We decided to rename BORDER_ROUTING_NAT64 to NAT64_BORDER_ROUTING so
the flag won't be confusing since we have NAT64_TRANSLATOR which does
not depends on the border routing manager.
This commit simplifies the helper functions that convert between
link margin, link quality and RSS (replacing the `static` methods
in `LinkQualityInfo`).
This commit:
- implements the core logic for translating packets for NAT64,
including the public APIs exposed to platform daemons.
- includes changes for POSIX platform, use `OT_POSIX_NAT64_CIDR`,
`OPENTHREAD_POSIX_CONFIG_NAT64_CIDR` for setting the CIDR for NAT64
during build time.
- exposes `otNat64Send(otInstance *aInstance, otMessage *aMessage)`
and `void otNat64SetReceiveIp4Callback(otInstance *aInstance,
otNat64ReceiveIp4Callback aCallback, void *aContext)`.
This commit fetches the NAT64 prefix on infrastructure interface and
advertise it to Network Data at medium preference.
- Use `getaddrinfo_a()` function to asynchronously lookup the ipv6
address of the special domain `ipv4only.arpa`. The infrastructure
NAT64 prefix is extracted from the domain answer.
- `mInfraIfNat64PrefixStaleTimer` is scheduled to monitor the presence
and change of infrastructure NAT64 prefix.
- `EvaluateNat64Prefix` evaluates whether to advertise the
infrastructure prefix or the local ULA prefix or neither. When there
is a new infrastructure prefix, it will withdraw the legacy one and
add the new one. When the infrastructure prefix no longer exists, it
will withdraw the legacy one and add the local ULA prefix. When the
infrastructure prefix presents again, it will add the infrastructure
prefix and withdraw the local ULA prefix.
New tests are added to test the scenarios when infrastructure NAT64
prefix exists. `DNS64` on OTBR is turned on to enable `bind9` with
NAT64 prefix on infrastructure interface for these tests. `bind9` is
explicitly turned off when testing local ULA prefix. Since bind9 is
conflict with other components like dnssd, all nat64 tests are moved
under /nat64 directory and configured separately.
The case that two or more BRs have same infrastructure NAT64 prefix is
not covered by this commit and will be followed up later.
There is no hard dependency in the Thread specification which requires
the use of deterministic signatures. On the contrary, looking at the
tinycrypt implementation, that one issues randomized ECDSA signatures
and seems to be quite happy with that.
This change does not change the default behaviour, which is to use
deterministic ECDSA when using the default MbedTLS backend. It does
however make it possible for platforms which have qualified hardware
entropy to select 'plain' ECDSA instead, which gives both a performance
and code size improvement on those platforms.
This commit enables a different mbedtls library to be used for RCP
builds. This will make it possible to use a PSA Crypto mbedtls library
for FTD/MTD images while using a non-PSA crypto library on RCPs.
This commit adds `OT_THREAD_VERSION_1_3` constant (equal to `4`)
and change=s the `OPENTHREAD_CONFIG_THREAD_VERSION` default value
to be the 1.3 version number.
It also updates the build switch option (Cmake and autoconf)
to support 1.3 and use 1.3 as default version value (when not
explicitly specified).
This commit makes the core pass the sensitive keys to the platform
settings initialization, so that the platform settings implementation
can know which keys are sensitive keys during the initializing and do
the migration when needed.
This commit implements new logging model in OpenThread. Each core
module can specify its own module name using `RegisterLogModule()`.
The registered log module name is then included in the all the log
messages emitted from the specific file. This model replaces and
enhances the log region model.
Thread Conformance document requires a Link Metrics Subject to
support at least one Link Metrics series (forward or enhanced ACK)
per connected SED.
Make sure this is the default configuration.
This commit implements the new TREL model which uses DNS-SD to
discover TREL peers on the network. This implementation replaces the
previous model which relied on link-local multicast.
