Re: [ovs-discuss] GRE over IPv6 configuration

[William Tu]

On Tue, Jun 18, 2019 at 1:21 PM Gregory Rose  wrote:
>
>
> On 6/18/2019 10:11 AM, William Tu wrote:
> > On Tue, Jun 18, 2019 at 9:15 AM William Tu  wrote:
> >> Hi Greg and Eli,
> >>
> >> Should we add both ip6gre (L3) and ip6gretap (L2) support?
> >> @Eli, which mode do you want to use?
> >>
> >> I apply the patch below, and ip6gretap port can be created successfully
> >> by doing using kernel 5.2 upstream ovs module:
> >> # ovs-vsctl add-port br0 at_gre1 -- \
> >>   set int at_gre1 type=ip6gretap options:remote_ip=fc00:100::1
> >>
> >> but not the type=ip6gre
> >>
> >> diff --git a/lib/dpif-netlink-rtnl.c b/lib/dpif-netlink-rtnl.c
> >> index 2e23a8c14fcf..d666f239aeed 100644
> >> --- a/lib/dpif-netlink-rtnl.c
> >> +++ b/lib/dpif-netlink-rtnl.c
> >> @@ -104,7 +104,7 @@ vport_type_to_kind(enum ovs_vport_type type,
> >>   case OVS_VPORT_TYPE_IP6ERSPAN:
> >>   return "ip6erspan";
> >>   case OVS_VPORT_TYPE_IP6GRE:
> >> -return "ip6gre";
> >> +return "ip6gretap";
> >>   case OVS_VPORT_TYPE_NETDEV:
> >>   case OVS_VPORT_TYPE_INTERNAL:
> >>   case OVS_VPORT_TYPE_LISP:
> >> diff --git a/lib/dpif-netlink.c b/lib/dpif-netlink.c
> >> index c554666acce0..28897153744b 100644
> >> --- a/lib/dpif-netlink.c
> >> +++ b/lib/dpif-netlink.c
> >> @@ -698,7 +698,7 @@ get_vport_type(const struct dpif_netlink_vport *vport)
> >>   return "ip6erspan";
> >>
> >>   case OVS_VPORT_TYPE_IP6GRE:
> >> -return "ip6gre";
> >> +return "ip6gretap";
> >>
> >>   case OVS_VPORT_TYPE_UNSPEC:
> >>   case __OVS_VPORT_TYPE_MAX:
> >> @@ -729,7 +729,7 @@ netdev_to_ovs_vport_type(const char *type)
> >>   return OVS_VPORT_TYPE_ERSPAN;
> >>   } else if (!strcmp(type, "ip6erspan")) {
> >>   return OVS_VPORT_TYPE_IP6ERSPAN;
> >> -} else if (!strcmp(type, "ip6gre")) {
> >> +} else if (!strcmp(type, "ip6gretap")) {
> >>   return OVS_VPORT_TYPE_IP6GRE;
> >>   } else if (!strcmp(type, "gre")) {
> >>   return OVS_VPORT_TYPE_GRE;
> >> diff --git a/lib/netdev-vport.c b/lib/netdev-vport.c
> >> index ab591667f447..da95f680d454 100644
> >> --- a/lib/netdev-vport.c
> >> +++ b/lib/netdev-vport.c
> >> @@ -1216,10 +1216,10 @@ netdev_vport_tunnel_register(void)
> >> },
> >> {{NULL, NULL, 0, 0}}
> >>   },
> >> -{ "ip6gre_sys",
> >> +{ "ip6gretap_sys",
> >> {
> >> TUNNEL_FUNCTIONS_COMMON,
> >> -  .type = "ip6gre",
> >> +  .type = "ip6gretap",
> >> .build_header = netdev_gre_build_header,
> >> .push_header = netdev_gre_push_header,
> >> .pop_header = netdev_gre_pop_header
> >> diff --git a/lib/tnl-ports.c b/lib/tnl-ports.c
> >> index 17353046cc6e..2157d7de11ae 100644
> >> --- a/lib/tnl-ports.c
> >> +++ b/lib/tnl-ports.c
> >> @@ -172,7 +172,7 @@ tnl_type_to_nw_proto(const char type[])
> >>   return IPPROTO_TCP;
> >>   }
> >>   if (!strcmp(type, "gre") || !strcmp(type, "erspan") ||
> >> -!strcmp(type, "ip6erspan") || !strcmp(type, "ip6gre")) {
> >> +!strcmp(type, "ip6erspan") || !strcmp(type, "ip6gretap")) {
> >>   return IPPROTO_GRE;
> >>   }
> >>   if (!strcmp(type, "vxlan")) {
>
> This patch, as is, reports "ovs-vsctl: no row "type=ip6gretap" in table
> Interface"
>
> Is there something I missed?
>
> I had something that worked once but now it's always failing with that
> message.  Trying to figure out what it means.

That's wired. Let me double check.
I will post patch on OVS dev when I have ip6gre traffic working correctly.

Thanks
William
___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

Re: [ovs-discuss] GRE over IPv6 configuration

[William Tu]

On Tue, Jun 18, 2019 at 10:13 PM Eli Britstein  wrote:

> >> Hi Eli and Greg,
> >>
> >> I've found the root cause using upstream kernel 5.2.
> >> When adding an ip6gre device type, the
> >> ovs_vport_cmd_new
> >>new_vport
> >>  netdev_create
> >>ovs_netdev_link
> >>
> >> and fails due to
> >>  if (vport->dev->flags & IFF_LOOPBACK ||
> >>  (vport->dev->type != ARPHRD_ETHER &&
> >>   vport->dev->type != ARPHRD_NONE) ||
> >>  ovs_is_internal_dev(vport->dev)) {
> >>  err = -EINVAL;
> >>
> >> Because ip6gre is ARPHRD_IP6GRE
> >> Which means ip6gre never works using upstream kernel :(
> >>
> >> If we use ip6gretap, then its type is ARPHRD_ETHER,
> >> and the ip6gretap device can be created successfully.
> >>
> >> And for ip6erspan, it's never been a issue because it is ARPHRD_ETHER.
> >>
> >> And when using compat module, ip6gre works due to a coincident here:
> >> at datapath/linux/compat/ip6_gre.c
> >> static struct rtnl_link_ops ip6gre_link_ops __read_mostly = {
> >>  .kind   = "ip6gre",
> >>  .maxtype= RPL_IFLA_GRE_MAX,
> >>
> >>
> >> static struct rtnl_link_ops ip6gre_tap_ops __read_mostly = {
> >>  .kind   = "ip6gre",
> >>  .maxtype= RPL_IFLA_GRE_MAX,
> >>  .policy = ip6gre_policy,
> >>  .priv_size  = sizeof(struct ip6_tnl),
> >>
> >> We happen to use ip6gre_tap link ops in type "ip6gre"
> >>
> >> Regards,
> >> William
> >>
> >>> Furthermore, I think the following is missing, as there is no ip6gretap,
> >>> only ip6gre:
> >>>
> > Hi Greg and Eli,
> >
> > Should we add both ip6gre (L3) and ip6gretap (L2) support?
> > @Eli, which mode do you want to use?
>
> ip6gretap
>
> I applied this patch too, and indeed the error is resolved. However, i
> still don't get traffic. Have you verified it works to indicate a setup
> issue for me?
>
No I haven't done the end-to-end test, the patch just passes
the port add stage. I will look into it.

--William
___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

Re: [ovs-discuss] GRE over IPv6 configuration

[Eli Britstein]

On 6/18/2019 8:11 PM, William Tu wrote:
> On Tue, Jun 18, 2019 at 9:15 AM William Tu  wrote:
>> On Mon, Jun 17, 2019 at 10:46 PM Eli Britstein  wrote:
>>>
>>> On 6/18/2019 1:22 AM, Gregory Rose wrote:
 On 6/12/2019 2:20 AM, Eli Britstein wrote:
> Could you please have a look (and even better try?) still need to
> tidy up
>
> https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Felibr-mellanox%2Flinux%2Ftree%2Fovs-ipv6-gredata=02%7C01%7Celibr%40mellanox.com%7Cb5e034b901e54e2301b608d6f4100fe5%7Ca652971c7d2e4d9ba6a4d149256f461b%7C0%7C0%7C636964747162815714sdata=16q01k9tTgklmmTFeD6ZOmFwUSNzUAvVONJX8Y7FNEA%3Dreserved=0
>
>
>
 Hi Eli,

 I finally managed to getting around and building your kernel.  At
 least it does do away with the protocol error message but
 I haven't gotten it working yet.  Stay tuned and I'll provide feedback.
>>> Hi Greg,
>>>
>>> I think William was right pointing out the comment from Pravin. I agree
>>> with them that if we can avoid changing the kernel, and support it via
>>> lib/dpif-netlink-rtnl.c, it is the way to go, and we should abandon the
>>> kernel changes.
>>>
>>> I haven't deep dived into it yet to see how ip6erspan works (at least no
>>> creation error, didn't run traffic though) and ip6gre doesn't.
>>>
>> Hi Eli and Greg,
>>
>> I've found the root cause using upstream kernel 5.2.
>> When adding an ip6gre device type, the
>> ovs_vport_cmd_new
>>new_vport
>>  netdev_create
>>ovs_netdev_link
>>
>> and fails due to
>>  if (vport->dev->flags & IFF_LOOPBACK ||
>>  (vport->dev->type != ARPHRD_ETHER &&
>>   vport->dev->type != ARPHRD_NONE) ||
>>  ovs_is_internal_dev(vport->dev)) {
>>  err = -EINVAL;
>>
>> Because ip6gre is ARPHRD_IP6GRE
>> Which means ip6gre never works using upstream kernel :(
>>
>> If we use ip6gretap, then its type is ARPHRD_ETHER,
>> and the ip6gretap device can be created successfully.
>>
>> And for ip6erspan, it's never been a issue because it is ARPHRD_ETHER.
>>
>> And when using compat module, ip6gre works due to a coincident here:
>> at datapath/linux/compat/ip6_gre.c
>> static struct rtnl_link_ops ip6gre_link_ops __read_mostly = {
>>  .kind   = "ip6gre",
>>  .maxtype= RPL_IFLA_GRE_MAX,
>>
>>
>> static struct rtnl_link_ops ip6gre_tap_ops __read_mostly = {
>>  .kind   = "ip6gre",
>>  .maxtype= RPL_IFLA_GRE_MAX,
>>  .policy = ip6gre_policy,
>>  .priv_size  = sizeof(struct ip6_tnl),
>>
>> We happen to use ip6gre_tap link ops in type "ip6gre"
>>
>> Regards,
>> William
>>
>>> Furthermore, I think the following is missing, as there is no ip6gretap,
>>> only ip6gre:
>>>
> Hi Greg and Eli,
>
> Should we add both ip6gre (L3) and ip6gretap (L2) support?
> @Eli, which mode do you want to use?

ip6gretap

I applied this patch too, and indeed the error is resolved. However, i 
still don't get traffic. Have you verified it works to indicate a setup 
issue for me?

