From 250bd94d1e500a89c76cac944e660bd9c07ac364 Mon Sep 17 00:00:00 2001
From: Pravin B Shelar <pshelar@ovn.org>
Date: Thu, 11 Feb 2016 01:05:16 -0800
Subject: [PATCH] tunneling: Disable IPv6 tunnel

There are multiple issues in IPv6 userspace tunnel
implementation. Even the kernel module that ships with
2.5 does not support IPv6 tunneling. There is not
enough time to get all fixes in branch-2.5. So it make
sense to disable the support on 2.5.

Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Flavio Leitner <fbl@sysclose.org>
Acked-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com>
Acked-by: Jesse Gross <jesse@kernel.org>
---
 lib/netdev-vport.c            |   8 ++
 ofproto/tunnel.c              |   8 ++
 tests/tunnel-push-pop-ipv6.at | 142 +---------------------------------
 3 files changed, 20 insertions(+), 138 deletions(-)

diff --git a/lib/netdev-vport.c b/lib/netdev-vport.c
index 88f5022f4..2234de781 100644
--- a/lib/netdev-vport.c
+++ b/lib/netdev-vport.c
@@ -503,6 +503,10 @@ set_tunnel_config(struct netdev *dev_, const struct smap *args)
                           name, node->value);
                 return EINVAL;
             }
+            if (dst_proto == ETH_TYPE_IPV6) {
+                VLOG_WARN("%s: IPv6 'remote_ip' is not supported", name);
+                return EOPNOTSUPP;
+            }
         } else if (!strcmp(node->key, "local_ip")) {
             int err;
             err = parse_tunnel_ip(node->value, true, &tnl_cfg.ip_src_flow,
@@ -512,6 +516,10 @@ set_tunnel_config(struct netdev *dev_, const struct smap *args)
                 VLOG_WARN("%s: bad %s 'local_ip'", name, type);
                 break;
             }
+            if (src_proto == ETH_TYPE_IPV6) {
+                VLOG_WARN("%s: IPv6 'local_ip' is not supported", name);
+                return EOPNOTSUPP;
+            }
         } else if (!strcmp(node->key, "tos")) {
             if (!strcmp(node->value, "inherit")) {
                 tnl_cfg.tos_inherit = true;
diff --git a/ofproto/tunnel.c b/ofproto/tunnel.c
index 24b717a3c..a63cf716b 100644
--- a/ofproto/tunnel.c
+++ b/ofproto/tunnel.c
@@ -427,6 +427,14 @@ tnl_port_send(const struct ofport_dpif *ofport, struct flow *flow,
             flow->tunnel.ipv6_dst = tnl_port->match.ipv6_dst;
         }
     }
+    if (ipv6_addr_is_set(&flow->tunnel.ipv6_dst) ||
+        ipv6_addr_is_set(&flow->tunnel.ipv6_src)) {
+        out_port = ODPP_NONE;
+        VLOG_WARN_RL(&rl, "port (%s): IPv6 tunnel endpoint is not supported",
+                     netdev_get_name(tnl_port->netdev));
+        goto out;
+    }
+
     flow->pkt_mark = tnl_port->match.pkt_mark;
 
     if (!cfg->out_key_flow) {
diff --git a/tests/tunnel-push-pop-ipv6.at b/tests/tunnel-push-pop-ipv6.at
index 8f6506a71..d3b09b872 100644
--- a/tests/tunnel-push-pop-ipv6.at
+++ b/tests/tunnel-push-pop-ipv6.at
@@ -10,144 +10,10 @@ AT_CHECK([ovs-vsctl add-port int-br t2 -- set Interface t2 type=vxlan \
                        options:remote_ip=2001:cafe::92 options:key=456 ofport_request=3\
                     -- add-port int-br t3 -- set Interface t3 type=vxlan \
                        options:remote_ip=2001:cafe::93 options:out_key=flow options:csum=true ofport_request=4\
-                    -- add-port int-br t4 -- set Interface t4 type=geneve \
-                       options:remote_ip=flow options:key=123 ofport_request=5\
-                       ], [0])
-
-AT_CHECK([ovs-appctl dpif/show], [0], [dnl
-dummy@ovs-dummy: hit:0 missed:0
-	br0:
-		br0 65534/100: (dummy)
-		p0 1/1: (dummy)
-	int-br:
-		int-br 65534/2: (dummy)
-		t1 3/3: (gre: key=456, remote_ip=2001:cafe::92)
-		t2 2/4789: (vxlan: key=123, remote_ip=2001:cafe::92)
-		t3 4/4789: (vxlan: csum=true, out_key=flow, remote_ip=2001:cafe::93)
-		t4 5/6081: (geneve: key=123, remote_ip=flow)
-])
-
-dnl First setup dummy interface IP address, then add the route
-dnl so that tnl-port table can get valid IP address for the device.
