From patchwork Sun May 8 04:53:38 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Roopa Prabhu X-Patchwork-Id: 12842246 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id F1DC0C433EF for ; Sun, 8 May 2022 04:54:06 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231290AbiEHE5u (ORCPT ); Sun, 8 May 2022 00:57:50 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:32822 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231189AbiEHE5f (ORCPT ); Sun, 8 May 2022 00:57:35 -0400 Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2043.outbound.protection.outlook.com [40.107.93.43]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B070AE0BE for ; Sat, 7 May 2022 21:53:45 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=a0eFW18rBnf1K66t6WcesuXYHhdHsuAaxCrM/Umj+2UxSrTv9pwhpfYJ+PIAU7Z6c0iwPMDe9nwHg0RAsbWv3TY2J7lUR2jcs1y8yZqbvJbdRwpNTxz5APoyclOVus8eS1XH1GgTMzeY5gMu5VNjB7refXgDHda5YjFLXU7rz8Xvl22iJq6JjKVG/lKWvFQtll/qIjqnhdAHHLhuarjn2R5aUC9KU3la90V9/9+U1alTIcUb+dBCYuzTxhUVgvKgbVMEr0264FHUvjENzqsY5s5smtJrHDLKXjRcpkThwtver6Tn0E7NuYGFTn7SHQyjhz0FSHUXjGzCZKnzUKJTPg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Un6WOh0CpKavYrR99Ale9J//fUqpn/HMg+JOGWmz3m8=; b=D9uZA2WBI0e3hpnzzjFusAXv2kMxAbZoCLasY261iF8bhbSc9ngYlCsmHR4HjgS4qs5QBHlT5HbgnJraE6HbSoFeoTmL3celPd7D3kMsq6OSiN5rOceJlaGkFHJPQT4xN1v89IyaGWGUw8hb4zwKeVihxGguMdiIapzJqQA2PAHEq2lcz7TX+IueOPQXYdTL/wQaJ2QoHEO5RcgnA1UL7tgI9uvHU5KTE2YQgdlEXMWwpyIMT2WRyPtFVn8/8nt23DXClBOcFtbLbGhnDY8PYyPE/J7L6PDhW57MekNfd8dxvBT8ASFmQX/4o7LB2qHUNCZfjCR2gV4wL/WJA/QEEA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 12.22.5.236) smtp.rcpttodomain=networkplumber.org smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Un6WOh0CpKavYrR99Ale9J//fUqpn/HMg+JOGWmz3m8=; b=S42fD3M22X8ZOwiWhHaNktC85W0SZv3X/08gwAHI8ofhNcUvNX4IDFoAF16lvklfg/4wTk2LrNgdTAguAylmgf5XFyrLWfqzWODFVMrCGFHII9+8/pr0X292czTJrnCgpnZFrKE3R0Qu+BJTYlt+kRHVzsuy+G4srBZ39BdhHjScfyuOlHr7uvqJlHWvH1QE6wkIGNKaskDN5SBKKdZu3JEtD9OmNNyZS9CyyzJqZO1vs/z8iCa97fIoqKqF9g7WGeAtkgIqhzGFSYgiwPxEl4egAbcBeT4S/ZpNgOmJXx3SP8zcHYHUzlIXCE5ph6DVdDxEwPGTTE4Sp/3AsvxFxg== Received: from DS7PR03CA0345.namprd03.prod.outlook.com (2603:10b6:8:55::29) by DM5PR1201MB2473.namprd12.prod.outlook.com (2603:10b6:3:e2::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5206.24; Sun, 8 May 2022 04:53:43 +0000 Received: from DM6NAM11FT050.eop-nam11.prod.protection.outlook.com (2603:10b6:8:55:cafe::df) by DS7PR03CA0345.outlook.office365.com (2603:10b6:8:55::29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5227.20 via Frontend Transport; Sun, 8 May 2022 04:53:43 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 12.22.5.236) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 12.22.5.236 as permitted sender) receiver=protection.outlook.com; client-ip=12.22.5.236; helo=mail.nvidia.com; Received: from mail.nvidia.com (12.22.5.236) by DM6NAM11FT050.mail.protection.outlook.com (10.13.173.111) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.5227.15 via Frontend Transport; Sun, 8 May 2022 04:53:42 +0000 Received: from drhqmail201.nvidia.com (10.126.190.180) by DRHQMAIL109.nvidia.com (10.27.9.19) with Microsoft SMTP Server (TLS) id 15.0.1497.32; Sun, 8 May 2022 04:53:39 +0000 Received: from drhqmail201.nvidia.com (10.126.190.180) by drhqmail201.nvidia.com (10.126.190.180) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.22; Sat, 7 May 2022 21:53:38 -0700 Received: from localhost.localdomain (10.127.8.14) by mail.nvidia.com (10.126.190.180) with Microsoft SMTP Server id 15.2.986.22 via Frontend Transport; Sat, 7 May 2022 21:53:38 -0700 From: Roopa Prabhu To: CC: , , Subject: [PATCH iproute2 net-next v2 1/3] bridge: vxlan device vnifilter support Date: Sun, 8 May 2022 04:53:38 +0000 Message-ID: <20220508045340.120653-2-roopa@nvidia.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220508045340.120653-1-roopa@nvidia.com> References: <20220508045340.120653-1-roopa@nvidia.com> MIME-Version: 1.0 X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: f9a83fc2-62e4-42d7-833a-08da30aeba10 X-MS-TrafficTypeDiagnostic: DM5PR1201MB2473:EE_ X-Microsoft-Antispam-PRVS: X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: JV4yxMPYjyrpJD+NgTehUW/VD1qagBDZeEzdNOlZlp+toCLg6YAbS7MRLP7iGBQsqLK5+uA1o74j1uxhF3lO57reOnDNe2T7PxLbgn2Hm4o9x+qa8/403P1ThJ+nMACtWpcYrIDh2WRMNiyrjsZqDUh8DZQVuT3GYlONhUZ/N49nxKEwJ9Hr4FBUoArodNfYKWd96SS2QbtbDKBd4hqaAtwtBwTdyEOxrSt4S9tzTnUfAZeOJzc4gL836qjMiWT7rIhqY6k25dRgCvGORg82DfHvgDu0ut+YCaFeoIBAuZ5QwMXiqmgb0fve/aRlOIANgx43RCL/Y48IH6SAbD0RznD+8zchJ7tFhrIzPvw+3LJcr6j4WRK8xaM6w9lE0p/zlhe4cNY1eNJaaoTjben1owuYHJ+YQNHHyTJOflaUKiRiXFDKMSEUEHqtflsXGNTNBoS/ZRrZC+YxuqQrHWdf+17dZDXEObwHrpyVGmB8X9j4qZfP/c0hgWYGCyUDGSRU/waP87jXXPfkriAxuxcDbWCIPodUZLMoY62+oTsumYjF45gPH9AkEG1yEfYjGlabMX/fy696h+HI0YrsaBm/kV8O+Qmgv/PFB7ZEeqXCzRh3q+4Li6Eg2yHKS+r53kpmjHo+x1pT82bzBZFZdVHIy9rqPKNxoNPNw4OB+zqD4xSfHEGVJ1QCsWifyT06fmHZWt9E2/M6EKDkx24vWQBs5g== X-Forefront-Antispam-Report: CIP:12.22.5.236;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:InfoNoRecords;CAT:NONE;SFS:(13230001)(4636009)(40470700004)(36840700001)(46966006)(47076005)(66574015)(1076003)(83380400001)(186003)(81166007)(426003)(336012)(356005)(82310400005)(316002)(36860700001)(86362001)(2906002)(5660300002)(70586007)(30864003)(6916009)(54906003)(70206006)(4326008)(8676002)(2616005)(8936002)(508600001)(40460700003)(26005)(36756003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 May 2022 04:53:42.8871 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: f9a83fc2-62e4-42d7-833a-08da30aeba10 X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[12.22.5.236];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT050.