OpenWRT

Turris Omnia

To download our OpenWRT firmware for the Turris Omnia click here and follow the procedure described here

Then, the proxy can be launched by using the command "proxy", follow the configuration section for the configuration.

Other OpenWRT device

If you want to use SRv6Pipes on another OpenWRT-compatible device, you can compile your own firmware by using our modified version that contains our patches :

https://github.com/segment-routing/OpenWRT-SRv6Pipes

Linux

Needed files

To use SRv6Pipes you need the following files:

• Download and install our modified kernel or apply the patchset to your own kernel.
• Download and install our modified iproute2 or the patchset to your iproute2.
• Download the proxy.

Proxy compilation

Compile the proxy using the command

make

Compile de modules by going into the modules/ directory and typing

./build

Proxy configuration

Enter the following commands as root:

ip link add nfv0 type dummy
ifconfig nfv0 up
ip6tables -t mangle -N DIVERT
ip6tables -t mangle -A DIVERT -j MARK --set-mark 1
ip6tables -t mangle -A DIVERT -j ACCEPT
ip6tables -t mangle -A PREROUTING -d fc00::/64 -p tcp --syn -j NFQUEUE --queue-num 0
ip6tables -t mangle -A PREROUTING -i nfv0 -p tcp -j TPROXY --tproxy-mark 0x1/0x1 --on-port 12345
ip6tables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT
ip -6 rule add fwmark 1 table 100
ip -6 route add local ::/0 dev lo table 100
ip -6 route add fc00::/64 encap seg6local action End.VNF oif nfv0 dev eth0
sysctl net.ipv6.conf.nfv0.seg6_enabled=1
sysctl net.ipv6.conf.all.forwarding=1

Where fc00::/64 is the range you want to attach to your proxy and 12345 is the port of the proxy.

Running the proxy

To run the proxy, enter the following command as root:

./proxy 12345 0 1

Where 12345 is the port of the proxy used in the iproute configuration and 1 the number of threads to use for the proxy.

Testing the proxy

Note: don't forget to activate SRv6 on bot the client and the server using "sysctl net.ipv6.conf.IFACE.seg6_enabled=1".

You can now try the proxy with the client provided

./setsockopt_tlv <bindaddr> <dst> <port> <segment>

Where:
bindaddr is the client's IPv6
dst is the IPv6 address of the server
port is the port of the server (NOT the port of the proxy)
segment is the address (format RANGE::FUNC:PARA:MMMS) of the proxy
This client will establish a TCP connection to dst:port and write "Hello with Segment Routing :)", you can listen with a simple netcat command :

nc -6 -l -p <port> -v

Creating your own module

By default, 2 modules are loaded:

• XOR : applies 2 XOR to the payload (no visible modification). Function code : AAAA.
• leet : transform your text into l33t sp33ch. Function code : AAAB.

If you want to create your own module:

• See example.c in the proxy/modules directory
• Compile your module using gcc -shared -o example.so -I../ -fPIC example.c
• In proxy.c add loadmodule("example"); in the main function, after/in place of the existing modules.