Rewrite the explanation as it was duplicated with that of
`ip netns add NAME`.
Signed-off-by: Yusuke Ichiki <public@yusuke.pub>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
The motivation is to build distributions packages without /var to go
towards stateless systems, see link below (TL;DR: provisionning anything
outside of /usr on boot).
We only try do create the database directory when it's in the default
location, and assume its parent (/var/lib in the usual case) exists.
Links: https://0pointer.net/blog/projects/stateless.html
Signed-off-by: Max Gautier <mg@max.gautier.name>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Add the missing 'compressvlans' to man page
Signed-off-by: Date Huang <tjjh89017@hotmail.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Fix the incorrect short opt for compressvlans and color
in usage
Signed-off-by: Date Huang <tjjh89017@hotmail.com>
Acked-by: Nikolay Aleksandrov <razor@blackwall.org>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
the strdup man page states that the errno value
set by the function so there is not need to set it.
Signed-off-by: Denis Kirjanov <dkirjanov@suse.de>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
get_nlmsg_extended is missing the check as
it's done in get_nlmsg
v2: don't set the errno value explicitly
Signed-off-by: Denis Kirjanov <dkirjanov@suse.de>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Petr Machata says:
====================
Next hop group stats allow verification of balancedness of a next hop
group. The feature was merged in kernel commit 7cf497e5a122 ("Merge branch
'nexthop-group-stats'"). This patchset adds to ip the corresponding
support.
NH group stats come in two flavors: as statistics for SW and for HW
datapaths. The former is shown when -s is given to "ip nexthop". The latter
demands more work from the kernel, and possibly driver and HW, and might
not be always necessary. Therefore tie it to -s -s, similarly to how ip
link shows more detailed stats when -s is given twice.
Here's an example usage:
# ip link add name gre1 up type gre \
local 172.16.1.1 remote 172.16.1.2 tos inherit
# ip nexthop replace id 1001 dev gre1
# ip nexthop replace id 1002 dev gre1
# ip nexthop replace id 1111 group 1001/1002 hw_stats on
# ip -s -s -j -p nexthop show id 1111
[ {
[ ...snip... ]
"hw_stats": {
"enabled": true,
"used": true
},
"group_stats": [ {
"id": 1001,
"packets": 0,
"packets_hw": 0
},{
"id": 1002,
"packets": 0,
"packets_hw": 0
} ]
} ]
hw_stats.enabled shows whether hw_stats have been requested for the given
group. hw_stats.used shows whether any driver actually implemented the
counter. group_stats[].packets show the total stats, packets_hw only the
HW-datapath stats.
====================
Signed-off-by: David Ahern <dsahern@kernel.org>
Besides SW datapath stats, the kernel also support collecting statistics
from HW datapath, for nexthop groups offloaded to HW. Since collection of
these statistics may consume HW resources, there is an interface to request
that the HW stats be recorded. Add this toggle to "ip nexthop".
Signed-off-by: Petr Machata <petrm@nvidia.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
Besides SW datapath stats, the kernel also support collecting statistics
from HW datapath, for nexthop groups offloaded to HW. Request that these be
collected when ip is given "-s -s", similarly to how "ip link" shows more
statistics in that case.
Besides the statistics themselves, also show whether the collection of HW
statistics was in fact requested, and whether any driver actually
implemented the request.
Signed-off-by: Petr Machata <petrm@nvidia.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
Next hop group stats allow verification of balancedness of a next hop
group. The feature was merged in kernel commit 7cf497e5a122 ("Merge branch
'nexthop-group-stats'"). Add to ip the corresponding support. The
statistics are requested if "ip nexthop" is started with -s.
Signed-off-by: Petr Machata <petrm@nvidia.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
NLA_UINT attributes have a 4-byte payload if possible, and an 8-byte one if
necessary. Add a function to extract these. Since we need to dispatch on
length anyway, make the getter truly universal by supporting also u8 and
u16.
Signed-off-by: Petr Machata <petrm@nvidia.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
Update kernel headers to commit:
237bb5f7f7f5 ("cxgb4: unnecessary check for 0 in the free_sge_txq_uld() function")
Signed-off-by: David Ahern <dsahern@kernel.org>
The removal of tick usage in netem, means that some of the
helper functions in tc are no longer used and can be safely removed.
Other functions can be made static.
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
The current version of netem in iproute2 has a maximum of 4.3 seconds
because of scaled 32 bit clock values. Some users would like to be
able to use larger delays to emulate things like storage delays.
