Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

srv6: Introduce IPv6 address in segment-list used by TE Policy #15057

Open
wants to merge 15 commits into
base: master
Choose a base branch
from

Conversation

dmytroshytyi-6WIND
Copy link
Contributor

@dmytroshytyi-6WIND dmytroshytyi-6WIND commented Dec 21, 2023

These series of patches introduce new feature: user may configure ipv6-address in segment list.

Format:

index INDEX ipv6-address X:X::X:X

Example:

segment-routing
 traffic-eng
  segment-list SL1
   index 0 ipv6-address 2001:db8::1

Signed-off-by: Dmytro Shytyi [email protected]

@dmytroshytyi-6WIND dmytroshytyi-6WIND changed the title Introduce IPv6 address in segment-list used by SRv6 TE Policy srv6: Introduce IPv6 address in segment-list used by TE Policy Dec 22, 2023
@dmytroshytyi-6WIND dmytroshytyi-6WIND force-pushed the srv6_te_policy branch 2 times, most recently from 3f63bf8 to fccc0c2 Compare December 26, 2023 12:04
@dmytroshytyi-6WIND
Copy link
Contributor Author

Fix warnings by checkpatch.

@dmytroshytyi-6WIND dmytroshytyi-6WIND force-pushed the srv6_te_policy branch 2 times, most recently from 4d285ff to 331f8d4 Compare December 26, 2023 15:04
@dmytroshytyi-6WIND
Copy link
Contributor Author

2 small fixes for isis_sr_te uploaded in the recent push.

@riw777 riw777 requested review from ton31337 and riw777 and removed request for ton31337 January 2, 2024 15:41
tests/topotests/isis_srv6_te_topo1/dst/zebra.conf Outdated Show resolved Hide resolved
@@ -0,0 +1,35 @@
password 1
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this needed?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed

zebra/zebra_srv6.c Outdated Show resolved Hide resolved
tests/topotests/isis_srv6_te_topo1/rt1/zebra.conf Outdated Show resolved Hide resolved
tests/topotests/isis_srv6_te_topo1/rt2/zebra.conf Outdated Show resolved Hide resolved
tests/topotests/isis_srv6_te_topo1/rt3/zebra.conf Outdated Show resolved Hide resolved
tests/topotests/isis_srv6_te_topo1/rt4/zebra.conf Outdated Show resolved Hide resolved
create_interface_in_kernel,
)

pytestmark = [pytest.mark.isisd, pytest.mark.sharpd]
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't bgpd, pathd be included also?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is not fixed.

Copy link
Contributor Author

@dmytroshytyi-6WIND dmytroshytyi-6WIND Aug 20, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

really fixed by also adding the

pytest.mark.pathd

Copy link
Member

@riw777 riw777 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

some questions; waiting on @ton31337 's comments as well

lib/zclient.c Outdated

stream_putw(s, zt->srv6_segs.num_segs);

stream_put(s, &zt->srv6_segs.segs[0],
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yes ... this should check for an empty seg before putting, I think

lib/zclient.c Show resolved Hide resolved
lib/srte.h Outdated Show resolved Hide resolved
lib/srte.h Outdated
ZEBRA_SR_SRV6_SRTE = 2, /* SRv6 SID List*/
};

static inline enum lsp_types_t lsp_type_from_sr_type(int sr_type)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't this pass in a enum sr_types.. instead of an int? Let's let the compiler help us please

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please remove the default case here.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed

pathd/path_zebra.c Outdated Show resolved Hide resolved
pathd/path_zebra.c Outdated Show resolved Hide resolved
@@ -1550,7 +1550,7 @@ static ssize_t fill_seg6ipt_encap(char *buffer, size_t buflen,
srh->first_segment = segs->num_segs - 1;

for (i = 0; i < segs->num_segs; i++) {
memcpy(&srh->segments[i], &segs->seg[i],
memcpy(&srh->segments[segs->num_segs - i - 1], &segs->seg[i],
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is only 1/2 of the equation, we need to fix the decode side as well. Add the ipv6 seg6 route from the linux cli and the segments are backwards in comparison.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, fixed,

Copy link
Member

@donaldsharp donaldsharp left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some work needs to be done to clean this up

pathd/path_zebra.c Show resolved Hide resolved

for (rn = route_top(table); rn; rn = route_next(rn)) {
RNODE_FOREACH_RE_SAFE (rn, re, next) {
if (re->nhe->nhg.nexthop->srte_color ==
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

invert this logic so the indent is not so deep this is hard to read

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed.

@@ -133,6 +136,47 @@ static int zebra_sr_policy_notify_update_client(struct zebra_sr_policy *policy,
}
stream_putl(s, policy->color);

if (policy->segment_list.srv6_segs.num_segs > 0) {
/* Lookup table. */
table = zebra_vrf_table(AFI_IP6, SAFI_UNICAST, VRF_DEFAULT);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What is supposed to happen when we have > 1 million routes? What is a reasonable number of items that are going to be sent. Are we going to run out of packet space? Are we going to just cpuhog like you would not believe?

