ipv6: sr: add support for SRH encapsulation and injection with lwtunnels
This patch creates a new type of interfaceless lightweight tunnel (SEG6), enabling the encapsulation and injection of SRH within locally emitted packets and forwarded packets. >From a configuration viewpoint, a seg6 tunnel would be configured as follows: ip -6 ro ad fc00::1/128 encap seg6 mode encap segs fc42::1,fc42::2,fc42::3 dev eth0 Any packet whose destination address is fc00::1 would thus be encapsulated within an outer IPv6 header containing the SRH with three segments, and would actually be routed to the first segment of the list. If `mode inline' was specified instead of `mode encap', then the SRH would be directly inserted after the IPv6 header without outer encapsulation. The inline mode is only available if CONFIG_IPV6_SEG6_INLINE is enabled. This feature was made configurable because direct header insertion may break several mechanisms such as PMTUD or IPSec AH. Signed-off-by: David Lebrun <david.lebrun@uclouvain.be> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
David Lebrun
committed by
David S. Miller
David S. Miller
parent
915d7e5e59
commit
6c8702c60b
@@ -26,6 +26,43 @@
|
||||
#include <linux/seg6.h>
|
||||
#include <linux/seg6_genl.h>
|
||||
|
||||
bool seg6_validate_srh(struct ipv6_sr_hdr *srh, int len)
|
||||
{
|
||||
int trailing;
|
||||
unsigned int tlv_offset;
|
||||
|
||||
if (srh->type != IPV6_SRCRT_TYPE_4)
|
||||
return false;
|
||||
|
||||
if (((srh->hdrlen + 1) << 3) != len)
|
||||
return false;
|
||||
|
||||
if (srh->segments_left != srh->first_segment)
|
||||
return false;
|
||||
|
||||
tlv_offset = sizeof(*srh) + ((srh->first_segment + 1) << 4);
|
||||
|
||||
trailing = len - tlv_offset;
|
||||
if (trailing < 0)
|
||||
return false;
|
||||
|
||||
while (trailing) {
|
||||
struct sr6_tlv *tlv;
|
||||
unsigned int tlv_len;
|
||||
|
||||
tlv = (struct sr6_tlv *)((unsigned char *)srh + tlv_offset);
|
||||
tlv_len = sizeof(*tlv) + tlv->len;
|
||||
|
||||
trailing -= tlv_len;
|
||||
if (trailing < 0)
|
||||
return false;
|
||||
|
||||
tlv_offset += tlv_len;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
static struct genl_family seg6_genl_family;
|
||||
|
||||
static const struct nla_policy seg6_genl_policy[SEG6_ATTR_MAX + 1] = {
|
||||
@@ -198,10 +235,16 @@ int __init seg6_init(void)
|
||||
if (err)
|
||||
goto out_unregister_genl;
|
||||
|
||||
err = seg6_iptunnel_init();
|
||||
if (err)
|
||||
goto out_unregister_pernet;
|
||||
|
||||
pr_info("Segment Routing with IPv6\n");
|
||||
|
||||
out:
|
||||
return err;
|
||||
out_unregister_pernet:
|
||||
unregister_pernet_subsys(&ip6_segments_ops);
|
||||
out_unregister_genl:
|
||||
genl_unregister_family(&seg6_genl_family);
|
||||
goto out;
|
||||
@@ -209,6 +252,7 @@ out_unregister_genl:
|
||||
|
||||
void seg6_exit(void)
|
||||
{
|
||||
seg6_iptunnel_exit();
|
||||
unregister_pernet_subsys(&ip6_segments_ops);
|
||||
genl_unregister_family(&seg6_genl_family);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user