[PATCH] IPv4 over IPv6 nexthop support on FreeBSD
Hello, While experimenting in FreeBSD 13.1 with IPv4 over IPv6 nexthop routes, I realized that BIRD was unable to read routes from the kernel as well as export routes to the kernel. The support for it was implemented in FreeBSD 13.1 [1]. I have attached a patch that made it work for me on FreeBSD 13.1, both importing and exporting to/from kernel. I believe the patch will still need some work, as from a quick look, OpenBSD still has no support for it. I'm happy to implement any suggested improvements and send a v2 of it. Thank you, Luiz [1] https://reviews.freebsd.org/D30398
On Sat, Feb 18, 2023 at 03:41:31PM +0100, Luiz Amaral wrote:
Hello,
While experimenting in FreeBSD 13.1 with IPv4 over IPv6 nexthop routes, I realized that BIRD was unable to read routes from the kernel as well as export routes to the kernel. The support for it was implemented in FreeBSD 13.1 [1].
I have attached a patch that made it work for me on FreeBSD 13.1, both importing and exporting to/from kernel. I believe the patch will still need some work, as from a quick look, OpenBSD still has no support for it. I'm happy to implement any suggested improvements and send a v2 of it.
Hello This looks particularly simple. Will check that.
diff --git a/sysdep/bsd/krt-sock.c b/sysdep/bsd/krt-sock.c index 1f793293..92f8c837 100644 --- a/sysdep/bsd/krt-sock.c +++ b/sysdep/bsd/krt-sock.c @@ -314,6 +314,10 @@ krt_send_route(struct krt_proto *p, int cmd, rte *e) if (ipa_is_link_local(gw)) _I0(gw) = 0xfe800000 | (i->index & 0x0000ffff);
+ if (ipa_is_ip6(gw)) { + af = AF_INET6; + } + sockaddr_fill(&gate, af, gw, NULL, 0); msg.rtm.rtm_flags |= RTF_GATEWAY; msg.rtm.rtm_addrs |= RTA_GATEWAY; @@ -469,7 +473,7 @@ krt_read_route(struct ks_msg *msg, struct krt_proto *p, int scan)
idst = ipa_from_sa(&dst); imask = ipa_from_sa(&mask); - igate = (gate.sa.sa_family == dst.sa.sa_family) ? ipa_from_sa(&gate) : IPA_NONE; + igate = ipa_from_sa(&gate);
#ifdef KRT_SHARED_SOCKET if (!scan)
-- Elen sila lumenn' omentielvo Ondrej 'Santiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
Hello Ondrej, Did you have a chance to check out the patch? I am happy to adjust it if needed. Luiz On 20/02/2023 04.33, Ondrej Zajicek wrote:
On Sat, Feb 18, 2023 at 03:41:31PM +0100, Luiz Amaral wrote:
Hello,
While experimenting in FreeBSD 13.1 with IPv4 over IPv6 nexthop routes, I realized that BIRD was unable to read routes from the kernel as well as export routes to the kernel. The support for it was implemented in FreeBSD 13.1 [1].
I have attached a patch that made it work for me on FreeBSD 13.1, both importing and exporting to/from kernel. I believe the patch will still need some work, as from a quick look, OpenBSD still has no support for it. I'm happy to implement any suggested improvements and send a v2 of it. Hello
This looks particularly simple. Will check that.
[1] https://reviews.freebsd.org/D30398 diff --git a/sysdep/bsd/krt-sock.c b/sysdep/bsd/krt-sock.c index 1f793293..92f8c837 100644 --- a/sysdep/bsd/krt-sock.c +++ b/sysdep/bsd/krt-sock.c @@ -314,6 +314,10 @@ krt_send_route(struct krt_proto *p, int cmd, rte *e) if (ipa_is_link_local(gw)) _I0(gw) = 0xfe800000 | (i->index & 0x0000ffff);
+ if (ipa_is_ip6(gw)) { + af = AF_INET6; + } + sockaddr_fill(&gate, af, gw, NULL, 0); msg.rtm.rtm_flags |= RTF_GATEWAY; msg.rtm.rtm_addrs |= RTA_GATEWAY; @@ -469,7 +473,7 @@ krt_read_route(struct ks_msg *msg, struct krt_proto *p, int scan)
idst = ipa_from_sa(&dst); imask = ipa_from_sa(&mask); - igate = (gate.sa.sa_family == dst.sa.sa_family) ? ipa_from_sa(&gate) : IPA_NONE; + igate = ipa_from_sa(&gate);
#ifdef KRT_SHARED_SOCKET if (!scan)
W dniu 17.04.2023 o 16:46, Luiz Amaral pisze:
Hello Ondrej,
Did you have a chance to check out the patch? I am happy to adjust it if needed.
Hello Luiz, have you tried netlink flavour of BIRD ? It requires FreeBSD 13.2, but should work out of the box in such a setup, I have not tested though. Marek
Luiz
On 20/02/2023 04.33, Ondrej Zajicek wrote:
On Sat, Feb 18, 2023 at 03:41:31PM +0100, Luiz Amaral wrote:
Hello,
While experimenting in FreeBSD 13.1 with IPv4 over IPv6 nexthop routes, I realized that BIRD was unable to read routes from the kernel as well as export routes to the kernel. The support for it was implemented in FreeBSD 13.1 [1].
I have attached a patch that made it work for me on FreeBSD 13.1, both importing and exporting to/from kernel. I believe the patch will still need some work, as from a quick look, OpenBSD still has no support for it. I'm happy to implement any suggested improvements and send a v2 of it. Hello
This looks particularly simple. Will check that.
