Message ID | b65bdc11e5a17e328227676ea283cee617f973fb.1603110316.git.lucien.xin@gmail.com (mailing list archive) |
---|---|
State | Not Applicable |
Delegated to: | Netdev Maintainers |
Headers | show |
Series | sctp: Implement RFC6951: UDP Encapsulation of SCTP | expand |
On Mon, Oct 19, 2020 at 08:25:33PM +0800, Xin Long wrote: > --- a/Documentation/networking/ip-sysctl.rst > +++ b/Documentation/networking/ip-sysctl.rst > @@ -2640,6 +2640,12 @@ addr_scope_policy - INTEGER > > Default: 1 > > +udp_port - INTEGER Need to be more verbose here, and also mention the RFC. > + The listening port for the local UDP tunneling sock. , shared by all applications in the same net namespace. > + UDP encapsulation will be disabled when it's set to 0. "Note, however, that setting just this is not enough to actually use it. ..." > + > + Default: 9899 > + > encap_port - INTEGER > The default remote UDP encapsalution port. > When UDP tunneling is enabled, this global value is used to set When is it enabled, which conditions are needed? Maybe it can be explained only in the one above.
Ah, please note that net-next is closed. https://lore.kernel.org/netdev/20201015123116.743005ca%40kicinski-fedora-pc1c0hjn.dhcp.thefacebook.com/T/ Marcelo
On Tue, Oct 20, 2020 at 6:15 AM Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> wrote: > > On Mon, Oct 19, 2020 at 08:25:33PM +0800, Xin Long wrote: > > --- a/Documentation/networking/ip-sysctl.rst > > +++ b/Documentation/networking/ip-sysctl.rst > > @@ -2640,6 +2640,12 @@ addr_scope_policy - INTEGER > > > > Default: 1 > > > > +udp_port - INTEGER > > Need to be more verbose here, and also mention the RFC. > > > + The listening port for the local UDP tunneling sock. > , shared by all applications in the same net namespace. > > + UDP encapsulation will be disabled when it's set to 0. > > "Note, however, that setting just this is not enough to actually > use it. ..." When it's a client, yes, but when it's a server, the encap_port can be got from the incoming packet. > > > + > > + Default: 9899 > > + > > encap_port - INTEGER > > The default remote UDP encapsalution port. > > When UDP tunneling is enabled, this global value is used to set > > When is it enabled, which conditions are needed? Maybe it can be > explained only in the one above. Thanks! pls check if this one will be better: udp_port - INTEGER The listening port for the local UDP tunneling sock. This UDP sock is used for processing the incoming UDP-encapsulated SCTP packets (from RFC6951), and shared by all applications in the same net namespace. This UDP sock will be closed when the value is set to 0. The value will also be used to set the src port of the UDP header for the outgoing UDP-encapsulated SCTP packets. For the dest port, please refer to 'encap_port' below. Default: 9899 encap_port - INTEGER The default remote UDP encapsulation port. This value is used to set the dest port of the UDP header for the outgoing UDP-encapsulated SCTP packets by default. Users can also change the value for each sock/asoc/transport by using setsockopt. For further information, please refer to RFC6951. Note that when connecting to a remote server, the client should set this to the port that the UDP tunneling sock on the peer server is listening to and the local UDP tunneling sock on the client also must be started. On the server, it would get the encap_port from the incoming packet's source port. Default: 0
On Tue, Oct 20, 2020 at 05:12:06PM +0800, Xin Long wrote: > On Tue, Oct 20, 2020 at 6:15 AM Marcelo Ricardo Leitner > <marcelo.leitner@gmail.com> wrote: > > > > On Mon, Oct 19, 2020 at 08:25:33PM +0800, Xin Long wrote: > > > --- a/Documentation/networking/ip-sysctl.rst > > > +++ b/Documentation/networking/ip-sysctl.rst > > > @@ -2640,6 +2640,12 @@ addr_scope_policy - INTEGER > > > > > > Default: 1 > > > > > > +udp_port - INTEGER > > > > Need to be more verbose here, and also mention the RFC. > > > > > + The listening port for the local UDP tunneling sock. > > , shared by all applications in the same net namespace. > > > + UDP encapsulation will be disabled when it's set to 0. > > > > "Note, however, that setting just this is not enough to actually > > use it. ..." > When it's a client, yes, but when it's a server, the encap_port can > be got from the incoming packet. > > > > > > + > > > + Default: 9899 > > > + > > > encap_port - INTEGER > > > The default remote UDP encapsalution port. > > > When UDP tunneling is enabled, this global value is used to set > > > > When is it enabled, which conditions are needed? Maybe it can be > > explained only in the one above. > Thanks! > pls check if this one will be better: It is. Verbose enough now, thx. (one other comment below) > > udp_port - INTEGER > > The listening port for the local UDP tunneling sock. > > This UDP sock is used for processing the incoming UDP-encapsulated > SCTP packets (from RFC6951), and shared by all applications in the > same net namespace. This UDP sock will be closed when the value is > set to 0. > > The value will also be used to set the src port of the UDP header > for the outgoing UDP-encapsulated SCTP packets. For the dest port, > please refer to 'encap_port' below. > > Default: 9899 I'm now wondering if this is the right default. I mean, it is the standard port for it, yes, but at the same time, it means loading SCTP module will steal/use that UDP port on all net namespaces and can lead to conflicts with other apps. A more conservative approach here is to document the standard port, but set the default to 0 and require the user to set it in if it is expected to be used. Did FreeBSD enable it by default too?
> On 20. Oct 2020, at 23:11, Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> wrote: > > On Tue, Oct 20, 2020 at 05:12:06PM +0800, Xin Long wrote: >> On Tue, Oct 20, 2020 at 6:15 AM Marcelo Ricardo Leitner >> <marcelo.leitner@gmail.com> wrote: >>> >>> On Mon, Oct 19, 2020 at 08:25:33PM +0800, Xin Long wrote: >>>> --- a/Documentation/networking/ip-sysctl.rst >>>> +++ b/Documentation/networking/ip-sysctl.rst >>>> @@ -2640,6 +2640,12 @@ addr_scope_policy - INTEGER >>>> >>>> Default: 1 >>>> >>>> +udp_port - INTEGER >>> >>> Need to be more verbose here, and also mention the RFC. >>> >>>> + The listening port for the local UDP tunneling sock. >>> , shared by all applications in the same net namespace. >>>> + UDP encapsulation will be disabled when it's set to 0. >>> >>> "Note, however, that setting just this is not enough to actually >>> use it. ..." >> When it's a client, yes, but when it's a server, the encap_port can >> be got from the incoming packet. >> >>> >>>> + >>>> + Default: 9899 >>>> + >>>> encap_port - INTEGER >>>> The default remote UDP encapsalution port. >>>> When UDP tunneling is enabled, this global value is used to set >>> >>> When is it enabled, which conditions are needed? Maybe it can be >>> explained only in the one above. >> Thanks! >> pls check if this one will be better: > > It is. Verbose enough now, thx. > (one other comment below) > >> >> udp_port - INTEGER >> >> The listening port for the local UDP tunneling sock. >> >> This UDP sock is used for processing the incoming UDP-encapsulated >> SCTP packets (from RFC6951), and shared by all applications in the >> same net namespace. This UDP sock will be closed when the value is >> set to 0. >> >> The value will also be used to set the src port of the UDP header >> for the outgoing UDP-encapsulated SCTP packets. For the dest port, >> please refer to 'encap_port' below. >> >> Default: 9899 > > I'm now wondering if this is the right default. I mean, it is the > standard port for it, yes, but at the same time, it means loading SCTP > module will steal/use that UDP port on all net namespaces and can lead > to conflicts with other apps. A more conservative approach here is to > document the standard port, but set the default to 0 and require the > user to set it in if it is expected to be used. > > Did FreeBSD enable it by default too? No. The default is 0, which means that the encapsulation is turned off. Setting this sysctl variable to a non-zero value enables the UDP tunneling with the given port. Best regards Michael
On Tue, Oct 20, 2020 at 11:15:26PM +0200, Michael Tuexen wrote: > > On 20. Oct 2020, at 23:11, Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> wrote: > > > > On Tue, Oct 20, 2020 at 05:12:06PM +0800, Xin Long wrote: > >> On Tue, Oct 20, 2020 at 6:15 AM Marcelo Ricardo Leitner > >> <marcelo.leitner@gmail.com> wrote: > >>> > >>> On Mon, Oct 19, 2020 at 08:25:33PM +0800, Xin Long wrote: > >>>> --- a/Documentation/networking/ip-sysctl.rst > >>>> +++ b/Documentation/networking/ip-sysctl.rst > >>>> @@ -2640,6 +2640,12 @@ addr_scope_policy - INTEGER > >>>> > >>>> Default: 1 > >>>> > >>>> +udp_port - INTEGER > >>> > >>> Need to be more verbose here, and also mention the RFC. > >>> > >>>> + The listening port for the local UDP tunneling sock. > >>> , shared by all applications in the same net namespace. > >>>> + UDP encapsulation will be disabled when it's set to 0. > >>> > >>> "Note, however, that setting just this is not enough to actually > >>> use it. ..." > >> When it's a client, yes, but when it's a server, the encap_port can > >> be got from the incoming packet. > >> > >>> > >>>> + > >>>> + Default: 9899 > >>>> + > >>>> encap_port - INTEGER > >>>> The default remote UDP encapsalution port. > >>>> When UDP tunneling is enabled, this global value is used to set > >>> > >>> When is it enabled, which conditions are needed? Maybe it can be > >>> explained only in the one above. > >> Thanks! > >> pls check if this one will be better: > > > > It is. Verbose enough now, thx. > > (one other comment below) > > > >> > >> udp_port - INTEGER > >> > >> The listening port for the local UDP tunneling sock. > >> > >> This UDP sock is used for processing the incoming UDP-encapsulated > >> SCTP packets (from RFC6951), and shared by all applications in the > >> same net namespace. This UDP sock will be closed when the value is > >> set to 0. > >> > >> The value will also be used to set the src port of the UDP header > >> for the outgoing UDP-encapsulated SCTP packets. For the dest port, > >> please refer to 'encap_port' below. > >> > >> Default: 9899 > > > > I'm now wondering if this is the right default. I mean, it is the > > standard port for it, yes, but at the same time, it means loading SCTP > > module will steal/use that UDP port on all net namespaces and can lead > > to conflicts with other apps. A more conservative approach here is to > > document the standard port, but set the default to 0 and require the > > user to set it in if it is expected to be used. > > > > Did FreeBSD enable it by default too? > No. The default is 0, which means that the encapsulation is turned off. > Setting this sysctl variable to a non-zero value enables the UDP tunneling > with the given port. Thanks Michael. Xin, then we should change this default value (and update the documentation above accordingly, to still have the standard port # readily available in there). Cheers, Marcelo
From: Marcelo Ricardo Leitner > Sent: 20 October 2020 22:24 ... > > > Did FreeBSD enable it by default too? > > No. The default is 0, which means that the encapsulation is turned off. > > Setting this sysctl variable to a non-zero value enables the UDP tunneling > > with the given port. > > Thanks Michael. > Xin, then we should change this default value (and update the > documentation above accordingly, to still have the standard port # > readily available in there). Does that mean that you can't have some 'normal' connections and others that use UDP encapsulation? Seems a pretty strong restriction. (I'm waiting for one of our customers to ask for this...) David - Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK Registration No: 1397386 (Wales)
On Tue, Oct 20, 2020 at 10:08:17PM +0000, David Laight wrote: > From: Marcelo Ricardo Leitner > > Sent: 20 October 2020 22:24 > ... > > > > Did FreeBSD enable it by default too? > > > No. The default is 0, which means that the encapsulation is turned off. > > > Setting this sysctl variable to a non-zero value enables the UDP tunneling > > > with the given port. > > > > Thanks Michael. > > Xin, then we should change this default value (and update the > > documentation above accordingly, to still have the standard port # > > readily available in there). > > Does that mean that you can't have some 'normal' connections and > others that use UDP encapsulation? > Seems a pretty strong restriction. That's not what was said. Just that the socket shouldn't be created by default. > > (I'm waiting for one of our customers to ask for this...) It can. The setting in question is for receiving encapsulated packets, and which doesn't exclude the standard one. It can still receive normal/non-encapsulated packets.
