From patchwork Thu Apr 15 13:05:45 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vladislav Grishenko X-Patchwork-Id: 1741 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director11.mail.ord1d.rsapps.net ([172.30.191.6]) by backend30.mail.ord1d.rsapps.net with LMTP id 8FSWKRfHeGCHbgAAIUCqbw (envelope-from ) for ; Thu, 15 Apr 2021 19:07:03 -0400 Received: from proxy11.mail.ord1d.rsapps.net ([172.30.191.6]) by director11.mail.ord1d.rsapps.net with LMTP id SB56KRfHeGAzagAAvGGmqA (envelope-from ) for ; Thu, 15 Apr 2021 19:07:03 -0400 Received: from smtp10.gate.ord1c ([172.30.191.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy11.mail.ord1d.rsapps.net with LMTPS id EGGKGAzHeGCmFQAAgKDEHA (envelope-from ) for ; Thu, 15 Apr 2021 19:06:52 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp10.gate.ord1c.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dkim=fail (signature verification failed) header.d=yandex-team.ru; dmarc=fail (p=none; dis=none) header.from=yandex-team.ru X-Suspicious-Flag: YES X-Classification-ID: 49af687e-9e3f-11eb-a164-0026b954785f-1-1 Received: from [216.105.38.7] ([216.105.38.7:44572] helo=lists.sourceforge.net) by smtp10.gate.ord1c.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 1E/FA-26939-617C8706; Thu, 15 Apr 2021 19:07:02 -0400 Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.92.3) (envelope-from ) id 1lXB3n-0007E4-ME; Thu, 15 Apr 2021 23:06:07 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92.3) (envelope-from ) id 1lXB3l-0007Dw-Ia for openvpn-devel@lists.sourceforge.net; Thu, 15 Apr 2021 23:06:05 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=References:In-Reply-To:Message-Id:Date:Subject:Cc: To:From:Sender:Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=cfskybNZVwILt7Gcxs8rmORRGrkqx/5k5FrWrVzgZZM=; b=LP88NcMw9A3Xg4iLOaDz0nReJR JviOD3Y65xCe5/jUZh2xKK+LGOOkfNyM0ZMmTCBcPB3HhZktmUp74hkem2rM/XlsPD9MkLZ1qHX5s rRmukKZxjFn/Xw2O+6GnV74QiLZ5Tr3MlX16rBOwq1d7VZJ+kSqfYMvGfxvJezXjf8z0=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=References:In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To :MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=cfskybNZVwILt7Gcxs8rmORRGrkqx/5k5FrWrVzgZZM=; b=Bd9bXgRGtgJFgselMFmjxmLcCs h7PSGj1YHO9c0VPK7N0VkaZoGo43XK5zuoax8YCba+wJQUJpt2cp3ofnv+QngLzRrTDnX3VaB8mOl GQ/kmbAJ9ehg/KgR04N0rlBdCR8oVhkQANRTNkozpwWVk8xUVMrpDZ3SmVcywUi30SYY=; Received: from forwardcorp1j.mail.yandex.net ([5.45.199.163]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92.2) id 1lXB3g-00C1S4-GW for openvpn-devel@lists.sourceforge.net; Thu, 15 Apr 2021 23:06:05 +0000 Received: from iva8-d077482f1536.qloud-c.yandex.net (iva8-d077482f1536.qloud-c.yandex.net [IPv6:2a02:6b8:c0c:2f26:0:640:d077:482f]) by forwardcorp1j.mail.yandex.net (Yandex) with ESMTP id F32F32E1706; Fri, 16 Apr 2021 02:05:50 +0300 (MSK) Received: from iva8-5ba4ca89b0c6.qloud-c.yandex.net (iva8-5ba4ca89b0c6.qloud-c.yandex.net [2a02:6b8:c0c:a8ae:0:640:5ba4:ca89]) by iva8-d077482f1536.qloud-c.yandex.net (mxbackcorp/Yandex) with ESMTP id 9vuNhnshrk-5o1qWoui; Fri, 16 Apr 2021 02:05:50 +0300 