1. 14 6月, 2013 1 次提交
  2. 11 6月, 2013 2 次提交
  3. 29 4月, 2013 2 次提交
  4. 20 4月, 2013 1 次提交
    • P
      net: vlan: add 802.1ad support · 8ad227ff
      Patrick McHardy 提交于
      Add support for 802.1ad VLAN devices. This mainly consists of checking for
      ETH_P_8021AD in addition to ETH_P_8021Q in a couple of places and check
      offloading capabilities based on the used protocol.
      
      Configuration is done using "ip link":
      
      # ip link add link eth0 eth0.1000 \
      	type vlan proto 802.1ad id 1000
      # ip link add link eth0.1000 eth0.1000.1000 \
      	type vlan proto 802.1q id 1000
      
      52:54:00:12:34:56 > 92:b1:54:28:e4:8c, ethertype 802.1Q (0x8100), length 106: vlan 1000, p 0, ethertype 802.1Q, vlan 1000, p 0, ethertype IPv4, (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 84)
          20.1.0.2 > 20.1.0.1: ICMP echo request, id 3003, seq 8, length 64
      92:b1:54:28:e4:8c > 52:54:00:12:34:56, ethertype 802.1Q-QinQ (0x88a8), length 106: vlan 1000, p 0, ethertype 802.1Q, vlan 1000, p 0, ethertype IPv4, (tos 0x0, ttl 64, id 47944, offset 0, flags [none], proto ICMP (1), length 84)
          20.1.0.1 > 20.1.0.2: ICMP echo reply, id 3003, seq 8, length 64
      Signed-off-by: NPatrick McHardy <kaber@trash.net>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      8ad227ff
  5. 17 4月, 2013 1 次提交
  6. 09 4月, 2013 1 次提交
    • D
      net: ipv6: add tokenized interface identifier support · f53adae4
      Daniel Borkmann 提交于
      This patch adds support for IPv6 tokenized IIDs, that allow
      for administrators to assign well-known host-part addresses
      to nodes whilst still obtaining global network prefix from
      Router Advertisements. It is currently in draft status.
      
        The primary target for such support is server platforms
        where addresses are usually manually configured, rather
        than using DHCPv6 or SLAAC. By using tokenised identifiers,
        hosts can still determine their network prefix by use of
        SLAAC, but more readily be automatically renumbered should
        their network prefix change. [...]
      
        The disadvantage with static addresses is that they are
        likely to require manual editing should the network prefix
        in use change.  If instead there were a method to only
        manually configure the static identifier part of the IPv6
        address, then the address could be automatically updated
        when a new prefix was introduced, as described in [RFC4192]
        for example.  In such cases a DNS server might be
        configured with such a tokenised interface identifier of
        ::53, and SLAAC would use the token in constructing the
        interface address, using the advertised prefix. [...]
      
        http://tools.ietf.org/html/draft-chown-6man-tokenised-ipv6-identifiers-02
      
      The implementation is partially based on top of Mark K.
      Thompson's proof of concept. However, it uses the Netlink
      interface for configuration resp. data retrival, so that
      it can be easily extended in future. Successfully tested
      by myself.
      
      Cc: Hannes Frederic Sowa <hannes@stressinduktion.org>
      Cc: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
      Cc: Thomas Graf <tgraf@suug.ch>
      Signed-off-by: NDaniel Borkmann <dborkman@redhat.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      f53adae4
  7. 29 12月, 2012 1 次提交
  8. 06 12月, 2012 1 次提交
    • D
      bridge: implement multicast fast leave · c2d3babf
      David S. Miller 提交于
      V3: make it a flag
      V2: make the toggle per-port
      
      Fast leave allows bridge to immediately stops the multicast
      traffic on the port receives IGMP Leave when IGMP snooping is enabled,
      no timeouts are observed.
      
