Discussion:
AsiaBSDCon 2014 P7B: Implementation and Modification for CPE Routers: Filter Rule Scan Optimization, IPsec Interface and Ethernet Switch
(too old to reply)
Masanobu SAITOH
2014-03-19 06:16:07 UTC
Permalink
Hi.

The following pdf is one of my presentation's slide in AsiaBSDCon2014.

http://www.netbsd.org/~msaitoh/ABC2014-P7B-CPE-2.pdf

(For P6B, I sent email to current-users@)

Thanks.
--
-----------------------------------------------
SAITOH Masanobu (***@execsw.org
***@netbsd.org)

--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
Roy Marples
2014-03-19 07:50:59 UTC
Permalink
Hi
Post by Masanobu SAITOH
The following pdf is one of my presentation's slide in AsiaBSDCon2014.
http://www.netbsd.org/~msaitoh/ABC2014-P7B-CPE-2.pdf
You could also include dhcpcd(8) used in-conjunction with rtadvd(8) to
manage DHCPv6 Prefix Delegation to automatically configure the customers
network for global IPv6 addressing and routing.

Roy

--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
Martin Husemann
2014-03-20 19:16:53 UTC
Permalink
Post by Roy Marples
Post by Hikaru Abe
- IPV6CP-aware, like as ethernet link state, especially PPPoE.
Could you describe this a little more?
dhcpcd isn't a PPPoE client but monitors link state quite happily and
reacts accordingly
You get, for example, information about the ISPs name servers via PPP
(if you use the currently in-tree pppoe, you can query that from userland
via pppoectl, so inside a dhcpcd script you could act on it and update your
client configuration when link state goes up).

Martin

--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
Hikaru Abe
2014-03-21 09:58:07 UTC
Permalink
Post by Martin Husemann
Post by Roy Marples
Post by Hikaru Abe
- IPV6CP-aware, like as ethernet link state, especially PPPoE.
Could you describe this a little more?
dhcpcd isn't a PPPoE client but monitors link state quite happily and
reacts accordingly
You get, for example, information about the ISPs name servers via PPP
(if you use the currently in-tree pppoe, you can query that from userland
via pppoectl, so inside a dhcpcd script you could act on it and update your
client configuration when link state goes up).
Yes, we do that in the daemon.
A PPPoE link has IPCP session also in some cases, so the daemon can't
determine IPv6 connectivity by RTM_IFINFO only, so it checks IPV6CP
state to restart DHCPv6 client instance.

--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
Hikaru Abe
2014-03-19 09:04:26 UTC
Permalink
Hi

I'm working for IIJ with masanobu-san
Post by Roy Marples
You could also include dhcpcd(8) used in-conjunction with rtadvd(8) to
manage DHCPv6 Prefix Delegation to automatically configure the customers
network for global IPv6 addressing and routing.
Yes. but we have another DHCPv6 (PD client + stateless-server)
implementation since 2002, and modified rtadvd(8). we does not use
dhcpcd(8).

--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
Roy Marples
2014-03-19 09:30:09 UTC
Permalink
Hi
Post by Hikaru Abe
Post by Roy Marples
You could also include dhcpcd(8) used in-conjunction with rtadvd(8) to
manage DHCPv6 Prefix Delegation to automatically configure the customers
network for global IPv6 addressing and routing.
Yes. but we have another DHCPv6 (PD client + stateless-server)
implementation since 2002, and modified rtadvd(8). we does not use
dhcpcd(8).
Is there any reason you can't or won't use dhcpcd(8)?
I'm always interested in feedback to make dhcpcd the best solution.

Roy

--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
Loganaden Velvindron
2014-03-19 17:38:17 UTC
Permalink
Post by Masanobu SAITOH
Hi.
The following pdf is one of my presentation's slide in AsiaBSDCon2014.
http://www.netbsd.org/~msaitoh/ABC2014-P7B-CPE-2.pdf
Thanks.
Any dmesg this time :-) ?
Post by Masanobu SAITOH
--
-----------------------------------------------
--
This message is strictly personal and the opinions expressed do not
represent those of my employers, either past or present.

--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
Hikaru Abe
2014-03-20 03:28:14 UTC
Permalink
Post by Roy Marples
Post by Hikaru Abe
Post by Roy Marples
You could also include dhcpcd(8) used in-conjunction with rtadvd(8) to
manage DHCPv6 Prefix Delegation to automatically configure the customers
network for global IPv6 addressing and routing.
Yes. but we have another DHCPv6 (PD client + stateless-server)
implementation since 2002, and modified rtadvd(8). we does not use
dhcpcd(8).
Is there any reason you can't or won't use dhcpcd(8)?
I'm always interested in feedback to make dhcpcd the best solution.
It seems to be almost good for our routers. we would choose dhcpcd(8)
for DHCPv6 if it exist in early 2000s. :)
I'm not sure about details of dhcpcd. But i think there are some
differences between our implementation.

