From f998057fb331b82484b55a7262dc44b33aebc453 Mon Sep 17 00:00:00 2001 From: Carmine Scarpitta Date: Thu, 17 Nov 2022 00:08:21 +0100 Subject: [PATCH 01/11] zebra: Abstract the `netlink_socket()` API The `netlink_socket()` function is used in many places to create and initialize Netlink sockets. Currently, it can only create `NETLINK_ROUTE` Netlink sockets. This commit generalizes the behavior of the `netlink_socket()` function, enabling it to generate Netlink sockets of any type. Specifically, it extends the `netlink_socket()` function with a new argument `nl_family`, which allows developers to specify the Netlink family of the socket to be created. Signed-off-by: Carmine Scarpitta --- zebra/kernel_netlink.c | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/zebra/kernel_netlink.c b/zebra/kernel_netlink.c index 5c31362eba50..bc284b8b66ec 100644 --- a/zebra/kernel_netlink.c +++ b/zebra/kernel_netlink.c @@ -309,15 +309,18 @@ static const char *group2str(uint32_t group) /* Make socket for Linux netlink interface. */ static int netlink_socket(struct nlsock *nl, unsigned long groups, uint32_t ext_groups[], uint8_t ext_group_size, - ns_id_t ns_id) + ns_id_t ns_id, int nl_family) { int ret; struct sockaddr_nl snl; int sock; int namelen; + if (nl_family != NETLINK_ROUTE) + return -1; + frr_with_privs(&zserv_privs) { - sock = ns_socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE, ns_id); + sock = ns_socket(AF_NETLINK, SOCK_RAW, nl_family, ns_id); if (sock < 0) { zlog_err("Can't open %s socket: %s", nl->name, safe_strerror(errno)); @@ -1756,8 +1759,8 @@ void kernel_init(struct zebra_ns *zns) snprintf(zns->netlink.name, sizeof(zns->netlink.name), "netlink-listen (NS %u)", zns->ns_id); zns->netlink.sock = -1; - if (netlink_socket(&zns->netlink, groups, &ext_groups, 1, zns->ns_id) < - 0) { + if (netlink_socket(&zns->netlink, groups, &ext_groups, 1, zns->ns_id, + NETLINK_ROUTE) < 0) { zlog_err("Failure to create %s socket", zns->netlink.name); exit(-1); @@ -1768,7 +1771,8 @@ void kernel_init(struct zebra_ns *zns) snprintf(zns->netlink_cmd.name, sizeof(zns->netlink_cmd.name), "netlink-cmd (NS %u)", zns->ns_id); zns->netlink_cmd.sock = -1; - if (netlink_socket(&zns->netlink_cmd, 0, 0, 0, zns->ns_id) < 0) { + if (netlink_socket(&zns->netlink_cmd, 0, 0, 0, zns->ns_id, + NETLINK_ROUTE) < 0) { zlog_err("Failure to create %s socket", zns->netlink_cmd.name); exit(-1); @@ -1781,7 +1785,8 @@ void kernel_init(struct zebra_ns *zns) sizeof(zns->netlink_dplane_out.name), "netlink-dp (NS %u)", zns->ns_id); zns->netlink_dplane_out.sock = -1; - if (netlink_socket(&zns->netlink_dplane_out, 0, 0, 0, zns->ns_id) < 0) { + if (netlink_socket(&zns->netlink_dplane_out, 0, 0, 0, zns->ns_id, + NETLINK_ROUTE) < 0) { zlog_err("Failure to create %s socket", zns->netlink_dplane_out.name); exit(-1); @@ -1795,7 +1800,7 @@ void kernel_init(struct zebra_ns *zns) zns->ns_id); zns->netlink_dplane_in.sock = -1; if (netlink_socket(&zns->netlink_dplane_in, dplane_groups, 0, 0, - zns->ns_id) < 0) { + zns->ns_id, NETLINK_ROUTE) < 0) { zlog_err("Failure to create %s socket", zns->netlink_dplane_in.name); exit(-1); From e14d1dcdbc7c35481760d721b68fa6bcdcd8bf69 Mon Sep 17 00:00:00 2001 From: Carmine Scarpitta Date: Thu, 17 Nov 2022 00:15:40 +0100 Subject: [PATCH 02/11] zebra: Add Generic Netlink socket zebra already supports several Netlink sockets which allow it to communicate with the kernel. Each Netlink socket has a specific purpose: we have a socket for incoming events from the kernel, a socket for programming the dataplane, a socket for the kernel messages, a socket used as the command channel. All the currently supported sockets are based on the `NETLINK_ROUTE` protocol. This commit adds a new Netlink socket that allows zebra to send commands to the kernel using the `Generic Netlink` protocol. Signed-off-by: Carmine Scarpitta --- zebra/kernel_netlink.c | 64 ++++++++++++++++++++++++++++++++++++++++-- zebra/kernel_netlink.h | 3 ++ zebra/zebra_ns.h | 2 ++ 3 files changed, 66 insertions(+), 3 deletions(-) diff --git a/zebra/kernel_netlink.c b/zebra/kernel_netlink.c index bc284b8b66ec..424794135de6 100644 --- a/zebra/kernel_netlink.c +++ b/zebra/kernel_netlink.c @@ -316,9 +316,6 @@ static int netlink_socket(struct nlsock *nl, unsigned long groups, int sock; int namelen; - if (nl_family != NETLINK_ROUTE) - return -1; - frr_with_privs(&zserv_privs) { sock = ns_socket(AF_NETLINK, SOCK_RAW, nl_family, ns_id); if (sock < 0) { @@ -1230,6 +1227,33 @@ int netlink_talk(int (*filter)(struct nlmsghdr *, ns_id_t, int startup), return netlink_talk_info(filter, n, &dp_info, startup); } +/* + * Synchronous version of netlink_talk_info. Converts args to suit the + * common version, which is suitable for both sync and async use. + */ +int ge_netlink_talk(int (*filter)(struct nlmsghdr *, ns_id_t, int startup), + struct nlmsghdr *n, struct zebra_ns *zns, bool startup) +{ + struct zebra_dplane_info dp_info; + + if (zns->ge_netlink_cmd.sock < 0) + return -1; + + /* Increment sequence number before capturing snapshot of ns socket + * info. + */ + zns->ge_netlink_cmd.seq = zebra_router_get_next_sequence(); + + /* Capture info in intermediate info struct */ + dp_info.ns_id = zns->ns_id; + + dp_info.is_cmd = true; + dp_info.sock = zns->ge_netlink_cmd.sock; + dp_info.seq = zns->ge_netlink_cmd.seq; + + return netlink_talk_info(filter, n, &dp_info, startup); +} + /* Issue request message to kernel via netlink socket. GET messages * are issued through this interface. */ @@ -1808,6 +1832,19 @@ void kernel_init(struct zebra_ns *zns) kernel_netlink_nlsock_insert(&zns->netlink_dplane_in); + /* Generic Netlink socket. */ + snprintf(zns->ge_netlink_cmd.name, sizeof(zns->ge_netlink_cmd.name), + "generic-netlink-cmd (NS %u)", zns->ns_id); + zns->ge_netlink_cmd.sock = -1; + if (netlink_socket(&zns->ge_netlink_cmd, 0, 0, 0, zns->ns_id, + NETLINK_GENERIC) < 0) { + zlog_warn("Failure to create %s socket", + zns->ge_netlink_cmd.name); + } + + if (zns->ge_netlink_cmd.sock >= 0) + kernel_netlink_nlsock_insert(&zns->ge_netlink_cmd); + /* * SOL_NETLINK is not available on all platforms yet * apparently. It's in bits/socket.h which I am not @@ -1846,6 +1883,15 @@ void kernel_init(struct zebra_ns *zns) zlog_notice("Registration for extended dp ACK failed : %d %s", errno, safe_strerror(errno)); + if (zns->ge_netlink_cmd.sock >= 0) { + one = 1; + ret = setsockopt(zns->ge_netlink_cmd.sock, SOL_NETLINK, + NETLINK_EXT_ACK, &one, sizeof(one)); + if (ret < 0) + zlog_err("Registration for extended generic netlink cmd ACK failed : %d %s", + errno, safe_strerror(errno)); + } + /* * Trim off the payload of the original netlink message in the * acknowledgment. This option is available since Linux 4.2, so if @@ -1878,12 +1924,22 @@ void kernel_init(struct zebra_ns *zns) zns->netlink_dplane_in.name, safe_strerror(errno), errno); + if (zns->ge_netlink_cmd.sock >= 0) { + if (fcntl(zns->ge_netlink_cmd.sock, F_SETFL, O_NONBLOCK) < 0) + zlog_err("Can't set %s socket error: %s(%d)", + zns->ge_netlink_cmd.name, safe_strerror(errno), + errno); + } + /* Set receive buffer size if it's set from command line */ if (rcvbufsize) { netlink_recvbuf(&zns->netlink, rcvbufsize); netlink_recvbuf(&zns->netlink_cmd, rcvbufsize); netlink_recvbuf(&zns->netlink_dplane_out, rcvbufsize); netlink_recvbuf(&zns->netlink_dplane_in, rcvbufsize); + + if (zns->ge_netlink_cmd.sock >= 0) + netlink_recvbuf(&zns->ge_netlink_cmd, rcvbufsize); } /* Set filter for inbound sockets, to exclude events we've generated @@ -1926,6 +1982,8 @@ void kernel_terminate(struct zebra_ns *zns, bool complete) kernel_nlsock_fini(&zns->netlink_dplane_in); + kernel_nlsock_fini(&zns->ge_netlink_cmd); + /* During zebra shutdown, we need to leave the dataplane socket * around until all work is done. */ diff --git a/zebra/kernel_netlink.h b/zebra/kernel_netlink.h index e910f6244484..e37bba0cf624 100644 --- a/zebra/kernel_netlink.h +++ b/zebra/kernel_netlink.h @@ -98,6 +98,9 @@ extern int netlink_talk_filter(struct nlmsghdr *h, ns_id_t ns, int startup); extern int netlink_talk(int (*filter)(struct nlmsghdr *, ns_id_t, int startup), struct nlmsghdr *n, struct nlsock *nl, struct zebra_ns *zns, bool startup); +extern int +ge_netlink_talk(int (*filter)(struct nlmsghdr *, ns_id_t, int startup), + struct nlmsghdr *n, struct zebra_ns *zns, bool startup); extern int netlink_request(struct nlsock *nl, void *req); enum netlink_msg_status { diff --git a/zebra/zebra_ns.h b/zebra/zebra_ns.h index cda8bada0c34..55cbb9552817 100644 --- a/zebra/zebra_ns.h +++ b/zebra/zebra_ns.h @@ -49,6 +49,8 @@ struct zebra_ns { struct nlsock netlink_dplane_out; struct nlsock netlink_dplane_in; struct event *t_netlink; + + struct nlsock ge_netlink_cmd; /* command channel for generic netlink */ #endif struct route_table *if_table; From 959267f7c201a84b90cc00ac2b7a0c0b3490c8b6 Mon Sep 17 00:00:00 2001 From: Carmine Scarpitta Date: Thu, 3 Nov 2022 16:16:23 +0100 Subject: [PATCH 03/11] zebra: Add function to resolve Generic Netlink family Generic Netlink is an extension of Netlink meant for kernel-user space communications. It supports the dynamic allocation of communication channels. Kernel and user space applications register their services with a Generic Netlink controller. The Generic Netlink controller is responsible for assigning a unique channel number with each service. Clients who want to use a service query the controller to see if the service exists and to determine the correct channel number. The channel number is used to access the requested service. This commit adds the base functionality to get the channel number assigned to a specific service. More precisely, this commit adds a function `genl_resolve_family()` that takes the service name (called family in the Generic Netlink terminology) as an input parameter and queries the Generic Netlink controller to get the channel number assigned with the requested service. Signed-off-by: Carmine Scarpitta --- zebra/ge_netlink.c | 130 +++++++++++++++++++++++++++++++++++++++++ zebra/ge_netlink.h | 36 ++++++++++++ zebra/kernel_netlink.c | 3 + zebra/subdir.am | 2 + 4 files changed, 171 insertions(+) create mode 100644 zebra/ge_netlink.c create mode 100644 zebra/ge_netlink.h diff --git a/zebra/ge_netlink.c b/zebra/ge_netlink.c new file mode 100644 index 000000000000..6fce1f9aa51a --- /dev/null +++ b/zebra/ge_netlink.c @@ -0,0 +1,130 @@ +// SPDX-License-Identifier: GPL-2.0-or-later +/* + * Generic Netlink functions. + * Copyright (C) 2022, Carmine Scarpitta + */ + +#include + +#ifdef HAVE_NETLINK + +/* The following definition is to workaround an issue in the Linux kernel + * header files with redefinition of 'struct in6_addr' in both + * netinet/in.h and linux/in6.h. + * Reference - https://sourceware.org/ml/libc-alpha/2013-01/msg00599.html + */ +#define _LINUX_IN6_H + +#include +#include +#include + +#include "lib/ns.h" +#include "zebra/ge_netlink.h" +#include "zebra/debug.h" +#include "zebra/kernel_netlink.h" + + +/* + * Numeric family identifier used to configure SRv6 internal parameters through Generic Netlink. + */ +static int16_t seg6_genl_family = -1; + +static int genl_parse_getfamily(struct nlmsghdr *h, ns_id_t ns_id, int startup) +{ + int len; + struct rtattr *tb[CTRL_ATTR_MAX + 1]; + struct genlmsghdr *ghdr = NLMSG_DATA(h); + struct rtattr *attrs; + const char *family; + + if (h->nlmsg_type != GENL_ID_CTRL) { + zlog_err( + "Not a controller message, nlmsg_len=%d nlmsg_type=0x%x", + h->nlmsg_len, h->nlmsg_type); + return 0; + } + + len = h->nlmsg_len - NLMSG_LENGTH(GENL_HDRLEN); + if (len < 0) { + zlog_err( + "Message received from netlink is of a broken size %d %zu", + h->nlmsg_len, (size_t)NLMSG_LENGTH(GENL_HDRLEN)); + return -1; + } + + if (ghdr->cmd != CTRL_CMD_NEWFAMILY) { + zlog_err("Unknown controller command %d", ghdr->cmd); + return -1; + } + + attrs = (struct rtattr *)((char *)ghdr + GENL_HDRLEN); + netlink_parse_rtattr(tb, CTRL_ATTR_MAX, attrs, len); + + if (tb[CTRL_ATTR_FAMILY_ID] == NULL) { + zlog_err("Missing family id TLV"); + return -1; + } + + if (tb[CTRL_ATTR_FAMILY_NAME] == NULL) { + zlog_err("Missing family name TLV"); + return -1; + } + + family = (char *)RTA_DATA(tb[CTRL_ATTR_FAMILY_NAME]); + + if (strmatch(family, "SEG6")) + seg6_genl_family = + *(int16_t *)RTA_DATA(tb[CTRL_ATTR_FAMILY_ID]); + else { + if (IS_ZEBRA_DEBUG_KERNEL) + zlog_err("Unsupported Generic Netlink family '%s'", + family); + return -1; + } + + return 0; +} + +int genl_resolve_family(const char *family) +{ + struct zebra_ns *zns; + struct genl_request req; + + memset(&req, 0, sizeof(req)); + + zns = zebra_ns_lookup(NS_DEFAULT); + + req.n.nlmsg_len = NLMSG_LENGTH(GENL_HDRLEN); + req.n.nlmsg_flags = NLM_F_REQUEST; + req.n.nlmsg_type = GENL_ID_CTRL; + + req.n.nlmsg_pid = zns->ge_netlink_cmd.snl.nl_pid; + + req.g.cmd = CTRL_CMD_GETFAMILY; + req.g.version = 0; + + if (!nl_attr_put(&req.n, sizeof(req), CTRL_ATTR_FAMILY_NAME, family, + strlen(family) + 1)) + return -1; + + return ge_netlink_talk(genl_parse_getfamily, &req.n, zns, false); +} + +void ge_netlink_init(struct zebra_ns *zns) +{ + if (zns->ge_netlink_cmd.sock < 0) + return; + + /* + * Resolves the 'seg6' Generic Netlink family name to the corresponding numeric family identifier. + * This will give us the numeric family identifier required to send 'seg6' commands to the kernel + * over the Generic Netlink socket. 