[1] https://reviews.freebsd.org/D30398 diff --git a/sysdep/bsd/krt-sock.c b/sysdep/bsd/krt-sock.c index 1f793293..92f8c837 100644 --- a/sysdep/bsd/krt-sock.c +++ b/sysdep/bsd/krt-sock.c @@ -314,6 +314,10 @@ krt_send_route(struct krt_proto *p, int cmd, rte *e) if (ipa_is_link_local(gw)) _I0(gw) = 0xfe800000 | (i->index & 0x0000ffff); + if (ipa_is_ip6(gw)) { + af = AF_INET6; + } + sockaddr_fill(&gate, af, gw, NULL, 0); msg.rtm.rtm_flags |= RTF_GATEWAY; msg.rtm.rtm_addrs |= RTA_GATEWAY; @@ -469,7 +473,7 @@ krt_read_route(struct ks_msg *msg, struct krt_proto *p, int scan) idst = ipa_from_sa(&dst); imask = ipa_from_sa(&mask); - igate = (gate.sa.sa_family == dst.sa.sa_family) ? ipa_from_sa(&gate) : IPA_NONE; + igate = ipa_from_sa(&gate); #ifdef KRT_SHARED_SOCKET if (!scan)
-- Marek Zarychta
On 17/04/2023 17.12, Marek Zarychta wrote:
Hello Luiz,
have you tried netlink flavour of BIRD ? It requires FreeBSD 13.2, but should work out of the box in such a setup, I have not tested though. Hello Marek,
I tried the netlink version and while the export of routes to the kernel worked fine, the import into BIRD was failing. # netstat -nr Routing tables Internet: Destination Gateway Flags Netif Expire 10.10.10.0/24 2a12:6e40::2 UGS vtnet0 bird> show route 10.10.10.0/24 all Table master4: 10.10.10.0/24 unicast [k_default_4 2023-04-20 16:24:28] * (10) dev vtnet0 Type: inherit univ Kernel.source: 4 Kernel.metric: 0 I checked the code and found that the RTA_VIA related code was only included on kernels with MPLS support. I will provide a patch to fix it shortly. Luiz
On Mon, Apr 17, 2023 at 04:46:13PM +0200, Luiz Amaral wrote:
Hello Ondrej,
Did you have a chance to check out the patch? I am happy to adjust it if needed.
Hello Thanks for a notice, i just merged that (with minor modification): https://gitlab.nic.cz/labs/bird/-/commit/d61505b039bf0aa6697e28b2a4e07907c89... I didn't test the feature, as our FreeBSD VM is still at 13.0 (bsd-cloud-image.org does not offer never version), but it seems safe. -- Elen sila lumenn' omentielvo Ondrej 'Santiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
Hello Ondrej, Thanks for the merge. I did a quick test with the merged code on FreeBSD 13.2 and all worked well. While testing the same feature with Netlink as suggested by Marek, I noticed that the import of routes from kernel to BIRD was broken. I attached a patch that fixed the issue with Netlink for me. I believe it should be safe to handle RTA_VIA on non-MPLS kernels as rtnetlink(7) on Linux lists it as "Gateway in different AF" and rtnetlink(4) on FreeBSD lists it as "IPv6 nexthop address for IPv4 route". Luiz On 21/04/2023 03.07, Ondrej Zajicek wrote:
On Mon, Apr 17, 2023 at 04:46:13PM +0200, Luiz Amaral wrote:
Hello Ondrej,
Did you have a chance to check out the patch? I am happy to adjust it if needed. Hello
Thanks for a notice, i just merged that (with minor modification):
https://gitlab.nic.cz/labs/bird/-/commit/d61505b039bf0aa6697e28b2a4e07907c89...
I didn't test the feature, as our FreeBSD VM is still at 13.0 (bsd-cloud-image.org does not offer never version), but it seems safe.
W dniu 21.04.2023 o 03:07, Ondrej Zajicek pisze:
On Mon, Apr 17, 2023 at 04:46:13PM +0200, Luiz Amaral wrote:
Hello Ondrej,
Did you have a chance to check out the patch? I am happy to adjust it if needed.
Hello
Thanks for a notice, i just merged that (with minor modification):
https://gitlab.nic.cz/labs/bird/-/commit/d61505b039bf0aa6697e28b2a4e07907c89...
I didn't test the feature, as our FreeBSD VM is still at 13.0 (bsd-cloud-image.org does not offer never version), but it seems safe.
FreeBSD project provides us with official Cloud-init-like images for testing purposes[1]. These images really cannot be provisioned with Cloud-init, but you will be able to log in via ssh on your root account (neither key nor password is required), which should be sufficient. FreeBSD 13.2-RELEASE is the first release with netlink(4) support. Netlink is available as a kernel module and needs to be explicitly loaded. BTW the Netlink flavour of BIRD 2.0.12 under FreeBSD runs smoothly. We are running it for over two months. Resident memory usage dropped in our case from 2G to less than 512M. ECMP works out of the box. The daemon complains about slow scans of the kernel routing table[2] though, but it's not a problem. Many thanks to the people who contributed to this ! [1] https://download.freebsd.org/ftp/releases/CI-IMAGES/13.2-RELEASE/amd64/Lates... [2] rtr bird[2284]: I/O loop cycle took 13166.930 ms for 2 events Cheers -- Marek Zarychta
participants (3)
-
Luiz Amaral -
Marek Zarychta -
Ondrej Zajicek