This patch introduces the "mode" command, which presents the enabled or
supported (when the "supported" argument is available) optional
counters.
An optional counter is a vendor-specific counter that may be
dynamically enabled/disabled. This enhancement of hwcounters allows
exposing of counters which are for example mutual exclusive and cannot
be enabled at the same time, counters that might degrades performance,
optional debug counters, etc.
Examples:
To present currently enabled optional counters on link rocep8s0f0/1:
$ rdma statistic mode link rocep8s0f0/1
link rocep8s0f0/1 optional-counters cc_rx_ce_pkts
To present supported optional counters on link rocep8s0f0/1:
$ rdma statistic mode supported link rocep8s0f0/1
link rocep8s0f0/1 supported optional-counters cc_rx_ce_pkts,cc_rx_cnp_pkts,cc_tx_cnp_pkts
Signed-off-by: Neta Ostrovsky <netao@nvidia.com>
Reviewed-by: Leon Romanovsky <leonro@nvidia.com>
Signed-off-by: Mark Zhang <markzhang@nvidia.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
Update rdma_netlink.h file upto kernel commit 7301d0a9834c
("RDMA/nldev: Add support to get status of all counters")
Signed-off-by: Neta Ostrovsky <netao@nvidia.com>
Reviewed-by: Leon Romanovsky <leonro@nvidia.com>
Signed-off-by: Mark Zhang <markzhang@nvidia.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
David reported ipmptcp breaks hard the build when updating the
relevant kernel headers.
We should be more careful in the header section, explicitly
including all the required dependencies respecting the usual order
between systems and local headers.
Stephen Hemminger <stephen@networkplumber.org>
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
Justin Iurman says:
====================
Following the series applied to net-next (see [1]), here are the corresponding
changes to iproute2.
In the current implementation, IOAM can only be inserted directly (i.e., only
inside packets generated locally) by default, to be compliant with RFC8200.
This patch adds support for in-transit packets and provides the ip6ip6
encapsulation of IOAM (RFC8200 compliant). Therefore, three ioam6 encap modes
are defined:
- inline: directly inserts IOAM inside packets (by default).
- encap: ip6ip6 encapsulation of IOAM inside packets.
- auto: either inline mode for packets generated locally or encap mode for
in-transit packets.
With current iproute2 implementation, it is configured this way:
$ ip -6 r [...] encap ioam6 trace prealloc [...]
The old syntax does not change (for backwards compatibility) and implicitly uses
the inline mode. With the new syntax, an encap mode can be specified:
(inline mode)
$ ip -6 r [...] encap ioam6 mode inline trace prealloc [...]
(encap mode)
$ ip -6 r [...] encap ioam6 mode encap tundst fc00::2 trace prealloc [...]
(auto mode)
$ ip -6 r [...] encap ioam6 mode auto tundst fc00::2 trace prealloc [...]
A tunnel destination address must be configured when using the encap mode or the
auto mode.
[1] https://lore.kernel.org/netdev/163335001045.30570.12527451523558030753.git-patchwork-notify@kernel.org/T/#m3b428d4142ee3a414ec803466c211dfdec6e0c09
====================
Signed-off-by: David Ahern <dsahern@kernel.org>
This patch updates the IOAM documentation (ip-route man page) to reflect the
three encap modes that were introduced.
Signed-off-by: Justin Iurman <justin.iurman@uliege.be>
Signed-off-by: David Ahern <dsahern@kernel.org>
This patch adds support for the three IOAM encap modes that were introduced:
inline, encap and auto.
Signed-off-by: Justin Iurman <justin.iurman@uliege.be>
Signed-off-by: David Ahern <dsahern@kernel.org>
Fix rogue "tab after spaces" used for indentation of the documentation.
This causes rendering issues on terminals using a non-standard tab width.
Signed-off-by: Frank Villaro-Dixon <frank.villaro@infomaniak.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Since we use the cache netlink socket for each nexthop we can keep it open
instead of opening and closing it on every add call. The socket is opened
once, on the first add call and then reused for the rest.