'seg6' commands are used to configure SRv6 internal parameters + * such as the address to use as source for encapsulated packets. + */ + if (genl_resolve_family("SEG6")) + zlog_warn( + "Kernel does not support 'SEG6' Generic Netlink family. Any attempt to set the encapsulation parameters under the SRv6 configuration will fail"); +} + +#endif /* HAVE_NETLINK */ diff --git a/zebra/ge_netlink.h b/zebra/ge_netlink.h new file mode 100644 index 000000000000..402a29b66e41 --- /dev/null +++ b/zebra/ge_netlink.h @@ -0,0 +1,36 @@ +// SPDX-License-Identifier: GPL-2.0-or-later +/* + * Header file exported by ge_netlink.c to zebra. + * Copyright (C) 2022, Carmine Scarpitta + */ + +#ifndef _ZEBRA_GE_NETLINK_H +#define _ZEBRA_GE_NETLINK_H + +#include "zebra_dplane.h" + +#ifdef HAVE_NETLINK + +#include + +#ifdef __cplusplus +extern "C" { +#endif + +/* Generic Netlink request message */ +struct genl_request { + struct nlmsghdr n; + struct genlmsghdr g; + char buf[1024]; +}; + +extern int genl_resolve_family(const char *family); +extern void ge_netlink_init(struct zebra_ns *zns); + +#ifdef __cplusplus +} +#endif + +#endif /* HAVE_NETLINK */ + +#endif /* _ZEBRA_GE_NETLINK_H */ diff --git a/zebra/kernel_netlink.c b/zebra/kernel_netlink.c index 424794135de6..5aa509d116ec 100644 --- a/zebra/kernel_netlink.c +++ b/zebra/kernel_netlink.c @@ -38,6 +38,7 @@ #include "zebra/tc_netlink.h" #include "zebra/netconf_netlink.h" #include "zebra/zebra_errors.h" +#include "zebra/ge_netlink.h" #ifndef SO_RCVBUFFORCE #define SO_RCVBUFFORCE (33) @@ -1958,6 +1959,8 @@ void kernel_init(struct zebra_ns *zns) &zns->t_netlink); rt_netlink_init(); + + ge_netlink_init(); } /* Helper to clean up an nlsock */ diff --git a/zebra/subdir.am b/zebra/subdir.am index b3bd9be9c274..a59515d3a858 100644 --- a/zebra/subdir.am +++ b/zebra/subdir.am @@ -52,6 +52,7 @@ zebra_zebra_SOURCES = \ zebra/redistribute.c \ zebra/router-id.c \ zebra/rt_netlink.c \ + zebra/ge_netlink.c \ zebra/rt_socket.c \ zebra/rtadv.c \ zebra/rtread_netlink.c \ @@ -144,6 +145,7 @@ noinst_HEADERS += \ zebra/router-id.h \ zebra/rt.h \ zebra/rt_netlink.h \ + zebra/ge_netlink.h \ zebra/rtadv.h \ zebra/rule_netlink.h \ zebra/table_manager.h \ From 8d0b4745a1acd5e363159a1b9732a0fd596413e5 Mon Sep 17 00:00:00 2001 From: Carmine Scarpitta Date: Thu, 3 Nov 2022 16:23:51 +0100 Subject: [PATCH 04/11] zebra: Add code to set SRv6 encap source addr in dplane Add a bunch of set functions and associated data structure in zebra_dplane to allow the configuration of the source address for SRv6 encap in the data plane. Signed-off-by: Carmine Scarpitta --- zebra/dplane_fpm_nl.c | 1 + zebra/ge_netlink.c | 100 +++++++++++++++++++++++++++++++++++++++++ zebra/ge_netlink.h | 9 ++++ zebra/kernel_netlink.c | 3 ++ zebra/kernel_socket.c | 1 + zebra/zebra_dplane.c | 94 ++++++++++++++++++++++++++++++++++++++ zebra/zebra_dplane.h | 13 ++++++ zebra/zebra_rib.c | 1 + zebra/zebra_script.c | 1 + 9 files changed, 223 insertions(+) diff --git a/zebra/dplane_fpm_nl.c b/zebra/dplane_fpm_nl.c index c98655fdb877..b9f15c6a53cb 100644 --- a/zebra/dplane_fpm_nl.c +++ b/zebra/dplane_fpm_nl.c @@ -972,6 +972,7 @@ static int fpm_nl_enqueue(struct fpm_nl_ctx *fnc, struct zebra_dplane_ctx *ctx) case DPLANE_OP_TC_FILTER_ADD: case DPLANE_OP_TC_FILTER_DELETE: case DPLANE_OP_TC_FILTER_UPDATE: + case DPLANE_OP_SRV6_ENCAP_SRCADDR_SET: case DPLANE_OP_NONE: case DPLANE_OP_STARTUP_STAGE: break; diff --git a/zebra/ge_netlink.c b/zebra/ge_netlink.c index 6fce1f9aa51a..6df3ea0f2892 100644 --- a/zebra/ge_netlink.c +++ b/zebra/ge_netlink.c @@ -111,6 +111,106 @@ int genl_resolve_family(const char *family) return ge_netlink_talk(genl_parse_getfamily, &req.n, zns, false); } +/* + * sr tunsrc change via netlink interface, using a dataplane context object + * + * Returns -1 on failure, 0 when the msg doesn't fit entirely in the buffer + * otherwise the number of bytes written to buf. + */ +ssize_t netlink_sr_tunsrc_set_msg_encode(int cmd, struct zebra_dplane_ctx *ctx, + void *buf, size_t buflen) +{ + struct nlsock *nl; + const struct in6_addr *tunsrc_addr; + struct genl_request *req = buf; + + if (seg6_genl_family < 0) { + zlog_err( + "Failed to set SRv6 source address: kernel does not support 'SEG6' Generic Netlink family."); + return -1; + } + + tunsrc_addr = dplane_ctx_get_srv6_encap_srcaddr(ctx); + if (!tunsrc_addr) + return -1; + + if (buflen < sizeof(*req)) + return 0; + + nl = kernel_netlink_nlsock_lookup(dplane_ctx_get_ns_sock(ctx)); + + memset(req, 0, sizeof(*req)); + + req->n.nlmsg_len = NLMSG_LENGTH(GENL_HDRLEN); + req->n.nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK; + + /* Prepare Netlink request to set tunsrc addr */ + req->n.nlmsg_type = seg6_genl_family; + req->n.nlmsg_pid = nl->snl.nl_pid; + + req->g.cmd = cmd; + req->g.version = SEG6_GENL_VERSION; + + switch (cmd) { + case SEG6_CMD_SET_TUNSRC: + if (!nl_attr_put(&req->n, buflen, SEG6_ATTR_DST, tunsrc_addr, + sizeof(struct in6_addr))) + return 0; + break; + default: + zlog_err("Unsupported command (%u)", cmd); + return -1; + } + + return NLMSG_ALIGN(req->n.nlmsg_len); +} + +ssize_t netlink_sr_tunsrc_set_msg_encoder(struct zebra_dplane_ctx *ctx, + void *buf, size_t buflen) +{ + enum dplane_op_e op; + int cmd = 0; + + op = dplane_ctx_get_op(ctx); + + /* Call to netlink layer based on type of operation */ + if (op == DPLANE_OP_SRV6_ENCAP_SRCADDR_SET) { + /* Validate */ + if (dplane_ctx_get_srv6_encap_srcaddr(ctx) == NULL) { + if (IS_ZEBRA_DEBUG_KERNEL) + zlog_debug( + "sr tunsrc set failed: SRv6 encap source address not set"); + return -1; + } + + cmd = SEG6_CMD_SET_TUNSRC; + } else { + /* Invalid op */ + zlog_err("Context received for kernel sr tunsrc update with incorrect OP code (%u)", + op); + return -1; + } + + return netlink_sr_tunsrc_set_msg_encode(cmd, ctx, buf, buflen); +} + +enum netlink_msg_status +netlink_put_sr_tunsrc_set_msg(struct nl_batch *bth, struct zebra_dplane_ctx *ctx) +{ + enum dplane_op_e op; + struct zebra_ns *zns; + struct genl_request req; + + op = dplane_ctx_get_op(ctx); + assert(op == DPLANE_OP_SRV6_ENCAP_SRCADDR_SET); + + netlink_sr_tunsrc_set_msg_encoder(ctx, &req, sizeof(req)); + + zns = zebra_ns_lookup(dplane_ctx_get_ns_sock(ctx)); + + return ge_netlink_talk(netlink_talk_filter, &req.n, zns, false); +} + void ge_netlink_init(struct zebra_ns *zns) { if (zns->ge_netlink_cmd.sock < 0) diff --git a/zebra/ge_netlink.h b/zebra/ge_netlink.h index 402a29b66e41..c1a10dfa3946 100644 --- a/zebra/ge_netlink.h +++ b/zebra/ge_netlink.h @@ -25,6 +25,15 @@ struct genl_request { }; extern int genl_resolve_family(const char *family); +extern ssize_t netlink_sr_tunsrc_set_msg_encode(int cmd, + struct zebra_dplane_ctx *ctx, + void *buf, size_t buflen); +extern ssize_t netlink_sr_tunsrc_set_msg_encoder(struct zebra_dplane_ctx *ctx, + void *buf, size_t buflen); +struct nl_batch; +extern enum netlink_msg_status +netlink_put_sr_tunsrc_set_msg(struct nl_batch *bth, + struct zebra_dplane_ctx *ctx); extern void ge_netlink_init(struct zebra_ns *zns); #ifdef __cplusplus diff --git a/zebra/kernel_netlink.c b/zebra/kernel_netlink.c index 5aa509d116ec..0ef2a57409e8 100644 --- a/zebra/kernel_netlink.c +++ b/zebra/kernel_netlink.c @@ -1648,6 +1648,9 @@ static enum netlink_msg_status nl_put_msg(struct nl_batch *bth, case DPLANE_OP_TC_FILTER_DELETE: case DPLANE_OP_TC_FILTER_UPDATE: return netlink_put_tc_filter_update_msg(bth, ctx); + + case DPLANE_OP_SRV6_ENCAP_SRCADDR_SET: + return netlink_put_sr_tunsrc_set_msg(bth, ctx); } return FRR_NETLINK_ERROR; diff --git a/zebra/kernel_socket.c b/zebra/kernel_socket.c index 4b42c134f5af..b90be76e4634 100644 --- a/zebra/kernel_socket.c +++ b/zebra/kernel_socket.c @@ -1622,6 +1622,7 @@ void kernel_update_multi(struct