Re: [PATCH] seg6: using DSCP of inner IPv4 packets

From: Ahmed Abdelsalam
Date: Thu Aug 06 2020 - 02:43:16 EST

Next message: Stephen Rothwell: "linux-next: Signed-off-by missing for commit in the cifs tree"
Previous message: Rouven Czerwinski: "Re: [PATCH 1/2] net: tls: add compat for get/setsockopt"
In reply to: David Miller: "Re: [PATCH] seg6: using DSCP of inner IPv4 packets"
Next in thread: David Miller: "Re: [PATCH] seg6: using DSCP of inner IPv4 packets"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi David,

SRv6 as defined in [1][2] does not mandate that the hop_limit of the outer IPv6 header has to be copied from the inner packet.

The only thing that is mandatory is that the hop_limit of the inner packet has to be decremented [3]. This complies with the specification defined in the Generic Packet Tunneling in IPv6 [4]. This part is actually missing in the kernel.

For the hop_limit of the outer IPv6 header, the other SRv6 implementations [5][6] by default uses the default ipv6 hop_limit. But they allow also to use a configurable hop_limit for the outer header.

In conclusion the hop limit behavior in this patch is intentional and in my opnion correct.

If you agree I can send two patches to:
- decrement hop_limit of inner packet
- allow a configurable hop limit of outer IPv6 header

[1] https://tools.ietf.org/html/rfc8754
[2] https://tools.ietf.org/html/draft-ietf-spring-srv6-network-programming-16
[3] https://tools.ietf.org/html/draft-ietf-spring-srv6-network-programming-16#section-5
[4] https://tools.ietf.org/html/rfc2473#section-3.1
[5]https://github.com/FDio/vpp/blob/8bf80a3ddae7733925a757cb1710e25776eea01c/src/vnet/srv6/sr_policy_rewrite.c#L110
[6] https://www.cisco.com/c/en/us/td/docs/routers/asr9000/software/asr9k-r6-6/segment-routing/configuration/guide/b-segment-routing-cg-asr9000-66x/b-segment-routing-cg-asr9000-66x_chapter_011.html#id_94209

On 06/08/2020 02:40, David Miller wrote:

From: Ahmed Abdelsalam <ahabdels@xxxxxxxxx>
Date: Tue, 4 Aug 2020 07:40:30 +0000

This patch allows copying the DSCP from inner IPv4 header to the
outer IPv6 header, when doing SRv6 Encapsulation.

This allows forwarding packet across the SRv6 fabric based on their
original traffic class.

Signed-off-by: Ahmed Abdelsalam <ahabdels@xxxxxxxxx>

You have changed the hop limit behavior here and that neither seems
intentional nor correct.

When encapsulating ipv6 inside of ipv6 the inner hop limit should be
inherited. You should only use the DST hop limit when encapsulating
ipv4.

And that's what the existing code did.

Next message: Stephen Rothwell: "linux-next: Signed-off-by missing for commit in the cifs tree"
Previous message: Rouven Czerwinski: "Re: [PATCH 1/2] net: tls: add compat for get/setsockopt"
In reply to: David Miller: "Re: [PATCH] seg6: using DSCP of inner IPv4 packets"
Next in thread: David Miller: "Re: [PATCH] seg6: using DSCP of inner IPv4 packets"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]