@dmytroshytyi-6WIND
Copy link
Contributor Author

Thank you very much for your reviews, @ton31337, @riw777, @donaldsharp.

I was on PTO, thus the response delay. I expect to look at this PR in coming time.

@cscarpitta, WDYT about the cli format for ipv6 address? Does it look good?

@dmytroshytyi-6WIND dmytroshytyi-6WIND force-pushed the srv6_te_policy branch 3 times, most recently from c0b8fb3 to 8f81927 Compare February 15, 2024 13:47
@dmytroshytyi-6WIND
Copy link
Contributor Author

dmytroshytyi-6WIND commented Aug 19, 2024

as a note when I run the test by itself or concurrently with itself it works fine. It's only when scale/load is placed on the system that causes it to fail badly. This means, to me, that the test is starting to look for data before some other event has occurred and we get this output. See the hundreds of fixes in the topotest directory as we fix this sort of problem in the test for guidance on how to approach the problem. #16586, #16583, #16523, #16510 and #16485 as recent examples of this sort of problem.

Hello @donaldsharp , I have checked all PRs you suggested:

#16586 :

uses topotest.run_and_expect(..) to ensure that Connected Routes are actually installed
timeout 30

#16586 :
This test uses the same tool but with bigger timeout, so let's stick to higher timeouts then.

topotest.run_and_expect(..) +output = net["r1"]
timeout 60

#16523 :
This test introduce different way to use show. Two previous (majority stick to run_and_expect (so run_and_expect is selected))

@retry(retry_timeout=10)
def check_client_connect(r1):
    out = r1.vtysh_cmd("show mgmt backend-adapter all")
    assert "mgmtd-testc" in out

#16510:
Apply timers in the PR's topotest

Timeout 60.
Sets timers to BGP in configuration

#16485:

Addresses flapping routes, not sure if the current checks are a subject of being changed in this direction. They conform with firs two topotests.

Summary:
-+-+-+-+-

  1. Timeout was set to 120 for all tests in this PR.
  2. Timers were minimized in BGP and ISIS.
  3. The difference I see between this PR and listed in quoted message - the way to configure the vtysh:
    this PR is not using:
 output = net["r1"].cmd(
            'vtysh -c "show ip route {} nexthop-group"'.format(route_str)
        )

but instead uses:

    tgen.gears["rt1"].vtysh_cmd(
        "configure \n \
        no ipv6 route 2001:db8:10::/64 fc00:0:6:: color 1 \n \
        ipv6 route fc00:0:6b::/48 fc00:0:6:: color 1 \n \
        exit \
        !"
    )

Has someone encountered similar behavior when configuring in this way? I would do and verify the change, but have a setup that doesn't reproduce mentioned issue (regarding the failed tests under the load).

@dmytroshytyi-6WIND dmytroshytyi-6WIND force-pushed the srv6_te_policy branch 2 times, most recently from b0fa3ff to 19600f8 Compare August 20, 2024 11:49
@dmytroshytyi-6WIND
Copy link
Contributor Author

Failures are unrelated:

  1. IPv4:
RFC Failure: MUST

Peer 192.168.0.101 did not forward MPLS packet with label 17
============== Reference: ============================
RFC 3036, s2.7 p23 LDP Identifiers and Next Hop Addresses
============== Test Summary: =========================
Similarly, when the LSR learns a label for a prefix from an LDP peer,
it must be able to determine whether that peer is currently a next hop
(3 more lines...)
  1. ospf
test_ospfv3_single_area test_ospfv3_hello_tc10_p0 | 1 min
AssertionError: Testcase test_ospfv3_hello_tc10_p0 [22]: Failed     Error: [DUT: r0] missing OSPF neighbor r1 with router-id 100.1.1.1 assert '[DUT: r0] missing OSPF neighbor r1 with router-id 100.1.1.1' is True E   AssertionError: Testcase test_ospfv3_hello_tc10_p0 [22]: Failed         Error: [DUT: r0] missing OSPF neighbor r1 with router-id 100.1.1.1     assert '[DUT: r0] missing OSPF neighbor r1 with router-id 100.1.1.1' is True
1 min
AssertionError: Testcase test_ospfv3_hello_tc10_p0 [22]: Failed 
   Error: [DUT: r0] missing OSPF neighbor r1 with router-id 100.1.1.1
assert '[DUT: r0] missing OSPF neighbor r1 with router-id 100.1.1.1' is True
E   AssertionError: Testcase test_ospfv3_hello_tc10_p0 [22]: Failed 
       Error: [DUT: r0] missing OSPF neighbor r1 with router-id 100.1.1.1
    assert '[DUT: r0] missing OSPF neighbor r1 with router-id 100.1.1.1' is True

@riw777
Copy link
Member

riw777 commented Oct 8, 2024

I think we're still waiting on @donaldsharp to clear his review on this one ... and the CI changes ... has this been rebased in a while? It might help to rebase it

@dmytroshytyi-6WIND dmytroshytyi-6WIND force-pushed the srv6_te_policy branch 3 times, most recently from 3a41cc3 to 5db1c40 Compare November 7, 2024 17:53
@riw777
Copy link
Member

riw777 commented Nov 12, 2024

CI failures look related ...

