From d067cab35c4b4600fe77547210cc8870d2c4d135 Mon Sep 17 00:00:00 2001 From: David Anderson Date: Tue, 6 Nov 2018 21:27:09 -0800 Subject: [PATCH 1/3] networkd: support 6rd tunnel netdev setup. --- man/systemd.netdev.xml | 20 +++++++++++ src/network/netdev/netdev-gperf.gperf | 1 + src/network/netdev/tunnel.c | 48 +++++++++++++++++++++++++++ src/network/netdev/tunnel.h | 6 ++++ 4 files changed, 75 insertions(+) diff --git a/man/systemd.netdev.xml b/man/systemd.netdev.xml index 11baf3c4c7..3a60b99ee3 100644 --- a/man/systemd.netdev.xml +++ b/man/systemd.netdev.xml @@ -911,6 +911,14 @@ Accepts the same key as [FooOverUDP] + + IPv6RapidDeploymentPrefix= + + Reconfigure the tunnel for IPv6 Rapid + Deployment, also known as 6rd. The value is an ISP-specific IPv6 prefix with a non-zero length. Only + applicable to SIT tunnels. + + @@ -1519,6 +1527,18 @@ Local=10.65.223.238 Remote=10.65.223.239 + + /etc/systemd/network/25-6rd.netdev + [NetDev] +Name=6rd-tun +Kind=sit +MTUBytes=1480 + +[Tunnel] +Local=10.65.223.238 +IPv6RapidDeploymentPrefix=2602::/24 + + /etc/systemd/network/25-gre.netdev [NetDev] diff --git a/src/network/netdev/netdev-gperf.gperf b/src/network/netdev/netdev-gperf.gperf index 61d73e15ff..be7f004d63 100644 --- a/src/network/netdev/netdev-gperf.gperf +++ b/src/network/netdev/netdev-gperf.gperf @@ -70,6 +70,7 @@ Tunnel.FooOverUDP, config_parse_bool, 0, Tunnel.FOUDestinationPort, config_parse_ip_port, 0, offsetof(Tunnel, fou_destination_port) Tunnel.FOUSourcePort, config_parse_ip_port, 0, offsetof(Tunnel, encap_src_port) Tunnel.Encapsulation, config_parse_fou_encap_type, 0, offsetof(Tunnel, fou_encap_type) +Tunnel.IPv6RapidDeploymentPrefix, config_parse_6rd_prefix, 0, 0 FooOverUDP.Protocol, config_parse_uint8, 0, offsetof(FouTunnel, fou_protocol) FooOverUDP.Encapsulation, config_parse_fou_encap_type, 0, offsetof(FouTunnel, fou_encap_type) FooOverUDP.Port, config_parse_ip_port, 0, offsetof(FouTunnel, port) diff --git a/src/network/netdev/tunnel.c b/src/network/netdev/tunnel.c index 826c7088fe..3464d8b7f5 100644 --- a/src/network/netdev/tunnel.c +++ b/src/network/netdev/tunnel.c @@ -114,6 +114,18 @@ static int netdev_sit_fill_message_create(NetDev *netdev, Link *link, sd_netlink if (r < 0) return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_PMTUDISC attribute: %m"); + if (t->sixrd_prefixlen > 0) { + r = sd_netlink_message_append_in6_addr(m, IFLA_IPTUN_6RD_PREFIX, &t->sixrd_prefix); + if (r < 0) + return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_6RD_PREFIX attribute: %m"); + /* u16 is deliberate here, even though we're passing a netmask that can never be >128. The kernel is + * expecting to receive the prefixlen as a u16. + */ + r = sd_netlink_message_append_u16(m, IFLA_IPTUN_6RD_PREFIXLEN, t->sixrd_prefixlen); + if (r < 0) + return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_6RD_PREFIXLEN attribute: %m"); + } + return r; } @@ -617,6 +629,42 @@ int config_parse_encap_limit(const char* unit, return 0; } +int config_parse_6rd_prefix(const char* unit, + const char *filename, + unsigned line, + const char *section, + unsigned section_line, + const char *lvalue, + int ltype, + const char *rvalue, + void *data, + void *userdata) { + Tunnel *t = userdata; + + assert(filename); + assert(lvalue); + assert(rvalue); + + union in_addr_union p; + uint8_t l; + int r; + + r = in_addr_prefix_from_string(rvalue, AF_INET6, &p, &l); + if (r < 0) { + log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse 6rd prefix \"%s\", ignoring: %m", rvalue); + return 0; + } + if (l == 0) { + log_syntax(unit, LOG_ERR, filename, line, 0, "6rd prefix length of \"%s\" must be greater than zero, ignoring", rvalue); + return 0; + } + + t->sixrd_prefix = p.in6; + t->sixrd_prefixlen = l; + + return 0; +} + static void ipip_init(NetDev *n) { Tunnel *t = IPIP(n); diff --git a/src/network/netdev/tunnel.h b/src/network/netdev/tunnel.h index 40ddb1c043..24721e87cd 100644 --- a/src/network/netdev/tunnel.h +++ b/src/network/netdev/tunnel.h @@ -3,6 +3,7 @@ #include "in-addr-util.h" +#include "conf-parser.h" #include "netdev/netdev.h" #include "netdev/fou-tunnel.h" @@ -50,6 +51,9 @@ typedef struct Tunnel { uint16_t encap_src_port; uint16_t fou_destination_port; + + struct in6_addr sixrd_prefix; + uint8_t sixrd_prefixlen; } Tunnel; DEFINE_NETDEV_CAST(IPIP, Tunnel); @@ -108,3 +112,5 @@ int config_parse_tunnel_key(const char *unit, const char *filename, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); + +CONFIG_PARSER_PROTOTYPE(config_parse_6rd_prefix); From 6e42bd5504034d0a0572a5e910230d5389c1b6d4 Mon Sep 17 00:00:00 2001 From: David Anderson Date: Tue, 6 Nov 2018 21:33:15 -0800 Subject: [PATCH 2/3] Add 6rd directive to the netdev fuzzing corpus. --- test/fuzz/fuzz-netdev-parser/25-6rd-tunnel.netdev | 8 ++++++++ test/fuzz/fuzz-netdev-parser/directives.netdev | 1 + 2 files changed, 9 insertions(+) create mode 100644 test/fuzz/fuzz-netdev-parser/25-6rd-tunnel.netdev diff --git a/test/fuzz/fuzz-netdev-parser/25-6rd-tunnel.netdev b/test/fuzz/fuzz-netdev-parser/25-6rd-tunnel.netdev new file mode 100644 index 0000000000..252abf5278 --- /dev/null +++ b/test/fuzz/fuzz-netdev-parser/25-6rd-tunnel.netdev @@ -0,0 +1,8 @@ +[NetDev] +Name=6rdtun99 +Kind=sit + +[Tunnel] +Local=10.65.223.238 +Remote=10.65.223.239 +IPv6RapidDeploymentPrefix=2602::/24 diff --git a/test/fuzz/fuzz-netdev-parser/directives.netdev b/test/fuzz/fuzz-netdev-parser/directives.netdev index 4725d2dad4..88d2788191 100644 --- a/test/fuzz/fuzz-netdev-parser/directives.netdev +++ b/test/fuzz/fuzz-netdev-parser/directives.netdev @@ -73,6 +73,7 @@ CopyDSCP= EncapsulationLimit= TTL= FOUSourcePort= +IPv6RapidDeploymentPrefix= [VXLAN] UDP6ZeroChecksumRx= ARPProxy= From d29dc4f1b84e5ab0225ed81b1688c37df87f2de7 Mon Sep 17 00:00:00 2001 From: David Anderson Date: Thu, 8 Nov 2018 20:44:16 -0800 Subject: [PATCH 3/3] Add a networkd test for 6rd interface creation. Unfortunately we can't check the 6rd attribute, because it's not exposed in /sys or anywhere other than netlink... But at least we can check that networkd brings up an interface that looks right. --- test/test-network/conf/25-6rd-tunnel.netdev | 7 +++++++ test/test-network/conf/6rd.network | 5 +++++ test/test-network/systemd-networkd-tests.py | 19 +++++++++++++------ 3 files changed, 25 insertions(+), 6 deletions(-) create mode 100644 test/test-network/conf/25-6rd-tunnel.netdev create