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR1201MB2473 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org This patch adds bridge command to manage recently added vnifilter on a collect metadata vxlan device. examples: $bridge vni add dev vxlan0 vni 400 $bridge vni add dev vxlan0 vni 200 group 239.1.1.101 $bridge vni del dev vxlan0 vni 400 $bridge vni show $bridge -s vni show Signed-off-by: Roopa Prabhu --- bridge/Makefile | 2 +- bridge/br_common.h | 2 + bridge/bridge.c | 1 + bridge/monitor.c | 28 +++- bridge/vni.c | 380 +++++++++++++++++++++++++++++++++++++++++++ include/libnetlink.h | 8 + lib/libnetlink.c | 18 ++ man/man8/bridge.8 | 77 ++++++++- 8 files changed, 513 insertions(+), 3 deletions(-) create mode 100644 bridge/vni.c diff --git a/bridge/Makefile b/bridge/Makefile index c6b7d08d..01f8a455 100644 --- a/bridge/Makefile +++ b/bridge/Makefile @@ -1,5 +1,5 @@ # SPDX-License-Identifier: GPL-2.0 -BROBJ = bridge.o fdb.o monitor.o link.o mdb.o vlan.o +BROBJ = bridge.o fdb.o monitor.o link.o mdb.o vlan.o vni.o include ../config.mk diff --git a/bridge/br_common.h b/bridge/br_common.h index 610e83f6..841f0594 100644 --- a/bridge/br_common.h +++ b/bridge/br_common.h @@ -14,6 +14,7 @@ void print_stp_state(__u8 state); int parse_stp_state(const char *arg); int print_vlan_rtm(struct nlmsghdr *n, void *arg, bool monitor, bool global_only); +int print_vnifilter_rtm(struct nlmsghdr *n, void *arg, bool monitor); void br_print_router_port_stats(struct rtattr *pattr); int do_fdb(int argc, char **argv); @@ -21,6 +22,7 @@ int do_mdb(int argc, char **argv); int do_monitor(int argc, char **argv); int do_vlan(int argc, char **argv); int do_link(int argc, char **argv); +int do_vni(int argc, char **argv); extern int preferred_family; extern int show_stats; diff --git a/bridge/bridge.c b/bridge/bridge.c index f3a4f08f..704be50c 100644 --- a/bridge/bridge.c +++ b/bridge/bridge.c @@ -58,6 +58,7 @@ static const struct cmd { { "fdb", do_fdb }, { "mdb", do_mdb }, { "vlan", do_vlan }, + { "vni", do_vni }, { "monitor", do_monitor }, { "help", do_help }, { 0 } diff --git a/bridge/monitor.c b/bridge/monitor.c index 845e221a..f17c1906 100644 --- a/bridge/monitor.c +++ b/bridge/monitor.c @@ -31,10 +31,20 @@ static int prefix_banner; static void usage(void) { - fprintf(stderr, "Usage: bridge monitor [file | link | fdb | mdb | vlan | all]\n"); + fprintf(stderr, "Usage: bridge monitor [file | link | fdb | mdb | vlan | vni | all]\n"); exit(-1); } +static int print_tunnel_rtm(struct nlmsghdr *n, void *arg, bool monitor) +{ + struct tunnel_msg *tmsg = NLMSG_DATA(n); + + if (tmsg->family == PF_BRIDGE) + return print_vnifilter_rtm(n, arg, monitor); + + return 0; +} + static int accept_msg(struct rtnl_ctrl_data *ctrl, struct nlmsghdr *n, void *arg) { @@ -73,6 +83,12 @@ static int accept_msg(struct rtnl_ctrl_data *ctrl, fprintf(fp, "[VLAN]"); return print_vlan_rtm(n, arg, true, false); + case RTM_NEWTUNNEL: + case RTM_DELTUNNEL: + if (prefix_banner) + fprintf(fp, "[TUNNEL]"); + return print_tunnel_rtm(n, arg, true); + default: return 0; } @@ -86,6 +102,7 @@ int do_monitor(int argc, char **argv) int lneigh = 0; int lmdb = 0; int lvlan = 0; + int lvni = 0; rtnl_close(&rth); @@ -105,9 +122,13 @@ int do_monitor(int argc, char **argv) } else if (matches(*argv, "vlan") == 0) { lvlan = 1; groups = 0; + } else if (strcmp(*argv, "vni") == 0) { + lvni = 1; + groups = 0; } else if (strcmp(*argv, "all") == 0) { groups = ~RTMGRP_TC; lvlan = 1; + lvni = 1; prefix_banner = 1; } else if (matches(*argv, "help") == 0) { usage(); @@ -151,6 +172,11 @@ int do_monitor(int argc, char **argv) exit(1); } + if (lvni && rtnl_add_nl_group(&rth, RTNLGRP_TUNNEL) < 0) { + fprintf(stderr, "Failed to add bridge vni group to list\n"); + exit(1); + } + ll_init_map(&rth); if (rtnl_listen(&rth, accept_msg, stdout) < 0) diff --git a/bridge/vni.c b/bridge/vni.c new file mode 100644 index 00000000..79dff005 --- /dev/null +++ b/bridge/vni.c @@ -0,0 +1,380 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* + * Command to manage vnifiltering on a vxlan device + * + * Authors: Roopa Prabhu + */ +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "json_print.h" +#include "libnetlink.h" +#include "br_common.h" +#include "utils.h" + +static unsigned int filter_index; + +#define VXLAN_ID_LEN 15 + +#define __stringify_1(x...) #x +#define __stringify(x...) __stringify_1(x) + +static void usage(void) +{ + fprintf(stderr, + "Usage: bridge vni { add | del } vni VNI\n" + " [ { group | remote } IP_ADDRESS ]\n" + " [ dev DEV ]\n" + " bridge vni { show }\n" + "\n" + "Where: VNI := 0-16777215\n" + ); + exit(-1); +} + +static int parse_vni_filter(const char *argv, struct nlmsghdr *n, int reqsize, + inet_prefix *group) +{ + char *vnilist = strdupa(argv); + char *vni = strtok(vnilist, ","); + int group_type = AF_UNSPEC; + struct rtattr *nlvlist_e; + char *v; + int i; + + if (group && is_addrtype_inet(group)) + group_type = (group->family == AF_INET) ? VXLAN_VNIFILTER_ENTRY_GROUP : + VXLAN_VNIFILTER_ENTRY_GROUP6; + + for (i = 0; vni; i++) { + __u32 vni_start = 0, vni_end = 0; + + v = strchr(vni, '-'); + if (v) { + *v = '\0'; + v++; + vni_start = atoi(vni); + vni_end = atoi(v); + } else { + vni_start = atoi(vni); + } + nlvlist_e = addattr_nest(n, reqsize, VXLAN_VNIFILTER_ENTRY | + NLA_F_NESTED); + addattr32(n, 1024, VXLAN_VNIFILTER_ENTRY_START, vni_start); + if (vni_end) + addattr32(n, 1024, VXLAN_VNIFILTER_ENTRY_END, vni_end); + if (group) + addattr_l(n, 1024, group_type, group->data, group->bytelen); + addattr_nest_end(n, nlvlist_e); + vni = strtok(NULL, ","); + } + + return 0; +} + +static int vni_modify(int cmd, int argc, char **argv) +{ + struct { + struct nlmsghdr n; + struct tunnel_msg tmsg; + char buf[1024]; + } req = { + .n.nlmsg_len = NLMSG_LENGTH(sizeof(struct tunnel_msg)), + .n.nlmsg_flags = NLM_F_REQUEST, + .n.nlmsg_type = cmd, + .tmsg.family = PF_BRIDGE, + }; + bool group_present = false; + inet_prefix daddr; + char *vni = NULL; + char *d = NULL; + + while (argc > 0) { + if (strcmp(*argv, "dev") == 0) { + NEXT_ARG(); + d = *argv; + } else if (strcmp(*argv, "vni") == 0) { + NEXT_ARG(); + if (vni) + invarg("duplicate vni", *argv); + vni = *argv; + } else if (strcmp(*argv, "group") == 0) { + if (group_present) + invarg("duplicate group", *argv); + if (is_addrtype_inet_not_multi(&daddr)) { + fprintf(stderr, "vxlan: both group and remote"); + fprintf(stderr, " cannot be specified\n"); + return -1; + } + NEXT_ARG(); + get_addr(&daddr, *argv, AF_UNSPEC); + if (!is_addrtype_inet_multi(&daddr)) + invarg("invalid group address", *argv); + group_present = true; + } else if (strcmp(*argv, "remote") == 0) { + if (group_present) + invarg("duplicate group", *argv); + NEXT_ARG(); + get_addr(&daddr, *argv, AF_UNSPEC); + group_present = true; + } else { + if (strcmp(*argv, "help") == 0) + usage(); + } + argc--; argv++; + } + + if (d == NULL || vni == NULL) { + fprintf(stderr, "Device and VNI ID are required arguments.\n"); + return -1; + } + + if (!vni && group_present) { + fprintf(stderr, "Group can only be specified with a vni\n"); + return -1; + } + + if (vni) + parse_vni_filter(vni, &req.n, sizeof(req), + (group_present ? &daddr : NULL)); + + req.tmsg.ifindex = ll_name_to_index(d); + if (req.tmsg.ifindex == 0) { + fprintf(stderr, "Cannot find vxlan device \"%s\"\n", d); + return -1; + } + + if (rtnl_talk(&rth, &req.n, NULL) < 0) + return -1; + + return 0; +} + +static void open_vni_port(int ifi_index, const char *fmt) +{ + open_json_object(NULL); + print_color_string(PRINT_ANY, COLOR_IFNAME, "ifname", + "%-" __stringify(IFNAMSIZ) "s ", + ll_index_to_name(ifi_index)); + open_json_array(PRINT_JSON, "vnis"); +} + +static void close_vni_port(void) +{ + close_json_array(PRINT_JSON, NULL); + close_json_object(); +} + +static void print_range(const char *name, __u32 start, __u32 id) +{ + char end[64]; + + snprintf(end, sizeof(end), "%sEnd", name); + + print_uint(PRINT_ANY, name, " %u", start); + if (start != id) + print_uint(PRINT_ANY, end, "-%-14u ", id); + +} + +static void print_vni(struct rtattr *t, int ifindex) +{ + struct rtattr *ttb[VXLAN_VNIFILTER_ENTRY_MAX+1]; + __u32 vni_start = 0; + __u32 vni_end = 0; + + parse_rtattr_flags(ttb, VXLAN_VNIFILTER_ENTRY_MAX, RTA_DATA(t), + RTA_PAYLOAD(t), NLA_F_NESTED); + + if (ttb[VXLAN_VNIFILTER_ENTRY_START]) + vni_start = rta_getattr_u32(ttb[VXLAN_VNIFILTER_ENTRY_START]); + + if (ttb[VXLAN_VNIFILTER_ENTRY_END]) + vni_end = rta_getattr_u32(ttb[VXLAN_VNIFILTER_ENTRY_END]); + + if (vni_end) + print_range("vni", vni_start, vni_end); + else + print_uint(PRINT_ANY, "vni", " %-14u", vni_start); + + if (ttb[VXLAN_VNIFILTER_ENTRY_GROUP]) { + __be32 addr = rta_getattr_u32(ttb[VXLAN_VNIFILTER_ENTRY_GROUP]); + + if (addr) { + if (IN_MULTICAST(ntohl(addr))) + print_string(PRINT_ANY, + "group", + " %s", + format_host(AF_INET, 4, &addr)); + else + print_string(PRINT_ANY, + "remote", + " %s", + format_host(AF_INET, 4, &addr)); + } + } else if (ttb[VXLAN_VNIFILTER_ENTRY_GROUP6]) { + struct in6_addr addr; + + memcpy(&addr, RTA_DATA(ttb[VXLAN_VNIFILTER_ENTRY_GROUP6]), sizeof(struct in6_addr)); + if (!IN6_IS_ADDR_UNSPECIFIED(&addr)) { + if (IN6_IS_ADDR_MULTICAST(&addr)) + print_string(PRINT_ANY, + "group", + " %s", + format_host(AF_INET6, + sizeof(struct in6_addr), + &addr)); + else + print_string(PRINT_ANY, + "remote", + " %s", + format_host(AF_INET6, + sizeof(struct in6_addr), + &addr)); + } + } + close_json_object(); + print_string(PRINT_FP, NULL, "%s", _SL_); +} + +int print_vnifilter_rtm(struct nlmsghdr *n, void *arg, bool monitor) +{ + struct tunnel_msg *tmsg = NLMSG_DATA(n); + int len = n->nlmsg_len; + bool first = true; + struct rtattr *t; + int rem; + + if (n->nlmsg_type != RTM_NEWTUNNEL && + n->nlmsg_type != RTM_DELTUNNEL && + n->nlmsg_type != RTM_GETTUNNEL) { + fprintf(stderr, "Unknown vni tunnel rtm msg: %08x %08x %08x\n", + n->nlmsg_len, n->nlmsg_type, n->nlmsg_flags); + return 0; + } + + len -= NLMSG_LENGTH(sizeof(*tmsg)); + if (len < 0) { + fprintf(stderr, "BUG: wrong nlmsg len %d\n", len); + return -1; + } + + if (tmsg->family != AF_BRIDGE) + return 0; + + if (filter_index && filter_index != tmsg->ifindex) + return 0; + + if (n->nlmsg_type == RTM_DELTUNNEL) + print_bool(PRINT_ANY, "deleted", "Deleted ", true); + + rem = len; + for (t = TUNNEL_RTA(tmsg); RTA_OK(t, rem); t = RTA_NEXT(t, rem)) { + unsigned short rta_type = t->rta_type & NLA_TYPE_MASK; + + if (rta_type != VXLAN_VNIFILTER_ENTRY) + continue; + if (first) { + open_vni_port(tmsg->ifindex, "%s"); + open_json_object(NULL); + first = false; + } else { + open_json_object(NULL); + print_string(PRINT_FP, NULL, "%-" __stringify(IFNAMSIZ) "s ", ""); + } + + print_vni(t, tmsg->ifindex); + } + close_vni_port(); + + print_string(PRINT_FP, NULL, "%s", _SL_); + + fflush(stdout); + return 0; +} + +static int print_vnifilter_rtm_filter(struct nlmsghdr *n, void *arg) +{ + return print_vnifilter_rtm(n, arg, false); +} + +static int vni_show(int argc, char **argv) +{ + char *filter_dev = NULL; + int ret = 0; + + while (argc > 0) { + if (strcmp(*argv, "dev") == 0) { + NEXT_ARG(); + if (filter_dev) + duparg("dev", *argv); + filter_dev = *argv; + } + argc--; argv++; + } + + if (filter_dev) { + filter_index = ll_name_to_index(filter_dev); + if (!filter_index) + return nodev(filter_dev); + } + + new_json_obj(json); + + if (!show_stats) { + if (rtnl_tunneldump_req(&rth, PF_BRIDGE, filter_index) < 0) { + perror("Cannot send dump request"); + exit(1); + } + + if (!is_json_context()) { + printf("%-" __stringify(IFNAMSIZ) "s %-" + __stringify(VXLAN_ID_LEN) "s %-" + __stringify(15) "s", + "dev", "vni", "group/remote"); + printf("\n"); + } + + ret = rtnl_dump_filter(&rth, print_vnifilter_rtm_filter, NULL); + if (ret < 0) { + fprintf(stderr, "Dump ternminated\n"); + exit(1); + } + } + + delete_json_obj(); + fflush(stdout); + return 0; +} + +int do_vni(int argc, char **argv) +{ + ll_init_map(&rth); + + if (argc > 0) { + if (strcmp(*argv, "add") == 0) + return vni_modify(RTM_NEWTUNNEL, argc-1, argv+1); + if (strcmp(*argv, "delete") == 0) + return vni_modify(RTM_DELTUNNEL, argc-1, argv+1); + if (strcmp(*argv, "show") == 0 || + strcmp(*argv, "lst") == 0 || + strcmp(*argv, "list") == 0) + return vni_show(argc-1, argv+1); + if (strcmp(*argv, "help") == 0) + usage(); + } else { + return vni_show(0, NULL); + } + + fprintf(stderr, "Command \"%s\" is unknown, try \"bridge vni help\".\n", *argv); + exit(-1); +} diff --git a/include/libnetlink.h b/include/libnetlink.h index 372c3706..a1ec91ec 100644 --- a/include/libnetlink.h +++ b/include/libnetlink.h @@ -112,6 +112,9 @@ int rtnl_nexthop_bucket_dump_req(struct rtnl_handle *rth, int family, req_filter_fn_t filter_fn) __attribute__((warn_unused_result)); +int rtnl_tunneldump_req(struct rtnl_handle *rth, int family, int ifindex) + __attribute__((warn_unused_result)); + struct rtnl_ctrl_data { int nsid; }; @@ -331,6 +334,11 @@ int rtnl_from_file(FILE *, rtnl_listen_filter_t handler, ((struct rtattr *)(((char *)(r)) + NLMSG_ALIGN(sizeof(struct br_vlan_msg)))) #endif +#ifndef TUNNEL_RTA +#define TUNNEL_RTA(r) \ + ((struct rtattr *)(((char *)(r)) + NLMSG_ALIGN(sizeof(struct tunnel_msg)))) +#endif + /* User defined nlmsg_type which is used mostly for logging netlink * messages from dump file */ #define NLMSG_TSTAMP 15 diff --git a/lib/libnetlink.c b/lib/libnetlink.c index 4d33e4dd..b3c3d0ba 100644 --- a/lib/libnetlink.c +++ b/lib/libnetlink.c @@ -1609,3 +1609,21 @@ void nl_print_policy(const struct rtattr *attr, FILE *fp) } } } + +int rtnl_tunneldump_req(struct rtnl_handle *rth, int family, int ifindex) +{ + struct { + struct nlmsghdr nlh; + struct tunnel_msg tmsg; + char buf[256]; + } req = { + .nlh.nlmsg_len = NLMSG_LENGTH(sizeof(struct tunnel_msg)), + .nlh.nlmsg_type = RTM_GETTUNNEL, + .nlh.nlmsg_flags = NLM_F_DUMP | NLM_F_REQUEST, + .nlh.nlmsg_seq = rth->dump = ++rth->seq, + .tmsg.family = family, + .tmsg.ifindex = ifindex, + }; + + return send(rth->fd, &req, sizeof(req), 0); +} diff --git a/man/man8/bridge.8 b/man/man8/bridge.8 index 2fa4f3d6..d8923d2e 100644 --- a/man/man8/bridge.8 +++ b/man/man8/bridge.8 @@ -13,7 +13,7 @@ bridge \- show / manipulate bridge addresses and devices .ti -8 .IR OBJECT " := { " -.BR link " | " fdb " | " mdb " | " vlan " | " monitor " }" +.BR link " | " fdb " | " mdb " | " vlan " | " vni " | " monitor " }" .sp .ti -8 @@ -196,6 +196,25 @@ bridge \- show / manipulate bridge addresses and devices .B vid .IR VID " ]" +.ti -8 +.BR "bridge vlan" " show " [ " +.B dev +.IR DEV " ]" + +.ti -8 +.BR "bridge vni" " { " add " | " del " } " +.B dev +.I DEV +.B vni +.IR VNI " [ { " +.B group | remote "} " +.IR IPADDR " ] " + +.ti -8 +.BR "bridge vni" " show " [ " +.B dev +.IR DEV " ]" + .ti -8 .BR "bridge monitor" " [ " all " | " neigh " | " link " | " mdb " | " vlan " ]" @@ -303,6 +322,10 @@ the output. .B vlan - VLAN filter list. +.TP +.B vni +- VNI filter list. + .SS .I COMMAND @@ -1084,6 +1107,58 @@ all bridge interfaces. the VLAN ID only whose global options should be listed. Default is to list all vlans. +.SH bridge vni - VNI filter list + +.B vni +objects contain known VNI IDs for a dst metadata vxlan link. + +.P +The corresponding commands display vni filter entries, add new entries, +and delete old ones. + +.SS bridge vni add - add a new vni filter entry + +This command creates a new vni filter entry. + +.TP +.BI dev " NAME" +the interface with which this vni is associated. + +.TP +.BI vni " VNI" +the VNI ID that identifies the vni. + +.TP +.BI remote " IPADDR" +specifies the unicast destination IP address to use in outgoing packets +when the destination link layer address is not known in the VXLAN device +forwarding database. This parameter cannot be specified with the group. + +.TP +.BI group " IPADDR" +specifies the multicast IP address to join for this VNI + +.SS bridge vni del - delete a new vni filter entry + +This command removes an existing vni filter entry. + +.PP +The arguments are the same as with +.BR "bridge vni add". + +.SS bridge vni show - list vni filtering configuration. + +This command displays the current vni filter table. + +.PP +With the +.B -statistics +option, the command displays per-vni traffic statistics. + +.TP +.BI dev " NAME" +shows vni filtering table associated with the vxlan device + .SH bridge monitor - state monitoring The From patchwork Sun May 8 04:53:39 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Roopa Prabhu X-Patchwork-Id: 12842243 X-Patchwork-Delegate: dsahern@gmail.