Add new socket ioctls SIOC[SG]TUNFIB to set FIB number of encapsulated packets on tunnel interfaces
ClosedPublic
Actions

Authored by ae on May 6 2015, 3:54 PM.

Details

Reviewers

melifaro
ae
gnn
bz

Group Reviewers

network

Summary

Currently we have only undocumented ability to set different FIB number for packets that tunneling interfaces encapsulate. It can be done on interface cloning with setfib(1):

# setfib 1 ifconfig gre0 create

To change FIB number we should recreate interface. And it seems there is no way to determine the configured value.
This patch add SIOCGTUNFIB and SIOCSTUNFIB ioctls to get and set FIB number via ifconfig(8). Also it add support of these ioctls to gre(4), gif(4) and me(4) interfaces.
Also there are two similar fixes for gre(4) and me(4) - use if_fib value from ifnet structure to set FIB number for incoming packets.

Test Plan

This is example demonstrates how to configure GRE tunnel with the same inner and outer addresses:

# sysctl net | grep fibs
net.add_addr_allfibs: 0
net.fibs: 2
# route add 10.9.8.0/24 -fib 1 -iface em0
# ifconfig gre0 create inet 10.9.8.11 10.9.8.3 tunnel 10.9.8.11 10.9.8.3 tunnelfib 1
# ifconfig gre0
gre0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1476
	tunnel inet 10.9.8.3 --> 10.9.8.11
	inet 10.9.8.3 --> 10.9.8.11 netmask 0xff000000 
	inet6 fe80::f2de:f1ff:fecb:5415%gre0 prefixlen 64 scopeid 0x7 
	nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
	tunnelfib: 1
	groups: gre 

# netstat -rnf inet -F 0
Routing tables

Internet:
Destination        Gateway            Flags      Netif Expire
default            10.9.8.1           UGS         em0
10.9.8.0/24        link#1             U           em0
10.9.8.3           link#5             UH         gre0
10.9.8.11          link#1             UHS         lo0
127.0.0.1          link#4             UH          lo0
# netstat -rnf inet -F 1
Routing tables (fib: 1)

Internet:
Destination        Gateway            Flags      Netif Expire
10.9.8.0/24        00:22:4d:6a:5e:b9  US          em0

# tcpdump -ni em0 proto gre
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on em0, link-type EN10MB (Ethernet), capture size 262144 bytes
capability mode sandbox enabled
18:47:55.595764 IP 10.9.8.3 > 10.9.8.11: GREv0, length 88: IP 10.9.8.3 > 10.9.8.11: ICMP echo request, id 54059, seq 0, length 64
18:47:55.595787 IP 10.9.8.11 > 10.9.8.3: GREv0, length 88: IP 10.9.8.11 > 10.9.8.3: ICMP echo reply, id 54059, seq 0, length 64
^C

# ifconfig gif0 create tunnelfib 1
# ifconfig gif0
gif0: flags=8010<POINTOPOINT,MULTICAST> metric 0 mtu 1280
	nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
	tunnelfib: 1
	groups: gif 
# ifconfig em0 tunnelfib 1
ifconfig: ioctl (SIOCSTUNFIB): Invalid argument