>
> I apply the patch below, and ip6gretap port can be created successfully
> by doing using kernel 5.2 upstream ovs module:
> # ovs-vsctl add-port br0 at_gre1 -- \
>   set int at_gre1 type=ip6gretap options:remote_ip=fc00:100::1
>
> but not the type=ip6gre
>
> diff --git a/lib/dpif-netlink-rtnl.c b/lib/dpif-netlink-rtnl.c
> index 2e23a8c14fcf..d666f239aeed 100644
> --- a/lib/dpif-netlink-rtnl.c
> +++ b/lib/dpif-netlink-rtnl.c
> @@ -104,7 +104,7 @@ vport_type_to_kind(enum ovs_vport_type type,
>   case OVS_VPORT_TYPE_IP6ERSPAN:
>   return "ip6erspan";
>   case OVS_VPORT_TYPE_IP6GRE:
> -return "ip6gre";
> +return "ip6gretap";
>   case OVS_VPORT_TYPE_NETDEV:
>   case OVS_VPORT_TYPE_INTERNAL:
>   case OVS_VPORT_TYPE_LISP:
> diff --git a/lib/dpif-netlink.c b/lib/dpif-netlink.c
> index c554666acce0..28897153744b 100644
> --- a/lib/dpif-netlink.c
> +++ b/lib/dpif-netlink.c
> @@ -698,7 +698,7 @@ get_vport_type(const struct dpif_netlink_vport *vport)
>   return "ip6erspan";
>
>   case OVS_VPORT_TYPE_IP6GRE:
> -return "ip6gre";
> +return "ip6gretap";
>
>   case OVS_VPORT_TYPE_UNSPEC:
>   case __OVS_VPORT_TYPE_MAX:
> @@ -729,7 +729,7 @@ netdev_to_ovs_vport_type(const char *type)
>   return OVS_VPORT_TYPE_ERSPAN;
>   } else if (!strcmp(type, "ip6erspan")) {
>   return OVS_VPORT_TYPE_IP6ERSPAN;
> -} else if (!strcmp(type, "ip6gre")) {
> +} else if (!strcmp(type, "ip6gretap")) {
>   return OVS_VPORT_TYPE_IP6GRE;
>   } else if (!strcmp(type, "gre")) {
>   return OVS_VPORT_TYPE_GRE;
> diff --git a/lib/netdev-vport.c b/lib/netdev-vport.c
> index ab591667f447..da95f680d454 100644
> --- a/lib/netdev-vport.c
> +++ b/lib/netdev-vport.c
> @@ -1216,10 +1216,10 @@ netdev_vport_tunnel_register(void)
> },
> {{NULL, NULL, 0, 0}}
>   },
> -{ "ip6gre_sys",
> +{ "ip6gretap_sys",
> 

Re: [ovs-discuss] GRE over IPv6 configuration

[Gregory Rose]

On 6/18/2019 10:11 AM, William Tu wrote:

On Tue, Jun 18, 2019 at 9:15 AM William Tu  wrote:

Hi Greg and Eli,

Should we add both ip6gre (L3) and ip6gretap (L2) support?
@Eli, which mode do you want to use?

I apply the patch below, and ip6gretap port can be created successfully
by doing using kernel 5.2 upstream ovs module:
# ovs-vsctl add-port br0 at_gre1 -- \
  set int at_gre1 type=ip6gretap options:remote_ip=fc00:100::1

but not the type=ip6gre

diff --git a/lib/dpif-netlink-rtnl.c b/lib/dpif-netlink-rtnl.c
index 2e23a8c14fcf..d666f239aeed 100644
--- a/lib/dpif-netlink-rtnl.c
+++ b/lib/dpif-netlink-rtnl.c
@@ -104,7 +104,7 @@ vport_type_to_kind(enum ovs_vport_type type,
  case OVS_VPORT_TYPE_IP6ERSPAN:
  return "ip6erspan";
  case OVS_VPORT_TYPE_IP6GRE:
-return "ip6gre";
+return "ip6gretap";
  case OVS_VPORT_TYPE_NETDEV:
  case OVS_VPORT_TYPE_INTERNAL:
  case OVS_VPORT_TYPE_LISP:
diff --git a/lib/dpif-netlink.c b/lib/dpif-netlink.c
index c554666acce0..28897153744b 100644
--- a/lib/dpif-netlink.c
+++ b/lib/dpif-netlink.c
@@ -698,7 +698,7 @@ get_vport_type(const struct dpif_netlink_vport *vport)
  return "ip6erspan";

  case OVS_VPORT_TYPE_IP6GRE:
-return "ip6gre";
+return "ip6gretap";

  case OVS_VPORT_TYPE_UNSPEC:
  case __OVS_VPORT_TYPE_MAX:
@@ -729,7 +729,7 @@ netdev_to_ovs_vport_type(const char *type)
  return OVS_VPORT_TYPE_ERSPAN;
  } else if (!strcmp(type, "ip6erspan")) {
  return OVS_VPORT_TYPE_IP6ERSPAN;
-} else if (!strcmp(type, "ip6gre")) {
+} else if (!strcmp(type, "ip6gretap")) {
  return OVS_VPORT_TYPE_IP6GRE;
  } else if (!strcmp(type, "gre")) {
  return OVS_VPORT_TYPE_GRE;
diff --git a/lib/netdev-vport.c b/lib/netdev-vport.c
index ab591667f447..da95f680d454 100644
--- a/lib/netdev-vport.c
+++ b/lib/netdev-vport.c
@@ -1216,10 +1216,10 @@ netdev_vport_tunnel_register(void)
},
{{NULL, NULL, 0, 0}}
  },
-{ "ip6gre_sys",
+{ "ip6gretap_sys",
{
TUNNEL_FUNCTIONS_COMMON,
-  .type = "ip6gre",
+  .type = "ip6gretap",
.build_header = netdev_gre_build_header,
.push_header = netdev_gre_push_header,
.pop_header = netdev_gre_pop_header
diff --git a/lib/tnl-ports.c b/lib/tnl-ports.c
index 17353046cc6e..2157d7de11ae 100644
--- a/lib/tnl-ports.c
+++ b/lib/tnl-ports.c
@@ -172,7 +172,7 @@ tnl_type_to_nw_proto(const char type[])
  return IPPROTO_TCP;
  }
  if (!strcmp(type, "gre") || !strcmp(type, "erspan") ||
-!strcmp(type, "ip6erspan") || !strcmp(type, "ip6gre")) {
+!strcmp(type, "ip6erspan") || !strcmp(type, "ip6gretap")) {
  return IPPROTO_GRE;
  }
  if (!strcmp(type, "vxlan")) {


This patch, as is, reports "ovs-vsctl: no row "type=ip6gretap" in table 
Interface"


Is there something I missed?

I had something that worked once but now it's always failing with that 
message.  Trying to figure out what it means.


- Greg
___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

Re: [ovs-discuss] GRE over IPv6 configuration

[Gregory Rose]

On 6/18/2019 11:28 AM, Gregory Rose wrote:



That's pretty much the same patch I've got and am testing right now.  
I think it's the right way to go.  Do you want to post

this to netdev or would you prefer me to do it?


Excuse me, I meant OVS dev, not NET dev...



Thanks,

- Greg


___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

Re: [ovs-discuss] GRE over IPv6 configuration

[Gregory Rose]

On 6/18/2019 10:11 AM, William Tu wrote:

On Tue, Jun 18, 2019 at 9:15 AM William Tu  wrote:

On Mon, Jun 17, 2019 at 10:46 PM Eli Britstein  wrote:


On 6/18/2019 1:22 AM, Gregory Rose wrote:

On 6/12/2019 2:20 AM, Eli Britstein wrote:

Could you please have a look (and even better try?) still need to
tidy up

https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Felibr-mellanox%2Flinux%2Ftree%2Fovs-ipv6-gredata=02%7C01%7Celibr%40mellanox.com%7C25425e700b58418b19fa08d6f37253ae%7Ca652971c7d2e4d9ba6a4d149256f461b%7C0%7C0%7C636964069686971905sdata=Ki55ZQGwQKNNDkB4PZ1zpk9aqC42TXbt5WT%2F86SDauo%3Dreserved=0




Hi Eli,

I finally managed to getting around and building your kernel.  At
least it does do away with the protocol error message but
I haven't gotten it working yet.  Stay tuned and I'll provide feedback.

Hi Greg,

I think William was right pointing out the comment from Pravin. I agree
with them that if we can avoid changing the kernel, and support it via
lib/dpif-netlink-rtnl.c, it is the way to go, and we should abandon the
kernel changes.

I haven't deep dived into it yet to see how ip6erspan works (at least no
creation error, didn't run traffic though) and ip6gre doesn't.


Hi Eli and Greg,

I've found the root cause using upstream kernel 5.2.
When adding an ip6gre device type, the
ovs_vport_cmd_new
   new_vport
 netdev_create
   ovs_netdev_link

and fails due to
 if (vport->dev->flags & IFF_LOOPBACK ||
 (vport->dev->type != ARPHRD_ETHER &&
  vport->dev->type != ARPHRD_NONE) ||
 ovs_is_internal_dev(vport->dev)) {
 err = -EINVAL;

Because ip6gre is ARPHRD_IP6GRE
Which means ip6gre never works using upstream kernel :(

If we use ip6gretap, then its type is ARPHRD_ETHER,
and the ip6gretap device can be created successfully.

And for ip6erspan, it's never been a issue because it is ARPHRD_ETHER.

And when using compat module, ip6gre works due to a coincident here:
at datapath/linux/compat/ip6_gre.c
static struct rtnl_link_ops ip6gre_link_ops __read_mostly = {
 .kind   = "ip6gre",
 .maxtype= RPL_IFLA_GRE_MAX,
   

static struct rtnl_link_ops ip6gre_tap_ops __read_mostly = {
 .kind   = "ip6gre",
 .maxtype= RPL_IFLA_GRE_MAX,
 .policy = ip6gre_policy,
 .priv_size  = sizeof(struct ip6_tnl),

We happen to use ip6gre_tap link ops in type "ip6gre"

Regards,
William


Furthermore, I think the following is missing, as there is no ip6gretap,
only ip6gre:


Hi Greg and Eli,

Should we add both ip6gre (L3) and ip6gretap (L2) support?
@Eli, which mode do you want to use?

I apply the patch below, and ip6gretap port can be created successfully
by doing using kernel 5.2 upstream ovs module:
# ovs-vsctl add-port br0 at_gre1 -- \
  set int at_gre1 type=ip6gretap options:remote_ip=fc00:100::1

but not the type=ip6gre

diff --git a/lib/dpif-netlink-rtnl.c b/lib/dpif-netlink-rtnl.c
index 2e23a8c14fcf..d666f239aeed 100644
--- a/lib/dpif-netlink-rtnl.c
+++ b/lib/dpif-netlink-rtnl.c
@@ -104,7 +104,7 @@ vport_type_to_kind(enum ovs_vport_type type,
  case OVS_VPORT_TYPE_IP6ERSPAN:
  return "ip6erspan";
  case OVS_VPORT_TYPE_IP6GRE:
-return "ip6gre";
+return "ip6gretap";
  case OVS_VPORT_TYPE_NETDEV:
  case OVS_VPORT_TYPE_INTERNAL:
  case OVS_VPORT_TYPE_LISP:
diff --git a/lib/dpif-netlink.c b/lib/dpif-netlink.c
index c554666acce0..28897153744b 100644
--- a/lib/dpif-netlink.c
+++ b/lib/dpif-netlink.c
@@ -698,7 +698,7 @@ get_vport_type(const struct dpif_netlink_vport *vport)
  return "ip6erspan";

  case OVS_VPORT_TYPE_IP6GRE:
-return "ip6gre";
+return "ip6gretap";

  case OVS_VPORT_TYPE_UNSPEC:
  case __OVS_VPORT_TYPE_MAX:
@@ -729,7 +729,7 @@ netdev_to_ovs_vport_type(const char *type)
  return OVS_VPORT_TYPE_ERSPAN;
  } else if (!strcmp(type, "ip6erspan")) {
  return OVS_VPORT_TYPE_IP6ERSPAN;
-} else if (!strcmp(type, "ip6gre")) {
+} else if (!strcmp(type, "ip6gretap")) {
  return OVS_VPORT_TYPE_IP6GRE;
  } else if (!strcmp(type, "gre")) {
  return OVS_VPORT_TYPE_GRE;
diff --git a/lib/netdev-vport.c b/lib/netdev-vport.c
index ab591667f447..da95f680d454 100644
--- a/lib/netdev-vport.c
+++ b/lib/netdev-vport.c
@@ -1216,10 +1216,10 @@ netdev_vport_tunnel_register(void)
},
{{NULL, NULL, 0, 0}}
  },
-{ "ip6gre_sys",
+{ "ip6gretap_sys",
{
TUNNEL_FUNCTIONS_COMMON,
-  .type = "ip6gre",
+  .type = "ip6gretap",
.build_header = netdev_gre_build_header,
.push_header = netdev_gre_push_header,
.pop_header = netdev_gre_pop_header
diff --git a/lib/tnl-ports.c b/lib/tnl-ports.c
index 17353046cc6e..2157d7de11ae 100644
--- a/lib/tnl-ports.c
+++ b/lib/tnl-ports.c
@@ -172,7 +172,7 @@ tnl_type_to_nw_proto(const char type[])
  return IPPROTO_TCP;
  }
   

