Add support for source-specific IPv6 routes to BIRD core

This patch adds support for source-specific IPv6 routes to BIRD core.
This is based on Dean Luga's original patch, with the review comments
addressed. SADR support is added to network address parsing in confbase.Y
and to the kernel protocol on Linux.

Currently there is no way to mix source-specific and non-source-specific
routes (i.e., SADR tables cannot be connected to non-SADR tables).

Thanks to Toke Hoiland-Jorgensen for the original patch.
Minor changes by Ondrej Santiago Zajicek.

diff --git a/conf/confbase.Y b/conf/confbase.Y
index 7e0537c5b8398131c05193979315ae20ae8c7967..c2d647eb1c49e6cbcd353ac56a76cdc7bf297b14 100644 (file)
--- a/conf/confbase.Y
+++ b/conf/confbase.Y
@@ -83,7 +83,7 @@ CF_DECLS
 %type <time> expr_us time
 %type <a> ipa
 %type <net> net_ip4_ net_ip6_ net_ip6 net_ip_ net_ip net_or_ipa
-%type <net_ptr> net_ net_any net_vpn4_ net_vpn6_ net_vpn_ net_roa4_ net_roa6_ net_roa_ net_mpls_
+%type <net_ptr> net_ net_any net_vpn4_ net_vpn6_ net_vpn_ net_roa4_ net_roa6_ net_roa_ net_ip6_sadr_ net_mpls_
 %type <mls> label_stack_start label_stack
 
 %type <t> text opttext
@@ -96,7 +96,7 @@ CF_DECLS
 %left '!'
 %nonassoc '.'
 
-CF_KEYWORDS(DEFINE, ON, OFF, YES, NO, S, MS, US, PORT, VPN, MPLS)
+CF_KEYWORDS(DEFINE, ON, OFF, YES, NO, S, MS, US, PORT, VPN, MPLS, FROM)
 
 CF_GRAMMAR
 
@@ -206,6 +206,25 @@ net_ip6_: IP6 '/' NUM
             n->prefix, n->pxlen, ip6_and(n->prefix, ip6_mkmask(n->pxlen)), n->pxlen);
 };
 
+net_ip6_sadr_: IP6 '/' NUM FROM IP6 '/' NUM
+{
+  if ($3 > IP6_MAX_PREFIX_LENGTH)
+    cf_error("Invalid prefix length %u", $3);
+
+  if ($7 > IP6_MAX_PREFIX_LENGTH)
+    cf_error("Invalid prefix length %u", $7);
+
+  $$ = cfg_alloc(sizeof(net_addr_ip6_sadr));
+  net_fill_ip6_sadr($$, $1, $3, $5, $7);
+
+  net_addr_ip6_sadr *n = (void *) $$;
+  if (!net_validate_ip6_sadr(n))
+    cf_error("Invalid SADR IPv6 prefix %I6/%d from %I6/%d, maybe you wanted %I6/%d from %I6/%d",
+            n->dst_prefix, n->dst_pxlen, n->src_prefix, n->src_pxlen,
+            ip6_and(n->dst_prefix, ip6_mkmask(n->dst_pxlen)), n->dst_pxlen,
+            ip6_and(n->src_prefix, ip6_mkmask(n->src_pxlen)), n->src_pxlen);
+};
+
 net_vpn4_: VPN_RD net_ip4_
 {
   $$ = cfg_alloc(sizeof(net_addr_vpn4));
@@ -249,6 +268,7 @@ net_:
  | net_vpn_
  | net_roa_
  | net_flow_
+ | net_ip6_sadr_
  | net_mpls_
  ;
 

diff --git a/lib/net.c b/lib/net.c
index 3e5d62e28ed95be7f0b472006ebb9d10d176d322..976ddbcc7b841c8a82dd69db6d8af96eae736a35 100644 (file)
--- a/lib/net.c
+++ b/lib/net.c
@@ -14,6 +14,7 @@ const char * const net_label[] = {
   [NET_ROA6]   = "roa6",
   [NET_FLOW4]  = "flow4",
   [NET_FLOW6]  = "flow6",
+  [NET_IP6_SADR]= "ipv6-sadr",
   [NET_MPLS]   = "mpls",
 };
 
@@ -26,6 +27,7 @@ const u16 net_addr_length[] = {
   [NET_ROA6]   = sizeof(net_addr_roa6),
   [NET_FLOW4]  = 0,
   [NET_FLOW6]  = 0,
+  [NET_IP6_SADR]= sizeof(net_addr_ip6_sadr),
   [NET_MPLS]   = sizeof(net_addr_mpls),
 };
 
@@ -38,6 +40,7 @@ const u8 net_max_prefix_length[] = {
   [NET_ROA6]   = IP6_MAX_PREFIX_LENGTH,
   [NET_FLOW4]  = IP4_MAX_PREFIX_LENGTH,
   [NET_FLOW6]  = IP6_MAX_PREFIX_LENGTH,
+  [NET_IP6_SADR]= IP6_MAX_PREFIX_LENGTH,
   [NET_MPLS]   = 0,
 };
 
