From: Ido Schimmel <idosch@nvidia.com>
To: <netdev@vger.kernel.org>
Cc: <davem@davemloft.net>, <kuba@kernel.org>, <pabeni@redhat.com>,
<edumazet@google.com>, <dsahern@kernel.org>, <gnault@redhat.com>,
"Ido Schimmel" <idosch@nvidia.com>
Subject: [PATCH net-next 0/6] net: fib_rules: Add DSCP selector support
Date: Wed, 11 Sep 2024 12:37:42 +0300 [thread overview]
Message-ID: <20240911093748.3662015-1-idosch@nvidia.com> (raw)
Currently, the kernel rejects IPv4 FIB rules that try to match on the
upper three DSCP bits:
# ip -4 rule add tos 0x1c table 100
# ip -4 rule add tos 0x3c table 100
Error: Invalid tos.
The reason for that is that historically users of the FIB lookup API
only populated the lower three DSCP bits in the TOS field of the IPv4
flow key ('flowi4_tos'), which fits the TOS definition from the initial
IPv4 specification (RFC 791).
This is not very useful nowadays and instead some users want to be able
to match on the six bits DSCP field, which replaced the TOS and IP
precedence fields over 25 years ago (RFC 2474). In addition, the current
behavior differs between IPv4 and IPv6 which does allow users to match
on the entire DSCP field using the TOS selector.
Recent patchsets made sure that callers of the FIB lookup API now
populate the entire DSCP field in the IPv4 flow key. Therefore, it is
now possible to extend FIB rules to match on DSCP.
This is done by adding a new DSCP attribute which is implemented for
both IPv4 and IPv6 to provide user space programs a consistent behavior
between both address families.
The behavior of the old TOS selector is unchanged and IPv4 FIB rules
using it will only match on the lower three DSCP bits. The kernel will
reject rules that try to use both selectors.
Patch #1 adds the new DSCP attribute but rejects its usage.
Patches #2-#3 implement IPv4 and IPv6 support.
Patch #4 allows user space to use the new attribute.
Patches #5-#6 add selftests.
iproute2 changes can be found here [1].
[1] https://github.com/idosch/iproute2/tree/submit/dscp_rfc_v1
Ido Schimmel (6):
net: fib_rules: Add DSCP selector attribute
ipv4: fib_rules: Add DSCP selector support
ipv6: fib_rules: Add DSCP selector support
net: fib_rules: Enable DSCP selector usage
selftests: fib_rule_tests: Add DSCP selector match tests
selftests: fib_rule_tests: Add DSCP selector connect tests
include/uapi/linux/fib_rules.h | 1 +
net/core/fib_rules.c | 4 +-
net/ipv4/fib_rules.c | 54 ++++++++++-
net/ipv6/fib6_rules.c | 43 ++++++++-
tools/testing/selftests/net/fib_rule_tests.sh | 90 +++++++++++++++++++
5 files changed, 184 insertions(+), 8 deletions(-)
--
2.46.0
next reply other threads:[~2024-09-11 9:38 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-09-11 9:37 Ido Schimmel [this message]
2024-09-11 9:37 ` [PATCH net-next 1/6] net: fib_rules: Add DSCP selector attribute Ido Schimmel
2024-09-13 12:03 ` Guillaume Nault
2024-09-11 9:37 ` [PATCH net-next 2/6] ipv4: fib_rules: Add DSCP selector support Ido Schimmel
2024-09-13 12:10 ` Guillaume Nault
2024-09-11 9:37 ` [PATCH net-next 3/6] ipv6: " Ido Schimmel
2024-09-13 12:21 ` Guillaume Nault
2024-09-11 9:37 ` [PATCH net-next 4/6] net: fib_rules: Enable DSCP selector usage Ido Schimmel
2024-09-13 12:26 ` Guillaume Nault
2024-09-11 9:37 ` [PATCH net-next 5/6] selftests: fib_rule_tests: Add DSCP selector match tests Ido Schimmel
2024-09-13 12:52 ` Guillaume Nault
2024-09-11 9:37 ` [PATCH net-next 6/6] selftests: fib_rule_tests: Add DSCP selector connect tests Ido Schimmel
2024-09-13 12:58 ` Guillaume Nault
2024-09-13 13:08 ` [PATCH net-next 0/6] net: fib_rules: Add DSCP selector support Guillaume Nault
2024-09-30 13:45 ` Ido Schimmel
2024-09-30 18:18 ` David Ahern
2024-10-01 20:08 ` Guillaume Nault
2024-09-13 14:31 ` David Ahern
2024-09-14 4:30 ` patchwork-bot+netdevbpf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240911093748.3662015-1-idosch@nvidia.com \
--to=idosch@nvidia.com \
--cc=davem@davemloft.net \
--cc=dsahern@kernel.org \
--cc=edumazet@google.com \
--cc=gnault@redhat.com \
--cc=kuba@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).