[ovs-dev] [PATCH v2] tunneling: Disable IPv6 tunnel

Pravin B Shelar pshelar at ovn.org
Thu Feb 11 09:05:16 UTC 2016 

There are multiple issues in IPv6 userspace tunnel
implementation. Even the kernel module that ships with
2.5 does not support IPv6 tunneling. There is not
enough time to get all fixes in branch-2.5. So it make
sense to disable the support on 2.5.

Signed-off-by: Pravin B Shelar <pshelar at ovn.org>
---
 lib/netdev-vport.c            |   8 +++
 ofproto/tunnel.c              |   8 +++
 tests/tunnel-push-pop-ipv6.at | 142 ++----------------------------------------
 3 files changed, 20 insertions(+), 138 deletions(-)

diff --git a/lib/netdev-vport.c b/lib/netdev-vport.c
index 88f5022..2234de7 100644
--- a/lib/netdev-vport.c
+++ b/lib/netdev-vport.c
@@ -503,6 +503,10 @@ set_tunnel_config(struct netdev *dev_, const struct smap *args)
                           name, node->value);
                 return EINVAL;
             }
+            if (dst_proto == ETH_TYPE_IPV6) {
+                VLOG_WARN("%s: IPv6 'remote_ip' is not supported", name);
+                return EOPNOTSUPP;
+            }
         } else if (!strcmp(node->key, "local_ip")) {
             int err;
             err = parse_tunnel_ip(node->value, true, &tnl_cfg.ip_src_flow,
@@ -512,6 +516,10 @@ set_tunnel_config(struct netdev *dev_, const struct smap *args)
                 VLOG_WARN("%s: bad %s 'local_ip'", name, type);
                 break;
             }
+            if (src_proto == ETH_TYPE_IPV6) {
+                VLOG_WARN("%s: IPv6 'local_ip' is not supported", name);
+                return EOPNOTSUPP;
+            }
         } else if (!strcmp(node->key, "tos")) {
             if (!strcmp(node->value, "inherit")) {
                 tnl_cfg.tos_inherit = true;
diff --git a/ofproto/tunnel.c b/ofproto/tunnel.c
index 24b717a..a63cf71 100644
--- a/ofproto/tunnel.c
+++ b/ofproto/tunnel.c
@@ -427,6 +427,14 @@ tnl_port_send(const struct ofport_dpif *ofport, struct flow *flow,
             flow->tunnel.ipv6_dst = tnl_port->match.ipv6_dst;
         }
     }
+    if (ipv6_addr_is_set(&flow->tunnel.ipv6_dst) ||
+        ipv6_addr_is_set(&flow->tunnel.ipv6_src)) {
+        out_port = ODPP_NONE;
+        VLOG_WARN_RL(&rl, "port (%s): IPv6 tunnel endpoint is not supported",
+                     netdev_get_name(tnl_port->netdev));
+        goto out;
+    }
+
     flow->pkt_mark = tnl_port->match.pkt_mark;
 