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 88C4CC433FE for ; Sun, 8 May 2022 04:54:03 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231183AbiEHE5d (ORCPT ); Sun, 8 May 2022 00:57:33 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:32786 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230476AbiEHE5b (ORCPT ); Sun, 8 May 2022 00:57:31 -0400 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2045.outbound.protection.outlook.com [40.107.244.45]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 47506E0BE for ; Sat, 7 May 2022 21:53:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=aG1eLo4VbjGVsMtZC171vGlSbpK5Mc8/l7FG1QjG6u8NuUl/Ovbga0ot/owxmqq7NpDRFfdnLG52LscXp70FNF2a656oyGHgjLPU7+QOMZ33wtzGYw+3gHhrnp40n6l5rshUd4EzHVOuh54o+ulTKqY7YJGT+mQ7dmxRZGmxW1NLmxwUVuFALDYm+jg98Qk4CFk8xM0KrJ3Kg/UlGuU/f5ZTPTqrC2wWEqQTZNhDWTSV+b0S4BWCTGdFGIFiC5tjxsVbCT7xMktVFunkOJamPrNUaZpCmLD3HFqBsc+zXSpTpVAMBJ1UHVwt3HtP3DJ1IC8dWJcj7bBXZO7SOkmF4Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=vayLjKvEX/IdvlXtyxxYdnQPDRkG2h6CUl4mcevhzEg=; b=TJfrB4KygUPJhz11A5Hj2uREA8btwFHIYx5p2OGQrSiE6E+GrjZ4m0U5Svg9sK1IKH/ljJGWXJqBAZGfw5qtIX/Ufyjr79v8Qmr4VJhU6cZwTV7WspZAPs4Sd9r1RqoUNwyjDIx89lVyqiMjqYxiTOpwWqLzrDgtuPpf1F+VwFskrs060d05eJjKorwq7oCvnYtuRgbZnlM2/J0asTYjn/TfvF2FisnISgLIw8nt4ugRaTFdfXKMkdQz3BjHnNvugGcNqXnBQcHAp4fETQRQnKr/VbJgOlFDg8G0yZgPm9w/0lf9XXLj5ddoh1ElBS8g7+rzqvLXZYicaEN1AtjIYA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 12.22.5.235) smtp.rcpttodomain=networkplumber.org smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=vayLjKvEX/IdvlXtyxxYdnQPDRkG2h6CUl4mcevhzEg=; b=fqRBGfdhEDv74/t8lSdps75/RmAIUB6AtzCSABDCoccti3TdNNk6U3kMRSr4MI6NRLDszW0s6kEkPLL8K2mGhG0gF/AYfmalNQiS0ecfALk+V2WdvRGMHXeehONXoRak/vgAJ9F3r/RzFLCcYHQscHrj4GYM8P1+bVhoin/ePF4GevVMbasB8IYPRepOD9MEmeMqP9vSbVYEWB4NR1e2BEJl5UXpONVl3MT6m/3xPqG9Jaf4YS0H6lCJmWYcnZhPv4ZUY4ATQ1xiqfbxK832WuVuh8hQp+rR/SgZb66cNmgWtrVvRG1IpI1L7W9ModeoPrC4ydJAGA02nsfrS0I6Ig== Received: from MW4PR03CA0156.namprd03.prod.outlook.com (2603:10b6:303:8d::11) by CH0PR12MB5233.namprd12.prod.outlook.com (2603:10b6:610:d0::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5227.18; Sun, 8 May 2022 04:53:40 +0000 Received: from CO1NAM11FT029.eop-nam11.prod.protection.outlook.com (2603:10b6:303:8d:cafe::f9) by MW4PR03CA0156.outlook.office365.com (2603:10b6:303:8d::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5206.24 via Frontend Transport; Sun, 8 May 2022 04:53:40 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 12.22.5.235) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 12.22.5.235 as permitted sender) receiver=protection.outlook.com; client-ip=12.22.5.235; helo=mail.nvidia.com; Received: from mail.nvidia.com (12.22.5.235) by CO1NAM11FT029.mail.protection.outlook.com (10.13.174.214) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.5227.15 via Frontend Transport; Sun, 8 May 2022 04:53:40 +0000 Received: from drhqmail201.nvidia.com (10.126.190.180) by DRHQMAIL107.nvidia.com (10.27.9.16) with Microsoft SMTP Server (TLS) id 15.0.1497.32; Sun, 8 May 2022 04:53:39 +0000 Received: from drhqmail201.nvidia.com (10.126.190.180) by drhqmail201.nvidia.com (10.126.190.180) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.22; Sat, 7 May 2022 21:53:39 -0700 Received: from localhost.localdomain (10.127.8.14) by mail.nvidia.com (10.126.190.180) with Microsoft SMTP Server id 15.2.986.22 via Frontend Transport; Sat, 7 May 2022 21:53:39 -0700 From: Roopa Prabhu To: CC: , , Subject: [PATCH iproute2 net-next v2 2/3] ip: iplink_vxlan: add support to set vnifiltering flag on vxlan device Date: Sun, 8 May 2022 04:53:39 +0000 Message-ID: <20220508045340.120653-3-roopa@nvidia.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220508045340.120653-1-roopa@nvidia.com> References: <20220508045340.120653-1-roopa@nvidia.com> MIME-Version: 1.0 X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 51fc8c58-1bd6-4e81-bac2-08da30aeb88b X-MS-TrafficTypeDiagnostic: CH0PR12MB5233:EE_ X-Microsoft-Antispam-PRVS: X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: NzptpC9OJnUjeeft4vKPNTv+1I37ye42PHPE2wc5LHroV/scYCmgt0JQAjV6y1KsbmIANb8qR91eoAgUY01qrlV8c2mFwRyhq5rmht3kf76ZFl9iwfXBo0F0UsD+2esdzc+SASdTozoSTuISLsKRFnoDY5l6U5U90sh3a6VKnDFmCY58pJxUCxs5JjgCJtsHkjbT7BYehG73J0BvH6pk9/3F8L7gOUUXF5YFt4NChQ1Gf8X5Q+SiE35opL++j3uMetZ5bTLFJYjMEmYzaKylPN8m5gfTecgsztwQRmg+88MeG/b3Q7cqT68uhq6n/bkT7AFXHyzlmAlqGhPkuUlSvT9k6D8QnJXJfVOMdvcVvyIqosDqftaL1cFNZr7W+R/TlmDkBRNBIpTaa3ZU0NOeyW8q2OBeJ0vJtjZWORSADRCZbPeYZSesQXN3aok8GZ0i5sdwOYphPXlacEUM8i1fCekBhi+VqFNSlpDtyh0GGMJ2gy/yoLrRkwPI5pVMfpg9w5wa71QX+SuO2JBExoyYswhotbYinHBypOjW4zmOLeSf4RAOjosqTxyJYTvxS5pWnyP+2E1cVLq70B5KdtKwrySntHWNmk/TwpWZHzap5tWc41/Q+Oa+paR5tBTnfYiloQm5ulBPjOgqZrQFZlc3Xhga2JU49xRS0okZvO0WMyTPU/0XG4RBc4dOfhqXQT3930YIzFyGp9rKI7XJbF56ehFuo0KFbjgode7DC+KIkJVx7VR1PPOLaju1yyFxQwMrLXfETwchCa+87Ps0dVuGsg== X-Forefront-Antispam-Report: CIP:12.22.5.235;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:InfoNoRecords;CAT:NONE;SFS:(13230001)(4636009)(36840700001)(46966006)(40470700004)(81166007)(36756003)(356005)(316002)(5660300002)(508600001)(83380400001)(8936002)(2906002)(426003)(26005)(336012)(82310400005)(86362001)(1076003)(47076005)(2616005)(186003)(54906003)(6916009)(36860700001)(8676002)(70206006)(4326008)(40460700003)(70586007)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 May 2022 04:53:40.4016 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 51fc8c58-1bd6-4e81-bac2-08da30aeb88b X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[12.22.5.235];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT029.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH0PR12MB5233 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org This patch adds option to set vnifilter flag on a vxlan device. vnifilter is only supported on a collect metadata device. example: set vnifilter flag $ ip link add vxlan0 type vxlan external vnifilter local 172.16.0.1 Signed-off-by: Roopa Prabhu --- ip/iplink_vxlan.c | 23 ++++++++++++++++++++++- man/man8/ip-link.8.in | 9 +++++++++ 2 files changed, 31 insertions(+), 1 deletion(-) diff --git a/ip/iplink_vxlan.c b/ip/iplink_vxlan.c index 9afa3cca..3dde2150 100644 --- a/ip/iplink_vxlan.c +++ b/ip/iplink_vxlan.c @@ -48,6 +48,7 @@ static void print_explain(FILE *f) " [ [no]udp6zerocsumrx ]\n" " [ [no]remcsumtx ] [ [no]remcsumrx ]\n" " [ [no]external ] [ gbp ] [ gpe ]\n" + " [ [no]vnifilter ]\n" "\n" "Where: VNI := 0-16777215\n" " ADDR := { IP_ADDRESS | any }\n" @@ -81,6 +82,7 @@ static int vxlan_parse_opt(struct link_util *lu, int argc, char **argv, __u8 learning = 1; __u16 dstport = 0; __u8 metadata = 0; + __u8 vnifilter = 0; __u64 attrs = 0; bool set_op = (n->nlmsg_type == RTM_NEWLINK && !(n->nlmsg_flags & NLM_F_CREATE)); @@ -330,6 +332,15 @@ static int vxlan_parse_opt(struct link_util *lu, int argc, char **argv, } else if (!matches(*argv, "gpe")) { check_duparg(&attrs, IFLA_VXLAN_GPE, *argv, *argv); addattr_l(n, 1024, IFLA_VXLAN_GPE, NULL, 0); + } else if (!matches(*argv, "vnifilter")) { + check_duparg(&attrs, IFLA_VXLAN_VNIFILTER, + *argv, *argv); + addattr8(n, 1024, IFLA_VXLAN_VNIFILTER, 1); + vnifilter = 1; + } else if (!matches(*argv, "novnifilter")) { + check_duparg(&attrs, IFLA_VXLAN_VNIFILTER, + *argv, *argv); + addattr8(n, 1024, IFLA_VXLAN_VNIFILTER, 0); } else if (matches(*argv, "help") == 0) { explain(); return -1; @@ -341,12 +352,17 @@ static int vxlan_parse_opt(struct link_util *lu, int argc, char **argv, argc--, argv++; } + if (!metadata && vnifilter) { + fprintf(stderr, "vxlan: vnifilter is valid only when 'external' is set\n"); + return -1; + } + if (metadata && VXLAN_ATTRSET(attrs, IFLA_VXLAN_ID)) { fprintf(stderr, "vxlan: both 'external' and vni cannot be specified\n"); return -1; } - if (!metadata && !VXLAN_ATTRSET(attrs, IFLA_VXLAN_ID) && !set_op) { + if (!metadata && !vnifilter && !VXLAN_ATTRSET(attrs, IFLA_VXLAN_ID) && !set_op) { fprintf(stderr, "vxlan: missing virtual network identifier\n"); return -1; } @@ -420,6 +436,11 @@ static void vxlan_print_opt(struct link_util *lu, FILE *f, struct rtattr *tb[]) print_bool(PRINT_ANY, "external", "external ", true); } + if (tb[IFLA_VXLAN_VNIFILTER] && + rta_getattr_u8(tb[IFLA_VXLAN_VNIFILTER])) { + print_bool(PRINT_ANY, "vnifilter", "vnifilter", true); + } + if (tb[IFLA_VXLAN_ID] && RTA_PAYLOAD(tb[IFLA_VXLAN_ID]) >= sizeof(__u32)) { print_uint(PRINT_ANY, "id", "id %u ", rta_getattr_u32(tb[IFLA_VXLAN_ID])); diff --git a/man/man8/ip-link.8.in b/man/man8/ip-link.8.in index fc214a10..6f332645 100644 --- a/man/man8/ip-link.8.in +++ b/man/man8/ip-link.8.in @@ -601,6 +601,8 @@ the following additional arguments are supported: .B gbp ] [ .B gpe +] [ +.RB [ no ] vnifilter ] .in +8 @@ -712,6 +714,13 @@ are entered into the VXLAN device forwarding database. .RB "(e.g. " "ip route encap" ) or the internal FDB should be used. +.sp +.RB [ no ] vnifilter +- specifies whether the vxlan device is capable of vni filtering. Only works with a vxlan +device with external flag set. once enabled, bridge vni command is used to manage the +vni filtering table on the device. The device can only receive packets with vni's configured +in the vni filtering table. + .sp .B gbp - enables the Group Policy extension (VXLAN-GBP). From patchwork Sun May 8 04:53:40 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Roopa Prabhu X-Patchwork-Id: 12842244 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 771F6C433EF for ; Sun, 8 May 2022 04:54:03 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231255AbiEHE5q (ORCPT ); Sun, 8 May 2022 00:57:46 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:32808 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230476AbiEHE5e (ORCPT ); Sun, 8 May 2022 00:57:34 -0400 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10on2059.outbound.protection.outlook.com [40.107.94.59]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 06198E0B8 