Check Neighbour discovery. +AT_CHECK([ovs-vsctl -- set Interface p0 options:pcap=p0.pcap]) + +AT_CHECK([ovs-appctl netdev-dummy/receive int-br 'in_port(2),eth(src=aa:55:aa:55:00:00,dst=f8:bc:12:ff:ff:ff),eth_type(0x0800),ipv4(src=1.1.3.92,dst=1.1.3.88,proto=1,tos=0,ttl=64,frag=no),icmp(type=0,code=0)']) +AT_CHECK([ovs-pcap p0.pcap > p0.pcap.txt 2>&1]) + +AT_CHECK([cat p0.pcap.txt | grep 92aa55aa55000086dd6000000000203aff2001cafe | uniq], [0], [dnl +3333ff000092aa55aa55000086dd6000000000203aff2001cafe000000000000000000000088ff0200000000000000000001ff00009287004d48000000002001cafe0000000000000000000000920101aa55aa550000 +]) + +dnl +AT_CHECK([ovs-appctl netdev-dummy/receive p0 'in_port(1),eth(src=f8:bc:12:44:34:b6,dst=aa:55:aa:55:00:00),eth_type(0x86dd),ipv6(src=2001:cafe::92,dst=2001:cafe::88,label=0,proto=58,tclass=0,hlimit=255,frag=no),icmpv6(type=136,code=0),nd(target=2001:cafe::92,sll=00:00:00:00:00:00,tll=f8:bc:12:44:34:b6)']) + +AT_CHECK([ovs-appctl tnl/arp/show | tail -n+3 | sort], [0], [dnl +2001:cafe::92 f8:bc:12:44:34:b6 br0 +]) + +AT_CHECK([ovs-appctl tnl/ports/show |sort], [0], [dnl +Listening ports: +ip6gretap_sys (6) ref_cnt=1 +]) + +dnl Check IPv6 GRE tunnel pop +AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(1),eth(src=f8:bc:12:44:34:b6,dst=aa:55:aa:55:00:00),eth_type(0x86dd),ipv6(src=2001:cafe::92,dst=2001:cafe::88,label=0,proto=47,tclass=0x0,hlimit=64)'], [0], [stdout]) +AT_CHECK([tail -1 stdout], [0], + [Datapath actions: tnl_pop(6) +]) + +dnl Check IPv6 GRE tunnel push +AT_CHECK([ovs-ofctl add-flow int-br action=2]) +AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(2),eth(src=f8:bc:12:44:34:b6,dst=aa:55:aa:55:00:01),eth_type(0x0800),ipv4(src=1.1.3.88,dst=1.1.3.112,proto=47,tos=0,ttl=64,frag=no)'], [0], [stdout]) + +AT_CHECK([tail -1 stdout], [0], + [Datapath actions: clone(tnl_push(tnl_port(6),header(size=58,type=109,eth(dst=f8:bc:12:44:34:b6,src=aa:55:aa:55:00:00,dl_type=0x86dd),ipv6(src=2001:cafe::88,dst=2001:cafe::92,label=0,proto=47,tclass=0x0,hlimit=64),gre((flags=0x0,proto=0x6558))),out_port(100)),1) +]) + +OVS_VSWITCHD_STOP +AT_CLEANUP + AT_SETUP([tunnel_push_pop_ipv6 - ip6erspan]) OVS_VSWITCHD_START([add-port br0 p0 -- set Interface p0 type=dummy ofport_request=1 other-config:hwaddr=aa:55:aa:55:00:00])