mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-09-13 14:14:37 +00:00
8b532109bf
IETF RFC 8986 [1] includes the definition of SRv6 End.DT4, End.DT6, and
End.DT46 Behaviors.
The current SRv6 code in the Linux kernel only implements End.DT4 and
End.DT6 which can be used respectively to support IPv4-in-IPv6 and
IPv6-in-IPv6 VPNs. With End.DT4 and End.DT6 it is not possible to create a
single SRv6 VPN tunnel to carry both IPv4 and IPv6 traffic.
The proposed End.DT46 implementation is meant to support the decapsulation
of IPv4 and IPv6 traffic coming from a single SRv6 tunnel.
The implementation of the SRv6 End.DT46 Behavior in the Linux kernel
greatly simplifies the setup and operations of SRv6 VPNs.
The SRv6 End.DT46 Behavior leverages the infrastructure of SRv6 End.DT{4,6}
Behaviors implemented so far, because it makes use of a VRF device in
order to force the routing lookup into the associated routing table.
To make the End.DT46 work properly, it must be guaranteed that the routing
table used for routing lookup operations is bound to one and only one VRF
during the tunnel creation. Such constraint has to be enforced by enabling
the VRF strict_mode sysctl parameter, i.e.:
$ sysctl -wq net.vrf.strict_mode=1
Note that the same approach is used for the SRv6 End.DT4 Behavior and for
the End.DT6 Behavior in VRF mode.
The command used to instantiate an SRv6 End.DT46 Behavior is
straightforward, i.e.:
$ ip -6 route add 2001:db8::1 encap seg6local action End.DT46 vrftable 100 dev vrf100.
[1] https://www.rfc-editor.org/rfc/rfc8986.html#name-enddt46-decapsulation-and-s
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Performance and impact of SRv6 End.DT46 Behavior on the SRv6 Networking
=======================================================================
This patch aims to add the SRv6 End.DT46 Behavior with minimal impact on
the performance of SRv6 End.DT4 and End.DT6 Behaviors.
In order to verify this, we tested the performance of the newly introduced
SRv6 End.DT46 Behavior and compared it with the performance of SRv6
End.DT{4,6} Behaviors, considering both the patched kernel and the kernel
before applying the End.DT46 patch (referred to as vanilla kernel).
In details, the following decapsulation scenarios were considered:
1.a) IPv6 traffic in SRv6 End.DT46 Behavior on patched kernel;
1.b) IPv4 traffic in SRv6 End.DT46 Behavior on patched kernel;
2.a) SRv6 End.DT6 Behavior (VRF mode) on patched kernel;
2.b) SRv6 End.DT4 Behavior on patched kernel;
3.a) SRv6 End.DT6 Behavior (VRF mode) on vanilla kernel (without the
End.DT46 patch);
3.b) SRv6 End.DT4 Behavior on vanilla kernel (without the End.DT46 patch).
All tests were performed on a testbed deployed on the CloudLab [2]
facilities. We considered IPv{4,6} traffic handled by a single core (at 2.4
GHz on a Xeon(R) CPU E5-2630 v3) on kernel 5.13-rc1 using packets of size
~ 100 bytes.
Scenario (1.a): average 684.70 kpps; std. dev. 0.7 kpps;
Scenario (1.b): average 711.69 kpps; std. dev. 1.2 kpps;
Scenario (2.a): average 690.70 kpps; std. dev. 1.2 kpps;
Scenario (2.b): average 722.22 kpps; std. dev. 1.7 kpps;
Scenario (3.a): average 690.02 kpps; std. dev. 2.6 kpps;
Scenario (3.b): average 721.91 kpps; std. dev. 1.2 kpps;
Considering the results for the patched kernel (1.a, 1.b, 2.a, 2.b) we
observe that the performance degradation incurred in using End.DT46 rather
than End.DT6 and End.DT4 respectively for IPv6 and IPv4 traffic is minimal,
around 0.9% and 1.5%. Such very minimal performance degradation is the
price to be paid if one prefers to use a single tunnel capable of handling
both types of traffic (IPv4 and IPv6).
Comparing the results for End.DT4 and End.DT6 under the patched and the
vanilla kernel (2.a, 2.b, 3.a, 3.b) we observe that the introduction of the
End.DT46 patch has no impact on the performance of End.DT4 and End.DT6.
[2] https://www.cloudlab.us
Signed-off-by: Andrea Mayer <andrea.mayer@uniroma2.it>
Reviewed-by: David Ahern <dsahern@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
113 lines
3.3 KiB
C
113 lines
3.3 KiB
C
/*
|
|
* SR-IPv6 implementation
|
|
*
|
|
* Author:
|
|
* David Lebrun <david.lebrun@uclouvain.be>
|
|
*
|
|
*
|
|
* This program is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU General Public License
|
|
* as published by the Free Software Foundation; either version
|
|
* 2 of the License, or (at your option) any later version.