This commit adds a new set of `otPlatTrel` APIs and callbacks that are
then used by an updated `Trel::Interface` implementation. The
`Trel::Interface` maintains a TREL peer table which is populated from
DNS-SD discovered services. A device supporting TREL registers a new
service to be advertised using DNS-SD with the service name
`_trel._udp`. It also initiates an ongoing DNS-SD browse for the same
service name within the local browsing domain to discover other
devices supporting TREL. `Trel::Interface` encapsulates and send
unicast frames as a unicast UDP message between TREL peers. Broadcast
frames are sent as a group of UDP unicast transmission to a sub-set
of TREL peers.
This commit also adds a new set of public APIs for TREL along with
support for them in CLI:
- APIs for enabling/disabling of TREL operation at run-time.
- Filter mode API which when enabled temporarily drops all the traffic
on the TREL interface (is mainly intended for testing).
- APIs to get the TREL peer table entries.
This commit adds an implementation of the new `otPlatTrel` APIs under
`simulation` platform. This is used for testing. This implementation
emulates a simplified version of DNS-SD mechanism.
A basic implementation of the `otPlatTrel` is also provided under
`posix` platform. However certain functions are tied to mDNS or
DNS-SD library being used on a device and need to be implemented per
project/platform. A set of weak empty functions `trelDnssd{}` are
defined (along with a description of the their expected behavior)
which can be overridden during project/platform integration.
This commit generates a random NAT64 prefix and adds the prefix to
NetworkData if none exits. The prefix will be saved in Settings for
recovery.
It also adds a new CLI command `br nat64prefix` to show the local
nat64 prefix.
A new config OPENTHREAD_CONFIG_BORDER_ROUTING_NAT64_ENABLE is defined
and used to guard the change.
This initial implementation only supports a single BR.
This commit adds support for DNS Stateful Operations (DSO) as
specified in RFC 8490.
It adds `platform/dso_transport.hpp` header file which defines the
platform APIs/callbacks for DSO transport layer (e.g., DSN-over-TLS
or DNS-over-TCP).
The `Dso` module handles establishing connection with a peer, acting
either as a DSO client or server, establishing a DSO session over a
connection, and then sending and processing DSO request, response,
and unidirectional messages (including support for DSO TLV formats).
The `Dso` module also manages the session life cycle and timeouts,
namely the "Inactivity" and "Keep Alive" timeouts (including sending
and processing of Keep Alive messages when needed). It also handles
adding encryption padding before sending a message. It implements the
padding policy "Random-Block-Length Padding" from RFC 8467.
This commit also adds a detailed unit test `test_dso` covering the
behavior (including corner cases) of the `Dso` implementation. The
unit test provides an implementation of the DSO platform APIs which
emulate the DSO transport layer. It also includes a simplified alarm
platform implementation (emulating timers and allowing time to
advance in the unit test). These allow the unit test to cover more
complicated situations and behaviors (timeouts, failures, etc).
This commit adds two simulation tests to verify that SRP clients can
register 500 services to one SRP server:
- Virtual time simulation test with one SRP server and 25 SRP clients,
each client registering 20 SRP services.
- OTBR simulation test same as above, but run SRP server on OTBR
(Docker).
This commit updates and simplifies the `alarm` platform implementation
under simulation by adding new functions to determine whether a timer
is expired and calculate the remaining time. The new code does not
use casting a `uint32_t` value to an `int32_t` (since its behavior is
toolchain/compiler dependent and it is not defined by the C++
standard).
Background:
In an early stage of developing a new product, developers may want to
verify the Thread related hardware functionality, for example, send,
receive, etc. However if the product uses the posix <-> RCP mode,
it's hard to verify it before the posix daemon can run on the
host. cli-ftd and cli-mtd could be an alternative. However, if the
product uses the posix <-> RCP mode, the space of the 802.15.4 radio
chip will be very small. For example, nRF52811 doesn't have enough
space to flash cli-ftd or cli-mtd firmware. So this PR creates a new
firmware ot-cli-radio which has very limited functionality for
verifying the hardware.
Basically, the ot-cli-radio consists of openthread-radio and
libopenthread-cli-radio.a. It supports very few cli commands. The most
important command is diag. Currently, there are: diag, help, reset,
version.
