[PATCHv2 net-next 0/7] sctp: support vrf processing

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

This patchset adds the VRF processing in SCTP. Simliar to TCP/UDP,
it includes socket bind and socket/association lookup changes.

For socket bind change, it allows sockets to bind to a VRF device
and allows multiple sockets with the same IP and PORT to bind to
different interfaces in patch 1-3.

For socket/association lookup change, it adds dif and sdif check
in both asoc and ep lookup in patch 4 and 5, and when binding to
nodev, users can decide if accept the packets received from one
l3mdev by setup a sysctl option in patch 6.

Note with VRF support, in a netns, an association will be decided
by src ip + src port + dst ip + dst port + bound_dev_if, and it's
possible for ss to have:

# ss --sctp -n
  State       Local Address:Port      Peer Address:Port
   ESTAB     192.168.1.2%vrf-s1:1234
   `- ESTAB   192.168.1.2%veth1:1234   192.168.1.1:1234
   ESTAB     192.168.1.2%vrf-s2:1234
   `- ESTAB   192.168.1.2%veth2:1234   192.168.1.1:1234

See the selftest in patch 7 for more usage.

Also, thanks Carlo for testing this patch series on their use.

v1->v2:
  - In Patch 5, move sctp_sk_bound_dev_eq() definition to net/sctp/
    input.c to avoid a build error when IP_SCTP is disabled, as Paolo
    suggested.
  - In Patch 7, avoid one sleep by disabling the IPv6 dad, and remove
    another sleep by using ss to check if the server's ready, and also
    delete two unncessary sleeps in sctp_hello.c, as Paolo suggested.

Xin Long (7):
  sctp: verify the bind address with the tb_id from l3mdev
  sctp: check ipv6 addr with sk_bound_dev if set
  sctp: check sk_bound_dev_if when matching ep in get_port
  sctp: add skb_sdif in struct sctp_af
  sctp: add dif and sdif check in asoc and ep lookup
  sctp: add sysctl net.sctp.l3mdev_accept
  selftests: add a selftest for sctp vrf

 Documentation/networking/ip-sysctl.rst   |   9 ++
 include/net/netns/sctp.h                 |   4 +
 include/net/sctp/sctp.h                  |   6 +-
 include/net/sctp/structs.h               |   9 +-
 net/sctp/diag.c                          |   3 +-
 net/sctp/endpointola.c                   |  13 +-
 net/sctp/input.c                         | 108 +++++++-------
 net/sctp/ipv6.c                          |  22 ++-
 net/sctp/protocol.c                      |  19 ++-
 net/sctp/socket.c                        |   9 +-
 net/sctp/sysctl.c                        |  11 ++
 tools/testing/selftests/net/Makefile     |   2 +
 tools/testing/selftests/net/sctp_hello.c | 137 +++++++++++++++++
 tools/testing/selftests/net/sctp_vrf.sh  | 178 +++++++++++++++++++++++
 14 files changed, 461 insertions(+), 69 deletions(-)
 create mode 100644 tools/testing/selftests/net/sctp_hello.c
 create mode 100755 tools/testing/selftests/net/sctp_vrf.sh

-- 
2.31.1
[Index of Archives]     [Linux Networking Development]     [Linux OMAP]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     SCTP

  Powered by Linux