Adds basic support for IPv6 (#255)

* Adds basic support for IPv6

- Adds IPv6 support to the OPTE API and main engine types. This includes
  fleshing out some missing edges for IPv6 addresses and CIDRs, and
  adding support for specifying IPv6 addresses in router entries, etc.
  The main type expanded here is the `VpcCfg`, which now supports an
  `IpCfg` that specifies all L3 information. That supports exactly one
  IPv4 or IPv6, or one of each, for private addresses. An optional SNAT
  and external address for each are also supported.
- Updates the `opte-ioctl` and `opteadm` crates to support IPv6, and to
  use a `VpcCfg` as the argument, rather than a bunch of disparate
  arguments. Fleshes out handling for IPv6 in router entries, port info
  and printing, and layer / rule printing.
- Adds a few niceties to the D scripts for pretty-printing IPv6
- Renames a lot of IPv4 specific types, such as `Dhcp4Reply` to
  `DhcpReply`. Types without a prefix will be assumed to refer to IPv4,
  and IPv6 will always have a version number.
- Adds an `icmpv6` layer to `opte` and the `oxide-vpc`, and inserts it
  in the configuration created by the `xde` driver. This supports ICMPv6
  echo requests from the guest to the gateway only. An integration test
  verifying the hairpinned echo reply is also here.
- Updates the API version check script to compare all commits relative
  to the `master` branch, rather than the last.

* Review feedback

- Better router error message
- Better error messages when parsing IpAddr / IpCidr
- Better comments throughout, some better type names
- DCE
- Fix ARP handling to unconditionally drop outbound requests for
  anything other than the gateway, and all inbound requests.

* Review feedback 2

- Renamed `public_ip` -> `external_ip` fields on NAT-related types. This
  is important because the "outside" IP address for NAT need not
  actually be an address that's routable on the public Internet. It can
  be any address in any network on the other side of the NAT node.
- Fix location of Copy derive

Author: bnaecker

dtrace/common.h

@@ -27,13 +27,13 @@
 	*this->src_ip6 = fvar->src_ip6;				\
 	*this->dst_ip6 = fvar->dst_ip6;				\
 	svar = protos[fvar->proto];				\
-	svar = strjoin(svar, ",");				\
+	svar = strjoin(svar, ",[");				\
 	svar = strjoin(svar, inet_ntoa6(this->src_ip6));	\
-	svar = strjoin(svar, ":");				\
+	svar = strjoin(svar, "]:");				\
 	svar = strjoin(svar, lltostr(ntohs(fvar->src_port)));	\
-	svar = strjoin(svar, ",");				\
+	svar = strjoin(svar, ",[");				\
 	svar = strjoin(svar, inet_ntoa6(this->dst_ip6));	\
-	svar = strjoin(svar, ":");				\
+	svar = strjoin(svar, "]:");				\
 	svar = strjoin(svar, lltostr(ntohs(fvar->dst_port)));
 
 #define ETH_FMT(svar, evar)					\

dtrace/opte-flow-expire.d

@@ -6,18 +6,11 @@
  * dtrace -L ./lib -I . -Cqs ./opte-flow-expire.d
  */
 #include "common.h"
+#include "protos.d"
 
 #define	HDR_FMT "%-24s %-18s %s\n"
 
 BEGIN {
-	/*
-	 * Use an associative array to stringify the protocol number.
-	 */
-	protos[1]= "ICMP";
-	protos[2] = "IGMP";
-	protos[6] = "TCP";
-	protos[17] = "UDP";
-
 	printf(HDR_FMT, "PORT", "FT NAME", "FLOW");
 	num = 0;
 }

dtrace/opte-gen-desc-fail.d

@@ -4,18 +4,11 @@
  * dtrace -L ./lib -I . -Cqs ./opte-gen-desc-fail.d
  */
 #include "common.h"
+#include "protos.d"
 
 #define HDR_FMT	"%-12s %-12s %-4s %-48s %s\n"
 
 BEGIN {
-	/*
-	 * Use an associative array to stringify the protocol number.
-	 */
-	protos[1] = "ICMP";
-	protos[2] = "IGMP";
-	protos[6] = "TCP";
-	protos[17] = "UDP";
-
 	printf(HDR_FMT, "PORT", "LAYER", "DIR", "FLOW", "MSG");
 	num = 0;
 }

dtrace/opte-gen-ht-fail.d

@@ -4,17 +4,11 @@
  * dtrace -L ./lib -I . -Cqs ./opte-gen-desc-fail.d
  */
 #include "common.h"
+#include "protos.d"
 
 #define HDR_FMT	"%-12s %-12s %-4s %-48s %s\n"
 
 BEGIN {
-	/*
-	 * Use an associative array to stringify the protocol number.
-	 */
-	protos[1] = "ICMP";
-	protos[2] = "IGMP";
-	protos[6] = "TCP";
-	protos[17] = "UDP";
 
 	printf(HDR_FMT, "PORT", "LAYER", "DIR", "FLOW", "MSG");
 	num = 0;

dtrace/opte-guest-loopback.d

@@ -4,19 +4,11 @@
  * dtrace -L ./lib -I . -Cqs ./opte-guest-loopback.d
  */
 #include "common.h"
+#include "protos.d"
 