Our daemon do/is:
- Install black hole route (RTF_REJECT) to delegated prefix by
default. It prevent ping-pong packet between ISP and CPE for unknown
addresses are not in configured sla-ids.
- IPV6CP-aware, like as ethernet link state, especially PPPoE.
- Tightly coupled with DHCPv6 server. Some customer network requires
redistribution of DHCPv6 options from WAN to LAN side, such as SNTP,
DNS servers, sub prefix-delegation through PD client.
- DHCPv6 relay.

--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
Masanobu SAITOH
2014-03-20 05:52:36 UTC
Permalink
Post by Loganaden Velvindron
Post by Masanobu SAITOH
Hi.
The following pdf is one of my presentation's slide in AsiaBSDCon2014.
http://www.netbsd.org/~msaitoh/ABC2014-P7B-CPE-2.pdf
Thanks.
Any dmesg this time :-) ?
SA-W1?
Post by Loganaden Velvindron
Copyright (c) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005,
2006, 2007, 2008, 2009, 2010, 2011, 2012
The NetBSD Foundation, Inc. All rights reserved.
Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California. All rights reserved.
NetBSD 6.0_STABLE (SEILW1_MD) #0: Tue Mar 18 23:21:21 JST 2014
(snip)
Post by Loganaden Velvindron
total memory = 128 MB
avail memory = 99420 KB
timecounter: Timecounters tick every 2.000 msec
mainbus0 (root)
rom0 at mainbus0
cpu0 at mainbus0: Sheeva 88SV131 rev 1 (ARM9E-S core)
cpu0: DC enabled IC enabled WB enabled EABT branch prediction enabled
cpu0: 16KB/32B 4-way Instruction cache
cpu0: 16KB/32B 4-way write-back-locking-C Data cache
Replace DCache Lock = mode 0
DCache Streaming Switch = mode 1
Write Allocate = enabled
L2 Prefetch = enabled
L2 Inv. Uncorrectable Error Line Eviction = mode 0
L2 Cache = enabled
L2 cache is enabled (This code have not merged to cvs.n.o yet.)
Post by Loganaden Velvindron
Replace ICache Lock = mode 0
Branch Global History Register = disabled
Branch Target Buffer = enabled
L1 Parity Error = enabled
nullrtc0 at mainbus0: Dummy Real Time Clock
mvsoc0 at mainbus0: Marvell 88F6281 Rev. A1 Kirkwood
mvsoc0: CPU Clock 1200.000 MHz SysClock 400.000 MHz TClock 166.666 MHz
Update CPUCSR: 0x00000000->0x00000001
CPUCSR = 0x00000001
CPUCSR: +PEX0, -Reset, -SelfInt, LittleEndian, -IntBlk,
mvsoctmr0 at mvsoc0 unit 0 offset 0x20300-0x203ff: Marvell SoC Timer
mvsocgpp0 at mvsoc0 unit 0 offset 0x10100-0x101ff irq 35: Marvell SoC General Purpose I/O Port Interface
mvsocgpp0: 50 gpio pins
mvsocgpp0: interrupts 96..103, intr 35
mvsocgpp0: interrupts 104..111, intr 36
mvsocgpp0: interrupts 112..119, intr 37
mvsocgpp0: interrupts 120..127, intr 38
mvsocgpp0: interrupts 128..135, intr 39
mvsocgpp0: interrupts 136..143, intr 40
mvsocgpp0: interrupts 144..151, intr 41
mvsocgpp0: Data Out: 0xffffdfff
mvsocgpp0: Data Out Enable Control: 0xfff0087f
mvsocgpp0: Data Blink Enable: 0x00000000
mvsocgpp0: Data In Polarity: 0x00000000
mvsocgpp0: Data In: 0x300fd480
mvsocgpp0: Interrupt Cause: 0x00000000
mvsocgpp0: Interrupt Mask: 0x00000000
mvsocgpp0: Interrupt Level Mask: 0x00000000
mvsocgpp0: High Data Out: 0xffffff7f
mvsocgpp0: High Data Out Enable Ctrl: 0xfffd404f
mvsocgpp0: High Blink Enable: 0x00000000
mvsocgpp0: High Data In Polarity: 0x00000000
mvsocgpp0: High Data In: 0x0003ff7c
mvsocgpp0: High Interrupt Cause: 0x00000000
mvsocgpp0: High Interrupt Mask: 0x00000000
mvsocgpp0: High Interrupt Level Mask: 0x00000000
gpio0 at mvsocgpp0: 50 pins
ledctl0 at gpio0 pinsmvsocrtc at mvsoc0 unit 0 not configured
com0 at mvsoc0 unit 0 offset 0x12000-0x1201f irq 33: ns16550a, working fifo
com0: console
com1 at mvsoc0 unit 1 offset 0x12100-0x1211f irq 34: ns16550a, working fifo
ehci0 at mvsoc0 unit 0 offset 0x50000-0x51fff irq 19: Marvell USB 2.0 Interface
ehci0: Initializing PHY (65nm)
ehci0: EHCI version 1.0
usb0 at ehci0: USB revision 2.0
gttwsi at mvsoc0 unit 0 not configured
mviicesa0 at mvsoc0 unit 0 offset 0x30000 irq 22: Marvell Crypto Engines and Security Accelerator
mviicesa0: Direct output mode enabled.
mviicesa0: using unified input/output buffer.
mviicesa0: multi-packet chained mode enabled.
mviicesa0: using DMA descriptor ring buffer
mviicesa0: Max 512 sessions.
mviicesa0: Input queue lowat = 16
mviicesa0: 4096 DMA handles in 81920 bytes array
mviicesa0: 4096 DMA Descriptors.
mviicesa0: 2048 bytes internal SRAM initizlized
mviicesa0: registered to opencrypto(max data = 1856 bytes)
mviicesa(4) is from mvcesa(4). The change will be merged
Post by Loganaden Velvindron
mvsmi0 at mvsoc0 unit 0 offset 0x72004-0x72007: Serial Management Interface
mvls0 at mvsmi0 addr 0-31 gpio 11 irq 107 single-chip rev 2: Marvell Gigabit Ethernet Switch
