Message ID | 1562010322-97218-1-git-send-email-u9012063@gmail.com |
---|---|
State | Accepted |
Headers | show |
Series | [ovs-dev,PATCHv5] tunnel: Add layer 2 IPv6 GRE encapsulation support. | expand |
On 7/1/2019 12:45 PM, William Tu wrote: > The patch adds ip6gre support. Tunnel type 'ip6gre' with packet_type= > legacy_l2 is a layer 2 GRE tunnel over IPv6, carrying inner ethernet packets > and encap with GRE header with outer IPv6 header. Encapsulation of layer 3 > packet over IPv6 GRE, ip6gre, is not supported yet. I tested it by running: > # make check-kernel TESTSUITEFLAGS='-k ip6gre' > under kernel 5.2 and for userspace: Hi William, I tried this on a system with the 5.2-rc5+ kernel and got the following results: ## ------------------------------- ## ## openvswitch 2.11.90 test suite. ## ## ------------------------------- ## 12: datapath - ping over ip6gre L2 tunnel skipped (system-traffic.at:344) ## ------------- ## ## Test results. ## ## ------------- ## 0 tests were successful. 1 test was skipped. This is on a Ubuntu 16.04 distro with the upstream kernel installed. What system/distro base did you use? Thanks, - Greg > # make check TESTSUITEFLAGS='-k ip6gre' > > Signed-off-by: William Tu <u9012063@gmail.com> > --- > v1-v2 > - rebase to master > v2-v3 > - update documentation suggested by Eli > v3-v4 > - squash Eli's documentation > v4-v5 > - remove using 'ip6gretap', use only 'ip6gre' with > options:packet_type=legacy_l2 > --- > Documentation/faq/configuration.rst | 13 +++++++ > NEWS | 1 + > datapath/linux/compat/ip6_gre.c | 2 +- > lib/dpif-netlink-rtnl.c | 8 ++++- > tests/system-traffic.at | 40 +++++++++++++++++++++ > tests/tunnel-push-pop-ipv6.at | 69 +++++++++++++++++++++++++++++++++++++ > vswitchd/vswitch.xml | 32 ++++++++++------- > 7 files changed, 151 insertions(+), 14 deletions(-) > > diff --git a/Documentation/faq/configuration.rst b/Documentation/faq/configuration.rst > index cb2c6b4eca98..ff3b71a5d4ef 100644 > --- a/Documentation/faq/configuration.rst > +++ b/Documentation/faq/configuration.rst > @@ -212,6 +212,19 @@ Q: Does Open vSwitch support ERSPAN? > options:erspan_ver=2 options:erspan_dir=1 \ > options:erspan_hwid=4 > > +Q: Does Open vSwitch support IPv6 GRE? > + > + A: Yes. L2 tunnel interface GRE over IPv6 is supported. > + L3 GRE tunnel over IPv6 is not supported. > + > + :: > + > + $ ovs-vsctl add-br br0 > + $ ovs-vsctl add-port br0 at_gre0 -- \ > + set int at_gre0 type=ip6gre \ > + options:remote_ip=fc00:100::1 \ > + options:packet_type=legacy_l2 > + > Q: How do I connect two bridges? > > A: First, why do you want to do this? Two connected bridges are not much > diff --git a/NEWS b/NEWS > index a38ab258fc6c..c7e84ed7931d 100644 > --- a/NEWS > +++ b/NEWS > @@ -47,6 +47,7 @@ Post-v2.11.0 > - Linux datapath: > * Support for the kernel versions 4.19.x and 4.20.x. > * Support for the kernel version 5.0.x. > + - Add L2 GRE tunnel over IPv6 support. > > > v2.11.0 - 19 Feb 2019 > diff --git a/datapath/linux/compat/ip6_gre.c b/datapath/linux/compat/ip6_gre.c > index ca4e66133570..ab50c72d0753 100644 > --- a/datapath/linux/compat/ip6_gre.c > +++ b/datapath/linux/compat/ip6_gre.c > @@ -2550,7 +2550,7 @@ static struct rtnl_link_ops ip6gre_link_ops __read_mostly = { > }; > > static struct rtnl_link_ops ip6gre_tap_ops __read_mostly = { > - .kind = "ip6gre", > + .kind = "ip6gretap", > .maxtype = RPL_IFLA_GRE_MAX, > .policy = ip6gre_policy, > .priv_size = sizeof(struct ip6_tnl), > diff --git a/lib/dpif-netlink-rtnl.c b/lib/dpif-netlink-rtnl.c > index 2e23a8c14fcf..582274c46774 100644 > --- a/lib/dpif-netlink-rtnl.c > +++ b/lib/dpif-netlink-rtnl.c > @@ -104,7 +104,13 @@ vport_type_to_kind(enum ovs_vport_type type, > case OVS_VPORT_TYPE_IP6ERSPAN: > return "ip6erspan"; > case OVS_VPORT_TYPE_IP6GRE: > - return "ip6gre"; > + if (tnl_cfg->pt_mode == NETDEV_PT_LEGACY_L2) { > + return "ip6gretap"; > + } else if (tnl_cfg->pt_mode == NETDEV_PT_LEGACY_L3) { > + return NULL; > + } else { > + return NULL; > + } > case OVS_VPORT_TYPE_NETDEV: > case OVS_VPORT_TYPE_INTERNAL: > case OVS_VPORT_TYPE_LISP: > diff --git a/tests/system-traffic.at b/tests/system-traffic.at > index d23ee897b0b2..8ea450887076 100644 > --- a/tests/system-traffic.at > +++ b/tests/system-traffic.at > @@ -340,6 +340,46 @@ NS_CHECK_EXEC([at_ns0], [ping -s 3200 -q -c 3 -i 0.3 -w 2 10.1.1.100 | FORMAT_PI > OVS_TRAFFIC_VSWITCHD_STOP > AT_CLEANUP > > +AT_SETUP([datapath - ping over ip6gre L2 tunnel]) > +OVS_CHECK_KERNEL_EXCL(3, 10, 4, 15) > +OVS_CHECK_GRE() > +OVS_CHECK_ERSPAN() > + > +OVS_TRAFFIC_VSWITCHD_START() > +ADD_BR([br-underlay]) > + > +AT_CHECK([ovs-ofctl add-flow br0 "actions=normal"]) > +AT_CHECK([ovs-ofctl add-flow br-underlay "actions=normal"]) > + > +ADD_NAMESPACES(at_ns0) > + > +dnl Set up underlay link from host into the namespace using veth pair. > +ADD_VETH(p0, at_ns0, br-underlay, "fc00:100::1/96", [], [], nodad) > +AT_CHECK([ip addr add dev br-underlay "fc00:100::100/96" nodad]) > +AT_CHECK([ip link set dev br-underlay up]) > + > +dnl Set up tunnel endpoints on OVS outside the namespace and with a native > +dnl linux device inside the namespace. > +ADD_OVS_TUNNEL6([ip6gre], [br0], [at_gre0], [fc00:100::1], [10.1.1.100/24], > + [options:packet_type=legacy_l2]) > +ADD_NATIVE_TUNNEL6([ip6gretap], [ns_gretap0], [at_ns0], [fc00:100::100], > + [10.1.1.1/24], [local fc00:100::1]) > + > +OVS_WAIT_UNTIL([ip netns exec at_ns0 ping6 -c 2 fc00:100::100]) > + > +dnl First, check the underlay > +NS_CHECK_EXEC([at_ns0], [ping6 -q -c 3 -i 0.3 -w 2 fc00:100::100 | FORMAT_PING], [0], [dnl > +3 packets transmitted, 3 received, 0% packet loss, time 0ms > +]) > + > +dnl Okay, now check the overlay with different packet sizes > +NS_CHECK_EXEC([at_ns0], [ping -q -c 3 -i 0.3 -w 2 10.1.1.100 | FORMAT_PING], [0], [dnl > +3 packets transmitted, 3 received, 0% packet loss, time 0ms > +]) > +OVS_TRAFFIC_VSWITCHD_STOP > +AT_CLEANUP > + > + > AT_SETUP([datapath - ping over erspan v1 tunnel]) > OVS_CHECK_KERNEL_EXCL(3, 10, 4, 15) > OVS_CHECK_GRE() > diff --git a/tests/tunnel-push-pop-ipv6.at b/tests/tunnel-push-pop-ipv6.at > index cbdd5a32f719..59723e63b845 100644 > --- a/tests/tunnel-push-pop-ipv6.at > +++ b/tests/tunnel-push-pop-ipv6.at > @@ -1,5 +1,74 @@ > AT_BANNER([tunnel_push_pop_ipv6]) > > +AT_SETUP([tunnel_push_pop_ipv6 - ip6gre]) > + > +OVS_VSWITCHD_START([add-port br0 p0 -- set Interface p0 type=dummy ofport_request=1 other-config:hwaddr=aa:55:aa:55:00:00]) > +AT_CHECK([ovs-vsctl add-br int-br -- set bridge int-br datapath_type=dummy], [0]) > +AT_CHECK([ovs-vsctl add-port int-br t2 -- set Interface t2 type=ip6gre \ > + options:remote_ip=2001:cafe::92 ofport_request=2\ > + options:packet_type=legacy_l2 > + ], [0]) > + > +AT_CHECK([ovs-appctl dpif/show], [0], [dnl > +dummy@ovs-dummy: hit:0 missed:0 > + br0: > + br0 65534/100: (dummy-internal) > + p0 1/1: (dummy) > + int-br: > + int-br 65534/2: (dummy-internal) > + t2 2/6: (ip6gre: remote_ip=2001:cafe::92) > +]) > + > +dnl First setup dummy interface IP address, then add the route > +dnl so that tnl-port table can get valid IP address for the device. > +AT_CHECK([ovs-appctl netdev-dummy/ip6addr br0 2001:cafe::88/24], [0], [OK > +]) > +AT_CHECK([ovs-appctl netdev-dummy/ip4addr br0 1.1.2.88/24], [0], [OK > +]) > +AT_CHECK([ovs-appctl ovs/route/add 2001:cafe::92/24 br0], [0], [OK > +]) > + > +AT_CHECK([ovs-ofctl add-flow br0 action=normal]) > + > +dnl Check Neighbour discovery. > +AT_CHECK([ovs-vsctl -- set Interface p0 options:pcap=p0.pcap]) > + > +AT_CHECK([ovs-appctl netdev-dummy/receive int-br 'in_port(2),eth(src=aa:55:aa:55:00:00,dst=f8:bc:12:ff:ff:ff),eth_type(0x0800),ipv4(src=1.1.3.92,dst=1.1.3.88,proto=1,tos=0,ttl=64,frag=no),icmp(type=0,code=0)']) > +AT_CHECK([ovs-pcap