Re: [mpls-linux-general] Looking for examples to test TC/DS/IPTABLE
Status: Beta
Brought to you by:
jleu
Menu
▾
▴
Re: [mpls-linux-general] Looking for examples to test TC/DS/IPTABLE
|
From: James R. L. <jl...@mi...> - 2001-12-18 14:51:29
|
I see the light now..... Last night I dug around the kernel and I now see why you think that netfilter is the best way for interacting with the ipv4 routing table. I will look more at your work and see how I can make it less MPLS specific. Right now I think I am going to add a new netlink. POST_ROUTING_SLOW. This will allow a netlink to modify the route cache entry. The result will be that the netlink code for this will only be run for the first packet in the "flow". The rest will hit the entry in the route cache and will be redirected to the MPLS layer. Will this satisfy your hope of avoiding double lookups (for every packet except the first)? Jim On Tue, Dec 11, 2001 at 01:52:39PM +0100, Olivier Dugeon wrote: > hi Jim, > > Can you describe a little more the MPLS_OP_NF_FWD action ? It doesn't work, because I cannot bind a LSP to a route in the mangle table. Jim > If i understand well, the sutff is : > > - mark packet with iptable > - use MPLS_OP_NF_FWD to retrieve the MOI info (and so the outgoing > label) from the nfmark value > - possibly use nfmark as filter criteria for TC as usual > > It look like good for me because it made a very little change in the > kernel and haven't to maintain an mpls_index change in case of nfmark > change. > > Just a point of clarification about the use of nfmark instead of > mpls_index for the reason given previously (incomptability with nfmark > route only stuff) Have you a different way to use this action and so let > the normal nfmark behaviour work as usual ? I suppose mplsadm need to > be modified to set up this action with the right nfmark value ? If so, i > suppose you can leave both normal and mpls nfmark. The difference come > with a different value for nfmark (only value setup with mplsadm result > in a mpls processing) > > Regards, > > Olivier > > James R. Leu wrote: > > > Hello, > > > > I have (re)implemented my version of TC/DS enhanced mpls-linux. I would > > like to describe what I have created so I can get feed back. Also > > I would like to get examples from people of how to use TC and iptables > > to actually excercise this new code and to show me what this implementation > > cannot do. > > > > First this to keep in mind is that 'outgoing info' nolonger can be interpreted > > as 'outgoing label'. A particular 'outgoing info' can fwd on to another > > 'outgoing info' which may do a 'push'. 'incoming labels', aux_proto, and > > mpls tunnels all point to 'outgoing info' (in addition 'outgoing info' can > > point to other 'outgoing info'). I will refer to 'outgoing info' as > > 'MOI' (in the code it stands for the mpls_outgoing_info structure). > > > > Incoming labels and MOI's have an array of 'instructions' associated > > with them. Each instruction has a 'data block' associated with it. > > The original set of instructions, have changed very little: > > > > MPLS_OP_POP -> IN: pop off top label (no data) > > MPLS_OP_PEEK -> IN: make the top label the active 'incoming label' (no data) > > MPLS_OP_PUSH -> OUT: push a label on to the top of the label stack > > (label to push) > > MPLS_OP_DLV -> IN: deliver the packet to a specify protocol handler > > (protocol id to send the packet to ie IPv4 IPv6) > > MPLS_OP_FWD -> IN: transfer control to mpls_output() (pointer to the MOI) > > OUT: start processing the instructions wit the new MOI > > (pointer to the new MOI) > > MPLS_OP_SET -> IN: set the incoing interface > > OUT: set the dst_entry on the skb [last step before TXing a > > MPLS packet] (pointer to the dst_entry) > > > > These are the new instructions: > > > > *nfmark comes from skb > > #dsmark comes from IP header > > *tc_index comes from the skb > > *EXP comes from the active incoming label > > > > MPLS_OP_NF_FWD -> IN/OUT: index into the datablock