Suggested-by: David Ahern <dsahern@gmail.com>
Signed-off-by: Nikolay Aleksandrov <nikolay@nvidia.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
Recently the kernel gained ability to report the maximum number of
snapshots a region can have. Print this value out if it was reported.
Signed-off-by: Jacob Keller <jacob.e.keller@intel.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
Update kernel headers to commit:
49ed8dde3715 ("net: usb: use eth_hw_addr_set() for dev->addr_len cases")
Update to linux/mptcp.h is removed because it breaks compilation
of ipmptcp.c in a nontrivial way.
Signed-off-by: David Ahern <dsahern@kernel.org>
the following command:
# ip -j mptcp endpoint show
prints a JSON array that misses the terminating bracket. Fix this calling
delete_json_obj() to balance the call to new_json_obj().
Fixes: 7e0767cd86 ("add support for mptcp netlink interface")
Signed-off-by: Davide Caratti <dcaratti@redhat.com>
Acked-by: Andrea Claudi <aclaudi@redhat.com>
Nikolay Aleksandrov says:
====================
This set tries to help with an old ask that we've had for some time
which is to print nexthop information while monitoring or dumping routes.
The core problem is that people cannot follow nexthop changes while
monitoring route changes, by the time they check the nexthop it could be
deleted or updated to something else. In order to help them out I've
added a nexthop cache which is populated (only used if -d / show_details
is specified) while decoding routes and kept up to date while monitoring.
The nexthop information is printed on its own line starting with the
"nh_info" attribute and its embedded inside it if printing JSON. To
cache the nexthop entries I parse them into structures, in order to
reuse most of the code the print helpers have been altered so they rely
on prepared structures. Nexthops are now always parsed into a structure,
even if they won't be cached, that structure is later used to print the
nexthop and destroyed if not going to be cached. New nexthops (not found
in the cache) are retrieved from the kernel using a private netlink
socket so they don't disrupt an ongoing dump, similar to how interfaces
are retrieved and cached.
I have tested the set with the kernel forwarding selftests and also by
stressing it with nexthop create/update/delete in loops while monitoring.
Comments are very welcome as usual. :)
Changes since RFC:
- reordered parse/print splits, in order to do that I have to parse
resilient groups first, then add nh entry parsing so code has been
reordered as well and patch order has changed, but there have been
no functional changes (as before refactoring of old code is done in
the first 8 patches and then patches 9-12 add the new cache and use it)
- re-run all tests above
Patch breakdown:
Patches 1-2: update current route helpers to take parsed arguments so we
can directly pass them from the nh_entry structure later
Patch 3: adds new nha_res_grp structure which describes a resilient
nexhtop group
Patch 4: splits print_nh_res_group into a parse and print parts
which use the new nha_res_grp structure
Patch 5: adds new nh_entry structure which describes a nexthop
Patch 6: factors out print_nexthop's attribute parsing into nh_entry
structure used before printing
Patch 7: factors out print_nexthop's nh_entry structure printing
Patch 8: factors out ipnh_get's rtnl talk part and allows to use a
different rt handle for the communication
Patch 9: adds nexthop cache and helpers to manage it, it uses the
new __ipnh_get to retrieve nexthops
Patch 10: adds a new helper print_cache_nexthop_id that prints nexthop
