On Wed, 2 Dec 2020 14:05:09 +0100 Andrea Mayer wrote:
This patchset provides support for the SRv6 End.DT4 and End.DT6 (VRF mode) behaviors.
The SRv6 End.DT4 behavior is used to implement multi-tenant IPv4 L3 VPNs. It decapsulates the received packets and performs IPv4 routing lookup in the routing table of the tenant. The SRv6 End.DT4 Linux implementation leverages a VRF device in order to force the routing lookup into the associated routing table. The SRv6 End.DT4 behavior is defined in the SRv6 Network Programming [1].
The Linux kernel already offers an implementation of the SRv6 End.DT6 behavior which allows us to set up IPv6 L3 VPNs over SRv6 networks. This new implementation of DT6 is based on the same VRF infrastructure already exploited for implementing the SRv6 End.DT4 behavior. The aim of the new SRv6 End.DT6 in VRF mode consists in simplifying the construction of IPv6 L3 VPN services in the multi-tenant environment. Currently, the two SRv6 End.DT6 implementations (legacy and VRF mode) coexist seamlessly and can be chosen according to the context and the user preferences.
Patch 1 is needed to solve a pre-existing issue with tunneled packets when a sniffer is attached;
Patch 2 improves the management of the seg6local attributes used by the SRv6 behaviors;
Patch 3 adds support for optional attributes in SRv6 behaviors;
Patch 4 introduces two callbacks used for customizing the creation/destruction of a SRv6 behavior;
Patch 5 is the core patch that adds support for the SRv6 End.DT4 behavior;
Patch 6 introduces the VRF support for SRv6 End.DT6 behavior;
Patch 7 adds the selftest for SRv6 End.DT4 behavior;
Patch 8 adds the selftest for SRv6 End.DT6 (VRF mode) behavior.
Regarding iproute2, the support for the new "vrftable" attribute, required by both SRv6 End.DT4 and End.DT6 (VRF mode) behaviors, is provided in a different patchset that will follow shortly.
I would like to thank David Ahern for his support during the development of this patchset.
Applied, thank you!