- 29 Aug, 2014 1 commit
-
-
Daniel Borkmann authored
This adds ARPHRD_NETLINK to ll_types so that it can be properly shown e.g. in `ip a`: 8: nlmon: <NOARP,UP,LOWER_UP> mtu 3776 qdisc noqueue state UNKNOWN group default link/netlink Signed-off-by: Daniel Borkmann <dborkman@redhat.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
-
- 04 Aug, 2014 9 commits
-
-
Stephen Hemminger authored
-
Stephen Hemminger authored
-
Jiri Pirko authored
Signed-off-by: Jiri Pirko <jiri@resnulli.us>
-
Stephen Hemminger authored
-
Stephen Hemminger authored
ll_index can return -1 but was declared unsigned. rt_addr_n2a had unused length parameter
-
Jay Vosburgh authored
First, the default value for 1-k is documented as being 0, but is currently being set to 1. (100%). This causes all packets to be dropped in the good state if 1-k is not explicitly specified. Fix this by setting the default to 0. Second, the 1-h option is parsed correctly, however, the kernel is expecting "h", not 1-h. Fix this by inverting the "1-h" percentage before sending to and after receiving from the kernel. This does change the behavior, but makes it consistent with the netem documentation and the literature on the Gilbert-Elliot model, which refer to "1-h" and "1-k," not "h" or "k" directly. Last, fix a minor formatting issue for the options reporting. Signed-off-by: Jay Vosburgh <jay.vosburgh@canonical.com>
-
Jamal Hadi Salim authored
root@moja-mojo:bridge# ./bridge fdb help Usage: bridge fdb { add | append | del | replace } ADDR dev DEV {self|master} [ temp ] [router] [ dst IPADDR] [ vlan VID ] [ port PORT] [ vni VNI ] [via DEV] bridge fdb {show} [ br BRDEV ] [ brport DEV ] Lets start with two bridges each with a port... root@moja-mojo:bridge# ./bridge link 10: sw1-p1 state DOWN : <BROADCAST,NOARP> mtu 1500 master sw1 state disabled priority 32 cost 100 11: eth1 state DOWN : <BROADCAST,NOARP> mtu 1500 master br0 state disabled priority 32 cost 100 show all... root@moja-mojo:bridge# ./bridge fdb show 33:33:00:00:00:01 dev ifb0 self permanent 33:33:00:00:00:01 dev ifb1 self permanent 33:33:00:00:00:01 dev eth0 self permanent 01:00:5e:00:00:01 dev eth0 self permanent 33:33:ff:92:c0:60 dev eth0 self permanent 33:33:00:00:00:fb dev eth0 self permanent 01:00:5e:00:00:fb dev eth0 self permanent 01:00:5e:7f:ff:fd dev eth0 self permanent 01:00:5e:00:00:01 dev wlan0 self permanent 33:33:00:00:00:01 dev wlan0 self permanent 33:33:ff:c2:84:3b dev wlan0 self permanent 33:33:00:00:00:fb dev wlan0 self permanent 01:00:5e:00:00:01 dev virbr0 self permanent 01:00:5e:00:00:fb dev virbr0 self permanent 33:33:00:00:00:01 dev br0 self permanent 33:33:00:00:00:01 dev sw1 self permanent 33:33:00:00:00:01 dev dummy0 self permanent 5e:f4:03:44:da:9a dev sw1-p1 vlan 0 master sw1 permanent 33:33:00:00:00:01 dev sw1-p1 self permanent b6:5e:dd:ce:d7:5e dev eth1 vlan 0 master br0 permanent 33:33:00:00:00:01 dev eth1 self permanent Lets see a netdev that is *not* attached to a bridge root@moja-mojo:bridge# ./bridge fdb show brport eth0 33:33:00:00:00:01 self permanent 01:00:5e:00:00:01 self permanent 33:33:ff:92:c0:60 self permanent 33:33:00:00:00:fb self permanent 01:00:5e:00:00:fb self permanent 01:00:5e:7f:ff:fd self permanent Lets see a netdev that is bridge port root@moja-mojo:bridge# ./bridge fdb show brport eth1 hadi@jhs-1:/media/MT1/other-gits/iproute-jul04/bridge$ ./bridge fdb show brport eth1 b6:5e:dd:ce:d7:5e vlan 0 master br0 permanent 33:33:00:00:00:01 