标签:ipv6 ati add prot table color srv sys other
To enable SRv6 support, at least CONFIG_IPV6 must be enabled. The default built-in SRv6 code supports elementary processing of SR-enabled packets. For extended features such as SR encapsulation or other advanced processing, enable CONFIG_IPV6_SEG6_LWTUNNEL. The HMAC extension of SRv6 can be enabled through CONFIG_IPV6_SEG6_HMAC. To use iptables to filter packets on their SRv6 header, enable CONFIG_IP6_NF_MATCH_SRH (available since kernel v4.18). Finally, the BPF network functions can be enabled through CONFIG_IPV6_SEG6_BPF (available since kernel v4.18).
Today most of the recent distributions compile the kernel with CONFIG_IPV6_SEG6_LWTUNNEL and CONFIG_IPV6_SEG6_HMAC:
- Debian (since 10) - Fedora (since 24) - Raspbian (since 2018-04-18) - Ubuntu (since 18.04) - [...]
CONFIG_IPV6_SEG6_BPF is enabled in:
- Debian (since 10) - Fedora (since 27)
Fedora (since 27) is the only one enabling CONFIG_IP6_NF_MATCH_SRH as well.
ubuntu19.10-aarch64 [root@localhost uloop3]# cat boot/config-5.3.0-18-generic | grep IPV6_SEG6 CONFIG_IPV6_SEG6_LWTUNNEL=y CONFIG_IPV6_SEG6_HMAC=y CONFIG_IPV6_SEG6_BPF=y [root@localhost uloop3]# cat boot/config-5.3.0-18-generic | grep MATCH_SRH CONFIG_IP6_NF_MATCH_SRH=m
root@ubuntu:~# ip -6 route add 2001::2 encap seg6 mode inline segs abcd::1234 dev enp1s0
root@ubuntu:~# uname -a
Linux ubuntu 5.3.0-18-generic #19-Ubuntu SMP Tue Oct 8 20:14:34 UTC 2019 aarch64 aarch64 aarch64 GNU/Linux
root@ubuntu:~#
root@ubuntu:~# ip -6 route del 2001::2 encap seg6 mode inline segs abcd::1234 dev enp1s0
root@ubuntu:~#
root@ubuntu:~# ip -6 r show
::1 dev lo proto kernel metric 256 pref medium
fe80::/64 dev enp1s0 proto kernel metric 256 pref medium
root@ubuntu:~# ip -6 route add 2001::2 encap seg6 mode inline segs abcd::1234 dev enp1s0
root@ubuntu:~# ip -6 r show
::1 dev lo proto kernel metric 256 pref medium
2001::2 encap seg6 mode inline segs 2 [ abcd::1234 :: ] dev enp1s0 metric 1024 pref medium
fe80::/64 dev enp1s0 proto kernel metric 256 pref medium
root@ubuntu:~# ip -6 route del 2001::2 encap seg6 mode inline segs abcd::1234 dev enp1s0
root@ubuntu:~# ip -6 r show
::1 dev lo proto kernel metric 256 pref medium
fe80::/64 dev enp1s0 proto kernel metric 256 pref medium
root@ubuntu:~#
centos8
[root@localhost ~]# uname -a Linux localhost.localdomain 4.18.0-147.3.1.el8_1.x86_64 #1 SMP Fri Jan 3 23:55:26 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux [root@localhost ~]# [root@localhost ~]# cat /boot/config-`uname -r` | grep grep IPV6_SEG6 grep: IPV6_SEG6: No such file or directory [root@localhost ~]# cat /boot/config-`uname -r` | grep IPV6_SEG6 # CONFIG_IPV6_SEG6_LWTUNNEL is not set # CONFIG_IPV6_SEG6_HMAC is not set [root@localhost ~]# cat /boot/config-`uname -r` | grep MATCH_SRH # CONFIG_IP6_NF_MATCH_SRH is not set
sysctl -w net.ipv6.conf.all.disable_ipv6=0 sysctl -w net.ipv4.ip_forward=1 sysctl -w net.ipv6.conf.all.forwarding=1 sysctl -w net.ipv6.conf.all.seg6_enabled=1 sysctl -w net.ipv6.conf.default.seg6_enabled=1
root@ubuntu:~# sysctl -a | grep net.ipv6.conf | grep disable net.ipv6.conf.all.disable_ipv6 = 0 net.ipv6.conf.all.disable_policy = 0 net.ipv6.conf.default.disable_ipv6 = 0 net.ipv6.conf.default.disable_policy = 0 net.ipv6.conf.enp1s0.disable_ipv6 = 0 net.ipv6.conf.enp1s0.disable_policy = 0 net.ipv6.conf.lo.disable_ipv6 = 0 net.ipv6.conf.lo.disable_policy = 0
SRv6 - Linux Kernel Implementation
标签:ipv6 ati add prot table color srv sys other
原文地址:https://www.cnblogs.com/dream397/p/12852561.html
