I fixed most of them.

You could also change the check macro to correctly deal with this.
If possible make it work without the additional hard-wired case for
disabling HW cksumming.

Joerg

--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de

Will a NIC compute cksum for a packet that isn't IP from ethertype of
view ? I admit I'm clueless regarding HW checksumming chapter.

Probably not. But note that some deal properly with vlan header prepended,
so they migh in theory deal with the MPLS header too.

Hi,

Over ethernet, MPLS uses a 4 size header prepended between data and
network layer. I wanted to be sure that ether_input() won't drop these
baby giant frames.
Indentation check is on TODO list for all the code.
Yes, mostly, I haven't seen much problems (except HW cksumming I've
fixed sometime ago).
I don't know. Why should it ? Code is #ifdef MPLS'ed everywhere currently.

It depends on the card.

For some, hardware checksum is programmed by start/end offsets into
the packet.

Darren


--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de

On Thu, 03 Jan 2008 22:38:31 +0200
That itself is an important step. If that works, I suspect the code is
very much worth having as an optional component to NetBSD, though the
other items I mentioned are necessary for production use.



--Steve Bellovin, http://www.cs.columbia.edu/~smb

--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de

we'd be interested in such changes.
people have asked for teh ability to distribute bgp/mpls stuff with
openbgpd before, even without kernel support. nobody has stepped up
toactually write code, I personally have not enough interest and no
usage case either. nontheless, if there's interest I'm certainly open
for diffs and willing to help.

Hi,

I had an idea at one moment to create an pseudo-interface for every
neighbor and route packets through those pseudo-interfaces. Also one
single interface was a pre-option. But I don't think this will be very
intuitive and I didn't see any vendor reporting something similar to
this so I assume no one does it.

Also this raises another problem: I could do this if NetBSD would have a
clear difference between control and forwarding but this is not the case
and I don't want to change the ifa/p for a route without a very strong
reason.

Btw, tcpdump decapsulates the MPLS frames and reports the inner IP
packets generating an output like this:

13:32:20.880484 MPLS (label 20, exp 0, [S], ttl 64)
IP (tos 0x0, ttl 64, id 17838, offset 0, flags [none], proto
UDP (17), length 71) 193.28.151.120.50013 > 193.28.151.5.53: [udp sum
ok] 29453+ PTR? 2.116.208.68.in-addr.arpa. (43)

Are you interested in catching IP packets before shim push/pop for some
other reasons ?
I'm not sure about that. True, I should check M_READONLY but in a
mandatory way where I actually want to write data into that mbuf. But
should I check if it's readonly for cases like the m_push_inet{6}()
where I prepend and modify only the prepended data ?

Last night, I scanned the web for MPLS configuration
examples, and all that I found was Cisco IOS, which was not
very compelling, and a discussion on an OpenSolaris forum
which, albeit vague, did mention an MPLS pseudo-interface,
<https://www.opensolaris.org/jive/thread.jspa?messageID=33315>.

I don't think that the word "intuitive" really applies to MPLS,
and it is a vague word that deserves to be defined in any discussion,
<http://www.asktog.com/papers/raskinintuit.html>. I think that it will
be helpful if MPLS uses familiar abstractions in familiar ways; using a
pseudo-interface to add/subtract encapsulation is familiar to users of
VLANs and tunnels.
You seem to have a precise meaning in mind, but what you have written
is vague. Can you elaborate on this lack of control/forwarding separation
as it applies to ifa/ifp and MPLS?
Yes, I am. I also believe it makes the system a lot more transparent
and comprehensible to use a pseudo-interface. We have the opportunity to
apply a packet filter or to tap packets. Tapping packets is an essential
aid for troubleshooting.

(IMO, a deficiency of IPSec in NetBSD is that it does not use
pseudo-interfaces, even when it does tunnel-like things like IPSEC_NAT_T.)
No, you don't need to use it if you will only read the data. I suggest
extracting a const pointer to the data with mtod, then.

Dave

I don't think this project got anywhere near design finishing. I did
also read the rest of the threads in that category.
Hehe, nice lecture, still I don't think that Picard(or was it Data ?) or
a lady that didn't know how to handle the mouse is an appropiate example
in this case. Anyhow, I'll try to explain below in detail why using
encap/decap interface(s) is not something I'd like.
Because you want to use an interface [X] that will be seen from control
plane, I quickly see some problems:

- No control coming from interface regarding encapsulation (think about
cell-mode)
- if one set a route to point to an interface:next-hop pair, he expects
that to be honored. This will not be the case with these interfaces
(route interface will be changed to mplsX)
- double lookup on non-MPLS encapsulation: in order to have a reason
for MPLS PI to exist we need to route-lookup once for INET in order to
deliver that packet to MPLS PI, and once in MPLS PI code in order to
know how and where should I deliver the frame from MPLS point of view.
- I'll end up keeping a mirror of all routing tables where I should
keep the PROTO->MPLS associations (remember, we need to separate PROTO
from MPLS in PROTO routing table in order to keep reason for MPLS
pseudo-interface existence, where PROTO may be INET or something else).
So, mpls_interface will get a packet, together with it's adress family
and relookup in that address family mirror table to see how it should be
encapsulated.
- double lookup for MPLS encapsulated packets that we receive.
- shim-pop-pushed instead of MPLS swapping. Fast label swapping is
considered one of the MPLS advantages. Also RFC3031 explicitly calls the
forwarding mechanism "Label Swapping"
- loss of forwarding speed
- it will not simplify the code in ether_output() because we still need
to handle AF_MPLS frames there


[X] - How many pseudo-interfaces do you want anyway ? These are the
options as they come to my mind right now:
- only one used for both decap and encap. decap if packet is not
tagged, encap else. Still this is no good solution if you want to tap
because you'll see here both in and out. Also you'll really have no idea
where that packet comes from and where it goes and you'll have packets
coming from mpls0 and going out to mpls0.
- one pseudo-interface per non-pseudo-interface. This seems more
appropiate as we may know where that packet comes and where it goes.
Also, I think I can live with information passed via tags between
pseudo-interfaces and real-interfaces. But this case raises another
question: if we do it for MPLS why don't we do it for every ethernet
protocol ? Since when an interface should be used only for carrying IP
only frames ?
- one decap interface and one pseudo-interface per neighbour
- one pseudo-interface per non-pseudo-interface and one PI per neighbour

Personally I don't like the latter two, because I don't want to pollute
interface space with one iface per neighbour. Think how it will be to
create an interface per OSPF neighbour for example. Also, their
management will be almost impossible and I don't think that ldp daemon
should mix with this interface management(including but not restricted
to creating/destroying). For all the cases, someone that worked with
MPLS on Cisco or Junipers for example, will not feel "familiar" with
these pseudo-interfaces.
Note that MPLS is not encrypting packets and tcpdump prints the inner
packets for common cases, so payload tapping is still possible.

But there is another problem: you asked for this pseduo-interface(s)
because you expect to tap packets on it(them). But you can't really know
what you will tap because MPLS shim doesn't contain information
regarding the inner protocol. Tcpdump may only guess here after a
protocol analysis but there are a lot of non-IP[6] things that can live
inside an MPLS frame.
I'll constify where is the case.