Since kernel version 4.15, netem qdisc had netlink parameters
to express wider range of delays in nanoseconds. But the iproute2
side was never updated to use them.
This does break compatibility with older kernels (4.14 and earlier).
With these out of support kernels, the latency/delay parameter
will end up being ignored.
Reported-by: Marc Blanchet <marc.blanchet@viagenie.ca>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Since next netem changes will break some usages of out of support kernels,
add an explicit policy about range of kernel versions.
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
The callbacks in exec_util should not be modifying underlying
qdisc operations structure.
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
The callbacks in action_util should not be modifying underlying
qdisc operations structure.
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
The callbacks in filter_util should not be modifying underlying
qdisc operations structure.
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
The callbacks in qdisc_util should not be modifying underlying
qdisc operations structure.
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
the function has the same definition in ifstat and ss
v2: fix the typo in the chagelog
v3: rebase on master
Signed-off-by: Denis Kirjanov <dkirjanov@suse.de>
Signed-off-by: David Ahern <dsahern@kernel.org>
The 32 bit statistics are problematic since 32 bit value can
easily wraparound at high speed. Use 64 bit stats if available.
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Signed-off-by: David Ahern <dsahern@kernel.org>
da9cc6ab introduced printing of MD5 signature keys when found.
But when changing printf() to out() calls with 90351722,
the implicit printf call in print_escape_buf() was overlooked.
That results in a funny output in the first line:
"<all-your-tcp-signature-keys-concatenated>State"
and ambiguity as to which of those bytes belong to which socket.
Add a static void out_escape_buf() immediately before we use it.
da9cc6ab (ss: print MD5 signature keys configured on TCP sockets, 2017-10-06)
90351722 (ss: Replace printf() calls for "main" output by calls to helper, 2017-12-12)
Signed-off-by: Lars Ellenberg <lars.ellenberg@linbit.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Print an error message if we can't remove the history file
v2: exit if unlink failed
v3: restore the changelog
Signed-off-by: Denis Kirjanov <dkirjanov@suse.de>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Use snprintf to print only valid data.
That's the similar change done for ifstat.
Signed-off-by: Denis Kirjanov <dkirjanov@suse.de>
Signed-off-by: David Ahern <dsahern@kernel.org>
as the name doesn't require a lot of storage put
it on the stack. Moreover the memory allocated via
malloc wasn't returned.
Signed-off-by: Denis Kirjanov <dkirjanov@suse.de>
Signed-off-by: David Ahern <dsahern@kernel.org>
the argument passed to the function
is always a constant value
Signed-off-by: Denis Kirjanov <dkirjanov@suse.de>
Signed-off-by: David Ahern <dsahern@kernel.org>
Add a sentence in the doc to describe what the new "monitor" command
does.
Signed-off-by: Justin Iurman <justin.iurman@uliege.be>
Signed-off-by: David Ahern <dsahern@kernel.org>
Add the "ip ioam monitor" command to be able to read all IOAM data
received. This is based on a netlink multicast group.
Signed-off-by: Justin Iurman <justin.iurman@uliege.be>
Signed-off-by: David Ahern <dsahern@kernel.org>
Quentin Deslandes says:
====================
BPF allows programs to store socket-specific data using
BPF_MAP_TYPE_SK_STORAGE maps. The data is attached to the socket itself,
and Martin added INET_DIAG_REQ_SK_BPF_STORAGES, so it can be fetched
using the INET_DIAG mechanism.
Currently, ss doesn't request the socket-local data, this patch aims to
fix this.
The first patch requests the socket-local data for the requested map ID
(--bpf-map-id=) or all the maps (--bpf-maps). It then prints the map_id
in COL_EXT.
Patch #2 uses libbpf and BTF to pretty print the map's content, like
`bpftool map dump` would do.
Patch #3 updates ss' man page to explain new options.
While I think it makes sense for ss to provide the socket-local storage
content for the sockets, it's difficult to conciliate the column-based
output of ss and having readable socket-local data. Hence, the
socket-local data is printed in a readable fashion over multiple lines
under its socket statistics, independently of the column-based approach.
Here is an example of ss' output with --bpf-maps:
[...]
ESTAB 340116 0 [...]
map_id: 114 [
(struct my_sk_storage){
.field_hh = (char)3,
(union){
.a = (int)17,
.b = (int)17,
},
}
]
Changed this series to an RFC as the merging window for net-next is
closed.