by using the (nfmark & mask) > > start processing the MOI that was found. (array of MOIs) > > MPLS_OP_DS_FWD -> IN: index into the datablock by using the (dsmark & mask) > > start processing the MOI that was found. (array of MOIs) > > MPLS_OP_TC_FWD -> OUT: index into the datablock by using the (tc_index & mask) > > start processing the MOI that was found. (array of MOIs) > > MPLS_OP_EXP_FWD -> IN: index into the datablock by using the (EXP) > > start processing the MOI that was found. (array of MOIs) > > MPLS_OP_SET_TC -> IN/OUT: set the tc_index (tc_index to use) > > MPLS_OP_SET_DS -> IN/OUT: set the dsmark (DSCP to use) > > MPLS_OP_SET_EXP -> IN/OUT: set EXP on the top label (EXP to use) > > MPLS_OP_EXP2TC -> IN: index into the data block by using the (EXP) and set the > > tc_index to the value found > > MPLS_OP_EXP2DS -> IN: index into the data block by using the (EXP) and set the > > dsmark to the value found > > > > > > > > So here are some examples: > > > > Egress LER: > > > > On input of label 100 EXP 1 gets DSCP 0x4, EXP 4 gets DSCP 0x7 > > > > MII(100) -> PEEK POP EXP2DS(1->0x4,4->0x7) DLV(IPv4) > > > > Ingress LER (DSCP): > > > > Packets going to 11.0.0.0/16 goes out with label 100, DSCP 0x4 get EXP 1, > > DSCP 0x7 gets EXP 4 > > > > IPROUTE(11.0.0.0/16) -> MOI(1000) > > MOI(1000) DS_FWD(0x4->MOI(500), 0x7->MOI(2000)) > > MOI(500) SET_EXP (1) PUSH(100) SET(next hop info) > > MOI(2000) SET_EXP (4) PUSH(100) SET(next hop info) > > > > IP routing tranfer control to mpls_output and starts processing MOI(1000). > > MOI(1000) looks at the DSCP and starts processing either MOI(500) or > > MOI(2000). MOI(500) and MOI(2000) set the EXP, puch the label, > > set the dst_entry and then send the packet) > > > > (you could implement L-LSPs in a similar way, push differnt label in MOI(500) > > and MOI(2000) and do not set the EXP value) > > > > Alternative: > > > > IPROUTE(11.0.0.0/16) -> MPLS_TUNNEL(mpls0) > > mpls0 -> MOI(1000) > > MOI(500) SET_EXP (1) PUSH(100) SET(next hop info) > > MOI(2000) SET_EXP (4) PUSH(100) SET(next hop info) > > > > IP routing tranfer send the packet out interface mpls0. Interface mpls0 > > transfers control to mpls_output and starts processing MOI(1000). > > MOI(1000) looks at the DSCP and starts processing either MOI(500) or > > MOI(2000). MOI(500) and MOI(2000) set the EXP, puch the label, > > set the dst_entry and then send the packet) > > > > Ingress LER NFMARK and TCINDEX, work simlarly. > > > > Transit: > > > > INCOMING_LABEL(100) PEEK POP EXP2TC(1->0xF,4->0xE) -> MOI(10000) > > MOI(10000) PUSH(100) SET(next hop info) > > > > Incoming label 100 looks at the EXP bits and sets tc_index to 0xF when > > EXP is 1 and to 0xE when EXP is 4. MOI(10000) is responsible for > > trasmitting the label. It pushed on label 100 (and the same EXP bits) > > and send it on it way. As it leaved via the physical interface a packet > > scheduler can look at the tc_index and schedule it appropriately. > > > > If you want to translate the EXP then you could use an EXP forward > > to differnt MOIs that push on the same label, but set differnt EXP bits. > > > > Additional intructions? > > > > MPLS_OP_TC2EXP -> coule be use in a MOI to translate the tc_index set on > > input to differnt EXP values. This would avoid having > > to do a EXP FWD just to set differnt EXP values. > > > > MPLS_OP_DS2EXP -> same as above, but would look at DSCP in the IP header > > and could only be execute on packet that came directly > > from the IP layer. It would avoid having to have > > seperate MOIs to implement E-LSPs. > > > > Comments, questions, political statments? > > > > Jim > > > > > -- > FTR&D/DAC/CPN > Technopole Anticipa | mailto:Oli...@fr... > 2, Avenue Pierre Marzin | Phone: +(33) 2 96 05 28 80 > F-22307 LANNION | Fax: +(33) 2 96 05 18 52 > > _______________________________________________ > mpls-linux-general mailing list > mpl...@li... > https://lists.sourceforge.net/lists/listinfo/mpls-linux-general -- James R. Leu jl...@mi... |
