wip desc-lookup

daemon/internal/servers/grpc.go

@@ -657,3 +657,20 @@ func requestToHostHostMeta(req *sdpb.DRKeyHostHostRequest) (drkey.HostHostMeta,
  DstHost: req.DstHost,
  }, nil
 }
+
+func (s *DaemonServer) RemotePolicyDescription(ctx context.Context,
+ request *experimental.RemotePolicyDescriptionRequest) (
+ *experimental.RemotePolicyDescriptionResponse, error) {
+ conn, err := s.Dialer.Dial(ctx, &snet.SVCAddr{SVC: addr.SvcCS})
+ if err != nil {
+ log.FromCtx(ctx).Debug("Dialing CS failed", "err", err)
+ }
+ defer conn.Close()
+ client := experimental.NewFABRIDIntraServiceClient(conn)
+ response, err := client.RemotePolicyDescription(ctx, request)
+ if err != nil {
+ return &experimental.RemotePolicyDescriptionResponse{}, err
+ }
+
+ return response, nil
+}

pkg/daemon/BUILD.bazel

@@ -21,6 +21,7 @@ go_library(
  "//pkg/private/ctrl/path_mgmt:go_default_library",
  "//pkg/private/prom:go_default_library",
  "//pkg/private/serrors:go_default_library",
+ "//pkg/proto/control_plane/experimental:go_default_library",
  "//pkg/proto/daemon:go_default_library",
  "//pkg/proto/drkey:go_default_library",
  "//pkg/scrypto/cppki:go_default_library",

pkg/daemon/daemon.go

@@ -18,6 +18,7 @@ package daemon
 
 import (
  "context"
+ "github.com/scionproto/scion/pkg/proto/control_plane/experimental"
  "net/netip"
 
  "github.com/scionproto/scion/pkg/addr"
@@ -90,6 +91,7 @@ type Connector interface {
  DRKeyGetHostHostKey(ctx context.Context, meta drkey.HostHostMeta) (drkey.HostHostKey, error)
  // FabridKeys requests FABRID DRKeys for all provided ASes and the path validation key
  FabridKeys(ctx context.Context, meta drkey.FabridKeysMeta) (drkey.FabridKeysResponse, error)
+ RemotePolicyDescription(context.Context, *experimental.RemotePolicyDescriptionRequest) (*experimental.RemotePolicyDescriptionResponse, error)
  // Close shuts down the connection to the daemon.
  Close() error
 }

pkg/daemon/grpc.go

@@ -24,13 +24,15 @@ import (
  "google.golang.org/protobuf/types/known/emptypb"
  "google.golang.org/protobuf/types/known/timestamppb"
 
+ fabrid_control "github.com/scionproto/scion/control/fabrid"
  "github.com/scionproto/scion/pkg/addr"
  "github.com/scionproto/scion/pkg/drkey"
  "github.com/scionproto/scion/pkg/experimental/fabrid"
  libgrpc "github.com/scionproto/scion/pkg/grpc"
  "github.com/scionproto/scion/pkg/private/common"
  "github.com/scionproto/scion/pkg/private/ctrl/path_mgmt"
  "github.com/scionproto/scion/pkg/private/serrors"
+ cppb "github.com/scionproto/scion/pkg/proto/control_plane/experimental"
  sdpb "github.com/scionproto/scion/pkg/proto/daemon"
  dkpb "github.com/scionproto/scion/pkg/proto/drkey"
  "github.com/scionproto/scion/pkg/scrypto/cppki"
@@ -277,6 +279,20 @@ func (c grpcConn) FabridKeys(ctx context.Context, meta drkey.FabridKeysMeta,
  }, nil
 }
 
+func (c grpcConn) RemotePolicyDescription(ctx context.Context,
+ identifier fabrid_control.RemotePolicyIdentifier) (fabrid_control.RemotePolicyDescription, error) {
+
+ client := sdpb.NewDaemonServiceClient(c.conn)
+ response, err := client.RemotePolicyDescription(ctx, &cppb.RemotePolicyDescriptionRequest{
+ PolicyIdentifier: identifier.Identifier,
+ IsdAs: identifier.ISDAS,
+ })
+ if err != nil {
+ return fabrid_control.RemotePolicyDescription{}, err
+ }
+ return fabrid_control.RemotePolicyDescription{Description: }, err
+}
+
 func (c grpcConn) Close() error {
  return c.conn.Close()
 }

proto/daemon/v1/daemon.proto

@@ -22,6 +22,7 @@ import "google/protobuf/timestamp.proto";
 import "google/protobuf/duration.proto";
 import "google/protobuf/empty.proto";
 import "proto/drkey/v1/drkey.proto";
+import "proto/control_plane/experimental/v1/fabrid.proto";
 import "proto/control_plane/experimental/v1/fabrid_extensions.proto";
 
 service DaemonService {
@@ -47,6 +48,11 @@ service DaemonService {
  rpc DRKeyHostHost (DRKeyHostHostRequest) returns (DRKeyHostHostResponse) {}
  // FabridKeys returns the DRKeys for FABRID
  rpc FabridKeys (FabridKeysRequest) returns (FabridKeysResponse) {}
+ // Used by a host inside the AS to request a policy description for another AS. The control
+ // service will request the policy description from the remote AS if it is unknown to the
+ // control service.
+ rpc RemotePolicyDescription(proto.control_plane.experimental.v1.RemotePolicyDescriptionRequest) returns
+ (proto.control_plane.experimental.v1.RemotePolicyDescriptionResponse) {}
 }
 
 message PathsRequest {

scion/cmd/scion/fabrid.go

@@ -0,0 +1,150 @@
+// Copyright 2020 Anapaya Systems
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package main
+
+import (
+ "context"
+ "fmt"
+ "net"
+ "time"
+
+ "github.com/scionproto/scion/pkg/addr"
+ "github.com/scionproto/scion/pkg/log"
+ "github.com/scionproto/scion/pkg/private/serrors"
+ "github.com/scionproto/scion/private/app"
+ "github.com/scionproto/scion/private/app/flag"
+ "github.com/scionproto/scion/private/tracing"
+ "github.com/scionproto/scion/scion/fabrid"
+ "github.com/spf13/cobra"
+)
+
+func newFabrid(pather CommandPather) *cobra.Command {
+ var envFlags flag.SCIONEnvironment
+ var flags struct {
+ timeout time.Duration
+ cfg fabrid.Config
+ extended bool
+ json bool
+ logLevel string
+ noColor bool
+ tracer string
+ format string
+ }
+
+ var cmd = &cobra.Command{
+ Use: "fabrid",
+ Short: "Display FABRID policy information",
+ Args: cobra.ExactArgs(1),
+ Example: fmt.Sprintf(` %[1]s showpaths 1-ff00:0:110 --extended
+ %[1]s showpaths 1-ff00:0:110 --local 127.0.0.55 --json
+ %[1]s showpaths 1-ff00:0:111 --sequence="0-0#2 0*" # outgoing IfID=2
+ %[1]s showpaths 1-ff00:0:111 --sequence="0* 0-0#41" # incoming IfID=41 at dstIA
+ %[1]s showpaths 1-ff00:0:111 --sequence="0* 1-ff00:0:112 0*" # 1-ff00:0:112 on the path
+ %[1]s showpaths 1-ff00:0:110 --no-probe`, pather.CommandPath()),
+ Long: `'fabrid' lists available policies at a remote AS, or shows the
+description of a specific policy.`,
+ RunE: func(cmd *cobra.Command, args []string) error {
+ dst, err := addr.ParseIA(args[0])
+ if err != nil {
+ return serrors.WrapStr("invalid destination ISD-AS", err)
+ }
+ if err := app.SetupLog(flags.logLevel); err != nil {
+ return serrors.WrapStr("setting up logging", err)
+ }
+ closer, err := setupTracer("fabrid", flags.tracer)
+ if err != nil {
+ return serrors.WrapStr("setting up tracing", err)
+ }
+ defer closer()
+
+ if flags.json && !cmd.Flags().Lookup("format").Changed {
+ flags.format = "json"
+ }
+ printf, err := getPrintf(flags.format, cmd.OutOrStdout())
+ if err != nil {
+ return serrors.WrapStr("get formatting", err)
+ }
+
+ cmd.SilenceUsage = true
+
+ if err := envFlags.LoadExternalVars(); err != nil {
+ return err
+ }
+
+ flags.cfg.Daemon = envFlags.Daemon()
+ flags.cfg.Local = net.IP(envFlags.Local().AsSlice())
+ log.Debug("Resolved SCION environment flags",
+ "daemon", flags.cfg.Daemon,
+ "local", flags.cfg.Local,
+ )
+
+ span, traceCtx := tracing.CtxWith(context.Background(), "run")
+ span.SetTag("dst.isd_as", dst)
+ defer span.Finish()
+
+ ctx, cancel := context.WithTimeout(traceCtx, flags.timeout)
+ defer cancel()
+ res, err := fabrid.Run(ctx, dst, flags.cfg)
+ if err != nil {
+ return err
+ }
+
+ switch flags.format {
+ case "human":
+ if res.IsLocal() {
+ printf("Empty path, destination is local AS %s\n", res.Destination)
+ return nil
+ }
+ printf("Available policies at %s\n", res.Destination)
+ if len(res.Paths) == 0 {
+ return app.WithExitCode(serrors.New("no policies found"), 1)
+ }
+ res.Human(cmd.OutOrStdout(), flags.extended, !flags.noColor)
+ case "json":
+ return serrors.New("Not implemented", "format", flags.format)
+ case "yaml":
+ return serrors.New("Not implemented", "format", flags.format)
+ default:
+ return serrors.New("output format not supported", "format", flags.format)
+ }
+ return nil
+ },
+ }
+
+ envFlags.Register(cmd.Flags())
+ cmd.Flags().DurationVar(&flags.timeout, "timeout", 5*time.Second, "Timeout")
+ cmd.Flags().StringVar(&flags.cfg.Sequence, "sequence", "", app.SequenceUsage)
+ cmd.Flags().IntVarP(&flags.cfg.MaxPaths, "maxpaths", "m", 10,
+ "Maximum number of paths that are displayed")
+ cmd.Flags().BoolVarP(&flags.extended, "extended", "e", false,
+ "Show extended path meta data information")
+ cmd.Flags().BoolVarP(&flags.cfg.Refresh, "refresh", "r", false,
+ "Set refresh flag for SCION Daemon path request")
+ cmd.Flags().BoolVar(&flags.cfg.NoProbe, "no-probe", false,
+ "Do not probe the paths and print the health status")
+ cmd.Flags().BoolVarP(&flags.json, "json", "j", false,
+ "Write the output as machine readable json")
+ cmd.Flags().StringVar(&flags.format, "format", "human",
+ "Specify the output format (human|json|yaml)")
+ cmd.Flags().BoolVar(&flags.noColor, "no-color", false, "disable colored output")
+ cmd.Flags().StringVar(&flags.logLevel, "log.level", "", app.LogLevelUsage)
+ cmd.Flags().StringVar(&flags.tracer, "tracing.agent", "", "Tracing agent address")
+ cmd.Flags().BoolVar(&flags.cfg.Epic, "epic", false, "Enable EPIC.")
+ err := cmd.Flags().MarkDeprecated("json", "json flag is deprecated, use format flag")
+ if err != nil {
+ panic(err)
+ }
+ return cmd
+}