      Cc: Herbert Xu <herbert@gondor.apana.org.au>
      Cc: Stephen Hemminger <shemminger@vyatta.com>
      Cc: "David S. Miller" <davem@davemloft.net>
      Signed-off-by: NCong Wang <amwang@redhat.com>
      c2d3babf
  9. 21 11月, 2012 1 次提交
    • D
      add DOVE extensions for VXLAN · e4f67add
      David Stevens 提交于
      This patch provides extensions to VXLAN for supporting Distributed
      Overlay Virtual Ethernet (DOVE) networks. The patch includes:
      
      	+ a dove flag per VXLAN device to enable DOVE extensions
      	+ ARP reduction, whereby a bridge-connected VXLAN tunnel endpoint
      		answers ARP requests from the local bridge on behalf of
      		remote DOVE clients
      	+ route short-circuiting (aka L3 switching). Known destination IP
      		addresses use the corresponding destination MAC address for
      		switching rather than going to a (possibly remote) router first.
      	+ netlink notification messages for forwarding table and L3 switching
      		misses
      
      Changes since v2
      	- combined bools into "u32 flags"
      	- replaced loop with !is_zero_ether_addr()
      Signed-off-by: NDavid L Stevens <dlstevens@us.ibm.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      e4f67add
  10. 15 11月, 2012 3 次提交
    • S
      bridge: add root port blocking · 1007dd1a
      stephen hemminger 提交于
      This is Linux bridge implementation of root port guard.
      If BPDU is received from a leaf (edge) port, it should not
      be elected as root port.
      
      Why would you want to do this?
      If using STP on a bridge and the downstream bridges are not fully
      trusted; this prevents a hostile guest for rerouting traffic.
      
      Why not just use netfilter?
      Netfilter does not track of follow spanning tree decisions.
      It would be difficult and error prone to try and mirror STP
      resolution in netfilter module.
      Signed-off-by: NStephen Hemminger <shemminger@vyatta.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      1007dd1a
    • S
      bridge: implement BPDU blocking · a2e01a65
      stephen hemminger 提交于
      This is Linux bridge implementation of STP protection
      (Cisco BPDU guard/Juniper BPDU block). BPDU block disables
      the bridge port if a STP BPDU packet is received.
      
      Why would you want to do this?
      If running Spanning Tree on bridge, hostile devices on the network
      may send BPDU and cause network failure. Enabling bpdu block
      will detect and stop this.
      
      How to recover the port?
      The port will be restarted if link is brought down, or
      removed and reattached.  For example:
       # ip li set dev eth0 down; ip li set dev eth0 up
      Signed-off-by: NStephen Hemminger <shemminger@vyatta.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      a2e01a65
    • S
      bridge: bridge port parameters over netlink · 25c71c75
      stephen hemminger 提交于
      Expose bridge port parameter over netlink. By switching to a nested
      message, this can be used for other bridge parameters.
      
      This changes IFLA_PROTINFO attribute from one byte to a full nested
      set of attributes. This is safe for application interface because the
      old message used IFLA_PROTINFO and new one uses
       IFLA_PROTINFO | NLA_F_NESTED.
      
      The code adapts to old format requests, and therefore stays
      compatible with user mode RSTP daemon. Since the type field
      for nested and unnested attributes are different, and the old
      code in libnetlink doesn't do the mask, it is also safe to use
      with old versions of bridge monitor command.
      
      Note: although mode is only a boolean, treating it as a
      full byte since in the future someone will probably want to add more
      values (like macvlan has).
      Signed-off-by: NStephen Hemminger <shemminger@vyatta.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      25c71c75
  11. 13 10月, 2012 1 次提交
  12. 11 10月, 2012 1 次提交
  13. 02 10月, 2012 2 次提交
  14. 21 9月, 2012 1 次提交
    • O
      IB/ipoib: Add rtnl_link_ops support · 9baa0b03
      Or Gerlitz 提交于
      Add rtnl_link_ops to IPoIB, with the first usage being child device
      create/delete through them. Childs devices are now either legacy ones,
      created/deleted through the ipoib sysfs entries, or RTNL ones.
      