@@ -50,6 +53,7 @@ const u16 net_max_text_length[] = {
   [NET_ROA6]   = 60,   /* "ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128-128 AS4294967295" */
   [NET_FLOW4]  = 0,    /* "flow4 { ... }" */
   [NET_FLOW6]  = 0,    /* "flow6 { ... }" */
+  [NET_IP6_SADR]= 92,  /* "ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128 from ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128" */
   [NET_MPLS]   = 7,    /* "1048575" */
 };
 
@@ -102,6 +106,8 @@ net_format(const net_addr *N, char *buf, int buflen)
     return flow4_net_format(buf, buflen, &n->flow4);
   case NET_FLOW6:
     return flow6_net_format(buf, buflen, &n->flow6);
+  case NET_IP6_SADR:
+    return bsnprintf(buf, buflen, "%I6/%d from %I6/%d", n->ip6_sadr.dst_prefix, n->ip6_sadr.dst_pxlen, n->ip6_sadr.src_prefix, n->ip6_sadr.src_pxlen);
   case NET_MPLS:
     return bsnprintf(buf, buflen, "%u", n->mpls.label);
   }
@@ -124,6 +130,7 @@ net_pxmask(const net_addr *a)
   case NET_VPN6:
   case NET_ROA6:
   case NET_FLOW6:
+  case NET_IP6_SADR:
     return ipa_from_ip6(ip6_mkmask(net6_pxlen(a)));
 
   case NET_MPLS:
@@ -156,6 +163,8 @@ net_compare(const net_addr *a, const net_addr *b)
     return net_compare_flow4((const net_addr_flow4 *) a, (const net_addr_flow4 *) b);
   case NET_FLOW6:
     return net_compare_flow6((const net_addr_flow6 *) a, (const net_addr_flow6 *) b);
+  case NET_IP6_SADR:
+    return net_compare_ip6_sadr((const net_addr_ip6_sadr *) a, (const net_addr_ip6_sadr *) b);
   case NET_MPLS:
     return net_compare_mpls((const net_addr_mpls *) a, (const net_addr_mpls *) b);
   }
@@ -177,6 +186,7 @@ net_hash(const net_addr *n)
   case NET_ROA6: return NET_HASH(n, roa6);
   case NET_FLOW4: return NET_HASH(n, flow4);
   case NET_FLOW6: return NET_HASH(n, flow6);
+  case NET_IP6_SADR: return NET_HASH(n, ip6_sadr);
   case NET_MPLS: return NET_HASH(n, mpls);
   default: bug("invalid type");
   }
@@ -198,6 +208,7 @@ net_validate(const net_addr *n)
   case NET_ROA6: return NET_VALIDATE(n, roa6);
   case NET_FLOW4: return NET_VALIDATE(n, flow4);
   case NET_FLOW6: return NET_VALIDATE(n, flow6);
+  case NET_IP6_SADR: return NET_VALIDATE(n, ip6_sadr);
   case NET_MPLS: return NET_VALIDATE(n, mpls);
   default: return 0;
   }
@@ -222,6 +233,9 @@ net_normalize(net_addr *N)
   case NET_FLOW6:
     return net_normalize_ip6(&n->ip6);
 
+  case NET_IP6_SADR:
+    return net_normalize_ip6_sadr(&n->ip6_sadr);
+
   case NET_MPLS:
     return;
   }
@@ -246,6 +260,9 @@ net_classify(const net_addr *N)
   case NET_FLOW6:
     return ip6_zero(n->ip6.prefix) ? (IADDR_HOST | SCOPE_UNIVERSE) : ip6_classify(&n->ip6.prefix);
 
+  case NET_IP6_SADR:
+    return ip6_zero(n->ip6_sadr.dst_prefix) ? (IADDR_HOST | SCOPE_UNIVERSE) : ip6_classify(&n->ip6_sadr.dst_prefix);
+
   case NET_MPLS:
     return IADDR_HOST | SCOPE_UNIVERSE;
   }
@@ -274,6 +291,11 @@ ipa_in_netX(const ip_addr a, const net_addr *n)
     return ip6_zero(ip6_and(ip6_xor(ipa_to_ip6(a), net6_prefix(n)),
                            ip6_mkmask(net6_pxlen(n))));
 
+  case NET_IP6_SADR:
+    if (ipa_is_ip4(a)) return 0;
+    return ip6_zero(ip6_and(ip6_xor(ipa_to_ip6(a), net6_prefix(n)),
+                           ip6_mkmask(net6_pxlen(n))));
+
   case NET_MPLS:
   default:
     return 0;
@@ -304,5 +326,6 @@ net_init(void)
   CHECK_NET(net_addr_roa6,     28);
   CHECK_NET(net_addr_flow4,     8);
   CHECK_NET(net_addr_flow6,    20);
+  CHECK_NET(net_addr_ip6_sadr, 40);
   CHECK_NET(net_addr_mpls,      8);
 }

diff --git a/lib/net.h b/lib/net.h
index 69f006415890c11274fc71d58da757f66eab54fe..ad4000fdced74047ecec7d63534758a4f1081f51 100644 (file)
--- a/lib/net.h
+++ b/lib/net.h
@@ -21,8 +21,9 @@
 #define NET_ROA6       6
 #define NET_FLOW4      7
 #define NET_FLOW6      8
-#define NET_MPLS       9
-#define NET_MAX                10
+#define NET_IP6_SADR   9
+#define NET_MPLS       10
+#define NET_MAX                11
 