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex-team.ru; s=default; t=1618527950; bh=cfskybNZVwILt7Gcxs8rmORRGrkqx/5k5FrWrVzgZZM=; h=In-Reply-To:Message-Id:References:Date:Subject:To:From:Cc; b=UGDzqHYJGhv5nLvZwGB1vQVFifPAALSI/8sPsB8weOT1SMxlTWGOjb5715tvKBz42 w3odEwaM3VpNGmZkYIw/Qjvz8/TaIxyb3sztrEF8TVmT9I01jiRzK1eRPmh6pgpSow QF5ZlHIUa3v4980zdq3ONsGW63Q8KRW64VlzqGCk= Received: from 178.154.162.245-vpn.dhcp.yndx.net (178.154.162.245-vpn.dhcp.yndx.net [178.154.162.245]) by iva8-5ba4ca89b0c6.qloud-c.yandex.net (smtpcorp/Yandex) with ESMTPSA id ilb0QO6vTL-5ooGnNnE; Fri, 16 Apr 2021 02:05:50 +0300 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) (Client certificate not present) From: Vladislav Grishenko To: openvpn-devel@lists.sourceforge.net Date: Fri, 16 Apr 2021 04:05:45 +0500 Message-Id: <20210415230545.22317-2-themiron@yandex-team.ru> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210415230545.22317-1-themiron@yandex-team.ru> References: <20210413122006.3960-2-themiron@yandex-team.ru> <20210415230545.22317-1-themiron@yandex-team.ru> X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: yandex-team.ru] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid X-Headers-End: 1lXB3g-00C1S4-GW Subject: [Openvpn-devel] [PATCH v2 2/2] Add basic support for multipath gateway X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Donald Sharp MIME-Version: 1.0 Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox Load balancing setup over multiple upstreams may include multipath gateway route, which is not not supported by OpenVPN. Let's add basic support for that for selecting best route for zero destination address - use any one of nexthop addresses as a gateway, weights are not handled. Setup example: ip route add default \ nexthop via 192.168.1.1 dev eth1 weight 1 \ nexthop via 192.168.2.1 dev eth2 weight 1 Reported-By: Donald Sharp Signed-off-by: Vladislav Grishenko --- src/openvpn/networking_sitnl.c | 35 ++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) diff --git a/src/openvpn/networking_sitnl.c b/src/openvpn/networking_sitnl.c index 402d3303..02c34d6b 100644 --- a/src/openvpn/networking_sitnl.c +++ b/src/openvpn/networking_sitnl.c @@ -452,6 +452,9 @@ sitnl_route_save(struct nlmsghdr *n, void *arg) while (RTA_OK(rta, len)) { + struct rtnexthop *nh; + int nhlen; + switch (rta->rta_type) { /* route interface */ @@ -472,6 +475,38 @@ sitnl_route_save(struct nlmsghdr *n, void *arg) case RTA_TABLE: table = *(unsigned int *)RTA_DATA(rta); break; + + /* multipath nexthops */ + case RTA_MULTIPATH: + nh = RTA_DATA(rta); + nhlen = RTA_PAYLOAD(rta); + + while (RTNH_OK(nh, nhlen)) + { + struct rtattr *nha = RTNH_DATA(nh); + int nhalen = nh->rtnh_len - sizeof(*nh); + + /* route interface */ + ifindex = nh->rtnh_ifindex; + /* initial route gateway */ + gw = res->gw; + + while (RTA_OK(nha, nhalen)) + { + switch (nha->rta_type) + { + /* GW for the route */ + case RTA_GATEWAY: + memcpy(&gw, RTA_DATA(nha), res->addr_size); + break; + } + + nha = RTA_NEXT(nha, nhalen); + } + + nh = RTNH_NEXT(nh); + } + break; } rta = RTA_NEXT(rta, len);