      Adding support for RTNL childs involved refactoring of ipoib_vlan_add
      which is now used by both the sysfs and the link_ops code.
      
      Also, added ndo_uninit entry to support calling unregister_netdevice_queue
      from the rtnl dellink entry. This required removal of calls to
      ipoib_dev_cleanup from the driver in flows which use unregister_netdevice,
      since the networking core will invoke ipoib_uninit which does exactly that.
      Signed-off-by: NErez Shitrit <erezsh@mellanox.co.il>
      Signed-off-by: NOr Gerlitz <ogerlitz@mellanox.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      9baa0b03
  15. 21 7月, 2012 1 次提交
  16. 16 4月, 2012 1 次提交
    • J
      macvlan: add FDB bridge ops and macvlan flags · df8ef8f3
      John Fastabend 提交于
      This adds FDB bridge ops to the macvlan device passthru mode.
      Additionally a flags field was added and a NOPROMISC bit to
      allow users to use passthru mode without the driver calling
      dev_set_promiscuity(). The flags field is a u16 placed in a
      4 byte hole (consuming 2 bytes) of the macvlan_dev struct.
      
      We want to do this so that the macvlan driver or stack
      above the macvlan driver does not have to process every
      packet. For the use case where we know all the MAC addresses
      of the endstations above us this works well.
      
      This patch is a result of Roopa Prabhu's work. Follow up
      patches are needed for VEPA and VEB macvlan modes.
      
      v2: Change from distinct nopromisc mode to a flags field to
          configure this. This avoids the tendency to add a new
          mode every time we need some slightly different behavior.
      v3: fix error in dev_set_promiscuity and add change and get
          link attributes for flags.
      
      CC: Roopa Prabhu <roprabhu@cisco.com>
      CC: Michael S. Tsirkin <mst@redhat.com>
      Signed-off-by: NJohn Fastabend <john.r.fastabend@intel.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      df8ef8f3
  17. 02 4月, 2012 1 次提交
  18. 22 2月, 2012 1 次提交
    • G
      rtnetlink: Fix problem with buffer allocation · 115c9b81
      Greg Rose 提交于
      Implement a new netlink attribute type IFLA_EXT_MASK.  The mask
      is a 32 bit value that can be used to indicate to the kernel that
      certain extended ifinfo values are requested by the user application.
      At this time the only mask value defined is RTEXT_FILTER_VF to
      indicate that the user wants the ifinfo dump to send information
      about the VFs belonging to the interface.
      
      This patch fixes a bug in which certain applications do not have
      large enough buffers to accommodate the extra information returned
      by the kernel with large numbers of SR-IOV virtual functions.
      Those applications will not send the new netlink attribute with
      the interface info dump request netlink messages so they will
      not get unexpectedly large request buffers returned by the kernel.
      
      Modifies the rtnl_calcit function to traverse the list of net
      devices and compute the minimum buffer size that can hold the
      info dumps of all matching devices based upon the filter passed
      in via the new netlink attribute filter mask.  If no filter
      mask is sent then the buffer allocation defaults to NLMSG_GOODSIZE.
      
      With this change it is possible to add yet to be defined netlink
      attributes to the dump request which should make it fairly extensible
      in the future.
      Signed-off-by: NGreg Rose <gregory.v.rose@intel.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      115c9b81
  19. 17 10月, 2011 1 次提交
    • G
      if_link: Add additional parameter to IFLA_VF_INFO for spoof checking · 5f8444a3
      Greg Rose 提交于
      Add configuration setting for drivers to turn spoof checking on or off
      for discrete VFs.
      
