DSCP for BGP/BFD, Default TTL of 255 for BGP, Graceful config updates for DSCP/TTL in BGP [Spring Cleaning 3/N]#758
Open
taspelund wants to merge 7 commits into
Open
DSCP for BGP/BFD, Default TTL of 255 for BGP, Graceful config updates for DSCP/TTL in BGP [Spring Cleaning 3/N]#758taspelund wants to merge 7 commits into
taspelund wants to merge 7 commits into
Conversation
RFD 619 straggler: Add From<v1::BgpPeerParameters> for latest::BgpPeerParameters (and the corresponding Neighbor conversion) in mg-api-types so that cross-version type translation lives in one place. Drop the v1-specific From<&v1::BgpPeerParameters> for SessionInfo impl in bgp/src/session.rs and have add_neighbor_v1 convert its v1::Neighbor to the latest Neighbor once at the top, routing the rest of the function through the canonical From<&BgpPeerParameters> for SessionInfo. DSCP addition: Adds support for IP QoS markings on BGP sessions. Adds new type Dscp which has constructors and getters for both 6/8-bit DSCP/TOS formats. DSCP is applied inbound by the Dispatcher and outbound by the Connector. Changes to the DSCP value on a BGP peer triggers a connection reset, but will be handled gracefully in a follow-up commit. Signed-off-by: Trey Aspelund <trey@oxidecomputer.com>
- Adds configurable DSCP/TrafficClass to BGP/BFD sockets (defaulting to Network Control service class, i.e. CS6, aligning with the recommendation for networking protocols in RFC 4594 Section 3.2). Sockopt calls are moved from unsafe libc::setsockopt to socket2 wrappers where possible. - Adds sockopt readback tests to validate kernel settings are properly updated. - Adds graceful config updates for BGP enforce-first-as, TTL and DSCP. - Sets outgoing TTL to 255 for BGP when unspecified or min_ttl is explicitly disabled. This avoids a situation where the OS picks its own default value that can't be reset since the corresponding setsockopt calls don't have sentinel values that indicate "reset". This default is applied inbound by the Dispatcher (on the listening socket) and outbound by the Connector (via the connecting socket). Successful connections (TcpConnectionConfirmed/TcpConnectionAcked) have their TTL/DSCP settings overridden by the SessionRunner (FSM) with the per-peer configuration. This handles the situation where the Dispatcher or Connector spawn a new connection with one config, an FSM event arrives with the new config, then the FSM event arrives with the newly-completed connection that has old config. If the FSM always applies the config when accepting a connection, it will never be out of date past the point of handoff. Signed-off-by: Trey Aspelund <trey@oxidecomputer.com>
Adds new versions of the BFD peer add/list endpoints that support DSCP. Updates mgadm to support the new DSCP config, defaulting to CS6. Signed-off-by: Trey Aspelund <trey@oxidecomputer.com>
Adds integration tests that exercise the graceful update of DSCP/TTL and validates that min_ttl works as expected (min_ttl correctly sets TTL for outgoing packets and sets a minimum TTL on received packets). Signed-off-by: Trey Aspelund <trey@oxidecomputer.com>
DSCP better reflects the changes to the API types/endpoints, so make the name more appropriate. Signed-off-by: Trey Aspelund <trey@oxidecomputer.com>
Signed-off-by: Trey Aspelund <trey@oxidecomputer.com>
The test checks that raising r2's min_ttl causes both sessions to drop by waiting for them to leave FsmStateKind::Established. With idle_hold_time=0 the session reconnects immediately upon entering Idle, and a new BGP connection completes in ~100ms, well within the 1 second polling interval of the test's wait_for_eq!() call. Other tests avoid this race because they call r1.shutdown(), which permanently terminates the session runner threads; the session never attempts to reconnect. This test keeps both routers running, so Idle immediately transitions to Connect and back to Established. Set idle_hold_time=10 on both sessions so the non-Established window persists long enough for the poll to observe it. Signed-off-by: Trey Aspelund <trey@oxidecomputer.com>
Contributor
Author
|
Confirmed via manual testing that QoS markings and default outbound TTL are correctly applied, and that updates to the policy don't trigger the session to drop immediately (e.g. setting min_ttl=1 is always safe for inbound packets and the single-hop session didn't drop). Moving this out of draft status |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Sets outbound TTL to 255 on BGP sessions by default (no min_ttl).
Adds support for DSCP/Traffic Class marking of IPv4/IPv6 packets carrying BGP/BFD.
QoS mark is configurable per peer and defaults to CS6 (Network Control) as recommended by RFC 4594 for routing protocols and related traffic.
Adds graceful config updates for min_ttl, DSCP and enforce-first-as in BGP.
Adds integration tests for DSCP/TTL updates in BGP.