Currently, the diag commands have different implementation on RCP:
- For commands like diag start, the process function
(Diags::ProcessStart) is first called on host. Then host sends an
SPI frame to the RCP and Diags::ProcessStart (different
implementation) is called again on RCP.
- For commands like diag send, Diags::ProcessSend is first called on
host. Then host sends an SPI frame to the RCP, directly calling
send API. And there is no Diags::ProcessSend implemented on RCP.
Let's call the implementation of Diags::Process* currently on host as
native diag commands. When we run ot-cli-radio, we should use the
native diag commands because it won't interact with a posix daemon and
it processes the diag commands through the whole process. So this PR
adds a new option OPENTHREAD_CONFIG_DIAG_NATIVE_CMDS_ON_RCP to control
whether to use the native diag implementation on RCP. When we use a
normal RCP, the option should be disabled. While when use
ot-cli-radio, the option should be enabled.
This commit adds a new class `AnycastLocator` which can be used to
locate the closest destination of an anycast IPv6 address (i.e., find
the related mesh local EID and RLOC16). The closest destination is
determined based on the the current routing table and path costs
within the Thread mesh.
The implementation uses a CoAP confirmable post request to a newly
added URI path ("a/yl"). The destination IPv6 address of such as
request message is set to the anycast address to be located. The
receiver of the request message sends a CoAP response which includes
the "Mesh Local EID" and "Thread RLOC16" TLVs.
This commit also adds support this new feature in CLI (adding a new
`locate <anycast-addr>` command).
Finally this commit adds `test_anycast_locator.py` to test behavior of
the new feature.
This commit disallows concurrent commands.
With this commit, the CLI only execute a new command after it complete
the previous command. CLI can also prompt properly after the command
execution is done.
Other fixes and enhancements:
- Fixes premature command prompt
- Add ping async command for ping in async mode: output Done
immediately but print ping responses later on.
- Fixes networkdiagnostic get outputs multiple Done by always waiting
for 5 seconds.
- New format for MAC keys, as a union between literal key and keyrefs.
- Modified key_manager to handle both literal keys or keyrefs.
- Modified MAC and sub_mac modules to handle both Literal Keys or keyrefs.
- Updated Crypto Modules to use abstracted APIs.
- New CLIs to handle networkkey and pskc references.
This commit adds a new module `Uptime` which tracks the number of
milliseconds since OpenThread stack initialization as an `uint64_t`
value. It also adds public OT APIs to get the current uptime value
(either as the number of milliseconds or in human-readable string
format like "2 days 12:45:12.762"). A CLI `uptime` command is also
added. This feature can be enabled using the newly added config
option `OPENTHREAD_CONFIG_UPTIME_ENABLE` (or the related CMake
`OT_UPTIME` option).
This commit simplifies USB connection handling after resetting (hard reset)
RCP device with USB transport.
It drops udev dependency making the new approach generic for USB CDC ACM
across all platform.
It is working also on dockers.
The feature is enabled by new radio Url parameter: 'uart-reset'.
Radio url example:
spinel+hdlc+uart:///dev/serial/by-id/SYMLINK_TO_RCP_DEVICE?uart-reset
It is meant only for connection with RCP devices working with USB
transport and performing hard reset on host reset command.
This commit updates `platformAlarmGetNext()` in `alarm-sim` in
virtual-time simulation platform to return the remaining duration
to the next alarm as `uint64_t` (in microseconds). This fixes the
issue with potential overflow in calculating the next alarm time.
This commit adds History Tracker feature and its CLI support. This
feature records history of different events as the Thread network
operates (e.g., history of RX and TX IPv6 messages or network info
changes).
Recorded entries are timestamped. When the history list is read, the
timestamps are given as the entry age relative to the time the list
is being read. For example in CLI a timestamp can be shown as
`02:31:50.628 ago` indicating the entry was recorded 2 hours, 31 min,
50 sec, and 628 msec ago. Number of days is added for events that are
older than 24 hours, e.g., `31 days 03:00:23.931 ago`. Timestamps use
millisecond accuracy and are tacked up to 49 days. If an event is
older than 49 days, the entry is still tracked in the list but the
timestamp is shown as old or `more than 49 days ago`.