-AT_CHECK([ovs-appctl netdev-dummy/ip6addr br0 2001:cafe::88/24], [0], [OK
-])
-AT_CHECK([ovs-appctl ovs/route/add 2001:cafe::92/24 br0], [0], [OK
-])
-
-AT_CHECK([ovs-ofctl add-flow br0 action=normal])
-
-dnl Check ARP Snoop
-AT_CHECK([ovs-appctl tnl/arp/set br0 2001:cafe::92 f8:bc:12:44:34:b6], [0], [OK
-])
-AT_CHECK([ovs-appctl tnl/arp/set br0 2001:cafe::93 f8:bc:12:44:34:b7], [0], [OK
-])
-
-AT_CHECK([ovs-appctl tnl/arp/show], [0], [dnl
-IP                                            MAC                 Bridge
-==========================================================================
-2001:cafe::92                                 f8:bc:12:44:34:b6   br0
-2001:cafe::93                                 f8:bc:12:44:34:b7   br0
-])
-
-AT_CHECK([ovs-appctl tnl/ports/show |sort], [0], [dnl
-Listening ports:
-genev_sys_6081 (6081)
-gre_sys (3)
-vxlan_sys_4789 (4789)
-])
-
-dnl Check VXLAN tunnel pop
-AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(1),eth(src=f8:bc:12:44:34:b6,dst=aa:55:aa:55:00:00),eth_type(0x86dd),ipv6(src=2001:cafe::92,dst=2001:cafe::88,label=0,proto=17,tclass=0x0,hlimit=64),udp(src=51283,dst=4789)'], [0], [stdout])
-AT_CHECK([tail -1 stdout], [0],
-  [Datapath actions: tnl_pop(4789)
-])
-
-dnl Check GRE tunnel pop
-AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(1),eth(src=f8:bc:12:44:34:b6,dst=aa:55:aa:55:00:00),eth_type(0x86dd),ipv6(src=2001:cafe::92,dst=2001:cafe::88,label=0,proto=47,tclass=0x0,hlimit=64)'], [0], [stdout])
-AT_CHECK([tail -1 stdout], [0],
-  [Datapath actions: tnl_pop(3)
-])
-
-dnl Check Geneve tunnel pop
-AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(1),eth(src=f8:bc:12:44:34:b6,dst=aa:55:aa:55:00:00),eth_type(0x86dd),ipv6(src=2001:cafe::92,dst=2001:cafe::88,label=0,proto=17,tclass=0x0,hlimit=64),udp(src=51283,dst=6081)'], [0], [stdout])
-AT_CHECK([tail -1 stdout], [0],
-  [Datapath actions: tnl_pop(6081)
-])
-
-dnl Check VXLAN tunnel push
-AT_CHECK([ovs-ofctl add-flow int-br action=2])
-AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(2),eth_type(0x0800),ipv4(src=1.1.3.88,dst=1.1.3.112,proto=47,tos=0,ttl=64,frag=no)'], [0], [stdout])
-AT_CHECK([tail -1 stdout], [0],
-  [Datapath actions: tnl_push(tnl_port(4789),header(size=70,type=4,eth(dst=f8:bc:12:44:34:b6,src=aa:55:aa:55:00:00,dl_type=0x86dd),ipv6(src=2001:cafe::88,dst=2001:cafe::92,label=0,proto=17,tclass=0x0,hlimit=64),udp(src=0,dst=4789,csum=0xffff),vxlan(flags=0x8000000,vni=0x7b)),out_port(100))
-])
-
-dnl Check VXLAN tunnel push set tunnel id by flow and checksum
-AT_CHECK([ovs-ofctl add-flow int-br "actions=set_tunnel:124,4"])
-AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(2),eth_type(0x0800),ipv4(src=1.1.3.88,dst=1.1.3.112,proto=47,tos=0,ttl=64,frag=no)'], [0], [stdout])
