I am trying to strip MPLS header using DPDK, I have use the flow_filtering sample application as starting and tried to add another item in the pattern:
Ethernet
MPLS
IPv4
END
and I added the following action:
RTE_FLOW_ACTION_TYPE_OF_POP_MPLS
RTE_FLOW_ACTION_TYPE_END
But while executing the code following error is thrown:
Flow can't be created 16 message: Not supported action.
Following is the snippet of the code:
action[0].type = RTE_FLOW_ACTION_TYPE_OF_POP_MPLS;
action[1].type = RTE_FLOW_ACTION_TYPE_END;
pattern[0].type = RTE_FLOW_ITEM_TYPE_ETH;
pattern[1].type = RTE_FLOW_ITEM_TYPE_MPLS;
memset(&ip_spec, 0, sizeof(struct rte_flow_item_ipv4));
memset(&ip_mask, 0, sizeof(struct rte_flow_item_ipv4));
ip_spec.hdr.dst_addr = htonl(dest_ip);
ip_mask.hdr.dst_addr = dest_mask;
ip_spec.hdr.src_addr = htonl(src_ip);
ip_mask.hdr.src_addr = src_mask;
pattern[2].type = RTE_FLOW_ITEM_TYPE_IPV4;
pattern[2].spec = &ip_spec;
pattern[2].mask = &ip_mask;
pattern[3].type = RTE_FLOW_ITEM_TYPE_END;
res = rte_flow_validate(port_id, &attr, pattern, action, error);
By removing the pattern[1].type = RTE_FLOW_ITEM_TYPE_MPLS; and action[0].type = RTE_FLOW_ACTION_TYPE_OF_POP_MPLS;. The code works fine.
I tried to change the order of MPLS in pattern even though MPLS header reside between L2 and L3 layer but no use.
Version:
Linux: CentOS 7
DPDK: 19.08.2
NIC: X520
Firmware version: 18.5.17
For Intel NIC X520 the error message Flow can't be created 16 messages: Not supported action is the right and expected behaviour. Hence there is no issue in DPDK IXGBE PMD driver.
Explanation:
RTE_FLOW is NIC based on Hardware Offload to filter and modify packets in both ingress and egress directions, more details here.
There are multiple filter tags (like vlan, IP, TCP, UDP, MPLS) along with various action items (push pop vlan, push pop mpsl, dec inc mpls ttl, ...etc). But not all filter and actions are supported by all NIC (as these are optional).
Refer Table 1.3 rte_flow actions availability in networking drivers (link here) which maps each NIC PMD with the action. IXGBE is not shown to support MPLS actions.
Checking the PMD code here, even shows supported filter fields.
const struct rte_flow_item_ipv4 *ipv4_spec;
const struct rte_flow_item_ipv4 *ipv4_mask;
const struct rte_flow_item_tcp *tcp_spec;
const struct rte_flow_item_tcp *tcp_mask;
const struct rte_flow_item_udp *udp_spec;
const struct rte_flow_item_udp *udp_mask;
const struct rte_flow_item_sctp *sctp_spec;
const struct rte_flow_item_sctp *sctp_mask;
const struct rte_flow_item_eth *eth_spec;
const struct rte_flow_item_eth *eth_mask;
const struct rte_flow_item_vlan *vlan_spec;
const struct rte_flow_item_vlan *vlan_mask;
Hence the code and IXGBE PMD behaviour are consistent and there is no error. It is the expectation from X550 to support an unsupported feature that is incorrect.
[EDIT-1] according to the sheet, none of the drivers support the "of_pop_mpls" action which implies that we can't strip off the MPLS header using RTE_FLOWS
That is the correct understanding, so far the current available foundational NIC shows none support MPLS pop/push. But I am familiar with Intel NIC FM10K which allowed MPLS POP/PUSH, but I do not see that NIC is supported under DPDK. SO you have 2 options,
use smart nic to do it HW
use DPDK RX-callback to invoke the function to pop the MPLS tag and TX callback to push MPLS tag
Note: PTYPE is supported in most NIC, and parsing of MPLS and saving tin rte_mbuf will be available too. This will also help while using SW approach.
Related
I am working on a project where I need to send back 302 reply. Everything seems to work, except I can't remove certain headers, i.e. From, Contact, etc. (I don't want to remove them completely, but rather substitute with my own version of it). I use KEMI with Lua to do so:
KSR.hdr.remove("From")
As I mentioned, this does not work (while other functions from hdr work fine in the same context, namely KSR.hdr.append_to_reply(...).