 #define NB_IP4         (1 << NET_IP4)
 #define NB_IP6         (1 << NET_IP6)
@@ -32,12 +33,13 @@
 #define NB_ROA6                (1 << NET_ROA6)
 #define NB_FLOW4       (1 << NET_FLOW4)
 #define NB_FLOW6       (1 << NET_FLOW6)
+#define NB_IP6_SADR    (1 << NET_IP6_SADR)
 #define NB_MPLS                (1 << NET_MPLS)
 
 #define NB_IP          (NB_IP4 | NB_IP6)
 #define NB_VPN         (NB_VPN4 | NB_VPN6)
 #define NB_FLOW                (NB_FLOW4 | NB_FLOW6)
-#define NB_DEST                (NB_IP | NB_VPN | NB_MPLS)
+#define NB_DEST                (NB_IP | NB_IP6_SADR | NB_VPN | NB_MPLS)
 #define NB_ANY         0xffffffff
 
 
@@ -121,6 +123,15 @@ typedef struct net_addr_mpls {
   u32 label;
 } net_addr_mpls;
 
+typedef struct net_addr_ip6_sadr {
+  u8 type;
+  u8 dst_pxlen;
+  u16 length;
+  ip6_addr dst_prefix;
+  s32 src_pxlen; /* s32 to avoid padding */
+  ip6_addr src_prefix;
+} net_addr_ip6_sadr;
+
 typedef union net_addr_union {
   net_addr n;
   net_addr_ip4 ip4;
@@ -131,6 +142,7 @@ typedef union net_addr_union {
   net_addr_roa6 roa6;
   net_addr_flow4 flow4;
   net_addr_flow6 flow6;
+  net_addr_ip6_sadr ip6_sadr;
   net_addr_mpls mpls;
 } net_addr_union;
 
@@ -167,6 +179,9 @@ extern const u16 net_max_text_length[];
 #define NET_ADDR_FLOW6(prefix,pxlen,dlen) \
   ((net_addr_flow6) { NET_FLOW6, pxlen, sizeof(net_addr_ip6) + dlen, prefix })
 
+#define NET_ADDR_IP6_SADR(dst_prefix,dst_pxlen,src_prefix,src_pxlen) \
+  ((net_addr_ip6_sadr) { NET_IP6_SADR, dst_pxlen, sizeof(net_addr_ip6_sadr), dst_prefix, src_pxlen, src_prefix })
+
 #define NET_ADDR_MPLS(label) \
   ((net_addr_mpls) { NET_MPLS, 20, sizeof(net_addr_mpls), label })
 
@@ -189,6 +204,9 @@ static inline void net_fill_roa4(net_addr *a, ip4_addr prefix, uint pxlen, uint
 static inline void net_fill_roa6(net_addr *a, ip6_addr prefix, uint pxlen, uint max_pxlen, u32 asn)
 { *(net_addr_roa6 *)a = NET_ADDR_ROA6(prefix, pxlen, max_pxlen, asn); }
 
+static inline void net_fill_ip6_sadr(net_addr *a, ip6_addr dst_prefix, uint dst_pxlen, ip6_addr src_prefix, uint src_pxlen)
+{ *(net_addr_ip6_sadr *)a = NET_ADDR_IP6_SADR(dst_prefix, dst_pxlen, src_prefix, src_pxlen); }
+
 static inline void net_fill_mpls(net_addr *a, u32 label)
 { *(net_addr_mpls *)a = NET_ADDR_MPLS(label); }
 
@@ -222,6 +240,16 @@ static inline void net_fill_flow6(net_addr *a, ip6_addr prefix, uint pxlen, byte
   memcpy(f->data, data, dlen);
 }
 
+/* Make NET_IP6_SADR from NET_IP6, assuming there is enough space */
+static inline void net_make_ip6_sadr(net_addr *a)
+{
+  net_addr_ip6_sadr *n = (void *) a;
+  n->type = NET_IP6_SADR;
+  n->length = sizeof(net_addr_ip6_sadr);
+  n->src_pxlen = 0;
+  n->src_prefix = IP6_NONE;
+}
+
 static inline int net_val_match(u8 type, u32 mask)
 { return !!((1 << type) & mask); }
 
@@ -261,6 +289,7 @@ static inline ip_addr net_prefix(const net_addr *a)
   case NET_VPN6:
   case NET_ROA6:
   case NET_FLOW6:
+  case NET_IP6_SADR:
     return ipa_from_ip6(net6_prefix(a));
 
   case NET_MPLS:
@@ -328,6 +357,9 @@ static inline int net_equal_flow4(const net_addr_flow4 *a, const net_addr_flow4
 static inline int net_equal_flow6(const net_addr_flow6 *a, const net_addr_flow6 *b)
 { return net_equal((const net_addr *) a, (const net_addr *) b); }
 