information from its id, if the nexthop is not found in the
cache it fetches it
Patch 11: the new print_cache_nexthop_id helper is used when printing
routes with show_details (-d) to output detailed nexthop
information, the format after nh_info is the same as
ip nexthop show
Patch 12: changes print_nexthop into print_cache_nexthop which always
outputs the nexthop information and can also update the cache
(based on process_cache argument), it's used to keep the
cache up to date while monitoring
Example outputs (monitor):
[NEXTHOP]id 101 via 169.254.2.22 dev veth2 scope link proto unspec
[NEXTHOP]id 102 via 169.254.3.23 dev veth4 scope link proto unspec
[NEXTHOP]id 103 group 101/102 type resilient buckets 512 idle_timer 0 unbalanced_timer 0 unbalanced_time 0 scope global proto unspec
[ROUTE]unicast 192.0.2.0/24 nhid 203 table 4 proto boot scope global
nh_info id 203 group 201/202 type resilient buckets 512 idle_timer 0 unbalanced_timer 0 unbalanced_time 0 scope global proto unspec
nexthop via 169.254.2.12 dev veth3 weight 1
nexthop via 169.254.3.13 dev veth5 weight 1
[NEXTHOP]id 204 via fe80:2::12 dev veth3 scope link proto unspec
[NEXTHOP]id 205 via fe80:3::13 dev veth5 scope link proto unspec
[NEXTHOP]id 206 group 204/205 type resilient buckets 512 idle_timer 0 unbalanced_timer 0 unbalanced_time 0 scope global proto unspec
[ROUTE]unicast 2001:db8:1::/64 nhid 206 table 4 proto boot scope global metric 1024 pref medium
nh_info id 206 group 204/205 type resilient buckets 512 idle_timer 0 unbalanced_timer 0 unbalanced_time 0 scope global proto unspec
nexthop via fe80:2::12 dev veth3 weight 1
nexthop via fe80:3::13 dev veth5 weight 1
[NEXTHOP]id 2 encap mpls 200/300 via 10.1.1.1 dev ens20 scope link proto unspec onlink
[ROUTE]unicast 2.3.4.10 nhid 2 table main proto boot scope global
nh_info id 2 encap mpls 200/300 via 10.1.1.1 dev ens20 scope link proto unspec onlink
JSON:
{
"type": "unicast",
"dst": "198.51.100.0/24",
"nhid": 103,
"table": "3",
"protocol": "boot",
"scope": "global",
"flags": [ ],
"nh_info": {
"id": 103,
"group": [ {
"id": 101,
"weight": 11
},{
"id": 102,
"weight": 45
} ],
"type": "resilient",
"resilient_args": {
"buckets": 512,
"idle_timer": 0,
"unbalanced_timer": 0,
"unbalanced_time": 0
},
"scope": "global",
"protocol": "unspec",
"flags": [ ]
},
"nexthops": [ {
"gateway": "169.254.2.22",
"dev": "veth2",
"weight": 11,
"flags": [ ]
},{
"gateway": "169.254.3.23",
"dev": "veth4",
"weight": 45,
"flags": [ ]
} ]
}
====================
Signed-off-by: David Ahern <dsahern@kernel.org>
Add a new helper print_cache_nexthop replacing print_nexthop which can
update the nexthop cache if the process_cache argument is true. It is
used when monitoring netlink messages to keep the nexthop cache up to
date with nexthop changes happening. For the old callers and anyone
who's just dumping nexthops its _nocache version is used which is a
wrapper for print_cache_nexthop.
Signed-off-by: Nikolay Aleksandrov <nikolay@nvidia.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
If -d (show_details) is used when printing/monitoring routes then print
detailed nexthop information in the field "nh_info". The nexthop is also
cached for future searches.
Output looks like:
unicast 198.51.100.0/24 nhid 103 table 3 proto boot scope global
nh_info id 103 group 101/102 type resilient buckets 512 idle_timer 0 unbalanced_timer 0 unbalanced_time 0 scope global proto unspec
nexthop via 169.254.2.22 dev veth2 weight 1
nexthop via 169.254.3.23 dev veth4 weight 1
The nh_info field has the same format as ip -d nexthop show would've had
for the same nexthop id.
For completeness the JSON version looks like:
{
"type": "unicast",
"dst": "198.51.100.0/24",
"nhid": 103,
"table": "3",
"protocol": "boot",
"scope": "global",
"flags": [ ],
"nh_info": {
"id": 103,
"group": [ {
"id": 101
},{
"id": 102
} ],
"type": "resilient",
"resilient_args": {
"buckets": 512,
"idle_timer": 0,
"unbalanced_timer": 0,
"unbalanced_time": 0
},
"scope": "global",
"protocol": "unspec",
"flags": [ ]
},
"nexthops": [ {
"gateway": "169.254.2.22",
"dev": "veth2",
"weight": 1,
"flags": [ ]
},{
"gateway": "169.254.3.23",
"dev": "veth4",
"weight": 1,
"flags": [ ]
} ]
}
Signed-off-by: Nikolay Aleksandrov <nikolay@nvidia.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
Add a helper which looks for a nexthop in the cache and if not found
reads the entry from the kernel and caches it. Finally the entry is
printed.
Signed-off-by: Nikolay Aleksandrov <nikolay@nvidia.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
Add a static nexthop cache in a hash with 1024 buckets and helpers to
manage it (link, unlink, find, add nexthop, del nexthop). Adding new
nexthops is done by creating a new rtnl handle and using it to retrieve
the nexthop so the helper is safe to use while already reading a
response (i.e. using the global rth).
Signed-off-by: Nikolay Aleksandrov <nikolay@nvidia.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
Factor out ipnh_get_id's rtnl talk portion into a separate helper which
will be reused later to retrieve nexthops for caching.
Signed-off-by: Nikolay Aleksandrov <nikolay@nvidia.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
Factor out nexthop entry structure printing from print_nexthop,
effectively splitting it into parse and print parts.
Signed-off-by: Nikolay Aleksandrov <nikolay@nvidia.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
Factor out the nexthop attribute parsing and parse attributes into a
nexthop entry structure which is then used to print.
Signed-off-by: Nikolay Aleksandrov <nikolay@nvidia.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
Add a structure which describes a nexthop, it will be later used to
parse, print and cache nexthops.
Signed-off-by: Nikolay Aleksandrov <nikolay@nvidia.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
Now that we have resilient group structure split print_nh_res_group into
a parse and print functions, print_nexthop calls the parse function
first to parse the attributes into the structure and then uses the print
function to print the parsed structure.
Signed-off-by: Nikolay Aleksandrov <nikolay@nvidia.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
Add a structure which describes a resilient nexthop group. It will be
later used for parsing.
Signed-off-by: Nikolay Aleksandrov <nikolay@nvidia.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
Export a new __print_rta_gateway that takes a prepared gateway string to
print which is also used by print_rta_gateway for consistent format.
Signed-off-by: Nikolay Aleksandrov <nikolay@nvidia.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
We need print_rta_if() to take ifindex directly so later we can use it
with cached converted nexthop objects.
Signed-off-by: Nikolay Aleksandrov <nikolay@nvidia.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
Ralf Baechle says:
====================
net-tools contain support for these three protocol but are deprecated and
no longer installed by default by many distributions. Iproute2 otoh has
no support at all and will dump the addresses of these protocols which
actually are pretty human readable as hex numbers:
# ip link show dev bpq0
3: bpq0: <UP,LOWER_UP> mtu 256 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/ax25 88:98:60:a0:92:40:02 brd a2:a6:a8:40:40:40:00
# ip link show dev nr0
4: nr0: <NOARP,UP,LOWER_UP> mtu 236 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/netrom 88:98:60:a0:92:40:0a brd 00:00:00:00:00:00:00
# ip link show dev rose0
8: rose0: <NOARP,UP,LOWER_UP> mtu 249 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/rose 65:09:33:30:00 brd 00:00:00:00:00
This series adds basic support for the three protocols to print addresses:
# ip link show dev bpq0
3: bpq0: <UP,LOWER_UP> mtu 256 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/ax25 DL0PI-1 brd QST-0
# ip link show dev nr0
4: nr0: <NOARP,UP,LOWER_UP> mtu 236 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/netrom DL0PI-5 brd *
# ip link show dev rose0
8: rose0: <NOARP,UP,LOWER_UP> mtu 249 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/rose 6509333000 brd 0000000000
====================
Signed-off-by: David Ahern <dsahern@kernel.org>
NETROM is a OSI layer 3 protocol sitting on top of AX.25. It uses BCD-
encoded 10 digit telephone numbers as addresses. Without this ip will
print a ROSE addresses like
link/rose 12:34:56:78:90 brd 00:00:00:00:00
which is readable but ugly. With this applied it ROSE addresses will be
printed as
link/rose 1234567890 brd 0000000000
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Signed-off-by: David Ahern <dsahern@kernel.org>
ROSE addresses are ten digit numbers, basically like North American
telephone numbers.