self permanent Specify the correct bridge and you get good stuff root@moja-mojo:bridge# ./bridge fdb show brport eth1 br br0 6:5e:dd:ce:d7:5e vlan 0 master br0 permanent 33:33:00:00:00:01 self permanent Specify the wrong bridge and you get good nada root@moja-mojo:bridge# ./bridge fdb show brport eth1 br sw1 dump br0 root@moja-mojo:bridge# ./bridge fdb show br br0 33:33:00:00:00:01 dev br0 self permanent b6:5e:dd:ce:d7:5e dev eth1 vlan 0 master br0 permanent 33:33:00:00:00:01 dev eth1 self permanent dump sw1 root@moja-mojo:bridge# ./bridge fdb show br sw1 33:33:00:00:00:01 dev sw1 self permanent 5e:f4:03:44:da:9a dev sw1-p1 vlan 0 master sw1 permanent 33:33:00:00:00:01 dev sw1-p1 self permanent Lets move a port from one bridge to another for shits-and-giggles (as the New Brunswickians like to say) root@moja-mojo:bridge# ip link set sw1-p1 master br0 Now dump again br0 root@moja-mojo:bridge# ./bridge fdb show br br0 33:33:00:00:00:01 dev br0 self permanent 5e:f4:03:44:da:9a dev sw1-p1 vlan 0 master br0 permanent 33:33:00:00:00:01 dev sw1-p1 self permanent b6:5e:dd:ce:d7:5e dev eth1 vlan 0 master br0 permanent 33:33:00:00:00:01 dev eth1 self permanent Signed-off-by: Jamal Hadi Salim <jhs@mojatatu.com>
-
Roopa Prabhu authored
This patch avoids a full link wildump request when the user has specified a single link. Uses RTM_GETLINK without the NLM_F_DUMP flag. This helps on a system with large number of interfaces. This patch currently only uses the link ifindex in the filter. Hoping to provide a subsequent kernel patch to do link dump filtering on other attributes in the kernel. In iplink_get, to be safe, this patch currently sets the answer buffer size to the max size that libnetlink rtnl_talk can copy. The current api does not seem to provide a way to indicate the answer buf size. changelog from RFC to v1: - incorporated comments from stephen (fixed comment and fixed if/else block) changelog from v1 to v2: - fix whitespaces error Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
-
Rami Rosen authored
This patch adds description about macvtap to ip-link.8 man page. Signed-off-by: Rami Rosen <ramirose@gmail.com>
-
- 15 Jul, 2014 5 commits
-
-
Dmitry Popov authored
Consider the following command: ip tunnel add mode vti remote 12.0.0.1 local 12.0.0.3 ikey 15 i_flags will be GRE_KEY|VTI_ISVTI. So, in order to distinguish between ipip and vti we have to check just VTI_ISVTI bit, not the equality of i_flags and VTI_ISVTI. * Note, that there also was a bug in ip_tunnel/ip_vti, see commit 7c8e6b9c281(ip_vti: Fix 'ip tunnel add' with 'key' parameters), https://lkml.org/lkml/2014/6/7/125. Even patched iproute could be unable to create vti tunnels with non-zero keys. 1) Unpatched iproute2: [root@vm ~]# ip tunnel show [root@vm ~]# lsmod | egrep '(ipip|vti)' [root@vm ~]# ip tunnel add mode vti ikey 1 [root@vm ~]# lsmod | egrep '(ipip|vti)' ipip 4197 0 tunnel4 1659 1 ipip ip_tunnel 9295 1 ipip [root@vm ~]# ip tunnel show tunl0: ip/ip remote any local any ttl inherit [root@vm ~]# ip tunnel add mode vti remote 1.2.3.4 ikey 2 [root@vm ~]# ip tunnel show ipip0: ip/ip remote 1.2.3.4 local any ttl inherit tunl0: ip/ip remote any local any ttl inherit [root@vm ~]# lsmod | egrep '(ipip|vti)' ipip 4197 0 tunnel4 1659 1 ipip ip_tunnel 9295 1 ipip # ipip tunnels are created instead of vti 2) Patched iproute2: [root@vm ~]# ip tunnel show [root@vm ~]# lsmod | egrep '(ipip|vti)' [root@vm ~]# ip tunnel add