[ovs-discuss] GRE over IPv6 configuration

Gregory Rose gvrose8192 at gmail.com
Thu Jun 6 16:33:00 UTC 2019


On 6/5/2019 11:52 PM, Eli Britstein wrote:
> On 6/5/2019 9:04 PM, Gregory Rose wrote:
>>
>> On 6/5/2019 10:31 AM, Eli Britstein wrote:
>>> On 6/5/2019 8:11 PM, Gregory Rose wrote:
>>>> On 6/4/2019 8:13 AM, Eli Britstein wrote:
>>>>> Hello,
>>>>>
>>>>> I would like to configure a GRE tunnel over IPv6, on a Linux system.
>>>> Which Linux system?  Distro, kernel version, etc?
>>> Fedora 28.
>>>
>>> Kernel upstream, currently 5.2-rc2.
>>>
>>> My commands are the same as yours. I tried with local_ip and without,
>>> but it doesn't matter.
>>>
>>> I think the kernel doesn't have the OVS_VPORT_TYPE_IP6GRE supported. I
>>> saw it only in OVS tree, in datapath/linux/compat/ip6_gre.c, but I don't
>>> know how to compile this one and install. I tried with --with-linux and
>>> --with-linux-source, but it says it is supported only up to 4.20.x. I
>>> compiled against 4.16, but only the openvswitch.ko was compiled (and
>>> successfully loaded), but not ip6_gre.ko.
>>>
>>> Any ideas?
>> Yes, I see the problem.  The out of tree driver support for ip6 gre
>> ends at Linux kernel version
>> 4.11.  After that the Linux kernel in-tree drivers would be used and
>> apparently they're not working
>> correctly for upstream kernel 4.16 or 5.2.  And as you can see, even
>> for 4.16 the out of tree OVS kernel
>> drivers would still try to use the built-in Linux kernel tunnels
>> rather than our vport ip6gre tunnel.
> Were is that decision taken? the only place I saw with KERNEL_VERSION is
> this, but I don't think this is it.

Check to see if USE_UPSTREAM_TUNNEL is defined in 
../datapath/linux/kcompat.h in your build directory.
It's not really dependent on the exact kernel version but instead checks 
some headers to see if the
necessary tunneling features are present in the kernel the modules are 
being built against.  You can
see the directives in acinclude.m4.

>
> datapath/linux/compat/include/net/netfilter/ipv6/nf_defrag_ipv6.h:15:#if
> LINUX_VERSION_CODE < KERNEL_VERSION(4,11,0)
>
> Though I would really want it to work on upstream kernel, I gave it a
> try, but it didn't work either:
>
> Installed Fedora 24, with kernel 4.5.5.
>
> # ovs-vsctl add-port br1 gre6 -- set interface gre6 type=ip6gre
> options:key=55 options:remote_ip=2001:db8:0:f102::f0
> ovs-vsctl: Error detected while setting up 'gre6': could not add network
> device gre6 to ofproto (Address family not supported by protocol).  See
> ovs-vswitchd log for details.
> ovs-vsctl: The default log directory is "/var/log/openvswitch".
> # uname -a
> Linux dev-r-vrt-214-011.mtr.labs.mlnx 4.5.5-300.fc24.x86_64 #1 SMP Thu
> May 19 13:05:32 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux

Really.  Well, that is odd.  Are you working from the master branch?  I 
don't have a 4.5 kernel handy
but I can certainly check against the 4.4 kernel on Ubuntu 16.  I'll go 
see if something has broken.

>
>> So you are correct in that the 4.16 and 5.2 kernels do not have
>> OVS_VPORT_TYPE_IP6GRE support.  You
>> can use the user space OVS tunnels instead or you can create a native
>> Linux ip6gre tunnel using the 'ip'
>> command and then add that port to your OVS bridge.
> I see. However, if I understand this correctly, the ip6gretap device I
> create using "ip" is not "external" (collect metadata), and would not
> behave as a ip6gre device for OVS.

Right, you're correct about that.  There is a way to use a LWT using bpf 
but it's a bit complicated.

> I wanted to have that setup working in order to apply and test similar
> commit as the below to IPv6 setup, to enable offloads.
>
> 5e63eaa969a3 netdev-vport: Make gre netdev type to use TC rules
>
> I still don't understand what should be integrated into the Linux kernel
> tree, and how. Could you please advise?

As I pointed out above the keyword would be USE_UPSTREAM_TUNNEL in the 
build directory kcompat.h
header.  I'm going to go try this out myself because it should be 
working - or it was last time I checked.
Things can get broken I suppose but I'll get back to you on my finding.

Thanks,

- Greg

>
> Thanks, Eli
>
>> Thanks,
>>
>> - Greg
>>
>>>> Thanks,
>>>>
>>>> - Greg
>>>>
>>>>> However, I encounter the following:
>>>>>
>>>>> My command:
>>>>> ovs-vsctl add-port br1 gre6 -- set interface gre6 type=ip6gre
>>>>> options:remote_ip= 2001:db8:0:f102::11 options:key=55
>>>>>
>>>>> Output:
>>>>> ovs-vsctl: Error detected while setting up 'gre6': could not add
>>>>> network
>>>>> device gre6 to ofproto (Address family not supported by protocol).
>>>>> See
>>>>> ovs-vswitchd log for details.
>>>>> ovs-vsctl: The default log directory is "/var/log/openvswitch".
>>>>>
>>>>> In the log:
>>>>> bridge|WARN|could not add network device gre6 to ofproto (Address
>>>>> family
>>>>> not supported by protocol)
>>>>>
>>>>> I notice that if I want to define a ip6gretap with “ip link”, there
>>>>> is a
>>>>> need to use “-6” option, to set the correct family.
>>>>>
>>>>> Is there a way to note the correct family (though I think should be
>>>>> implicit by “ip6gre”)? Or maybe some other configuration?
>>>>>
>>>>> Thanks,
>>>>> Eli
>>>>>
>>>>> _______________________________________________
>>>>> discuss mailing list
>>>>> discuss at openvswitch.org
>>>>> https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmail.openvswitch.org%2Fmailman%2Flistinfo%2Fovs-discuss&amp;data=02%7C01%7Celibr%40mellanox.com%7C8b78909daa4243c57fa608d6e9e04624%7Ca652971c7d2e4d9ba6a4d149256f461b%7C0%7C0%7C636953546792070660&amp;sdata=gIl3a4JFXoIvLjZ1MQPn4irIgQHYoGvcaVrYXxxYl2E%3D&amp;reserved=0
>>>>>
>>>>>



More information about the discuss mailing list