Re: [ovs-discuss] GRE over IPv6 configuration

[Gregory Rose]

On 6/18/2019 9:15 AM, William Tu wrote:

On Mon, Jun 17, 2019 at 10:46 PM Eli Britstein  wrote:


On 6/18/2019 1:22 AM, Gregory Rose wrote:

On 6/12/2019 2:20 AM, Eli Britstein wrote:

Could you please have a look (and even better try?) still need to
tidy up

https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Felibr-mellanox%2Flinux%2Ftree%2Fovs-ipv6-gredata=02%7C01%7Celibr%40mellanox.com%7C25425e700b58418b19fa08d6f37253ae%7Ca652971c7d2e4d9ba6a4d149256f461b%7C0%7C0%7C636964069686971905sdata=Ki55ZQGwQKNNDkB4PZ1zpk9aqC42TXbt5WT%2F86SDauo%3Dreserved=0




Hi Eli,

I finally managed to getting around and building your kernel.  At
least it does do away with the protocol error message but
I haven't gotten it working yet.  Stay tuned and I'll provide feedback.

Hi Greg,

I think William was right pointing out the comment from Pravin. I agree
with them that if we can avoid changing the kernel, and support it via
lib/dpif-netlink-rtnl.c, it is the way to go, and we should abandon the
kernel changes.

I haven't deep dived into it yet to see how ip6erspan works (at least no
creation error, didn't run traffic though) and ip6gre doesn't.


Hi Eli and Greg,

I've found the root cause using upstream kernel 5.2.
When adding an ip6gre device type, the
ovs_vport_cmd_new
   new_vport
 netdev_create
   ovs_netdev_link

and fails due to
 if (vport->dev->flags & IFF_LOOPBACK ||
 (vport->dev->type != ARPHRD_ETHER &&
  vport->dev->type != ARPHRD_NONE) ||
 ovs_is_internal_dev(vport->dev)) {
 err = -EINVAL;


Open vswitch cannot deal with port types other than ARPHRD_ETHER and 
ARPHRD_NONE.  ARPHRD_IP6GRE is not

supported in the code anywhere.


Because ip6gre is ARPHRD_IP6GRE
Which means ip6gre never works using upstream kernel :(

If we use ip6gretap, then its type is ARPHRD_ETHER,
and the ip6gretap device can be created successfully.


Interesting...  The implementation in OVS is wrong then.


And for ip6erspan, it's never been a issue because it is ARPHRD_ETHER.

And when using compat module, ip6gre works due to a coincident here:
at datapath/linux/compat/ip6_gre.c
static struct rtnl_link_ops ip6gre_link_ops __read_mostly = {
 .kind   = "ip6gre",
 .maxtype= RPL_IFLA_GRE_MAX,
   

static struct rtnl_link_ops ip6gre_tap_ops __read_mostly = {
 .kind   = "ip6gre",
 .maxtype= RPL_IFLA_GRE_MAX,
 .policy = ip6gre_policy,
 .priv_size  = sizeof(struct ip6_tnl),

We happen to use ip6gre_tap link ops in type "ip6gre"


Oops.

I'm working on sorting this out... not sure which way but we need to 
close this gap between upstream and out of

tree.

- Greg

___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

Re: [ovs-discuss] GRE over IPv6 configuration

[William Tu]

On Tue, Jun 18, 2019 at 9:15 AM William Tu  wrote:
>
> On Mon, Jun 17, 2019 at 10:46 PM Eli Britstein  wrote:
> >
> >
> > On 6/18/2019 1:22 AM, Gregory Rose wrote:
> > >
> > > On 6/12/2019 2:20 AM, Eli Britstein wrote:
> > >> Could you please have a look (and even better try?) still need to
> > >> tidy up
> > >>
> > >> https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Felibr-mellanox%2Flinux%2Ftree%2Fovs-ipv6-gredata=02%7C01%7Celibr%40mellanox.com%7C25425e700b58418b19fa08d6f37253ae%7Ca652971c7d2e4d9ba6a4d149256f461b%7C0%7C0%7C636964069686971905sdata=Ki55ZQGwQKNNDkB4PZ1zpk9aqC42TXbt5WT%2F86SDauo%3Dreserved=0
> > >>
> > >>
> > >>
> > >
> > > Hi Eli,
> > >
> > > I finally managed to getting around and building your kernel.  At
> > > least it does do away with the protocol error message but
> > > I haven't gotten it working yet.  Stay tuned and I'll provide feedback.
> >
> > Hi Greg,
> >
> > I think William was right pointing out the comment from Pravin. I agree
> > with them that if we can avoid changing the kernel, and support it via
> > lib/dpif-netlink-rtnl.c, it is the way to go, and we should abandon the
> > kernel changes.
> >
> > I haven't deep dived into it yet to see how ip6erspan works (at least no
> > creation error, didn't run traffic though) and ip6gre doesn't.
> >
> Hi Eli and Greg,
>
> I've found the root cause using upstream kernel 5.2.
> When adding an ip6gre device type, the
> ovs_vport_cmd_new
>   new_vport
> netdev_create
>   ovs_netdev_link
>
> and fails due to
> if (vport->dev->flags & IFF_LOOPBACK ||
> (vport->dev->type != ARPHRD_ETHER &&
>  vport->dev->type != ARPHRD_NONE) ||
> ovs_is_internal_dev(vport->dev)) {
> err = -EINVAL;
>
> Because ip6gre is ARPHRD_IP6GRE
> Which means ip6gre never works using upstream kernel :(
>
> If we use ip6gretap, then its type is ARPHRD_ETHER,
> and the ip6gretap device can be created successfully.
>
> And for ip6erspan, it's never been a issue because it is ARPHRD_ETHER.
>
> And when using compat module, ip6gre works due to a coincident here:
> at datapath/linux/compat/ip6_gre.c
> static struct rtnl_link_ops ip6gre_link_ops __read_mostly = {
> .kind   = "ip6gre",
> .maxtype= RPL_IFLA_GRE_MAX,
>   
>
> static struct rtnl_link_ops ip6gre_tap_ops __read_mostly = {
> .kind   = "ip6gre",
> .maxtype= RPL_IFLA_GRE_MAX,
> .policy = ip6gre_policy,
> .priv_size  = sizeof(struct ip6_tnl),
>
> We happen to use ip6gre_tap link ops in type "ip6gre"
>
> Regards,
> William
>
> > Furthermore, I think the following is missing, as there is no ip6gretap,
> > only ip6gre:
> >

Hi Greg and Eli,

Should we add both ip6gre (L3) and ip6gretap (L2) support?
@Eli, which mode do you want to use?

I apply the patch below, and ip6gretap port can be created successfully
by doing using kernel 5.2 upstream ovs module:
# ovs-vsctl add-port br0 at_gre1 -- \
 set int at_gre1 type=ip6gretap options:remote_ip=fc00:100::1

but not the type=ip6gre

diff --git a/lib/dpif-netlink-rtnl.c b/lib/dpif-netlink-rtnl.c
index 2e23a8c14fcf..d666f239aeed 100644
--- a/lib/dpif-netlink-rtnl.c
+++ b/lib/dpif-netlink-rtnl.c
@@ -104,7 +104,7 @@ vport_type_to_kind(enum ovs_vport_type type,
 case OVS_VPORT_TYPE_IP6ERSPAN:
 return "ip6erspan";
 case OVS_VPORT_TYPE_IP6GRE:
-return "ip6gre";
+return "ip6gretap";
 case OVS_VPORT_TYPE_NETDEV:
 case OVS_VPORT_TYPE_INTERNAL:
 case OVS_VPORT_TYPE_LISP:
diff --git a/lib/dpif-netlink.c b/lib/dpif-netlink.c
index c554666acce0..28897153744b 100644
--- a/lib/dpif-netlink.c
+++ b/lib/dpif-netlink.c
@@ -698,7 +698,7 @@ get_vport_type(const struct dpif_netlink_vport *vport)
 return "ip6erspan";

 case OVS_VPORT_TYPE_IP6GRE:
-return "ip6gre";
+return "ip6gretap";

 case OVS_VPORT_TYPE_UNSPEC:
 case __OVS_VPORT_TYPE_MAX:
@@ -729,7 +729,7 @@ netdev_to_ovs_vport_type(const char *type)
 return OVS_VPORT_TYPE_ERSPAN;
 } else if (!strcmp(type, "ip6erspan")) {
 return OVS_VPORT_TYPE_IP6ERSPAN;
-} else if (!strcmp(type, "ip6gre")) {
+} else if (!strcmp(type, "ip6gretap")) {
 return OVS_VPORT_TYPE_IP6GRE;
 } else if (!strcmp(type, "gre")) {
 return OVS_VPORT_TYPE_GRE;
diff --git a/lib/netdev-vport.c b/lib/netdev-vport.c
index ab591667f447..da95f680d454 100644
--- a/lib/netdev-vport.c
+++ b/lib/netdev-vport.c
@@ -1216,10 +1216,10 @@ netdev_vport_tunnel_register(void)
   },
   {{NULL, NULL, 0, 0}}
 },
-{ "ip6gre_sys",
+{ "ip6gretap_sys",
   {
   TUNNEL_FUNCTIONS_COMMON,
-  .type = "ip6gre",
+  .type = "ip6gretap",
   .build_header = netdev_gre_build_header,
   .push_header = netdev_gre_push_header,
   .pop_header = netdev_gre_pop_header
diff --git a/lib/tnl-ports.c b/lib/tnl-ports.c
index 17353046cc6e..2157d7de11ae 100644
--- 

Re: [ovs-discuss] GRE over IPv6 configuration

[William Tu]

On Mon, Jun 17, 2019 at 10:46 PM Eli Britstein  wrote:
>
>
> On 6/18/2019 1:22 AM, Gregory Rose wrote:
> >
> > On 6/12/2019 2:20 AM, Eli Britstein wrote:
> >> Could you please have a look (and even better try?) still need to
> >> tidy up
> >>
> >> https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Felibr-mellanox%2Flinux%2Ftree%2Fovs-ipv6-gredata=02%7C01%7Celibr%40mellanox.com%7C25425e700b58418b19fa08d6f37253ae%7Ca652971c7d2e4d9ba6a4d149256f461b%7C0%7C0%7C636964069686971905sdata=Ki55ZQGwQKNNDkB4PZ1zpk9aqC42TXbt5WT%2F86SDauo%3Dreserved=0
> >>
> >>
> >>
> >
> > Hi Eli,
> >
> > I finally managed to getting around and building your kernel.  At
> > least it does do away with the protocol error message but
> > I haven't gotten it working yet.  Stay tuned and I'll provide feedback.
>
> Hi Greg,
>
> I think William was right pointing out the comment from Pravin. I agree
> with them that if we can avoid changing the kernel, and support it via
> lib/dpif-netlink-rtnl.c, it is the way to go, and we should abandon the
> kernel changes.
>
> I haven't deep dived into it yet to see how ip6erspan works (at least no
> creation error, didn't run traffic though) and ip6gre doesn't.
>
Hi Eli and Greg,

I've found the root cause using upstream kernel 5.2.
When adding an ip6gre device type, the
ovs_vport_cmd_new
  new_vport
netdev_create
  ovs_netdev_link

and fails due to
if (vport->dev->flags & IFF_LOOPBACK ||
(vport->dev->type != ARPHRD_ETHER &&
 vport->dev->type != ARPHRD_NONE) ||
ovs_is_internal_dev(vport->dev)) {
err = -EINVAL;

Because ip6gre is ARPHRD_IP6GRE
Which means ip6gre never works using upstream kernel :(

If we use ip6gretap, then its type is ARPHRD_ETHER,
and the ip6gretap device can be created successfully.