p0.pcap > p0.pcap.txt 2>&1]) > + > +AT_CHECK([cat p0.pcap.txt | grep 92aa55aa55000086dd6000000000203aff2001cafe | uniq], [0], [dnl > +3333ff000092aa55aa55000086dd6000000000203aff2001cafe000000000000000000000088ff0200000000000000000001ff00009287004d48000000002001cafe0000000000000000000000920101aa55aa550000 > +]) > + > +dnl > +AT_CHECK([ovs-appctl netdev-dummy/receive p0 'in_port(1),eth(src=f8:bc:12:44:34:b6,dst=aa:55:aa:55:00:00),eth_type(0x86dd),ipv6(src=2001:cafe::92,dst=2001:cafe::88,label=0,proto=58,tclass=0,hlimit=255,frag=no),icmpv6(type=136,code=0),nd(target=2001:cafe::92,sll=00:00:00:00:00:00,tll=f8:bc:12:44:34:b6)']) > + > +AT_CHECK([ovs-appctl tnl/arp/show | tail -n+3 | sort], [0], [dnl > +2001:cafe::92 f8:bc:12:44:34:b6 br0 > +]) > + > +AT_CHECK([ovs-appctl tnl/ports/show |sort], [0], [dnl > +Listening ports: > +ip6gre_sys (6) ref_cnt=1 > +]) > + > +dnl Check IPv6 GRE tunnel pop > +AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(1),eth(src=f8:bc:12:44:34:b6,dst=aa:55:aa:55:00:00),eth_type(0x86dd),ipv6(src=2001:cafe::92,dst=2001:cafe::88,label=0,proto=47,tclass=0x0,hlimit=64)'], [0], [stdout]) > +AT_CHECK([tail -1 stdout], [0], > + [Datapath actions: tnl_pop(6) > +]) > + > +dnl Check IPv6 GRE tunnel push > +AT_CHECK([ovs-ofctl add-flow int-br action=2]) > +AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(2),eth(src=f8:bc:12:44:34:b6,dst=aa:55:aa:55:00:01),eth_type(0x0800),ipv4(src=1.1.3.88,dst=1.1.3.112,proto=47,tos=0,ttl=64,frag=no)'], [0], [stdout]) > + > +AT_CHECK([tail -1 stdout], [0], > + [Datapath actions: clone(tnl_push(tnl_port(6),header(size=58,type=109,eth(dst=f8:bc:12:44:34:b6,src=aa:55:aa:55:00:00,dl_type=0x86dd),ipv6(src=2001:cafe::88,dst=2001:cafe::92,label=0,proto=47,tclass=0x0,hlimit=64),gre((flags=0x0,proto=0x6558))),out_port(100)),1) > +]) > + > +OVS_VSWITCHD_STOP > +AT_CLEANUP > + > AT_SETUP([tunnel_push_pop_ipv6 - ip6erspan]) > > OVS_VSWITCHD_START([add-port br0 p0 -- set Interface p0 type=dummy ofport_request=1 other-config:hwaddr=aa:55:aa:55:00:00]) > diff --git a/vswitchd/vswitch.xml b/vswitchd/vswitch.xml > index bf4b6f8dc621..d143bcc06a2b 100644 > --- a/vswitchd/vswitch.xml > +++ b/vswitchd/vswitch.xml > @@ -2561,10 +2561,16 @@ > > <dt><code>gre</code></dt> > <dd> > - Generic Routing Encapsulation (GRE) over IPv4/IPv6 tunnel, > + Generic Routing Encapsulation (GRE) over IPv4 tunnel, > configurable to encapsulate layer 2 or layer 3 traffic. > </dd> > > + <dt><code>ip6gre</code></dt> > + <dd> > + Generic Routing Encapsulation (GRE) over IPv6 tunnel, > + encapsulate layer 2 traffic. > + </dd> > + > <dt><code>vxlan</code></dt> > <dd> > <p> > @@ -2623,8 +2629,8 @@ > <group title="Tunnel Options"> > <p> > These options apply to interfaces with <ref column="type"/> of > - <code>geneve</code>, <code>gre</code>, <code>vxlan</code>, > - <code>lisp</code> and <code>stt</code>. > + <code>geneve</code>, <code>gre</code>, <code>ip6gre</code>, > + <code>vxlan</code>, <code>lisp</code> and <code>stt</code>. > </p> > > <p> > @@ -2921,10 +2927,10 @@ > </column> > </group> > > - <group title="Tunnel Options: gre, geneve, and vxlan"> > + <group title="Tunnel Options: gre, ip6gre, geneve, and vxlan"> > <p> > - <code>gre</code>, <code>geneve</code>, and > - <code>vxlan</code> interfaces support these options. > + <code>gre</code>, <code>ip6gre</code>, <code>geneve</code>, > + and <code>vxlan</code> interfaces support these options. > </p> > > <column name="options" key="csum" type='{"type": "boolean"}'> > @@ -2938,8 +2944,9 @@ > <p> > When using the upstream Linux kernel module, computation of > checksums for <code>geneve</code> and <code>vxlan</code> requires > - Linux kernel version 4.0 or higher. <code>gre</code> supports > - checksums for all versions of Open vSwitch that support GRE. > + Linux kernel version 4.0 or higher. <code>gre</code> and > + <code>ip6gre</code> support checksums for all versions of > + Open vSwitch that support GRE. > The out of tree kernel module distributed as part of OVS > can compute all tunnel checksums on any kernel version that it > is compatible with. > @@ -2951,10 +2958,11 @@ > <group title="Tunnel Options: IPsec"> > <p> > Setting any of these options enables IPsec support for a given > - tunnel. <code>gre</code>, <code>geneve</code>, <code>vxlan</code>, > - and <code>stt</code> interfaces support these options. See the > - <code>IPsec</code> section in the <ref table="Open_vSwitch"/> table > - for a description of each mode. > + tunnel. <code>gre</code>, <code>ip6gre</code>, > + <code>geneve</code>, <code>vxlan</code> and <code>stt</code> > + interfaces support these options. See the <code>IPsec</code> > + section in the <ref table="Open_vSwitch"/> table for a description > + of each mode. > </p> > <column name="options" key="psk" type='{"type": "string"}'> > <p>
On Mon, Jul 1, 2019 at 3:10 PM Gregory Rose <gvrose8192@gmail.com> wrote: > > > > On 7/1/2019 12:45 PM, William Tu wrote: > > The patch adds ip6gre support. Tunnel type 'ip6gre' with packet_type= > > legacy_l2 is a layer 2 GRE tunnel over IPv6, carrying inner ethernet packets > > and encap with GRE header with outer IPv6 header. Encapsulation of layer 3 > > packet over IPv6 GRE, ip6gre, is not supported yet. I tested it by running: > > # make check-kernel TESTSUITEFLAGS='-k ip6gre' > > under kernel 5.2 and for userspace: > > Hi William, > > I tried this on a system with the 5.2-rc5+ kernel and got the following > results: > > ## ------------------------------- ## > ## openvswitch 2.11.90 test suite. ## > ## ------------------------------- ## > 12: datapath - ping over ip6gre L2 tunnel skipped > (system-traffic.at:344) > > ## ------------- ## > ## Test results. ## > ## ------------- ## > > 0 tests were successful. > 1 test was skipped. > > This is on a Ubuntu 16.04 distro with the upstream kernel installed. > What system/distro base did you use? > > Thanks, > > - Greg > I tested it on ubuntu using kernel 5.2.0-rc5+ I run #make check-kernel TESTSUITEFLAGS='-k ip6gre' and it works OK, not being skipped by macro OVS_CHECK_KERNEL_EXCL(3, 10, 4, 15) William
On 7/1/2019 3:29 PM, William Tu wrote: > On Mon, Jul 1, 2019 at 3:10 PM Gregory Rose <gvrose8192@gmail.com> wrote: >> >> >> On 7/1/2019 12:45 PM, William Tu wrote: >>> The patch adds ip6gre support. Tunnel type 'ip6gre' with packet_type= >>> legacy_l2 is a layer 2 GRE tunnel over IPv6, carrying inner ethernet packets >>> and encap with GRE header with outer IPv6 header. Encapsulation of layer 3 >>> packet over IPv6 GRE, ip6gre, is not supported yet. I tested it by running: >>> # make check-kernel TESTSUITEFLAGS='-k ip6gre' >>> under kernel 5.2 and for userspace: >> Hi William, >> >> I tried this on a system with the 5.2-rc5+ kernel and got the following >> results: >> >> ## ------------------------------- ## >> ## openvswitch 2.11.90 test suite. ## >> ## ------------------------------- ## >> 12: datapath - ping over ip6gre L2 tunnel skipped >> (system-traffic.at:344) >> >> ## ------------- ## >> ## Test results. ## >> ## ------------- ## >> >> 0 tests were successful. >> 1 test was skipped. >> >> This is on a Ubuntu 16.04 distro with the upstream kernel installed. >> What system/distro base did you use? >> >> Thanks, >> >> - Greg >> > I tested it on ubuntu using kernel 5.2.0-rc5+ > I run > #make check-kernel TESTSUITEFLAGS='-k ip6gre' > > and it works OK, not being skipped by > macro OVS_CHECK_KERNEL_EXCL(3, 10, 4, 15) > > William I see what happened, I recently ran an update on the system and it overwrote my iproute2/ip I built from upstream so the kernel check was failing because of the wrong ip program. Works fine now. "$@" -k ip6gre -j1 || (test X'' = Xyes && "$@" --recheck) ## ------------------------------- ## ## openvswitch 2.11.90 test suite. ## ## ------------------------------- ## 12: datapath - ping over ip6gre L2 tunnel ok ## ------------- ## ## Test results. ## ## ------------- ## 1 test was successful. Sorry for the confusion... I'm running a few other tests and review but should be done by tomorrow. Thanks! - Greg