+static inline int net_equal_ip6_sadr(const net_addr_ip6_sadr *a, const net_addr_ip6_sadr *b)
+{ return !memcmp(a, b, sizeof(net_addr_ip6_sadr)); }
+
 static inline int net_equal_mpls(const net_addr_mpls *a, const net_addr_mpls *b)
 { return !memcmp(a, b, sizeof(net_addr_mpls)); }
 
@@ -338,6 +370,12 @@ static inline int net_equal_prefix_roa4(const net_addr_roa4 *a, const net_addr_r
 static inline int net_equal_prefix_roa6(const net_addr_roa6 *a, const net_addr_roa6 *b)
 { return ip6_equal(a->prefix, b->prefix) && (a->pxlen == b->pxlen); }
 
+static inline int net_equal_dst_ip6_sadr(const net_addr_ip6_sadr *a, const net_addr_ip6_sadr *b)
+{ return ip6_equal(a->dst_prefix, b->dst_prefix) && (a->dst_pxlen == b->dst_pxlen); }
+
+static inline int net_equal_src_ip6_sadr(const net_addr_ip6_sadr *a, const net_addr_ip6_sadr *b)
+{ return ip6_equal(a->src_prefix, b->src_prefix) && (a->src_pxlen == b->src_pxlen); }
+
 
 static inline int net_zero_ip4(const net_addr_ip4 *a)
 { return !a->pxlen && ip4_zero(a->prefix); }
@@ -391,6 +429,13 @@ static inline int net_compare_flow4(const net_addr_flow4 *a, const net_addr_flow
 static inline int net_compare_flow6(const net_addr_flow6 *a, const net_addr_flow6 *b)
 { return ip6_compare(a->prefix, b->prefix) ?: uint_cmp(a->pxlen, b->pxlen) ?: uint_cmp(a->length, b->length) ?: memcmp(a->data, b->data, a->length - sizeof(net_addr_flow6)); }
 
+static inline int net_compare_ip6_sadr(const net_addr_ip6_sadr *a, const net_addr_ip6_sadr *b)
+{
+  return
+    ip6_compare(a->dst_prefix, b->dst_prefix) ?: uint_cmp(a->dst_pxlen, b->dst_pxlen) ?:
+    ip6_compare(a->src_prefix, b->src_prefix) ?: uint_cmp(a->src_pxlen, b->src_pxlen);
+}
+
 static inline int net_compare_mpls(const net_addr_mpls *a, const net_addr_mpls *b)
 { return uint_cmp(a->label, b->label); }
 
@@ -424,6 +469,9 @@ static inline void net_copy_flow4(net_addr_flow4 *dst, const net_addr_flow4 *src
 static inline void net_copy_flow6(net_addr_flow6 *dst, const net_addr_flow6 *src)
 { memcpy(dst, src, src->length); }
 
+static inline void net_copy_ip6_sadr(net_addr_ip6_sadr *dst, const net_addr_ip6_sadr *src)
+{ memcpy(dst, src, sizeof(net_addr_ip6_sadr)); }
+
 static inline void net_copy_mpls(net_addr_mpls *dst, const net_addr_mpls *src)
 { memcpy(dst, src, sizeof(net_addr_mpls)); }
 
@@ -456,6 +504,9 @@ static inline u32 net_hash_flow4(const net_addr_flow4 *n)
 static inline u32 net_hash_flow6(const net_addr_flow6 *n)
 { return ip6_hash(n->prefix) ^ ((u32) n->pxlen << 26); }
 
+static inline u32 net_hash_ip6_sadr(const net_addr_ip6_sadr *n)
+{ return net_hash_ip6((net_addr_ip6 *) n); }
+
 static inline u32 net_hash_mpls(const net_addr_mpls *n)
 { return n->label; }
 
@@ -508,6 +559,9 @@ static inline int net_validate_flow6(const net_addr_flow6 *n)
 static inline int net_validate_mpls(const net_addr_mpls *n)
 { return n->label < (1 << 20); }
 
+static inline int net_validate_ip6_sadr(const net_addr_ip6_sadr *n)
+{ return net_validate_px6(n->dst_prefix, n->dst_pxlen) && net_validate_px6(n->src_prefix, n->src_pxlen); }
+
 int net_validate(const net_addr *N);
 
 
@@ -523,6 +577,12 @@ static inline void net_normalize_vpn4(net_addr_vpn4 *n)
 static inline void net_normalize_vpn6(net_addr_vpn6 *n)
 { net_normalize_ip6((net_addr_ip6 *) n); }
 
+static inline void net_normalize_ip6_sadr(net_addr_ip6_sadr *n)
+{
+  n->dst_prefix = ip6_and(n->dst_prefix, ip6_mkmask(n->dst_pxlen));
+  n->src_prefix = ip6_and(n->src_prefix, ip6_mkmask(n->src_pxlen));
+}
+
 void net_normalize(net_addr *N);
 