mvlsp0 at mvls0 port 0: Marvell Gigabit Ethernet Switch External Port
mvlsphy0 at mvlsp0 phy 0: Marvell 88E6171 Gigabit Switch PHY, rev. 0
mvlsphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseT-FDX, auto
mvlsp1 at mvls0 port 1: Marvell Gigabit Ethernet Switch External Port
mvlsphy1 at mvlsp1 phy 1: Marvell 88E6171 Gigabit Switch PHY, rev. 0
mvlsphy1: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseT-FDX, auto
mvlsp2 at mvls0 port 2: Marvell Gigabit Ethernet Switch External Port
mvlsphy2 at mvlsp2 phy 2: Marvell 88E6171 Gigabit Switch PHY, rev. 0
mvlsphy2: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseT-FDX, auto
mvlsp3 at mvls0 port 3: Marvell Gigabit Ethernet Switch External Port
mvlsphy3 at mvlsp3 phy 3: Marvell 88E6171 Gigabit Switch PHY, rev. 0
mvlsphy3: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseT-FDX, auto
mvlsp4 at mvls0 port 4: Marvell Gigabit Ethernet Switch External Port
mvlsphy4 at mvlsp4 phy 4: Marvell 88E6171 Gigabit Switch PHY, rev. 0
mvlsphy4: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseT-FDX, auto
mvlsp5 at mvls0 port 5: Marvell Gigabit Ethernet Switch Internal Port
mvlsp6 at mvls0 port 6: Marvell Gigabit Ethernet Switch Internal Port
mvgbec0 at mvsoc0 unit 0 offset 0x70000-0x73fff: Marvell Gigabit Ethernet Controller
mvgbe0 at mvgbec0 port 0 irq 11
mvgbe0: Ethernet address 00:e0:4d:30:00:38
mvgbe0: connected to mvlsp5 with rgmii
mvgbec1 at mvsoc0 unit 1 offset 0x74000-0x77fff: Marvell Gigabit Ethernet Controller
mvgbe1 at mvgbec1 port 0 irq 15
mvgbe1: Ethernet address 00:e0:4d:30:00:39
mvgbe1: connected to mvlsp6 with rgmii
See our paper and slide for the Ethernet switch
Post by Loganaden Velvindron
mvpex0 at mvsoc0 unit 0 offset 0x40000-0x41fff irq 9: Marvell PCI Express Interface
pci0 at mvpex0
pci0: i/o space, memory space enabled
Marvell 88F6281 SoC Kirkwood (miscellaneous memory, revision 0x03) at pci0 dev 0 function 0 not configured
ath0 at pci0 dev 1 function 0: Atheros 9287
Atheros 9287 via mvpex0 (PCIe)
Post by Loganaden Velvindron
ath0: interrupting at interrupt pin INTA#
ath_get_caps[4088] rx chainmask mismatch actual 3 sc_chainmask 0
ath_get_caps[4063] tx chainmask mismatch actual 3 sc_chainmask 0
ath_descdma_setup: tx DMA: 2048 buffers 1 desc/buf 148 desc_len
ath_descdma_setup: tx DMA map: 0xc7e61000 (303104) -> 1ffc000 (303104)
ath_descdma_setup: beacon DMA: 32 buffers 1 desc/buf 148 desc_len
ath_descdma_setup: beacon DMA map: 0xc7eab000 (4736) -> 2046000 (4736)
ath_descdma_setup: uapsd_qnull DMA: 256 buffers 1 desc/buf 148 desc_len
ath_descdma_setup: uapsd_qnull DMA map: 0xc7ead000 (37888) -> 2048000 (37888)
ath_descdma_setup: cfend DMA: 1 buffers 1 desc/buf 148 desc_len
ath_descdma_setup: cfend DMA map: 0xc7eb7000 (148) -> 2052000 (148)
ath_descdma_setup: rx DMA: 512 buffers 1 desc/buf 148 desc_len
ath_descdma_setup: rx DMA map: 0xc7eb8000 (75776) -> 2053000 (75776)
ath0: driver version 3.0.12
ath0: mac 384.2 phy 15.15 radio 12.0
ath0: Use hw queue 0 for WME_AC_BE traffic
ath0: Use hw queue 1 for WME_AC_BK traffic
ath0: Use hw queue 2 for WME_AC_VI traffic
ath0: Use hw queue 3 for WME_AC_VO traffic
ath0: Use hw queue 8 for CAB traffic
ath0: Use hw queue 9 for beacons
mvsata at mvsoc0 unit 0 not configured
mvsdio at mvsoc0 unit 0 not configured
rom0: vendor: 01, SPANSION
rom0: device: 0219, S25FL256S
rom0: 32768K bytes accessible
Our own FLASH ROM driver
Post by Loganaden Velvindron
timecounter: Timecounter "clockinterrupt" frequency 500 Hz quality 0
timecounter: Timecounter "mvsoctmr0" frequency 166666667 Hz quality 100
uhub0 at usb0: Marvell EHCI root hub, class 9/0, rev 2.00/1.00, addr 1
uhub0: 1 port with 1 removable, self powered
IPsec: Initialized Security Association Processing.
uhub1 at uhub0 port 1: Standard Microsystems USB Hub USB2514/14i/14B/14Bi, class 9/0, rev 2.00/b.b3, addr 2
uhub1: multiple transaction translators
uhub1: 2 ports with 2 removable, self powered
IPsec Interface: configured direct processing mode
boot device: <unknown>
md0: internal 20480 KB image area
root on md0a dumps on md0b
ge0p0: link up (1000baseT-FDX)
ge1p0: link up (1000baseT-FDX)
ge1p1: link up (1000baseT-FDX)
Our kernel writes log with LOG_CRIT when the link status is changed
(See another slide in http://mail-index.netbsd.org/current-users/2014/03/19/msg024474.html)
Post by Loganaden Velvindron
ge0: link up
renamed from mvgbe0 to ge0
Post by Loganaden Velvindron
ge1: link up
--
-----------------------------------------------
SAITOH Masanobu (***@execsw.org
***@netbsd.org)