On 7/1/2019 12:45 PM, William Tu wrote: > The patch adds ip6gre support. Tunnel type 'ip6gre' with packet_type= > legacy_l2 is a layer 2 GRE tunnel over IPv6, carrying inner ethernet packets > and encap with GRE header with outer IPv6 header. Encapsulation of layer 3 > packet over IPv6 GRE, ip6gre, is not supported yet. I tested it by running: > # make check-kernel TESTSUITEFLAGS='-k ip6gre' > under kernel 5.2 and for userspace: > # make check TESTSUITEFLAGS='-k ip6gre' On a Ubuntu 18.04 system with the distro provided 4.15.0-43-generic kernel I get the following splat: [ 510.428122] general protection fault: 0000 [#1] SMP PTI [ 510.428192] Modules linked in: openvswitch(OE) tunnel6 nf_conntrack_ipv6 nf_nat_ipv6 nf_defrag_ipv6 netconsole xt_CHECKSUM iptable_mangle ipt_MASQUERADE nf_nat_masquerade_ipv4 iptable_nat nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4 nf_nat nf_conntrack xt_tcpudp bridge stp llc iptable_filter snd_hda_codec_generic snd_hda_intel snd_hda_codec snd_hda_core snd_hwdep snd_pcm snd_timer joydev snd soundcore input_leds mac_hid serio_raw qemu_fw_cfg sch_fq_codel ib_iser rdma_cm iw_cm ib_cm ib_core iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi ip_tables x_tables autofs4 btrfs zstd_compress raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0 multipath linear hid_generic usbhid hid crct10dif_pclmul crc32_pclmul ghash_clmulni_intel pcbc qxl ttm [ 510.428536] drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops aesni_intel aes_x86_64 crypto_simd glue_helper cryptd drm psmouse i2c_piix4 virtio_net virtio_blk pata_acpi floppy [ 510.428609] CPU: 0 PID: 35 Comm: kworker/0:1 Tainted: G OE 4.15.0-43-generic #46-Ubuntu [ 510.428646] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011 [ 510.428727] Workqueue: ipv6_addrconf addrconf_dad_work [ 510.428763] RIP: 0010:__gre6_xmit+0x11f/0x2c0 [openvswitch] [ 510.428787] RSP: 0018:ffffb1e840d8f3e8 EFLAGS: 00010286 [ 510.428820] RAX: 00000000ffffffea RBX: ffff9dfaa8a10000 RCX: 0000000000000000 [ 510.428848] RDX: ffff0000af55e000 RSI: 0000000000000040 RDI: ffff9dfaae9cda00 [ 510.428875] RBP: ffffb1e840d8f440 R08: 0000000000005865 R09: ffffb1e840d8f464 [ 510.428903] R10: 0000000000002000 R11: ffff9dfab7002c00 R12: ffff9dfaae9cda00 [ 510.428930] R13: 0000000000000000 R14: ffffb1e840d8f468 R15: 00000000ffffffff [ 510.428972] FS: 0000000000000000(0000) GS:ffff9dfabfc00000(0000) knlGS:0000000000000000 [ 510.429003] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 510.429950] CR2: 000055d347881e60 CR3: 00000001b760a005 CR4: 00000000003606f0 [ 510.430860] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 510.431683] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 510.432494] Call Trace: [ 510.433318] ip6gre_tunnel_xmit+0x103/0x530 [openvswitch] [ 510.434083] ? __wake_up_common+0x73/0x130 [ 510.434891] ? __wake_up_common_lock+0x8e/0xc0 [ 510.435763] __ip6gre_tunnel_xmit+0x12/0x20 [openvswitch] [ 510.436562] ovs_vport_send+0xd4/0x170 [openvswitch] [ 510.437393] do_output+0x53/0x160 [openvswitch] [ 510.438221] do_execute_actions+0x9a1/0x1880 [openvswitch] [ 510.438968] ? __wake_up_common+0x73/0x130 [ 510.439746] ? __wake_up_common_lock+0x8e/0xc0 [ 510.440515] ? __skb_flow_dissect+0xd29/0x1450 [ 510.441295] ovs_execute_actions+0x4c/0x120 [openvswitch] [ 510.442030] ? ovs_execute_actions+0x4c/0x120 [openvswitch] [ 510.442819] ovs_dp_process_packet+0x95/0x150 [openvswitch] [ 510.443649] ? ovs_ct_update_key+0x85/0xe0 [openvswitch] [ 510.444492] ovs_vport_receive+0x7e/0xd0 [openvswitch] [ 510.445294] ? select_idle_sibling+0x29/0x410 [ 510.446200] ? select_task_rq_fair+0x637/0xab0 [ 510.446990] ? __update_load_avg_se.isra.38+0x1c0/0x1d0 [ 510.447763] ? try_to_wake_up+0x59/0x480 [ 510.448549] internal_dev_xmit+0x28/0x60 [openvswitch] [ 510.449356] dev_hard_start_xmit+0xa8/0x210 [ 510.450173] __dev_queue_xmit+0x690/0x7d0 [ 510.450908] ? mroute6_socket+0x78/0xa0 [ 510.451704] dev_queue_xmit+0x10/0x20 [ 510.452413] ? dev_queue_xmit+0x10/0x20 [ 510.453101] ip6_finish_output2+0x339/0x520 [ 510.453776] ? ipv6_get_l4proto+0x96/0xe0 [nf_conntrack_ipv6] [ 510.454429] ip6_finish_output+0x13a/0x1b0 [ 510.455049] ? ip6_finish_output+0x13a/0x1b0 [ 510.455662] ip6_output+0x6c/0x110 [ 510.456285] ? ip6_fragment+0x9f0/0x9f0 [ 510.456825] NF_HOOK.constprop.34+0x45/0xb0 [ 510.457401] ? ipv6_icmp_sysctl_init+0x40/0x40 [ 510.458022] mld_sendpack+0x163/0x210 [ 510.458572] mld_send_initial_cr.part.23+0x86/0xa0 [ 510.459214] ipv6_mc_dad_complete+0x2b/0x40 [ 510.459744] addrconf_dad_completed+0x302/0x370 [ 510.460268] ? __switch_to_asm+0x40/0x70 [ 510.460768] ? __switch_to_asm+0x34/0x70 [ 510.461272] ? __switch_to_asm+0x40/0x70 [ 510.461766] ? __switch_to_asm+0x34/0x70 [ 510.462271] ? __switch_to_asm+0x40/0x70 [ 510.462738] addrconf_dad_work+0x2b8/0x440 [ 510.463226] ? addrconf_dad_work+0x2b8/0x440 [ 510.463694] ? finish_task_switch+0x72/0x220 [ 510.464192] process_one_work+0x1de/0x410 [ 510.464655] ? process_one_work+0x1de/0x410 [ 510.465112] worker_thread+0x32/0x410 [ 510.465576] kthread+0x121/0x140 [ 510.466035] ? process_one_work+0x410/0x410 [ 510.466527] ? kthread_create_worker_on_cpu+0x70/0x70 [ 510.467002] ret_from_fork+0x35/0x40 [ 510.467527] Code: 00 01 b8 65 58 00 00 44 0f 44 c0 80 bb ef 08 00 00 00 0f 84 70 01 00 00 49 8b 54 24 38 4c 89 4d b0 b8 ea ff ff ff 48 85 d2 74 0f <0f> b6 8a f1 00 00 00 83 e1 03 80 f9 03 74 5a 48 8b 7d c8 65 48 [ 510.468522] RIP: __gre6_xmit+0x11f/0x2c0 [openvswitch] RSP: ffffb1e840d8f3e8 [ 510.469051] ---[ end trace ec787407c9ed3a64 ]--- [ 510.469589] Kernel panic - not syncing: Fatal exception in interrupt [ 510.470789] Kernel Offset: 0x1e000000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff) [ 510.471360] ---[ end Kernel panic - not syncing: Fatal exception in interrupt I'm investigating the cause. - Greg > Signed-off-by: William Tu <u9012063@gmail.com> > --- > v1-v2 > - rebase to master > v2-v3 > - update documentation suggested by Eli > v3-v4 > - squash Eli's documentation > v4-v5 > - remove using 'ip6gretap', use only 'ip6gre' with > options:packet_type=legacy_l2 > --- > Documentation/faq/configuration.rst | 13 +++++++ > NEWS | 1 + > datapath/linux/compat/ip6_gre.c | 2 +- > lib/dpif-netlink-rtnl.c | 8 ++++- > tests/system-traffic.at | 40 +++++++++++++++++++++ > tests/tunnel-push-pop-ipv6.at | 69 +++++++++++++++++++++++++++++++++++++ > vswitchd/vswitch.xml | 32 ++++++++++------- > 7 files changed, 151 insertions(+), 14 deletions(-) > > diff --git a/Documentation/faq/configuration.rst b/Documentation/faq/configuration.rst > index cb2c6b4eca98..ff3b71a5d4ef 100644 > --- a/Documentation/faq/configuration.rst > +++ b/Documentation/faq/configuration.rst > @@ -212,6 +212,19 @@ Q: Does Open vSwitch support ERSPAN? > options:erspan_ver=2 options:erspan_dir=1 \ > options:erspan_hwid=4 > > +Q: Does Open vSwitch support IPv6 GRE? > + > + A: Yes. L2 tunnel interface GRE over IPv6 is supported. > + L3 GRE tunnel over IPv6 is not supported. > + > + :: > + > + $ ovs-vsctl add-br br0 > + $ ovs-vsctl add-port br0 at_gre0 -- \ > + set int at_gre0 type=ip6gre \ > + options:remote_ip=fc00:100::1 \ > + options:packet_type=legacy_l2 > + > Q: How do I connect two bridges? > > A: First, why do you want to do this? Two connected bridges are not much > diff --git a/NEWS b/NEWS > index a38ab258fc6c..c7e84ed7931d 100644 > --- a/NEWS > +++ b/NEWS > @@ -47,6 +47,7 @@ Post-v2.11.0 > - Linux datapath: > * Support for the kernel versions 4.19.x and 4.20.x. > * Support for the kernel version 5.0.x. > + - Add L2 GRE tunnel over IPv6 support. > > > v2.11.0 - 19 Feb 2019 > diff --git a/datapath/linux/compat/ip6_gre.c b/datapath/linux/compat/ip6_gre.c > index ca4e66133570..ab50c72d0753 100644 > --- a/datapath/linux/compat/ip6_gre.c > +++ b/datapath/linux/compat/ip6_gre.c > @@ -2550,7 +2550,7 @@ static struct rtnl_link_ops ip6gre_link_ops __read_mostly = { > }; > > static struct rtnl_link_ops ip6gre_tap_ops __read_mostly = { > - .kind = "ip6gre", > + .kind = "ip6gretap", > .maxtype = RPL_IFLA_GRE_MAX, > .policy = ip6gre_policy, > .priv_size = sizeof(struct ip6_tnl), > diff --git a/lib/dpif-netlink-rtnl.c b/lib/dpif-netlink-rtnl.c > index 2e23a8c14fcf..582274c46774 100644 > --- a/lib/dpif-netlink-rtnl.c > +++ b/lib/dpif-netlink-rtnl.c > @@ -104,7 +104,13 @@ vport_type_to_kind(enum ovs_vport_type type, > case OVS_VPORT_TYPE_IP6ERSPAN: > return "ip6erspan"; > case OVS_VPORT_TYPE_IP6GRE: > - return "ip6gre"; > + if (tnl_cfg->pt_mode == NETDEV_PT_LEGACY_L2) { > + return "ip6gretap"; > + } else if (tnl_cfg->pt_mode == NETDEV_PT_LEGACY_L3) { > + return NULL; > + } else { > + return NULL; > + } > case OVS_VPORT_TYPE_NETDEV: > case OVS_VPORT_TYPE_INTERNAL: > case OVS_VPORT_TYPE_LISP: > diff --git a/tests/system-traffic.at b/tests/system-traffic.at > index d23ee897b0b2..8ea450887076 100644 > --- a/tests/system-traffic.at > +++ b/tests/system-traffic.at > @@ -340,6 +340,46 @@ NS_CHECK_EXEC([at_ns0], [ping -s 3200 -q -c 3 -i 0.3 -w 2 10.1.1.100 | FORMAT_PI > OVS_TRAFFIC_VSWITCHD_STOP > AT_CLEANUP > > +AT_SETUP([datapath - ping over ip6gre L2 tunnel]) > +OVS_CHECK_KERNEL_EXCL(3, 10, 4, 15) > +OVS_CHECK_GRE() > +OVS_CHECK_ERSPAN() > + > +OVS_TRAFFIC_VSWITCHD_START() > +ADD_BR([br-underlay]) > + > +AT_CHECK([ovs-ofctl add-flow br0 "actions=normal"]) > +AT_CHECK([ovs-ofctl add-flow br-underlay "actions=normal"]) > + > +ADD_NAMESPACES(at_ns0) > + > +dnl Set up underlay link from host into the namespace using veth pair. > +ADD_VETH(p0, at_ns0, br-underlay, "fc00:100::1/96", [], [], nodad) > +AT_CHECK([ip addr add dev br-underlay "fc00:100::100/96" nodad]) > +AT_CHECK([ip link set dev br-underlay up]) > + > +dnl Set up tunnel endpoints on OVS outside the namespace and with a native > +dnl linux device inside the namespace. > +ADD_OVS_TUNNEL6([ip6gre], [br0], [at_gre0], [fc00:100::1], [10.1.1.100/24], > + [options:packet_type=legacy_l2]) > +ADD_NATIVE_TUNNEL6([ip6gretap], [ns_gretap0], [at_ns0], [fc00:100::100], > + [10.1.1.1/24], [local fc00:100::1]) > + > +OVS_WAIT_UNTIL([ip netns exec at_ns0 ping6 -c 2 fc00:100::100]) > + > +dnl First, check the underlay > +NS_CHECK_EXEC([at_ns0], [ping6 -q -c 3 -i 0.3 -w 2 fc00:100::100 | FORMAT_PING], [0], [dnl > +3 packets transmitted, 3 received, 0% packet loss, time 0ms > +]) > + > +dnl Okay, now check the overlay with different packet sizes > +NS_CHECK_EXEC([at_ns0], [ping -q -c 3 -i 0.3 -w 2 10.1.1.100 | FORMAT_PING], [0], [dnl > +3 packets transmitted, 3 received, 0% packet loss, time 0ms > +]) > +OVS_TRAFFIC_VSWITCHD_STOP > +AT_CLEANUP > + > + > AT_SETUP([datapath - ping over erspan v1 tunnel]) > OVS_CHECK_KERNEL_EXCL(3, 10, 4, 15) > OVS_CHECK_GRE() > diff --git a/tests/tunnel-push-pop-ipv6.at b/tests/tunnel-push-pop-ipv6.at > index cbdd5a32f719..59723e63b845 100644 > --- a/tests/tunnel-push-pop-ipv6.at > +++ b/tests/tunnel-push-pop-ipv6.at > @@ -1,5 +1,74 @@ > AT_BANNER([tunnel_push_pop_ipv6]) > > +AT_SETUP([tunnel_push_pop_ipv6 - ip6gre]) > + > +OVS_VSWITCHD_START([add-port br0 p0 -- set Interface p0 type=dummy ofport_request=1 other-config:hwaddr=aa:55:aa:55:00:00]) > +AT_CHECK([ovs-vsctl add-br int-br -- set bridge int-br datapath_type=dummy], [0]) > +AT_CHECK([ovs-vsctl add-port int-br t2 -- set Interface t2 type=ip6gre \ > + options:remote_ip=2001:cafe::92 ofport_request=2\ > + options:packet_type=legacy_l2 > + ], [0]) > + > +AT_CHECK([ovs-appctl dpif/show], [0], [dnl > +dummy@ovs-dummy: hit:0 missed:0 > + br0: > + br0 65534/100: (dummy-internal) > + p0 1/1: (dummy) > + int-br: > + int-br 65534/2: (dummy-internal) > + t2 2/6: (ip6gre: remote_ip=2001:cafe::92) > +]) > + > +dnl First setup dummy interface IP address, then add the route > +dnl so that tnl-port table can get valid IP address for the device. > +AT_CHECK([ovs-appctl netdev-dummy/ip6addr br0 2001:cafe::88/24], [0], [OK > +]) > +AT_CHECK([ovs-appctl netdev-dummy/ip4addr br0 1.1.2.88/24], [0], [OK > +]) > +AT_CHECK([ovs-appctl ovs/route/add 2001:cafe::92/24 br0], [0], [OK > +]) > + > +AT_CHECK([ovs-ofctl add-flow br0 action=normal]) > + > +dnl Check Neighbour discovery. > +AT_CHECK([ovs-vsctl -- set Interface p0 options:pcap=p0.pcap]) > + > +AT_CHECK([ovs-appctl netdev-dummy/receive int-br 'in_port(2),eth(src=aa:55:aa:55:00:00,dst=f8:bc:12:ff:ff:ff),eth_type(0x0800),ipv4(src=1.1.3.92,dst=1.1.3.88,proto=1,tos=0,ttl=64,frag=no),icmp(type=0,code=0)']) > +AT_CHECK([ovs-pcap p0.pcap > p0.pcap.txt 2>&1]) > + > +AT_CHECK([cat p0.pcap.txt | grep 92aa55aa55000086dd6000000000203aff2001cafe | uniq], [0], [dnl > +3333ff000092aa55aa55000086dd6000000000203aff2001cafe000000000000000000000088ff0200000000000000000001ff00009287004d48000000002001cafe0000000000000000000000920101aa55aa550000 > +]) > + > +dnl > +AT_CHECK([ovs-appctl netdev-dummy/receive p0 'in_port(1),eth(src=f8:bc:12:44:34:b6,dst=aa:55:aa:55:00:00),eth_type(0x86dd),ipv6(src=2001:cafe::92,dst=2001:cafe::88,label=0,proto=58,tclass=0,hlimit=255,frag=no),icmpv6(type=136,code=0),nd(target=2001:cafe::92,sll=00:00:00:00:00:00,tll=f8:bc:12:44:34:b6)']) > + > +AT_CHECK([ovs-appctl tnl/arp/show | tail -n+3 | sort], [0], [dnl > +2001:cafe::92 f8:bc:12:44:34:b6 br0 > +]) > + > +AT_CHECK([ovs-appctl tnl/ports/show |sort], [0], [dnl > +Listening ports: > +ip6gre_sys (6) ref_cnt=1 > +]) > + > +dnl Check IPv6 GRE tunnel pop > +AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(1),eth(src=f8:bc:12:44:34:b6,dst=aa:55:aa:55:00:00),eth_type(0x86dd),ipv6(src=2001:cafe::92,dst=2001:cafe::88,label=0,proto=47,tclass=0x0,hlimit=64)'], [0], [stdout]) > +AT_CHECK([tail -1 stdout], [0], > + [Datapath actions: tnl_pop(6) > +]) > + > +dnl Check IPv6 GRE tunnel push > +AT_CHECK([ovs-ofctl add-flow int-br action=2]) > +AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(2),eth(src=f8:bc:12:44:34:b6,dst=aa:55:aa:55:00:01),eth_type(0x0800),ipv4(src=1.1.3.88,dst=1.1.3.112,proto=47,tos=0,ttl=64,frag=no)'], [0], [stdout]) > + > +AT_CHECK([tail -1 stdout], [0], > + [Datapath actions: clone(tnl_push(tnl_port(6),header(size=58,type=109,eth(dst=f8:bc:12:44:34:b6,src=aa:55:aa:55:00:00,dl_type=0x86dd),ipv6(src=2001:cafe::88,dst=2001:cafe::92,label=0,proto=47,tclass=0x0,hlimit=64),gre((flags=0x0,proto=0x6558))),out_port(100)),1) > +]) > + > +OVS_VSWITCHD_STOP > +AT_CLEANUP > + > AT_SETUP([tunnel_push_pop_ipv6 - ip6erspan]) > > OVS_VSWITCHD_START([add-port br0 p0 -- set Interface p0 type=dummy ofport_request=1 other-config:hwaddr=aa:55:aa:55:00:00]) > diff --git a/vswitchd/vswitch.xml b/vswitchd/vswitch.xml > index bf4b6f8dc621..d143bcc06a2b 100644 > --- a/vswitchd/vswitch.xml > +++ b/vswitchd/vswitch.xml > @@ -2561,10 +2561,16 @@ > > <dt><code>gre</code></dt> > <dd> > - Generic Routing Encapsulation (GRE) over IPv4/IPv6 tunnel, > + Generic Routing Encapsulation (GRE) over IPv4 tunnel, > configurable to encapsulate layer 2 or layer 3 traffic. > </dd> > > + <dt><code>ip6gre</code></dt> > + <dd> > + Generic Routing Encapsulation (GRE) over IPv6 tunnel, > + encapsulate layer 2 traffic. > + </dd> > + > <dt><code>vxlan</code></dt> > <dd> > <p> > @@ -2623,8 +2629,8 @@ > <group title="Tunnel Options"> > <p> > These options apply to interfaces with <ref column="type"/> of > - <code>geneve</code>, <code>gre</code>, <code>vxlan</code>, > - <code>lisp</code> and <code>stt</code>. > + <code>geneve</code>, <code>gre</code>, <code>ip6gre</code>, > + <code>vxlan</code>, <code>lisp</code> and <code>stt</code>. > </p> > > <p> > @@ -2921,10 +2927,10 @@ > </column> > </group> > > - <group title="Tunnel Options: gre, geneve, and vxlan"> > + <group title="Tunnel Options: gre, ip6gre, geneve, and vxlan"> > <p> > - <code>gre</code>, <code>geneve</code>, and > - <code>vxlan</code> interfaces support these options. > + <code>gre</code>, <code>ip6gre</code>, <code>geneve</code>, > + and <code>vxlan</code> interfaces support these options. > </p> > > <column name="options" key="csum" type='{"type": "boolean"}'> > @@ -2938,8 +2944,9 @@ > <p> > When using the upstream Linux kernel module, computation of > checksums for <code>geneve</code> and <code>vxlan</code> requires > - Linux kernel version 4.0 or higher. <code>gre</code> supports > - checksums for all versions of Open vSwitch that support GRE. > + Linux kernel version 4.0 or higher. <code>gre</code> and > + <code>ip6gre</code> support checksums for all versions of > + Open vSwitch that support GRE. > The out of tree kernel module distributed as part of OVS > can compute all tunnel checksums on any kernel version that it > is compatible with. > @@ -2951,10 +2958,11 @@ > <group title="Tunnel Options: IPsec"> > <p> > Setting any of these options enables IPsec support for a given > - tunnel. <code>gre</code>, <code>geneve</code>, <code>vxlan</code>, > - and <code>stt</code> interfaces support these options. See the > - <code>IPsec</code> section in the <ref table="Open_vSwitch"/> table > - for a description of each mode. > + tunnel. <code>gre</code>, <code>ip6gre</code>, > + <code>geneve</code>, <code>vxlan</code> and <code>stt</code> > + interfaces support these options. See the <code>IPsec</code> > + section in the <ref table="Open_vSwitch"/> table for a description > + of each mode. > </p> > <column name="options" key="psk" type='{"type": "string"}'> > <p>
On 7/2/2019 10:42 AM, Gregory Rose wrote: > > On 7/1/2019 12:45 PM, William Tu wrote: >> The patch adds ip6gre support. Tunnel type 'ip6gre' with packet_type= >> legacy_l2 is a layer 2 GRE tunnel over IPv6, carrying inner ethernet >> packets >> and encap with GRE header with outer IPv6 header. Encapsulation of >> layer 3 >> packet over IPv6 GRE, ip6gre, is not supported yet. I tested it by >> running: >> # make check-kernel TESTSUITEFLAGS='-k ip6gre' >> under kernel 5.2 and for userspace: >> # make check TESTSUITEFLAGS='-k ip6gre' > > On a Ubuntu 18.04 system with the distro provided 4.15.0-43-generic > kernel I get the following splat: > > [ 510.469589] Kernel panic - not syncing: Fatal exception in interrupt > [ 510.470789] Kernel Offset: 0x1e000000 from 0xffffffff81000000 > (relocation range: 0xffffffff80000000-0xffffffffbfffffff) > [ 510.471360] ---[ end Kernel panic - not syncing: Fatal exception in > interrupt > [snip] I've run into an interesting problem but I don't think it's related to this patch. I can revert the patch on that system and get the same problem. In the interest of getting this patch tested and reviewed I'll just try a different distro/machine. - Greg
On 7/1/2019 12:45 PM, William Tu wrote: > The patch adds ip6gre support. Tunnel type 'ip6gre' with packet_type= > legacy_l2 is a layer 2 GRE tunnel over IPv6, carrying inner ethernet packets > and encap with GRE header with outer IPv6 header. Encapsulation of layer 3 > packet over IPv6 GRE, ip6gre, is not supported yet. I tested it by running: > # make check-kernel TESTSUITEFLAGS='-k ip6gre' > under kernel 5.2 and for userspace: > # make check TESTSUITEFLAGS='-k ip6gre' > > Signed-off-by: William Tu <u9012063@gmail.com> > --- > v1-v2 > - rebase to master > v2-v3 > - update documentation suggested by Eli > v3-v4 > - squash Eli's documentation > v4-v5 > - remove using 'ip6gretap', use only 'ip6gre' with > options:packet_type=legacy_l2 > --- LGTM - ran into two problems testing, user error or on one and an issue on a single system that is not reproducible anywhere else. Ran check-kmod for systems running the out of tree kernel modules and check-kernel on a system with the upstream kernel - all checks out well. Passes a travis check - https://travis-ci.org/gvrose8192/ovs-experimental/builds/552977116 Thanks William! Tested-by: Greg Rose <gvrose8192@gmail.com> Reviewed-by: Greg Rose <gvrose8192@gmail.com> - Greg > Documentation/faq/configuration.rst | 13 +++++++ > NEWS | 1 + > datapath/linux/compat/ip6_gre.c | 2 +- > lib/dpif-netlink-rtnl.c | 8 ++++- > tests/system-traffic.at | 40 +++++++++++++++++++++ > tests/tunnel-push-pop-ipv6.at | 69 +++++++++++++++++++++++++++++++++++++ > vswitchd/vswitch.xml | 32 ++++++++++------- > 7 files changed, 151 insertions(+), 14 deletions(-) > > diff --git a/Documentation/faq/configuration.rst b/Documentation/faq/configuration.rst > index cb2c6b4eca98..ff3b71a5d4ef 100644 > --- a/Documentation/faq/configuration.rst > +++ b/Documentation/faq/configuration.rst > @@ -212,6 +212,19 @@ Q: Does Open vSwitch support ERSPAN? > options:erspan_ver=2 options:erspan_dir=1 \ > options:erspan_hwid=4 > > +Q: Does Open vSwitch support IPv6 GRE? > + > + A: Yes. L2 tunnel interface GRE over IPv6 is supported. > + L3 GRE tunnel over IPv6 is not supported. > + > + :: > + > + $ ovs-vsctl add-br br0 > + $ ovs-vsctl add-port br0 at_gre0 -- \ > + set int at_gre0 type=ip6gre \ > + options:remote_ip=fc00:100::1 \ > + options:packet_type=legacy_l2 > + > Q: How do I connect two bridges? > > A: First, why do you want to do this? Two connected bridges are not much > diff --git a/NEWS b/NEWS > index a38ab258fc6c..c7e84ed7931d 100644 > --- a/NEWS > +++ b/NEWS > @@ -47,6 +47,7 @@ Post-v2.11.0 > - Linux datapath: > * Support for the kernel versions 4.19.x and 4.20.x. > * Support for the kernel version 5.0.x. > + - Add L2 GRE tunnel over IPv6 support. > > > v2.11.0 - 19 Feb 2019 > diff --git a/datapath/linux/compat/ip6_gre.c b/datapath/linux/compat/ip6_gre.c > index ca4e66133570..ab50c72d0753 100644 > --- a/datapath/linux/compat/ip6_gre.c > +++ b/datapath/linux/compat/ip6_gre.c > @@ -2550,7 +2550,7 @@ static struct rtnl_link_ops ip6gre_link_ops __read_mostly = { > }; > > static struct rtnl_link_ops ip6gre_tap_ops __read_mostly = { > - .kind = "ip6gre", > + .kind = "ip6gretap", > .maxtype = RPL_IFLA_GRE_MAX, > .policy = ip6gre_policy, > .priv_size = sizeof(struct ip6_tnl), > diff --git a/lib/dpif-netlink-rtnl.c b/lib/dpif-netlink-rtnl.c > index 2e23a8c14fcf..582274c46774 100644 > --- a/lib/dpif-netlink-rtnl.c > +++ b/lib/dpif-netlink-rtnl.c > @@ -104,7 +104,13 @@ vport_type_to_kind(enum ovs_vport_type type, > case OVS_VPORT_TYPE_IP6ERSPAN: > return "ip6erspan"; > case OVS_VPORT_TYPE_IP6GRE: > - return "ip6gre"; > + if (tnl_cfg->pt_mode == NETDEV_PT_LEGACY_L2) { > + return "ip6gretap"; > + } else if (tnl_cfg->pt_mode == NETDEV_PT_LEGACY_L3) { > + return NULL; > + } else { > + return NULL; > + } > case OVS_VPORT_TYPE_NETDEV: > case OVS_VPORT_TYPE_INTERNAL: > case OVS_VPORT_TYPE_LISP: > diff --git a/tests/system-traffic.at b/tests/system-traffic.at > index d23ee897b0b2..8ea450887076 100644 > --- a/tests/system-traffic.at > +++ b/tests/system-traffic.at > @@ -340,6 +340,46 @@ NS_CHECK_EXEC([at_ns0], [ping -s 3200 -q -c 3 -i 0.3 -w 2 10.1.1.100 | FORMAT_PI > OVS_TRAFFIC_VSWITCHD_STOP > AT_CLEANUP > > +AT_SETUP([datapath - ping over ip6gre L2 tunnel]) > +OVS_CHECK_KERNEL_EXCL(3, 10, 4, 