scion/fabrid/BUILD.bazel

@@ -0,0 +1,21 @@
+load("//tools/lint:go.bzl", "go_library")
+
+go_library(
+ name = "go_default_library",
+ srcs = [
+ "config.go",
+ "showpaths.go",
+ ],
+ importpath = "github.com/scionproto/scion/scion/fabrid",
+ visibility = ["//visibility:public"],
+ deps = [
+ "//pkg/addr:go_default_library",
+ "//pkg/daemon:go_default_library",
+ "//pkg/private/common:go_default_library",
+ "//pkg/private/serrors:go_default_library",
+ "//pkg/snet:go_default_library",
+ "//private/app/path:go_default_library",
+ "//private/app/path/pathprobe:go_default_library",
+ "//private/path/pathpol:go_default_library",
+ ],
+)

scion/fabrid/config.go

@@ -0,0 +1,44 @@
+// Copyright 2020 Anapaya Systems
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package fabrid
+
+import (
+ "net"
+)
+
+// DefaultMaxPaths is the maximum number of paths that are displayed by default.
+const DefaultMaxPaths = 10
+
+// Config configures the showpath run.
+type Config struct {
+ // Local configures the local IP address to use. If this option is not provided,
+ // a local IP that can reach SCION hosts is selected with the help of the kernel.
+ Local net.IP
+ // Daemon configures a specific SCION Daemon address.
+ Daemon string
+ // MaxPaths configures the maximum number of displayed paths. If this option is
+ // not provided, the DefaultMaxPaths is used.
+ MaxPaths int
+ // Refresh configures whether the daemon is queried with the refresh flag.
+ Refresh bool
+ // NoProbe configures whether the path status is probed or not.
+ NoProbe bool
+ // Sequence is a string of space separated Hop Predicates that is used for
+ // filtering.
+ Sequence string
+ // Epic filters paths for which EPIC is not available, and when probing, the
+ // EPIC path type header is used.
+ Epic bool
+}