I decided to look at the Kamailio source code and found following lines of code in kemi.c file:
int sr_kemi_hdr_remove(sip_msg_t *msg, str *hname)
{
...
anchor=del_lump(msg, hf->name.s - msg->buf, hf->len, 0);
if (anchor==0) {
LM_ERR("cannot remove hdr %.*s\n", hname->len, hname->s);
return -1;
}
}
return 1;
}
Looking at the last parameter that del_lump takes, it is of type _hdr_types_t which describes an enum of different header types. Now, in particular to me, there were three headers I was working with:
From (type 4)
Contact (type 7)
Other (type 0)
So my question is, why does that function is hardcoded to take only OTHER headers, but not other ones, i.e. From and Contact? Is that to safeguard from breaking the SIP request (inadvertently removing required headers)?
And as a follow up question, is it even possible to remove From and Contact from reply messages?
I assume the 302 is generated by Kamailio, then several headers are copied from the incoming request, like From, To, Call-Id, CSeq. Therefore if you want a different From in the generated reply, change it in the request and then do msg_apply_changes().
Contact headers for redirect (3xx) replies are generated from the destination set of the request (modified R-URI and branches that can be created by append_branch(), lookup("location") etc.).
More headers can be added to the generated replies using append_to_reply().
Note that I gave the name of the functions for the native kamailio.cfg, but you can find them exported to Kemi as well (by core or textops, textopsx modules).
I'm working on an application using Play and Slick. This app requires access to (at least) two databases and this is working fine when one is defined as default and other is named. Eg.,
db.default.driver = "com.mysql.jdbc.Driver"
db.default.url = "jdbc:mysql://localhost:3306/db1"
db.db2.driver = "com.mysql.jdbc.Driver"
db.db2.url = "jdbc:mysql://localhost:3306/db2"
I can then happily access each db as follows
DB.withSession { implicit session => ??? }
DB("db2").withSession { implicit session => ??? }
However, this doesn't really make sense as there is no reason DB1 should be the default. The DBs contain different types of data, neither is the default, both are important. What I would like is:
db.db1.driver = "com.mysql.jdbc.Driver"
db.db1.url = "jdbc:mysql://localhost:3306/db1"
db.db2.driver = "com.mysql.jdbc.Driver"
db.db2.url = "jdbc:mysql://localhost:3306/db2"
Play-scala barfs at this thought. It needs a default db driver and URL and it needs to be able to connect to it.
Anyone know anyway to change this behaviour or to trick play into thinking it has a default?
UPDATE
To be clear, I've greped my code to ensure that I'm not using DB.withSession anywhere. That is, every time I create a session I use DB("db1").withSession or DB("db2").withSession. However, when I run my test, I still get an exception:
Caused by: Configuration error: Configuration error[Slick error : jdbc driver not defined in application.conf for db.default.driver key]
Something somewhere is trying to load the default config.
Default is just a name, with some convenience functions (withSession and withTransaction without name), so, no you do not need to have a default connection if it does not fit your project.
In my GAE app (Python) I have implemented multitenancy and multi-site support based on the host part of the request object.
For example, www.foo.com/index.html and www.bar.com/index.html are both handled by the same app (e.g. myapp.appspot.com). The app reads the host-value and then decides which namespace and site-configuration to use. This works great as long as the app receives the request directly from the user-agent.
However, I would like to use the Channel API, but there is an issue because requests to /_ah/channel/connected/ and /_ah/channel/disconnected/ are not originating from the original user-agent. Instead, the request has Host: myapp.appspot.com and the parameter to=myapp.appspot.com. (The from parameter is the token I expect. Also www.foo.com/_ah/channel/jsapi is redirected to a talkgadget server which is not documented but seems to be as expected.)
I assume, the problem is caused by the code in channel.js which doesn't call my app using the original host, e.g. www.foo.com/_ah/channel/connected. Instead it uses a talkgadget.google.com host which (as far as I can tell) will then call my app, but using myapp.appspot.com, ignoring the original host and so I cannot use the request's host value for my purpose.
As a workaround, I can figure out a way of including the host information into the channel token, so when my connected and disconnected handlers receive the token, they can use the token instead.