15) > +OVS_CHECK_GRE() > +OVS_CHECK_ERSPAN() > + > +OVS_TRAFFIC_VSWITCHD_START() > +ADD_BR([br-underlay]) > + > +AT_CHECK([ovs-ofctl add-flow br0 "actions=normal"]) > +AT_CHECK([ovs-ofctl add-flow br-underlay "actions=normal"]) > + > +ADD_NAMESPACES(at_ns0) > + > +dnl Set up underlay link from host into the namespace using veth pair. > +ADD_VETH(p0, at_ns0, br-underlay, "fc00:100::1/96", [], [], nodad) > +AT_CHECK([ip addr add dev br-underlay "fc00:100::100/96" nodad]) > +AT_CHECK([ip link set dev br-underlay up]) > + > +dnl Set up tunnel endpoints on OVS outside the namespace and with a native > +dnl linux device inside the namespace. > +ADD_OVS_TUNNEL6([ip6gre], [br0], [at_gre0], [fc00:100::1], [10.1.1.100/24], > + [options:packet_type=legacy_l2]) > +ADD_NATIVE_TUNNEL6([ip6gretap], [ns_gretap0], [at_ns0], [fc00:100::100], > + [10.1.1.1/24], [local fc00:100::1]) > + > +OVS_WAIT_UNTIL([ip netns exec at_ns0 ping6 -c 2 fc00:100::100]) > + > +dnl First, check the underlay > +NS_CHECK_EXEC([at_ns0], [ping6 -q -c 3 -i 0.3 -w 2 fc00:100::100 | FORMAT_PING], [0], [dnl > +3 packets transmitted, 3 received, 0% packet loss, time 0ms > +]) > + > +dnl Okay, now check the overlay with different packet sizes > +NS_CHECK_EXEC([at_ns0], [ping -q -c 3 -i 0.3 -w 2 10.1.1.100 | FORMAT_PING], [0], [dnl > +3 packets transmitted, 3 received, 0% packet loss, time 0ms > +]) > +OVS_TRAFFIC_VSWITCHD_STOP > +AT_CLEANUP > + > + > AT_SETUP([datapath - ping over erspan v1 tunnel]) > OVS_CHECK_KERNEL_EXCL(3, 10, 4, 15) > OVS_CHECK_GRE() > diff --git a/tests/tunnel-push-pop-ipv6.at b/tests/tunnel-push-pop-ipv6.at > index cbdd5a32f719..59723e63b845 100644 > --- a/tests/tunnel-push-pop-ipv6.at > +++ b/tests/tunnel-push-pop-ipv6.at > @@ -1,5 +1,74 @@ > AT_BANNER([tunnel_push_pop_ipv6]) > > +AT_SETUP([tunnel_push_pop_ipv6 - ip6gre]) > + > +OVS_VSWITCHD_START([add-port br0 p0 -- set Interface p0 type=dummy ofport_request=1 other-config:hwaddr=aa:55:aa:55:00:00]) > +AT_CHECK([ovs-vsctl add-br int-br -- set bridge int-br datapath_type=dummy], [0]) > +AT_CHECK([ovs-vsctl add-port int-br t2 -- set Interface t2 type=ip6gre \ > + options:remote_ip=2001:cafe::92 ofport_request=2\ > + options:packet_type=legacy_l2 > + ], [0]) > + > +AT_CHECK([ovs-appctl dpif/show], [0], [dnl > +dummy@ovs-dummy: hit:0 missed:0 > + br0: > + br0 65534/100: (dummy-internal) > + p0 1/1: (dummy) > + int-br: > + int-br 65534/2: (dummy-internal) > + t2 2/6: (ip6gre: remote_ip=2001:cafe::92) > +]) > + > +dnl First setup dummy interface IP address, then add the route > +dnl so that tnl-port table can get valid IP address for the device. > +AT_CHECK([ovs-appctl netdev-dummy/ip6addr br0 2001:cafe::88/24], [0], [OK > +]) > +AT_CHECK([ovs-appctl netdev-dummy/ip4addr br0 1.1.2.88/24], [0], [OK > +]) > +AT_CHECK([ovs-appctl ovs/route/add 2001:cafe::92/24 br0], [0], [OK > +]) > + > +AT_CHECK([ovs-ofctl add-flow br0 action=normal]) > + > +dnl Check Neighbour discovery. > +AT_CHECK([ovs-vsctl -- set Interface p0 options:pcap=p0.pcap]) > + > +AT_CHECK([ovs-appctl netdev-dummy/receive int-br 'in_port(2),eth(src=aa:55:aa:55:00:00,dst=f8:bc:12:ff:ff:ff),eth_type(0x0800),ipv4(src=1.1.3.92,dst=1.1.3.88,proto=1,tos=0,ttl=64,frag=no),icmp(type=0,code=0)']) > +AT_CHECK([ovs-pcap p0.pcap > p0.pcap.txt 2>&1]) > + > +AT_CHECK([cat p0.pcap.txt | grep 92aa55aa55000086dd6000000000203aff2001cafe | uniq], [0], [dnl > +3333ff000092aa55aa55000086dd6000000000203aff2001cafe000000000000000000000088ff0200000000000000000001ff00009287004d48000000002001cafe0000000000000000000000920101aa55aa550000 > +]) > + > +dnl > +AT_CHECK([ovs-appctl netdev-dummy/receive p0 'in_port(1),eth(src=f8:bc:12:44:34:b6,dst=aa:55:aa:55:00:00),eth_type(0x86dd),ipv6(src=2001:cafe::92,dst=2001:cafe::88,label=0,proto=58,tclass=0,hlimit=255,frag=no),icmpv6(type=136,code=0),nd(target=2001:cafe::92,sll=00:00:00:00:00:00,tll=f8:bc:12:44:34:b6)']) > + > +AT_CHECK([ovs-appctl tnl/arp/show | tail -n+3 | sort], [0], [dnl > +2001:cafe::92 f8:bc:12:44:34:b6 br0 > +]) > + > +AT_CHECK([ovs-appctl tnl/ports/show |sort], [0], [dnl > +Listening ports: > +ip6gre_sys (6) ref_cnt=1 > +]) > + > +dnl Check IPv6 GRE tunnel pop > +AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(1),eth(src=f8:bc:12:44:34:b6,dst=aa:55:aa:55:00:00),eth_type(0x86dd),ipv6(src=2001:cafe::92,dst=2001:cafe::88,label=0,proto=47,tclass=0x0,hlimit=64)'], [0], [stdout]) > +AT_CHECK([tail -1 stdout], [0], > + [Datapath actions: tnl_pop(6) > +]) > + > +dnl Check IPv6 GRE tunnel push > +AT_CHECK([ovs-ofctl add-flow int-br action=2]) > +AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(2),eth(src=f8:bc:12:44:34:b6,dst=aa:55:aa:55:00:01),eth_type(0x0800),ipv4(src=1.1.3.88,dst=1.1.3.112,proto=47,tos=0,ttl=64,frag=no)'], [0], [stdout]) > + > +AT_CHECK([tail -1 stdout], [0], > + [Datapath actions: clone(tnl_push(tnl_port(6),header(size=58,type=109,eth(dst=f8:bc:12:44:34:b6,src=aa:55:aa:55:00:00,dl_type=0x86dd),ipv6(src=2001:cafe::88,dst=2001:cafe::92,label=0,proto=47,tclass=0x0,hlimit=64),gre((flags=0x0,proto=0x6558))),out_port(100)),1) > +]) > + > +OVS_VSWITCHD_STOP > +AT_CLEANUP > + > AT_SETUP([tunnel_push_pop_ipv6 - ip6erspan]) > > OVS_VSWITCHD_START([add-port br0 p0 -- set Interface p0 type=dummy ofport_request=1 other-config:hwaddr=aa:55:aa:55:00:00]) > diff --git a/vswitchd/vswitch.xml b/vswitchd/vswitch.xml > index bf4b6f8dc621..d143bcc06a2b 100644 > --- a/vswitchd/vswitch.xml > +++ b/vswitchd/vswitch.xml > @@ -2561,10 +2561,16 @@ > > <dt><code>gre</code></dt> > <dd> > - Generic Routing Encapsulation (GRE) over IPv4/IPv6 tunnel, > + Generic Routing Encapsulation (GRE) over IPv4 tunnel, > configurable to encapsulate layer 2 or layer 3 traffic. > </dd> > > + <dt><code>ip6gre</code></dt> > + <dd> > + Generic Routing Encapsulation (GRE) over IPv6 tunnel, > + encapsulate layer 2 traffic. > + </dd> > + > <dt><code>vxlan</code></dt> > <dd> > <p> > @@ -2623,8 +2629,8 @@ > <group title="Tunnel Options"> > <p> > These options apply to interfaces with <ref column="type"/> of > - <code>geneve</code>, <code>gre</code>, <code>vxlan</code>, > - <code>lisp</code> and <code>stt</code>. > + <code>geneve</code>, <code>gre</code>, <code>ip6gre</code>, > + <code>vxlan</code>, <code>lisp</code> and <code>stt</code>. > </p> > > <p> > @@ -2921,10 +2927,10 @@ > </column> > </group> > > - <group title="Tunnel Options: gre, geneve, and vxlan"> > + <group title="Tunnel Options: gre, ip6gre, geneve, and vxlan"> > <p> > - <code>gre</code>, <code>geneve</code>, and > - <code>vxlan</code> interfaces support these options. > + <code>gre</code>, <code>ip6gre</code>, <code>geneve</code>, > + and <code>vxlan</code> interfaces support these options. > </p> > > <column name="options" key="csum" type='{"type": "boolean"}'> > @@ -2938,8 +2944,9 @@ > <p> > When using the upstream Linux kernel module, computation of > checksums for <code>geneve</code> and <code>vxlan</code> requires > - Linux kernel version 4.0 or higher. <code>gre</code> supports > - checksums for all versions of Open vSwitch that support GRE. > + Linux kernel version 4.0 or higher. <code>gre</code> and > + <code>ip6gre</code> support checksums for all versions of > + Open vSwitch that support GRE. > The out of tree kernel module distributed as part of OVS > can compute all tunnel checksums on any kernel version that it > is compatible with. > @@ -2951,10 +2958,11 @@ > <group title="Tunnel Options: IPsec"> > <p> > Setting any of these options enables IPsec support for a given > - tunnel. <code>gre</code>, <code>geneve</code>, <code>vxlan</code>, > - and <code>stt</code> interfaces support these options. See the > - <code>IPsec</code> section in the <ref table="Open_vSwitch"/> table > - for a description of each mode. > + tunnel. <code>gre</code>, <code>ip6gre</code>, > + <code>geneve</code>, <code>vxlan</code> and <code>stt</code> > + interfaces support these options. See the <code>IPsec</code> > + section in the <ref table="Open_vSwitch"/> table for a description > + of each mode. > </p> > <column name="options" key="psk" type='{"type": "string"}'> > <p>