Changes from v8:
* Remove usage of libbpf_bpf_map_type_str() which requires libbpf-1.0+
and provide very little added value (David).
* Use ENABLE_BPF_SKSTORAGE_SUPPORT to gate the BPF socket-local storage
support, instead of HAVE_LIBBPF. iproute2 depends on libbpf-0.1, but
this change needs libbpf-0.5+. If the requirements are not met, ss can
still be compiled and used without BPF socket-local storage support, but
a warning will be printed at compile time.
Changes from v7:
* Fix comment format and checkpatch warnings (Stephen, David).
* Replaced Co-authored-by with Co-developed-by + Signed-off-by for
Martin's contribution on patch #1 to follow checkpatch requirements,
with Martin's approval.
Changes from v6:
* Remove column dedicated to BPF socket-local storage (COL_SKSTOR),
use COL_EXT instead (Matthieu).
Changes from v5:
* Add support for --oneline when printing socket-local data.
* Use \t to indent instead of " " to be consistent with other columns.
* Removed Martin's ack on patch #2 due to amount of lines changed.
Changes from v4:
* Fix return code for 2 calls.
* Fix issue when inet_show_netlink() retries a request.
* BPF dump object is created in bpf_map_opts_load_info().
Changes from v3:
* Minor refactoring to reduce number of HAVE_LIBBF usage.
* Update ss' man page.
* btf_dump structure created to print the socket-local data is cached
in bpf_map_opts. Creation of the btf_dump structure is performed if
needed, before printing the data.
* If a map can't be pretty-printed, print its ID and a message instead
of skipping it.
* If show_all=true, send an empty message to the kernel to retrieve all
the maps (as Martin suggested).
Changes from v2:
* bpf_map_opts_is_enabled is not inline anymore.
* Add more #ifdef HAVE_LIBBPF to prevent compilation error if
libbpf support is disabled.
* Fix erroneous usage of args instead of _args in vout().
* Add missing btf__free() and close(fd).
Changes from v1:
* Remove the first patch from the series (fix) and submit it separately.
* Remove double allocation of struct rtattr.
* Close BPF map FDs on exit.
* If bpf_map_get_fd_by_id() fails with ENOENT, print an error message
and continue to the next map ID.
* Fix typo in new command line option documentation.
* Only use bpf_map_info.btf_value_type_id and ignore
bpf_map_info.btf_vmlinux_value_type_id (unused for socket-local storage).
* Use btf_dump__dump_type_data() instead of manually using BTF to
pretty-print socket-local storage data. This change alone divides the size
of the patch series by 2.
====================
Signed-off-by: David Ahern <dsahern@kernel.org>
Document new --bpf-maps and --bpf-map-id= options.
Signed-off-by: Quentin Deslandes <qde@naccy.de>
Acked-by: Martin KaFai Lau <martin.lau@kernel.org>
Signed-off-by: David Ahern <dsahern@kernel.org>
ss is able to print the map ID(s) for which a given socket has BPF
socket-local storage defined (using --bpf-maps or --bpf-map-id=). However,
the actual content of the map remains hidden.
This change aims to pretty-print the socket-local storage content following
the socket details, similar to what `bpftool map dump` would do. The exact
output format is inspired by drgn, while the BTF data processing is similar
to bpftool's.
ss will use libbpf's btf_dump__dump_type_data() to ease pretty-printing
of binary data. This requires out_bpf_sk_storage_print_fn() as a print
callback function used by btf_dump__dump_type_data(). vout() is also
introduced, which is similar to out() but accepts a va_list as
parameter.
ss' output remains unchanged unless --bpf-maps or --bpf-map-id= is used,
in which case each socket containing BPF local storage will be followed by
the content of the storage before the next socket's info is displayed.
Signed-off-by: Quentin Deslandes <qde@naccy.de>
Acked-by: Martin KaFai Lau <martin.lau@kernel.org>
Signed-off-by: David Ahern <dsahern@kernel.org>
There are a few commands missing from the ip command syntax list, add
them. They are also missing from the see also section, add them there as
well.
Note there isn't a ip-ila man page, so I didn't link to it.
Also fix a few punctuation mistakes.
Signed-off-by: Yedaya Katsman <yedaya.ka@gmail.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
the code already has a path to the tan/tap device
Signed-off-by: Denis Kirjanov <dkirjanov@suse.de>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