 
@@ -530,17 +590,29 @@ int net_classify(const net_addr *N);
 int net_format(const net_addr *N, char *buf, int buflen);
 int rd_format(const u64 rd, char *buf, int buflen);
 
-static inline int ipa_in_net_ip4(ip4_addr a, const net_addr_ip4 *n)
-{ return ip4_zero(ip4_and(ip4_xor(a, n->prefix), ip4_mkmask(n->pxlen))); }
+static inline int ipa_in_px4(ip4_addr a, ip4_addr prefix, uint pxlen)
+{ return ip4_zero(ip4_and(ip4_xor(a, prefix), ip4_mkmask(pxlen))); }
 
-static inline int net_in_net_ip4(const net_addr_ip4 *a, const net_addr_ip4 *b)
-{ return (a->pxlen >= b->pxlen) && ipa_in_net_ip4(a->prefix, b); }
+static inline int ipa_in_px6(ip6_addr a, ip6_addr prefix, uint pxlen)
+{ return ip6_zero(ip6_and(ip6_xor(a, prefix), ip6_mkmask(pxlen))); }
+
+static inline int ipa_in_net_ip4(ip4_addr a, const net_addr_ip4 *n)
+{ return ipa_in_px4(a, n->prefix, n->pxlen); }
 
 static inline int ipa_in_net_ip6(ip6_addr a, const net_addr_ip6 *n)
-{ return ip6_zero(ip6_and(ip6_xor(a, n->prefix), ip6_mkmask(n->pxlen))); }
+{ return ipa_in_px6(a, n->prefix, n->pxlen); }
+
+static inline int net_in_net_ip4(const net_addr_ip4 *a, const net_addr_ip4 *b)
+{ return (a->pxlen >= b->pxlen) && ipa_in_px4(a->prefix, b->prefix, b->pxlen); }
 
 static inline int net_in_net_ip6(const net_addr_ip6 *a, const net_addr_ip6 *b)
-{ return (a->pxlen >= b->pxlen) && ipa_in_net_ip6(a->prefix, b); }
+{ return (a->pxlen >= b->pxlen) && ipa_in_px6(a->prefix, b->prefix, b->pxlen); }
+
+static inline int net_in_net_dst_ip6_sadr(const net_addr_ip6_sadr *a, const net_addr_ip6_sadr *b)
+{ return (a->dst_pxlen >= b->dst_pxlen) && ipa_in_px6(a->dst_prefix, b->dst_prefix, b->dst_pxlen); }
+
+static inline int net_in_net_src_ip6_sadr(const net_addr_ip6_sadr *a, const net_addr_ip6_sadr *b)
+{ return (a->src_pxlen >= b->src_pxlen) && ipa_in_px6(a->src_prefix, b->src_prefix, b->src_pxlen); }
 
 int ipa_in_netX(const ip_addr A, const net_addr *N);
 int net_in_netX(const net_addr *A, const net_addr *N);

diff --git a/nest/config.Y b/nest/config.Y
index af5114f5a93ff3cb5eb737a5dd9dbee022008ac0..ab09a10cdc665ab150ff0bff1a47bee2b25f9b74 100644 (file)
--- a/nest/config.Y
+++ b/nest/config.Y
@@ -66,7 +66,7 @@ CF_DECLS
 
 CF_KEYWORDS(ROUTER, ID, PROTOCOL, TEMPLATE, PREFERENCE, DISABLED, DEBUG, ALL, OFF, DIRECT)
 CF_KEYWORDS(INTERFACE, IMPORT, EXPORT, FILTER, NONE, VRF, TABLE, STATES, ROUTES, FILTERS)
-CF_KEYWORDS(IPV4, IPV6, VPN4, VPN6, ROA4, ROA6)
+CF_KEYWORDS(IPV4, IPV6, VPN4, VPN6, ROA4, ROA6, FLOW4, FLOW6, SADR, MPLS)
 CF_KEYWORDS(RECEIVE, LIMIT, ACTION, WARN, BLOCK, RESTART, DISABLE, KEEP, FILTERED)
 CF_KEYWORDS(PASSWORD, FROM, PASSIVE, TO, ID, EVENTS, PACKETS, PROTOCOLS, INTERFACES)
 CF_KEYWORDS(ALGORITHM, KEYED, HMAC, MD5, SHA1, SHA256, SHA384, SHA512)
@@ -77,7 +77,7 @@ CF_KEYWORDS(TIMEFORMAT, ISO, SHORT, LONG, ROUTE, PROTOCOL, BASE, LOG, S, MS, US)
 CF_KEYWORDS(GRACEFUL, RESTART, WAIT, MAX, FLUSH, AS)
 