     if (!cfg->out_key_flow) {
diff --git a/tests/tunnel-push-pop-ipv6.at b/tests/tunnel-push-pop-ipv6.at
index 8f6506a..d3b09b8 100644
--- a/tests/tunnel-push-pop-ipv6.at
+++ b/tests/tunnel-push-pop-ipv6.at
@@ -10,144 +10,10 @@ AT_CHECK([ovs-vsctl add-port int-br t2 -- set Interface t2 type=vxlan \
                        options:remote_ip=2001:cafe::92 options:key=456 ofport_request=3\
                     -- add-port int-br t3 -- set Interface t3 type=vxlan \
                        options:remote_ip=2001:cafe::93 options:out_key=flow options:csum=true ofport_request=4\
-                    -- add-port int-br t4 -- set Interface t4 type=geneve \
-                       options:remote_ip=flow options:key=123 ofport_request=5\
-                       ], [0])
-
-AT_CHECK([ovs-appctl dpif/show], [0], [dnl
-dummy at ovs-dummy: hit:0 missed:0
-	br0:
-		br0 65534/100: (dummy)
-		p0 1/1: (dummy)
-	int-br:
-		int-br 65534/2: (dummy)
-		t1 3/3: (gre: key=456, remote_ip=2001:cafe::92)
-		t2 2/4789: (vxlan: key=123, remote_ip=2001:cafe::92)
-		t3 4/4789: (vxlan: csum=true, out_key=flow, remote_ip=2001:cafe::93)
-		t4 5/6081: (geneve: key=123, remote_ip=flow)
-])
-
-dnl First setup dummy interface IP address, then add the route
-dnl so that tnl-port table can get valid IP address for the device.
-AT_CHECK([ovs-appctl netdev-dummy/ip6addr br0 2001:cafe::88/24], [0], [OK
-])
-AT_CHECK([ovs-appctl ovs/route/add 2001:cafe::92/24 br0], [0], [OK
-])
-
-AT_CHECK([ovs-ofctl add-flow br0 action=normal])
-
-dnl Check ARP Snoop
-AT_CHECK([ovs-appctl tnl/arp/set br0 2001:cafe::92 f8:bc:12:44:34:b6], [0], [OK
-])
-AT_CHECK([ovs-appctl tnl/arp/set br0 2001:cafe::93 f8:bc:12:44:34:b7], [0], [OK
-])
-
-AT_CHECK([ovs-appctl tnl/arp/show], [0], [dnl
-IP                                            MAC                 Bridge
-==========================================================================
-2001:cafe::92                                 f8:bc:12:44:34:b6   br0
-2001:cafe::93                                 f8:bc:12:44:34:b7   br0
-])
-
-AT_CHECK([ovs-appctl tnl/ports/show |sort], [0], [dnl
-Listening ports:
-genev_sys_6081 (6081)
-gre_sys (3)
-vxlan_sys_4789 (4789)
-])
-
-dnl Check VXLAN tunnel pop
-AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(1),eth(src=f8:bc:12:44:34:b6,dst=aa:55:aa:55:00:00),eth_type(0x86dd),ipv6(src=2001:cafe::92,dst=2001:cafe::88,label=0,proto=17,tclass=0x0,hlimit=64),udp(src=51283,dst=4789)'], [0], [stdout])
-AT_CHECK([tail -1 stdout], [0],
-  [Datapath actions: tnl_pop(4789)
-])
-
-dnl Check GRE tunnel pop
-AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(1),eth(src=f8:bc:12:44:34:b6,dst=aa:55:aa:55:00:00),eth_type(0x86dd),ipv6(src=2001:cafe::92,dst=2001:cafe::88,label=0,proto=47,tclass=0x0,hlimit=64)'], [0], [stdout])
-AT_CHECK([tail -1 stdout], [0],
-  [Datapath actions: tnl_pop(3)
-])
-
-dnl Check Geneve tunnel pop
-AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(1),eth(src=f8:bc:12:44:34:b6,dst=aa:55:aa:55:00:00),eth_type(0x86dd),ipv6(src=2001:cafe::92,dst=2001:cafe::88,label=0,proto=17,tclass=0x0,hlimit=64),udp(src=51283,dst=6081)'], [0], [stdout])
-AT_CHECK([tail -1 stdout], [0],