However, I would like to know if there is a better approach, where I could still get the original host name (e.g. www.foo.com) requests to /_ah/channel/connected/ and /_ah/channel/disconnected/. Any ideas?
This is what I have tried so far (with-out any success):
Adding the custom domain host name to the JS src attribute:
<script type="text/javascript" src="//www.foo.com/_ah/channel/jsapi"></script>
I also tried to manually override the base-url of the channel socket, suggested here: https://stackoverflow.com/questions/16558776/google-app-engine-channel-api-same-origin-policy
<script type="text/javascript">
onOpened = function() {
// TODO
};
onMessage = function() {
// TODO
};
onError = function() {
// TODO
};
onClose = function() {
// TODO
};
goog.appengine.Socket.BASE_URL = "https://www.foo.com/_ah/channel/";
channel = new goog.appengine.Channel('{{channelToken}}');
socket = channel.open();
socket.onopen = onOpened;
socket.onmessage = onMessage;
socket.onerror = onError;
socket.onclose = onClose;
</script>
I couldn't find any official documentation for channel.js and I don't want to implement something that is going to break easily with the next update by Google.
Short of a proxy, I don't see a better way than including the information in-band. The problem is that the library/infrastructure (can't be certain without looking deeper) is stripping the HTTP-layer information (the Host header), and indeed you don't have any control of the HTTP layer to pass custom headers, etc. So, you either need to have the info at a lower layer (TCP doesn't even provide a means to do this, and since the entrypoint of your code is through the browser running channel.js, rather than a system-level process running on the bare network interface, this is out of the picture decisively), or at a higher layer, ie. within the channel.
If I have a bus name, an object path, and an interface, how do I call DBus methods from Gjs (in a gnome-shell extension)?
I'm looking for the equivalent of the following python code:
import dbus
bus = dbus.SessionBus()
obj = bus.get_object("org.gnome.Caribou.Keyboard", "/org/gnome/SessionManager/EndSessionDialog")
obj.Open(0, 0, 120, dbus.Array(signature="o"))
(Note that I didn't explicitly use the interface due to some python-dbus magic, but I could have with iface = dbus.interface(obj, "org.gnome.SessionManager.EndSessionDialog"). Since I have the interface name, I'm fine with a solution that queries it. Also note that this example would be silly in Gjs, as it calls back into gnome-shell)
The import imports.dbus is deprecated since gnome-shell 3.4.
The new way is to use Gio as described here:
const Gio = imports.gi.Gio;
const MyIface = '<interface name="org.example.MyInterface">\
<method name="Activate" />\
</interface>';
const MyProxy = Gio.DBusProxy.makeProxyWrapper(MyIface);
let instance = new MyProxy(Gio.DBus.session, 'org.example.BusName',
'/org/example/Path');
(Note that the original post uses makeProxyClass, correct is makeProxyWrapper.)
You can get the interface definition, for example, by using introspection.
For pidgin/purple do:
$ dbus-send --print-reply --dest=im.pidgin.purple.PurpleService \
/im/pidgin/purple/PurpleObject org.freedesktop.DBus.Introspectable.Introspect
Further explanations on introspection and inspection of interfaces can be found here.
this should give you a better idea:
gjs> const DBus = imports.dbus;
gjs> for (let i in DBus) log(i);
I'm trying to programmatically get the proxy IP address or URL set on a system.
I found code that might work in a previous question here, but it's in Objective-C and what I am trying to use is plain C.
I've tried translating that obj-c code to C but no success.
Anyone knows how to get the system proxy in C?
Thank you
This is a C translation of that answer:
CFDictionaryRef proxies = SCDynamicStoreCopyProxies(NULL);
if (proxies) {
CFStringRef pacURL = (CFStringRef)CFDictionaryGetValue(proxies,
kSCPropNetProxiesProxyAutoConfigURLString);
if (pacURL) {
char url[257] = {};
CFStringGetCString(pacURL, url, sizeof url, kCFStringEncodingASCII);
// do something with url
}
CFRelease(proxies);
}
It needs to be linked to two frameworks: SystemConfiguration and CoreFoundation.
Note that this code gets the URL for automatic proxy configuration (kSCPropNetProxiesProxyAutoConfigURLString), if any. There are several other possible proxies, e.g. HTTP proxy or HTTPS proxy. For a list of all possible proxies, see the SCSchemaDefinitions Reference.