On Wed, Oct 21, 2020 at 5:23 AM Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> wrote: > > On Tue, Oct 20, 2020 at 11:15:26PM +0200, Michael Tuexen wrote: > > > On 20. Oct 2020, at 23:11, Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> wrote: > > > > > > On Tue, Oct 20, 2020 at 05:12:06PM +0800, Xin Long wrote: > > >> On Tue, Oct 20, 2020 at 6:15 AM Marcelo Ricardo Leitner > > >> <marcelo.leitner@gmail.com> wrote: > > >>> > > >>> On Mon, Oct 19, 2020 at 08:25:33PM +0800, Xin Long wrote: > > >>>> --- a/Documentation/networking/ip-sysctl.rst > > >>>> +++ b/Documentation/networking/ip-sysctl.rst > > >>>> @@ -2640,6 +2640,12 @@ addr_scope_policy - INTEGER > > >>>> > > >>>> Default: 1 > > >>>> > > >>>> +udp_port - INTEGER > > >>> > > >>> Need to be more verbose here, and also mention the RFC. > > >>> > > >>>> + The listening port for the local UDP tunneling sock. > > >>> , shared by all applications in the same net namespace. > > >>>> + UDP encapsulation will be disabled when it's set to 0. > > >>> > > >>> "Note, however, that setting just this is not enough to actually > > >>> use it. ..." > > >> When it's a client, yes, but when it's a server, the encap_port can > > >> be got from the incoming packet. > > >> > > >>> > > >>>> + > > >>>> + Default: 9899 > > >>>> + > > >>>> encap_port - INTEGER > > >>>> The default remote UDP encapsalution port. > > >>>> When UDP tunneling is enabled, this global value is used to set > > >>> > > >>> When is it enabled, which conditions are needed? Maybe it can be > > >>> explained only in the one above. > > >> Thanks! > > >> pls check if this one will be better: > > > > > > It is. Verbose enough now, thx. > > > (one other comment below) > > > > > >> > > >> udp_port - INTEGER > > >> > > >> The listening port for the local UDP tunneling sock. > > >> > > >> This UDP sock is used for processing the incoming UDP-encapsulated > > >> SCTP packets (from RFC6951), and shared by all applications in the > > >> same net namespace. This UDP sock will be closed when the value is > > >> set to 0. > > >> > > >> The value will also be used to set the src port of the UDP header > > >> for the outgoing UDP-encapsulated SCTP packets. For the dest port, > > >> please refer to 'encap_port' below. > > >> > > >> Default: 9899 > > > > > > I'm now wondering if this is the right default. I mean, it is the > > > standard port for it, yes, but at the same time, it means loading SCTP > > > module will steal/use that UDP port on all net namespaces and can lead > > > to conflicts with other apps. A more conservative approach here is to > > > document the standard port, but set the default to 0 and require the > > > user to set it in if it is expected to be used. > > > > > > Did FreeBSD enable it by default too? > > No. The default is 0, which means that the encapsulation is turned off. > > Setting this sysctl variable to a non-zero value enables the UDP tunneling > > with the given port. > > Thanks Michael. > Xin, then we should change this default value (and update the > documentation above accordingly, to still have the standard port # > readily available in there). OK, I misunderstood the RFC. I will remove the call to sctp_udp_sock_start/stop() from sctp_ctrlsock_init/exit(), and set the udp_port as 0 by default. Thanks.
> On 21. Oct 2020, at 06:16, Xin Long <lucien.xin@gmail.com> wrote: > > On Wed, Oct 21, 2020 at 5:23 AM Marcelo Ricardo Leitner > <marcelo.leitner@gmail.com> wrote: >> >> On Tue, Oct 20, 2020 at 11:15:26PM +0200, Michael Tuexen wrote: >>>> On 20. Oct 2020, at 23:11, Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> wrote: >>>> >>>> On Tue, Oct 20, 2020 at 05:12:06PM +0800, Xin Long wrote: >>>>> On Tue, Oct 20, 2020 at 6:15 AM Marcelo Ricardo Leitner >>>>> <marcelo.leitner@gmail.com> wrote: >>>>>> >>>>>> On Mon, Oct 19, 2020 at 08:25:33PM +0800, Xin Long wrote: >>>>>>> --- a/Documentation/networking/ip-sysctl.rst >>>>>>> +++ b/Documentation/networking/ip-sysctl.rst >>>>>>> @@ -2640,6 +2640,12 @@ addr_scope_policy - INTEGER >>>>>>> >>>>>>> Default: 1 >>>>>>> >>>>>>> +udp_port - INTEGER >>>>>> >>>>>> Need to be more verbose here, and also mention the RFC. >>>>>> >>>>>>> + The listening port for the local UDP tunneling sock. >>>>>> , shared by all applications in the same net namespace. >>>>>>> + UDP encapsulation will be disabled when it's set to 0. >>>>>> >>>>>> "Note, however, that setting just this is not enough to actually >>>>>> use it. ..." >>>>> When it's a client, yes, but when it's a server, the encap_port can >>>>> be got from the incoming packet. >>>>> >>>>>> >>>>>>> + >>>>>>> + Default: 9899 >>>>>>> + >>>>>>> encap_port - INTEGER >>>>>>> The default remote UDP encapsalution port. >>>>>>> When UDP tunneling is enabled, this global value is used to set >>>>>> >>>>>> When is it enabled, which conditions are needed? Maybe it can be >>>>>> explained only in the one above. >>>>> Thanks! >>>>> pls check if this one will be better: >>>> >>>> It is. Verbose enough now, thx. >>>> (one other comment below) >>>> >>>>> >>>>> udp_port - INTEGER >>>>> >>>>> The listening port for the local UDP tunneling sock. >>>>> >>>>> This UDP sock is used for processing the incoming UDP-encapsulated >>>>> SCTP packets (from RFC6951), and shared by all applications in the >>>>> same net namespace. This UDP sock will be closed when the value is >>>>> set to 0. >>>>> >>>>> The value will also be used to set the src port of the UDP header >>>>> for the outgoing UDP-encapsulated SCTP packets. For the dest port, >>>>> please refer to 'encap_port' below. >>>>> >>>>> Default: 9899 >>>> >>>> I'm now wondering if this is the right default. I mean, it is the >>>> standard port for it, yes, but at the same time, it means loading SCTP >>>> module will steal/use that UDP port on all net namespaces and can lead >>>> to conflicts with other apps. A more conservative approach here is to >>>> document the standard port, but set the default to 0 and require the >>>> user to set it in if it is expected to be used. >>>> >>>> Did FreeBSD enable it by default too? >>> No. The default is 0, which means that the encapsulation is turned off. >>> Setting this sysctl variable to a non-zero value enables the UDP tunneling >>> with the given port. >> >> Thanks Michael. >> Xin, then we should change this default value (and update the >> documentation above accordingly, to still have the standard port # >> readily available in there). > OK, I misunderstood the RFC. Does that RFC mandate that the feature is on by default? Can you point me to that text? Best regards Michael > > I will remove the call to sctp_udp_sock_start/stop() from > sctp_ctrlsock_init/exit(), and set the udp_port as 0 by default. > > Thanks.
On Wed, Oct 21, 2020 at 5:13 PM Michael Tuexen <tuexen@fh-muenster.de> wrote: > > > On 21. Oct 2020, at 06:16, Xin Long <lucien.xin@gmail.com> wrote: > > > > On Wed, Oct 21, 2020 at 5:23 AM Marcelo Ricardo Leitner > > <marcelo.leitner@gmail.com> wrote: > >> > >> On Tue, Oct 20, 2020 at 11:15:26PM +0200, Michael Tuexen wrote: > >>>> On 20. Oct 2020, at 23:11, Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> wrote: > >>>> > >>>> On Tue, Oct 20, 2020 at 05:12:06PM +0800, Xin Long wrote: > >>>>> On Tue, Oct 20, 2020 at 6:15 AM Marcelo Ricardo Leitner > >>>>> <marcelo.leitner@gmail.com> wrote: > >>>>>> > >>>>>> On Mon, Oct 19, 2020 at 08:25:33PM +0800, Xin Long wrote: > >>>>>>> --- a/Documentation/networking/ip-sysctl.rst > >>>>>>> +++ b/Documentation/networking/ip-sysctl.rst > >>>>>>> @@ -2640,6 +2640,12 @@ addr_scope_policy - INTEGER > >>>>>>> > >>>>>>> Default: 1 > >>>>>>> > >>>>>>> +udp_port - INTEGER > >>>>>> > >>>>>> Need to be more verbose here, and also mention the RFC. > >>>>>> > >>>>>>> + The listening port for the local UDP tunneling sock. > >>>>>> , shared by all applications in the same net namespace. > >>>>>>> + UDP encapsulation will be disabled when it's set to 0. > >>>>>> > >>>>>> "Note, however, that setting just this is not enough to actually > >>>>>> use it. ..." > >>>>> When it's a client, yes, but when it's a server, the encap_port can > >>>>> be got from the incoming packet. > >>>>> > >>>>>> > >>>>>>> + > >>>>>>> + Default: 9899 > >>>>>>> + > >>>>>>> encap_port - INTEGER > >>>>>>> The default remote UDP encapsalution port. > >>>>>>> When UDP tunneling is enabled, this global value is used to set > >>>>>> > >>>>>> When is it enabled, which conditions are needed? Maybe it can be > >>>>>> explained only in the one above. > >>>>> Thanks! > >>>>> pls check if this one will be better: > >>>> > >>>> It is. Verbose enough now, thx. > >>>> (one other comment below) > >>>> > >>>>> > >>>>> udp_port - INTEGER > >>>>> > >>>>> The listening port for the local UDP tunneling sock. > >>>>> > >>>>> This UDP sock is used for processing the incoming UDP-encapsulated > >>>>> SCTP packets (from RFC6951), and shared by all applications in the > >>>>> same net namespace. This UDP sock will be closed when the value is > >>>>> set to 0. > >>>>> > >>>>> The value will also be used to set the src port of the UDP header > >>>>> for the outgoing UDP-encapsulated SCTP packets. For the dest port, > >>>>> please refer to 'encap_port' below. > >>>>> > >>>>> Default: 9899 > >>>> > >>>> I'm now wondering if this is the right default. I mean, it is the > >>>> standard port for it, yes, but at the same time, it means loading SCTP > >>>> module will steal/use that UDP port on all net namespaces and can lead > >>>> to conflicts with other apps. A more conservative approach here is to > >>>> document the standard port, but set the default to 0 and require the > >>>> user to set it in if it is expected to be used. > >>>> > >>>> Did FreeBSD enable it by default too? > >>> No. The default is 0, which means that the encapsulation is turned off. > >>> Setting this sysctl variable to a non-zero value enables the UDP tunneling > >>> with the given port. > >> > >> Thanks Michael. > >> Xin, then we should change this default value (and update the > >> documentation above accordingly, to still have the standard port # > >> readily available in there). > > OK, I misunderstood the RFC. > Does that RFC mandate that the feature is on by default? Can you point me to > that text? Not really. I was thinking that by leaving it to 9899 by default users don't need to know the port when want to use it, and yet I didn't want to add another sysctl member. :D > > Best regards > Michael > > > > I will remove the call to sctp_udp_sock_start/stop() from > > sctp_ctrlsock_init/exit(), and set the udp_port as 0 by default. > > > > Thanks. >
From: Xin Long > Sent: 22 October 2020 04:13 ... > I was thinking that by leaving it to 9899 by default users don't need to > know the port when want to use it, and yet I didn't want to add another > sysctl member. :D Could you make 1 mean 9899? So: 0 => disabled 1 => default port n => use port n I doubt that disallowing port 1 is a problem! David - Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK Registration No: 1397386 (Wales)
`On 22. Oct 2020, at 05:12, Xin Long <lucien.xin@gmail.com> wrote: > > On Wed, Oct 21, 2020 at 5:13 PM Michael Tuexen <tuexen@fh-muenster.de> wrote: >> >>> On 21. Oct 2020, at 06:16, Xin Long <lucien.xin@gmail.com> wrote: >>> >>> On Wed, Oct 21, 2020 at 5:23 AM Marcelo Ricardo Leitner >>> <marcelo.leitner@gmail.com> wrote: >>>> >>>> On Tue, Oct 20, 2020 at 11:15:26PM +0200, Michael Tuexen wrote: >>>>>> On 20. Oct 2020, at 23:11, Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> wrote: >>>>>> >>>>>> On Tue, Oct 20, 2020 at 05:12:06PM +0800, Xin Long wrote: >>>>>>> On Tue, Oct 20, 2020 at 6:15 AM Marcelo Ricardo Leitner >>>>>>> <marcelo.leitner@gmail.com> wrote: >>>>>>>> >>>>>>>> On Mon, Oct 19, 2020 at 08:25:33PM +0800, Xin Long wrote: >>>>>>>>> --- a/Documentation/networking/ip-sysctl.rst >>>>>>>>> +++ b/Documentation/networking/ip-sysctl.rst >>>>>>>>> @@ -2640,6 +2640,12 @@ addr_scope_policy - INTEGER >>>>>>>>> >>>>>>>>> Default: 1 >>>>>>>>> >>>>>>>>> +udp_port - INTEGER >>>>>>>> >>>>>>>> Need to be more verbose here, and also mention the RFC. >>>>>>>> >>>>>>>>> + The listening port for the local UDP tunneling sock. >>>>>>>> , shared by all applications in the same net namespace. >>>>>>>>> + UDP encapsulation will be disabled when it's set to 0. >>>>>>>> >>>>>>>> "Note, however, that setting just this is not enough to actually >>>>>>>> use it. ..." >>>>>>> When it's a client, yes, but when it's a server, the encap_port can >>>>>>> be got from the incoming packet. >>>>>>> >>>>>>>> >>>>>>>>> + >>>>>>>>> + Default: 9899 >>>>>>>>> + >>>>>>>>> encap_port - INTEGER >>>>>>>>> The default remote UDP encapsalution port. >>>>>>>>> When UDP tunneling is enabled, this global value is used to set >>>>>>>> >>>>>>>> When is it enabled, which conditions are needed? Maybe it can be >>>>>>>> explained only in the one above. >>>>>>> Thanks! >>>>>>> pls check if this one will be better: >>>>>> >>>>>> It is. Verbose enough now, thx. >>>>>> (one other comment below) >>>>>> >>>>>>> >>>>>>> udp_port - INTEGER >>>>>>> >>>>>>> The listening port for the local UDP tunneling sock. >>>>>>> >>>>>>> This UDP sock is used for processing the incoming UDP-encapsulated >>>>>>> SCTP packets (from RFC6951), and shared by all applications in the >>>>>>> same net namespace. This UDP sock will be closed when the value is >>>>>>> set to 0. >>>>>>> >>>>>>> The value will also be used to set the src port of the UDP header >>>>>>> for the outgoing UDP-encapsulated SCTP packets. For the dest port, >>>>>>> please refer to 'encap_port' below. >>>>>>> >>>>>>> Default: 9899 >>>>>> >>>>>> I'm now wondering if this is the right default. I mean, it is the >>>>>> standard port for it, yes, but at the same time, it means loading SCTP >>>>>> module will steal/use that UDP port on all net namespaces and can lead >>>>>> to conflicts with other apps. A more conservative approach here is to >>>>>> document the standard port, but set the default to 0 and require the >>>>>> user to set it in if it is expected to be used. >>>>>> >>>>>> Did FreeBSD enable it by default too? >>>>> No. The default is 0, which means that the encapsulation is turned off. >>>>> Setting this sysctl variable to a non-zero value enables the UDP tunneling >>>>> with the given port. >>>> >>>> Thanks Michael. >>>> Xin, then we should change this default value (and update the >>>> documentation above accordingly, to still have the standard port # >>>> readily available in there). >>> OK, I misunderstood the RFC. >> Does that RFC mandate that the feature is on by default? Can you point me to >> that text? > Not really. > > I was thinking that by leaving it to 9899 by default users don't need to > know the port when want to use it, and yet I didn't want to add another > sysctl member. :D OK. Thanks for letting me know. Best regards Michael > >> >> Best regards >> Michael >>> >>> I will remove the call to sctp_udp_sock_start/stop() from >>> sctp_ctrlsock_init/exit(), and set the udp_port as 0 by default. >>> >>> Thanks. >>
On Thu, Oct 22, 2020 at 4:47 PM David Laight <David.Laight@aculab.com> wrote: > > From: Xin Long > > Sent: 22 October 2020 04:13 > ... > > I was thinking that by leaving it to 9899 by default users don't need to > > know the port when want to use it, and yet I didn't want to add another > > sysctl member. :D > > Could you make 1 mean 9899? still feel not good, since it's called 'udp_port'. I will add a note in ip-sysctl.rst: udp_port - INTEGER The listening port for the local UDP tunneling sock. Normally it's using the IANA-assigned UDP port number 9899 (sctp-tunneling). ... Thanks. > So: > 0 => disabled > 1 => default port > n => use port n > I doubt that disallowing port 1 is a problem! > > David > > - > Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK > Registration No: 1397386 (Wales)
diff --git a/Documentation/networking/ip-sysctl.rst b/Documentation/networking/ip-sysctl.rst index 3909305..9effc45 100644 --- a/Documentation/networking/ip-sysctl.rst +++ b/Documentation/networking/ip-sysctl.rst @@ -2640,6 +2640,12 @@ addr_scope_policy - INTEGER Default: 1 +udp_port - INTEGER + The listening port for the local UDP tunneling sock. + UDP encapsulation will be disabled when it's set to 0. + + Default: 9899 + encap_port - INTEGER The default remote UDP encapsalution port. When UDP tunneling is enabled, this global value is used to set diff --git a/net/sctp/protocol.c b/net/sctp/protocol.c index c8de327..894ab12 100644 --- a/net/sctp/protocol.c +++ b/net/sctp/protocol.c @@ -1469,6 +1469,10 @@ static int __net_init sctp_ctrlsock_init(struct net *net) if (status) pr_err("Failed to initialize the SCTP control sock\n"); + status = sctp_udp_sock_start(net); + if (status) + pr_err("Failed to initialize the SCTP UDP tunneling sock\n"); + return status; } @@ -1476,6 +1480,7 @@ static void __net_exit sctp_ctrlsock_exit(struct net *net) { /* Free the control endpoint. */ inet_ctl_sock_destroy(net->sctp.ctl_sock); + sctp_udp_sock_stop(net); } static struct pernet_operations sctp_ctrlsock_ops = { diff --git a/net/sctp/sysctl.c b/net/sctp/sysctl.c index ecc1b5e..e92df77 100644 --- a/net/sctp/sysctl.c +++ b/net/sctp/sysctl.c @@ -49,6 +49,8 @@ static int proc_sctp_do_rto_min(struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos); static int proc_sctp_do_rto_max(struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos); +static int proc_sctp_do_udp_port(struct ctl_table *ctl, int write, void *buffer, + size_t *lenp, loff_t *ppos); static int proc_sctp_do_alpha_beta(struct ctl_table *ctl, int write, void *buffer, size_t *lenp, loff_t *ppos); static int proc_sctp_do_auth(struct ctl_table *ctl, int write, @@ -292,6 +294,15 @@ static struct ctl_table sctp_net_table[] = { .proc_handler = proc_dointvec, }, { + .procname = "udp_port", + .data = &init_net.sctp.udp_port, + .maxlen = sizeof(int), + .mode = 0644, + .proc_handler = proc_sctp_do_udp_port, + .extra1 = SYSCTL_ZERO, + .extra2 = &udp_port_max, + }, + { .procname = "encap_port", .data = &init_net.sctp.encap_port, .maxlen = sizeof(int), @@ -487,6 +498,47 @@ static int proc_sctp_do_auth(struct ctl_table *ctl, int write, return ret; } +static int proc_sctp_do_udp_port(struct ctl_table *ctl, int write, + void *buffer, size_t *lenp, loff_t *ppos) +{ + struct net *net = current->nsproxy->net_ns; + unsigned int min = *(unsigned int *)ctl->extra1; + unsigned int max = *(unsigned int *)ctl->extra2; + struct ctl_table tbl; + int ret, new_value; + + memset(&tbl, 0, sizeof(struct ctl_table)); + tbl.maxlen = sizeof(unsigned int); + + if (write) + tbl.data = &new_value; + else + tbl.data = &net->sctp.udp_port; + + ret = proc_dointvec(&tbl, write, buffer, lenp, ppos); + if (write && ret == 0) { + struct sock *sk = net->sctp.ctl_sock; + + if (new_value > max || new_value < min) + return -EINVAL; + + net->sctp.udp_port = new_value; + sctp_udp_sock_stop(net); + if (new_value) { + ret = sctp_udp_sock_start(net); + if (ret) + net->sctp.udp_port = 0; + } + + /* Update the value in the control socket */ + lock_sock(sk); + sctp_sk(sk)->udp_port = htons(net->sctp.udp_port); + release_sock(sk); + } + + return ret; +} + int sctp_sysctl_net_register(struct net *net) { struct ctl_table *table;
This patch is to enable udp tunneling socks by calling sctp_udp_sock_start() in sctp_ctrlsock_init(), and sctp_udp_sock_stop() in sctp_ctrlsock_exit(). Also add sysctl udp_port to allow changing the listening sock's port by users. Wit this patch, the whole sctp over udp feature can be enabled and used. v1->v2: - Also update ctl_sock udp_port in proc_sctp_do_udp_port() where netns udp_port gets changed. v2->v3: - Call htons() when setting sk udp_port from netns udp_port. v3->v4: - Not call sctp_udp_sock_start() when new_value is 0. - Add udp_port entry in ip-sysctl.rst. Signed-off-by: Xin Long <lucien.xin@gmail.com> --- Documentation/networking/ip-sysctl.rst | 6 ++++ net/sctp/protocol.c | 5 ++++ net/sctp/sysctl.c | 52 ++++++++++++++++++++++++++++++++++ 3 files changed, 63 insertions(+)