end function on last host with inline srv6 option

[guimvmatos]

Hi,

I have four hosts with a srv6 inline route. Host 1 (RAN) -> ip -6 route add fc00::4 encap seg6 mode inline segs fcf0:12::100,fcf0:23::6006 dev enp0s8 Host 2 (NVF1) -> ip -6 route add fcf0:12::100 encap seg6local action End dev enp0s8 Host 3 (NVF2) -> ip -6 route add fcf0:23::6006 encap seg6local action End dev enp0s8 Host 4 (UPF) -> ip -6 route add fc00::4 encap seg6local action ???

If i ping host 4 from host 1, this packet pass through host 2 and 3, and then stop at host 4 with segment left=0 and destination address = fc00::4, that is correct. But I dont know how to desencapsute this packet. .

Below, the complete settings.

####################### host_1 (RAN)#####

####################### ip link set dev lo up ip -6 addr add fc00::1/64 dev enp0s8 ip link set dev enp0s8 up ip -6 neigh add fc00::2 lladdr 00:00:00:00:00:02 nud permanent dev enp0s8 ip -6 neigh add fc00::3 lladdr 00:00:00:00:00:03 nud permanent dev enp0s8 ip -6 neigh add fc00::4 lladdr 00:00:00:00:00:04 nud permanent dev enp0s8 sudo sysctl -w net.ipv6.conf.all.seg6_require_hmac=-1 sudo sysctl -w net.ipv6.conf.all.accept_source_route=1 sudo sysctl -w net.ipv6.conf.all.forwarding=1 sudo sysctl -w net.ipv6.conf.enp0s8.seg6_require_hmac=-1 sudo sysctl -w net.ipv6.conf.enp0s8.seg6_enabled=1 sudo sysctl -p

ip -6 route add fcf0:12::100 via fc00::2 ip -6 route add fc00::4 encap seg6 mode inline segs fcf0:12::100,fcf0:23::6006 dev enp0s8

################## host_2

################## ip link set dev lo up ip -6 addr add fc00::2/64 dev enp0s8 ip link set dev enp0s8 up ip -6 neigh add fc00::1 lladdr 00:00:00:00:00:01 nud permanent dev enp0s8 ip -6 neigh add fc00::3 lladdr 00:00:00:00:00:03 nud permanent dev enp0s8 ip -6 neigh add fc00::4 lladdr 00:00:00:00:00:04 nud permanent dev enp0s8 sudo sysctl -w net.ipv6.conf.all.seg6_require_hmac=-1 sudo sysctl -w net.ipv6.conf.all.accept_source_route=1 sudo sysctl -w net.ipv6.conf.all.forwarding=1 sudo sysctl -w net.ipv6.conf.enp0s8.seg6_require_hmac=-1 sudo sysctl -w net.ipv6.conf.enp0s8.seg6_enabled=1 sudo sysctl -p ip -6 route add fcf0:23::6006 via fc00::3 ip -6 route add fcf0:12::100 encap seg6local action End dev enp0s8

################## host_3

################## ip link set dev lo up ip -6 addr add fc00::3/64 dev enp0s8 ip link set dev enp0s8 up ip -6 neigh add fc00::1 lladdr 00:00:00:00:00:01 nud permanent dev enp0s8 ip -6 neigh add fc00::2 lladdr 00:00:00:00:00:02 nud permanent dev enp0s8 ip -6 neigh add fc00::4 lladdr 00:00:00:00:00:04 nud permanent dev enp0s8 sudo sysctl -w net.ipv6.conf.all.seg6_require_hmac=-1 sudo sysctl -w net.ipv6.conf.all.accept_source_route=1 sudo sysctl -w net.ipv6.conf.all.forwarding=1 sudo sysctl -w net.ipv6.conf.enp0s8.seg6_require_hmac=-1 sudo sysctl -w net.ipv6.conf.enp0s8.seg6_enabled=1 sudo sysctl -p ip -6 route add fcf0:23::6006 encap seg6local action End dev enp0s8 ip6tables -t mangle -A POSTROUTING -p icmpv6 --icmpv6-type redirect -j DROP

################## host_4

################## ip link set dev lo up ip -6 addr add fc00::4/64 dev enp0s8 ip link set dev enp0s8 up ip -6 neigh add fc00::1 lladdr 00:00:00:00:00:01 nud permanent dev enp0s8 ip -6 neigh add fc00::2 lladdr 00:00:00:00:00:02 nud permanent dev enp0s8 ip -6 neigh add fc00::3 lladdr 00:00:00:00:00:03 nud permanent dev enp0s8 sudo sysctl -w net.ipv6.conf.all.seg6_require_hmac=-1 sudo sysctl -w net.ipv6.conf.all.accept_source_route=1 sudo sysctl -w net.ipv6.conf.all.forwarding=1 sudo sysctl -w net.ipv6.conf.enp0s8.seg6_require_hmac=-1 sudo sysctl -w net.ipv6.conf.enp0s8.seg6_enabled=1 sudo sysctl -p

ip -6 route add fc00::4 encap seg6local action ???

[skorpion17]

Hi, the SRv6 inline (previously known as T.insert) should be deprecated because it no longer exists in the SRv6 Network Programming draft. The SRv6 inline is still available in the Linux kernel (IMHO) only for legacy reasons. Therefore, you should go ahead with the SRv6 encap rather than the inline one.

BTW, if you still want to use the inline you are out of luck because there is no behavior at the moment which is able to strip off only the SRH. However, we plan to add this feature to the Linux kernel in the future.

[guimvmatos]

hi @skorpion17,

Thanks for answering me. In this case, I'll use encap mode.