[feat] Add IP pool multicast support

This work introduces multicast IP pool capabilities to support external
multicast traffic routing through the rack's switching infrastructure.

Includes:
  - Add IpPoolType enum (unicast/multicast) with unicast as default
  - Add multicast pool fields: switch_port_uplinks (UUID[]), mvlan (VLAN ID)
  - Add database migration (multicast-support/up01.sql) with new columns and indexes
  - Add ASM/SSM range validation for multicast pools to prevent mixing
  - Add pool type-aware resolution for IP allocation
  - Add custom deserializer for switch port uplinks with deduplication
  - Update external API params/views for multicast pool configuration
  - Add SSM constants (IPV4_SSM_SUBNET, IPV6_SSM_FLAG_FIELD) for validation

Database schema updates:
  - ip_pool table: pool_type, switch_port_uplinks, mvlan columns
  - Index on pool_type for efficient filtering
  - Migration preserves existing pools as unicast type by default

This provides the foundation for multicast group functionality while
maintaining full backward compatibility with existing unicast pools.

References (for review):
  - RFD 488: https://rfd.shared.oxide.computer/rfd/488
  - Dendrite PRs (based on recency):
    * oxidecomputer/dendrite#132
    * oxidecomputer/dendrite#109
    * oxidecomputer/dendrite#14

Author: zeeshanlakhani

Cargo.lock

@@ -436,7 +436,7 @@ digest = "0.10.7"
 dns-server = { path = "dns-server" }
 dns-server-api = { path = "dns-server-api" }
 dns-service-client = { path = "clients/dns-service-client" }
-dpd-client = { git = "https://github.com/oxidecomputer/dendrite", rev = "738c80d18d5e94eda367440ade7743e9d9f124de" }
+dpd-client = { git = "https://github.com/oxidecomputer/dendrite", rev = "6ba23e71121c196e1e3c4e0621ba7a6f046237c7" }
 dropshot = { version = "0.16.3", features = [ "usdt-probes" ] }
 dyn-clone = "1.0.20"
 either = "1.15.0"

Cargo.toml

@@ -22,6 +22,18 @@ pub const AZ_PREFIX: u8 = 48;
 pub const RACK_PREFIX: u8 = 56;
 pub const SLED_PREFIX: u8 = 64;
 
+// Multicast constants
+
+/// IPv4 Source-Specific Multicast (SSM) subnet as defined in RFC 4607:
+/// <https://tools.ietf.org/html/rfc4607>.
+pub const IPV4_SSM_SUBNET: oxnet::Ipv4Net =
+    oxnet::Ipv4Net::new_unchecked(Ipv4Addr::new(232, 0, 0, 0), 8);
+
+/// IPv6 Source-Specific Multicast (SSM) flag field value as defined in RFC 4607:
+/// <https://tools.ietf.org/html/rfc4607>.
+/// This is the flags nibble (high nibble of second byte) for FF3x::/32 addresses.
+pub const IPV6_SSM_FLAG_FIELD: u8 = 3;
+
 /// maximum possible value for a tcp or udp port
 pub const MAX_PORT: u16 = u16::MAX;
 

common/src/address.rs

@@ -5,15 +5,18 @@
 //! VLAN ID wrapper.
 
 use crate::api::external::Error;
+use schemars::JsonSchema;
 use serde::Deserialize;
+use serde::Serialize;
 use std::fmt;
 use std::str::FromStr;
 
 /// The maximum VLAN value (inclusive), as specified by IEEE 802.1Q.
 pub const VLAN_MAX: u16 = 4094;
 
 /// Wrapper around a VLAN ID, ensuring it is valid.
-#[derive(Debug, Deserialize, Clone, Copy)]
+#[derive(Debug, PartialEq, Serialize, Deserialize, Clone, Copy, JsonSchema)]
+#[serde(rename = "VlanId")]
 pub struct VlanID(u16);
 
 impl VlanID {
@@ -44,3 +47,20 @@ impl FromStr for VlanID {
         )
     }
 }
+
+impl From<VlanID> for u16 {
+    fn from(vlan_id: VlanID) -> u16 {
+        vlan_id.0
+    }
+}
+
+impl slog::Value for VlanID {
+    fn serialize(
+        &self,
+        _record: &slog::Record,
+        key: slog::Key,
+        serializer: &mut dyn slog::Serializer,
+    ) -> slog::Result {
+        serializer.emit_u16(key, self.0)
+    }
+}

common/src/vlan.rs

@@ -6,8 +6,8 @@ use end_to_end_tests::helpers::{
 use omicron_test_utils::dev::poll::{CondCheckError, wait_for_condition};
 use oxide_client::types::{
     ByteCount, DeviceAccessTokenRequest, DeviceAuthRequest, DeviceAuthVerify,
-    DiskCreate, DiskSource, IpPoolCreate, IpPoolLinkSilo, IpVersion, NameOrId,
-    SiloQuotasUpdate,
+    DiskCreate, DiskSource, IpPoolCreate, IpPoolLinkSilo, IpPoolType,
+    IpVersion, NameOrId, SiloQuotasUpdate,
 };
 use oxide_client::{
     ClientConsoleAuthExt, ClientDisksExt, ClientProjectsExt,
@@ -53,6 +53,9 @@ async fn run_test() -> Result<()> {
             name: pool_name.parse().unwrap(),
             description: "Default IP pool".to_string(),
             ip_version,
+            mvlan: None,
+            pool_type: IpPoolType::Unicast,
+            switch_port_uplinks: None,
         })
         .send()
         .await?;

end-to-end-tests/src/bin/bootstrap.rs

@@ -7,8 +7,8 @@ use oxide_client::{
     ClientSystemHardwareExt, ClientSystemIpPoolsExt, ClientSystemStatusExt,
     ClientVpcsExt,
     types::{
-        IpPoolCreate, IpPoolLinkSilo, IpRange, IpVersion, Name, NameOrId,
-        PingStatus, ProbeCreate, ProbeInfo, ProjectCreate,
+        IpPoolCreate, IpPoolLinkSilo, IpPoolType, IpRange, IpVersion, Name,
+        NameOrId, PingStatus, ProbeCreate, ProbeInfo, ProjectCreate,
         UsernamePasswordCredentials,
     },
 };
@@ -295,6 +295,9 @@ async fn rack_prepare(
                         name: pool_name.parse().unwrap(),
                         description: "Default IP pool".to_string(),
                         ip_version,
+                        mvlan: None,
+                        pool_type: IpPoolType::Unicast,
+                        switch_port_uplinks: None,
                     })
                     .send()
                     .await?;

end-to-end-tests/src/bin/commtest.rs

@@ -8,6 +8,7 @@ use diesel::pg::Pg;
 use diesel::serialize::{self, ToSql};
 use diesel::sql_types;
 use omicron_common::api::external;
+use schemars::JsonSchema;
 use serde::{Deserialize, Serialize};
 use std::convert::TryFrom;
 
@@ -23,6 +24,7 @@ use std::convert::TryFrom;
     FromSqlRow,
     Serialize,
     Deserialize,
+    JsonSchema,
 )]
 #[diesel(sql_type = sql_types::BigInt)]
 #[repr(transparent)]