From 64ffe6d4409b71e5b513ebdda1446d722fd369d9 Mon Sep 17 00:00:00 2001 From: Richard Scheffenegger Date: Sun, 27 Sep 2020 21:43:19 +0000 Subject: [PATCH] Add DSCP support for network QoS to iscsi target. In order to prioritize iSCSI traffic across a network, DSCP can be used. In order not to rely on "ipfw setdscp" or in-network reclassification, this adds the dscp value directly to the portal group (where TCP sessions are accepted). The incoming iSCSI session is first handled by ctld for any CHAP authentication and the socket is then handed off to the in-kernel iscsi driver without modification of the socket parameters. Simply setting up the socket in ctld is sufficient to keep sending outgoing iSCSI related traffic with the configured DSCP value. Reviewed by: mav, trasz MFC after: 2 weeks Sponsored by: NetApp, Inc. Differential Revision: https://reviews.freebsd.org/D26385 --- usr.sbin/ctld/ctl.conf.5 | 8 +++++ usr.sbin/ctld/ctld.c | 27 ++++++++++++++++ usr.sbin/ctld/ctld.h | 1 + usr.sbin/ctld/parse.y | 52 ++++++++++++++++++++++++++++++- usr.sbin/ctld/token.l | 23 ++++++++++++++ usr.sbin/ctld/uclparse.c | 67 +++++++++++++++++++++++++++++++++++++++- 6 files changed, 176 insertions(+), 2 deletions(-) diff --git a/usr.sbin/ctld/ctl.conf.5 b/usr.sbin/ctld/ctl.conf.5 index 75503bba1695..90e85724a041 100644 --- a/usr.sbin/ctld/ctl.conf.5 +++ b/usr.sbin/ctld/ctl.conf.5 @@ -250,6 +250,14 @@ Specifies that this .Sy portal-group is listened by some other host. This host will announce it on discovery stage, but won't listen. +.It Ic dscp Ar value +The DiffServ Codepoint used for sending data. The DSCP can be +set to numeric, or hexadecimal values directly, as well as the +well-defined +.Qq Ar CSx +and +.Qq Ar AFxx +codepoints. .El .Ss target Context .Bl -tag -width indent diff --git a/usr.sbin/ctld/ctld.c b/usr.sbin/ctld/ctld.c index dc7a789fcb19..fc17b74de35d 100644 --- a/usr.sbin/ctld/ctld.c +++ b/usr.sbin/ctld/ctld.c @@ -625,6 +625,7 @@ portal_group_new(struct conf *conf, const char *name) TAILQ_INIT(&pg->pg_ports); pg->pg_conf = conf; pg->pg_tag = 0; /* Assigned later in conf_apply(). */ + pg->pg_dscp = -1; TAILQ_INSERT_TAIL(&conf->conf_portal_groups, pg, pg_next); return (pg); @@ -2181,6 +2182,32 @@ conf_apply(struct conf *oldconf, struct conf *newconf) cumulated_error++; continue; } + if (newpg->pg_dscp != -1) { + struct sockaddr sa; + int len = sizeof(sa); + getsockname(newp->p_socket, &sa, &len); + /* + * Only allow the 6-bit DSCP + * field to be modified + */ + int tos = newpg->pg_dscp << 2; + if (sa.sa_family == AF_INET) { + if (setsockopt(newp->p_socket, + IPPROTO_IP, IP_TOS, + &tos, sizeof(tos)) == -1) + log_warn("setsockopt(IP_TOS) " + "failed for %s", + newp->p_listen); + } else + if (sa.sa_family == AF_INET6) { + if (setsockopt(newp->p_socket, + IPPROTO_IPV6, IPV6_TCLASS, + &tos, sizeof(tos)) == -1) + log_warn("setsockopt(IPV6_TCLASS) " + "failed for %s", + newp->p_listen); + } + } error = bind(newp->p_socket, newp->p_ai->ai_addr, newp->p_ai->ai_addrlen); if (error != 0) { diff --git a/usr.sbin/ctld/ctld.h b/usr.sbin/ctld/ctld.h index 60dac68c0e0c..317fd0c33040 100644 --- a/usr.sbin/ctld/ctld.h +++ b/usr.sbin/ctld/ctld.h @@ -127,6 +127,7 @@ struct portal_group { TAILQ_HEAD(, port) pg_ports; char *pg_offload; char *pg_redirection; + int pg_dscp; uint16_t pg_tag; }; diff --git a/usr.sbin/ctld/parse.y b/usr.sbin/ctld/parse.y index