mode vti ikey 1 [root@vm ~]# lsmod | egrep '(ipip|vti)' ip_vti 5258 0 ip_tunnel 9295 1 ip_vti [root@vm ~]# ip tunnel show vti0: ip/ip remote any local any ttl inherit ikey 1 okey 0 ip_vti0: ip/ip remote any local any ttl inherit nopmtudisc key 0 [root@vm ~]# ip tunnel add mode vti remote 1.2.3.4 ikey 2 [root@vm ~]# ip tunnel show vti0: ip/ip remote any local any ttl inherit ikey 1 okey 0 vti1: ip/ip remote 1.2.3.4 local any ttl inherit ikey 2 okey 0 ip_vti0: ip/ip remote any local any ttl inherit nopmtudisc key 0 # Vti tunnels are created as expected # * If you have unpatched kernel your vti tunnels will have ikey == okey == 0 Same story exists with ip tunnel show/del with non-zero [io]key: requests are routed to tunl0 instead of ip_vti0. Signed-off-by: Dmitry Popov <ixaphire@qrator.net>
-
Vasily Averin authored
Signed-off-by: Vasily Averin <vvs@openvz.org>
-
Daniel Borkmann authored
Not sure how these typos slipped in back then, I suspect too much coffee. ;) So lets fix them up properly. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
-
vadimk authored
-
Masatake YAMATO authored
Though nlmon device can be added, it was not listed in the output of "ip link help". Signed-off-by: Masatake YAMATO <yamato@redhat.com> Acked-by: Daniel Borkmann <dborkman@redhat.com>
-
- 14 Jul, 2014 3 commits
-
-
Stephen Hemminger authored
New VF rate code was not handling case where device not specified. Caught by GCC warning about uninitialized variable.
-
Stephen Hemminger authored
Gcc doesn't like mixed || and && in same conditional.
-
Stephen Hemminger authored
-
- 10 Jun, 2014 2 commits
-
-
Stephen Hemminger authored
-
Stephen Hemminger authored
-
- 09 Jun, 2014 9 commits
-
-
Roopa Prabhu authored
This patch adds master dev name from NDA_MASTER netlink attribute to bridge fdb show output current iproute2 tries to print 'master' in the output if NTF_MASTER is present. But, kernel today does not set NTF_MASTER during dump requests. Which means I have not seen iproute2 bridge cmd print 'master' atall. This patch overrides the NTF_MASTER flag if NDA_MASTER attribute is present. Example output: before this patch: # bridge fdb show 44:38:39:00:27:ba dev bond2.2003 permanent 44:38:39:00:27:bb dev bond4.2003 permanent 44:38:39:00:27:bc dev bond2.2004 permanent After this patch: # bridge fdb show 44:38:39:00:27:ba dev bond2.2003 master br-2003 permanent 44:38:39:00:27:bb dev bond4.2003 master br-2003 permanent 44:38:39:00:27:bc dev bond2.2004 master br-2004 permanent For comparision with the above, below is the output for NTF_SELF today, # bridge fdb show 33:33:00:00:00:01 dev eth0 self permanent 01:00:5e:00:00:01 dev eth0 self permanent 33:33:ff:00:01:cc dev eth0 self permanent If change in output is a concern, 'master' can be put at the end of the fdb output line or made optional with -d[etails] option. change from v1 to v2: use 'bridge' instead of 'master' in fdb show output change from v2 to v3: use 'master' instead of 'bridge' in fdb show output (master could also be a vxlan device) Signed-off-by: Wilson Kok <wkok@cumulusnetworks.com> Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
-
Sucheta Chakraborty authored