for ; Sat, 7 May 2022 21:53:44 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ZUQ3cslEP01RQR/33CdofHxFD5aXOGUoXRyjgVhaEYUJNkw9zFDCofYkyDI2wCjvxVsUvj2wGqUBcMceDBfmJhD5CP8W1StzDUvUB2goWgINY4Vfh/WKrS+FFVziin6bqHaxIpo/R71poaYtLjLuBlqNoLcckQG99SKaslw1ngK6uyC9NbnfM9XAP8ekI7J82P0R4phAoHesxSh8urzQ0mMYDpp/SULcjd34cXCN0WMeTzw23P8/hRBmwLLmurvqzTZC8djBXdw1SeA+HK8lhrqZu0/jQ5KI+EOKXbu0xVsgyYOXisds/TNtSXK3EAriu3VxcR6vj4a62iwGBTZv/g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Yb7WJJk/rKkiZrfJ2hbnnXP/GjqdCPGLEHhz5EOHov0=; b=ga3+OguJlKpip0tIOOTJgbMiDIb2ueMNhYTNCAd32iu+H9MSTl9NACjujta9+2eK6I5uHDSbaKGUYmeu+6kN9NVOwx56mAp6FZnzQli3aAKR0xbzjWDdD8cxzh8VD1QpuzVwf3nhkyG5J0eV7LsHr00VaKwDKcVwUASdB+5PdPMUB9TbSiNKP64UpWOmWww+ulg684x+qMYA6JDnb51gghoXkG5PwmgeJqsmM+7btf4dk3AsWo6Xn9DzeVHaq9Uu6w3J9nLXAum5hNWpj4evVDtKxVfW2i5XdNo5A6DqGrtfMGdXApOMfH5OgEuRW4s4M5Jziyjk1nLUlNchIegvzw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 12.22.5.238) smtp.rcpttodomain=networkplumber.org smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Yb7WJJk/rKkiZrfJ2hbnnXP/GjqdCPGLEHhz5EOHov0=; b=jIFdf9guzJtJDSooa+p/NlT8NHN7TvU0tZln2tZww2YuJmKE63dHvF8E8MCUeogjqDBVglTbnASkvZX+LGguN8A0JepbIVaIwzK4D+FETzD9Q2Ik5t0uoY7A13FT8OjqD6od/aM+hVfChX5M4gqesocA0QNf7ryB0vUQbA6To+nmi6VBX/ZPSOpIzuDWyjs9R5FXZk6zmaDaDhHZSFGZUflLUY86ZGIQkWNj70oM3soOxC/K14QddUXbrLgT1yEw6ZSlwaDS0Efi1kkbW8k+n8CV3RvZyMeuyGoBzXybHb6V/ID1NYPPlENWbw0X+pXguYFyyM1owMZ4YEOTKdOtVg== Received: from DM6PR08CA0023.namprd08.prod.outlook.com (2603:10b6:5:80::36) by SN6PR12MB2638.namprd12.prod.outlook.com (2603:10b6:805:6f::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5206.24; Sun, 8 May 2022 04:53:41 +0000 Received: from DM6NAM11FT012.eop-nam11.prod.protection.outlook.com (2603:10b6:5:80:cafe::38) by DM6PR08CA0023.outlook.office365.com (2603:10b6:5:80::36) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5206.14 via Frontend Transport; Sun, 8 May 2022 04:53:41 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 12.22.5.238) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 12.22.5.238 as permitted sender) receiver=protection.outlook.com; client-ip=12.22.5.238; helo=mail.nvidia.com; Received: from mail.nvidia.com (12.22.5.238) by DM6NAM11FT012.mail.protection.outlook.com (10.13.173.109) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.5227.15 via Frontend Transport; Sun, 8 May 2022 04:53:41 +0000 Received: from drhqmail201.nvidia.com (10.126.190.180) by DRHQMAIL105.nvidia.com (10.27.9.14) with Microsoft SMTP Server (TLS) id 15.0.1497.32; Sun, 8 May 2022 04:53:40 +0000 Received: from drhqmail201.nvidia.com (10.126.190.180) by drhqmail201.nvidia.com (10.126.190.180) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.22; Sat, 7 May 2022 21:53:39 -0700 Received: from localhost.localdomain (10.127.8.14) by mail.nvidia.com (10.126.190.180) with Microsoft SMTP Server id 15.2.986.22 via Frontend Transport; Sat, 7 May 2022 21:53:39 -0700 From: Roopa Prabhu To: CC: , , Subject: [PATCH iproute2 net-next v2 3/3] bridge: vni: add support for stats dumping Date: Sun, 8 May 2022 04:53:40 +0000 Message-ID: <20220508045340.120653-4-roopa@nvidia.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220508045340.120653-1-roopa@nvidia.com> References: <20220508045340.120653-1-roopa@nvidia.com> MIME-Version: 1.0 X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 2369d559-3c25-484f-dcbf-08da30aeb8f5 X-MS-TrafficTypeDiagnostic: SN6PR12MB2638:EE_ X-Microsoft-Antispam-PRVS: X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 9j6rHBhKuYQFfUrEcOtEugx7H1hhlBt3T22+QcKvpDTnpiNHKm0PmOfHik1pvslN+VQ3O/UUSpHAAXYRACbtTXsICoQBE1FPzng/wxDedPPxWLG8jT/cA1XRbpsDk4HnTapXgIvxxCQFUAoi9HsqEizjxoUx5VGNoLcomo96TDRaoI8raaYOyKBEwCm2dwwN0mL65LAYkD00dlNPXzqCKJsiwTZH++qlABRl6mkK9pzI9nOd6J1ty1FT+IFejVkCLdepNrUik2wZ40k4rP+r0JaNWLI3eu7YFT/CyP64QjvuVKLVNVI6yeUo2shTmPkazhp/TnfAIIsLKUZziJC1K3QlZwcTB5any+Y87QMphvIbaoHJg3VW6xZ0g9dV1w3c9aQ+SgkaOEcz5YOXEuP4dD4r0oo2E1nTXwjJgEp68mVbt7Ctw35OXTYpJETG3KHexU4YRTZgjZoP6IsPdJeew0PEvApWnFlft1P65/YdUDK3BUgQQNwa3o4bnHLzaogDTTyXDscahnEQsDramC2EHuRwj6S/75mAUPf2+dVgw5tvjoB/sjFSQE47AdW37v1ioEcjOVC9PHBCPjHj54F2VQVs0zwF2M/AOexoD2zloi4zr3Hx4ekQGmIWUirNSakbX9O1uOXxAEtdQiknfG7fZJU5XSM7FqjPE4ks2gNplNswvWqZuMzwVjZYbqvHgbnoaCEbTVjrZMn8NjxqVoA+FQ== X-Forefront-Antispam-Report: CIP:12.22.5.238;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:InfoNoRecords;CAT:NONE;SFS:(13230001)(4636009)(36840700001)(46966006)(40470700004)(336012)(47076005)(2906002)(5660300002)(83380400001)(54906003)(426003)(186003)(6916009)(8936002)(36756003)(1076003)(316002)(2616005)(36860700001)(86362001)(40460700003)(70206006)(70586007)(82310400005)(26005)(8676002)(4326008)(6666004)(508600001)(356005)(81166007)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 May 2022 04:53:41.0659 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 2369d559-3c25-484f-dcbf-08da30aeb8f5 X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[12.22.5.238];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT012.