 #define	HDR_FMT		"%-43s %-12s %-12s\n"
 
 BEGIN {
-	/*
-	 * Use an associative array to stringify the protocol number.
-	 */
-	protos[1] = "ICMP";
-	protos[2] = "IGMP";
-	protos[6] = "TCP";
-	protos[17] = "UDP";
-	protos[255] = "XXX";
-
 	printf(HDR_FMT, "FLOW", "SRC PORT", "DST PORT");
 	num = 0;
 }

dtrace/opte-ht.d

@@ -1,21 +1,14 @@
 /*
- * Track Header Transpositions as they happen.
+ * Track Header Transformations as they happen.
  *
  * dtrace -L ./lib -I . -Cqs ./opte-ht.d
  */
 #include "common.h"
+#include "protos.d"
 
 #define	HDR_FMT "%-3s %-12s %-12s %-40s %-40s\n"
 
 BEGIN {
-	/*
-	 * Use an associative array to stringify the protocol number.
-	 */
-	protos[1]= "ICMP";
-	protos[2] = "IGMP";
-	protos[6] = "TCP";
-	protos[17] = "UDP";
-
 	printf(HDR_FMT, "DIR", "PORT", "LOCATION", "BEFORE", "AFTER");
 	num = 0;
 }

dtrace/opte-layer-process.d

@@ -7,19 +7,11 @@
  * dtrace -L ./lib -I . -Cqs ./opte-layer-process.d
  */
 #include "common.h"
+#include "protos.d"
 
 #define	HDR_FMT		"%-16s %-16s %-3s %-48s %s\n"
 
 BEGIN {
-	/*
-	 * Use an associative array to stringify the protocol number.
-	 */
-	protos[1] = "ICMP";
-	protos[2] = "IGMP";
-	protos[6] = "TCP";
-	protos[17] = "UDP";
-	protos[255] = "XXX";
-
 	printf(HDR_FMT, "PORT", "LAYER", "DIR", "FLOW", "RES");
 	num = 0;
 }

dtrace/opte-port-process.d

@@ -4,6 +4,7 @@
  * dtrace -L ./lib -I . -Cqs ./opte-port-process.d
  */
 #include "common.h"
+#include "protos.d"
 
 #define	HDR_FMT		"%-12s %-3s %-8s %-43s %-5s %s\n"
 #define	LINE_FMT	"%-12s %-3s %-8u %-43s %-5u %s\n"
@@ -12,11 +13,6 @@ BEGIN {
 	/*
 	 * Use an associative array to stringify the protocol number.
 	 */
-	protos[1] = "ICMP";
-	protos[2] = "IGMP";
-	protos[6] = "TCP";
-	protos[17] = "UDP";
-	protos[255] = "XXX";
 
 	printf(HDR_FMT, "NAME", "DIR", "EPOCH", "FLOW", "LEN", "RESULT");
 	num = 0;

dtrace/opte-rule-match.d

@@ -4,19 +4,11 @@
  * dtrace -L ./lib -I . -Cqs ./opte-rule-match.d
  */
 #include "common.h"
+#include "protos.d"
 
 #define	HDR_FMT		"%-8s %-12s %-6s %-3s %-43s %s\n"
 
 BEGIN {
-	/*
-	 * Use an associative array to stringify the protocol number.
-	 */
-	protos[1] = "ICMP";
-	protos[2] = "IGMP";
-	protos[6] = "TCP";
-	protos[17] = "UDP";
-	protos[255] = "XXX";
-
 	printf(HDR_FMT, "PORT", "LAYER", "MATCH", "DIR", "FLOW", "ACTION");
 	num = 0;
 }

dtrace/opte-tcp-flow-state.d

@@ -4,17 +4,11 @@
  * dtrace -L ./lib -I . -Cqs ./opte-tcp-flow-state.d
  */
 #include "common.h"
+#include "protos.d"
 
 #define	FMT	"%-16s %-12s %-12s %s\n"
 
 BEGIN {
-	/*
-	 * Use an associative array to stringify the protocol number.
-	 * It's always going to be TCP but we need this declared so
-	 * the FLOW_FMT macros work.
-	 */
-	protos[6] = "TCP";
-
 	/*
 	 * Use an associative array to stringify the TCP state
 	 * values.

dtrace/opte-uft-invaildate.d

@@ -8,20 +8,12 @@
  * dtrace -L ./lib -I . -Cqs ./opte-uft-invalidate.d
  */
 #include "common.h"
+#include "protos.d"
 
 #define	HDR_FMT		"%-8s %-3s %-43s %s\n"
 #define	LINE_FMT	"%-8s %-3s %-43s %u\n"
 