o "min_tx_rate" option has been added for minimum Tx rate. Hence, for consistent naming, "max_tx_rate" option has been introduced for maximum Tx rate. o Change in v2: "rate" can be used along with "max_tx_rate". When both are specified, "max_tx_rate" should override. o Change in v3: * IFLA_VF_RATE: When IFLA_VF_RATE is used, and user has given only one of min_tx_rate or max_tx_rate, reading of previous rate limits is done in userspace instead of in kernel space before ndo_set_vf_rate. * IFLA_VF_TX_RATE: When IFLA_VF_TX_RATE is used, min_tx_rate is always read in kernel space. This takes care of below scenarios: (1) when old tool sends "rate" but kernel is new (expects min and max) (2) when new tool sends only "rate" but kernel is old (expects only "rate") o Change in v4 as suggested by Stephen Hemminger: * As per iproute policy, input and output formats should match. Changing display of max_tx_rate and min_tx_rate options accordingly. ./ip/ip link show p3p1 8: p3p1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT qlen 1000 link/ether 00:0e:1e:16:ce:40 brd ff:ff:ff:ff:ff:ff vf 0 MAC 2a:18:8f:4d:3d:d4, tx rate 700 (Mbps), max_tx_rate 700Mbps, min_tx_rate 200Mbps vf 1 MAC 72:dc:ba:f9:df:fd Signed-off-by: Sucheta Chakraborty <sucheta.chakraborty@qlogic.com>
-
Stephen Hemminger authored
Update sanitized headers
-
Jiri Pirko authored
Signed-off-by: Jiri Pirko <jiri@resnulli.us>
-
Jiri Pirko authored
Signed-off-by: Jiri Pirko <jiri@resnulli.us>
-
Yang Yingliang authored
Some options of fair queue cannot be (~0U). It leads to maxrate cannot be reset to unlimited because it cannot be (~0U). Allow the options being ~0U. Tested by the following command: # tc qdisc add dev eth4 root handle 1: fq limit 2000 flow_limit 200 maxrate 100mbit quantum 2000 initial_quantum 1600 # tc -s -d qdisc show qdisc fq 1: dev eth4 root refcnt 2 limit 2000p flow_limit 200p buckets 1024 quantum 2000 initial_quantum 1600 maxrate 100Mbit Sent 1492 bytes 10 pkt (dropped 0, overlimits 0 requeues 0) backlog 0b 0p requeues 0 1 flows (0 inactive, 0 throttled) 0 gc, 0 highprio, 0 throttled # tc qdisc change dev eth4 root handle 1: fq limit 4294967295 flow_limit 4294967295 maxrate 34359738360 quantum 4294967295 initial_quantum 4294967295 # tc -s -d qdisc show qdisc fq 1: dev eth4 root refcnt 2 limit 4294967295p flow_limit 4294967295p buckets 1024 quantum 4294967295 initial_quantum 4294967295 Sent 38372 bytes 216 pkt (dropped 0, overlimits 0 requeues 0) backlog 0b 0p requeues 0 2 flows (1 inactive, 0 throttled) 0 gc, 2 highprio, 7 throttled Suggested-by: Eric Dumazet <edumazet@google.com> Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>
-
Andreas Henriksson authored
Michael Tautschnig wrote: During a rebuild [...]. Please note that we use our research compiler tool-chain (using tools from the cbmc package), which permits extended reporting on type inconsistencies at link time. [...] gcc bridge.o fdb.o monitor.o link.o mdb.o vlan.o ../lib/libnetlink.a ../lib/libutil.a ../lib/libnetlink.a ../lib/libutil.a -o bridge file link.c line 18: error: conflicting types for variable "filter_index" old definition in module fdb file fdb.c line 29 signed int new definition in module link file link.c line 18 unsigned int <builtin>: recipe for target 'bridge' failed make[3]: *** [bridge] Error 64 make[3]: Leaving directory '/srv/jenkins-slave/workspace/sid-goto-cc-iproute2/iproute2-3.14.0/bridge' Makefile:45: recipe for target 'all' failed While practical constraints may limit the value of filter_index to remain within the bounds of a positive signed int, there is certainly no such guarantee here. Also, a plain majority vote suggests that this really just a wrong declaration in link.c as several declarations of filter_index as signed int exist. [...] My followup on this was: I think the majority is wrong. filter_index is assigned exclusively from if_nametoindex or ll_name_to_index which both return unsigned int. Changing it to unsigned everywhere seems better. This has been minimally tested by using the bridge tool to add vids and showing available vids on different devices. Reported-by: Michael Tautschnig <mt@debian.org> Signed-off-by: Andreas Henriksson <andreas@fatal.se>