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR12MB2638 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org From: Nikolay Aleksandrov Add support for "-s" option which causes bridge vni to dump per-vni statistics. Note that it disables vni range compression. Example: $ bridge -s vni | more dev vni group/remote vxlan0 1024 239.1.1.1 RX: bytes 0 pkts 0 drops 0 errors 0 TX: bytes 0 pkts 0 drops 0 errors 0 1025 239.1.1.1 RX: bytes 0 pkts 0 drops 0 errors 0 TX: bytes 0 pkts 0 drops 0 errors 0 Signed-off-by: Nikolay Aleksandrov Signed-off-by: Roopa Prabhu --- bridge/vni.c | 93 ++++++++++++++++++++++++++++++++++++-------- include/libnetlink.h | 3 +- lib/libnetlink.c | 4 +- 3 files changed, 81 insertions(+), 19 deletions(-) diff --git a/bridge/vni.c b/bridge/vni.c index 79dff005..a0c2792c 100644 --- a/bridge/vni.c +++ b/bridge/vni.c @@ -186,6 +186,59 @@ static void print_range(const char *name, __u32 start, __u32 id) } +static void print_vnifilter_entry_stats(struct rtattr *stats_attr) +{ + struct rtattr *stb[VNIFILTER_ENTRY_STATS_MAX+1]; + __u64 stat; + + open_json_object("stats"); + parse_rtattr_flags(stb, VNIFILTER_ENTRY_STATS_MAX, RTA_DATA(stats_attr), + RTA_PAYLOAD(stats_attr), NLA_F_NESTED); + + print_nl(); + print_string(PRINT_FP, NULL, "%-" __stringify(IFNAMSIZ) "s ", ""); + print_string(PRINT_FP, NULL, "RX: ", ""); + + if (stb[VNIFILTER_ENTRY_STATS_RX_BYTES]) { + stat = rta_getattr_u64(stb[VNIFILTER_ENTRY_STATS_RX_BYTES]); + print_lluint(PRINT_ANY, "rx_bytes", "bytes %llu ", stat); + } + if (stb[VNIFILTER_ENTRY_STATS_RX_PKTS]) { + stat = rta_getattr_u64(stb[VNIFILTER_ENTRY_STATS_RX_PKTS]); + print_lluint(PRINT_ANY, "rx_pkts", "pkts %llu ", stat); + } + if (stb[VNIFILTER_ENTRY_STATS_RX_DROPS]) { + stat = rta_getattr_u64(stb[VNIFILTER_ENTRY_STATS_RX_DROPS]); + print_lluint(PRINT_ANY, "rx_drops", "drops %llu ", stat); + } + if (stb[VNIFILTER_ENTRY_STATS_RX_ERRORS]) { + stat = rta_getattr_u64(stb[VNIFILTER_ENTRY_STATS_RX_ERRORS]); + print_lluint(PRINT_ANY, "rx_errors", "errors %llu ", stat); + } + + print_nl(); + print_string(PRINT_FP, NULL, "%-" __stringify(IFNAMSIZ) "s ", ""); + print_string(PRINT_FP, NULL, "TX: ", ""); + + if (stb[VNIFILTER_ENTRY_STATS_TX_BYTES]) { + stat = rta_getattr_u64(stb[VNIFILTER_ENTRY_STATS_TX_BYTES]); + print_lluint(PRINT_ANY, "tx_bytes", "bytes %llu ", stat); + } + if (stb[VNIFILTER_ENTRY_STATS_TX_PKTS]) { + stat = rta_getattr_u64(stb[VNIFILTER_ENTRY_STATS_TX_PKTS]); + print_lluint(PRINT_ANY, "tx_pkts", "pkts %llu ", stat); + } + if (stb[VNIFILTER_ENTRY_STATS_TX_DROPS]) { + stat = rta_getattr_u64(stb[VNIFILTER_ENTRY_STATS_TX_DROPS]); + print_lluint(PRINT_ANY, "tx_drops", "drops %llu ", stat); + } + if (stb[VNIFILTER_ENTRY_STATS_TX_ERRORS]) { + stat = rta_getattr_u64(stb[VNIFILTER_ENTRY_STATS_TX_ERRORS]); + print_lluint(PRINT_ANY, "tx_errors", "errors %llu ", stat); + } + close_json_object(); +} + static void print_vni(struct rtattr *t, int ifindex) { struct rtattr *ttb[VXLAN_VNIFILTER_ENTRY_MAX+1]; @@ -242,6 +295,10 @@ static void print_vni(struct rtattr *t, int ifindex) &addr)); } } + + if (ttb[VXLAN_VNIFILTER_ENTRY_STATS]) + print_vnifilter_entry_stats(ttb[VXLAN_VNIFILTER_ENTRY_STATS]); + close_json_object(); print_string(PRINT_FP, NULL, "%s", _SL_); } @@ -310,6 +367,7 @@ static int print_vnifilter_rtm_filter(struct nlmsghdr *n, void *arg) static int vni_show(int argc, char **argv) { char *filter_dev = NULL; + __u8 flags = 0; int ret = 0; while (argc > 0) { @@ -330,25 +388,26 @@ static int vni_show(int argc, char **argv) new_json_obj(json); - if (!show_stats) { - if (rtnl_tunneldump_req(&rth, PF_BRIDGE, filter_index) < 0) { - perror("Cannot send dump request"); - exit(1); - } + if (show_stats) + flags = TUNNEL_MSG_FLAG_STATS; - if (!is_json_context()) { - printf("%-" __stringify(IFNAMSIZ) "s %-" - __stringify(VXLAN_ID_LEN) "s %-" - __stringify(15) "s", - "dev", "vni", "group/remote"); - printf("\n"); - } + if (rtnl_tunneldump_req(&rth, PF_BRIDGE, filter_index, flags) < 0) { + perror("Cannot send dump request"); + exit(1); + } - ret = rtnl_dump_filter(&rth, print_vnifilter_rtm_filter, NULL); - if (ret < 0) { - fprintf(stderr, "Dump ternminated\n"); - exit(1); - } + if (!is_json_context()) { + printf("%-" __stringify(IFNAMSIZ) "s %-" + __stringify(VXLAN_ID_LEN) "s %-" + __stringify(15) "s", + "dev", "vni", "group/remote"); + printf("\n"); + } + + ret = rtnl_dump_filter(&rth, print_vnifilter_rtm_filter, NULL); + if (ret < 0) { + fprintf(stderr, "Dump ternminated\n"); + exit(1); } delete_json_obj(); diff --git a/include/libnetlink.h b/include/libnetlink.h index a1ec91ec..a7b0f352 100644 --- a/include/libnetlink.h +++ b/include/libnetlink.h @@ -112,7 +112,8 @@ int rtnl_nexthop_bucket_dump_req(struct rtnl_handle *rth, int family, req_filter_fn_t filter_fn) __attribute__((warn_unused_result)); -int rtnl_tunneldump_req(struct rtnl_handle *rth, int family, int ifindex) +int rtnl_tunneldump_req(struct rtnl_handle *rth, int family, int ifindex, + __u8 flags) __attribute__((warn_unused_result)); struct rtnl_ctrl_data { diff --git a/lib/libnetlink.c b/lib/libnetlink.c index b3c3d0ba..c27627fe 100644 --- a/lib/libnetlink.c +++ b/lib/libnetlink.c @@ -1610,7 +1610,8 @@ void nl_print_policy(const struct rtattr *attr, FILE *fp) } } -int rtnl_tunneldump_req(struct rtnl_handle *rth, int family, int ifindex) +int rtnl_tunneldump_req(struct rtnl_handle *rth, int family, int ifindex, + __u8 flags) { struct { struct nlmsghdr nlh; @@ -1622,6 +1623,7 @@ int rtnl_tunneldump_req(struct rtnl_handle *rth, int family, int ifindex) .nlh.nlmsg_flags = NLM_F_DUMP | NLM_F_REQUEST, .nlh.nlmsg_seq = rth->dump = ++rth->seq, .tmsg.family = family, + .tmsg.flags = flags, .tmsg.ifindex = ifindex, };