 /* For r_args_channel */
-CF_KEYWORDS(IPV4, IPV4_MC, IPV4_MPLS, IPV6, IPV6_MC, IPV6_MPLS, VPN4, VPN4_MC, VPN4_MPLS, VPN6, VPN6_MC, VPN6_MPLS, ROA4, ROA6, FLOW4, FLOW6, MPLS, PRI, SEC)
+CF_KEYWORDS(IPV4, IPV4_MC, IPV4_MPLS, IPV6, IPV6_MC, IPV6_MPLS, IPV6_SADR, VPN4, VPN4_MC, VPN4_MPLS, VPN6, VPN6_MC, VPN6_MPLS, ROA4, ROA6, FLOW4, FLOW6, MPLS, PRI, SEC)
 
 CF_ENUM(T_ENUM_RTS, RTS_, DUMMY, STATIC, INHERIT, DEVICE, STATIC_DEVICE, REDIRECT,
        RIP, OSPF, OSPF_IA, OSPF_EXT1, OSPF_EXT2, BGP, PIPE, BABEL)
@@ -134,6 +134,7 @@ gr_opts: GRACEFUL RESTART WAIT expr ';' { new_config->gr_wait = $4; } ;
 net_type:
    IPV4 { $$ = NET_IP4; }
  | IPV6 { $$ = NET_IP6; }
+ | IPV6 SADR { $$ = NET_IP6_SADR; }
  | VPN4 { $$ = NET_VPN4; }
  | VPN6 { $$ = NET_VPN6; }
  | ROA4 { $$ = NET_ROA4; }
@@ -143,7 +144,7 @@ net_type:
  | MPLS { $$ = NET_MPLS; }
  ;
 
-CF_ENUM(T_ENUM_NETTYPE, NET_, IP4, IP6, VPN4, VPN6, ROA4, ROA6, FLOW4, FLOW6)
+CF_ENUM(T_ENUM_NETTYPE, NET_, IP4, IP6, VPN4, VPN6, ROA4, ROA6, FLOW4, FLOW6, IP6_SADR)
 
 
 /* Creation of routing tables */
@@ -625,6 +626,7 @@ r_args_for:
   }
  | net_vpn4_
  | net_vpn6_
+ | net_ip6_sadr_
  | VPN_RD IP4 {
     $$ = cfg_alloc(sizeof(net_addr_vpn4));
     net_fill_vpn4($$, $2, IP4_MAX_PREFIX_LENGTH, $1);
@@ -633,6 +635,10 @@ r_args_for:
     $$ = cfg_alloc(sizeof(net_addr_vpn6));
     net_fill_vpn6($$, $2, IP6_MAX_PREFIX_LENGTH, $1);
   }
+ | IP6 FROM IP6 {
+    $$ = cfg_alloc(sizeof(net_addr_ip6_sadr));
+    net_fill_ip6_sadr($$, $1, IP6_MAX_PREFIX_LENGTH, $3, IP6_MAX_PREFIX_LENGTH);
+  }
  | SYM {
      if ($1->class == (SYM_CONSTANT | T_IP))
      {
@@ -666,6 +672,7 @@ r_args_channel:
  | IPV6                { $$ = "ipv6"; }
  | IPV6_MC     { $$ = "ipv6-mc"; }
  | IPV6_MPLS   { $$ = "ipv6-mpls"; }
+ | IPV6_SADR   { $$ = "ipv6-sadr"; }
  | VPN4                { $$ = "vpn4"; }
  | VPN4_MC     { $$ = "vpn4-mc"; }
  | VPN4_MPLS   { $$ = "vpn4-mpls"; }

diff --git a/nest/rt-fib.c b/nest/rt-fib.c
index 169d6a4f8126b6d4a7baf6bc08d05e1c23bcdd4b..18ccbfc397096b10c3183b1617eb6d0772370b16 100644 (file)
--- a/nest/rt-fib.c
+++ b/nest/rt-fib.c
@@ -236,6 +236,7 @@ fib_find(struct fib *f, const net_addr *a)
   case NET_ROA6: return FIB_FIND(f, a, roa6);
   case NET_FLOW4: return FIB_FIND(f, a, flow4);
   case NET_FLOW6: return FIB_FIND(f, a, flow6);
+  case NET_IP6_SADR: return FIB_FIND(f, a, ip6_sadr);
   case NET_MPLS: return FIB_FIND(f, a, mpls);
   default: bug("invalid type");
   }
@@ -256,6 +257,7 @@ fib_insert(struct fib *f, const net_addr *a, struct fib_node *e)
   case NET_ROA6: FIB_INSERT(f, a, e, roa6); return;
   case NET_FLOW4: FIB_INSERT(f, a, e, flow4); return;
   case NET_FLOW6: FIB_INSERT(f, a, e, flow6); return;
+  case NET_IP6_SADR: FIB_INSERT(f, a, e, ip6_sadr); return;
   case NET_MPLS: FIB_INSERT(f, a, e, mpls); return;
   default: bug("invalid type");
   }

diff --git a/nest/rt-table.c b/nest/rt-table.c
index 0f53c93f3efcab1c3ec4eb83d2f534b9eed2366b..686d0e842af54d7f6abda01f38d34fb170932c0e 100644 (file)
--- a/nest/rt-table.c
+++ b/nest/rt-table.c
@@ -85,6 +85,45 @@ net_route_ip6(rtable *t, net_addr_ip6 *n)
   return r;
 }
 