|
|
*/
|
|
|
|
#ifndef _UAPI_LINUX_SEG6_LOCAL_H
|
|
#define _UAPI_LINUX_SEG6_LOCAL_H
|
|
|
|
#include <linux/seg6.h>
|
|
|
|
enum {
|
|
SEG6_LOCAL_UNSPEC,
|
|
SEG6_LOCAL_ACTION,
|
|
SEG6_LOCAL_SRH,
|
|
SEG6_LOCAL_TABLE,
|
|
SEG6_LOCAL_NH4,
|
|
SEG6_LOCAL_NH6,
|
|
SEG6_LOCAL_IIF,
|
|
SEG6_LOCAL_OIF,
|
|
SEG6_LOCAL_BPF,
|
|
SEG6_LOCAL_VRFTABLE,
|
|
SEG6_LOCAL_COUNTERS,
|
|
__SEG6_LOCAL_MAX,
|
|
};
|
|
#define SEG6_LOCAL_MAX (__SEG6_LOCAL_MAX - 1)
|
|
|
|
enum {
|
|
SEG6_LOCAL_ACTION_UNSPEC = 0,
|
|
/* node segment */
|
|
SEG6_LOCAL_ACTION_END = 1,
|
|
/* adjacency segment (IPv6 cross-connect) */
|
|
SEG6_LOCAL_ACTION_END_X = 2,
|
|
/* lookup of next seg NH in table */
|
|
SEG6_LOCAL_ACTION_END_T = 3,
|
|
/* decap and L2 cross-connect */
|
|
SEG6_LOCAL_ACTION_END_DX2 = 4,
|
|
/* decap and IPv6 cross-connect */
|
|
SEG6_LOCAL_ACTION_END_DX6 = 5,
|
|
/* decap and IPv4 cross-connect */
|
|
SEG6_LOCAL_ACTION_END_DX4 = 6,
|
|
/* decap and lookup of DA in v6 table */
|
|
SEG6_LOCAL_ACTION_END_DT6 = 7,
|
|
/* decap and lookup of DA in v4 table */
|
|
SEG6_LOCAL_ACTION_END_DT4 = 8,
|
|
/* binding segment with insertion */
|
|
SEG6_LOCAL_ACTION_END_B6 = 9,
|
|
/* binding segment with encapsulation */
|
|
SEG6_LOCAL_ACTION_END_B6_ENCAP = 10,
|
|
/* binding segment with MPLS encap */
|
|
SEG6_LOCAL_ACTION_END_BM = 11,
|
|
/* lookup last seg in table */
|
|
SEG6_LOCAL_ACTION_END_S = 12,
|
|
/* forward to SR-unaware VNF with static proxy */
|
|
SEG6_LOCAL_ACTION_END_AS = 13,
|
|
/* forward to SR-unaware VNF with masquerading */
|
|
SEG6_LOCAL_ACTION_END_AM = 14,
|
|
/* custom BPF action */
|
|
SEG6_LOCAL_ACTION_END_BPF = 15,
|
|
/* decap and lookup of DA in v4 or v6 table */
|
|
SEG6_LOCAL_ACTION_END_DT46 = 16,
|
|
|
|
__SEG6_LOCAL_ACTION_MAX,
|
|
};
|
|
|
|
#define SEG6_LOCAL_ACTION_MAX (__SEG6_LOCAL_ACTION_MAX - 1)
|
|
|
|
enum {
|
|
SEG6_LOCAL_BPF_PROG_UNSPEC,
|
|
SEG6_LOCAL_BPF_PROG,
|
|
SEG6_LOCAL_BPF_PROG_NAME,
|
|
__SEG6_LOCAL_BPF_PROG_MAX,
|
|
};
|
|
|
|
#define SEG6_LOCAL_BPF_PROG_MAX (__SEG6_LOCAL_BPF_PROG_MAX - 1)
|
|
|
|
/* SRv6 Behavior counters are encoded as netlink attributes guaranteeing the
|
|
* correct alignment.
|
|
* Each counter is identified by a different attribute type (i.e.
|
|
* SEG6_LOCAL_CNT_PACKETS).
|
|
*
|
|
* - SEG6_LOCAL_CNT_PACKETS: identifies a counter that counts the number of
|
|
* packets that have been CORRECTLY processed by an SRv6 Behavior instance
|
|
* (i.e., packets that generate errors or are dropped are NOT counted).
|
|
*
|
|
* - SEG6_LOCAL_CNT_BYTES: identifies a counter that counts the total amount
|
|
* of traffic in bytes of all packets that have been CORRECTLY processed by
|
|
* an SRv6 Behavior instance (i.e., packets that generate errors or are
|
|
* dropped are NOT counted).
|
|
*
|
|
* - SEG6_LOCAL_CNT_ERRORS: identifies a counter that counts the number of
|
|
* packets that have NOT been properly processed by an SRv6 Behavior instance
|
|
* (i.e., packets that generate errors or are dropped).
|
|
*/
|
|
enum {
|
|
SEG6_LOCAL_CNT_UNSPEC,
|
|
SEG6_LOCAL_CNT_PAD, /* pad for 64 bits values */
|
|
SEG6_LOCAL_CNT_PACKETS,
|
|
SEG6_LOCAL_CNT_BYTES,
|
|
SEG6_LOCAL_CNT_ERRORS,
|
|
__SEG6_LOCAL_CNT_MAX,
|
|
};
|
|
|
|
#define SEG6_LOCAL_CNT_MAX (__SEG6_LOCAL_CNT_MAX - 1)
|
|
|
|
#endif
|