-  [Datapath actions: tnl_pop(6081)
-])
-
-dnl Check VXLAN tunnel push
-AT_CHECK([ovs-ofctl add-flow int-br action=2])
-AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(2),eth_type(0x0800),ipv4(src=1.1.3.88,dst=1.1.3.112,proto=47,tos=0,ttl=64,frag=no)'], [0], [stdout])
-AT_CHECK([tail -1 stdout], [0],
-  [Datapath actions: tnl_push(tnl_port(4789),header(size=70,type=4,eth(dst=f8:bc:12:44:34:b6,src=aa:55:aa:55:00:00,dl_type=0x86dd),ipv6(src=2001:cafe::88,dst=2001:cafe::92,label=0,proto=17,tclass=0x0,hlimit=64),udp(src=0,dst=4789,csum=0xffff),vxlan(flags=0x8000000,vni=0x7b)),out_port(100))
-])
-
-dnl Check VXLAN tunnel push set tunnel id by flow and checksum
-AT_CHECK([ovs-ofctl add-flow int-br "actions=set_tunnel:124,4"])
-AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(2),eth_type(0x0800),ipv4(src=1.1.3.88,dst=1.1.3.112,proto=47,tos=0,ttl=64,frag=no)'], [0], [stdout])
-AT_CHECK([tail -1 stdout], [0],
-  [Datapath actions: tnl_push(tnl_port(4789),header(size=70,type=4,eth(dst=f8:bc:12:44:34:b7,src=aa:55:aa:55:00:00,dl_type=0x86dd),ipv6(src=2001:cafe::88,dst=2001:cafe::93,label=0,proto=17,tclass=0x0,hlimit=64),udp(src=0,dst=4789,csum=0xffff),vxlan(flags=0x8000000,vni=0x7c)),out_port(100))
-])
-
-dnl Check GRE tunnel push
-AT_CHECK([ovs-ofctl add-flow int-br action=3])
-AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(2),eth_type(0x0800),ipv4(src=1.1.3.88,dst=1.1.3.112,proto=47,tos=0,ttl=64,frag=no)'], [0], [stdout])
-AT_CHECK([tail -1 stdout], [0],
-  [Datapath actions: tnl_push(tnl_port(3),header(size=62,type=3,eth(dst=f8:bc:12:44:34:b6,src=aa:55:aa:55:00:00,dl_type=0x86dd),ipv6(src=2001:cafe::88,dst=2001:cafe::92,label=0,proto=47,tclass=0x0,hlimit=64),gre((flags=0x2000,proto=0x6558),key=0x1c8)),out_port(100))
-])
-
-dnl Check Geneve tunnel push
-AT_CHECK([ovs-ofctl add-flow int-br "actions=set_field:2001:cafe::92->tun_ipv6_dst,5"])
-AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(2),eth_type(0x0800),ipv4(src=1.1.3.88,dst=1.1.3.112,proto=47,tos=0,ttl=64,frag=no)'], [0], [stdout])
-AT_CHECK([tail -1 stdout], [0],
-  [Datapath actions: tnl_push(tnl_port(6081),header(size=70,type=5,eth(dst=f8:bc:12:44:34:b6,src=aa:55:aa:55:00:00,dl_type=0x86dd),ipv6(src=2001:cafe::88,dst=2001:cafe::92,label=0,proto=17,tclass=0x0,hlimit=64),udp(src=0,dst=6081,csum=0xffff),geneve(vni=0x7b)),out_port(100))
-])
-
-dnl Check Geneve tunnel push with options
-AT_CHECK([ovs-ofctl add-tlv-map int-br "{class=0xffff,type=0x80,len=4}->tun_metadata0"])
-AT_CHECK([ovs-ofctl add-flow int-br "actions=set_field:2001:cafe::92->tun_ipv6_dst,set_field:0xa->tun_metadata0,5"])
-AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(2),eth_type(0x0800),ipv4(src=1.1.3.88,dst=1.1.3.112,proto=47,tos=0,ttl=64,frag=no)'], [0], [stdout])
-AT_CHECK([tail -1 stdout], [0],
-  [Datapath actions: tnl_push(tnl_port(6081),header(size=78,type=5,eth(dst=f8:bc:12:44:34:b6,src=aa:55:aa:55:00:00,dl_type=0x86dd),ipv6(src=2001:cafe::88,dst=2001:cafe::92,label=0,proto=17,tclass=0x0,hlimit=64),udp(src=0,dst=6081,csum=0xffff),geneve(crit,vni=0x7b,options({class=0xffff,type=0x80,len=4,0xa}))),out_port(100))
-])
-
-dnl Check decapsulation of GRE packet
