This patchset adds support for tunneling over IPv6. This is only implemented
for the kernel datapath (and obviously depends on the kernel RFC set
I posted).
Setting up the tunnel over IPv6 is very intuitive to users: in the vport
options, just specify IPv6 address in remote_ip/local_ip instead of the IPv4
one. If flow based tunneling is desired, a new "flow6" keyword can be
specified. Unfortunatelly, using just "flow" is not possible, as the socket
has to be opened beforehand (before any flows are configured) and we need to
know the address family.
Example:
ovs-vsctl add-port ovsbr0 vxlan0 -- \
set interface vxlan0 type=vxlan options:remote_ip=1234::1
or:
ovs-vsctl add-port ovsbr0 vxlan0 -- \
set interface vxlan0 type=vxlan options:remote_ip=flow6
An important thing to note is there's no support for tunneling over IPv6 in
the OpenFlow standard. What's worse, the standard was not written with
tunneling over other protocols than IPv4 in mind. When matching on tunnel
source and destination IPv4 address, there's no prerequisite on the
underlying protocol. There's even no field for the underlying protocol.
To preserve backwards compatibility, I added IPv6 source and destination
address alongside the IPv4 addresses. If the packet is tunneled over IPv6,
the IPv4 fields will contain zeros (and vice versa).
As the IPv6 tunnel fields are not standardized anywhere, I added them with
NXM: none and OXM: none in meta-flow.h. This means that although it's
possible to add flow based IPv6 tunnel vports, it's not possible to
configure flows to use them (unless you add a fake assigment like I did for
testing). I'd very much welcome help with getting these to NXM, as I have no
idea how this works.
Another problem with this set that I haven't been able to solve (and would
welcome any advice) is reconfiguration of the tunnel vports. Changing port
number or address family requires the kernel socket to be closed and
reopened. For port, this is handled by returning a different name in
netdev_vport_get_dpif_port. There's not much problem with adding the address
family to the name but unfortunatelly, it doesn't work so well for address
family change.
The problem is that after the name change, in type_run, the port name is not
found and thus a new tunnel is created. The old tunnel is deleted shortly
afterwards in a different loop. This works well for port change. When
changing the address family, though, the kernel refuses to open IPv6 socket
while an IPv4 socket is still listening on the same port (the UDP port space
is shared between IPv4 and IPv6) and vice versa. We need to destroy the old
socket first and only after that create the new one.
I'd appreciate help with this from someone who's familiar with the
revalidation/reconfiguration logic as I'm a bit lost in the code.
Other problems:
- Documentation has yet to be written. This will be solved before the final
submission.
- User space tunneling support for IPv6 is not implemented. This requires
quite a lot of work and can be written and merged later.
Thanks for review and feedback.
Jiri
Jiri Benc (13):
datapath: add ipv6 tunnel definitions
lib: add ipv6 helper functions for tnl_config
tunneling: add ipv6 fields to netdev_tunnel_config
netlink: helper functions for ipv6 address in netlink attrs
lib: add format_in6_addr and scan_in6_addr
tunneling: extend flow_tnl with ipv6 addresses
ds: implement ds_put_in6_addr
tunneling: extend tnl_match with ipv6
tunneling: ofproto-dpif: prevent IPv6 loops
tunneling: add ipv6 tunnel endpoints to flow_metadata
tunneling: ignore route cache for ipv6 tunnels
meta-flow: add ipv6 tunnel NXM/OXM fields
Increase FLOW_WC_SEQ
datapath/linux/compat/include/linux/openvswitch.h | 3 +
lib/dpif-netlink.c | 6 +-
lib/dpif.c | 6 +-
lib/dynamic-string.c | 9 +++
lib/dynamic-string.h | 2 +
lib/flow.c | 33 ++++++---
lib/flow.h | 6 +-
lib/match.c | 36 ++++++++-
lib/match.h | 6 ++
lib/meta-flow.c | 42 +++++++++++
lib/meta-flow.h | 35 +++++++++
lib/netdev-vport.c | 90 +++++++++++++++++------
lib/netdev.h | 3 +
lib/netlink.c | 18 +++++
lib/netlink.h | 3 +
lib/nx-match.c | 6 +-
lib/odp-util.c | 58 ++++++++++++---
lib/odp-util.h | 8 +-
lib/ofp-print.c | 10 +++
lib/ofp-util.c | 10 ++-
lib/packets.h | 11 +++
lib/smap.c | 11 +++
lib/smap.h | 1 +
lib/socket-util.c | 9 +++
lib/socket-util.h | 1 +
ofproto/ofproto-dpif-rid.h | 2 +-
ofproto/ofproto-dpif-xlate.c | 29 +++++---
ofproto/ofproto-dpif-xlate.h | 2 +-
ofproto/ofproto-dpif.c | 28 +++----
ofproto/tunnel.c | 75 +++++++++++++++----
ofproto/tunnel.h | 2 +-
31 files changed, 464 insertions(+), 97 deletions(-)
--
1.8.3.1
_______________________________________________
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev