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Signed-off-by: David Ahern <dsahern@kernel.org>
NETROM is an OSI layer 3 protocol sitting on top of AX.25. It also uses
AX.25 addresses. Without this commit ip will print NETROM address like
link/generic 98:92:9c:aa:b0:40:02 brd 00:00:00:00:00:00:00
while with this commit the decoded result
link/generic LINUX-1 brd *
is much more eye friendly.
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Signed-off-by: David Ahern <dsahern@kernel.org>
NETROM uses AX.25 addresses so this is a simple wrapper around ax25_ntop1.
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Signed-off-by: David Ahern <dsahern@kernel.org>
Before this, ip would have printed the AX.25 address configured for an
AX.25 interface's default addresses as:
link/ax25 98:92:9c:aa:b0:40:02 brd a2:a6:a8:40:40:40:00
which is pretty unreadable. With this commit ip will decode AX.25
addresses like
link/ax25 LINUX-1 brd QST-0
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Signed-off-by: David Ahern <dsahern@kernel.org>
AX.25 addresses are based on Amateur radio callsigns followed by an SSID
like XXXXXX-SS where the callsign is up to 6 characters which are either
letters or digits and the SSID is a decimal number in the range 0..15.
Amateur radio callsigns are assigned by a country's relevant authorities
and are 3..6 characters though a few countries have assigned callsigns
longer than that. AX.25 is not able to handle such longer callsigns.
Being based on HDLC AX.25 encodes addresses by shifting them one bit left
thus zeroing bit 0, the HDLC extension bit for all but the last bit of
a packet's address field but for our purposes here we're not considering
the HDLC extension bit that is it will always be zero.
Linux' internal representation of AX.25 addresses in Linux is very similar
to this on the on-air or on-the-wire format. The callsign is padded to
6 octets by adding spaces, followed by the SSID octet then all 7 octets
are left-shifted by one byte.
This for example turns "LINUX-1" where the callsign is LINUX and SSID is 1
into 98:92:9c:aa:b0:40:02.
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Signed-off-by: David Ahern <dsahern@kernel.org>
bpf selftests using iproute2 fails with:
$ ip link set dev veth0 xdp object ../bpf/xdp_dummy.o section xdp_dummy
Continuing without mounted eBPF fs. Too old kernel?
mkdir (null)/globals failed: No such file or directory
Unable to load program
This happens when the /sys/fs/bpf directory exists. In this case, mkdir
in bpf_mnt_check_target() fails with errno == EEXIST, and the function
returns -1. Thus bpf_get_work_dir() does not call bpf_mnt_fs() and the
bpffs is not mounted.
Fix this in bpf_mnt_check_target(), returning 0 when the mountpoint
exists.
Fixes: d4fcdbbec9 ("lib/bpf: Fix and simplify bpf_mnt_check_target()")
Reported-by: Mingyu Shi <mshi@redhat.com>
Reported-by: Jiri Benc <jbenc@redhat.com>
Suggested-by: Jiri Benc <jbenc@redhat.com>
Signed-off-by: Andrea Claudi <aclaudi@redhat.com>
Reviewed-by: Toke Høiland-Jørgensen <toke@redhat.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Provided port range in tc rule are parsed incorrectly.
