updates for tunnel routing #3859
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
rcgoodfellow
force-pushed
the
boundary-tunnel-routing
branch
from
c2265a0 to
aa9017a
Compare
internet-diglett
approved these changes
Aug 29, 2023
| @@ -83,6 +83,15 @@ z_swadm () { | |||
| pfexec zlogin oxz_switch /opt/oxide/dendrite/bin/swadm $@ | |||
| } | |||
|
|
|||
| # XXX remove. This is just to test against a development branch of OPTE in CI. | |||
There was a problem hiding this comment.
When should this be removed?
There was a problem hiding this comment.
When the following lands
rcgoodfellow
force-pushed
the
boundary-tunnel-routing
branch
2 times, most recently
from
6bc5372 to
43d5f0a
Compare
rcgoodfellow
force-pushed
the
boundary-tunnel-routing
branch
3 times, most recently
from
a0942ed to
e89ab39
Compare
|
First pass of new changes look good, gonna get some more coffee and give it another once over. Just to persist our earlier convo here, we have several scenarios in which routing data will need to be persisted and restored that we will need to double-check coverage of:
I don't think that should block this PR since I believe the changes in this PR perform just as well, if not better, than our current implementation. |
internet-diglett
approved these changes
Jan 23, 2024
rcgoodfellow
force-pushed
the
boundary-tunnel-routing
branch
from
e89ab39 to
8bce2af
Compare
rcgoodfellow
force-pushed
the
boundary-tunnel-routing
branch
from
8bce2af to
978cf08
Compare
This is now done by `mgd`.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Up until now, we've advertised a hard-coded boundary services address
fd00:99::1from each sidecar to all the gimlets. Effectively creating an anycast tunnel endpoint for geneve packets to be decapsulated and transit to upstream networks. That's problematic if a given sidecar is not a viable tunnel endpoint for any packet destined for external networks. This PR changes that to conform to the model of RFD 404.Omicron no longer manages boundary services tunnel endpoint addresses, as these are now really now an implementation detail of how the underlay network and the external network intersect. See RFD 404 section 2.1 for more details.
This PR depends on the following.
Code changes to Omicron itself in this PR include
ddm, as this is nowmgd's job.mgdinstead ofdpd. This is required formgdto have visibility of the entire RIB, both static and dynamic, and to make tunnel endpoint advertisements automatically based on changes in the RIB. See RFD 404 section 2.2 for more details. Updates for both early networking and Nexus API handlers have been made.