The `HistoryTracker` currently maintains 3 lists. The Network Info
history tracks changes to Device Role, Mode, RLOC16 and Partition ID.
The RX/TX history list records information about the received/sent
IPv6 messages:
- Message type (UDP, TCP, ICMP6 (and its subtype), etc.)
- Source and destination IPv6 addresses and port numbers
- IPv6 payload length
- The message checksum (for UDP, TCP, or ICMP6).
- Whether or not the link-layer security was used
- Message priority: low, norm, high, net (for control messages)
- Short address (RLOC16) of neighbor who send/received the msg
- Received Signal Strength (in dBm) for RX only
- Radio link info (15.4/TREL) on which msg was sent/received
(useful when `OPENTHREAD_CONFIG_MULTI_RADIO` is enabled)
Config `HISTORY_TRACKER_EXCLUDE_THREAD_CONTROL_MESSAGES` can be used
to configure `HistoryTracker` to exclude Thread Control message
(e.g., MLE, TMF) from TX and RX history.
The number of entries recorded for each history list is configurable
through a set of OpenThread config options, e.g., number of entries
in Network Info history list is specified by OpenThread config option
`OPENTHREAD_CONFIG_HISTORY_TRACKER_NET_INFO_LIST_SIZE`. The
`HistoryTracker` will keep the most recent entries overwriting oldest
ones when the list gets full.
This commit also adds support for `HistoryTracker` in CLI. The CLI
commands provide two style for printing the history information: A
table format (more human-readable) and list style (better suited for
parsing by machine/code). `README_HISTORY.md` is added to document
the commands and the info provided by each history list entry.
This commit also adds `test_history_tracker.py` test-case which
covers the behavior of `HistoryTracker`.
This commit implements a new feature "Network Data Publisher" which
provides mechanisms to limit the number of similar entries (service
and/or prefix) in the Thread Network Data by monitoring the Network
Data and managing if or when to add or remove entries. This feature is
enabled using `OPENTHREAD_CONFIG_NETDATA_PUBLISHER_ENABLE` config, or
`NETDATA_PUBLISHER` in autoconf, or `OT_NETDATA_PUBLISHER` cmake
option.
This commit adds support for publishing DNS/SRP anycast/unicast
service, on-mesh prefix, and external route prefix entries.
When there is a request to publish an entry, the `Publisher` monitors
the Network Data and counts the number of similar entries. If there
are fewer entries than a desired target number, the entry is added
after a short random delay.
If there are too many similar entries, `Publisher` starts the process
of removing its own entry (again after some random wait time). When
removing entries, certain entries are preferred over others (e.g., an
entry from a router over one from an end-device or if they are from
the same type of node, the one with smaller RLOC16). If `Publisher`
determines that its own entry is a preferred one, it adds an extra
wait time before removing its entry. This gives higher chance for a
non-preferred entry from another device to be removed before removing
a preferred entry which helps towards quicker convergence of the
process to the desired number of entries.
On-mesh prefix and external route entries have a "preference" field.
When publishing such an entry, a matching entry in the network data is
counted only if its preference is same or higher than the entry's
preference. This ensures that a device with a higher preference entry
publishes its entry even when there are many lower preference similar
entries in the network data (potentially causing a lower preference
entry to be removed).
This commit also adds `test_netdata_publisher.py` to verify the
behavior of the `Publisher`.
When a platform provides `OT_RADIO_CAPS_TRANSMIT_SEC` capability,
it updates the frame header with the dynamic data (frame counter,
key id...) and returns it back to MAC together with the transmission
result.
So far the `mIsARetx` flag was being used to instruct the radio
whether to update the header or not, but there was no mean to know
if the radio was able to do so.
This commit introduces the `mIsHeaderUpdated` flag which is used in
both directions, so the MAC layer can react to cases in which the
frame header was not properly updated by the radio platform.
The usage of mIsARetx remains restricted now to two cases:
- When a SSED decides to re-synchronize CSL parameters after a
retransmission.
- To check if sequence number was set for CSL/indirect retransmissions.
Zhanglong Xia