Adds basic support for IPv6 #255
Conversation
- Adds IPv6 support to the OPTE API and main engine types. This includes fleshing out some missing edges for IPv6 addresses and CIDRs, and adding support for specifying IPv6 addresses in router entries, etc. The main type expanded here is the `VpcCfg`, which now supports an `IpCfg` that specifies all L3 information. That supports exactly one IPv4 or IPv6, or one of each, for private addresses. An optional SNAT and external address for each are also supported. - Updates the `opte-ioctl` and `opteadm` crates to support IPv6, and to use a `VpcCfg` as the argument, rather than a bunch of disparate arguments. Fleshes out handling for IPv6 in router entries, port info and printing, and layer / rule printing. - Adds a few niceties to the D scripts for pretty-printing IPv6 - Renames a lot of IPv4 specific types, such as `Dhcp4Reply` to `DhcpReply`. Types without a prefix will be assumed to refer to IPv4, and IPv6 will always have a version number. - Adds an `icmpv6` layer to `opte` and the `oxide-vpc`, and inserts it in the configuration created by the `xde` driver. This supports ICMPv6 echo requests from the guest to the gateway only. An integration test verifying the hairpinned echo reply is also here. - Updates the API version check script to compare all commits relative to the `master` branch, rather than the last.
|
In addition the tests in the repo, I've also tested we can actually launch guests with Omicron using the updated debian@myinst:~$ ping6 fd00:abcd:abcd:abcd::1 -c 1
PING fd00:abcd:abcd:abcd::1(fd00:abcd:abcd:abcd::1) 56 data bytes
64 bytes from fd00:abcd:abcd:abcd::1: icmp_seq=1 ttl=255 time=0.126 ms
--- fd00:abcd:abcd:abcd::1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.126/0.126/0.126/0.000 ms
debian@myinst:~$OPTE is actually hairpinning the packet: bnaecker@feldspar : ~/opte $ pfexec ./dtrace/opte-trace opte-rule-match
<SNIP>
PORT LAYER MATCH DIR FLOW ACTION
opte0 icmpv6 YES out ICMPv6,[fd00:abcd:abcd:abcd::5]:0,[fd00:abcd:abcd:abcd::1]:0 HAIRPIN: ICMPv6 Echo Reply (A8:40:25:FF:77:77,fd00:abcd:abcd:abcd::1) => (A8:40:25:FA:4E:42,fd00:abcd:abcd:abcd::5)
^C |
There was a problem hiding this comment.
This is a lot of great work. It feels good to see various IPv6 todo!s eliminated! I think most of my comments are pretty straightforward and shouldn't require much modification. This is pretty much how I would have done all this work; though I don't think I would have thought of some of the nice simplifications you made in various places.
bnaecker
force-pushed
the
icmpv6-support
branch
from
36f43f3 to
8a19e7e
Compare
|
The 1437 } else {
1438 // This should be unreachable!(). We have an IP header,
1439 // but neither `ip4()` nor `ip6()` returned something.
1440 opte::engine::dbg(format!(
1441 "Packet contains IP header, but neither `ip4()` \
1442 nor `ip6()` returned `Some`. IP header: {:?}",
1443 ip_hdr,
1444 ));
1445 false
1446 }That's putting the closing parenthesis for the function call at the same indention as the surrounding |
- Better router error message - Better error messages when parsing IpAddr / IpCidr - Better comments throughout, some better type names - DCE - Fix ARP handling to unconditionally drop outbound requests for anything other than the gateway, and all inbound requests.
bnaecker
force-pushed
the
icmpv6-support
branch
from
8a19e7e to
f810622
Compare
|
No worries on cargo fmt, it is what it is, I wouldn't spent too much time trying to get it to heel. |
- Renamed `public_ip` -> `external_ip` fields on NAT-related types. This is important because the "outside" IP address for NAT need not actually be an address that's routable on the public Internet. It can be any address in any network on the other side of the NAT node. - Fix location of Copy derive
|
Got the fmt resolved. It was line length, I just split the lines into shorter pieces and it did the right thing here. |
|
Thanks for the detailed review @rzezeski! |
VpcCfg, which now supports anIpCfgthat specifies all L3 information. That supports exactly one IPv4 or IPv6, or one of each, for private addresses. An optional SNAT and external address for each are also supported.opte-ioctlandopteadmcrates to support IPv6, and to use aVpcCfgas the argument, rather than a bunch of disparate arguments. Fleshes out handling for IPv6 in router entries, port info and printing, and layer / rule printing.Dhcp4ReplytoDhcpReply. Types without a prefix will be assumed to refer to IPv4, and IPv6 will always have a version number.icmpv6layer toopteand theoxide-vpc, and inserts it in the configuration created by thexdedriver. This supports ICMPv6 echo requests from the guest to the gateway only. An integration test verifying the hairpinned echo reply is also here.masterbranch, rather than the last.