      v2 - Fix indentation problem, wrap the ifla_vf_info structure in
           #ifdef __KERNEL__ to prevent user space from accessing and
           change function paramater for the spoof check setting netdev
           op from u8 to bool.
      v3 - Preset spoof check setting to -1 so that user space tools such
           as ip can detect that the driver didn't report a spoofcheck
           setting.  Prevents incorrect display of spoof check settings
           for drivers that don't report it.
      Signed-off-by: NGreg Rose <gregory.v.rose@intel.com>
      Signed-off-by: NJeff Kirsher <jeffrey.t.kirsher@intel.com>
      5f8444a3
  20. 11 5月, 2011 1 次提交
  21. 20 1月, 2011 1 次提交
  22. 23 11月, 2010 1 次提交
    • S
      macvlan: Introduce 'passthru' mode to takeover the underlying device · eb06acdc
      Sridhar Samudrala 提交于
      With the current default 'vepa' mode, a KVM guest using virtio with
      macvtap backend has the following limitations.
      - cannot change/add a mac address on the guest virtio-net
      - cannot create a vlan device on the guest virtio-net
      - cannot enable promiscuous mode on guest virtio-net
      
      To address these limitations, this patch introduces a new mode called
      'passthru' when creating a macvlan device which allows takeover of the
      underlying device and passing it to a guest using virtio with macvtap
      backend.
      
      Only one macvlan device is allowed in passthru mode and it inherits
      the mac address from the underlying device and sets it in promiscuous
      mode to receive and forward all the packets.
      Signed-off-by: NSridhar Samudrala <sri@us.ibm.com>
      
      -------------------------------------------------------------------------
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      eb06acdc
  23. 18 11月, 2010 2 次提交
    • T
      ipv4: AF_INET link address family · 9f0f7272
      Thomas Graf 提交于
      Implements the AF_INET link address family exposing the per
      device configuration settings via netlink using the attribute
      IFLA_INET_CONF.
      
      The format of IFLA_INET_CONF differs depending on the direction
      the attribute is sent. The attribute sent by the kernel consists
      of a u32 array, basically a 1:1 copy of in_device->cnf.data[].
      The attribute expected by the kernel must consist of a sequence
      of nested u32 attributes, each representing a change request,
      e.g.
      	[IFLA_INET_CONF] = {
      		[IPV4_DEVCONF_FORWARDING] = 1,
      		[IPV4_DEVCONF_NOXFRM] = 0,
      	}
      
      libnl userspace API documentation and example available from:
      http://www.infradead.org/~tgr/libnl/doc-git/group__link__inet.htmlSigned-off-by: NThomas Graf <tgraf@infradead.org>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      9f0f7272
    • T
      rtnetlink: Link address family API · f8ff182c
      Thomas Graf 提交于
      Each net_device contains address family specific data such as
      per device settings and statistics. We already expose this data
      via procfs/sysfs and partially netlink.
      
      The netlink method requires the requester to send one RTM_GETLINK
      request for each address family it wishes to receive data of
      and then merge this data itself.
      
      This patch implements a new API which combines all address family
      specific link data in a new netlink attribute IFLA_AF_SPEC.
      IFLA_AF_SPEC contains a sequence of nested attributes, one for each
      address family which in turn defines the structure of its own
      attribute. Example:
      
         [IFLA_AF_SPEC] = {
             [AF_INET] = {
                 [IFLA_INET_CONF] = ...,
             },
             [AF_INET6] = {
                 [IFLA_INET6_FLAGS] = ...,
                 [IFLA_INET6_CONF] = ...,
             }
         }
      
      The API also allows for address families to implement a function
      which parses the IFLA_AF_SPEC attribute sent by userspace to
      implement address family specific link options.
      Signed-off-by: NThomas Graf <tgraf@infradead.org>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      f8ff182c
  24. 17 6月, 2010 1 次提交
  25. 13 6月, 2010 1 次提交
    • B
      net: Enable 64-bit net device statistics on 32-bit architectures · be1f3c2c
      Ben Hutchings 提交于
      Use struct rtnl_link_stats64 as the statistics structure.
      
      On 32-bit architectures, insert 32 bits of padding after/before each
      field of struct net_device_stats to make its layout compatible with
      struct rtnl_link_stats64.  Add an anonymous union in net_device; move
      stats into the union and add struct rtnl_link_stats64 stats64.
      
      Add net_device_ops::ndo_get_stats64, implementations of which will
      return a pointer to struct rtnl_link_stats64.  Drivers that implement
      this operation must not update the structure asynchronously.
      