mode 100644 test/test-network/conf/6rd.network diff --git a/test/test-network/conf/25-6rd-tunnel.netdev b/test/test-network/conf/25-6rd-tunnel.netdev new file mode 100644 index 0000000000..756beccb70 --- /dev/null +++ b/test/test-network/conf/25-6rd-tunnel.netdev @@ -0,0 +1,7 @@ +[NetDev] +Name=sittun99 +Kind=sit + +[Tunnel] +Local=10.65.223.238 +IPv6RapidDeploymentPrefix=2602::/24 diff --git a/test/test-network/conf/6rd.network b/test/test-network/conf/6rd.network new file mode 100644 index 0000000000..84e5af0ff0 --- /dev/null +++ b/test/test-network/conf/6rd.network @@ -0,0 +1,5 @@ +[Match] +Name=dummy98 + +[Network] +Tunnel=sittun99 diff --git a/test/test-network/systemd-networkd-tests.py b/test/test-network/systemd-networkd-tests.py index 1a69af149c..e1ff2dad23 100755 --- a/test/test-network/systemd-networkd-tests.py +++ b/test/test-network/systemd-networkd-tests.py @@ -148,18 +148,18 @@ class NetworkdNetDevTests(unittest.TestCase, Utilities): links =['bridge99', 'bond99', 'bond99', 'vlan99', 'test1', 'macvtap99', 'macvlan99', 'ipvlan99', 'vxlan99', 'veth99', 'vrf99', 'tun99', - 'tap99', 'vcan99', 'geneve99', 'dummy98', 'ipiptun99', 'sittun99', + 'tap99', 'vcan99', 'geneve99', 'dummy98', 'ipiptun99', 'sittun99', '6rdtun99', 'gretap99', 'vtitun99', 'vti6tun99','ip6tnl99', 'gretun99', 'ip6gretap99', 'wg99'] units = ['25-bridge.netdev', '25-bond.netdev', '21-vlan.netdev', '11-dummy.netdev', '21-vlan.network', '21-macvtap.netdev', 'macvtap.network', '21-macvlan.netdev', 'macvlan.network', 'vxlan.network', '25-vxlan.netdev', '25-ipvlan.netdev', 'ipvlan.network', '25-veth.netdev', '25-vrf.netdev', '25-tun.netdev', '25-tun.netdev', '25-vcan.netdev', '25-geneve.netdev', '25-ipip-tunnel.netdev', - '25-ip6tnl-tunnel.netdev', '25-ip6gre-tunnel.netdev','25-sit-tunnel.netdev', '25-gre-tunnel.netdev', - '25-gretap-tunnel.netdev', '25-vti-tunnel.netdev', '25-vti6-tunnel.netdev', '12-dummy.netdev', - 'gre.network', 'ipip.network', 'ip6gretap.network', 'gretun.network', 'ip6tnl.network', '25-tap.netdev', - 'vti6.network', 'vti.network', 'gretap.network', 'sit.network', '25-ipip-tunnel-independent.netdev', - '25-wireguard.netdev'] + '25-ip6tnl-tunnel.netdev', '25-ip6gre-tunnel.netdev','25-sit-tunnel.netdev', '25-6rd-tunnel.netdev', + '25-gre-tunnel.netdev', '25-gretap-tunnel.netdev', '25-vti-tunnel.netdev', '25-vti6-tunnel.netdev', + '12-dummy.netdev', 'gre.network', 'ipip.network', 'ip6gretap.network', 'gretun.network', + 'ip6tnl.network', '25-tap.netdev', 'vti6.network', 'vti.network', 'gretap.network', 'sit.network', + '25-ipip-tunnel-independent.netdev', '25-wireguard.netdev', '6rd.network'] def setUp(self): self.link_remove(self.links) @@ -361,6 +361,13 @@ class NetworkdNetDevTests(unittest.TestCase, Utilities): self.assertTrue(self.link_exits('dummy98')) self.assertTrue(self.link_exits('sittun99')) + def test_6rd_tunnel(self): + self.copy_unit_to_networkd_unit_path('12-dummy.netdev', '25-6rd-tunnel.netdev', '6rd.network') + self.start_networkd() + + self.assertTrue(self.link_exits('dummy98')) + self.assertTrue(self.link_exits('sittun99')) + def test_tunnel_independent(self): self.copy_unit_to_networkd_unit_path('25-ipip-tunnel-independent.netdev')