And for ip6erspan, it's never been a issue because it is ARPHRD_ETHER.

And when using compat module, ip6gre works due to a coincident here:
at datapath/linux/compat/ip6_gre.c
static struct rtnl_link_ops ip6gre_link_ops __read_mostly = {
.kind   = "ip6gre",
.maxtype= RPL_IFLA_GRE_MAX,
  

static struct rtnl_link_ops ip6gre_tap_ops __read_mostly = {
.kind   = "ip6gre",
.maxtype= RPL_IFLA_GRE_MAX,
.policy = ip6gre_policy,
.priv_size  = sizeof(struct ip6_tnl),

We happen to use ip6gre_tap link ops in type "ip6gre"

Regards,
William

> Furthermore, I think the following is missing, as there is no ip6gretap,
> only ip6gre:
>
> diff --git a/lib/dpif-netlink-rtnl.c b/lib/dpif-netlink-rtnl.c
> index 2e23a8c14..08084abb7 100644
> --- a/lib/dpif-netlink-rtnl.c
> +++ b/lib/dpif-netlink-rtnl.c
> @@ -104,7 +104,13 @@ vport_type_to_kind(enum ovs_vport_type type,
>   case OVS_VPORT_TYPE_IP6ERSPAN:
>   return "ip6erspan";
>   case OVS_VPORT_TYPE_IP6GRE:
> -return "ip6gre";
> +if (tnl_cfg->pt_mode == NETDEV_PT_LEGACY_L3) {
> +return "ip6gre";
> +} else if (tnl_cfg->pt_mode == NETDEV_PT_LEGACY_L2) {
> +return "ip6gretap";
> +} else {
> +return NULL;
> +}
>
> >
> > And thanks for realizing this gap in tunneling coverage for ip6 gre.
> > Slipped the cracks it did.
> Thank you for investing more of your time with it.
> >
> > - Greg
> >
> ___
> discuss mailing list
> disc...@openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

Re: [ovs-discuss] GRE over IPv6 configuration

[Eli Britstein]

On 6/18/2019 1:22 AM, Gregory Rose wrote:
>
> On 6/12/2019 2:20 AM, Eli Britstein wrote:
>> Could you please have a look (and even better try?) still need to 
>> tidy up
>>
>> https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Felibr-mellanox%2Flinux%2Ftree%2Fovs-ipv6-gredata=02%7C01%7Celibr%40mellanox.com%7C25425e700b58418b19fa08d6f37253ae%7Ca652971c7d2e4d9ba6a4d149256f461b%7C0%7C0%7C636964069686971905sdata=Ki55ZQGwQKNNDkB4PZ1zpk9aqC42TXbt5WT%2F86SDauo%3Dreserved=0
>>  
>>
>>
>>
>
> Hi Eli,
>
> I finally managed to getting around and building your kernel.  At 
> least it does do away with the protocol error message but
> I haven't gotten it working yet.  Stay tuned and I'll provide feedback.

Hi Greg,

I think William was right pointing out the comment from Pravin. I agree 
with them that if we can avoid changing the kernel, and support it via 
lib/dpif-netlink-rtnl.c, it is the way to go, and we should abandon the 
kernel changes.

I haven't deep dived into it yet to see how ip6erspan works (at least no 
creation error, didn't run traffic though) and ip6gre doesn't.

Furthermore, I think the following is missing, as there is no ip6gretap, 
only ip6gre:

diff --git a/lib/dpif-netlink-rtnl.c b/lib/dpif-netlink-rtnl.c
index 2e23a8c14..08084abb7 100644
--- a/lib/dpif-netlink-rtnl.c
+++ b/lib/dpif-netlink-rtnl.c
@@ -104,7 +104,13 @@ vport_type_to_kind(enum ovs_vport_type type,
  case OVS_VPORT_TYPE_IP6ERSPAN:
  return "ip6erspan";
  case OVS_VPORT_TYPE_IP6GRE:
-    return "ip6gre";
+    if (tnl_cfg->pt_mode == NETDEV_PT_LEGACY_L3) {
+    return "ip6gre";
+    } else if (tnl_cfg->pt_mode == NETDEV_PT_LEGACY_L2) {
+    return "ip6gretap";
+    } else {
+    return NULL;
+    }

>
> And thanks for realizing this gap in tunneling coverage for ip6 gre.  
> Slipped the cracks it did.
Thank you for investing more of your time with it.
>
> - Greg
>
___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

Re: [ovs-discuss] GRE over IPv6 configuration

[Gregory Rose]

On 6/12/2019 2:20 AM, Eli Britstein wrote:

Could you please have a look (and even better try?) still need to tidy up

https://github.com/elibr-mellanox/linux/tree/ovs-ipv6-gre




Hi Eli,

I finally managed to getting around and building your kernel.  At least 
it does do away with the protocol error message but

I haven't gotten it working yet.  Stay tuned and I'll provide feedback.

And thanks for realizing this gap in tunneling coverage for ip6 gre.  
Slipped the cracks it did.


- Greg

___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

Re: [ovs-discuss] GRE over IPv6 configuration

[William Tu]

> ip6gre is definitely not working in the upstream kernel.  I'm looking
> into it.  I think Eli has stumbled onto a gap between
> our out of tree drivers and the upstream drivers.
>
Thanks
I tested on kernel 5.1
ip6erspan (which depends on ip6gre) works ok
root@ovs-smartnic:~/ovs# ovs-vsctl add-port br0 p1 -- set int p1
type=ip6erspan options:remote_ip=fc00:100::1

but ip6gre does not work
root@ovs-smartnic:~/ovs# ovs-vsctl add-port br0 p2 -- set int p2
type=ip6gre options:remote_ip=fc00:100::1
ovs-vsctl: Error detected while setting up 'p2': could not add network
device p2 to ofproto (Address family not supported by protocol).  See
ovs-vswitchd log for details.
ovs-vsctl: The default log directory is "/usr/local/var/log/openvswitch".

William

> Thanks,
>
> - Greg
>
___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

Re: [ovs-discuss] GRE over IPv6 configuration

[Gregory Rose]

On 6/14/2019 11:06 AM, William Tu wrote:

On Thu, Jun 13, 2019 at 9:44 AM Gregory Rose  wrote:



On 6/12/2019 2:47 PM, Gregory Rose wrote:

On 6/12/2019 2:20 AM, Eli Britstein wrote:


I started to code a support for upstream kernel. With this, the OVS
port is created, as well as the netdev Linux device. I still don't
have traffic, but I'm not sure it is not something else.

Could you please have a look (and even better try?) still need to tidy up

https://github.com/elibr-mellanox/linux/tree/ovs-ipv6-gre



I'm going to copy William Tu on this.  He has worked on the upstream
drivers to enable ERSPAN, which runs over gre.

William,

Eli is trying to implement an ip6gre vport module for upstream.  You can
see his patches at the link above.  I've never

Hi Eli,

I think the vport type is for compatibility code.
see Pravin's feedback here
https://www.spinics.net/lists/netdev/msg458250.html
https://www.spinics.net/lists/netdev/msg458374.html

We should add new type type using dpif-netlink-rtnl.


thought about it before but it appears there is a gap between our out of
tree ip6gre support and the upstream.  Do
you expect ip6gre to work on the upsream OVS right now or is this truly
a gap?

I think for newer kernel, OVS can use the upstream's ip6gre module.
But I never tested after 4.20 kernel.


ip6gre is definitely not working in the upstream kernel.  I'm looking 
into it.  I think Eli has stumbled onto a gap between

our out of tree drivers and the upstream drivers.

Thanks,

- Greg

___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

Re: [ovs-discuss] GRE over IPv6 configuration

[Gregory Rose]

On 6/14/2019 10:55 AM, Ben Pfaff wrote:

On Wed, Jun 05, 2019 at 09:30:18AM -0700, Gregory Rose wrote:

On 6/4/2019 11:38 AM, Ben Pfaff wrote:

On Tue, Jun 04, 2019 at 06:08:00PM +, Eli Britstein wrote:

On 6/4/2019 8:24 PM, Ben Pfaff wrote:

On Tue, Jun 04, 2019 at 03:13:02PM +, Eli Britstein wrote:

Hello,

I would like to configure a GRE tunnel over IPv6, on a Linux system.
However, I encounter the following:

My command:
ovs-vsctl add-port br1 gre6 -- set interface gre6 type=ip6gre
options:remote_ip= 2001:db8:0:f102::11 options:key=55

Output:
ovs-vsctl: Error detected while setting up 'gre6': could not add network
device gre6 to ofproto (Address family not supported by protocol).  See
ovs-vswitchd log for details.
ovs-vsctl: The default log directory is "/var/log/openvswitch".

In the log:
bridge|WARN|could not add network device gre6 to ofproto (Address family
not supported by protocol)

I notice that if I want to define a ip6gretap with “ip link”, there is a
need to use “-6” option, to set the correct family.

Is there a way to note the correct family (though I think should be
implicit by “ip6gre”)? Or maybe some other configuration?

OVS doesn't have an "ip6gre" interface type.  Just use "gre".

I see it does in lib/netdev-vport.c, line 1222. Isn't that ip6gre?

Um, that's weird.  We don't document it.  I thought for sure that we
tried to make our "regular" tunnels just accept both IPv4 and IPv6
addresses.

Hmm, no documentation.  Uh, that's not good.  I'll check that.

Did you get a chance to take a look?  It would be good to improve the
documentation.


My apologies but no, not yet.  I have this task flagged and will get to 
it sooner rather than later.


Meanwhile, there seems to be a gap between out of tree OVS capabilities 
with ip6gre and what is upstream.  I can
document what our out of tree kernel drivers can do but will need to 
investigate further for what is going on with the

upstream ip6 gre.

Thanks,

- Greg
___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

Re: [ovs-discuss] GRE over IPv6 configuration

[William Tu]

On Thu, Jun 13, 2019 at 9:44 AM Gregory Rose  wrote:
>
>
>
> On 6/12/2019 2:47 PM, Gregory Rose wrote:
> >
> > On 6/12/2019 2:20 AM, Eli Britstein wrote:
> >>
> >>
> >> I started to code a support for upstream kernel. With this, the OVS
> >> port is created, as well as the netdev Linux device. I still don't
> >> have traffic, but I'm not sure it is not something else.
> >>
> >> Could you please have a look (and even better try?) still need to tidy up
> >>
> >> https://github.com/elibr-mellanox/linux/tree/ovs-ipv6-gre
> >>
> >>
> >
>
> I'm going to copy William Tu on this.  He has worked on the upstream
> drivers to enable ERSPAN, which runs over gre.
>
> William,
>
> Eli is trying to implement an ip6gre vport module for upstream.  You can
> see his patches at the link above.  I've never

Hi Eli,

I think the vport type is for compatibility code.
see Pravin's feedback here
https://www.spinics.net/lists/netdev/msg458250.html
https://www.spinics.net/lists/netdev/msg458374.html

We should add new type type using dpif-netlink-rtnl.