-
Cong Wang authored
When we create a tunnel on top of a link and the link specified in cmdline doesn't exist, an error message should be shown. Cc: Stephen Hemminger <stephen@networkplumber.org> Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
-
Eric Dumazet authored
Since linux-3.15, kernel exports tcpi_pacing_rate and tcpi_max_pacing_rate in tcp_info Add TCP pacing_rate information on ss -i output : lpaa23:~# ./ss -ti dst 10.246.7.151 State Recv-Q Send-Q Local Address:Port Peer Address:Port ESTAB 0 325800 10.246.7.151:57614 10.246.7.152:46811 cubic wscale:7,7 rto:201 rtt:0.081/0.006 mss:1448 cwnd:90 ssthresh:63 send 12871.1Mbps pacing_rate 15397.8Mbps unacked:90 retrans:0/305 rcv_space:29200 If SO_MAX_PACING_RATE is set on the socket, we add /max_pacing_rate as in : ... pacing_rate 1570.5Mbps/2.0Gbps ... Signed-off-by: Eric Dumazet <edumazet@google.com>
-
- 29 May, 2014 4 commits
-
-
Stephen Hemminger authored
The lnstat program was building a format string, then using it. This was safe, but simpler to just use format character * to get width.
-
Stephen Hemminger authored
Enable format security, and fix the warning caused by printing with string for format.
-
Vlad Yasevich authored
Add ability to control learning and flood flags on bridge ports. Signed-off-by: Vlad Yasevich <vyasevic@redhat.com>
-
Sergey V. Lobanov authored
When limit<burst latency becomes <0, for example: # tc qdisc add dev eth0 root handle 1: tbf limit 100K burst 256K rate 256kbit # tc qdisc show qdisc tbf 1: dev eth0 root refcnt 2 rate 256Kbit burst 256Kb lat 4290.0s If latency<0 there is no reason to show it. Limit will be printed instead of latency when latency<0: # tc qdisc show qdisc tbf 1: dev eth0 root refcnt 2 rate 256Kbit burst 256Kb limit 100Kb Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
-
- 28 May, 2014 6 commits
-
-
Oliver Hartkopp authored
Controller Area Network (CAN) interfaces are physical network interfaces. They can't be 'created' like software devices by 'ip link add type can'. Signed-off-by: Oliver Hartkopp <socketcan@hartkopp.net>
-
Jiri Pirko authored
Signed-off-by: Jiri Pirko <jiri@resnulli.us>
-
Jamal Hadi Salim authored
This also fixes a long standing bug of not sanely reporting the action chain ordering Sample scenario test on window 1(event window): run "tc monitor" and observe events on window 2: sudo tc actions add action drop index 10 sudo tc actions add action ok index 12 sudo tc actions ls action gact sudo tc actions flush action gact See the event window reporting two entries (doing another listing should show empty generic actions) Signed-off-by: Jamal Hadi Salim <jhs@mojatatu.com>
-
Jamal Hadi Salim authored