dplane_ctx_list_head *ctx_list) case DPLANE_OP_INTF_ADDR_ADD: case DPLANE_OP_INTF_ADDR_DEL: case DPLANE_OP_STARTUP_STAGE: + case DPLANE_OP_SRV6_ENCAP_SRCADDR_SET: zlog_err("Unhandled dplane data for %s", dplane_op2str(dplane_ctx_get_op(ctx))); res = ZEBRA_DPLANE_REQUEST_FAILURE; diff --git a/zebra/zebra_dplane.c b/zebra/zebra_dplane.c index 369394e845aa..7db52b192326 100644 --- a/zebra/zebra_dplane.c +++ b/zebra/zebra_dplane.c @@ -356,6 +356,13 @@ struct dplane_tc_filter_info { uint32_t classid; }; +/* + * SRv6 encapsulation params context for the dataplane + */ +struct dplane_srv6_encap_ctx { + struct in6_addr srcaddr; +}; + /* * The context block used to exchange info about route updates across * the boundary between the zebra main context (and pthread) and the @@ -418,6 +425,7 @@ struct zebra_dplane_ctx { struct dplane_gre_ctx gre; struct dplane_netconf_info netconf; enum zebra_dplane_startup_notifications spot; + struct dplane_srv6_encap_ctx srv6_encap; } u; /* Namespace info, used especially for netlink kernel communication */ @@ -599,6 +607,9 @@ static struct zebra_dplane_globals { _Atomic uint32_t dg_tcs_in; _Atomic uint32_t dg_tcs_errors; + _Atomic uint32_t dg_srv6_encap_srcaddr_set_in; + _Atomic uint32_t dg_srv6_encap_srcaddr_set_errors; + /* Dataplane pthread */ struct frr_pthread *dg_pthread; @@ -861,6 +872,7 @@ static void dplane_ctx_free_internal(struct zebra_dplane_ctx *ctx) case DPLANE_OP_GRE_SET: case DPLANE_OP_INTF_NETCONFIG: case DPLANE_OP_STARTUP_STAGE: + case DPLANE_OP_SRV6_ENCAP_SRCADDR_SET: break; } } @@ -1186,6 +1198,11 @@ const char *dplane_op2str(enum dplane_op_e op) break; case DPLANE_OP_STARTUP_STAGE: ret = "STARTUP_STAGE"; + break; + + case DPLANE_OP_SRV6_ENCAP_SRCADDR_SET: + ret = "SRV6_ENCAP_SRCADDR_SET"; + break; } return ret; @@ -2599,6 +2616,16 @@ const struct prefix *dplane_ctx_get_intf_addr( return &(ctx->u.intf.prefix); } + +/* Accessors for SRv6 encapsulation source address information */ +const struct in6_addr * +dplane_ctx_get_srv6_encap_srcaddr(const struct zebra_dplane_ctx *ctx) +{ + DPLANE_CTX_VALID(ctx); + + return &(ctx->u.srv6_encap.srcaddr); +} + void dplane_ctx_set_intf_addr(struct zebra_dplane_ctx *ctx, const struct prefix *p) { @@ -5872,6 +5899,60 @@ dplane_gre_set(struct interface *ifp, struct interface *ifp_link, return result; } +/* + * Common helper api for SRv6 encapsulation source address set + */ +enum zebra_dplane_result +dplane_srv6_encap_srcaddr_set(const struct in6_addr *addr, ns_id_t ns_id) +{ + enum zebra_dplane_result result = ZEBRA_DPLANE_REQUEST_FAILURE; + struct zebra_dplane_ctx *ctx = NULL; + enum dplane_op_e op = DPLANE_OP_SRV6_ENCAP_SRCADDR_SET; + int ret; + struct zebra_ns *zns; + + if (!addr) + return result; + + if (IS_ZEBRA_DEBUG_DPLANE_DETAIL) { + zlog_debug("init dplane ctx %s: addr %pI6", dplane_op2str(op), + addr); + } + + zns = zebra_ns_lookup(ns_id); + if (!zns) + return result; + + ctx = dplane_ctx_alloc(); + + ctx->zd_op = op; + ctx->zd_status = ZEBRA_DPLANE_REQUEST_SUCCESS; + + dplane_ctx_ns_init(ctx, zns, false); + + /* Init the SRv6 encap source address specific data area */ + memcpy(&ctx->u.srv6_encap.srcaddr, addr, + sizeof(ctx->u.srv6_encap.srcaddr)); + + /* Update counter */ + atomic_fetch_add_explicit(&zdplane_info.dg_srv6_encap_srcaddr_set_in, 1, + memory_order_relaxed); + + /* Enqueue context for processing */ + ret = dplane_update_enqueue(ctx); + + if (ret == AOK) + result = ZEBRA_DPLANE_REQUEST_QUEUED; + else { + atomic_fetch_add_explicit(&zdplane_info + .dg_srv6_encap_srcaddr_set_errors, + 1, memory_order_relaxed); + if (ctx) + dplane_ctx_free(&ctx); + } + return result; +} + /* * Handler for 'show dplane' */ @@ -6597,6 +6678,12 @@ static void kernel_dplane_log_detail(struct zebra_dplane_ctx *ctx) case DPLANE_OP_TC_FILTER_UPDATE: case DPLANE_OP_STARTUP_STAGE: break; + + case DPLANE_OP_SRV6_ENCAP_SRCADDR_SET: + zlog_debug("Dplane SRv6 encap source address set op %s, addr %pI6", + dplane_op2str(dplane_ctx_get_op(ctx)), + &ctx->u.srv6_encap.srcaddr); + break; } } @@ -6767,6 +6854,13 @@ static void kernel_dplane_handle_result(struct zebra_dplane_ctx *ctx) case DPLANE_OP_INTF_NETCONFIG: break; + case DPLANE_OP_SRV6_ENCAP_SRCADDR_SET: + if (res != ZEBRA_DPLANE_REQUEST_SUCCESS) + atomic_fetch_add_explicit(&zdplane_info + .dg_srv6_encap_srcaddr_set_errors, + 1, memory_order_relaxed); + break; + case DPLANE_OP_NONE: case DPLANE_OP_STARTUP_STAGE: if (res != ZEBRA_DPLANE_REQUEST_SUCCESS) diff --git a/zebra/zebra_dplane.h b/zebra/zebra_dplane.h index 6dc52ead143e..2f7d2185081b 100644 --- a/zebra/zebra_dplane.h +++ b/zebra/zebra_dplane.h @@ -18,6 +18,7 @@ #include "zebra/zserv.h" #include "zebra/zebra_mpls.h" #include "zebra/zebra_nhg.h" +#include "zebra/ge_netlink.h" #ifdef __cplusplus extern "C" { @@ -198,6 +199,9 @@ enum dplane_op_e { /* Startup Control */ DPLANE_OP_STARTUP_STAGE, + + /* Source address for SRv6 encapsulation */ + DPLANE_OP_SRV6_ENCAP_SRCADDR_SET, }; /* @@ -664,6 +668,8 @@ bool dplane_ctx_intf_is_broadcast(const struct zebra_dplane_ctx *ctx); void dplane_ctx_intf_set_broadcast(struct zebra_dplane_ctx *ctx); const struct prefix *dplane_ctx_get_intf_addr( const struct zebra_dplane_ctx *ctx); +const struct in6_addr * +dplane_ctx_get_srv6_encap_srcaddr(const struct zebra_dplane_ctx *ctx); void dplane_ctx_set_intf_addr(struct zebra_dplane_ctx *ctx, const struct prefix *p); bool dplane_ctx_intf_has_dest(const struct zebra_dplane_ctx *ctx); @@ -992,6 +998,13 @@ enum zebra_dplane_result dplane_gre_set(struct interface *ifp, struct interface *ifp_link, unsigned int mtu, const struct zebra_l2info_gre *gre_info); +/* + * Enqueue an SRv6 encap source address set + */ +enum zebra_dplane_result +dplane_srv6_encap_srcaddr_set(const struct in6_addr *addr, ns_id_t ns_id); + + /* Forward ref of zebra_pbr_rule */ struct zebra_pbr_rule; diff --git a/zebra/zebra_rib.c b/zebra/zebra_rib.c index c03d7e51f87a..4b5f81a3df51 100644 --- a/zebra/zebra_rib.c +++ b/zebra/zebra_rib.c @@ -4961,6 +4961,7 @@ static void rib_process_dplane_results(struct event *thread) case DPLANE_OP_BR_PORT_UPDATE: case DPLANE_OP_NEIGH_TABLE_UPDATE: case DPLANE_OP_GRE_SET: + case DPLANE_OP_SRV6_ENCAP_SRCADDR_SET: case DPLANE_OP_NONE: break; case DPLANE_OP_STARTUP_STAGE: diff --git a/zebra/zebra_script.c b/zebra/zebra_script.c index 3ebc6d974bb8..6c34d12c6409 100644 --- a/zebra/zebra_script.c +++ b/zebra/zebra_script.c @@ -415,6 +415,7 @@ void lua_pushzebra_dplane_ctx(lua_State *L, const struct zebra_dplane_ctx *ctx) case DPLANE_OP_TC_FILTER_UPDATE: /* Not currently handled */ case DPLANE_OP_INTF_NETCONFIG: /*NYI*/ + case DPLANE_OP_SRV6_ENCAP_SRCADDR_SET: case DPLANE_OP_NONE: case DPLANE_OP_STARTUP_STAGE: break; From 69bff19c43c8f263aeb0fb3211ee0e3faf37ec5c Mon Sep 17 00:00:00 2001 From: Carmine Scarpitta Date: Thu, 3 Nov 2022 08:40:23 +0100 Subject: [PATCH 05/11] zebra, lib, vtysh: Add CLI cmd to set/unset SRv6 encap source address - Add a new node `SRV6_ENCAP_NODE` to the CLI graph. This node allows users to configure encapsulation parameters for