Jiri Pirko [Thu, 10 Aug 2023 14:01:02 +0000 (16:01 +0200)]
devlink: accept "name" command line option instead of "trap"/"group"
It is common for all iproute2 apps to have command line option
names matching with show command outputs. However, that is not true
in case of trap and trap group devlink objects.
Correct would be to have "trap" and "group" in the outputs, but that is
not possible to change now. Instead of that, accept "name" instead of
"trap" and "group" options.
Examples:
$ devlink trap show netdevsim/netdevsim1
netdevsim/netdevsim1:
name source_mac_is_multicast type drop generic true action drop group l2_drops
name vlan_tag_mismatch type drop generic true action drop group l2_drops
name ingress_vlan_filter type drop generic true action drop group l2_drops
name ingress_spanning_tree_filter type drop generic true action drop group l2_drops
name port_list_is_empty type drop generic true action drop group l2_drops
name port_loopback_filter type drop generic true action drop group l2_drops
name fid_miss type exception generic false action trap group l2_drops
name blackhole_route type drop generic true action drop group l3_drops
name ttl_value_is_too_small type exception generic true action trap group l3_exceptions
name tail_drop type drop generic true action drop group buffer_drops
name ingress_flow_action_drop type drop generic true action drop group acl_drops
name egress_flow_action_drop type drop generic true action drop group acl_drops
name igmp_query type control generic true action mirror group mc_snooping
name igmp_v1_report type control generic true action trap group mc_snooping
$ devlink trap show netdevsim/netdevsim1 trap source_mac_is_multicast
netdevsim/netdevsim1:
name source_mac_is_multicast type drop generic true action drop group l2_drops
$ devlink trap show netdevsim/netdevsim1 name source_mac_is_multicast
netdevsim/netdevsim1:
name source_mac_is_multicast type drop generic true action drop group l2_drops
$ devlink trap group
netdevsim/netdevsim1:
name l2_drops generic true
name l3_drops generic true policer 1
name l3_exceptions generic true policer 1
name buffer_drops generic true policer 2
name acl_drops generic true policer 3
name mc_snooping generic true policer 3
$ devlink trap group show netdevsim/netdevsim1 group l2_drops
netdevsim/netdevsim1:
name l2_drops generic true
$ devlink trap group show netdevsim/netdevsim1 name l2_drops
name l2_drops generic true
Signed-off-by: Jiri Pirko <jiri@nvidia.com> Signed-off-by: David Ahern <dsahern@kernel.org>
Ido Schimmel [Wed, 2 Aug 2023 16:41:15 +0000 (19:41 +0300)]
bridge: Add backup nexthop ID support
Extend the bridge and ip utilities to set and show the backup nexthop ID
bridge port attribute. A value of 0 (default) disables the feature, in
which case the attribute is not printed since it is not emitted by the
kernel.
Example:
# bridge -d link show dev swp1 | grep -o "backup_nhid [0-9]*"
# bridge -d -j -p link show dev swp1 | jq '.[]["backup_nhid"]'
null
# bridge link set dev swp1 backup_nhid 10
# bridge -d link show dev swp1 | grep -o "backup_nhid [0-9]*"
backup_nhid 10
# bridge -d -j -p link show dev swp1 | jq '.[]["backup_nhid"]'
10
# bridge link set dev swp1 backup_nhid 0
# bridge -d link show dev swp1 | grep -o "backup_nhid [0-9]*"
# bridge -d -j -p link show dev swp1 | jq '.[]["backup_nhid"]'
null
# ip -d link show dev swp1 | grep -o "backup_nhid [0-9]*"
# ip -d -j -p lin show dev swp1 | jq '.[]["linkinfo"]["info_slave_data"]["backup_nhid"]'
null
# ip link set dev swp1 type bridge_slave backup_nhid 10
# ip -d link show dev swp1 | grep -o "backup_nhid [0-9]*"
backup_nhid 10
# ip -d -j -p lin show dev swp1 | jq '.[]["linkinfo"]["info_slave_data"]["backup_nhid"]'
10
# ip link set dev swp1 type bridge_slave backup_nhid 0
# ip -d link show dev swp1 | grep -o "backup_nhid [0-9]*"
# ip -d -j -p lin show dev swp1 | jq '.[]["linkinfo"]["info_slave_data"]["backup_nhid"]'
null
Signed-off-by: Ido Schimmel <idosch@nvidia.com> Reviewed-by: Petr Machata <petrm@nvidia.com> Signed-off-by: David Ahern <dsahern@kernel.org>
Nicolas Escande [Wed, 26 Jul 2023 07:25:07 +0000 (09:25 +0200)]
bridge: link: allow filtering on bridge name
When using 'brige link show' we can either dump all links enslaved to any bridge
(called without arg ) or display a single link (called with dev arg).
