From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.5 (2021-03-20) on atuin.qyliss.net X-Spam-Level: X-Spam-Status: No, score=-4.5 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RCVD_IN_DNSWL_LOW,RCVD_IN_MSPIKE_H4, RCVD_IN_MSPIKE_WL,SPF_HELO_PASS autolearn=unavailable autolearn_force=no version=3.4.5 Received: by atuin.qyliss.net (Postfix, from userid 496) id 25A985E16; Thu, 13 May 2021 20:16:24 +0000 (UTC) Received: from atuin.qyliss.net (localhost [IPv6:::1]) by atuin.qyliss.net (Postfix) with ESMTP id 3515F5DC4; Thu, 13 May 2021 20:16:14 +0000 (UTC) Received: by atuin.qyliss.net (Postfix, from userid 496) id 9D2C35DBE; Thu, 13 May 2021 20:16:11 +0000 (UTC) Received: from wout2-smtp.messagingengine.com (wout2-smtp.messagingengine.com [64.147.123.25]) by atuin.qyliss.net (Postfix) with ESMTPS id 149005DBC for ; Thu, 13 May 2021 20:16:06 +0000 (UTC) Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailout.west.internal (Postfix) with ESMTP id E318D2597 for ; Thu, 13 May 2021 16:16:03 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute2.internal (MEProxy); Thu, 13 May 2021 16:16:04 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alyssa.is; h= from:to:subject:date:message-id:mime-version :content-transfer-encoding; s=fm3; bh=yvzoha4Cb3wCQCNSl5dObHmFLg XOrQAQg3lR6OtS54E=; b=DEXJNvqKUzDi/svBEVwS/jANxTNd4FK0ulb6O4tqJm Qt0deMv6COlGbQT9c1pEDaTyqPzhtOFoEUJKnI7GY6V11xxHZQgND6msZcc4ALZ8 MYjLaLKKL8DwmtYOGEXYz20kBoj7SJVcASTnGYDCQ5pntrWHNpGTtYrYIixiSkby nMueXmZZO6LOxBh78s5rfz6eOOloDjNPDhzCGss+Dt6N46IotcTiR7p1tqT0/xLG rTadQC0g3l6/lIa+PGq5ztab5YaTSj8fOofzc9PTlA8Q4PlK2pj8b2mfWpf1/EIu 6kNNA78fsgsjPXRErklW5QgZwaFyELW6tidybFuypfQA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:date:from :message-id:mime-version:subject:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=yvzoha4Cb3wCQCNSl 5dObHmFLgXOrQAQg3lR6OtS54E=; b=SntjidFWQnhTE6G63iKRO1z0FCTvvH6Qy Vhstq3QNCMKAhX6mqlCiSzCiAXno8NPCe4SwNZFljhm8616yTIkxs5vD3rQ59Wv4 C85Ny2AWqOSK4adXHYrkzzJoLdmkHsIv64v29tilPprVwoEpbAke3SNsaXGTFUB/ 3VNsf0cFV9LKfHrtYS6Tko9hTSw6W6Gl7yMV3TCTDrMwPhrPkpSsTbf+hRGjLMpe DYBRmWGXgB8PKPGF/yNaGBF+jeY85mI90C7mKXav2ewk5KKTdGlGD78jw/RTdDAM 3bSJKVZWkHFsZ7CrbMZi5zCMOQB/A2juP34fTt2UuYRH2Jhd0ffIw== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduledrvdehgedgudegjecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecunecujfgurhephffvufffkffoggfgsedtkeertd ertddtnecuhfhrohhmpeetlhihshhsrgcutfhoshhsuceohhhisegrlhihshhsrgdrihhs qeenucggtffrrghtthgvrhhnpeehvdffgffhteeijefgteeftdfghfdvheeuhedvjedugf eggfeljefgleefvefgfeenucfkphepgeeirdektddrudefkedrjeefnecuvehluhhsthgv rhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepqhihlhhishhsseigvddvtd drqhihlhhishhsrdhnvght X-ME-Proxy: Received: from x220.qyliss.net (p2e508a49.dip0.t-ipconnect.de [46.80.138.73]) by mail.messagingengine.com (Postfix) with ESMTPA for ; Thu, 13 May 2021 16:16:02 -0400 (EDT) Received: by x220.qyliss.net (Postfix, from userid 1000) id E8C853E2; Thu, 13 May 2021 20:16:00 +0000 (UTC) From: Alyssa Ross To: devel@spectrum-os.org Subject: [PATCH nixpkgs] spectrumPackages: use link-local router addresses Date: Thu, 13 May 2021 20:13:24 +0000 Message-Id: <20210513201323.2087344-1-hi@alyssa.is> X-Mailer: git-send-email 2.31.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Message-ID-Hash: JPIN46IDU5WC2EURBLBPITQLLG2LWJSP X-Message-ID-Hash: JPIN46IDU5WC2EURBLBPITQLLG2LWJSP X-MailFrom: qyliss@x220.qyliss.net X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.4 Precedence: list List-Id: Patches and low-level development discussion Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: There's no need for every interface on a router to have it's own unique IP. Using link-local addresses, we can assign every interface on a single router the same IP, and save the effort of adding/subtracting one all the time to infer the address of one side of a link from the other. This means that routers and clients are both only interested in what the IP of the client should be, since that's the only thing that is different between different links. So we change our MAC format to communicate the client IP to both sides. If we just made the whole NIC portion of the MAC the last three octets of an IP address like we did before, then both ends of the link would have the same MAC, so we still need to set