SRv6, including the source address of the outer encapsulating IPv6 header. - Install a new CLI command `source-address` under the `SRV6_ENCAP_NODE` node. This command is used to configure the source address of the outer encapsulating IPv6 header. - Install a new CLI command `no source-address` under the `SRV6_ENCAP_NODE` node. This command is used to unset the source address of the outer encapsulating IPv6 header and restore the default source address. Examples: ``` router# segment-routing router(sr)# srv6 router(srv6)# encapsulation router(srv6-encap)# source-address fc00:0:1::1 ``` ``` router# segment-routing router(sr)# srv6 router(srv6)# encapsulation router(srv6-encap)# no source-address ``` Signed-off-by: Carmine Scarpitta --- lib/command.h | 1 + vtysh/vtysh.c | 28 +++++++++++++++++++++++++++ zebra/zebra_srv6.c | 17 ++++++++++++++++ zebra/zebra_srv6.h | 6 ++++++ zebra/zebra_srv6_vty.c | 44 ++++++++++++++++++++++++++++++++++++++++++ 5 files changed, 96 insertions(+) diff --git a/lib/command.h b/lib/command.h index 30982c4fe98c..b6419e6fec5e 100644 --- a/lib/command.h +++ b/lib/command.h @@ -160,6 +160,7 @@ enum node_type { SRV6_NODE, /* SRv6 node */ SRV6_LOCS_NODE, /* SRv6 locators node */ SRV6_LOC_NODE, /* SRv6 locator node */ + SRV6_ENCAP_NODE, /* SRv6 encapsulation node */ VTY_NODE, /* Vty node. */ FPM_NODE, /* Dataplane FPM node. */ LINK_PARAMS_NODE, /* Link-parameters node */ diff --git a/vtysh/vtysh.c b/vtysh/vtysh.c index ac1079bbb1be..29358336e838 100644 --- a/vtysh/vtysh.c +++ b/vtysh/vtysh.c @@ -1335,6 +1335,13 @@ static struct cmd_node srv6_loc_node = { .prompt = "%s(config-srv6-locator)# ", }; +static struct cmd_node srv6_encap_node = { + .name = "srv6-encap", + .node = SRV6_ENCAP_NODE, + .parent_node = SRV6_NODE, + .prompt = "%s(config-srv6-encap)# " +}; + #ifdef HAVE_PBRD static struct cmd_node pbr_map_node = { .name = "pbr-map", @@ -1692,6 +1699,14 @@ DEFUNSH(VTYSH_ZEBRA, srv6_locator, srv6_locator_cmd, return CMD_SUCCESS; } +DEFUNSH(VTYSH_ZEBRA, srv6_encap, srv6_encap_cmd, + "encapsulation", + "Segment Routing SRv6 encapsulation\n") +{ + vty->node = SRV6_ENCAP_NODE; + return CMD_SUCCESS; +} + #ifdef HAVE_BGPD DEFUNSH(VTYSH_BGPD, router_bgp, router_bgp_cmd, "router bgp [ASNUM [ VIEWVRFNAME] [as-notation ]]", @@ -2507,6 +2522,14 @@ DEFUNSH(VTYSH_ZEBRA, exit_srv6_loc_config, exit_srv6_loc_config_cmd, "exit", return CMD_SUCCESS; } +DEFUNSH(VTYSH_ZEBRA, exit_srv6_encap, exit_srv6_encap_cmd, "exit", + "Exit from SRv6-encapsulation configuration mode\n") +{ + if (vty->node == SRV6_ENCAP_NODE) + vty->node = SRV6_NODE; + return CMD_SUCCESS; +} + #ifdef HAVE_RIPD DEFUNSH(VTYSH_RIPD, vtysh_exit_ripd, vtysh_exit_ripd_cmd, "exit", "Exit current mode and down to previous mode\n") @@ -5090,6 +5113,7 @@ void vtysh_init_vty(void) install_element(SRV6_NODE, &srv6_locators_cmd); install_element(SRV6_NODE, &exit_srv6_config_cmd); install_element(SRV6_NODE, &vtysh_end_all_cmd); + install_element(SRV6_NODE, &srv6_encap_cmd); install_node(&srv6_locs_node); install_element(SRV6_LOCS_NODE, &srv6_locator_cmd); @@ -5100,6 +5124,10 @@ void vtysh_init_vty(void) install_element(SRV6_LOC_NODE, &exit_srv6_loc_config_cmd); install_element(SRV6_LOC_NODE, &vtysh_end_all_cmd); + install_node(&srv6_encap_node); + install_element(SRV6_ENCAP_NODE, &exit_srv6_encap_cmd); + install_element(SRV6_ENCAP_NODE, &vtysh_end_all_cmd); + install_element(ENABLE_NODE, &vtysh_show_running_config_cmd); install_element(ENABLE_NODE, &vtysh_copy_running_config_cmd); install_element(ENABLE_NODE, &vtysh_copy_to_running_cmd); diff --git a/zebra/zebra_srv6.c b/zebra/zebra_srv6.c index ee463c76a8d3..adc7d32aae32 100644 --- a/zebra/zebra_srv6.c +++ b/zebra/zebra_srv6.c @@ -409,6 +409,23 @@ int release_daemon_srv6_locator_chunks(struct zserv *client) return count; } +void zebra_srv6_encap_src_addr_set(struct in6_addr *encap_src_addr) +{ + struct zebra_srv6 *srv6 = zebra_srv6_get_default(); + + if (!encap_src_addr) + return; + + memcpy(&srv6->encap_src_addr, encap_src_addr, sizeof(struct in6_addr)); +} + +void zebra_srv6_encap_src_addr_unset(void) +{ + struct zebra_srv6 *srv6 = zebra_srv6_get_default(); + + memset(&srv6->encap_src_addr, 0, sizeof(struct in6_addr)); +} + void zebra_srv6_terminate(void) { struct srv6_locator *locator; diff --git a/zebra/zebra_srv6.h b/zebra/zebra_srv6.h index 73876741fda7..21936c332354 100644 --- a/zebra/zebra_srv6.h +++ b/zebra/zebra_srv6.h @@ -19,6 +19,9 @@ /* SRv6 instance structure. */ struct zebra_srv6 { struct list *locators; + + /* Source address for SRv6 encapsulation */ + struct in6_addr encap_src_addr; }; /* declare hooks for the basic API, so that it can be specialized or served @@ -68,4 +71,7 @@ extern void srv6_manager_release_locator_chunk_call(struct zserv *client, extern int srv6_manager_client_disconnect_cb(struct zserv *client); extern int release_daemon_srv6_locator_chunks(struct zserv *client); +extern void zebra_srv6_encap_src_addr_set(struct in6_addr *src_addr); +extern void zebra_srv6_encap_src_addr_unset(void); + #endif /* _ZEBRA_SRV6_H */ diff --git a/zebra/zebra_srv6_vty.c b/zebra/zebra_srv6_vty.c index 3775d3dcdfc4..ffc67fc8a1e3 100644 --- a/zebra/zebra_srv6_vty.c +++ b/zebra/zebra_srv6_vty.c @@ -61,6 +61,13 @@ static struct cmd_node srv6_loc_node = { .prompt = "%s(config-srv6-locator)# " }; +static struct cmd_node srv6_encap_node = { + .name = "srv6-encap", + .node = SRV6_ENCAP_NODE, + .parent_node = SRV6_NODE, + .prompt = "%s(config-srv6-encap)# " +}; + DEFUN (show_srv6_locator, show_srv6_locator_cmd, "show segment-routing srv6 locator [json]", @@ -391,6 +398,38 @@ DEFPY (locator_behavior, return CMD_SUCCESS; } +DEFUN_NOSH (srv6_encap, + srv6_encap_cmd, + "encapsulation", + "Segment Routing SRv6 encapsulation\n") +{ + vty->node = SRV6_ENCAP_NODE; + return CMD_SUCCESS; +} + +DEFPY (srv6_src_addr, + srv6_src_addr_cmd, + "source-address X:X::X:X$encap_src_addr", + "Segment Routing SRv6 source address\n" + "Specify source address for SRv6 encapsulation\n") +{ + zebra_srv6_encap_src_addr_set(&encap_src_addr); + dplane_srv6_encap_srcaddr_set(&encap_src_addr, NS_DEFAULT); + return CMD_SUCCESS; +} + +DEFPY (no_srv6_src_addr, + no_srv6_src_addr_cmd, + "no source-address [X:X::X:X$encap_src_addr]", + NO_STR + "Segment Routing SRv6 source address\n" + "Specify source address for SRv6 encapsulation\n") +{ + zebra_srv6_encap_src_addr_unset(); + dplane_srv6_encap_srcaddr_set(&in6addr_any, NS_DEFAULT); + return CMD_SUCCESS; +} + static int zebra_sr_config(struct vty *vty) { struct zebra_srv6 *srv6 = zebra_srv6_get_default(); @@ -444,22 +483,27 @@ void zebra_srv6_vty_init(void) install_node(&srv6_node); install_node(&srv6_locs_node); install_node(&srv6_loc_node); + install_node(&srv6_encap_node); install_default(SEGMENT_ROUTING_NODE); install_default(SRV6_NODE); install_default(SRV6_LOCS_NODE); install_default(SRV6_LOC_NODE); + install_default(SRV6_ENCAP_NODE); /* Command for change node */ install_element(CONFIG_NODE, &segment_routing_cmd); install_element(SEGMENT_ROUTING_NODE, &srv6_cmd); install_element(SEGMENT_ROUTING_NODE, &no_srv6_cmd); install_element(SRV6_NODE, &srv6_locators_cmd); + install_element(SRV6_NODE, &srv6_encap_cmd); install_element(SRV6_LOCS_NODE, &srv6_locator_cmd); install_element(SRV6_LOCS_NODE, &no_srv6_locator_cmd); /* Command for configuration */ install_element(SRV6_LOC_NODE, &locator_prefix_cmd); install_element(SRV6_LOC_NODE, &locator_behavior_cmd); + install_element(SRV6_ENCAP_NODE, &srv6_src_addr_cmd); + install_element(SRV6_ENCAP_NODE, &no_srv6_src_addr_cmd); /* Command for operation */ install_element(VIEW_NODE, &show_srv6_locator_cmd); From 0c9b4910356742c272c93cdb741d7c20efea3dfd Mon Sep 17 00:00:00 2001 From: Carmine Scarpitta Date: Fri, 4 Nov 2022 19:28:04 +0100 Subject: [PATCH 06/11] zebra: Add CLI command to verify SRv6 Manager Add a new CLI command `show segment-routing srv6 manager [json]` to verify the overall SRv6 state. The current output displays only the configured source address of outer encapsulating IPv6 header. The output can be extended in the future to show more information, including summary SRv6 information and supported capabilities. Example: ``` r1# show segment-routing srv6 manager Parameters: Encapsulation: Source Address: Configured: fc00:0:1::1 r1# show segment-routing srv6 manager json { "parameters":{ "encapsulation":{ "sourceAddress":{ "configured":"fc00:0:1::1" } } } } ``` Signed-off-by: Carmine Scarpitta --- zebra/zebra_srv6_vty.c | 40 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) diff --git a/zebra/zebra_srv6_vty.c b/zebra/zebra_srv6_vty.c index ffc67fc8a1e3..417489fbcf50 100644 --- a/zebra/zebra_srv6_vty.c +++ b/zebra/zebra_srv6_vty.c @@ -68,6 +68,45 @@ static struct cmd_node srv6_encap_node = { .prompt = "%s(config-srv6-encap)# " }; +DEFPY (show_srv6_manager, + show_srv6_manager_cmd, + "show segment-routing srv6 manager [json]", + SHOW_STR + "Segment Routing\n" + "Segment Routing SRv6\n" + "Verify SRv6 Manager\n" + JSON_STR) +{ + const bool uj = use_json(argc, argv); + struct zebra_srv6 *srv6 = zebra_srv6_get_default(); + json_object *json = NULL; + json_object *json_parameters = NULL; + json_object *json_encapsulation = NULL; + json_object *json_source_address = NULL; + + if (uj) { + json = json_object_new_object(); + json_parameters = json_object_new_object(); + json_object_object_add(json, "parameters", json_parameters); + json_encapsulation = json_object_new_object(); + json_object_object_add(json_parameters, "encapsulation", + json_encapsulation); + json_source_address = json_object_new_object(); + json_object_object_add(json_encapsulation, "sourceAddress", + json_source_address); + json_object_string_addf(json_source_address, "configured", + "%pI6", &srv6->encap_src_addr); + vty_json(vty, json); + } else { + vty_out(vty, "Parameters:\n"); + vty_out(vty, " Encapsulation:\n"); + vty_out(vty, " Source Address:\n"); + vty_out(vty, " Configured: %pI6\n", &srv6->encap_src_addr); + } + + return CMD_SUCCESS; +} + DEFUN (show_srv6_locator, show_srv6_locator_cmd, "show segment-routing srv6 locator [json]", @@ -508,4 +547,5 @@ void zebra_srv6_vty_init(void) /* Command for operation */ install_element(VIEW_NODE, &show_srv6_locator_cmd); install_element(VIEW_NODE, &show_srv6_locator_detail_cmd); + install_element(VIEW_NODE, &show_srv6_manager_cmd); } From 6a0956169b317b707670c6285ece50ee4a95d198 Mon Sep 17 00:00:00 2001 From: Carmine Scarpitta Date: Mon, 5 Sep 2022 19:23:54 +0200 Subject: [PATCH 07/11] zebra: Add encap source address to SRv6 config write function When writing the SRv6 config from zebra, we must also include the source address of outer encapsulating IPv6 header. Signed-off-by: Carmine Scarpitta --- zebra/zebra_srv6_vty.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/zebra/zebra_srv6_vty.c b/zebra/zebra_srv6_vty.c index 417489fbcf50..c5b8505992d6 100644 --- a/zebra/zebra_srv6_vty.c +++ b/zebra/zebra_srv6_vty.c @@ -480,6 +480,11 @@ static int zebra_sr_config(struct vty *vty) if (zebra_srv6_is_enable()) { vty_out(vty, "segment-routing\n"); vty_out(vty, " srv6\n"); + if (!IPV6_ADDR_SAME(&srv6->encap_src_addr, &in6addr_any)) { + vty_out(vty, " encapsulation\n"); + vty_out(vty, " source-address %pI6\n", + &srv6->encap_src_addr); + } vty_out(vty, " locators\n"); for (ALL_LIST_ELEMENTS_RO(srv6->locators, node, locator)) { inet_ntop(AF_INET6, &locator->prefix.prefix, From e12987d1b3e34f929e13e123dd6329679acb6f91 Mon Sep 17 00:00:00 2001 From: Carmine Scarpitta Date: Thu, 13 Oct 2022 00:51:56 +0200 Subject: [PATCH 08/11] tests: Add topotests for SRv6 encap source address Add a new topotest `srv6_encap_src_addr` which verifies that the `source-address` command works properly. Signed-off-by: Carmine Scarpitta --- .../topotests/srv6_encap_src_addr/__init__.py | 0 .../r1/expected_srv6_encap_src_addr.json | 9 ++ .../r1/expected_srv6_encap_src_addr_set.json | 9 ++ .../expected_srv6_encap_src_addr_unset.json | 9 ++ .../topotests/srv6_encap_src_addr/r1/setup.sh | 2 + .../srv6_encap_src_addr/r1/zebra.conf | 17 +++ .../test_srv6_encap_src_addr.py | 142 ++++++++++++++++++ 7 files changed, 188 insertions(+) create mode 100644 tests/topotests/srv6_encap_src_addr/__init__.py create mode 100644 tests/topotests/srv6_encap_src_addr/r1/expected_srv6_encap_src_addr.json create mode 100644 tests/topotests/srv6_encap_src_addr/r1/expected_srv6_encap_src_addr_set.json create mode 100644 tests/topotests/srv6_encap_src_addr/r1/expected_srv6_encap_src_addr_unset.json create mode 100644 tests/topotests/srv6_encap_src_addr/r1/setup.sh create mode 100644 tests/topotests/srv6_encap_src_addr/r1/zebra.conf create mode 100755 tests/topotests/srv6_encap_src_addr/test_srv6_encap_src_addr.py diff --git a/tests/topotests/srv6_encap_src_addr/__init__.py b/tests/topotests/srv6_encap_src_addr/__init__.py new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/tests/topotests/srv6_encap_src_addr/r1/expected_srv6_encap_src_addr.json b/tests/topotests/srv6_encap_src_addr/r1/expected_srv6_encap_src_addr.json new file mode 100644 index 000000000000..431027f099dc --- /dev/null +++ b/tests/topotests/srv6_encap_src_addr/r1/expected_srv6_encap_src_addr.json @@ -0,0 +1,9 @@ +{ + "parameters": { + "encapsulation":{ + "sourceAddress": { + "configured": "fc00:0:1::1" + } + } + } +} \ No newline at end of file diff --git a/tests/topotests/srv6_encap_src_addr/r1/expected_srv6_encap_src_addr_set.json b/tests/topotests/srv6_encap_src_addr/r1/expected_srv6_encap_src_addr_set.json new file mode 100644 index 000000000000..431027f099dc --- /dev/null +++ b/tests/topotests/srv6_encap_src_addr/r1/expected_srv6_encap_src_addr_set.json @@ -0,0 +1,9 @@ +{ + "parameters": { + "encapsulation":{ + "sourceAddress": { + "configured": "fc00:0:1::1" + } + } + } +} \ No newline at end of file diff --git a/tests/topotests/srv6_encap_src_addr/r1/expected_srv6_encap_src_addr_unset.json b/tests/topotests/srv6_encap_src_addr/r1/expected_srv6_encap_src_addr_unset.json new file mode 100644 index 000000000000..18b317f5f31b --- /dev/null +++ b/tests/topotests/srv6_encap_src_addr/r1/expected_srv6_encap_src_addr_unset.json @@ -0,0 +1,9 @@ +{ + "parameters": { + "encapsulation":{ + "sourceAddress": { + "configured": "::" + } + } + } +} \ No newline at end of file diff --git a/tests/topotests/srv6_encap_src_addr/r1/setup.sh b/tests/topotests/srv6_encap_src_addr/r1/setup.sh new file mode 100644 index 000000000000..36ed713f2416 --- /dev/null +++ b/tests/topotests/srv6_encap_src_addr/r1/setup.sh @@ -0,0 +1,2 @@ +ip link add dummy0 type dummy +ip link set dummy0 up diff --git a/tests/topotests/srv6_encap_src_addr/r1/zebra.conf b/tests/topotests/srv6_encap_src_addr/r1/zebra.conf new file mode 100644 index 000000000000..c570756b5243 --- /dev/null +++ b/tests/topotests/srv6_encap_src_addr/r1/zebra.conf @@ -0,0 +1,17 @@ +hostname r1 +! +! debug zebra events +! debug zebra rib detailed +! +log stdout notifications +log monitor notifications +log commands +log file zebra.log debugging +! +segment-routing + srv6 + encapsulation + source-address fc00:0:1::1 + ! + ! +! diff --git a/tests/topotests/srv6_encap_src_addr/test_srv6_encap_src_addr.py b/tests/topotests/srv6_encap_src_addr/test_srv6_encap_src_addr.py new file mode 100755 index 000000000000..423919331719 --- /dev/null +++ b/tests/topotests/srv6_encap_src_addr/test_srv6_encap_src_addr.py @@ -0,0 +1,142 @@ +#!/usr/bin/env python +# SPDX-License-Identifier: ISC + +# +# test_srv6_encap_src_addr.py +# Part of NetDEF Topology Tests +# +# Copyright (c) 2022 by +# University of Rome Tor Vergata, Carmine Scarpitta +# + +""" +test_srv6_encap_src_addr.py: +Test for SRv6 encap source address on zebra +""" + +import os +import sys +import json +import pytest +import functools + +CWD = os.path.dirname(os.path.realpath(__file__)) +sys.path.append(os.path.join(CWD, "../")) + +# pylint: disable=C0413 +from lib import topotest +from lib.topogen import Topogen, TopoRouter, get_topogen +from lib.topolog import logger + +pytestmark = [pytest.mark.bgpd, pytest.mark.sharpd] + + +def open_json_file(filename): + try: + with open(filename, "r") as f: + return json.load(f) + except IOError: + assert False, "Could not read file {}".format(filename) + + +def setup_module(mod): + tgen = Topogen({None: "r1"}, mod.__name__) + tgen.start_topology() + for rname, router in tgen.routers().items(): + router.run("/bin/bash {}/{}/setup.sh".format(CWD, rname)) + router.load_config( + TopoRouter.RD_ZEBRA, os.path.join(CWD, "{}/zebra.conf".format(rname)) + ) + router.load_config( + TopoRouter.RD_BGP, os.path.join(CWD, "{}/bgpd.conf".format(rname)) + ) + router.load_config( + TopoRouter.RD_SHARP, os.path.join(CWD, "{}/sharpd.conf".format(rname)) + ) + tgen.start_router() + + +def teardown_module(mod): + tgen = get_topogen() + tgen.stop_topology() + + +def test_zebra_srv6_encap_src_addr(tgen): + "Test SRv6 encapsulation source address." + logger.info( + "Test SRv6 encapsulation source address." + ) + r1 = tgen.gears["r1"] + + # Generate expected results + json_file = "{}/r1/expected_srv6_encap_src_addr.json".format(CWD) + expected = json.loads(open(json_file).read()) + + ok = topotest.router_json_cmp_retry(r1, "show segment-routing srv6 manager json", expected) + assert ok, '"r1" JSON output mismatches' + + output = r1.cmd("ip sr tunsrc show") + assert output == "tunsrc addr fc00:0:1::1\n" + + +def test_zebra_srv6_encap_src_addr_unset(tgen): + "Test SRv6 encapsulation source address unset." + logger.info( + "Test SRv6 encapsulation source address unset." + ) + r1 = tgen.gears["r1"] + + # Unset SRv6 encapsulation source address + r1.vtysh_cmd( + """ + configure terminal + segment-routing + srv6 + encapsulation + no source-address + """ + ) + + # Generate expected results + json_file = "{}/r1/expected_srv6_encap_src_addr_unset.json".format(CWD) + expected = json.loads(open(json_file).read()) + + ok = topotest.router_json_cmp_retry(r1, "show segment-routing srv6 manager json", expected) + assert ok, '"r1" JSON output mismatches' + + output = r1.cmd("ip sr tunsrc show") + assert output == "tunsrc addr ::\n" + + +def test_zebra_srv6_encap_src_addr_set(tgen): + "Test SRv6 encapsulation source address set." + logger.info( + "Test SRv6 encapsulation source address set." + ) + r1 = tgen.gears["r1"] + + # Set SRv6 encapsulation source address + r1.vtysh_cmd( + """ + configure terminal + segment-routing + srv6 + encapsulation + source-address fc00:0:1::1 + """ + ) + + # Generate expected results + json_file = "{}/r1/expected_srv6_encap_src_addr_set.json".format(CWD) + expected = json.loads(open(json_file).read()) + + ok = topotest.router_json_cmp_retry(r1, "show segment-routing srv6 manager json", expected) + assert ok, '"r1" JSON output mismatches' + + output = r1.cmd("ip sr tunsrc show") + assert output == "tunsrc addr fc00:0:1::1\n" + + +if __name__ == "__main__": + args = ["-s"] + sys.argv[1:] + sys.exit(pytest.main(args)) From baffed018dd8a13505a8ec24b0dc4585e2bfee20 Mon Sep 17 00:00:00 2001 From: Carmine Scarpitta Date: Thu, 3 Nov 2022 08:31:19 +0100 Subject: [PATCH 09/11] doc: Add doc for SRv6 encapsulation source address Add documentation for the new SRv6 encapsulation source address feature. Signed-off-by: Carmine Scarpitta --- doc/user/zebra.rst | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/doc/user/zebra.rst b/doc/user/zebra.rst index 3f91ae11b6b4..f65c33fd67a5 100644 --- a/doc/user/zebra.rst +++ b/doc/user/zebra.rst @@ -998,6 +998,14 @@ and this section also helps that case. ! ... +.. clicmd:: encapsulation + + Configure parameters for SRv6 encapsulation. + +.. clicmd:: source-address X:X::X:X + + Configure the source address of the outer encapsulating IPv6 header. + .. _multicast-rib-commands: Multicast RIB Commands From fcf17cc05d9a86b3a4135fd6febd046f9930da2e Mon Sep 17 00:00:00 2001 From: Carmine Scarpitta Date: Thu, 3 Nov 2022 12:44:50 +0100 Subject: [PATCH 10/11] doc: Add doc for `show segment-routing srv6 manager` The `show segment-routing srv6 manager` CLI command allows users to print the SRv6 information. Currently, the SRv6 information includes only the SRv6 encapsulation source address. In this commit, we add the documentation for the `show segment-routing srv6` command. Signed-off-by: Carmine Scarpitta --- doc/user/zebra.rst | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/doc/user/zebra.rst b/doc/user/zebra.rst index f65c33fd67a5..2b737c1a2f67 100644 --- a/doc/user/zebra.rst +++ b/doc/user/zebra.rst @@ -838,6 +838,35 @@ FRR's cli or frr.conf or zebra.conf. This section shows how to configure SRv6 on FRR. Of course SRv6 can be used as standalone, and this section also helps that case. +.. clicmd:: show segment-routing srv6 manager [json] + + This command dumps the SRv6 information configured on zebra, including + the encapsulation parameters (e.g., the IPv6 source address used for + the encapsulated packets). + + Example:: + + router# sh segment-routing srv6 manager + Parameters: + Encapsulation: + Source Address: + Configured: fc00:0:1::1 + + + To get the same information in json format, you can use the ``json`` keyword:: + + rose-srv6# sh segment-routing srv6 