@dmytroshytyi-6WIND
Copy link
Contributor Author

Yes, it is related , after rabase.
I will take a look.

Dmytro

dmytroshytyi-6WIND and others added 15 commits January 9, 2025 17:36
Add SRv6 segments to zapi_srte_stunnel structure.

Signed-off-by: Dmytro Shytyi <[email protected]>
Add SRv6 SID value (srv6-sid-value) to the YANG model.
Implement nb handlers for this new value.

Signed-off-by: Dmytro Shytyi <[email protected]>
Add structute sr_types_t, that contains the Segment Routing types.
Fill the zapi_sr_policy's segment_list with values such as:
- value
- local_label
- num_segs
- srv6_segs

Signed-off-by: Dmytro Shytyi <[email protected]>
SR-TE tunnel must contain at least one label or SRv6 SID.
Check this condition.

Signed-off-by: Dmytro Shytyi <[email protected]>
When the segment list is not empty add SRv6 segments
to a nexthop.

Signed-off-by: Dmytro Shytyi <[email protected]>
Encode and Decode SRv6-TE. It includes:
- number of segments
- list of segments

Signed-off-by: Dmytro Shytyi <[email protected]>
When configuring an SRv6 SID list via iproute2, the segment list
that appears in vtysh, learned from the kernel, is inversed.

Fix the order of SRv6 SIDs in segment list, learned from the
kernel.

Fixes: f20cf14 ("bgpd,lib,sharpd,zebra: srv6 introduce multiple
segs/SIDs in nexthop")
Signed-off-by: Dmytro Shytyi <[email protected]>
Pathd needs to track the reachability of the first SID
of any SRv6 segment-list. Use the nexthop tracking
facility and add the pathd daemon as a client to nht service
from zebra.

Signed-off-by: Philippe Guibert <[email protected]>
Signed-off-by: Dmytro Shytyi <[email protected]>
The Pathd daemon is aware of the SID reachability, but
still once the sr policy installed in zebra, there is need
to re-resolve the SID reachability.

Extend the Pathd NHT service, by extracting the resolved
next-hop. This information will be conveyed in the SR_POLICY_SET
message, and will be very helpful to simplify code in zebra.

Signed-off-by: Philippe Guibert <[email protected]>
Signed-off-by: Dmytro Shytyi <[email protected]>
When SRv6 list of segments was changed, change SRv6 policy.

Signed-off-by: Dmytro Shytyi <[email protected]>
…nt_list

When notifying an update for a colored nexthop, ZEBRA sends the default PATHD
distance value and the 0 metric value. Those two values break the original
values that originated from an IGP route, for instance. When transmitting this
information to BGP for instance, the distance and values are very important
when computing BGP paths. Change this by keeping the original distance and
metric values.

When SRv6 segment list size is bigger than 0, send segments
and other elements via zserv_send_message().

The ZEBRA SRTE code can not rely on the routing table. Use instead the
resolved nexthop information gathered by th SRv6 SRTE information.

Signed-off-by: Philippe Guibert <[email protected]>
Signed-off-by: Dmytro Shytyi <[email protected]>
Consider an srv6 policy active, when sr policy set is
received. The sr_policy_validate() function is however
called, the default state value is down, and immediately
sent to UP.

Signed-off-by: Philippe Guibert <[email protected]>
Signed-off-by: Dmytro Shytyi <[email protected]>
This patch mitigates non valid value of the variable
nhr->nexthop_num that equals to 255 in case when
topotest is launched with memleak sanitizer.

Signed-off-by: Dmytro Shytyi <dmytro@[email protected]>
Add pathd srv6 segment list support.

Signed-off-by: Philippe Guibert <[email protected]>
Signed-off-by: Dmytro Shytyi <[email protected]>
SRv6 Policy is an ordered list of segments that represent a
source-routed policy. Packet flows are steered into an SRv6
Policy.

Signed-off-by: Dmytro Shytyi <dmytro@[email protected]>
Signed-off-by: Philippe Guibert <[email protected]>
@dmytroshytyi-6WIND
Copy link
Contributor Author

ci:rerun

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

6 participants