-AT_CHECK([ovs-appctl netdev-dummy/receive p0 'aa55aa550000001b213cab6486dd60000000006a2f402001cafe0000000000000000000000922001cafe00000000000000000000008820006558000001c8fe71d883724fbeb6f4e1494a080045000054ba200000400184861e0000011e00000200004227e75400030af3195500000000f265010000000000101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031323334353637'])
-ovs-appctl time/warp 1000
-
-AT_CHECK([ovs-ofctl dump-ports int-br | grep 'port  3'], [0], [dnl
-  port  3: rx pkts=1, bytes=98, drop=0, errs=0, frame=0, over=0, crc=0
-])
-
-dnl Check GRE only accepts encapsulated Ethernet frames
-AT_CHECK([ovs-appctl netdev-dummy/receive p0 'aa55aa550000001b213cab6486dd60000000006a2f402001cafe0000000000000000000000922001cafe00000000000000000000008820000800000001c8fe71d883724fbeb6f4e1494a080045000054ba200000400184861e0000011e00000200004227e75400030af3195500000000f265010000000000101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031323334353637'])
-ovs-appctl time/warp 1000
-
-AT_CHECK([ovs-ofctl dump-ports int-br | grep 'port  3'], [0], [dnl
-  port  3: rx pkts=1, bytes=98, drop=0, errs=0, frame=0, over=0, crc=0
-])
-
-dnl Check decapsulation of Geneve packet with options
-AT_CAPTURE_FILE([ofctl_monitor.log])
-AT_CHECK([ovs-ofctl monitor int-br 65534 --detach --no-chdir --pidfile 2> ofctl_monitor.log])
-
-AT_CHECK([ovs-ofctl del-flows int-br])
-AT_CHECK([ovs-ofctl add-flow int-br "tun_metadata0=0xa/0xf,actions=5,controller"])
-AT_CHECK([ovs-appctl netdev-dummy/receive p0 'aa55aa550000001b213cab6486dd60000000008211402001cafe0000000000000000000000922001cafe000000000000000000000088308817c1008200000400655800007b00ffff80010000000affff00010000000bfe71d883724fbeb6f4e1494a080045000054ba200000400184861e0000011e00000200004227e75400030af3195500000000f265010000000000101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031323334353637'])
-
-OVS_WAIT_UNTIL([test `wc -l < ofctl_monitor.log` -ge 2])
-OVS_APP_EXIT_AND_WAIT(ovs-ofctl)
-
-AT_CHECK([cat ofctl_monitor.log], [0], [dnl
-NXT_PACKET_IN (xid=0x0): cookie=0x0 total_len=98 tun_id=0x7b,tun_ipv6_src=2001:cafe::92,tun_ipv6_dst=2001:cafe::88,tun_metadata0=0xa,in_port=5 (via action) data_len=98 (unbuffered)
-icmp,vlan_tci=0x0000,dl_src=be:b6:f4:e1:49:4a,dl_dst=fe:71:d8:83:72:4f,nw_src=30.0.0.1,nw_dst=30.0.0.2,nw_tos=0,nw_ecn=0,nw_ttl=64,icmp_type=0,icmp_code=0 icmp_csum:4227
-])
-
-AT_CHECK([ovs-ofctl dump-ports int-br | grep 'port  5'], [0], [dnl
-  port  5: rx pkts=1, bytes=98, drop=0, errs=0, frame=0, over=0, crc=0
-])
-AT_CHECK([ovs-appctl dpif/dump-flows int-br], [0], [dnl
-tunnel(tun_id=0x7b,ipv6_src=2001:cafe::92,ipv6_dst=2001:cafe::88,geneve({class=0xffff,type=0x80,len=4,0xa/0xf}{class=0xffff,type=0,len=4}),flags(-df-csum+key)),skb_mark(0),recirc_id(0),in_port(6081),eth_type(0x0800),ipv4(frag=no), packets:0, bytes:0, used:never, actions:userspace(pid=0,slow_path(controller))
+                       ], [0], [], [dnl
+ovs-vsctl: Error detected while setting up 't2', 't1', 't3'.  See ovs-vswitchd log for details.
 ])
 
-OVS_VSWITCHD_STOP
+OVS_VSWITCHD_STOP(["/remote_ip/d
+/could not set configuration/d"])
 AT_CLEANUP
-- 
1.8.3.1

More information about the dev mailing list