However there is no way to dummp all links of a single bridge.
To do so, this adds new optional 'master XXX' arg to 'bridge link show' command.
usage: bridge link show master br0
Signed-off-by: Nicolas Escande <nico.escande@gmail.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Add support for the so called "stateless" configuration pattern (read
from /etc, fall back to /usr), giving system administrators a way to
define local configuration without changing any distro-provided files.
In practice this means that each configuration file FOO is loaded
from /usr/lib/iproute2/FOO unless /etc/iproute2/FOO exists.
Signed-off-by: Gioele Barabucci <gioele@svario.it> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
While building iproute2 6.4.0 with musl using Yocto Project, errors such
as the following were encountered:
| mdb.c: In function 'mdb_parse_vni':
| mdb.c:666:47: error: 'ULONG_MAX' undeclared (first use in this function)
| 666 | if ((endptr && *endptr) || vni_num == ULONG_MAX)
| | ^~~~~~~~~
| mdb.c:666:47: note: 'ULONG_MAX' is defined in header '<limits.h>'; did you forget to '#include <limits.h>'?
Include limits.h in bridge/mdb.c to fix this issue. This change is based
on one in Alpine Linux, but the author there had no plans to submit:
https://git.alpinelinux.org/aports/commit/main/iproute2/include.patch?id=bd46efb8a8da54948639cebcfa5b37bd608f1069
The files bpf_api.h and bpf_elf.h are useful for TC BPF programs
to use. And there is no requirement that those be GPL only;
we intend to allow BSD licensed BPF helpers as well.
This makes the file license same as libbpf.
Acked-by: Daniel Borkmann <daniel@iogearbox.net> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
It is not currently possible to add a filter matching on port 0 despite
it being a valid port number. This is caused by cited commit which
treats a value of 0 as an indication that the port was not specified.
Instead of inferring that a port range was specified by checking that both
the minimum and the maximum ports are non-zero, simply add a boolean
argument to parse_range() and set it after parsing a port range.
Before:
# tc filter add dev swp1 ingress pref 1 proto ip flower ip_proto udp src_port 0 action pass
Illegal "src_port"
# tc filter add dev swp1 ingress pref 2 proto ip flower ip_proto udp dst_port 0 action pass
Illegal "dst_port"
# tc filter add dev swp1 ingress pref 3 proto ip flower ip_proto udp src_port 0-100 action pass
Illegal "src_port"
# tc filter add dev swp1 ingress pref 4 proto ip flower ip_proto udp dst_port 0-100 action pass
Illegal "dst_port"
After:
# tc filter add dev swp1 ingress pref 1 proto ip flower ip_proto udp src_port 0 action pass
# tc filter add dev swp1 ingress pref 2 proto ip flower ip_proto udp dst_port 0 action pass
# tc filter add dev swp1 ingress pref 3 proto ip flower ip_proto udp src_port 0-100 action pass
# tc filter add dev swp1 ingress pref 4 proto ip flower ip_proto udp dst_port 0-100 action pass
# tc filter show dev swp1 ingress | grep _port
src_port 0
dst_port 0
src_port 0-100
dst_port 0-100
Fixes: 767b6fd620dd ("tc: flower: fix port value truncation") Signed-off-by: Ido Schimmel <idosch@nvidia.com> Reviewed-by: Petr Machata <petrm@nvidia.com> Reviewed-by: Simon Horman <simon.horman@corigine.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Vladimir Oltean [Wed, 5 Jul 2023 10:51:55 +0000 (13:51 +0300)]
tc/taprio: fix parsing of "fp" option when it doesn't appear last
When installing a Qdisc this way:
tc qdisc replace dev $ifname handle 8001: parent root stab overhead 24 taprio \
num_tc 8 \
map 0 1 2 3 4 5 6 7 \
queues 1@0 1@1 1@2 1@3 1@4 1@5 1@6 1@7 \
base-time 0 \
sched-entry S 01 1216 \
sched-entry S fe 12368 \
fp P E E E E E E E \
flags 0x2
the parser will error out when it tries to parse the "fp" array and it
finds "flags" as one of the elements, expecting it to be one of "P" or
"E".