On Tue, Jul 2, 2019 at 4:43 PM Gregory Rose <gvrose8192@gmail.com> wrote: > > > On 7/1/2019 12:45 PM, William Tu wrote: > > The patch adds ip6gre support. Tunnel type 'ip6gre' with packet_type= > > legacy_l2 is a layer 2 GRE tunnel over IPv6, carrying inner ethernet packets > > and encap with GRE header with outer IPv6 header. Encapsulation of layer 3 > > packet over IPv6 GRE, ip6gre, is not supported yet. I tested it by running: > > # make check-kernel TESTSUITEFLAGS='-k ip6gre' > > under kernel 5.2 and for userspace: > > # make check TESTSUITEFLAGS='-k ip6gre' > > > > Signed-off-by: William Tu <u9012063@gmail.com> > > --- > > v1-v2 > > - rebase to master > > v2-v3 > > - update documentation suggested by Eli > > v3-v4 > > - squash Eli's documentation > > v4-v5 > > - remove using 'ip6gretap', use only 'ip6gre' with > > options:packet_type=legacy_l2 > > --- > > LGTM - ran into two problems testing, user error or on one and an issue > on a single system that is not reproducible > anywhere else. Ran check-kmod for systems running the out of tree > kernel modules and check-kernel on a system > with the upstream kernel - all checks out well. Passes a travis check - > > https://travis-ci.org/gvrose8192/ovs-experimental/builds/552977116 > > Thanks William! > > Tested-by: Greg Rose <gvrose8192@gmail.com> > Reviewed-by: Greg Rose <gvrose8192@gmail.com> > Thanks for testing on different distributions. --William <snip>
On 7/3/2019 6:59 PM, William Tu wrote: > On Tue, Jul 2, 2019 at 4:43 PM Gregory Rose <gvrose8192@gmail.com> wrote: >> >> On 7/1/2019 12:45 PM, William Tu wrote: >>> The patch adds ip6gre support. Tunnel type 'ip6gre' with packet_type= >>> legacy_l2 is a layer 2 GRE tunnel over IPv6, carrying inner ethernet packets >>> and encap with GRE header with outer IPv6 header. Encapsulation of layer 3 >>> packet over IPv6 GRE, ip6gre, is not supported yet. I tested it by running: >>> # make check-kernel TESTSUITEFLAGS='-k ip6gre' >>> under kernel 5.2 and for userspace: >>> # make check TESTSUITEFLAGS='-k ip6gre' >>> >>> Signed-off-by: William Tu <u9012063@gmail.com> >>> --- >>> v1-v2 >>> - rebase to master >>> v2-v3 >>> - update documentation suggested by Eli >>> v3-v4 >>> - squash Eli's documentation >>> v4-v5 >>> - remove using 'ip6gretap', use only 'ip6gre' with >>> options:packet_type=legacy_l2 >>> --- >> LGTM - ran into two problems testing, user error or on one and an issue >> on a single system that is not reproducible >> anywhere else. Ran check-kmod for systems running the out of tree >> kernel modules and check-kernel on a system >> with the upstream kernel - all checks out well. Passes a travis check - >> >> https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftravis-ci.org%2Fgvrose8192%2Fovs-experimental%2Fbuilds%2F552977116&data=02%7C01%7Celibr%40mellanox.com%7Cbf32e197198b4b90f2ee08d6ffcf8d0c%7Ca652971c7d2e4d9ba6a4d149256f461b%7C0%7C0%7C636977664222635681&sdata=ql1lx2EU18Fk%2BWIdTEzdlthtZb%2FazsOOT05TZc3t5f0%3D&reserved=0 >> >> Thanks William! >> >> Tested-by: Greg Rose <gvrose8192@gmail.com> >> Reviewed-by: Greg Rose <gvrose8192@gmail.com> Thanks William. Reviewed-by: Eli Britstein <elibr@mellanox.com> >> > Thanks for testing on different distributions. > --William > <snip>
On Mon, Jul 01, 2019 at 12:45:22PM -0700, William Tu wrote: > The patch adds ip6gre support. Tunnel type 'ip6gre' with packet_type= > legacy_l2 is a layer 2 GRE tunnel over IPv6, carrying inner ethernet packets > and encap with GRE header with outer IPv6 header. Encapsulation of layer 3 > packet over IPv6 GRE, ip6gre, is not supported yet. I tested it by running: > # make check-kernel TESTSUITEFLAGS='-k ip6gre' > under kernel 5.2 and for userspace: > # make check TESTSUITEFLAGS='-k ip6gre' > > Signed-off-by: William Tu <u9012063@gmail.com> Thanks. I applied this to master. Is this supported in the userspace datapath yet?
diff --git a/Documentation/faq/configuration.rst b/Documentation/faq/configuration.rst index cb2c6b4eca98..ff3b71a5d4ef 100644 --- a/Documentation/faq/configuration.rst +++ b/Documentation/faq/configuration.rst @@ -212,6 +212,19 @@ Q: Does Open vSwitch support ERSPAN? options:erspan_ver=2 options:erspan_dir=1 \ options:erspan_hwid=4 +Q: Does Open vSwitch support IPv6 GRE? + + A: Yes. L2 tunnel interface GRE over IPv6 is supported. + L3 GRE tunnel over IPv6 is not supported. + + :: + + $ ovs-vsctl add-br br0 + $ ovs-vsctl add-port br0 at_gre0 -- \ + set int at_gre0 type=ip6gre \ + options:remote_ip=fc00:100::1 \ + options:packet_type=legacy_l2 + Q: How do I connect two bridges? A: First, why do you want to do this? Two connected bridges are not much diff --git a/NEWS b/NEWS index a38ab258fc6c..c7e84ed7931d 100644 --- a/NEWS +++ b/NEWS @@ -47,6 +47,7 @@ Post-v2.11.0 - Linux datapath: * Support for the kernel versions 4.19.x and 4.20.x. * Support for the kernel version 5.0.x. + - Add L2 GRE tunnel over IPv6 support. v2.11.0 - 19 Feb 2019 diff --git a/datapath/linux/compat/ip6_gre.c b/datapath/linux/compat/ip6_gre.c index ca4e66133570..ab50c72d0753 100644 --- a/datapath/linux/compat/ip6_gre.c +++ b/datapath/linux/compat/ip6_gre.c @@ -2550,7 +2550,7 @@ static struct rtnl_link_ops ip6gre_link_ops __read_mostly = { }; static struct rtnl_link_ops ip6gre_tap_ops __read_mostly = { - .kind = "ip6gre", + .kind = "ip6gretap", .maxtype = RPL_IFLA_GRE_MAX, .policy = ip6gre_policy, .priv_size = sizeof(struct ip6_tnl), diff --git a/lib/dpif-netlink-rtnl.c b/lib/dpif-netlink-rtnl.c index 2e23a8c14fcf..582274c46774 100644 --- a/lib/dpif-netlink-rtnl.c +++ b/lib/dpif-netlink-rtnl.c @@ -104,7 +104,13 @@ vport_type_to_kind(enum ovs_vport_type type, case OVS_VPORT_TYPE_IP6ERSPAN: return "ip6erspan"; case OVS_VPORT_TYPE_IP6GRE: - return "ip6gre"; + if (tnl_cfg->pt_mode == NETDEV_PT_LEGACY_L2) { + return "ip6gretap"; + } else if (tnl_cfg->pt_mode == NETDEV_PT_LEGACY_L3) { + return NULL; + } else { + return NULL; + } case OVS_VPORT_TYPE_NETDEV: case OVS_VPORT_TYPE_INTERNAL: case OVS_VPORT_TYPE_LISP: diff --git a/tests/system-traffic.at b/tests/system-traffic.at index d23ee897b0b2..8ea450887076 100644 --- a/tests/system-traffic.at +++ b/tests/system-traffic.at @@ -340,6 +340,46 @@ NS_CHECK_EXEC([at_ns0], [ping -s 3200 -q -c 3 -i 0.3 -w 2 10.1.1.100 | FORMAT_PI OVS_TRAFFIC_VSWITCHD_STOP AT_CLEANUP +AT_SETUP([datapath - ping over ip6gre L2 tunnel]) +OVS_CHECK_KERNEL_EXCL(3, 10, 4, 15) +OVS_CHECK_GRE() +OVS_CHECK_ERSPAN() + +OVS_TRAFFIC_VSWITCHD_START() +ADD_BR([br-underlay]) + +AT_CHECK([ovs-ofctl add-flow br0 "actions=normal"]) +AT_CHECK([ovs-ofctl add-flow br-underlay "actions=normal"]) + +ADD_NAMESPACES(at_ns0) + +dnl Set up underlay link from host into the namespace using veth pair. +ADD_VETH(p0, at_ns0, br-underlay, "fc00:100::1/96", [], [], nodad) +AT_CHECK([ip addr add dev br-underlay "fc00:100::100/96" nodad]) +AT_CHECK([ip link set dev br-underlay up]) + +dnl Set up tunnel endpoints on OVS outside the namespace and with a native +dnl linux device inside the namespace. +ADD_OVS_TUNNEL6([ip6gre], [br0], [at_gre0], [fc00:100::1], [10.1.1.100/24], + [options:packet_type=legacy_l2]) +ADD_NATIVE_TUNNEL6([ip6gretap], [ns_gretap0], [at_ns0], [fc00:100::100], + [10.1.1.1/24], [local fc00:100::1]) + +OVS_WAIT_UNTIL([ip netns exec at_ns0 ping6 -c 2 fc00:100::100]) + +dnl First, check the underlay +NS_CHECK_EXEC([at_ns0], [ping6 -q -c 3 -i 0.3 -w 2 fc00:100::100 | FORMAT_PING], [0], [dnl +3 packets transmitted, 3 received, 0% packet loss, time 0ms +]) + +dnl Okay, now check the overlay with different packet sizes +NS_CHECK_EXEC([at_ns0], [ping -q -c 3 -i 0.3 -w 2 10.1.1.100 | FORMAT_PING], [0], [dnl +3 packets transmitted, 3 received, 0% packet loss, time 0ms +]) +OVS_TRAFFIC_VSWITCHD_STOP +AT_CLEANUP + + AT_SETUP([datapath - ping over erspan v1 tunnel]) OVS_CHECK_KERNEL_EXCL(3, 10, 4, 15) OVS_CHECK_GRE() diff --git a/tests/tunnel-push-pop-ipv6.at b/tests/tunnel-push-pop-ipv6.at index cbdd5a32f719..59723e63b845 100644 --- a/tests/tunnel-push-pop-ipv6.at +++ b/tests/tunnel-push-pop-ipv6.at @@ -1,5 +1,74 @@ AT_BANNER([tunnel_push_pop_ipv6]) +AT_SETUP([tunnel_push_pop_ipv6 - ip6gre]) + +OVS_VSWITCHD_START([add-port br0 p0 -- set Interface p0 type=dummy ofport_request=1 other-config:hwaddr=aa:55:aa:55:00:00]) +AT_CHECK([ovs-vsctl add-br int-br -- set bridge int-br datapath_type=dummy], [0]) +AT_CHECK([ovs-vsctl add-port int-br t2 -- set Interface t2 type=ip6gre \ + options:remote_ip=2001:cafe::92 ofport_request=2\ + options:packet_type=legacy_l2 + ], [0]) + +AT_CHECK([ovs-appctl dpif/show], [0], [dnl +dummy@ovs-dummy: hit:0 missed:0 + br0: + br0 65534/100: (dummy-internal) + p0 1/1: (dummy) + int-br: + int-br 65534/2: (dummy-internal) + t2 2/6: (ip6gre: remote_ip=2001:cafe::92) +]) + +dnl First setup dummy interface IP address, then add the route +dnl so that tnl-port table can get valid IP address for the device. +AT_CHECK([ovs-appctl netdev-dummy/ip6addr br0 2001:cafe::88/24], [0], [OK +]) +AT_CHECK([ovs-appctl netdev-dummy/ip4addr br0 1.1.2.88/24], [0], [OK +]) +AT_CHECK([ovs-appctl ovs/route/add 2001:cafe::92/24 br0], [0], [OK +]) + +AT_CHECK([ovs-ofctl add-flow br0 action=normal]) + +dnl Check Neighbour discovery. +AT_CHECK([ovs-vsctl -- set Interface p0 options:pcap=p0.pcap]) + +AT_CHECK([ovs-appctl netdev-dummy/receive int-br 'in_port(2),eth(src=aa:55:aa:55:00:00,dst=f8:bc:12:ff:ff:ff),eth_type(0x0800),ipv4(src=1.1.3.92,dst=1.1.3.88,proto=1,tos=0,ttl=64,frag=no),icmp(type=0,code=0)']) +AT_CHECK([ovs-pcap p0.pcap > p0.pcap.txt 2>&1]) + +AT_CHECK([cat p0.pcap.txt | grep 92aa55aa55000086dd6000000000203aff2001cafe | uniq], [0], [dnl +3333ff000092aa55aa55000086dd6000000000203aff2001cafe000000000000000000000088ff0200000000000000000001ff00009287004d48000000002001cafe0000000000000000000000920101aa55aa550000 +]) + +dnl +AT_CHECK([ovs-appctl netdev-dummy/receive p0 'in_port(1),eth(src=f8:bc:12:44:34:b6,dst=aa:55:aa:55:00:00),eth_type(0x86dd),ipv6(src=2001:cafe::92,dst=2001:cafe::88,label=0,proto=58,tclass=0,hlimit=255,frag=no),icmpv6(type=136,code=0),nd(target=2001:cafe::92,sll=00:00:00:00:00:00,tll=f8:bc:12:44:34:b6)']) + +AT_CHECK([ovs-appctl tnl/arp/show | tail -n+3 | sort], [0], [dnl +2001:cafe::92 f8:bc:12:44:34:b6 br0 +]) + +AT_CHECK([ovs-appctl tnl/ports/show |sort], [0], [dnl +Listening ports: +ip6gre_sys (6) ref_cnt=1 +]) + +dnl Check IPv6 GRE tunnel pop +AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(1),eth(src=f8:bc:12:44:34:b6,dst=aa:55:aa:55:00:00),eth_type(0x86dd),ipv6(src=2001:cafe::92,dst=2001:cafe::88,label=0,proto=47,tclass=0x0,hlimit=64)'], [0], [stdout]) +AT_CHECK([tail -1 stdout], [0], + [Datapath actions: tnl_pop(6) +]) + +dnl Check IPv6 GRE tunnel push +AT_CHECK([ovs-ofctl add-flow int-br action=2]) +AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(2),eth(src=f8:bc:12:44:34:b6,dst=aa:55:aa:55:00:01),eth_type(0x0800),ipv4(src=1.1.3.88,dst=1.1.3.112,proto=47,tos=0,ttl=64,frag=no)'], [0], [stdout]) + +AT_CHECK([tail -1 stdout], [0], + [Datapath actions: clone(tnl_push(tnl_port(6),header(size=58,type=109,eth(dst=f8:bc:12:44:34:b6,src=aa:55:aa:55:00:00,dl_type=0x86dd),ipv6(src=2001:cafe::88,dst=2001:cafe::92,label=0,proto=47,tclass=0x0,hlimit=64),gre((flags=0x0,proto=0x6558))),out_port(100)),1) +]) + +OVS_VSWITCHD_STOP +AT_CLEANUP + AT_SETUP([tunnel_push_pop_ipv6 - ip6erspan]) OVS_VSWITCHD_START([add-port br0 p0 -- set Interface p0 type=dummy ofport_request=1 other-config:hwaddr=aa:55:aa:55:00:00]) diff --git a/vswitchd/vswitch.xml b/vswitchd/vswitch.xml index bf4b6f8dc621..d143bcc06a2b 100644 --- a/vswitchd/vswitch.xml +++ b/vswitchd/vswitch.xml @@ -2561,10 +2561,16 @@ <dt><code>gre</code></dt> <dd> - Generic Routing Encapsulation (GRE) over IPv4/IPv6 tunnel, + Generic Routing Encapsulation (GRE) over IPv4 tunnel, configurable to encapsulate layer 2 or layer 3 traffic. </dd> + <dt><code>ip6gre</code></dt> + <dd> + Generic Routing Encapsulation (GRE) over IPv6 tunnel, + encapsulate layer 2 traffic. + </dd> + <dt><code>vxlan</code></dt> <dd> <p> @@ -2623,8 +2629,8 @@ <group title="Tunnel Options"> <p> These options apply to interfaces with <ref column="type"/> of - <code>geneve</code>, <code>gre</code>, <code>vxlan</code>, - <code>lisp</code> and <code>stt</code>. + <code>geneve</code>, <code>gre</code>, <code>ip6gre</code>, + <code>vxlan</code>, <code>lisp</code> and <code>stt</code>. </p> <p> @@ -2921,10 +2927,10 @@ </column> </group> - <group title="Tunnel Options: gre, geneve, and vxlan"> + <group title="Tunnel Options: gre, ip6gre, geneve, and vxlan"> <p> - <code>gre</code>, <code>geneve</code>, and - <code>vxlan</code> interfaces support these options. + <code>gre</code>, <code>ip6gre</code>, <code>geneve</code>, + and <code>vxlan</code> interfaces support these options. </p> <column name="options" key="csum" type='{"type": "boolean"}'> @@ -2938,8 +2944,9 @@ <p> When using the upstream Linux kernel module, computation of checksums for <code>geneve</code> and <code>vxlan</code> requires - Linux kernel version 4.0 or higher. <code>gre</code> supports - checksums for all versions of Open vSwitch that support GRE. + Linux kernel version 4.0 or higher. <code>gre</code> and + <code>ip6gre</code> support checksums for all versions of + Open vSwitch that support GRE. The out of tree kernel module distributed as part of OVS can compute all tunnel checksums on any kernel version that it is compatible with. @@ -2951,10 +2958,11 @@ <group title="Tunnel Options: IPsec"> <p> Setting any of these options enables IPsec support for a given - tunnel. <code>gre</code>, <code>geneve</code>, <code>vxlan</code>, - and <code>stt</code> interfaces support these options. See the - <code>IPsec</code> section in the <ref table="Open_vSwitch"/> table - for a description of each mode. + tunnel. <code>gre</code>, <code>ip6gre</code>, + <code>geneve</code>, <code>vxlan</code> and <code>stt</code> + interfaces support these options. See the <code>IPsec</code> + section in the <ref table="Open_vSwitch"/> table for a description + of each mode. </p> <column name="options" key="psk" type='{"type": "string"}'> <p>
The patch adds ip6gre support. Tunnel type 'ip6gre' with packet_type= legacy_l2 is a layer 2 GRE tunnel over IPv6, carrying inner ethernet packets and encap with GRE header with outer IPv6 header. Encapsulation of layer 3 packet over IPv6 GRE, ip6gre, is not supported yet. I tested it by running: # make check-kernel TESTSUITEFLAGS='-k ip6gre' under kernel 5.2 and for userspace: # make check TESTSUITEFLAGS='-k ip6gre' Signed-off-by: William Tu <u9012063@gmail.com> --- v1-v2 - rebase to master v2-v3 - update documentation suggested by Eli v3-v4 - squash Eli's documentation v4-v5 - remove using 'ip6gretap', use only 'ip6gre' with options:packet_type=legacy_l2 --- Documentation/faq/configuration.rst | 13 +++++++ NEWS | 1 + datapath/linux/compat/ip6_gre.c | 2 +- lib/dpif-netlink-rtnl.c | 8 ++++- tests/system-traffic.at | 40 +++++++++++++++++++++ tests/tunnel-push-pop-ipv6.at | 69 +++++++++++++++++++++++++++++++++++++ vswitchd/vswitch.xml | 32 ++++++++++------- 7 files changed, 151 insertions(+), 14 deletions(-)