scenario testcase: TC="sudo ./tc/tc" DEV="dev eth0" $TC qdisc del $DEV ingress $TC qdisc add $DEV ingress $TC filter add $DEV parent ffff: protocol ip u32 match ip src 10.0.0.0/24 action police rate 6Mbit burst 6Mbit drop flowid :1 $TC filter add $DEV parent ffff: protocol ip u32 match ip dst 10.0.0.0/24 action police rate 1Gbit burst 1Gbit pass flowid :1 $TC -s filter ls $DEV parent ffff: protocol ip $TC qdisc del $DEV ingress $TC qdisc add $DEV ingress $TC filter add $DEV parent ffff: protocol ip u32 match ip src 10.0.0.0/24 flowid 1:1 action police rate 6Mbit burst 6Mbit drop $TC filter add $DEV parent ffff: protocol ip u32 match ip dst 10.0.0.0/24 flowid 1:2 action police rate 1Gbit burst 1Gbit pass $TC -s filter ls $DEV parent ffff: protocol ip $TC qdisc del $DEV ingress $TC qdisc add $DEV ingress $TC filter add $DEV parent ffff: protocol ip pref 10 \ u32 match ip protocol 1 0xff \ flowid 1:10 \ action skbedit mark 11 \ action police rate 10kbit burst 10k pipe index 1 \ action skbedit mark 12 \ action police rate 20kbit burst 20k pipe index 2 \ action mirred egress mirror dev dummy0 $TC -s filter ls $DEV parent ffff: protocol ip $TC qdisc del $DEV ingress $TC qdisc add $DEV ingress $TC filter add $DEV parent ffff: protocol ip pref 10 \ u32 match ip protocol 1 0xff \ action skbedit mark 11 \ action police rate 10kbit burst 10k pipe index 1 \ action skbedit mark 12 \ action police rate 20kbit burst 20k pipe index 2 \ action mirred egress mirror dev dummy0 \ flowid 1:10 $TC -s filter ls $DEV parent ffff: protocol ip Reported-by: Seann Herdejurgen <seann@herdejurgen.com> Signed-off-by: Jamal Hadi Salim <jhs@mojatatu.com>
-
Jamal Hadi Salim authored
Reported-by: Seann Herdejurgen <seann@herdejurgen.com> Signed-off-by: Jamal Hadi Salim <jhs@mojatatu.com>
-
Natanael Copa authored
We need limits.h for LONG_MIN and LONG_MAX, sys/param.h for MIN and sys/select for struct timeval. This fixes the following compile errors with musl libc: f_bpf.c: In function 'bpf_parse_opt': f_bpf.c:181:12: error: 'LONG_MIN' undeclared (first use in this function) if (h == LONG_MIN || h == LONG_MAX) { ^ ... tc_util.o: In function `print_tcstats2_attr': tc_util.c:(.text+0x13fe): undefined reference to `MIN' tc_util.c:(.text+0x1465): undefined reference to `MIN' tc_util.c:(.text+0x14ce): undefined reference to `MIN' tc_util.c:(.text+0x154c): undefined reference to `MIN' tc_util.c:(.text+0x160a): undefined reference to `MIN' tc_util.o:tc_util.c:(.text+0x174e): more undefined references to `MIN' follow ... tc_stab.o: In function `print_size_table': tc_stab.c:(.text+0x40f): undefined reference to `MIN' ... fdb.c:247:30: error: 'ULONG_MAX' undeclared (first use in this function) (vni >> 24) || vni == ULONG_MAX) ^ lnstat.h:28:17: error: field 'last_read' has incomplete type struct timeval last_read; /* last time of read */ ^ Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
-
- 13 May, 2014 1 commit
-
-
Andreas Greve authored
BUG: tc filter show ... produce a segmentation fault if more than one filter rule with action -j MARK exists. Reason: In print_ipt(...) xtables will be initialzed with a pointer to the static struct tcipt_globals at xtables_init_all(). Later on the fields .opts and .options_offset of tcipt_globals are modified. The call of xtables_free_opts(1) at the end of print(...) does not restore the original values of tcipt_globals for the modified fields. It only frees some allocated memory and sets .opts to NULL. This leads to a segmentation fault when print_ipt() is called for the next filter rule with action -j MARK. Fix: Cloneing tcipt_globals on the stack as tmp_tcipt_globals and use it instead of tcipt_globals, so tcipt_globals will be not modified. Signed-off-by: Andreas Greve <andreas.greve@a-greve.de>
-