--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
Roy Marples
2014-03-20 18:12:50 UTC
Permalink
Post by Hikaru Abe
Post by Roy Marples
Is there any reason you can't or won't use dhcpcd(8)?
I'm always interested in feedback to make dhcpcd the best solution.
It seems to be almost good for our routers. we would choose dhcpcd(8)
for DHCPv6 if it exist in early 2000s. :)
I'm not sure about details of dhcpcd. But i think there are some
differences between our implementation.
- Install black hole route (RTF_REJECT) to delegated prefix by
default. It prevent ping-pong packet between ISP and CPE for unknown
addresses are not in configured sla-ids.
Nice idea. I added support for this in dhcpcd here:
http://roy.marples.name/projects/dhcpcd/ci/ed3cccf86e?sbs=0
Post by Hikaru Abe
- IPV6CP-aware, like as ethernet link state, especially PPPoE.
Could you describe this a little more?
dhcpcd isn't a PPPoE client but monitors link state quite happily and
reacts accordingly
Post by Hikaru Abe
- Tightly coupled with DHCPv6 server. Some customer network requires
redistribution of DHCPv6 options from WAN to LAN side, such as SNTP,
DNS servers, sub prefix-delegation through PD client.
Well, that is outside of the scope for dhcpcd.
Still, it can be done using current dhcpcd hooks to configure the DHCPv6
server.
Post by Hikaru Abe
- DHCPv6 relay.
Outside the scope of dhcpcd.

Thanks

Roy

--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
Loading...