      Change dev_get_stats() to call ndo_get_stats64 if available, and to
      return a pointer to struct rtnl_link_stats64.  Change callers of
      dev_get_stats() accordingly.
      Signed-off-by: NBen Hutchings <bhutchings@solarflare.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      be1f3c2c
  26. 18 5月, 2010 1 次提交
    • S
      net: Add netlink support for virtual port management (was iovnl) · 57b61080
      Scott Feldman 提交于
      Add new netdev ops ndo_{set|get}_vf_port to allow setting of
      port-profile on a netdev interface.  Extends netlink socket RTM_SETLINK/
      RTM_GETLINK with two new sub msgs called IFLA_VF_PORTS and IFLA_PORT_SELF
      (added to end of IFLA_cmd list).  These are both nested atrtibutes
      using this layout:
      
                    [IFLA_NUM_VF]
                    [IFLA_VF_PORTS]
                            [IFLA_VF_PORT]
                                    [IFLA_PORT_*], ...
                            [IFLA_VF_PORT]
                                    [IFLA_PORT_*], ...
                            ...
                    [IFLA_PORT_SELF]
                            [IFLA_PORT_*], ...
      
      These attributes are design to be set and get symmetrically.  VF_PORTS
      is a list of VF_PORTs, one for each VF, when dealing with an SR-IOV
      device.  PORT_SELF is for the PF of the SR-IOV device, in case it wants
      to also have a port-profile, or for the case where the VF==PF, like in
      enic patch 2/2 of this patch set.
      
      A port-profile is used to configure/enable the external switch virtual port
      backing the netdev interface, not to configure the host-facing side of the
      netdev.  A port-profile is an identifier known to the switch.  How port-
      profiles are installed on the switch or how available port-profiles are
      made know to the host is outside the scope of this patch.
      
      There are two types of port-profiles specs in the netlink msg.  The first spec
      is for 802.1Qbg (pre-)standard, VDP protocol.  The second spec is for devices
      that run a similar protocol as VDP but in firmware, thus hiding the protocol
      details.  In either case, the specs have much in common and makes sense to
      define the netlink msg as the union of the two specs.  For example, both specs
      have a notition of associating/deassociating a port-profile.  And both specs
      require some information from the hypervisor manager, such as client port
      instance ID.
      
      The general flow is the port-profile is applied to a host netdev interface
      using RTM_SETLINK, the receiver of the RTM_SETLINK msg communicates with the
      switch, and the switch virtual port backing the host netdev interface is
      configured/enabled based on the settings defined by the port-profile.  What
      those settings comprise, and how those settings are managed is again
      outside the scope of this patch, since this patch only deals with the
      first step in the flow.
      Signed-off-by: NScott Feldman <scofeldm@cisco.com>
      Signed-off-by: NRoopa Prabhu <roprabhu@cisco.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      57b61080
  27. 16 5月, 2010 1 次提交
  28. 17 3月, 2010 1 次提交
  29. 13 2月, 2010 1 次提交
  30. 27 11月, 2009 1 次提交
  31. 05 11月, 2009 1 次提交
  32. 31 1月, 2009 1 次提交
  33. 23 9月, 2008 1 次提交
    • S
      net: network device name ifalias support · 0b815a1a
      Stephen Hemminger 提交于
      This patch add support for keeping an additional character alias
      associated with an network interface. This is useful for maintaining
      the SNMP ifAlias value which is a user defined value. Routers use this
      to hold information like which circuit or line it is connected to. It
      is just an arbitrary text label on the network device.
      
      There are two exposed interfaces with this patch, the value can be
      read/written either via netlink or sysfs.
      
      This could be maintained just by the snmp daemon, but it is more
      generally useful for other management tools, and the kernel is good
      place to act as an agreed upon interface to store it.
      Signed-off-by: NStephen Hemminger <shemminger@vyatta.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      0b815a1a
  34. 11 10月, 2007 1 次提交