 BEGIN {
-	/*
-	 * Use an associative array to stringify the protocol number.
-	 */
-	protos[1] = "ICMP";
-	protos[2] = "IGMP";
-	protos[6] = "TCP";
-	protos[17] = "UDP";
-	protos[255] = "XXX";
-
 	printf(HDR_FMT, "PORT", "DIR", "FLOW", "EPOCH");
 	num = 0;
 }

dtrace/protos.d

@@ -0,0 +1,11 @@
+/*
+ * Definitions of the IP protocol numbers as an associative array.
+ */
+BEGIN {
+	protos[1] = "ICMP";
+	protos[2] = "IGMP";
+	protos[6] = "TCP";
+	protos[17] = "UDP";
+	protos[58] = "ICMPv6";
+	protos[255] = "XXX";
+}

opte-api/check-api-version.sh

@@ -1,8 +1,8 @@
 #!/bin/bash
 #
-# If there is a change to an opte-api source file in the last commit,
-# then verify that the API_VERSION value has increased.
-if git log -1 -p master..HEAD | grep '^diff.*opte-api/src'
+# If there is a change to an opte-api source file relative to the `master`
+# branch, # then verify that the API_VERSION value has increased.
+if git diff master..HEAD | grep '^diff.*opte-api/src'
 then
-	git log -p -1 master..HEAD | awk -f check-api-version.awk
+	git diff master..HEAD | awk -f check-api-version.awk
 fi

opte-api/src/cmd.rs

@@ -5,6 +5,7 @@
 // Copyright 2022 Oxide Computer Company
 
 use super::encap::Vni;
+use super::ip::IpCidr;
 use super::mac::MacAddr;
 use super::API_VERSION;
 use illumos_sys_hdrs::{c_int, size_t};
@@ -24,21 +25,21 @@ pub const XDE_DLD_OPTE_CMD: i32 = XDE_DLD_PREFIX | 7777;
 #[derive(Clone, Copy, Debug)]
 #[repr(C)]
 pub enum OpteCmd {
-    ListPorts = 1,           // list all ports
-    AddFwRule = 20,          // add firewall rule
-    RemFwRule = 21,          // remove firewall rule
-    SetFwRules = 22,         // set/replace all firewall rules at once
-    DumpTcpFlows = 30,       // dump TCP flows
-    DumpLayer = 31,          // dump the specified Layer
-    DumpUft = 32,            // dump the Unified Flow Table
-    ListLayers = 33,         // list the layers on a given port
-    ClearUft = 40,           // clear the UFT
-    SetVirt2Phys = 50,       // set a v2p mapping
-    DumpVirt2Phys = 51,      // dump the v2p mappings
-    AddRouterEntryIpv4 = 60, // add a router entry for IPv4 dest
-    CreateXde = 70,          // create a new xde device
-    DeleteXde = 71,          // delete an xde device
-    SetXdeUnderlay = 72,     // set xde underlay devices
+    ListPorts = 1,       // list all ports
+    AddFwRule = 20,      // add firewall rule
+    RemFwRule = 21,      // remove firewall rule
+    SetFwRules = 22,     // set/replace all firewall rules at once
+    DumpTcpFlows = 30,   // dump TCP flows
+    DumpLayer = 31,      // dump the specified Layer
+    DumpUft = 32,        // dump the Unified Flow Table
+    ListLayers = 33,     // list the layers on a given port
+    ClearUft = 40,       // clear the UFT
+    SetVirt2Phys = 50,   // set a v2p mapping
+    DumpVirt2Phys = 51,  // dump the v2p mappings
+    AddRouterEntry = 60, // add a router entry for IP dest
+    CreateXde = 70,      // create a new xde device
+    DeleteXde = 71,      // delete an xde device
+    SetXdeUnderlay = 72, // set xde underlay devices
 }
 
 impl TryFrom<c_int> for OpteCmd {
@@ -57,7 +58,7 @@ impl TryFrom<c_int> for OpteCmd {
             40 => Ok(Self::ClearUft),
             50 => Ok(Self::SetVirt2Phys),
             51 => Ok(Self::DumpVirt2Phys),
-            60 => Ok(Self::AddRouterEntryIpv4),
+            60 => Ok(Self::AddRouterEntry),
             70 => Ok(Self::CreateXde),
             71 => Ok(Self::DeleteXde),
             72 => Ok(Self::SetXdeUnderlay),
@@ -146,7 +147,7 @@ pub enum OpteError {
     DeserCmdErr(String),
     DeserCmdReq(String),
     FlowExists(String),
-    InvalidRouteDest(String),
+    InvalidRouterEntry { dest: IpCidr, target: String },
     LayerNotFound(String),
     MacExists { port: String, vni: Vni, mac: MacAddr },
     MaxCapacity(u64),
@@ -181,7 +182,7 @@ impl OpteError {
             Self::DeserCmdErr(_) => ENOMSG,
             Self::DeserCmdReq(_) => ENOMSG,
             Self::FlowExists(_) => EEXIST,
-            Self::InvalidRouteDest(_) => EINVAL,
+            Self::InvalidRouterEntry { .. } => EINVAL,
             Self::LayerNotFound(_) => ENOENT,
             Self::MacExists { .. } => EEXIST,
             Self::MaxCapacity(_) => ENFILE,