+static inline void *
+net_route_ip6_sadr(rtable *t, net_addr_ip6_sadr *n)
+{
+  struct fib_node *fn;
+
+  while (1)
+  {
+    net *best = NULL;
+    int best_pxlen = 0;
+
+    /* We need to do dst first matching. Since sadr addresses are hashed on dst
+       prefix only, find the hash table chain and go through it to find the
+       match with the smallest matching src prefix. */
+    for (fn = fib_get_chain(&t->fib, (net_addr *) n); fn; fn = fn->next)
+    {
+      net_addr_ip6_sadr *a = (void *) fn->addr;
+
+      if (net_equal_dst_ip6_sadr(n, a) &&
+         net_in_net_src_ip6_sadr(n, a) &&
+         (a->src_pxlen >= best_pxlen))
+      {
+       best = fib_node_to_user(&t->fib, fn);
+       best_pxlen = a->src_pxlen;
+      }
+    }
+
+    if (best)
+      return best;
+
+    if (!n->dst_pxlen)
+      break;
+
+    n->dst_pxlen--;
+    ip6_clrbit(&n->dst_prefix, n->dst_pxlen);
+  }
+
+  return NULL;
+}
+
 void *
 net_route(rtable *tab, const net_addr *n)
 {
@@ -105,6 +144,9 @@ net_route(rtable *tab, const net_addr *n)
   case NET_ROA6:
     return net_route_ip6(tab, (net_addr_ip6 *) n0);
 
+  case NET_IP6_SADR:
+    return net_route_ip6_sadr(tab, (net_addr_ip6_sadr *) n0);
+
   default:
     return NULL;
   }

diff --git a/sysdep/cf/linux.h b/sysdep/cf/linux.h
index 3a3a15da5d28e8c9138507447879cf5bd4fa645e..047d3764e1ef88df381dbe896195a7776858b630 100644 (file)
--- a/sysdep/cf/linux.h
+++ b/sysdep/cf/linux.h
@@ -10,6 +10,7 @@
 #define CONFIG_SELF_CONSCIOUS
 #define CONFIG_MULTIPLE_TABLES
 #define CONFIG_ALL_TABLES_AT_ONCE
+#define CONFIG_IP6_SADR_KERNEL
 
 #define CONFIG_MC_PROPER_SRC
 #define CONFIG_UNIX_DONTROUTE

diff --git a/sysdep/linux/netlink.c b/sysdep/linux/netlink.c
index 4cb515196bb606869b55fc88ca38bffc07be7e27..84591eb2ec4885f4f3bd398447c8f2aaba129330 100644 (file)
--- a/sysdep/linux/netlink.c
+++ b/sysdep/linux/netlink.c
@@ -374,6 +374,7 @@ static struct nl_want_attrs rtm_attr_want4[BIRD_RTA_MAX] = {
 
 static struct nl_want_attrs rtm_attr_want6[BIRD_RTA_MAX] = {
   [RTA_DST]      = { 1, 1, sizeof(ip6_addr) },
+  [RTA_SRC]      = { 1, 1, sizeof(ip6_addr) },
   [RTA_IIF]      = { 1, 1, sizeof(u32) },
   [RTA_OIF]      = { 1, 1, sizeof(u32) },
   [RTA_GATEWAY]          = { 1, 1, sizeof(ip6_addr) },
@@ -1221,8 +1222,18 @@ nl_send_route(struct krt_proto *p, rte *e, struct ea_list *eattrs, int op, int d
   }
   else
 #endif
+  {
     nl_add_attr_ipa(&r->h, rsize, RTA_DST, net_prefix(net->n.addr));
 
+    /* Add source address for IPv6 SADR routes */
+    if (net->n.addr->type == NET_IP6_SADR)
+    {
+      net_addr_ip6_sadr *a = (void *) &net->n.addr;
+      nl_add_attr_ip6(&r->h, rsize, RTA_SRC, a->src_prefix);
+      r->r.rtm_src_len = a->src_pxlen;
+    }
+  }
+
   /*
    * Strange behavior for RTM_DELROUTE:
    * 1) rtm_family is ignored in IPv6, works for IPv4
@@ -1447,12 +1458,12 @@ nl_parse_route(struct nl_parse_state *s, struct nlmsghdr *h)
   struct rtattr *a[BIRD_RTA_MAX];
   int new = h->nlmsg_type == RTM_NEWROUTE;
 