> thought about it before but it appears there is a gap between our out of
> tree ip6gre support and the upstream.  Do
> you expect ip6gre to work on the upsream OVS right now or is this truly
> a gap?

I think for newer kernel, OVS can use the upstream's ip6gre module.
But I never tested after 4.20 kernel.

Regards,
William
>
> Thanks,
>
> - Greg
___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

Re: [ovs-discuss] GRE over IPv6 configuration

[Ben Pfaff]

On Wed, Jun 05, 2019 at 09:30:18AM -0700, Gregory Rose wrote:
> 
> On 6/4/2019 11:38 AM, Ben Pfaff wrote:
> > On Tue, Jun 04, 2019 at 06:08:00PM +, Eli Britstein wrote:
> > > On 6/4/2019 8:24 PM, Ben Pfaff wrote:
> > > > On Tue, Jun 04, 2019 at 03:13:02PM +, Eli Britstein wrote:
> > > > > Hello,
> > > > > 
> > > > > I would like to configure a GRE tunnel over IPv6, on a Linux system.
> > > > > However, I encounter the following:
> > > > > 
> > > > > My command:
> > > > > ovs-vsctl add-port br1 gre6 -- set interface gre6 type=ip6gre
> > > > > options:remote_ip= 2001:db8:0:f102::11 options:key=55
> > > > > 
> > > > > Output:
> > > > > ovs-vsctl: Error detected while setting up 'gre6': could not add 
> > > > > network
> > > > > device gre6 to ofproto (Address family not supported by protocol).  
> > > > > See
> > > > > ovs-vswitchd log for details.
> > > > > ovs-vsctl: The default log directory is "/var/log/openvswitch".
> > > > > 
> > > > > In the log:
> > > > > bridge|WARN|could not add network device gre6 to ofproto (Address 
> > > > > family
> > > > > not supported by protocol)
> > > > > 
> > > > > I notice that if I want to define a ip6gretap with “ip link”, there 
> > > > > is a
> > > > > need to use “-6” option, to set the correct family.
> > > > > 
> > > > > Is there a way to note the correct family (though I think should be
> > > > > implicit by “ip6gre”)? Or maybe some other configuration?
> > > > OVS doesn't have an "ip6gre" interface type.  Just use "gre".
> > > I see it does in lib/netdev-vport.c, line 1222. Isn't that ip6gre?
> > Um, that's weird.  We don't document it.  I thought for sure that we
> > tried to make our "regular" tunnels just accept both IPv4 and IPv6
> > addresses.
> 
> Hmm, no documentation.  Uh, that's not good.  I'll check that.

Did you get a chance to take a look?  It would be good to improve the
documentation.
___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

Re: [ovs-discuss] GRE over IPv6 configuration

[Gregory Rose]

On 6/12/2019 2:47 PM, Gregory Rose wrote:


On 6/12/2019 2:20 AM, Eli Britstein wrote:



I started to code a support for upstream kernel. With this, the OVS 
port is created, as well as the netdev Linux device. I still don't 
have traffic, but I'm not sure it is not something else.


Could you please have a look (and even better try?) still need to tidy up

https://github.com/elibr-mellanox/linux/tree/ovs-ipv6-gre






I'm going to copy William Tu on this.  He has worked on the upstream 
drivers to enable ERSPAN, which runs over gre.


William,

Eli is trying to implement an ip6gre vport module for upstream.  You can 
see his patches at the link above.  I've never
thought about it before but it appears there is a gap between our out of 
tree ip6gre support and the upstream.  Do
you expect ip6gre to work on the upsream OVS right now or is this truly 
a gap?


Thanks,

- Greg
___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

Re: [ovs-discuss] GRE over IPv6 configuration

[Eli Britstein]

On 6/11/2019 8:04 PM, Gregory Rose wrote:


On 6/6/2019 2:25 PM, Eli Britstein wrote:

Thanks, I really appreciate it. However, though I see you find it to
work on Ubuntu 16.04 with kernel 4.4 (I will try it myself too), I think
we should think how to fix the upstream tunnels (in Linux kernel),
without the need to replace some integrated modules with ones from OVS
tree. This is what I'm not clear about - which ones and what/how to do
to fix it.



OVS has to replace some integrated modules in Linux because on older versions 
of Linux they do not
have the required level of feature support.  If you configure your build 
correctly it will do the right
things in most cases.  As I mentioned though sometimes some breakage can get 
into the builds because
we do not test on every single distro/kernel version.  Specifically, we do not 
do much testing on Fedora
Core at all since not many of our user base make use of that distro.  Generally 
we do some build testing
against a variety of upstream kernels.  You can see what is supported in the 
.travis.yml file.

I have downloaded, installed and built OVS for FC 24.  The build is broken... 
And more to the point I get this
warning:
/home/roseg/prj/ovs-experimental/_build/datapath/linux/ip_gre.c:1125:36: 
warning: ‘ipgre_netdev_ops’ defined but not used [-Wunused-const-variable=]
 static const struct net_device_ops ipgre_netdev_ops = {

Then there are some other depmod errors but they don't seem related.

Did you have any luck with a different distro?

Actually not.

I started to code a support for upstream kernel. With this, the OVS port is 
created, as well as the netdev Linux device. I still don't have traffic, but 
I'm not sure it is not something else.

Could you please have a look (and even better try?) still need to tidy up

https://github.com/elibr-mellanox/linux/tree/ovs-ipv6-gre


- Greg

___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

Re: [ovs-discuss] GRE over IPv6 configuration

[Gregory Rose]

On 6/6/2019 2:25 PM, Eli Britstein wrote:


Thanks, I really appreciate it. However, though I see you find it to
work on Ubuntu 16.04 with kernel 4.4 (I will try it myself too), I think
we should think how to fix the upstream tunnels (in Linux kernel),
without the need to replace some integrated modules with ones from OVS
tree. This is what I'm not clear about - which ones and what/how to do
to fix it.



OVS has to replace some integrated modules in Linux because on older 
versions of Linux they do not
have the required level of feature support.  If you configure your build 
correctly it will do the right
things in most cases.  As I mentioned though sometimes some breakage can 
get into the builds because
we do not test on every single distro/kernel version.  Specifically, we 
do not do much testing on Fedora
Core at all since not many of our user base make use of that distro.  
Generally we do some build testing
against a variety of upstream kernels.  You can see what is supported in 
the .travis.yml file.


I have downloaded, installed and built OVS for FC 24.  The build is 
broken... And more to the point I get this

warning:
/home/roseg/prj/ovs-experimental/_build/datapath/linux/ip_gre.c:1125:36: 
warning: ‘ipgre_netdev_ops’ defined but not used [-Wunused-const-variable=]

 static const struct net_device_ops ipgre_netdev_ops = {

Then there are some other depmod errors but they don't seem related.

Did you have any luck with a different distro?

- Greg

___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

Re: [ovs-discuss] GRE over IPv6 configuration

[Eli Britstein]

On 6/6/2019 7:33 PM, Gregory Rose wrote:
>
> On 6/5/2019 11:52 PM, Eli Britstein wrote:
>> On 6/5/2019 9:04 PM, Gregory Rose wrote:
>>>
>>> On 6/5/2019 10:31 AM, Eli Britstein wrote:
 On 6/5/2019 8:11 PM, Gregory Rose wrote:
> On 6/4/2019 8:13 AM, Eli Britstein wrote:
>> Hello,
>>
>> I would like to configure a GRE tunnel over IPv6, on a Linux system.
> Which Linux system?  Distro, kernel version, etc?
 Fedora 28.

 Kernel upstream, currently 5.2-rc2.

 My commands are the same as yours. I tried with local_ip and without,
 but it doesn't matter.

 I think the kernel doesn't have the OVS_VPORT_TYPE_IP6GRE supported. I
 saw it only in OVS tree, in datapath/linux/compat/ip6_gre.c, but I 
 don't
 know how to compile this one and install. I tried with --with-linux 
 and
 --with-linux-source, but it says it is supported only up to 4.20.x. I
 compiled against 4.16, but only the openvswitch.ko was compiled (and
 successfully loaded), but not ip6_gre.ko.

 Any ideas?
>>> Yes, I see the problem.  The out of tree driver support for ip6 gre
>>> ends at Linux kernel version
>>> 4.11.  After that the Linux kernel in-tree drivers would be used and
>>> apparently they're not working
>>> correctly for upstream kernel 4.16 or 5.2.  And as you can see, even
>>> for 4.16 the out of tree OVS kernel
>>> drivers would still try to use the built-in Linux kernel tunnels
>>> rather than our vport ip6gre tunnel.
>> Were is that decision taken? the only place I saw with KERNEL_VERSION is
>> this, but I don't think this is it.
>
> Check to see if USE_UPSTREAM_TUNNEL is defined in 
> ../datapath/linux/kcompat.h in your build directory.
> It's not really dependent on the exact kernel version but instead 
> checks some headers to see if the
> necessary tunneling features are present in the kernel the modules are 
> being built against.  You can
> see the directives in acinclude.m4.
Yes, I saw that. So, suppose I change it to force "no" for this flag. 
Will it work?
>
>>
>> datapath/linux/compat/include/net/netfilter/ipv6/nf_defrag_ipv6.h:15:#if
>> LINUX_VERSION_CODE < KERNEL_VERSION(4,11,0)
>>
>> Though I would really want it to work on upstream kernel, I gave it a
>> try, but it didn't work either:
>>
>> Installed Fedora 24, with kernel 4.5.5.
>>
>> # ovs-vsctl add-port br1 gre6 -- set interface gre6 type=ip6gre
>> options:key=55 options:remote_ip=2001:db8:0:f102::f0
>> ovs-vsctl: Error detected while setting up 'gre6': could not add network
>> device gre6 to ofproto (Address family not supported by protocol).  See
>> ovs-vswitchd log for details.
>> ovs-vsctl: The default log directory is "/var/log/openvswitch".
>> # uname -a
>> Linux dev-r-vrt-214-011.mtr.labs.mlnx 4.5.5-300.fc24.x86_64 #1 SMP Thu
>> May 19 13:05:32 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
>
> Really.  Well, that is odd.  Are you working from the master branch?  
> I don't have a 4.5 kernel handy
> but I can certainly check against the 4.4 kernel on Ubuntu 16. I'll go 
> see if something has broken.
>
>>
>>> So you are correct in that the 4.16 and 5.2 kernels do not have
>>> OVS_VPORT_TYPE_IP6GRE support.  You
>>> can use the user space OVS tunnels instead or you can create a native
>>> Linux ip6gre tunnel using the 'ip'
>>> command and then add that port to your OVS bridge.
>> I see. However, if I understand this correctly, the ip6gretap device I
>> create using "ip" is not "external" (collect metadata), and would not
>> behave as a ip6gre device for OVS.
>
> Right, you're correct about that.  There is a way to use a LWT using 
> bpf but it's a bit complicated.
>
>> I wanted to have that setup working in order to apply and test similar
>> commit as the below to IPv6 setup, to enable offloads.
>>
>> 5e63eaa969a3 netdev-vport: Make gre netdev type to use TC rules
>>
>> I still don't understand what should be integrated into the Linux kernel
>> tree, and how. Could you please advise?
>
> As I pointed out above the keyword would be USE_UPSTREAM_TUNNEL in the 
> build directory kcompat.h
> header.  I'm going to go try this out myself because it should be 
> working - or it was last time I checked.
> Things can get broken I suppose but I'll get back to you on my finding.

Thanks, I really appreciate it. However, though I see you find it to 
work on Ubuntu 16.04 with kernel 4.4 (I will try it myself too), I think 
we should think how to fix the upstream tunnels (in Linux kernel), 
without the need to replace some integrated modules with ones from OVS 
tree. This is what I'm not clear about - which ones and what/how to do 
to fix it.