The way this is handled in the parsing of other array arguments of
variable size (max-sdu, map, queues etc) is to not fail, call PREV_ARG()
and attempt re-parsing the argument as something else. Do that for "fp"
as well.
Apparently mqprio handles this case correctly, so I must have forgotten
to apply the same treatment for taprio as well, during development.
Fixes: 5fbca3b469ec ("tc/taprio: add support for preemptible traffic classes") Signed-off-by: Vladimir Oltean <vladimir.oltean@nxp.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Zahari Doychev [Thu, 29 Jun 2023 19:57:36 +0000 (21:57 +0200)]
f_flower: simplify cfm dump function
The standard print function can be used to print the cfm attributes in
both standard and json use cases. In this way no string buffer is needed
which simplifies the code.
Signed-off-by: Zahari Doychev <zdoychev@maxlinear.com> Reviewed-by: Petr Machata <me@pmachata.org> Reviewed-by: Ido Schimmel <idosch@nvidia.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Edwin Peer [Sun, 11 Jun 2023 10:57:38 +0000 (13:57 +0300)]
iplink: filter stats using RTEXT_FILTER_SKIP_STATS
Don't request statistics we do not intend to render. This avoids the
possibility of a truncated IFLA_VFINFO_LIST when statistics are not
requested as well as the fetching of unnecessary data.
Signed-off-by: Edwin Peer <edwin.peer@broadcom.com> Cc: Edwin Peer <espeer@gmail.com> Signed-off-by: Gal Pressman <gal@nvidia.com> Signed-off-by: David Ahern <dsahern@kernel.org>
Ido Schimmel [Wed, 7 Jun 2023 15:35:50 +0000 (18:35 +0300)]
f_flower: Add l2_miss support
Add the ability to match on packets that encountered a layer 2 miss in
bridge driver's FDB / MDB. Example:
# tc filter add dev swp2 egress pref 1 proto all flower indev swp1 l2_miss 1 action drop
# tc filter add dev swp2 egress pref 1 proto all flower indev swp1 l2_miss 0 action drop
# tc filter show dev swp2 egress
filter protocol all pref 1 flower chain 0
filter protocol all pref 1 flower chain 0 handle 0x1
indev swp1
l2_miss 1
not_in_hw
action order 1: gact action drop
random type none pass val 0
index 1 ref 1 bind 1
filter protocol all pref 1 flower chain 0 handle 0x2
indev swp1
l2_miss 0
not_in_hw
action order 1: gact action drop
random type none pass val 0
index 2 ref 1 bind 1
This series introduces a new DCB subcommand: rewr, which is used to
configure the in-kernel DCB rewrite table [1].
Rewrite support is added as a separate DCB subcommand, rather than an
APP opt-in flag or similar. This goes in line with what we did to dcbnl,
where rewrite is a separate object. Obviously this requires a bit more
code to implement the new command, but much of the existing dcb-app code
(especially the bookkeeping code) can be reused. In some cases a little
adaptation is needed.
Initially, I have only made support for the prio-pcp and prio-dscp
parameters, as DSCP and PCP are the only selectors that currently have
a user [2] and to be honest, I am not even sure it makes sense to add
dgram, stream, ethtype rewrite support - At least the rewriter of Sparx5
does not support this. Any input here is much appreciated!
Examples:
Rewrite DSCP to 63 for packets with priority 1
$ dcb rewr add dev eth0 prio-dscp 1:63
Rewrite PCP 7 and DEI to 1 for packets with priority 1
$ dcb rewr add dev eth0 prio-pcp 1:7de
A new manpage has been added, to cover the new dcb-rewr subcommand, and
its parameters. Also I took the liberty to clean up a few things in the
dcb-app manpage.
Daniel Machon [Tue, 6 Jun 2023 07:19:45 +0000 (09:19 +0200)]
man: dcb-rewr: add new manpage for dcb-rewr
Add a new manpage for dcb-rewr. Most of the content is copied over from
dcb-app, as the same set of commands and parameters (in reverse) applies
to dcb-rewr.
Reviewed-by: Petr Machata <me@pmachata.org> Signed-off-by: Daniel Machon <daniel.machon@microchip.com> Signed-off-by: David Ahern <dsahern@kernel.org>
Daniel Machon [Tue, 6 Jun 2023 07:19:43 +0000 (09:19 +0200)]
dcb: rewr: add new dcb-rewr subcommand
Add a new subcommand 'rewr' for configuring the in-kernel DCB rewrite
table. The rewrite table of the kernel is similar to the APP table,
therefore, much of the existing bookkeeping code from dcb-app, can be
reused in the dcb-rewr implementation.