manager json + { + "parameters":{ + "encapsulation":{ + "sourceAddress":{ + "configured":"fc00:0:1::1" + } + } + } + } + + .. clicmd:: show segment-routing srv6 locator [json] This command dump SRv6-locator configured on zebra. SRv6-locator is used From 223d4534cde3ec260b2f563e51b57ea1a6aff979 Mon Sep 17 00:00:00 2001 From: Carmine Scarpitta Date: Thu, 7 Dec 2023 18:31:37 +0100 Subject: [PATCH 11/11] zebra: Fetch actual SRv6 encap src addr on startup When zebra is started, someone may have configured an SRv6 encap source address different from the default address ( :: ) in the kernel. On startup, zebra should not assume that the actual SRv6 encap source address is the default address ( :: ), but should retrieve the actual source address from the kernel and put it in zebra configuration. In other words, on startup we expect the actual SRv6 encap source address and the configured one to be the same. This commit makes the necessary changes to support the above. Signed-off-by: Carmine Scarpitta --- zebra/ge_netlink.c | 139 +++++++++++++++++++++++++++++++++++++++++ zebra/ge_netlink.h | 4 ++ zebra/kernel_netlink.c | 2 +- zebra/zebra_srv6.c | 1 + 4 files changed, 145 insertions(+), 1 deletion(-) diff --git a/zebra/ge_netlink.c b/zebra/ge_netlink.c index 6df3ea0f2892..e7d2e6b12ad3 100644 --- a/zebra/ge_netlink.c +++ b/zebra/ge_netlink.c @@ -23,6 +23,27 @@ #include "zebra/ge_netlink.h" #include "zebra/debug.h" #include "zebra/kernel_netlink.h" +#include "zebra/zebra_router.h" +#include "zebra/zebra_srv6.h" + + +/** + * This file provides an implementation of the functionality exposed by the + * kernel through the Generic Netlink mechanism. + * + * Supported features include the ability to configure the source address used + * for SRv6 encapsulation ('sr tunsrc' in kernel terminology). + * + * At the time of writing this code, the kernel does not send us any asynchronous + * notifications when someone changes the 'sr tunsrc' under us. As a result, we + * are currently unable to detect when the source address changes and update the + * SRv6 encapsulation source address configured in zebra. + * + * In the future, when the kernel supports async notifications, the implementation + * can be improved by listening on the Generic Netlink socket and adding a handler + * to process/parse incoming 'sr tunsrc' change messages and update the SRv6 zebra + * configuration with the new encap source address. + */ /* @@ -211,6 +232,117 @@ netlink_put_sr_tunsrc_set_msg(struct nl_batch *bth, struct zebra_dplane_ctx *ctx return ge_netlink_talk(netlink_talk_filter, &req.n, zns, false); } +/** + * netlink_sr_tunsrc_reply_read() - Read in SR tunsrc reply from the kernel + * + * @h: Netlink message header + * @ns_id: Namspace id + * @startup: Are we reading under startup conditions? + * + * Return: Result status + */ +int netlink_sr_tunsrc_reply_read(struct nlmsghdr *h, ns_id_t ns_id, int startup) +{ + int len; + struct genlmsghdr *ghdr; + struct rtattr *tb[SEG6_ATTR_MAX + 1] = {}; + struct rtattr *attrs; + + if (h->nlmsg_type != seg6_genl_family) + return 0; + + len = h->nlmsg_len - NLMSG_LENGTH(GENL_HDRLEN); + if (len < 0) { + zlog_warn("%s: Message received from netlink is of a broken size %d %zu", + __func__, h->nlmsg_len, + (size_t)NLMSG_LENGTH(GENL_HDRLEN)); + return -1; + } + + ghdr = NLMSG_DATA(h); + + if (ghdr->cmd != SEG6_CMD_GET_TUNSRC) + return 0; + + attrs = (struct rtattr *)((char *)ghdr + GENL_HDRLEN); + netlink_parse_rtattr(tb, SEG6_ATTR_MAX, attrs, len); + + if (tb[SEG6_ATTR_DST] == NULL) { + zlog_err("Missing tunsrc addr"); + return -1; + } + + zebra_srv6_encap_src_addr_set( + (struct in6_addr *)RTA_DATA(tb[SEG6_ATTR_DST])); + + if (IS_ZEBRA_DEBUG_KERNEL) + zlog_debug("%s: SRv6 encap source address received from kernel: '%pI6'", + __func__, + (struct in6_addr *)RTA_DATA(tb[SEG6_ATTR_DST])); + + return 0; +} + +/** + * netlink_request_sr_tunsrc() - Request SR tunsrc from the kernel + * @zns: Zebra namespace + * + * Return: Result status + */ +static int netlink_request_sr_tunsrc(struct zebra_ns *zns) +{ + struct genl_request req; + + if (zns->ge_netlink_cmd.sock < 0) + return -1; + + if (seg6_genl_family < 0) { + zlog_err( + "Failed to get SRv6 encap source address: kernel does not support 'SEG6' Generic Netlink family."); + return -1; + } + + /* Form the request, specifying filter (rtattr) if needed. */ + memset(&req, 0, sizeof(req)); + req.n.nlmsg_len = NLMSG_LENGTH(GENL_HDRLEN); + req.n.nlmsg_flags = NLM_F_REQUEST; + req.n.nlmsg_type = seg6_genl_family; + req.g.cmd = SEG6_CMD_GET_TUNSRC; + req.g.version = SEG6_GENL_VERSION; + + return netlink_request(&zns->ge_netlink_cmd, &req); +} + +/** + * SR tunsrc read function using netlink interface. Only called + * on bootstrap time. + */ +int netlink_sr_tunsrc_read(struct zebra_ns *zns) +{ + int ret; + struct zebra_dplane_info dp_info; + + if (zns->ge_netlink_cmd.sock < 0) + return -1; + + /* Capture info in intermediate info struct */ + dp_info.ns_id = zns->ns_id; + dp_info.is_cmd = true; + dp_info.sock = zns->ge_netlink_cmd.sock; + dp_info.seq = zns->ge_netlink_cmd.seq; + + /* Get SR tunsrc. */ + ret = netlink_request_sr_tunsrc(zns); + if (ret < 0) + return ret; + ret = netlink_parse_info(netlink_sr_tunsrc_reply_read, + &zns->ge_netlink_cmd, &dp_info, 0, true); + if (ret < 0) + return ret; + + return 0; +} + void ge_netlink_init(struct zebra_ns *zns) { if (zns->ge_netlink_cmd.sock < 0) @@ -225,6 +357,13 @@ void ge_netlink_init(struct zebra_ns *zns) if (genl_resolve_family("SEG6")) zlog_warn( "Kernel does not support 'SEG6' Generic Netlink family. Any attempt to set the encapsulation parameters under the SRv6 configuration will fail"); + + /** + * Retrieve the actual SRv6 encap source address from the kernel + * (default namespace) and save it to zebra SRv6 config + */ + if (zns->ns_id == NS_DEFAULT) + netlink_sr_tunsrc_read(zns); } #endif /* HAVE_NETLINK */ diff --git a/zebra/ge_netlink.h b/zebra/ge_netlink.h index c1a10dfa3946..20d09116c00a 100644 --- a/zebra/ge_netlink.h +++ b/zebra/ge_netlink.h @@ -34,6 +34,10 @@ struct nl_batch; extern enum netlink_msg_status netlink_put_sr_tunsrc_set_msg(struct nl_batch *bth, struct zebra_dplane_ctx *ctx); + +int netlink_sr_tunsrc_reply_read(struct nlmsghdr *h, ns_id_t ns_id, int startup); +int netlink_sr_tunsrc_read(struct zebra_ns *zns); + extern void ge_netlink_init(struct zebra_ns *zns); #ifdef __cplusplus diff --git a/zebra/kernel_netlink.c b/zebra/kernel_netlink.c index 0ef2a57409e8..a05f2d3edcb1 100644 --- a/zebra/kernel_netlink.c +++ b/zebra/kernel_netlink.c @@ -1963,7 +1963,7 @@ void kernel_init(struct zebra_ns *zns) rt_netlink_init(); - ge_netlink_init(); + ge_netlink_init(zns); } /* Helper to clean up an nlsock */ diff --git a/zebra/zebra_srv6.c b/zebra/zebra_srv6.c index adc7d32aae32..bb872ef91c62 100644 --- a/zebra/zebra_srv6.c +++ b/zebra/zebra_srv6.c @@ -17,6 +17,7 @@ #include "zebra/zebra_router.h" #include "zebra/zebra_srv6.h" #include "zebra/zebra_errors.h" +#include "zebra/ge_netlink.h" #include #include #include