Even though range is passed as min-max. It throws an error.
$ tc filter add dev eth0 ingress handle 100 priority 10000 protocol ipv4 flower ip_proto tcp dst_port 10368-61000 action pass
max value should be greater than min value
Illegal "dst_port"
Fixes: 8930840e67 ("tc: flower: Classify packets based port ranges")
Signed-off-by: Puneet Sharma <pusharma@akamai.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
The BPF program name is included when dumping the BPF program info and the
kernel only stores the first (BPF_PROG_NAME_LEN - 1) bytes for the program
name.
$ sudo ip link show dev docker0
4: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 xdpgeneric qdisc noqueue state UP mode DEFAULT group default
link/ether 02:42:4c:df:a4:54 brd ff:ff:ff:ff:ff:ff
prog/xdp id 789 name xdp_drop_func tag 57cd311f2e27366b jited
The BPF program load time (ns since boottime), UID of the user who loaded
the program and the BTF ID are also included when dumping the BPF program
information when the user expects a detailed ip link info output.
$ sudo ip -details link show dev docker0
4: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 xdpgeneric qdisc noqueue state UP mode DEFAULT group default
link/ether 02:42:4c:df:a4:54 brd ff:ff:ff:ff:ff:ff promiscuity 0 minmtu 68 maxmtu 65535
bridge forward_delay 1500 hello_time 200 max_age 2000 ageing_time 30000 stp_state 0 priority 32768 vlan_filt
ering 0 vlan_protocol 802.1Q bridge_id 8000.2:42:4c:df:a4:54 designated_root 8000.2:42:4c:df:a4:54 root_port 0 r
oot_path_cost 0 topology_change 0 topology_change_detected 0 hello_timer 0.00 tcn_timer 0.00 topology_chan
ge_timer 0.00 gc_timer 265.36 vlan_default_pvid 1 vlan_stats_enabled 0 vlan_stats_per_port 0 group_fwd_mask
0 group_address 01:80:c2:00:00:00 mcast_snooping 1 mcast_router 1 mcast_query_use_ifaddr 0 mcast_querier 0 mcast
_hash_elasticity 16 mcast_hash_max 4096 mcast_last_member_count 2 mcast_startup_query_count 2 mcast_last_member_
interval 100 mcast_membership_interval 26000 mcast_querier_interval 25500 mcast_query_interval 12500 mcast_query
_response_interval 1000 mcast_startup_query_interval 3124 mcast_stats_enabled 0 mcast_igmp_version 2 mcast_mld_v
ersion 1 nf_call_iptables 0 nf_call_ip6tables 0 nf_call_arptables 0 addrgenmode eui64 numtxqueues 1 numrxqueues
1 gso_max_size 65536 gso_max_segs 65535
prog/xdp id 789 name xdp_drop_func tag 57cd311f2e27366b jited load_time 2676682607316255 created_by_uid 0 btf_id 708
Signed-off-by: Gokul Sivakumar <gokulkumar792@gmail.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
Commit d3432bf10f17 ("net: Support filtering interfaces on no master")
in the kernel added support for filtering interfaces/neighbours that
have no master interface.
This patch completes it and adds this support to iproute2:
1. ip link show nomaster
2. ip address show nomaster
3. ip neighbour {show | flush} nomaster
Signed-off-by: Lahav Schlesinger <lschlesinger@drivenets.com>
Signed-off-by: David Ahern <dsahern@gmail.com>
The 'ip link add' invocation template at the top of the ip-macsec man
page formats with a pair of extra double quotes:
ip link add link DEVICE name NAME type macsec [ [ address <lladdr> ]
port PORT | sci <u64> ] [ cipher { default | gcm-aes-128 | gcm-
aes-256"}][" icvlen ICVLEN ] [ encrypt { on | off } ] [ send_sci { on |
This is due to missing whitespace around the gcm-aes-256 identifier
in the source file.