Initially, only support for configuring PCP and DSCP-based rewrite has
been added.
Signed-off-by: Daniel Machon <daniel.machon@microchip.com> Reviewed-by: Petr Machata <me@pmachata.org> Signed-off-by: David Ahern <dsahern@kernel.org>
Daniel Machon [Tue, 6 Jun 2023 07:19:40 +0000 (09:19 +0200)]
dcb: app: modify dcb_app_print_filtered() for dcb-rewr reuse
Where dcb-app requires protocol to be the printed key, dcb-rewr requires
it to be the priority. Adapt existing dcb-app print functions for this.
dcb_app_print_filtered() has been modified, to take two callbacks; one
for printing the entire string (pid and prio), and one for the pid type
(dec, hex, dscp, pcp). This saves us for making one dedicated function
for each pid type for both app and rewr.
Also, printing the colon is now expected to be handled by the
print_pid_prio() callback.
Signed-off-by: Daniel Machon <daniel.machon@microchip.com> Reviewed-by: Petr Machata <me@pmachata.org> Signed-off-by: David Ahern <dsahern@kernel.org>
Daniel Machon [Tue, 6 Jun 2023 07:19:39 +0000 (09:19 +0200)]
dcb: app: rename dcb_app_print_key_*() functions
In preparation for changing the prototype of dcb_app_print_filtered(),
rename the _print_key_*() functions to _print_pid_*(), as the protocol
can both be key and value with the introduction of dcb-rewr.
Signed-off-by: Daniel Machon <daniel.machon@microchip.com> Reviewed-by: Petr Machata <me@pmachata.org> Signed-off-by: David Ahern <dsahern@kernel.org>
Daniel Machon [Tue, 6 Jun 2023 07:19:38 +0000 (09:19 +0200)]
dcb: app: move colon printing out of callbacks
In preparation for changing the prototype of dcb_app_print_filtered(),
move the colon printing out of the callbacks, and into
dcb_app_print_filtered().
Signed-off-by: Daniel Machon <daniel.machon@microchip.com> Reviewed-by: Petr Machata <me@pmachata.org> Signed-off-by: David Ahern <dsahern@kernel.org>
Daniel Machon [Tue, 6 Jun 2023 07:19:37 +0000 (09:19 +0200)]
dcb: app: replace occurrences of %d with %u for printing unsigned int
In preparation for changing the prototype of dcb_app_print_filtered(),
replace occurrences of %d for printing unsigned integer, with %u as it
ought to be.
Signed-off-by: Daniel Machon <daniel.machon@microchip.com> Reviewed-by: Petr Machata <me@pmachata.org> Signed-off-by: David Ahern <dsahern@kernel.org>
Add userspace support for the [no]localbypass vxlan netlink
attribute. With localbypass on (default), the vxlan driver processes
the packets destined to the local machine by itself, bypassing the
userspace nework stack. With nolocalbypass the packets are always
forwarded to the userspace network stack, so userspace programs,
such as tcpdump have a chance to process them.
Signed-off-by: Vladimir Nikishkin <vladimir@nikishkin.pw> Reviewed-by: Ido Schimmel <idosch@nvidia.com> Reviewed-by: Andrea Claudi <aclaudi@redhat.com> Reviewed-by: Nikolay Aleksandrov <razor@blackwall.org> Signed-off-by: David Ahern <dsahern@kernel.org>
The function rtnl_addproto_a2n() was defined but never used.
Use it to allow for symbolic names, and fix the function signatures
so protocol value is consistently __u8.
Fixes: bdb8d8549ed9 ("ip: Support IP address protocol") Cc: petrm@nvidia.com Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Andrea Claudi [Mon, 29 May 2023 21:42:16 +0000 (23:42 +0200)]
iproute_lwtunnel: fix array boundary check
seg6_mode_types is made up of 5 elements, so ARRAY_SIZE(seg6_mode_types)
evaluates to 5. Thus, when mode = 5, this function returns
seg6_mode_types[5], resulting in an out-of-bound access.
Fix this bailing out when mode is equal to or greater than 5.