>
> Thanks,
>
> - Greg
>
>>
>> Thanks, Eli
>>
>>> Thanks,
>>>
>>> - Greg
>>>
> Thanks,
>
> - Greg
>
>> However, I encounter the following:
>>
>> My command:
>> ovs-vsctl add-port br1 gre6 -- set interface gre6 type=ip6gre
>> options:remote_ip= 2001:db8:0:f102::11 options:key=55
>>
>> Output:
>> ovs-vsctl: 

Re: [ovs-discuss] GRE over IPv6 configuration

[Gregory Rose]

On 6/6/2019 9:33 AM, Gregory Rose wrote:


On 6/5/2019 11:52 PM, Eli Britstein wrote:

[snip]

# ovs-vsctl add-port br1 gre6 -- set interface gre6 type=ip6gre
options:key=55 options:remote_ip=2001:db8:0:f102::f0
ovs-vsctl: Error detected while setting up 'gre6': could not add network
device gre6 to ofproto (Address family not supported by protocol).  See
ovs-vswitchd log for details.
ovs-vsctl: The default log directory is "/var/log/openvswitch".
# uname -a
Linux dev-r-vrt-214-011.mtr.labs.mlnx 4.5.5-300.fc24.x86_64 #1 SMP Thu
May 19 13:05:32 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux


Really.  Well, that is odd.  Are you working from the master branch?  
I don't have a 4.5 kernel handy
but I can certainly check against the 4.4 kernel on Ubuntu 16. I'll go 
see if something has broken.




It seems to be working for me on Ubuntu 16.04 with the 4.4-116 kernel.

Machine A:
root@ubuntu-1604-base:~/ovs-test-scripts# uname -r
4.4.0-116-generic
root@ubuntu-1604-base:~/ovs-test-scripts# ovs-vsctl show
6be291a9-6bab-4fff-bda9-7f54335b4884
    Bridge "br0"
    Port "br0"
    Interface "br0"
    type: internal
    Port "ip6gre0"
    Interface "ip6gre0"
    type: "ip6gre"
    options: {key="100", remote_ip="f200::51"}
    ovs_version: "2.11.90"
root@ubuntu-1604-base:~/ovs-test-scripts# ip addr show br0
11: br0:  mtu 1500 qdisc noqueue state 
UNKNOWN group default qlen 1000

    link/ether 5e:ac:77:a7:f3:42 brd ff:ff:ff:ff:ff:ff
    inet 171.31.1.104/24 scope global br0
   valid_lft forever preferred_lft forever
    inet6 fe80::5cac:77ff:fea7:f342/64 scope link
   valid_lft forever preferred_lft forever

Machine B:
root@ubuntu-1604-base:~/ovs-test-scripts# uname -r
4.4.0-116-generic
root@ubuntu-1604-base:~/ovs-test-scripts# ovs-vsctl show
7f315b12-4cfb-45c8-a5b7-9359f92aa556
    Bridge "br0"
    Port "br0"
    Interface "br0"
    type: internal
    Port "ip6gre0"
    Interface "ip6gre0"
    type: "ip6gre"
    options: {key="100", remote_ip="f200::104"}
    ovs_version: "2.11.90"
root@ubuntu-1604-base:~/ovs-test-scripts# ip addr show br0
10: br0:  mtu 1500 qdisc noqueue state 
UNKNOWN group default qlen 1000

    link/ether ea:95:df:78:37:4f brd ff:ff:ff:ff:ff:ff
    inet 171.31.1.51/24 scope global br0
   valid_lft forever preferred_lft forever
    inet6 fe80::e895:dfff:fe78:374f/64 scope link
   valid_lft forever preferred_lft forever


Machine A can ping Machine B over the ip6gre tunnel:
root@ubuntu-1604-base:~/ovs-test-scripts# ping 171.31.1.51
PING 171.31.1.51 (171.31.1.51) 56(84) bytes of data.
64 bytes from 171.31.1.51: icmp_seq=1 ttl=64 time=3.23 ms
64 bytes from 171.31.1.51: icmp_seq=2 ttl=64 time=0.379 ms
64 bytes from 171.31.1.51: icmp_seq=3 ttl=64 time=0.459 ms
64 bytes from 171.31.1.51: icmp_seq=4 ttl=64 time=0.337 ms
64 bytes from 171.31.1.51: icmp_seq=5 ttl=64 time=0.314 ms

So at least for Ubuntu 16.04 with the generic 4.4-116 kernel things are 
working.  Let me download and install

Fedora 24 and try that.

- Greg

___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

Re: [ovs-discuss] GRE over IPv6 configuration

[Gregory Rose]

On 6/5/2019 11:52 PM, Eli Britstein wrote:

On 6/5/2019 9:04 PM, Gregory Rose wrote:


On 6/5/2019 10:31 AM, Eli Britstein wrote:

On 6/5/2019 8:11 PM, Gregory Rose wrote:

On 6/4/2019 8:13 AM, Eli Britstein wrote:

Hello,

I would like to configure a GRE tunnel over IPv6, on a Linux system.

Which Linux system?  Distro, kernel version, etc?

Fedora 28.

Kernel upstream, currently 5.2-rc2.

My commands are the same as yours. I tried with local_ip and without,
but it doesn't matter.

I think the kernel doesn't have the OVS_VPORT_TYPE_IP6GRE supported. I
saw it only in OVS tree, in datapath/linux/compat/ip6_gre.c, but I don't
know how to compile this one and install. I tried with --with-linux and
--with-linux-source, but it says it is supported only up to 4.20.x. I
compiled against 4.16, but only the openvswitch.ko was compiled (and
successfully loaded), but not ip6_gre.ko.

Any ideas?

Yes, I see the problem.  The out of tree driver support for ip6 gre
ends at Linux kernel version
4.11.  After that the Linux kernel in-tree drivers would be used and
apparently they're not working
correctly for upstream kernel 4.16 or 5.2.  And as you can see, even
for 4.16 the out of tree OVS kernel
drivers would still try to use the built-in Linux kernel tunnels
rather than our vport ip6gre tunnel.

Were is that decision taken? the only place I saw with KERNEL_VERSION is
this, but I don't think this is it.


Check to see if USE_UPSTREAM_TUNNEL is defined in 
../datapath/linux/kcompat.h in your build directory.
It's not really dependent on the exact kernel version but instead checks 
some headers to see if the
necessary tunneling features are present in the kernel the modules are 
being built against.  You can

see the directives in acinclude.m4.



datapath/linux/compat/include/net/netfilter/ipv6/nf_defrag_ipv6.h:15:#if
LINUX_VERSION_CODE < KERNEL_VERSION(4,11,0)

Though I would really want it to work on upstream kernel, I gave it a
try, but it didn't work either:

Installed Fedora 24, with kernel 4.5.5.

# ovs-vsctl add-port br1 gre6 -- set interface gre6 type=ip6gre
options:key=55 options:remote_ip=2001:db8:0:f102::f0
ovs-vsctl: Error detected while setting up 'gre6': could not add network
device gre6 to ofproto (Address family not supported by protocol).  See
ovs-vswitchd log for details.
ovs-vsctl: The default log directory is "/var/log/openvswitch".
# uname -a
Linux dev-r-vrt-214-011.mtr.labs.mlnx 4.5.5-300.fc24.x86_64 #1 SMP Thu
May 19 13:05:32 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux


Really.  Well, that is odd.  Are you working from the master branch?  I 
don't have a 4.5 kernel handy
but I can certainly check against the 4.4 kernel on Ubuntu 16.  I'll go 
see if something has broken.





So you are correct in that the 4.16 and 5.2 kernels do not have
OVS_VPORT_TYPE_IP6GRE support.  You
can use the user space OVS tunnels instead or you can create a native
Linux ip6gre tunnel using the 'ip'
command and then add that port to your OVS bridge.

I see. However, if I understand this correctly, the ip6gretap device I
create using "ip" is not "external" (collect metadata), and would not
behave as a ip6gre device for OVS.


Right, you're correct about that.  There is a way to use a LWT using bpf 
but it's a bit complicated.



I wanted to have that setup working in order to apply and test similar
commit as the below to IPv6 setup, to enable offloads.

5e63eaa969a3 netdev-vport: Make gre netdev type to use TC rules

I still don't understand what should be integrated into the Linux kernel
tree, and how. Could you please advise?


As I pointed out above the keyword would be USE_UPSTREAM_TUNNEL in the 
build directory kcompat.h
header.  I'm going to go try this out myself because it should be 
working - or it was last time I checked.

Things can get broken I suppose but I'll get back to you on my finding.

Thanks,

- Greg



Thanks, Eli


Thanks,

- Greg


Thanks,

- Greg


However, I encounter the following:

My command:
ovs-vsctl add-port br1 gre6 -- set interface gre6 type=ip6gre
options:remote_ip= 2001:db8:0:f102::11 options:key=55

Output:
ovs-vsctl: Error detected while setting up 'gre6': could not add
network
device gre6 to ofproto (Address family not supported by protocol).
See
ovs-vswitchd log for details.
ovs-vsctl: The default log directory is "/var/log/openvswitch".

In the log:
bridge|WARN|could not add network device gre6 to ofproto (Address
family
not supported by protocol)

I notice that if I want to define a ip6gretap with “ip link”, there
is a
need to use “-6” option, to set the correct family.

Is there a way to note the correct family (though I think should be
implicit by “ip6gre”)? Or maybe some other configuration?

Thanks,
Eli

___
discuss mailing list
disc...@openvswitch.org

Re: [ovs-discuss] GRE over IPv6 configuration

[Eli Britstein]

On 6/5/2019 9:04 PM, Gregory Rose wrote:
>
>
> On 6/5/2019 10:31 AM, Eli Britstein wrote:
>> On 6/5/2019 8:11 PM, Gregory Rose wrote:
>>>
>>> On 6/4/2019 8:13 AM, Eli Britstein wrote:
 Hello,

 I would like to configure a GRE tunnel over IPv6, on a Linux system.
>>> Which Linux system?  Distro, kernel version, etc?
>> Fedora 28.
>>
>> Kernel upstream, currently 5.2-rc2.
>>
>> My commands are the same as yours. I tried with local_ip and without,
>> but it doesn't matter.
>>
>> I think the kernel doesn't have the OVS_VPORT_TYPE_IP6GRE supported. I
>> saw it only in OVS tree, in datapath/linux/compat/ip6_gre.c, but I don't
>> know how to compile this one and install. I tried with --with-linux and
>> --with-linux-source, but it says it is supported only up to 4.20.x. I
>> compiled against 4.16, but only the openvswitch.ko was compiled (and
>> successfully loaded), but not ip6_gre.ko.
>>
>> Any ideas?
>
> Yes, I see the problem.  The out of tree driver support for ip6 gre 
> ends at Linux kernel version
> 4.11.  After that the Linux kernel in-tree drivers would be used and 
> apparently they're not working
> correctly for upstream kernel 4.16 or 5.2.  And as you can see, even 
> for 4.16 the out of tree OVS kernel
> drivers would still try to use the built-in Linux kernel tunnels 
> rather than our vport ip6gre tunnel.

Were is that decision taken? the only place I saw with KERNEL_VERSION is 
this, but I don't think this is it.

datapath/linux/compat/include/net/netfilter/ipv6/nf_defrag_ipv6.h:15:#if 
LINUX_VERSION_CODE < KERNEL_VERSION(4,11,0)

Though I would really want it to work on upstream kernel, I gave it a 
try, but it didn't work either:

Installed Fedora 24, with kernel 4.5.5.

