Commit d1db275d authored by Patrick McHardy's avatar Patrick McHardy

ipv6: ip6mr: support multiple tables

This patch adds support for multiple independant multicast routing instances,
named "tables".

Userspace multicast routing daemons can bind to a specific table instance by
issuing a setsockopt call using a new option MRT6_TABLE. The table number is
stored in the raw socket data and affects all following ip6mr setsockopt(),
getsockopt() and ioctl() calls. By default, a single table (RT6_TABLE_DFLT)
is created with a default routing rule pointing to it. Newly created pim6reg
devices have the table number appended ("pim6regX"), with the exception of
devices created in the default table, which are named just "pim6reg" for
compatibility reasons.

Packets are directed to a specific table instance using routing rules,
similar to how regular routing rules work. Currently iif, oif and mark
are supported as keys, source and destination addresses could be supported
additionally.

Example usage:

- bind pimd/xorp/... to a specific table:

uint32_t table = 123;
setsockopt(fd, SOL_IPV6, MRT6_TABLE, &table, sizeof(table));

- create routing rules directing packets to the new table:

# ip -6 mrule add iif eth0 lookup 123
# ip -6 mrule add oif eth0 lookup 123
Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
parent 6bd52143
...@@ -383,6 +383,7 @@ struct raw6_sock { ...@@ -383,6 +383,7 @@ struct raw6_sock {
__u32 checksum; /* perform checksum */ __u32 checksum; /* perform checksum */
__u32 offset; /* checksum offset */ __u32 offset; /* checksum offset */
struct icmp6_filter filter; struct icmp6_filter filter;
__u32 ip6mr_table;
/* ipv6_pinfo has to be the last member of raw6_sock, see inet6_sk_generic */ /* ipv6_pinfo has to be the last member of raw6_sock, see inet6_sk_generic */
struct ipv6_pinfo inet6; struct ipv6_pinfo inet6;
}; };
......
...@@ -24,7 +24,8 @@ ...@@ -24,7 +24,8 @@
#define MRT6_DEL_MFC (MRT6_BASE+5) /* Delete a multicast forwarding entry */ #define MRT6_DEL_MFC (MRT6_BASE+5) /* Delete a multicast forwarding entry */
#define MRT6_VERSION (MRT6_BASE+6) /* Get the kernel multicast version */ #define MRT6_VERSION (MRT6_BASE+6) /* Get the kernel multicast version */
#define MRT6_ASSERT (MRT6_BASE+7) /* Activate PIM assert mode */ #define MRT6_ASSERT (MRT6_BASE+7) /* Activate PIM assert mode */
#define MRT6_PIM (MRT6_BASE+8) /* enable PIM code */ #define MRT6_PIM (MRT6_BASE+8) /* enable PIM code */
#define MRT6_TABLE (MRT6_BASE+9) /* Specify mroute table ID */
#define SIOCGETMIFCNT_IN6 SIOCPROTOPRIVATE /* IP protocol privates */ #define SIOCGETMIFCNT_IN6 SIOCPROTOPRIVATE /* IP protocol privates */
#define SIOCGETSGCNT_IN6 (SIOCPROTOPRIVATE+1) #define SIOCGETSGCNT_IN6 (SIOCPROTOPRIVATE+1)
...@@ -229,11 +230,17 @@ extern int ip6mr_get_route(struct net *net, struct sk_buff *skb, ...@@ -229,11 +230,17 @@ extern int ip6mr_get_route(struct net *net, struct sk_buff *skb,
struct rtmsg *rtm, int nowait); struct rtmsg *rtm, int nowait);
#ifdef CONFIG_IPV6_MROUTE #ifdef CONFIG_IPV6_MROUTE
extern struct sock *mroute6_socket(struct net *net); extern struct sock *mroute6_socket(struct net *net, struct sk_buff *skb);
extern int ip6mr_sk_done(struct sock *sk); extern int ip6mr_sk_done(struct sock *sk);
#else #else
static inline struct sock *mroute6_socket(struct net *net) { return NULL; } static inline struct sock *mroute6_socket(struct net *net, struct sk_buff *skb)
static inline int ip6mr_sk_done(struct sock *sk) { return 0; } {
return NULL;
}
static inline int ip6mr_sk_done(struct sock *sk)
{
return 0;
}
#endif #endif
#endif #endif
......
...@@ -11,7 +11,8 @@ ...@@ -11,7 +11,8 @@
* families, values above 128 may be used arbitrarily. * families, values above 128 may be used arbitrarily.
*/ */
#define RTNL_FAMILY_IPMR 128 #define RTNL_FAMILY_IPMR 128
#define RTNL_FAMILY_MAX 128 #define RTNL_FAMILY_IP6MR 129
#define RTNL_FAMILY_MAX 129
/**** /****
* Routing/neighbour discovery messages. * Routing/neighbour discovery messages.
......
...@@ -59,7 +59,12 @@ struct netns_ipv6 { ...@@ -59,7 +59,12 @@ struct netns_ipv6 {
struct sock *tcp_sk; struct sock *tcp_sk;
struct sock *igmp_sk; struct sock *igmp_sk;
#ifdef CONFIG_IPV6_MROUTE #ifdef CONFIG_IPV6_MROUTE
#ifndef CONFIG_IPV6_MROUTE_MULTIPLE_TABLES
struct mr6_table *mrt6; struct mr6_table *mrt6;
#else
struct list_head mr6_tables;
struct fib_rules_ops *mr6_rules_ops;
#endif
#endif #endif
}; };
#endif #endif
...@@ -229,6 +229,20 @@ config IPV6_MROUTE ...@@ -229,6 +229,20 @@ config IPV6_MROUTE
Experimental support for IPv6 multicast forwarding. Experimental support for IPv6 multicast forwarding.
If unsure, say N. If unsure, say N.
config IPV6_MROUTE_MULTIPLE_TABLES
bool "IPv6: multicast policy routing"
depends on IPV6_MROUTE
select FIB_RULES
help
Normally, a multicast router runs a userspace daemon and decides
what to do with a multicast packet based on the source and
destination addresses. If you say Y here, the multicast router
will also be able to take interfaces and packet marks into
account and run multiple instances of userspace daemons
simultaneously, each one handling a single table.
If unsure, say N.
config IPV6_PIMSM_V2 config IPV6_PIMSM_V2
bool "IPv6: PIM-SM version 2 support (EXPERIMENTAL)" bool "IPv6: PIM-SM version 2 support (EXPERIMENTAL)"
depends on IPV6_MROUTE depends on IPV6_MROUTE
......
...@@ -108,7 +108,7 @@ static int ip6_finish_output2(struct sk_buff *skb) ...@@ -108,7 +108,7 @@ static int ip6_finish_output2(struct sk_buff *skb)
struct inet6_dev *idev = ip6_dst_idev(skb_dst(skb)); struct inet6_dev *idev = ip6_dst_idev(skb_dst(skb));
if (!(dev->flags & IFF_LOOPBACK) && sk_mc_loop(skb->sk) && if (!(dev->flags & IFF_LOOPBACK) && sk_mc_loop(skb->sk) &&
((mroute6_socket(dev_net(dev)) && ((mroute6_socket(dev_net(dev), skb) &&
!(IP6CB(skb)->flags & IP6SKB_FORWARDED)) || !(IP6CB(skb)->flags & IP6SKB_FORWARDED)) ||
ipv6_chk_mcast_addr(dev, &ipv6_hdr(skb)->daddr, ipv6_chk_mcast_addr(dev, &ipv6_hdr(skb)->daddr,
&ipv6_hdr(skb)->saddr))) { &ipv6_hdr(skb)->saddr))) {
......
This diff is collapsed.
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment