We depend on IPV6_SEG6_LWTUNNEL only to be sure that three sympols seg6_get_srh(), seg6_advance_nextseg(), and seg6_lookup_nexthop exist. On the other hand, the actions go-next, skip-next, and go-last are based the ip6tables SRH match of previous, next and last sid. https://patchwork.ozlabs.org/patch/910693/ https://patchwork.ozlabs.org/patch/904107/ https://patchwork.ozlabs.org/patch/904108/ With the combination of the srh matching options and the seg6 target actions it's possible to branching within a SFC. Thanks, Ahmed On Thu, 16 Aug 2018 20:25:13 +0200 Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote: > On Thu, Aug 16, 2018 at 04:51:42PM +0200, Ahmed Abdelsalam wrote: > [...] > > diff --git a/net/ipv6/netfilter/Kconfig b/net/ipv6/netfilter/Kconfig > > index 339d0762b027..a2502c54a837 100644 > > --- a/net/ipv6/netfilter/Kconfig > > +++ b/net/ipv6/netfilter/Kconfig > > @@ -344,6 +344,21 @@ config IP6_NF_TARGET_NPT > > > > endif # IP6_NF_NAT > > > > +if IPV6_SEG6_LWTUNNEL > > Given this depends on the lwtunnel infra, could you instead extend > net/netfilter/nft_tunnel.c to support seg6 from there? > > Please, see: > > https://marc.info/?l=netfilter-devel&m=153323641010277&w=2 > https://marc.info/?l=netfilter-devel&m=153323641410281&w=2 > https://marc.info/?l=netfilter-devel&m=153323641210280&w=2 > > Thanks. -- Ahmed Abdelsalam <amsalam20@xxxxxxxxx>