Fixes: b16f525323 ("Add support for configuring MACsec gcm-aes-256 cipher type.")
Signed-off-by: Lennert Buytenhek <buytenh@wantstofly.org>
Signed-off-by: David Ahern <dsahern@gmail.com>
Nikolay Aleksandrov says:
====================
This set adds support for vlan port/bridge multicast router option. It is
similar to the already existing bridge-wide mcast_router control. Patch 01
moves attribute adding and parsing together for vlan option setting,
similar to global vlan option setting. It simplifies adding new options
because we can avoid reserved values and additional checks. Patch 02
adds the new mcast_router option and updates the related man page.
Example:
# mark port ens16 as a permanent mcast router for vlan 100
$ bridge vlan set dev ens16 vid 100 mcast_router 2
# disable mcast router for port ens16 and vlan 200
$ bridge vlan set dev ens16 vid 200 mcast_router 0
$ bridge -d vlan show
port vlan-id
ens16 1 PVID Egress Untagged
state forwarding mcast_router 1
100
state forwarding mcast_router 2
200
state forwarding mcast_router 0
Note that this set depends on the latest kernel uapi headers.
====================
Signed-off-by: David Ahern <dsahern@kernel.org>
Add support for setting and dumping per-vlan/interface mcast_router
option. It controls the mcast router mode of a vlan/interface pair.
For bridge devices only modes 0 - 2 are allowed. The possible modes
are:
0 - disabled
1 - automatic router presence detection (default)
2 - permanent router
3 - temporary router (available only for ports)
Example:
# mark port ens16 as a permanent mcast router for vlan 100
$ bridge vlan set dev ens16 vid 100 mcast_router 2
# disable mcast router for port ens16 and vlan 200
$ bridge vlan set dev ens16 vid 200 mcast_router 0
$ bridge -d vlan show
port vlan-id
ens16 1 PVID Egress Untagged
state forwarding mcast_router 1
100
state forwarding mcast_router 2
200
state forwarding mcast_router 0
Signed-off-by: Nikolay Aleksandrov <nikolay@nvidia.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
Set vlan option attributes immediately while parsing to simplify the
checks, avoid having reserved values (e.g. -1 for unset var) and have
more limited scope for the variables. This is also similar to how global
vlan options are set. The attribute setting and checks are moved with
option parsing, no functional changes intended.
Signed-off-by: Nikolay Aleksandrov <nikolay@nvidia.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
Update kernel headers to commit:
27151f177827 ("Merge tag 'perf-tools-for-v5.15-2021-09-04' of git://git.kernel.org/pub/scm/linux/kernel/git/acme/linux")
Signed-off-by: David Ahern <dsahern@kernel.org>
Not sure if anyone uses the routel script. The script was
a combination of ip route, shell and awk doing command scraping.
It is now possible to do this much better using the JSON
output formats and python.
Rewriting also fixes the bug where the old script could not parse
the current output format. At the end was getting:
/usr/bin/routel: 48: shift: can't shift that many
The new script also has IPv6 as option.
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Signed-off-by: David Ahern <dsahern@kernel.org>
This script is old and limited to IPv4.
Using ip route command directly is better option.
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Signed-off-by: David Ahern <dsahern@kernel.org>
This script was from olden days of ifcfg.
I don't see any distribution using it and it is time to put
it out to pasture.
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Signed-off-by: David Ahern <dsahern@kernel.org>
This script was a one off hack for a special case.
Now that ip commands have better formatting, there is no
real reason for it.
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Signed-off-by: David Ahern <dsahern@kernel.org>
When creating a tap with multi_queue flag, this flag is not displayed
when dumping:
$ ip tuntap add tap23 mode tap multi_queue
$ ip tuntap
tap23: tap persist0x100
While at it, add a space between known flags and hexdump of unknown
ones.
Fixes: c41e038f48 ("iptuntap: allow creation of multi-queue tun/tap device")
Signed-off-by: David Marchand <david.marchand@redhat.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