-  net_addr dst;
+  net_addr dst, src = {};
   u32 oif = ~0;
   u32 table_id;
   u32 priority = 0;
   u32 def_scope = RT_SCOPE_UNIVERSE;
-  int src;
+  int krt_src;
 
   if (!(i = nl_checkin(h, sizeof(*i))))
     return;
@@ -1477,6 +1488,11 @@ nl_parse_route(struct nl_parse_state *s, struct nlmsghdr *h)
        net_fill_ip6(&dst, rta_get_ip6(a[RTA_DST]), i->rtm_dst_len);
       else
        net_fill_ip6(&dst, IP6_NONE, 0);
+
+      if (a[RTA_SRC])
+       net_fill_ip6(&src, rta_get_ip6(a[RTA_SRC]), i->rtm_src_len);
+      else
+       net_fill_ip6(&src, IP6_NONE, 0);
       break;
 
 #ifdef HAVE_MPLS_KERNEL
@@ -1511,6 +1527,9 @@ nl_parse_route(struct nl_parse_state *s, struct nlmsghdr *h)
   if (!p)
     SKIP("unknown table %d\n", table);
 
+  if (a[RTA_SRC] && (p->p.net_type != NET_IP6_SADR))
+    SKIP("src prefix for non-SADR channel\n");
+
   if (a[RTA_IIF])
     SKIP("IIF set\n");
 
@@ -1533,25 +1552,33 @@ nl_parse_route(struct nl_parse_state *s, struct nlmsghdr *h)
       SKIP("proto unspec\n");
 
     case RTPROT_REDIRECT:
-      src = KRT_SRC_REDIRECT;
+      krt_src = KRT_SRC_REDIRECT;
       break;
 
     case RTPROT_KERNEL:
-      src = KRT_SRC_KERNEL;
+      krt_src = KRT_SRC_KERNEL;
       return;
 
     case RTPROT_BIRD:
       if (!s->scan)
        SKIP("echo\n");
-      src = KRT_SRC_BIRD;
+      krt_src = KRT_SRC_BIRD;
       break;
 
     case RTPROT_BOOT:
     default:
-      src = KRT_SRC_ALIEN;
+      krt_src = KRT_SRC_ALIEN;
     }
 
-  net *net = net_get(p->p.main_channel->table, &dst);
+  net_addr *n = &dst;
+  if (p->p.net_type == NET_IP6_SADR)
+  {
+    n = alloca(sizeof(net_addr_ip6_sadr));
+    net_fill_ip6_sadr(n, net6_prefix(&dst), net6_pxlen(&dst),
+                     net6_prefix(&src), net6_pxlen(&src));
+  }
+
+  net *net = net_get(p->p.main_channel->table, n);
 
   if (s->net && !nl_mergable_route(s, net, p, priority, i->rtm_type))
     nl_announce_route(s);
@@ -1755,7 +1782,7 @@ nl_parse_route(struct nl_parse_state *s, struct nlmsghdr *h)
     s->attrs = ra;
     s->proto = p;
     s->new = new;
-    s->krt_src = src;
+    s->krt_src = krt_src;
     s->krt_type = i->rtm_type;
     s->krt_proto = i->rtm_protocol;
     s->krt_metric = priority;

diff --git a/sysdep/unix/krt.c b/sysdep/unix/krt.c
index a3cbb336dc7f19b472138ac38f8c899495c7d4fa..b4fb196741c9d1f95af9792cbd2fba5d847aa861 100644 (file)
--- a/sysdep/unix/krt.c
+++ b/sysdep/unix/krt.c
@@ -1108,10 +1108,11 @@ krt_start(struct proto *P)
 
   switch (p->p.net_type)
   {
-  case NET_IP4:        p->af = AF_INET; break;
-  case NET_IP6:        p->af = AF_INET6; break;
+  case NET_IP4:                p->af = AF_INET; break;
+  case NET_IP6:                p->af = AF_INET6; break;
+  case NET_IP6_SADR:   p->af = AF_INET6; break;
 #ifdef AF_MPLS
-  case NET_MPLS: p->af = AF_MPLS; break;
+  case NET_MPLS:       p->af = AF_MPLS; break;
 #endif
   default: log(L_ERR "KRT: Tried to start with strange net type: %d", p->p.net_type); return PS_START; break;
   }
@@ -1219,16 +1220,24 @@ krt_get_attr(eattr *a, byte *buf, int buflen)
 }
 
 
+#ifdef CONFIG_IP6_SADR_KERNEL
+#define MAYBE_IP6_SADR NB_IP6_SADR
+#else
+#define MAYBE_IP6_SADR 0
+#endif
+
+#ifdef HAVE_MPLS_KERNEL
+#define MAYBE_MPLS     NB_MPLS
+#else
+#define MAYBE_MPLS     0
+#endif
+
 struct protocol proto_unix_kernel = {
   .name =              "Kernel",
   .template =          "kernel%d",
   .attr_class =                EAP_KRT,
   .preference =                DEF_PREF_INHERITED,
-#ifdef HAVE_MPLS_KERNEL
-  .channel_mask =      NB_IP | NB_MPLS,
-#else
-  .channel_mask =      NB_IP,
-#endif
+  .channel_mask =      NB_IP | MAYBE_IP6_SADR | MAYBE_MPLS,
   .proto_size =                sizeof(struct krt_proto),
   .config_size =       sizeof(struct krt_config),
   .preconfig =         krt_preconfig,