Fixes: cf87da417bb4 ("iproute: add support for seg6 l2encap mode") Signed-off-by: Andrea Claudi <aclaudi@redhat.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Andrea Claudi [Mon, 29 May 2023 16:59:15 +0000 (18:59 +0200)]
ipstats: fix message reporting error
strerror() accepts any integer as arguments, but returns meaningful
error descriptions only for positive integers.
ipstats code uses strerror on a code path where either err is 0 or
-ENOMEM, thus resulting in a useless error message.
Fix this using errno and moving the error printing closer to the only
function populating it in this code path.
Fixes: df0b2c6d0098 ("ipstats: Add a shell of "show" command") Signed-off-by: Andrea Claudi <aclaudi@redhat.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Andrea Claudi [Fri, 26 May 2023 17:27:20 +0000 (19:27 +0200)]
bridge: vni: remove useless checks on vni
After the (d == NULL || vni == NULL) check, vni cannot be NULL anymore.
This remove two useless conditional checks on vni value:
- the first check cannot be true, so remove the whole conditional block
- the second check is always true, so remove the check
Signed-off-by: Andrea Claudi <aclaudi@redhat.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Andrea Claudi [Fri, 26 May 2023 17:36:54 +0000 (19:36 +0200)]
ip: remove double space before 'allmulti' flag
Current output:
$ ip -d link show vxlan0
79: vxlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
link/ether b6:f6:12:c3:2d:52 brd ff:ff:ff:ff:ff:ff promiscuity 0 allmulti 0 minmtu 68 maxmtu 65535
Resulting output:
$ ip -d link show vxlan0
79: vxlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
link/ether b6:f6:12:c3:2d:52 brd ff:ff:ff:ff:ff:ff promiscuity 0 allmulti 0 minmtu 68 maxmtu 65535
Fixes: e98683accc28 ("link: display 'allmulti' counter") Signed-off-by: Andrea Claudi <aclaudi@redhat.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
m_action: fix warning of overwrite of const string
The function get_action_kind() searches first for the given
action, then rescans on failure for "gact". In the process,
it would overwrite the argument. Avoid the warning
by using a const argument and not copying.
Record the maintainers of subsections of iproute2.
The subtree maintainers are based off of most recent current
patches and maintainer of kernel portion of that subsystem.
Acked-by: Nikolay Aleksandrov <razor@blackwall.org> Acked-by: Petr Machata <me@pmachata.org> # For DCB Acked-by: Parav Pandit <parav@nvidia.com> Acked-by: Jiri Pirko <jiri@nvidia.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Nicolas Dichtel [Thu, 11 May 2023 14:42:24 +0000 (16:42 +0200)]
ipnetns: fix fd leak with 'ip netns set'
There is no reason to open this netns file. set_netnsid_from_name() uses
netns_get_fd() for this purpose and uses the returned fd.
Reported-by: Stephen Hemminger <stephen@networkplumber.org> Fixes: d182ee1307c7 ("ipnetns: allow to get and set netns ids") Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
The devlink utility stores an interface map that can be used to map an
interface name to a devlink port and vice versa. The map is populated by
issuing a devlink port dump via 'DEVLINK_CMD_PORT_GET' command.
Cited commits started to populate the map only when it is actually
needed. One such case is when a dump (e.g., shared buffer dump) only
returns devlink port handles. When pretty printing is required, the
utility will consult the map to translate the devlink port handles to
the corresponding interface names.
The above is problematic as it means that the port dump response(s) will
be queued to the same receive buffer as the response(s) of the dump that
triggered the port dump, resulting in a failed dump [1].
Fix by using a different netlink socket for the population of the
interface map.
[1]
$ devlink sb tc bind show
kernel answers: Device or resource busy
Failed to create index map
//0:
sb 0 tc 4 type egress pool 4 threshold 9
kernel answers: Device or resource busy
[...]
$ echo $?