# ovs-vsctl add-port br1 gre6 -- set interface gre6 type=ip6gre 
options:key=55 options:remote_ip=2001:db8:0:f102::f0
ovs-vsctl: Error detected while setting up 'gre6': could not add network 
device gre6 to ofproto (Address family not supported by protocol).  See 
ovs-vswitchd log for details.
ovs-vsctl: The default log directory is "/var/log/openvswitch".
# uname -a
Linux dev-r-vrt-214-011.mtr.labs.mlnx 4.5.5-300.fc24.x86_64 #1 SMP Thu 
May 19 13:05:32 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux

>
> So you are correct in that the 4.16 and 5.2 kernels do not have 
> OVS_VPORT_TYPE_IP6GRE support.  You
> can use the user space OVS tunnels instead or you can create a native 
> Linux ip6gre tunnel using the 'ip'
> command and then add that port to your OVS bridge.

I see. However, if I understand this correctly, the ip6gretap device I 
create using "ip" is not "external" (collect metadata), and would not 
behave as a ip6gre device for OVS.

I wanted to have that setup working in order to apply and test similar 
commit as the below to IPv6 setup, to enable offloads.

5e63eaa969a3 netdev-vport: Make gre netdev type to use TC rules

I still don't understand what should be integrated into the Linux kernel 
tree, and how. Could you please advise?

Thanks, Eli

>
> Thanks,
>
> - Greg
>
>>
>>> Thanks,
>>>
>>> - Greg
>>>
 However, I encounter the following:

 My command:
 ovs-vsctl add-port br1 gre6 -- set interface gre6 type=ip6gre
 options:remote_ip= 2001:db8:0:f102::11 options:key=55

 Output:
 ovs-vsctl: Error detected while setting up 'gre6': could not add 
 network
 device gre6 to ofproto (Address family not supported by protocol).  
 See
 ovs-vswitchd log for details.
 ovs-vsctl: The default log directory is "/var/log/openvswitch".

 In the log:
 bridge|WARN|could not add network device gre6 to ofproto (Address 
 family
 not supported by protocol)

 I notice that if I want to define a ip6gretap with “ip link”, there 
 is a
 need to use “-6” option, to set the correct family.

 Is there a way to note the correct family (though I think should be
 implicit by “ip6gre”)? Or maybe some other configuration?

 Thanks,
 Eli

 ___
 discuss mailing list
 disc...@openvswitch.org
 https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmail.openvswitch.org%2Fmailman%2Flistinfo%2Fovs-discussdata=02%7C01%7Celibr%40mellanox.com%7C8b78909daa4243c57fa608d6e9e04624%7Ca652971c7d2e4d9ba6a4d149256f461b%7C0%7C0%7C636953546792070660sdata=gIl3a4JFXoIvLjZ1MQPn4irIgQHYoGvcaVrYXxxYl2E%3Dreserved=0
  


>
___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

Re: [ovs-discuss] GRE over IPv6 configuration

[Gregory Rose]

On 6/5/2019 10:31 AM, Eli Britstein wrote:

On 6/5/2019 8:11 PM, Gregory Rose wrote:


On 6/4/2019 8:13 AM, Eli Britstein wrote:

Hello,

I would like to configure a GRE tunnel over IPv6, on a Linux system.

Which Linux system?  Distro, kernel version, etc?

Fedora 28.

Kernel upstream, currently 5.2-rc2.

My commands are the same as yours. I tried with local_ip and without,
but it doesn't matter.

I think the kernel doesn't have the OVS_VPORT_TYPE_IP6GRE supported. I
saw it only in OVS tree, in datapath/linux/compat/ip6_gre.c, but I don't
know how to compile this one and install. I tried with --with-linux and
--with-linux-source, but it says it is supported only up to 4.20.x. I
compiled against 4.16, but only the openvswitch.ko was compiled (and
successfully loaded), but not ip6_gre.ko.

Any ideas?


Yes, I see the problem.  The out of tree driver support for ip6 gre ends 
at Linux kernel version
4.11.  After that the Linux kernel in-tree drivers would be used and 
apparently they're not working
correctly for upstream kernel 4.16 or 5.2.  And as you can see, even for 
4.16 the out of tree OVS kernel
drivers would still try to use the built-in Linux kernel tunnels rather 
than our vport ip6gre tunnel.


So you are correct in that the 4.16 and 5.2 kernels do not have 
OVS_VPORT_TYPE_IP6GRE support.  You
can use the user space OVS tunnels instead or you can create a native 
Linux ip6gre tunnel using the 'ip'

command and then add that port to your OVS bridge.

Thanks,

- Greg




Thanks,

- Greg


However, I encounter the following:

My command:
ovs-vsctl add-port br1 gre6 -- set interface gre6 type=ip6gre
options:remote_ip= 2001:db8:0:f102::11 options:key=55

Output:
ovs-vsctl: Error detected while setting up 'gre6': could not add network
device gre6 to ofproto (Address family not supported by protocol).  See
ovs-vswitchd log for details.
ovs-vsctl: The default log directory is "/var/log/openvswitch".

In the log:
bridge|WARN|could not add network device gre6 to ofproto (Address family
not supported by protocol)

I notice that if I want to define a ip6gretap with “ip link”, there is a
need to use “-6” option, to set the correct family.

Is there a way to note the correct family (though I think should be
implicit by “ip6gre”)? Or maybe some other configuration?

Thanks,
Eli

___
discuss mailing list
disc...@openvswitch.org
https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmail.openvswitch.org%2Fmailman%2Flistinfo%2Fovs-discussdata=02%7C01%7Celibr%40mellanox.com%7Cb6a6b3f9be444d719c4008d6e9d8e2a1%7Ca652971c7d2e4d9ba6a4d149256f461b%7C0%7C0%7C636953515062749854sdata=FxAQsDBlXP8pgOJLbZQ0nGLDNkcICHnAnhelgaTzlNc%3Dreserved=0



___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

Re: [ovs-discuss] GRE over IPv6 configuration

[Eli Britstein]

On 6/5/2019 8:11 PM, Gregory Rose wrote:
>
>
> On 6/4/2019 8:13 AM, Eli Britstein wrote:
>> Hello,
>>
>> I would like to configure a GRE tunnel over IPv6, on a Linux system.
>
> Which Linux system?  Distro, kernel version, etc?

Fedora 28.

Kernel upstream, currently 5.2-rc2.

My commands are the same as yours. I tried with local_ip and without, 
but it doesn't matter.

I think the kernel doesn't have the OVS_VPORT_TYPE_IP6GRE supported. I 
saw it only in OVS tree, in datapath/linux/compat/ip6_gre.c, but I don't 
know how to compile this one and install. I tried with --with-linux and 
--with-linux-source, but it says it is supported only up to 4.20.x. I 
compiled against 4.16, but only the openvswitch.ko was compiled (and 
successfully loaded), but not ip6_gre.ko.

Any ideas?

>
> Thanks,
>
> - Greg
>
>> However, I encounter the following:
>>
>> My command:
>> ovs-vsctl add-port br1 gre6 -- set interface gre6 type=ip6gre
>> options:remote_ip= 2001:db8:0:f102::11 options:key=55
>>
>> Output:
>> ovs-vsctl: Error detected while setting up 'gre6': could not add network
>> device gre6 to ofproto (Address family not supported by protocol).  See
>> ovs-vswitchd log for details.
>> ovs-vsctl: The default log directory is "/var/log/openvswitch".
>>
>> In the log:
>> bridge|WARN|could not add network device gre6 to ofproto (Address family
>> not supported by protocol)
>>
>> I notice that if I want to define a ip6gretap with “ip link”, there is a
>> need to use “-6” option, to set the correct family.
>>
>> Is there a way to note the correct family (though I think should be
>> implicit by “ip6gre”)? Or maybe some other configuration?
>>
>> Thanks,
>> Eli
>>
>> ___
>> discuss mailing list
>> disc...@openvswitch.org
>> https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmail.openvswitch.org%2Fmailman%2Flistinfo%2Fovs-discussdata=02%7C01%7Celibr%40mellanox.com%7Cb6a6b3f9be444d719c4008d6e9d8e2a1%7Ca652971c7d2e4d9ba6a4d149256f461b%7C0%7C0%7C636953515062749854sdata=FxAQsDBlXP8pgOJLbZQ0nGLDNkcICHnAnhelgaTzlNc%3Dreserved=0
>>  
>>
>
___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

Re: [ovs-discuss] GRE over IPv6 configuration

[Gregory Rose]

On 6/4/2019 8:13 AM, Eli Britstein wrote:

Hello,

I would like to configure a GRE tunnel over IPv6, on a Linux system.


Which Linux system?  Distro, kernel version, etc?

Thanks,

- Greg


However, I encounter the following:

My command:
ovs-vsctl add-port br1 gre6 -- set interface gre6 type=ip6gre
options:remote_ip= 2001:db8:0:f102::11 options:key=55

Output:
ovs-vsctl: Error detected while setting up 'gre6': could not add network
device gre6 to ofproto (Address family not supported by protocol).  See
ovs-vswitchd log for details.
ovs-vsctl: The default log directory is "/var/log/openvswitch".

In the log:
bridge|WARN|could not add network device gre6 to ofproto (Address family
not supported by protocol)

I notice that if I want to define a ip6gretap with “ip link”, there is a
need to use “-6” option, to set the correct family.

Is there a way to note the correct family (though I think should be
implicit by “ip6gre”)? Or maybe some other configuration?

Thanks,
Eli

___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss


___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

Re: [ovs-discuss] GRE over IPv6 configuration

[Gregory Rose]

On 6/4/2019 11:38 AM, Ben Pfaff wrote:

On Tue, Jun 04, 2019 at 06:08:00PM +, Eli Britstein wrote:

On 6/4/2019 8:24 PM, Ben Pfaff wrote:

On Tue, Jun 04, 2019 at 03:13:02PM +, Eli Britstein wrote:

Hello,

I would like to configure a GRE tunnel over IPv6, on a Linux system.
However, I encounter the following:

My command:
ovs-vsctl add-port br1 gre6 -- set interface gre6 type=ip6gre
options:remote_ip= 2001:db8:0:f102::11 options:key=55

Output:
ovs-vsctl: Error detected while setting up 'gre6': could not add network
device gre6 to ofproto (Address family not supported by protocol).  See
ovs-vswitchd log for details.
ovs-vsctl: The default log directory is "/var/log/openvswitch".

In the log:
bridge|WARN|could not add network device gre6 to ofproto (Address family
not supported by protocol)

I notice that if I want to define a ip6gretap with “ip link”, there is a
need to use “-6” option, to set the correct family.

Is there a way to note the correct family (though I think should be
implicit by “ip6gre”)? Or maybe some other configuration?

OVS doesn't have an "ip6gre" interface type.  Just use "gre".

I see it does in lib/netdev-vport.c, line 1222. Isn't that ip6gre?

Um, that's weird.  We don't document it.  I thought for sure that we
tried to make our "regular" tunnels just accept both IPv4 and IPv6
addresses.


Hmm, no documentation.  Uh, that's not good.  I'll check that.


Greg, I see that you're the author of ip6gre (and ip6erspan).  Can you
comment on the intentions?  If ip6gre is indeed the right way to
configure a GRE-over-IPv6 tunnel, then we should document it.  I guess
the same goes for ip6erspan since I don't see any documentation for that
either.


There is an ip6gre tunnel type.  Here is a script I use for it:

if [ "$#" -ne 3 ]; then
    echo "Usage: add-ip6gre   "
    exit 1
fi
ovs-vsctl add-port br0 $1 -- set interface $1 type=ip6gre \
    options:remote_ip=$2 options:key=$3


Also, can you take a look at Eli's report below and perhaps give him
some tips?


Yes, I note that he is using the "local_ip" option - that can cause 
issues some times depending on how

routing is set up.




Anyway, indeed trying with just "gre" the configuration passes OK.
However, I don't see any traffic on the other machine.