a bit to encode whether a MAC is at the router side of the link or the client side. I've decided to simplify the implementation by using the most significant bit of the NIC part for that, and just declaring the rest of that octet to be reserved. This way, no calculation is required in the guests -- they just need to look at the last two octets. And we can still identify 65536 links in this scheme, which should be enough for anybody, right? --- I'd like to move the networking to be IPv6. That's a bit more complicated, but shouldn't get in the way of smaller improvements like this. .../linux/spectrum/testhost/default.nix | 25 ++++++++----------- .../linux/spectrum/vm/app/default.nix | 15 ++++------- .../linux/spectrum/vm/net/default.nix | 13 +++++----- 3 files changed, 23 insertions(+), 30 deletions(-) diff --git a/pkgs/os-specific/linux/spectrum/testhost/default.nix b/pkgs/os-specific/linux/spectrum/testhost/default.nix index 21c585f1490..de62f0add67 100644 --- a/pkgs/os-specific/linux/spectrum/testhost/default.nix +++ b/pkgs/os-specific/linux/spectrum/testhost/default.nix @@ -45,23 +45,20 @@ let if { ip link set br0 up } # Calculate the MACs for our TAP and the router's TAP. - backtick -in router_nic_dec { - expr ${toString sys-vms.app.vmID} * 2 + 64 * 256 * 256 - } - backtick -in client_nic_dec { - expr ${toString sys-vms.app.vmID} * 2 + 64 * 256 * 256 + 1 - } - multisubstitute { - importas -iu router_nic_dec router_nic_dec - importas -iu client_nic_dec client_nic_dec - } + # MAC address format, by octet: + # + # 0-3 Static OUI for Spectrum + # 4 Most significant bit is used to differentiate + # routers from clients. Other bits are reserved. + # 5-6 Last two octets of client's IP (in 100.64.0.0/16). + # backtick -i router_mac { - pipeline { printf %x $router_nic_dec } - sed s/^\\(..\\)\\(..\\)\\(..\\)$/0A:B3:EC:\\1:\\2:\\3/ + pipeline { printf %.4x ${toString sys-vms.app.vmID} } + sed s/^\\(..\\)\\(..\\)$/0A:B3:EC:80:\\1:\\2/ } backtick -i client_mac { - pipeline { printf %x $client_nic_dec } - sed s/^\\(..\\)\\(..\\)\\(..\\)$/0A:B3:EC:\\1:\\2:\\3/ + pipeline { printf %.4x ${toString sys-vms.app.vmID} } + sed s/^\\(..\\)\\(..\\)$/0A:B3:EC:00:\\1:\\2/ } multisubstitute { importas -iu router_mac router_mac diff --git a/pkgs/os-specific/linux/spectrum/vm/app/default.nix b/pkgs/os-specific/linux/spectrum/vm/app/default.nix index 65dbb51f5e1..f8ff480932c 100644 --- a/pkgs/os-specific/linux/spectrum/vm/app/default.nix +++ b/pkgs/os-specific/linux/spectrum/vm/app/default.nix @@ -28,20 +28,15 @@ runCommand "vm-app" rec { up = writeText "net-up" '' backtick -i LOCAL_IP { pipeline { ip -j link show eth0 } - pipeline { jq -r ".[0].address | split(\":\") | .[3:6] | \"0x\" + .[]" } - xargs printf "100.%d.%d.%d" + pipeline { jq -r ".[0].address | split(\":\") | .[4:6] | \"0x\" + .[]" } + xargs printf "100.64.%d.%d" } importas -iu LOCAL_IP LOCAL_IP - backtick -i REMOTE_IP { - jq -jn --arg localip $LOCAL_IP - "$localip | split(\".\") | .[3] |= tonumber - 1 | join(\".\")" - } - importas -iu REMOTE_IP REMOTE_IP - - if { ip address add ''${LOCAL_IP}/31 dev eth0 } + if { ip address add ''${LOCAL_IP}/32 dev eth0 } if { ip link set eth0 up } - ip route add default via $REMOTE_IP + if { ip route add 169.254.0.1 dev eth0 } + ip route add default via 169.254.0.1 dev eth0 ''; }; diff --git a/pkgs/os-specific/linux/spectrum/vm/net/default.nix b/pkgs/os-specific/linux/spectrum/vm/net/default.nix index 1deb7031caf..5921b62fcf7 100644 --- a/pkgs/os-specific/linux/spectrum/vm/net/default.nix +++ b/pkgs/os-specific/linux/spectrum/vm/net/default.nix @@ -54,15 +54,16 @@ runCommand "vm-net" rec { # Our IP is encoded in the NIC-specific portion of the # interface's MAC address. - backtick -i LOCAL_IP { + backtick -i CLIENT_IP { pipeline { ip -j link show $INTERFACE } - pipeline { jq -r ".[0].address | split(\":\") | .[3:6] | \"0x\" + .[]" } - xargs printf "100.%d.%d.%d" + pipeline { jq -r ".[0].address | split(\":\") | .[4:6] | \"0x\" + .[]" } + xargs printf "100.64.%d.%d" } - importas -iu LOCAL_IP LOCAL_IP + importas -iu CLIENT_IP CLIENT_IP - if { ip address add ''${LOCAL_IP}/31 dev $INTERFACE } - ip link set $INTERFACE up + if { ip address add 169.254.0.1/32 dev $INTERFACE } + if { ip link set $INTERFACE up } + ip route add $CLIENT_IP dev $INTERFACE } { -- 2.31.1