1
Fixes: 5cddbb274eab ("devlink: load port-ifname map on demand") Fixes: 63d84b1fc98d ("devlink: load ifname map on demand from ifname_map_rev_lookup() as well") Signed-off-by: Ido Schimmel <idosch@nvidia.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
bridge: link: Add support for neigh_vlan_suppress option
Add support for the per-port neigh_vlan_suppress option. Example:
# bridge link set dev swp1 neigh_vlan_suppress on
# bridge -d -j -p link show dev swp1
[ {
"ifindex": 62,
"ifname": "swp1",
"flags": [ "BROADCAST","NOARP","UP","LOWER_UP" ],
"mtu": 1500,
"master": "br0",
"state": "forwarding",
"priority": 32,
"cost": 100,
"hairpin": false,
"guard": false,
"root_block": false,
"fastleave": false,
"learning": true,
"flood": true,
"mcast_flood": true,
"bcast_flood": true,
"mcast_router": 1,
"mcast_to_unicast": false,
"neigh_suppress": false,
"neigh_vlan_suppress": true,
"vlan_tunnel": false,
"isolated": false,
"locked": false,
"mab": false,
"mcast_n_groups": 0,
"mcast_max_groups": 0
} ]
# bridge -d link show dev swp1
62: swp1: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 master br0 state forwarding priority 32 cost 100
hairpin off guard off root_block off fastleave off learning on flood on mcast_flood on bcast_flood on mcast_router 1 mcast_to_unicast off neigh_suppress off neigh_vlan_suppress on vlan_tunnel off isolated off locked off mab off mcast_n_groups 0 mcast_max_groups 0
# bridge link set dev swp1 neigh_vlan_suppress off
# bridge -d -j -p link show dev swp1
[ {
"ifindex": 62,
"ifname": "swp1",
"flags": [ "BROADCAST","NOARP","UP","LOWER_UP" ],
"mtu": 1500,
"master": "br0",
"state": "forwarding",
"priority": 32,
"cost": 100,
"hairpin": false,
"guard": false,
"root_block": false,
"fastleave": false,
"learning": true,
"flood": true,
"mcast_flood": true,
"bcast_flood": true,
"mcast_router": 1,
"mcast_to_unicast": false,
"neigh_suppress": false,
"neigh_vlan_suppress": false,
"vlan_tunnel": false,
"isolated": false,
"locked": false,
"mab": false,
"mcast_n_groups": 0,
"mcast_max_groups": 0
} ]
# bridge -d link show dev swp1
62: swp1: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 master br0 state forwarding priority 32 cost 100
hairpin off guard off root_block off fastleave off learning on flood on mcast_flood on bcast_flood on mcast_router 1 mcast_to_unicast off neigh_suppress off neigh_vlan_suppress off vlan_tunnel off isolated off locked off mab off mcast_n_groups 0 mcast_max_groups 0
Signed-off-by: Ido Schimmel <idosch@nvidia.com> Reviewed-by: Nikolay Aleksandrov <razor@blackwall.org> Signed-off-by: David Ahern <dsahern@kernel.org>
bridge: vlan: Add support for neigh_suppress option
Add support for the per-VLAN neigh_suppress option. Example:
# bridge vlan set vid 10 dev swp1 neigh_suppress on
# bridge -d -j -p vlan show dev swp1 vid 10
[ {
"ifname": "swp1",
"vlans": [ {
"vlan": 10,
"state": "forwarding",
"mcast_router": 1,
"neigh_suppress": true
} ]
} ]
# bridge -d vlan show dev swp1 vid 10
port vlan-id
swp1 10
state forwarding mcast_router 1 neigh_suppress on
# bridge vlan set vid 10 dev swp1 neigh_suppress off
# bridge -d -j -p vlan show dev swp1 vid 10
[ {
"ifname": "swp1",
"vlans": [ {
"vlan": 10,
"state": "forwarding",
"mcast_router": 1,
"neigh_suppress": false
} ]
} ]
# bridge -d vlan show dev swp1 vid 10
port vlan-id
swp1 10
state forwarding mcast_router 1 neigh_suppress off
Signed-off-by: Ido Schimmel <idosch@nvidia.com> Reviewed-by: Nikolay Aleksandrov <razor@blackwall.org> Signed-off-by: David Ahern <dsahern@kernel.org>
David Ahern [Tue, 25 Apr 2023 01:44:47 +0000 (19:44 -0600)]
Merge branch 'preemptible-traffic-classes' into next
Vladimir Oltean says:
====================
This is the iproute2 support for the tc program to make use of the
kernel features added in commit f7d29571ab0a ("Merge branch
'add-kernel-tc-mqprio-and-tc-taprio-support-for-preemptible-traffic-classes'").
Vladimir Oltean [Tue, 18 Apr 2023 11:39:53 +0000 (14:39 +0300)]
tc/taprio: add support for preemptible traffic classes
Add support for the same kind of "fp" array argument as in mqprio,
except here we already have some handling for per-tc entries (max-sdu).
We just need to expand that logic such that we also add (and parse) the
FP adminStatus property of each traffic class.
Signed-off-by: Vladimir Oltean <vladimir.oltean@nxp.com> Signed-off-by: David Ahern <dsahern@kernel.org>
projects / thirdparty / iproute2.git / log