-AT_CHECK([tail -1 stdout], [0],
-  [Datapath actions: tnl_push(tnl_port(4789),header(size=70,type=4,eth(dst=f8:bc:12:44:34:b7,src=aa:55:aa:55:00:00,dl_type=0x86dd),ipv6(src=2001:cafe::88,dst=2001:cafe::93,label=0,proto=17,tclass=0x0,hlimit=64),udp(src=0,dst=4789,csum=0xffff),vxlan(flags=0x8000000,vni=0x7c)),out_port(100))
-])
-
-dnl Check GRE tunnel push
-AT_CHECK([ovs-ofctl add-flow int-br action=3])
-AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(2),eth_type(0x0800),ipv4(src=1.1.3.88,dst=1.1.3.112,proto=47,tos=0,ttl=64,frag=no)'], [0], [stdout])
-AT_CHECK([tail -1 stdout], [0],
-  [Datapath actions: tnl_push(tnl_port(3),header(size=62,type=3,eth(dst=f8:bc:12:44:34:b6,src=aa:55:aa:55:00:00,dl_type=0x86dd),ipv6(src=2001:cafe::88,dst=2001:cafe::92,label=0,proto=47,tclass=0x0,hlimit=64),gre((flags=0x2000,proto=0x6558),key=0x1c8)),out_port(100))
-])
-
-dnl Check Geneve tunnel push
-AT_CHECK([ovs-ofctl add-flow int-br "actions=set_field:2001:cafe::92->tun_ipv6_dst,5"])
-AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(2),eth_type(0x0800),ipv4(src=1.1.3.88,dst=1.1.3.112,proto=47,tos=0,ttl=64,frag=no)'], [0], [stdout])
-AT_CHECK([tail -1 stdout], [0],
-  [Datapath actions: tnl_push(tnl_port(6081),header(size=70,type=5,eth(dst=f8:bc:12:44:34:b6,src=aa:55:aa:55:00:00,dl_type=0x86dd),ipv6(src=2001:cafe::88,dst=2001:cafe::92,label=0,proto=17,tclass=0x0,hlimit=64),udp(src=0,dst=6081,csum=0xffff),geneve(vni=0x7b)),out_port(100))
-])
-
-dnl Check Geneve tunnel push with options
-AT_CHECK([ovs-ofctl add-tlv-map int-br "{class=0xffff,type=0x80,len=4}->tun_metadata0"])
-AT_CHECK([ovs-ofctl add-flow int-br "actions=set_field:2001:cafe::92->tun_ipv6_dst,set_field:0xa->tun_metadata0,5"])
-AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(2),eth_type(0x0800),ipv4(src=1.1.3.88,dst=1.1.3.112,proto=47,tos=0,ttl=64,frag=no)'], [0], [stdout])
-AT_CHECK([tail -1 stdout], [0],
-  [Datapath actions: tnl_push(tnl_port(6081),header(size=78,type=5,eth(dst=f8:bc:12:44:34:b6,src=aa:55:aa:55:00:00,dl_type=0x86dd),ipv6(src=2001:cafe::88,dst=2001:cafe::92,label=0,proto=17,tclass=0x0,hlimit=64),udp(src=0,dst=6081,csum=0xffff),geneve(crit,vni=0x7b,options({class=0xffff,type=0x80,len=4,0xa}))),out_port(100))
-])
-
-dnl Check decapsulation of GRE packet
-AT_CHECK([ovs-appctl netdev-dummy/receive p0 'aa55aa550000001b213cab6486dd60000000006a2f402001cafe0000000000000000000000922001cafe00000000000000000000008820006558000001c8fe71d883724fbeb6f4e1494a080045000054ba200000400184861e0000011e00000200004227e75400030af3195500000000f265010000000000101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031323334353637'])
-ovs-appctl time/warp 1000
-
-AT_CHECK([ovs-ofctl dump-ports int-br | grep 'port  3'], [0], [dnl
-  port  3: rx pkts=1, bytes=98, drop=0, errs=0, frame=0, over=0, crc=0
-])
-
-dnl Check GRE only accepts encapsulated Ethernet frames
-AT_CHECK([ovs-appctl netdev-dummy/receive p0 'aa55aa550000001b213cab6486dd60000000006a2f402001cafe0000000000000000000000922001cafe00000000000000000000008820000800000001c8fe71d883724fbeb6f4e1494a080045000054ba200000400184861e0000011e00000200004227e75400030af3195500000000f265010000000000101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031323334353637'])
-ovs-appctl time/warp 1000
-
-AT_CHECK([ovs-ofctl dump-ports int-br | grep 'port  3'], [0], [dnl
-  port  3: rx pkts=1, bytes=98, drop=0, errs=0, frame=0, over=0, crc=0
-])
-
-dnl Check decapsulation of Geneve packet with options
-AT_CAPTURE_FILE([ofctl_monitor.log])
-AT_CHECK([ovs-ofctl monitor int-br 65534 --detach --no-chdir --pidfile 2> ofctl_monitor.log])
-
-AT_CHECK([ovs-ofctl del-flows int-br])
-AT_CHECK([ovs-ofctl add-flow int-br "tun_metadata0=0xa/0xf,actions=5,controller"])
-AT_CHECK([ovs-appctl netdev-dummy/receive p0 'aa55aa550000001b213cab6486dd60000000008211402001cafe0000000000000000000000922001cafe000000000000000000000088308817c1008200000400655800007b00ffff80010000000affff00010000000bfe71d883724fbeb6f4e1494a080045000054ba200000400184861e0000011e00000200004227e75400030af3195500000000f265010000000000101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031323334353637'])
-
-OVS_WAIT_UNTIL([test `wc -l < ofctl_monitor.log` -ge 2])
-OVS_APP_EXIT_AND_WAIT(ovs-ofctl)
-
-AT_CHECK([cat ofctl_monitor.log], [0], [dnl
-NXT_PACKET_IN (xid=0x0): cookie=0x0 total_len=98 tun_id=0x7b,tun_ipv6_src=2001:cafe::92,tun_ipv6_dst=2001:cafe::88,tun_metadata0=0xa,in_port=5 (via action) data_len=98 (unbuffered)
-icmp,vlan_tci=0x0000,dl_src=be:b6:f4:e1:49:4a,dl_dst=fe:71:d8:83:72:4f,nw_src=30.0.0.1,nw_dst=30.0.0.2,nw_tos=0,nw_ecn=0,nw_ttl=64,icmp_type=0,icmp_code=0 icmp_csum:4227
-])
-
-AT_CHECK([ovs-ofctl dump-ports int-br | grep 'port  5'], [0], [dnl
-  port  5: rx pkts=1, bytes=98, drop=0, errs=0, frame=0, over=0, crc=0
-])
-AT_CHECK([ovs-appctl dpif/dump-flows int-br], [0], [dnl
-tunnel(tun_id=0x7b,ipv6_src=2001:cafe::92,ipv6_dst=2001:cafe::88,geneve({class=0xffff,type=0x80,len=4,0xa/0xf}{class=0xffff,type=0,len=4}),flags(-df-csum+key)),skb_mark(0),recirc_id(0),in_port(6081),eth_type(0x0800),ipv4(frag=no), packets:0, bytes:0, used:never, actions:userspace(pid=0,slow_path(controller))
+                       ], [0], [], [dnl
+ovs-vsctl: Error detected while setting up 't2', 't1', 't3'.  See ovs-vswitchd log for details.
 ])
 
-OVS_VSWITCHD_STOP
+OVS_VSWITCHD_STOP(["/remote_ip/d
+/could not set configuration/d"])
 AT_CLEANUP
-- 
2.20.1