Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

snet: add extension header support to DataplanePath and PacketInfo #4628

Open
marcodermatt opened this issue Sep 20, 2024 · 0 comments
Open

snet: add extension header support to DataplanePath and PacketInfo #4628

marcodermatt opened this issue Sep 20, 2024 · 0 comments
Labels
i/proposal A new idea requiring additional input and discussion

Comments

@marcodermatt
Copy link
Contributor

For the implementation of the FABRID protocol in scionlab (netsec-ethz#168) it was necessary to access Hop-by-Hop and End-to-End extension headers during serialization and decoding of the packet.

We added a new SetExtensions function to the DataplanePath interface, which is called in packet.go. For existing DataplanePaths (onehop, scion, etc.) this function just returns nil.

// DataplanePath is an abstract representation of a SCION dataplane path.
type DataplanePath interface {
	// SetPath sets the path in the SCION header. It assumes that all the fields
	// except the path and path type are set correctly.
	SetPath(scion *slayers.SCION) error
	// SetExtensions sets the HBH and E2E extension headers. It is called directly after
	// the SetPath function.
	SetExtensions(s *slayers.SCION, p *PacketInfo) error
}

The complete code changes can be found in this commit (marcodermatt@576373e) which is independent of FABRID.

This would also allow implementing EPIC-HP as an HBH-option (#4099).
@marcodermatt marcodermatt added the i/proposal A new idea requiring additional input and discussion label Sep 20, 2024
@marcodermatt marcodermatt mentioned this issue Sep 20, 2024
Merged
jeltevanbommel added a commit to netsec-ethz/scion that referenced this issue Sep 20, 2024
@jeltevanbommel
FABRID base version (#168)
17d89ad 
Control plane features:
- Definition of FABRID policies and connection points on which they are
available
- CS loads policies and appends maps for policy indices and connection
points as detachable extensions to PCBs
- Remote CSes cache FABRID maps
- SD fetches detached extensions on request

Data plane features:
- Fabrid and Identifier HBH extensions for sending FABRID traffic
- WithFabrid option for choosing paths based on the fabrid query
- Fabrid dataplane path which sets HBH extensions
- BR fetches DRKey secret values and fabrid config on startup
- BR validates and updates FABRID HVFs

Tools:
- topology: --fabrid flag enables DRKey and fabrid for local topology
- ping: select fabrid policies with --fabridquery flag
- end2end: run integration test with --fabrid to test path validation

Demo:
1. `./scion.sh topology --fabrid` (docker: `./scion.sh topology -d
--endhosts --fabrid`)
2. `./scion.sh run`
3. `./bin/end2end_integration --fabrid` (docker:
`./bin/end2end_integration -d --fabrid`)
4. `./scion.sh stop`

Upstream changes:
- scionproto#4628
@jeltevanbommel jeltevanbommel mentioned this issue Sep 20, 2024
Merged
jeltevanbommel added a commit to netsec-ethz/scion that referenced this issue Sep 20, 2024
@jeltevanbommel
FABRID base version (#170)
40e047e 
Control plane features:
- Definition of FABRID policies and connection points on which they are
available
- CS loads policies and appends maps for policy indices and connection
points as detachable extensions to PCBs
- Remote CSes cache FABRID maps
- SD fetches detached extensions on request

Data plane features:
- Fabrid and Identifier HBH extensions for sending FABRID traffic
- WithFabrid option for choosing paths based on the fabrid query
- Fabrid dataplane path which sets HBH extensions
- BR fetches DRKey secret values and fabrid config on startup
- BR validates and updates FABRID HVFs

Tools:
- topology: --fabrid flag enables DRKey and fabrid for local topology
- ping: select fabrid policies with --fabridquery flag
- end2end: run integration test with --fabrid to test path validation

Demo:
1. `./scion.sh topology --fabrid` (docker: `./scion.sh topology -d
--endhosts --fabrid`)
2. `./scion.sh run`
3. `./bin/end2end_integration --fabrid` (docker:
`./bin/end2end_integration -d --fabrid`)
4. `./scion.sh stop`

Upstream changes:
- scionproto#4628
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
i/proposal A new idea requiring additional input and discussion
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@marcodermatt