      Port "gre6"
      Interface "gre6"
      type: gre
      options: {key="55", local_ip="2001:db8:0:f102::f0",
remote_ip="2001:db8:0:f102::f1"}

$ ping 2001:db8:0:f102::f1
PING 2001:db8:0:f102::f1(2001:db8:0:f102::f1) 56 data bytes
64 bytes from 2001:db8:0:f102::f1: icmp_seq=1 ttl=64 time=0.440 ms
64 bytes from 2001:db8:0:f102::f1: icmp_seq=2 ttl=64 time=0.072 ms

I even configured an explicit OF rule to redirect to the gre6 port. I
see it is hit, but still no traffic.

Do I have to configure explicit routes or something of that kind?


Eli,

yes, you need to make sure routing is configured correctly for use of 
the local_ip option.  Unless you have
some specific need for it I wouldn't use it.  See my script above for 
creating an ip6gre tunnel.  If you still have

problems then we can investigate further.

Thanks,

- Greg
___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

Re: [ovs-discuss] GRE over IPv6 configuration

[Eli Britstein]

On 6/4/2019 9:38 PM, Ben Pfaff wrote:
> On Tue, Jun 04, 2019 at 06:08:00PM +, Eli Britstein wrote:
>> On 6/4/2019 8:24 PM, Ben Pfaff wrote:
>>> On Tue, Jun 04, 2019 at 03:13:02PM +, Eli Britstein wrote:
 Hello,

 I would like to configure a GRE tunnel over IPv6, on a Linux system.
 However, I encounter the following:

 My command:
 ovs-vsctl add-port br1 gre6 -- set interface gre6 type=ip6gre
 options:remote_ip= 2001:db8:0:f102::11 options:key=55

 Output:
 ovs-vsctl: Error detected while setting up 'gre6': could not add network
 device gre6 to ofproto (Address family not supported by protocol).  See
 ovs-vswitchd log for details.
 ovs-vsctl: The default log directory is "/var/log/openvswitch".

 In the log:
 bridge|WARN|could not add network device gre6 to ofproto (Address family
 not supported by protocol)

 I notice that if I want to define a ip6gretap with “ip link”, there is a
 need to use “-6” option, to set the correct family.

 Is there a way to note the correct family (though I think should be
 implicit by “ip6gre”)? Or maybe some other configuration?
>>> OVS doesn't have an "ip6gre" interface type.  Just use "gre".
>> I see it does in lib/netdev-vport.c, line 1222. Isn't that ip6gre?
> Um, that's weird.  We don't document it.  I thought for sure that we
> tried to make our "regular" tunnels just accept both IPv4 and IPv6
> addresses.
>
> Greg, I see that you're the author of ip6gre (and ip6erspan).  Can you
> comment on the intentions?  If ip6gre is indeed the right way to
> configure a GRE-over-IPv6 tunnel, then we should document it.  I guess
> the same goes for ip6erspan since I don't see any documentation for that
> either.
>
> Also, can you take a look at Eli's report below and perhaps give him
> some tips?

I think it should be ip6gre, as the kernel should have a ip6gretap 
netdev (and not gretap).

I tracked down to see the failure. I use the openvswitch kernel module 
from the kernel in which OVS_VPORT_TYPE_IP6GRE does not exist (upstream 
kernel 5.2-rc2).

When the kernel gets the request, it is not found with ovs_vport_lookup, 
called from ovs_vport_add in file net/openvswitch/vport.c.

I see that the registration of OVS_VPORT_TYPE_IP6GRE is only in 
datapath/linux/compat/ip6_gre.c, but not in upstream kernel, though 
according to "Documentation/faq/releases.rst", it should be supported as 
of 4.18.

Could it be that IP6GRE support was never pushed to OVS kernel module? 
(and maybe others as well?)

>
>> Anyway, indeed trying with just "gre" the configuration passes OK.
>> However, I don't see any traffic on the other machine.
>>
>>       Port "gre6"
>>       Interface "gre6"
>>       type: gre
>>       options: {key="55", local_ip="2001:db8:0:f102::f0",
>> remote_ip="2001:db8:0:f102::f1"}
>>
>> $ ping 2001:db8:0:f102::f1
>> PING 2001:db8:0:f102::f1(2001:db8:0:f102::f1) 56 data bytes
>> 64 bytes from 2001:db8:0:f102::f1: icmp_seq=1 ttl=64 time=0.440 ms
>> 64 bytes from 2001:db8:0:f102::f1: icmp_seq=2 ttl=64 time=0.072 ms
>>
>> I even configured an explicit OF rule to redirect to the gre6 port. I
>> see it is hit, but still no traffic.
>>
>> Do I have to configure explicit routes or something of that kind?
>>
___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

Re: [ovs-discuss] GRE over IPv6 configuration

[Ben Pfaff]

On Tue, Jun 04, 2019 at 06:08:00PM +, Eli Britstein wrote:
> 
> On 6/4/2019 8:24 PM, Ben Pfaff wrote:
> > On Tue, Jun 04, 2019 at 03:13:02PM +, Eli Britstein wrote:
> >> Hello,
> >>
> >> I would like to configure a GRE tunnel over IPv6, on a Linux system.
> >> However, I encounter the following:
> >>
> >> My command:
> >> ovs-vsctl add-port br1 gre6 -- set interface gre6 type=ip6gre
> >> options:remote_ip= 2001:db8:0:f102::11 options:key=55
> >>
> >> Output:
> >> ovs-vsctl: Error detected while setting up 'gre6': could not add network
> >> device gre6 to ofproto (Address family not supported by protocol).  See
> >> ovs-vswitchd log for details.
> >> ovs-vsctl: The default log directory is "/var/log/openvswitch".
> >>
> >> In the log:
> >> bridge|WARN|could not add network device gre6 to ofproto (Address family
> >> not supported by protocol)
> >>
> >> I notice that if I want to define a ip6gretap with “ip link”, there is a
> >> need to use “-6” option, to set the correct family.
> >>
> >> Is there a way to note the correct family (though I think should be
> >> implicit by “ip6gre”)? Or maybe some other configuration?
> > OVS doesn't have an "ip6gre" interface type.  Just use "gre".
> 
> I see it does in lib/netdev-vport.c, line 1222. Isn't that ip6gre?

Um, that's weird.  We don't document it.  I thought for sure that we
tried to make our "regular" tunnels just accept both IPv4 and IPv6
addresses.

Greg, I see that you're the author of ip6gre (and ip6erspan).  Can you
comment on the intentions?  If ip6gre is indeed the right way to
configure a GRE-over-IPv6 tunnel, then we should document it.  I guess
the same goes for ip6erspan since I don't see any documentation for that
either.

Also, can you take a look at Eli's report below and perhaps give him
some tips?

> Anyway, indeed trying with just "gre" the configuration passes OK. 
> However, I don't see any traffic on the other machine.
> 
>      Port "gre6"
>      Interface "gre6"
>      type: gre
>      options: {key="55", local_ip="2001:db8:0:f102::f0", 
> remote_ip="2001:db8:0:f102::f1"}
> 
> $ ping 2001:db8:0:f102::f1
> PING 2001:db8:0:f102::f1(2001:db8:0:f102::f1) 56 data bytes
> 64 bytes from 2001:db8:0:f102::f1: icmp_seq=1 ttl=64 time=0.440 ms
> 64 bytes from 2001:db8:0:f102::f1: icmp_seq=2 ttl=64 time=0.072 ms
> 
> I even configured an explicit OF rule to redirect to the gre6 port. I 
> see it is hit, but still no traffic.
> 
> Do I have to configure explicit routes or something of that kind?
> 
___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

Re: [ovs-discuss] GRE over IPv6 configuration

[Eli Britstein]

On 6/4/2019 8:24 PM, Ben Pfaff wrote:
> On Tue, Jun 04, 2019 at 03:13:02PM +, Eli Britstein wrote:
>> Hello,
>>
>> I would like to configure a GRE tunnel over IPv6, on a Linux system.
>> However, I encounter the following:
>>
>> My command:
>> ovs-vsctl add-port br1 gre6 -- set interface gre6 type=ip6gre
>> options:remote_ip= 2001:db8:0:f102::11 options:key=55
>>
>> Output:
>> ovs-vsctl: Error detected while setting up 'gre6': could not add network
>> device gre6 to ofproto (Address family not supported by protocol).  See
>> ovs-vswitchd log for details.
>> ovs-vsctl: The default log directory is "/var/log/openvswitch".
>>
>> In the log:
>> bridge|WARN|could not add network device gre6 to ofproto (Address family
>> not supported by protocol)
>>
>> I notice that if I want to define a ip6gretap with “ip link”, there is a
>> need to use “-6” option, to set the correct family.
>>
>> Is there a way to note the correct family (though I think should be
>> implicit by “ip6gre”)? Or maybe some other configuration?
> OVS doesn't have an "ip6gre" interface type.  Just use "gre".

I see it does in lib/netdev-vport.c, line 1222. Isn't that ip6gre?

Anyway, indeed trying with just "gre" the configuration passes OK. 
However, I don't see any traffic on the other machine.

     Port "gre6"
     Interface "gre6"
     type: gre
     options: {key="55", local_ip="2001:db8:0:f102::f0", 
remote_ip="2001:db8:0:f102::f1"}

$ ping 2001:db8:0:f102::f1
PING 2001:db8:0:f102::f1(2001:db8:0:f102::f1) 56 data bytes
64 bytes from 2001:db8:0:f102::f1: icmp_seq=1 ttl=64 time=0.440 ms
64 bytes from 2001:db8:0:f102::f1: icmp_seq=2 ttl=64 time=0.072 ms

I even configured an explicit OF rule to redirect to the gre6 port. I 
see it is hit, but still no traffic.

Do I have to configure explicit routes or something of that kind?

___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

Re: [ovs-discuss] GRE over IPv6 configuration

[Ben Pfaff]

On Tue, Jun 04, 2019 at 03:13:02PM +, Eli Britstein wrote:
> Hello,
> 
> I would like to configure a GRE tunnel over IPv6, on a Linux system.
> However, I encounter the following:
> 
> My command:
> ovs-vsctl add-port br1 gre6 -- set interface gre6 type=ip6gre 
> options:remote_ip= 2001:db8:0:f102::11 options:key=55
> 
> Output:
> ovs-vsctl: Error detected while setting up 'gre6': could not add network 
> device gre6 to ofproto (Address family not supported by protocol).  See 
> ovs-vswitchd log for details.
> ovs-vsctl: The default log directory is "/var/log/openvswitch".
> 
> In the log:
> bridge|WARN|could not add network device gre6 to ofproto (Address family 
> not supported by protocol)
> 
> I notice that if I want to define a ip6gretap with “ip link”, there is a 
> need to use “-6” option, to set the correct family.
> 
> Is there a way to note the correct family (though I think should be 
> implicit by “ip6gre”)? Or maybe some other configuration?

OVS doesn't have an "ip6gre" interface type.  Just use "gre".
___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

[ovs-discuss] GRE over IPv6 configuration

[Eli Britstein]

Hello,

I would like to configure a GRE tunnel over IPv6, on a Linux system.
However, I encounter the following:

My command:
ovs-vsctl add-port br1 gre6 -- set interface gre6 type=ip6gre 
options:remote_ip= 2001:db8:0:f102::11 options:key=55

Output:
ovs-vsctl: Error detected while setting up 'gre6': could not add network 
device gre6 to ofproto (Address family not supported by protocol).  See 
ovs-vswitchd log for details.
ovs-vsctl: The default log directory is "/var/log/openvswitch".

In the log:
bridge|WARN|could not add network device gre6 to ofproto (Address family 
not supported by protocol)

I notice that if I want to define a ip6gretap with “ip link”, there is a 
need to use “-6” option, to set the correct family.

Is there a way to note the correct family (though I think should be 
implicit by “ip6gre”)? Or maybe some other configuration?

Thanks,
Eli

___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss