2 * link_ip6tnl.c ip6tnl driver module
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version
7 * 2 of the License, or (at your option) any later version.
9 * Authors: Nicolas Dichtel <nicolas.dichtel@6wind.com>
15 #include <sys/types.h>
16 #include <sys/socket.h>
17 #include <arpa/inet.h>
20 #include <linux/if_tunnel.h>
21 #include <linux/ip6_tunnel.h>
24 #include "ip_common.h"
27 #define IP6_FLOWINFO_TCLASS htonl(0x0FF00000)
28 #define IP6_FLOWINFO_FLOWLABEL htonl(0x000FFFFF)
30 #define DEFAULT_TNL_HOP_LIMIT (64)
32 static void print_usage(FILE *f
)
35 "Usage: ... ip6tnl [ mode { ip6ip6 | ipip6 | any } ]\n"
39 " [ encaplimit ELIM ]\n"
40 " [ hoplimit HLIM ]\n"
41 " [ tclass TCLASS ]\n"
42 " [ flowlabel FLOWLABEL ]\n"
45 " [ [no]allow-localremote ]\n"
47 " [ encap { fou | gue | none } ]\n"
48 " [ encap-sport PORT ]\n"
49 " [ encap-dport PORT ]\n"
50 " [ [no]encap-csum ]\n"
51 " [ [no]encap-csum6 ]\n"
52 " [ [no]encap-remcsum ]\n"
55 "Where: ADDR := IPV6_ADDRESS\n"
56 " ELIM := { none | 0..255 }(default=%d)\n"
57 " HLIM := 0..255 (default=%d)\n"
58 " TCLASS := { 0x0..0xff | inherit }\n"
59 " FLOWLABEL := { 0x0..0xfffff | inherit }\n"
60 " MARK := { 0x0..0xffffffff | inherit }\n",
61 IPV6_DEFAULT_TNL_ENCAP_LIMIT
, DEFAULT_TNL_HOP_LIMIT
65 static void usage(void) __attribute__((noreturn
));
66 static void usage(void)
72 static int ip6tunnel_parse_opt(struct link_util
*lu
, int argc
, char **argv
,
75 struct ifinfomsg
*ifi
= (struct ifinfomsg
*)(n
+ 1);
80 .n
.nlmsg_len
= NLMSG_LENGTH(sizeof(*ifi
)),
81 .n
.nlmsg_flags
= NLM_F_REQUEST
,
82 .n
.nlmsg_type
= RTM_GETLINK
,
83 .i
.ifi_family
= preferred_family
,
84 .i
.ifi_index
= ifi
->ifi_index
,
86 struct nlmsghdr
*answer
= NULL
;
87 struct rtattr
*tb
[IFLA_MAX
+ 1];
88 struct rtattr
*linkinfo
[IFLA_INFO_MAX
+1];
89 struct rtattr
*iptuninfo
[IFLA_IPTUN_MAX
+ 1];
91 struct in6_addr laddr
= {};
92 struct in6_addr raddr
= {};
93 __u8 hop_limit
= DEFAULT_TNL_HOP_LIMIT
;
94 __u8 encap_limit
= IPV6_DEFAULT_TNL_ENCAP_LIMIT
;
100 __u16 encapflags
= TUNNEL_ENCAP_FLAG_CSUM6
;
101 __u16 encapsport
= 0;
102 __u16 encapdport
= 0;
106 if (!(n
->nlmsg_flags
& NLM_F_CREATE
)) {
107 if (rtnl_talk(&rth
, &req
.n
, &answer
) < 0) {
110 "Failed to get existing tunnel info.\n");
115 len
= answer
->nlmsg_len
;
116 len
-= NLMSG_LENGTH(sizeof(*ifi
));
120 parse_rtattr(tb
, IFLA_MAX
, IFLA_RTA(NLMSG_DATA(answer
)), len
);
122 if (!tb
[IFLA_LINKINFO
])
125 parse_rtattr_nested(linkinfo
, IFLA_INFO_MAX
, tb
[IFLA_LINKINFO
]);
127 if (!linkinfo
[IFLA_INFO_DATA
])
130 parse_rtattr_nested(iptuninfo
, IFLA_IPTUN_MAX
,
131 linkinfo
[IFLA_INFO_DATA
]);
133 if (iptuninfo
[IFLA_IPTUN_LOCAL
])
134 memcpy(&laddr
, RTA_DATA(iptuninfo
[IFLA_IPTUN_LOCAL
]),
137 if (iptuninfo
[IFLA_IPTUN_REMOTE
])
138 memcpy(&raddr
, RTA_DATA(iptuninfo
[IFLA_IPTUN_REMOTE
]),
141 if (iptuninfo
[IFLA_IPTUN_TTL
])
142 hop_limit
= rta_getattr_u8(iptuninfo
[IFLA_IPTUN_TTL
]);
144 if (iptuninfo
[IFLA_IPTUN_ENCAP_LIMIT
])
145 encap_limit
= rta_getattr_u8(iptuninfo
[IFLA_IPTUN_ENCAP_LIMIT
]);
147 if (iptuninfo
[IFLA_IPTUN_FLOWINFO
])
148 flowinfo
= rta_getattr_u32(iptuninfo
[IFLA_IPTUN_FLOWINFO
]);
150 if (iptuninfo
[IFLA_IPTUN_FLAGS
])
151 flags
= rta_getattr_u32(iptuninfo
[IFLA_IPTUN_FLAGS
]);
153 if (iptuninfo
[IFLA_IPTUN_LINK
])
154 link
= rta_getattr_u32(iptuninfo
[IFLA_IPTUN_LINK
]);
156 if (iptuninfo
[IFLA_IPTUN_PROTO
])
157 proto
= rta_getattr_u8(iptuninfo
[IFLA_IPTUN_PROTO
]);
158 if (iptuninfo
[IFLA_IPTUN_COLLECT_METADATA
])
161 if (iptuninfo
[IFLA_IPTUN_FWMARK
])
162 fwmark
= rta_getattr_u32(iptuninfo
[IFLA_IPTUN_FWMARK
]);
168 if (matches(*argv
, "mode") == 0) {
170 if (strcmp(*argv
, "ipv6/ipv6") == 0 ||
171 strcmp(*argv
, "ip6ip6") == 0)
172 proto
= IPPROTO_IPV6
;
173 else if (strcmp(*argv
, "ip/ipv6") == 0 ||
174 strcmp(*argv
, "ipv4/ipv6") == 0 ||
175 strcmp(*argv
, "ipip6") == 0 ||
176 strcmp(*argv
, "ip4ip6") == 0)
177 proto
= IPPROTO_IPIP
;
178 else if (strcmp(*argv
, "any/ipv6") == 0 ||
179 strcmp(*argv
, "any") == 0)
182 invarg("Cannot guess tunnel mode.", *argv
);
183 } else if (strcmp(*argv
, "remote") == 0) {
187 get_prefix(&addr
, *argv
, preferred_family
);
188 if (addr
.family
== AF_UNSPEC
)
189 invarg("\"remote\" address family is AF_UNSPEC", *argv
);
190 memcpy(&raddr
, addr
.data
, addr
.bytelen
);
191 } else if (strcmp(*argv
, "local") == 0) {
195 get_prefix(&addr
, *argv
, preferred_family
);
196 if (addr
.family
== AF_UNSPEC
)
197 invarg("\"local\" address family is AF_UNSPEC", *argv
);
198 memcpy(&laddr
, addr
.data
, addr
.bytelen
);
199 } else if (matches(*argv
, "dev") == 0) {
201 link
= if_nametoindex(*argv
);
203 invarg("\"dev\" is invalid", *argv
);
204 } else if (strcmp(*argv
, "hoplimit") == 0 ||
205 strcmp(*argv
, "ttl") == 0 ||
206 strcmp(*argv
, "hlim") == 0) {
210 if (get_u8(&uval
, *argv
, 0))
211 invarg("invalid HLIM", *argv
);
213 } else if (strcmp(*argv
, "encaplimit") == 0) {
215 if (strcmp(*argv
, "none") == 0) {
216 flags
|= IP6_TNL_F_IGN_ENCAP_LIMIT
;
220 if (get_u8(&uval
, *argv
, 0) < -1)
221 invarg("invalid ELIM", *argv
);
223 flags
&= ~IP6_TNL_F_IGN_ENCAP_LIMIT
;
225 } else if (strcmp(*argv
, "tclass") == 0 ||
226 strcmp(*argv
, "tc") == 0 ||
227 strcmp(*argv
, "tos") == 0 ||
228 matches(*argv
, "dsfield") == 0) {
232 flowinfo
&= ~IP6_FLOWINFO_TCLASS
;
233 if (strcmp(*argv
, "inherit") == 0)
234 flags
|= IP6_TNL_F_USE_ORIG_TCLASS
;
236 if (get_u8(&uval
, *argv
, 16))
237 invarg("invalid TClass", *argv
);
238 flowinfo
|= htonl((__u32
)uval
<< 20) & IP6_FLOWINFO_TCLASS
;
239 flags
&= ~IP6_TNL_F_USE_ORIG_TCLASS
;
241 } else if (strcmp(*argv
, "flowlabel") == 0 ||
242 strcmp(*argv
, "fl") == 0) {
246 flowinfo
&= ~IP6_FLOWINFO_FLOWLABEL
;
247 if (strcmp(*argv
, "inherit") == 0)
248 flags
|= IP6_TNL_F_USE_ORIG_FLOWLABEL
;
250 if (get_u32(&uval
, *argv
, 16))
251 invarg("invalid Flowlabel", *argv
);
253 invarg("invalid Flowlabel", *argv
);
254 flowinfo
|= htonl(uval
) & IP6_FLOWINFO_FLOWLABEL
;
255 flags
&= ~IP6_TNL_F_USE_ORIG_FLOWLABEL
;
257 } else if (strcmp(*argv
, "dscp") == 0) {
259 if (strcmp(*argv
, "inherit") != 0)
260 invarg("not inherit", *argv
);
261 flags
|= IP6_TNL_F_RCV_DSCP_COPY
;
262 } else if (strcmp(*argv
, "fwmark") == 0) {
264 if (strcmp(*argv
, "inherit") == 0) {
265 flags
|= IP6_TNL_F_USE_ORIG_FWMARK
;
268 if (get_u32(&fwmark
, *argv
, 0))
269 invarg("invalid fwmark\n", *argv
);
270 flags
&= ~IP6_TNL_F_USE_ORIG_FWMARK
;
272 } else if (strcmp(*argv
, "allow-localremote") == 0) {
273 flags
|= IP6_TNL_F_ALLOW_LOCAL_REMOTE
;
274 } else if (strcmp(*argv
, "noallow-localremote") == 0) {
275 flags
&= ~IP6_TNL_F_ALLOW_LOCAL_REMOTE
;
276 } else if (strcmp(*argv
, "noencap") == 0) {
277 encaptype
= TUNNEL_ENCAP_NONE
;
278 } else if (strcmp(*argv
, "encap") == 0) {
280 if (strcmp(*argv
, "fou") == 0)
281 encaptype
= TUNNEL_ENCAP_FOU
;
282 else if (strcmp(*argv
, "gue") == 0)
283 encaptype
= TUNNEL_ENCAP_GUE
;
284 else if (strcmp(*argv
, "none") == 0)
285 encaptype
= TUNNEL_ENCAP_NONE
;
287 invarg("Invalid encap type.", *argv
);
288 } else if (strcmp(*argv
, "encap-sport") == 0) {
290 if (strcmp(*argv
, "auto") == 0)
292 else if (get_u16(&encapsport
, *argv
, 0))
293 invarg("Invalid source port.", *argv
);
294 } else if (strcmp(*argv
, "encap-dport") == 0) {
296 if (get_u16(&encapdport
, *argv
, 0))
297 invarg("Invalid destination port.", *argv
);
298 } else if (strcmp(*argv
, "encap-csum") == 0) {
299 encapflags
|= TUNNEL_ENCAP_FLAG_CSUM
;
300 } else if (strcmp(*argv
, "noencap-csum") == 0) {
301 encapflags
&= ~TUNNEL_ENCAP_FLAG_CSUM
;
302 } else if (strcmp(*argv
, "encap-udp6-csum") == 0) {
303 encapflags
|= TUNNEL_ENCAP_FLAG_CSUM6
;
304 } else if (strcmp(*argv
, "noencap-udp6-csum") == 0) {
305 encapflags
&= ~TUNNEL_ENCAP_FLAG_CSUM6
;
306 } else if (strcmp(*argv
, "encap-remcsum") == 0) {
307 encapflags
|= TUNNEL_ENCAP_FLAG_REMCSUM
;
308 } else if (strcmp(*argv
, "noencap-remcsum") == 0) {
309 encapflags
|= ~TUNNEL_ENCAP_FLAG_REMCSUM
;
310 } else if (strcmp(*argv
, "external") == 0) {
317 addattr8(n
, 1024, IFLA_IPTUN_PROTO
, proto
);
319 addattr_l(n
, 1024, IFLA_IPTUN_COLLECT_METADATA
, NULL
, 0);
322 addattr_l(n
, 1024, IFLA_IPTUN_LOCAL
, &laddr
, sizeof(laddr
));
323 addattr_l(n
, 1024, IFLA_IPTUN_REMOTE
, &raddr
, sizeof(raddr
));
324 addattr8(n
, 1024, IFLA_IPTUN_TTL
, hop_limit
);
325 addattr8(n
, 1024, IFLA_IPTUN_ENCAP_LIMIT
, encap_limit
);
326 addattr32(n
, 1024, IFLA_IPTUN_FLOWINFO
, flowinfo
);
327 addattr32(n
, 1024, IFLA_IPTUN_FLAGS
, flags
);
328 addattr32(n
, 1024, IFLA_IPTUN_LINK
, link
);
329 addattr32(n
, 1024, IFLA_IPTUN_FWMARK
, fwmark
);
331 addattr16(n
, 1024, IFLA_IPTUN_ENCAP_TYPE
, encaptype
);
332 addattr16(n
, 1024, IFLA_IPTUN_ENCAP_FLAGS
, encapflags
);
333 addattr16(n
, 1024, IFLA_IPTUN_ENCAP_SPORT
, htons(encapsport
));
334 addattr16(n
, 1024, IFLA_IPTUN_ENCAP_DPORT
, htons(encapdport
));
339 static void ip6tunnel_print_opt(struct link_util
*lu
, FILE *f
, struct rtattr
*tb
[])
348 if (tb
[IFLA_IPTUN_FLAGS
])
349 flags
= rta_getattr_u32(tb
[IFLA_IPTUN_FLAGS
]);
351 if (tb
[IFLA_IPTUN_FLOWINFO
])
352 flowinfo
= rta_getattr_u32(tb
[IFLA_IPTUN_FLOWINFO
]);
354 if (tb
[IFLA_IPTUN_PROTO
]) {
355 switch (rta_getattr_u8(tb
[IFLA_IPTUN_PROTO
])) {
357 print_string(PRINT_ANY
, "proto", "%s ", "ipip6");
360 print_string(PRINT_ANY
, "proto", "%s ", "ip6ip6");
363 print_string(PRINT_ANY
, "proto", "%s ", "any");
368 if (tb
[IFLA_IPTUN_REMOTE
]) {
369 print_string(PRINT_ANY
,
372 rt_addr_n2a_rta(AF_INET6
, tb
[IFLA_IPTUN_REMOTE
]));
375 if (tb
[IFLA_IPTUN_LOCAL
]) {
376 print_string(PRINT_ANY
,
379 rt_addr_n2a_rta(AF_INET6
, tb
[IFLA_IPTUN_LOCAL
]));
382 if (tb
[IFLA_IPTUN_LINK
] && rta_getattr_u32(tb
[IFLA_IPTUN_LINK
])) {
383 unsigned int link
= rta_getattr_u32(tb
[IFLA_IPTUN_LINK
]);
384 const char *n
= if_indextoname(link
, s2
);
387 print_string(PRINT_ANY
, "link", "dev %s ", n
);
389 print_uint(PRINT_ANY
, "link_index", "dev %u ", link
);
392 if (flags
& IP6_TNL_F_IGN_ENCAP_LIMIT
)
393 print_bool(PRINT_ANY
,
394 "ip6_tnl_f_ign_encap_limit",
397 else if (tb
[IFLA_IPTUN_ENCAP_LIMIT
])
398 print_uint(PRINT_ANY
,
401 rta_getattr_u8(tb
[IFLA_IPTUN_ENCAP_LIMIT
]));
403 if (tb
[IFLA_IPTUN_TTL
])
404 print_uint(PRINT_ANY
,
407 rta_getattr_u8(tb
[IFLA_IPTUN_TTL
]));
409 if (flags
& IP6_TNL_F_USE_ORIG_TCLASS
)
410 print_bool(PRINT_ANY
,
411 "ip6_tnl_f_use_orig_tclass",
414 else if (tb
[IFLA_IPTUN_FLOWINFO
]) {
415 __u32 val
= ntohl(flowinfo
& IP6_FLOWINFO_TCLASS
);
417 if (is_json_context()) {
420 snprintf(b1
, sizeof(b1
), "0x%02x", (__u8
)(val
>> 20));
421 print_string(PRINT_JSON
, "flowinfo_tclass", NULL
, b1
);
423 printf("tclass 0x%02x ", (__u8
)(val
>> 20));
427 if (flags
& IP6_TNL_F_USE_ORIG_FLOWLABEL
) {
428 print_bool(PRINT_ANY
,
429 "ip6_tnl_f_use_orig_flowlabel",
430 "flowlabel inherit ",
433 if (is_json_context()) {
436 snprintf(b1
, sizeof(b1
), "0x%05x",
437 ntohl(flowinfo
& IP6_FLOWINFO_FLOWLABEL
));
438 print_string(PRINT_JSON
, "flowlabel", NULL
, b1
);
440 printf("flowlabel 0x%05x ",
441 ntohl(flowinfo
& IP6_FLOWINFO_FLOWLABEL
));
445 if (is_json_context()) {
448 snprintf(flwinfo
, sizeof(flwinfo
), "0x%08x", ntohl(flowinfo
));
449 print_string(PRINT_JSON
, "flowinfo", NULL
, flwinfo
);
451 printf("(flowinfo 0x%08x) ", ntohl(flowinfo
));
455 if (flags
& IP6_TNL_F_RCV_DSCP_COPY
)
456 print_bool(PRINT_ANY
,
457 "ip6_tnl_f_rcv_dscp_copy",
461 if (flags
& IP6_TNL_F_MIP6_DEV
)
462 print_bool(PRINT_ANY
, "ip6_tnl_f_mip6_dev", "mip6 ", true);
464 if (flags
& IP6_TNL_F_USE_ORIG_FWMARK
) {
465 print_bool(PRINT_ANY
,
466 "ip6_tnl_f_use_orig_fwmark",
469 } else if (tb
[IFLA_IPTUN_FWMARK
]) {
470 __u32 fwmark
= rta_getattr_u32(tb
[IFLA_IPTUN_FWMARK
]);
475 snprintf(b1
, sizeof(b1
), "0x%x", fwmark
);
476 print_string(PRINT_ANY
, "fwmark", "fwmark %s ", b1
);
480 if (flags
& IP6_TNL_F_ALLOW_LOCAL_REMOTE
)
481 print_bool(PRINT_ANY
,
482 "ip6_tnl_f_allow_local_remote",
483 "allow-localremote ",
486 if (tb
[IFLA_IPTUN_ENCAP_TYPE
] &&
487 rta_getattr_u16(tb
[IFLA_IPTUN_ENCAP_TYPE
]) != TUNNEL_ENCAP_NONE
) {
488 __u16 type
= rta_getattr_u16(tb
[IFLA_IPTUN_ENCAP_TYPE
]);
489 __u16 flags
= rta_getattr_u16(tb
[IFLA_IPTUN_ENCAP_FLAGS
]);
490 __u16 sport
= rta_getattr_u16(tb
[IFLA_IPTUN_ENCAP_SPORT
]);
491 __u16 dport
= rta_getattr_u16(tb
[IFLA_IPTUN_ENCAP_DPORT
]);
493 open_json_object("encap");
494 print_string(PRINT_FP
, NULL
, "encap ", NULL
);
496 case TUNNEL_ENCAP_FOU
:
497 print_string(PRINT_ANY
, "type", "%s ", "fou");
499 case TUNNEL_ENCAP_GUE
:
500 print_string(PRINT_ANY
, "type", "%s ", "gue");
503 print_null(PRINT_ANY
, "type", "unknown ", NULL
);
507 if (is_json_context()) {
508 print_uint(PRINT_JSON
,
511 sport
? ntohs(sport
) : 0);
512 print_uint(PRINT_JSON
, "dport", NULL
, ntohs(dport
));
513 print_bool(PRINT_JSON
, "csum", NULL
,
514 flags
& TUNNEL_ENCAP_FLAG_CSUM
);
515 print_bool(PRINT_JSON
, "csum6", NULL
,
516 flags
& TUNNEL_ENCAP_FLAG_CSUM6
);
517 print_bool(PRINT_JSON
, "remcsum", NULL
,
518 flags
& TUNNEL_ENCAP_FLAG_REMCSUM
);
522 fputs("encap-sport auto ", f
);
524 fprintf(f
, "encap-sport %u", ntohs(sport
));
526 fprintf(f
, "encap-dport %u ", ntohs(dport
));
528 if (flags
& TUNNEL_ENCAP_FLAG_CSUM
)
529 fputs("encap-csum ", f
);
531 fputs("noencap-csum ", f
);
533 if (flags
& TUNNEL_ENCAP_FLAG_CSUM6
)
534 fputs("encap-csum6 ", f
);
536 fputs("noencap-csum6 ", f
);
538 if (flags
& TUNNEL_ENCAP_FLAG_REMCSUM
)
539 fputs("encap-remcsum ", f
);
541 fputs("noencap-remcsum ", f
);
546 static void ip6tunnel_print_help(struct link_util
*lu
, int argc
, char **argv
,
552 struct link_util ip6tnl_link_util
= {
554 .maxattr
= IFLA_IPTUN_MAX
,
555 .parse_opt
= ip6tunnel_parse_opt
,
556 .print_opt
= ip6tunnel_print_opt
,
557 .print_help
= ip6tunnel_print_help
,