c9478405599a..b6903890210b 100644 --- a/usr.sbin/ctld/parse.y +++ b/usr.sbin/ctld/parse.y @@ -41,6 +41,8 @@ #include #include "ctld.h" +#include +#include extern FILE *yyin; extern char *yytext; @@ -60,11 +62,13 @@ extern void yyrestart(FILE *); %token ALIAS AUTH_GROUP AUTH_TYPE BACKEND BLOCKSIZE CHAP CHAP_MUTUAL %token CLOSING_BRACKET CTL_LUN DEBUG DEVICE_ID DEVICE_TYPE -%token DISCOVERY_AUTH_GROUP DISCOVERY_FILTER FOREIGN +%token DISCOVERY_AUTH_GROUP DISCOVERY_FILTER DSCP FOREIGN %token INITIATOR_NAME INITIATOR_PORTAL ISNS_SERVER ISNS_PERIOD ISNS_TIMEOUT %token LISTEN LISTEN_ISER LUN MAXPROC OFFLOAD OPENING_BRACKET OPTION %token PATH PIDFILE PORT PORTAL_GROUP REDIRECT SEMICOLON SERIAL SIZE STR %token TAG TARGET TIMEOUT +%token AF11 AF12 AF13 AF21 AF22 AF23 AF31 AF32 AF33 AF41 AF42 AF43 +%token BE EF CS0 CS1 CS2 CS3 CS4 CS5 CS6 CS7 %union { @@ -353,6 +357,8 @@ portal_group_entry: portal_group_redirect | portal_group_tag + | + portal_group_dscp ; portal_group_discovery_auth_group: DISCOVERY_AUTH_GROUP STR @@ -463,6 +469,50 @@ portal_group_tag: TAG STR } ; +portal_group_dscp +: DSCP STR + { + uint64_t tmp; + + if (strcmp($2, "0x") == 0) { + tmp = strtol($2 + 2, NULL, 16); + } else if (expand_number($2, &tmp) != 0) { + yyerror("invalid numeric value"); + free($2); + return(1); + } + if (tmp >= 0x40) { + yyerror("invalid dscp value"); + return(1); + } + + portal_group->pg_dscp = tmp; + } +| DSCP BE { portal_group->pg_dscp = IPTOS_DSCP_CS0 >> 2 ; } +| DSCP EF { portal_group->pg_dscp = IPTOS_DSCP_EF >> 2 ; } +| DSCP CS0 { portal_group->pg_dscp = IPTOS_DSCP_CS0 >> 2 ; } +| DSCP CS1 { portal_group->pg_dscp = IPTOS_DSCP_CS1 >> 2 ; } +| DSCP CS2 { portal_group->pg_dscp = IPTOS_DSCP_CS2 >> 2 ; } +| DSCP CS3 { portal_group->pg_dscp = IPTOS_DSCP_CS3 >> 2 ; } +| DSCP CS4 { portal_group->pg_dscp = IPTOS_DSCP_CS4 >> 2 ; } +| DSCP CS5 { portal_group->pg_dscp = IPTOS_DSCP_CS5 >> 2 ; } +| DSCP CS6 { portal_group->pg_dscp = IPTOS_DSCP_CS6 >> 2 ; } +| DSCP CS7 { portal_group->pg_dscp = IPTOS_DSCP_CS7 >> 2 ; } +| DSCP AF11 { portal_group->pg_dscp = IPTOS_DSCP_AF11 >> 2 ; } +| DSCP AF12 { portal_group->pg_dscp = IPTOS_DSCP_AF12 >> 2 ; } +| DSCP AF13 { portal_group->pg_dscp = IPTOS_DSCP_AF13 >> 2 ; } +| DSCP AF21 { portal_group->pg_dscp = IPTOS_DSCP_AF21 >> 2 ; } +| DSCP AF22 { portal_group->pg_dscp = IPTOS_DSCP_AF22 >> 2 ; } +| DSCP AF23 { portal_group->pg_dscp = IPTOS_DSCP_AF23 >> 2 ; } +| DSCP AF31 { portal_group->pg_dscp = IPTOS_DSCP_AF31 >> 2 ; } +| DSCP AF32 { portal_group->pg_dscp = IPTOS_DSCP_AF32 >> 2 ; } +| DSCP AF33 { portal_group->pg_dscp = IPTOS_DSCP_AF33 >> 2 ; } +| DSCP AF41 { portal_group->pg_dscp = IPTOS_DSCP_AF41 >> 2 ; } +| DSCP AF42 { portal_group->pg_dscp = IPTOS_DSCP_AF42 >> 2 ; } +| DSCP AF43 { portal_group->pg_dscp = IPTOS_DSCP_AF43 >> 2 ; } + ; + + lun: LUN lun_name OPENING_BRACKET lun_entries CLOSING_BRACKET { diff --git a/usr.sbin/ctld/token.l b/usr.sbin/ctld/token.l index d4991452fcae..30b7d770e691 100644 --- a/usr.sbin/ctld/token.l +++ b/usr.sbin/ctld/token.l @@ -63,6 +63,7 @@ device-id { return DEVICE_ID; } device-type { return DEVICE_TYPE; } discovery-auth-group { return DISCOVERY_AUTH_GROUP; } discovery-filter { return DISCOVERY_FILTER; } +dscp { return DSCP; } foreign { return FOREIGN; } initiator-name { return INITIATOR_NAME; } initiator-portal { return INITIATOR_PORTAL; } @@ -85,6 +86,28 @@ size { return SIZE; } tag { return TAG; } target { return TARGET; } timeout { return TIMEOUT; } +af11 { return AF11; } +af12 { return AF12; } +af13 { return AF13; } +af21 { return AF21; } +af22 { return AF22; } +af23 { return AF23; } +af31 { return AF31; } +af32 { return AF32; } +af33 { return AF33; } +af41 { return AF41; } +af42 { return AF42; } +af43 { return AF43; } +be { return CS0; } +ef { return EF; } +cs0 { return CS0; } +cs1 { return CS1; } +cs2 { return CS2; } +cs3 { return CS3; } +cs4 { return CS4; } +cs5 { return CS5; } +cs6 { return CS6; } +cs7 { return CS7; } \"[^"]+\" { yylval.str = strndup(yytext + 1, strlen(yytext) - 2); return STR; } [a-zA-Z0-9\.\-@_/\:\[\]]+ { yylval.str = strdup(yytext); return STR; } diff --git a/usr.sbin/ctld/uclparse.c b/usr.sbin/ctld/uclparse.c index 0652d2b4c684..caf4d25bb6df 100644 --- a/usr.sbin/ctld/uclparse.c +++ b/usr.sbin/ctld/uclparse.c @@ -39,6 +39,8 @@ #include #include #include +#include +#include #include "ctld.h" @@ -607,7 +609,70 @@ uclparse_portal_group(const char *name, const ucl_object_t *top) ucl_object_tostring_forced(tmp)); } } - } + + if (!strcmp(key, "dscp")) { + if ((obj->type != UCL_STRING) && (obj->type != UCL_INT)) { + log_warnx("\"dscp\" property of portal group " + "\"%s\" is not a string or integer", portal_group->pg_name); + return(1); + } + if (obj->type == UCL_INT) + portal_group->pg_dscp = ucl_object_toint(obj); + else { + key = ucl_object_tostring(obj); + if (strcmp(key, "0x") == 0) + portal_group->pg_dscp = strtol(key + 2, NULL, 16); + else if (strcmp(key, "be") || strcmp(key, "cs0")) + portal_group->pg_dscp = IPTOS_DSCP_CS0 >> 2; + else if (strcmp(key, "ef")) + portal_group->pg_dscp = IPTOS_DSCP_EF >> 2; + else if (strcmp(key, "cs0")) + portal_group->pg_dscp = IPTOS_DSCP_CS0 >> 2; + else if (strcmp(key, "cs1")) + portal_group->pg_dscp = IPTOS_DSCP_CS1 >> 2; + else if (strcmp(key, "cs2")) + portal_group->pg_dscp = IPTOS_DSCP_CS2 >> 2; + else if (strcmp(key, "cs3")) + portal_group->pg_dscp = IPTOS_DSCP_CS3 >> 2; + else if (strcmp(key, "cs4")) + portal_group->pg_dscp = IPTOS_DSCP_CS4 >> 2; + else if (strcmp(key, "cs5")) + portal_group->pg_dscp = IPTOS_DSCP_CS5 >> 2; + else if (strcmp(key, "cs6")) + portal_group->pg_dscp = IPTOS_DSCP_CS6 >> 2; + else if (strcmp(key, "cs7")) + portal_group->pg_dscp = IPTOS_DSCP_CS7 >> 2; + else if (strcmp(key, "af11")) + portal_group->pg_dscp = IPTOS_DSCP_AF11 >> 2; + else if (strcmp(key, "af12")) + portal_group->pg_dscp = IPTOS_DSCP_AF12 >> 2; + else if (strcmp(key, "af13")) + portal_group->pg_dscp = IPTOS_DSCP_AF13 >> 2; + else if (strcmp(key, "af21")) + portal_group->pg_dscp = IPTOS_DSCP_AF21 >> 2; + else if (strcmp(key, "af22")) + portal_group->pg_dscp = IPTOS_DSCP_AF22 >> 2; + else if (strcmp(key, "af23")) + portal_group->pg_dscp = IPTOS_DSCP_AF23 >> 2; + else if (strcmp(key, "af31")) + portal_group->pg_dscp = IPTOS_DSCP_AF31 >> 2; + else if (strcmp(key, "af32")) + portal_group->pg_dscp = IPTOS_DSCP_AF32 >> 2; + else if (strcmp(key, "af33")) + portal_group->pg_dscp = IPTOS_DSCP_AF33 >> 2; + else if (strcmp(key, "af41")) + portal_group->pg_dscp = IPTOS_DSCP_AF41 >> 2; + else if (strcmp(key, "af42")) + portal_group->pg_dscp = IPTOS_DSCP_AF42 >> 2; + else if (strcmp(key, "af43")) + portal_group->pg_dscp = IPTOS_DSCP_AF43 >> 2; + else { + log_warnx("\"dscp\" property value is not a supported textual value"); + return (1); + } + } + } + } return (0); }