From patchwork Fri Apr 16 02:07:08 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Vladislav Grishenko <themiron@yandex-team.ru>
X-Patchwork-Id: 1745
X-Patchwork-Delegate: a@unstable.cc
Return-Path: <openvpn-devel-bounces@lists.sourceforge.net>
Delivered-To: patchwork@openvpn.net
Delivered-To: patchwork@openvpn.net
Received: from director10.mail.ord1d.rsapps.net ([172.28.255.1])
	by backend30.mail.ord1d.rsapps.net with LMTP
	id SGCZIvKBeWCjWwAAIUCqbw
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	for <patchwork@openvpn.net>; Fri, 16 Apr 2021 08:24:18 -0400
Received: from proxy7.mail.ord1c.rsapps.net ([172.28.255.1])
	by director10.mail.ord1d.rsapps.net with LMTP
	id MD1hIvKBeWCfbwAApN4f7A
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	for <patchwork@openvpn.net>; Fri, 16 Apr 2021 08:24:18 -0400
Received: from smtp11.gate.ord1c ([172.28.255.1])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	by proxy7.mail.ord1c.rsapps.net with LMTPS
	id OLcHIvKBeWDbaAAAknS3pQ
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	for <patchwork@openvpn.net>; Fri, 16 Apr 2021 08:24:18 -0400
X-Spam-Threshold: 95
X-Spam-Score: 0
X-Spam-Flag: NO
X-Virus-Scanned: OK
X-Orig-To: openvpnslackdevel@openvpn.net
X-Originating-Ip: [216.105.38.7]
Authentication-Results: smtp11.gate.ord1c.rsapps.net;
 iprev=pass policy.iprev="216.105.38.7";
 spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net"
 smtp.helo="lists.sourceforge.net";
 dkim=fail (signature verification failed) header.d=sourceforge.net;
 dkim=fail (signature verification failed) header.d=sf.net;
 dkim=fail (signature verification failed) header.d=yandex-team.ru;
 dmarc=fail (p=none; dis=none) header.from=yandex-team.ru
X-Suspicious-Flag: YES
X-Classification-ID: a9cbeab0-9eae-11eb-97e8-bc305beffa54-1-1
Received: from [216.105.38.7] ([216.105.38.7:35668]
 helo=lists.sourceforge.net)
	by smtp11.gate.ord1c.rsapps.net (envelope-from
 <openvpn-devel-bounces@lists.sourceforge.net>)
	(ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384)
	id DE/A5-18211-1F189706; Fri, 16 Apr 2021 08:24:18 -0400
Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com)
	by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.90_1)
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	id 1lXNV3-0007kl-57; Fri, 16 Apr 2021 12:23:05 +0000
Received: from [172.30.20.202] (helo=mx.sourceforge.net)
 by sfs-ml-1.v29.lw.sourceforge.com with esmtps
 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1)
 (envelope-from <themiron@yandex-team.ru>) id 1lXNV1-0007Vz-6i
 for openvpn-devel@lists.sourceforge.net; Fri, 16 Apr 2021 12:23:03 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=sourceforge.net; s=x; h=References:In-Reply-To:Message-Id:Date:Subject:To:
 From:Sender:Reply-To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:
 Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:
 Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:
 List-Subscribe:List-Post:List-Owner:List-Archive;
 bh=u+wfl+s5M4uUYuT09zRjQkYj7XP8iytsk7Xgcg9dnSQ=; b=XNvCTZFgPb05H2e3NzLZkyBZwe
 Z4rh/RcpIFvVGZ2lU0s2oTktD7YwWpnz6jYaH4/zfgIgHBMP0+XRSV8Xwe3n3GmROWzAp/VVgxb1O
 sk+1wOg5uZ3owzzTxSyIVN5k+8fPpI/GfiCKKOO4UkjnYCf/L9GYYBnM7wTDA6hcNIac=;
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x
 ;
 h=References:In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc
 :MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:
 Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
 :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
 List-Post:List-Owner:List-Archive;
 bh=u+wfl+s5M4uUYuT09zRjQkYj7XP8iytsk7Xgcg9dnSQ=; b=kMS+BynjMOWgEFpFmTKlOAPa8J
 RaGT/kcbT4vTvTRCByPm2Mru9+CEP/QWb05Nm41wEQO2E3CMAnb/F9pWosceI8TZHQ7R2n8gqbwgA
 WcR7MOULhp7rst/xdnBSokbPOs4gmiPbAXt9TQkjcUPyXFseJJIsiOBO2pZFXzTu9+hk=;
Received: from forwardcorp1o.mail.yandex.net ([95.108.205.193])
 by sfi-mx-1.v28.lw.sourceforge.com with esmtps
 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92.2)
 id 1lXNFt-00F1cI-6T
 for openvpn-devel@lists.sourceforge.net; Fri, 16 Apr 2021 12:07:33 +0000
Received: from myt5-23f0be3aa648.qloud-c.yandex.net
 (myt5-23f0be3aa648.qloud-c.yandex.net
 [IPv6:2a02:6b8:c12:3e29:0:640:23f0:be3a])
 by forwardcorp1o.mail.yandex.net (Yandex) with ESMTP id 0E6B62E1A2C
 for <openvpn-devel@lists.sourceforge.net>;
 Fri, 16 Apr 2021 15:07:18 +0300 (MSK)
Received: from myt6-76f0a6db1a7e.qloud-c.yandex.net
 (myt6-76f0a6db1a7e.qloud-c.yandex.net [2a02:6b8:c12:422d:0:640:76f0:a6db])
 by myt5-23f0be3aa648.qloud-c.yandex.net (mxbackcorp/Yandex) with ESMTP id
 wk2zqRIpFn-7H0O0C4P; Fri, 16 Apr 2021 15:07:17 +0300
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex-team.ru;
 s=default;
 t=1618574837; bh=u+wfl+s5M4uUYuT09zRjQkYj7XP8iytsk7Xgcg9dnSQ=;
 h=Message-Id:References:Date:Subject:To:From:In-Reply-To;
 b=JHAF7IjuKmF30JbyXpWCody0b5pX+txEL/lQUFghCfBuoAO8fCgHVUCIEa2xYbGKI
 oMuZvuiIzSlGYwaaAFTG6kCD2mbiAV8+fXkpEECSfdeBfxVkXO8AQIOrMg7voZTajw
 RoLxjqYJu2Dd3NtfBMrUQ+Zq7PBOQGq1RtMMmm+4=
Received: from 178.154.162.245-vpn.dhcp.yndx.net
 (178.154.162.245-vpn.dhcp.yndx.net [178.154.162.245])
 by myt6-76f0a6db1a7e.qloud-c.yandex.net (smtpcorp/Yandex) with ESMTPSA id
 rvb0JLZksa-7Ho0augS; Fri, 16 Apr 2021 15:07:17 +0300
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
 (Client certificate not present)
From: Vladislav Grishenko <themiron@yandex-team.ru>
To: openvpn-devel@lists.sourceforge.net
Date: Fri, 16 Apr 2021 17:07:08 +0500
Message-Id: <20210416120708.1532-2-themiron@yandex-team.ru>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20210416120708.1532-1-themiron@yandex-team.ru>
References: <20210415230545.22317-1-themiron@yandex-team.ru>
 <20210416120708.1532-1-themiron@yandex-team.ru>
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
 See http://spamassassin.org/tag/ for more details.
 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked.
 See
 http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
 for more information. [URIs: yandex-team.ru]
 -0.0 SPF_PASS               SPF: sender matches SPF record
 0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record
 -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's
 domain
 -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
 0.1 DKIM_SIGNED            Message has a DKIM or DK signature,
 not necessarily valid
X-Headers-End: 1lXNFt-00F1cI-6T
Subject: [Openvpn-devel] [PATCH v3 2/2] Add basic support for multipath
 gateway
X-BeenThere: openvpn-devel@lists.sourceforge.net
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <openvpn-devel.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/options/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: 
 <http://sourceforge.net/mailarchive/forum.php?forum_name=openvpn-devel>
List-Post: <mailto:openvpn-devel@lists.sourceforge.net>
List-Help: <mailto:openvpn-devel-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=subscribe>
MIME-Version: 1.0
Errors-To: openvpn-devel-bounces@lists.sourceforge.net
X-getmail-retrieved-from-mailbox: Inbox

Load balancing setup over multiple upstreams may include multipath
gateway route, which is not not supported by OpenVPN.
Let's add basic support for that for selecting best route for zero
destination address - use any one of nexthop addresses as a gateway,
weights are not handled.

Setup example:

    ip route add default \
        nexthop via 192.168.1.1 dev eth1 weight 1 \
        nexthop via 192.168.2.1 dev eth2 weight 1

v2: keep gateway address unchanged on lookup error
v3: reduce ammout of gateway address copying

Reported-by: Donald Sharp <donaldsharp72@gmail.com>
Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru>
---
 src/openvpn/networking_sitnl.c | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)

diff --git a/src/openvpn/networking_sitnl.c b/src/openvpn/networking_sitnl.c
index ea1621ed..aa35f5f5 100644
--- a/src/openvpn/networking_sitnl.c
+++ b/src/openvpn/networking_sitnl.c
@@ -450,6 +450,9 @@ sitnl_route_save(struct nlmsghdr *n, void *arg)
 
     while (RTA_OK(rta, len))
     {
+        struct rtnexthop *nh;
+        int nhlen;
+
         switch (rta->rta_type)
         {
             /* route interface */
@@ -470,6 +473,37 @@ sitnl_route_save(struct nlmsghdr *n, void *arg)
             case RTA_TABLE:
                 table = *(unsigned int *)RTA_DATA(rta);
                 break;
+
+            /* multipath nexthops */
+            case RTA_MULTIPATH:
+                nh = RTA_DATA(rta);
+                nhlen = RTA_PAYLOAD(rta);
+
+                while (RTNH_OK(nh, nhlen))
+                {
+                    struct rtattr *nha = RTNH_DATA(nh);
+                    int nhalen = nh->rtnh_len - sizeof(*nh);
+
+                    /* init route interface & gateway */
+                    ifindex = nh->rtnh_ifindex;
+                    gw = NULL;
+
+                    while (RTA_OK(nha, nhalen))
+                    {
+                        switch (nha->rta_type)
+                        {
+                            /* GW for the route */
+                            case RTA_GATEWAY:
+                                gw = RTA_DATA(nha);
+                                break;
+                        }
+
+                        nha = RTA_NEXT(nha, nhalen);
+                    }
+
+                    nh = RTNH_NEXT(nh);
+                }
+                break;
         }
 
         rta = RTA_NEXT(rta, len);