Skip to content

Commit

Permalink
bridge: per vlan dst_metadata netlink support
Browse files Browse the repository at this point in the history 
This patch adds support to attach per vlan tunnel info dst
metadata. This enables bridge driver to map vlan to tunnel_info
at ingress and egress. It uses the kernel dst_metadata infrastructure.

The initial use case is vlan to vni bridging, but the api is generic
to extend to any tunnel_info in the future:
    - Uapi to configure/unconfigure/dump per vlan tunnel data
    - netlink functions to configure vlan and tunnel_info mapping
    - Introduces bridge port flag BR_LWT_VLAN to enable attach/detach
    dst_metadata to bridged packets on ports. off by default.
    - changes to existing code is mainly refactor some existing vlan
    handling netlink code + hooks for new vlan tunnel code
    - I have kept the vlan tunnel code isolated in separate files.
    - most of the netlink vlan tunnel code is handling of vlan-tunid
    ranges (follows the vlan range handling code). To conserve space
    vlan-tunid by default are always dumped in ranges if applicable.

Use case:
example use for this is a vxlan bridging gateway or vtep
which maps vlans to vn-segments (or vnis).

iproute2 example (patched and pruned iproute2 output to just show
relevant fdb entries):
example shows same host mac learnt on two vni's and
vlan 100 maps to vni 1000, vlan 101 maps to vni 1001

before (netdev per vni):
$bridge fdb show | grep "00:02:00:00:00:03"
00:02:00:00:00:03 dev vxlan1001 vlan 101 master bridge
00:02:00:00:00:03 dev vxlan1001 dst 12.0.0.8 self
00:02:00:00:00:03 dev vxlan1000 vlan 100 master bridge
00:02:00:00:00:03 dev vxlan1000 dst 12.0.0.8 self

after this patch with collect metdata in bridged mode (single netdev):
$bridge fdb show | grep "00:02:00:00:00:03"
00:02:00:00:00:03 dev vxlan0 vlan 101 master bridge
00:02:00:00:00:03 dev vxlan0 src_vni 1001 dst 12.0.0.8 self
00:02:00:00:00:03 dev vxlan0 vlan 100 master bridge
00:02:00:00:00:03 dev vxlan0 src_vni 1000 dst 12.0.0.8 self

CC: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
  • Loading branch information
@roopa-prabhu @davem330
roopa-prabhu authored and davem330 committed Feb 3, 2017
1 parent b3c7ef0 commit efa5356
Show file tree
Hide file tree
Showing 7 changed files with 641 additions and 48 deletions.
5 changes: 3 additions & 2 deletions net/bridge/Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,8 @@ obj-$(CONFIG_BRIDGE) += bridge.o

bridge-y := br.o br_device.o br_fdb.o br_forward.o br_if.o br_input.o \
br_ioctl.o br_stp.o br_stp_bpdu.o \
br_stp_if.o br_stp_timer.o br_netlink.o
br_stp_if.o br_stp_timer.o br_netlink.o \
br_netlink_tunnel.o

bridge-$(CONFIG_SYSFS) += br_sysfs_if.o br_sysfs_br.o

Expand All @@ -18,7 +19,7 @@ obj-$(CONFIG_BRIDGE_NETFILTER) += br_netfilter.o

bridge-$(CONFIG_BRIDGE_IGMP_SNOOPING) += br_multicast.o br_mdb.o

bridge-$(CONFIG_BRIDGE_VLAN_FILTERING) += br_vlan.o
bridge-$(CONFIG_BRIDGE_VLAN_FILTERING) += br_vlan.o br_vlan_tunnel.o

bridge-$(CONFIG_NET_SWITCHDEV) += br_switchdev.o

Expand Down
140 changes: 95 additions & 45 deletions net/bridge/br_netlink.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@

#include "br_private.h"
#include "br_private_stp.h"
#include "br_private_tunnel.h"

static int __get_num_vlan_infos(struct net_bridge_vlan_group *vg,
u32 filter_mask)
Expand Down Expand Up @@ -95,9 +96,10 @@ static size_t br_get_link_af_size_filtered(const struct net_device *dev,
u32 filter_mask)
{
struct net_bridge_vlan_group *vg = NULL;
struct net_bridge_port *p;
struct net_bridge_port *p = NULL;
struct net_bridge *br;
int num_vlan_infos;
size_t vinfo_sz = 0;

rcu_read_lock();
if (br_port_exists(dev)) {
Expand All @@ -110,8 +112,13 @@ static size_t br_get_link_af_size_filtered(const struct net_device *dev,
num_vlan_infos = br_get_num_vlan_infos(vg, filter_mask);
rcu_read_unlock();

if (p && (p->flags & BR_VLAN_TUNNEL))
vinfo_sz += br_get_vlan_tunnel_info_size(vg);

/* Each VLAN is returned in bridge_vlan_info along with flags */
return num_vlan_infos * nla_total_size(sizeof(struct bridge_vlan_info));
vinfo_sz += num_vlan_infos * nla_total_size(sizeof(struct bridge_vlan_info));

return vinfo_sz;
}

static inline size_t br_port_info_size(void)
Expand All @@ -128,6 +135,7 @@ static inline size_t br_port_info_size(void)
+ nla_total_size(1) /* IFLA_BRPORT_UNICAST_FLOOD */
+ nla_total_size(1) /* IFLA_BRPORT_PROXYARP */
+ nla_total_size(1) /* IFLA_BRPORT_PROXYARP_WIFI */
+ nla_total_size(1) /* IFLA_BRPORT_VLAN_TUNNEL */
+ nla_total_size(sizeof(struct ifla_bridge_id)) /* IFLA_BRPORT_ROOT_ID */
+ nla_total_size(sizeof(struct ifla_bridge_id)) /* IFLA_BRPORT_BRIDGE_ID */
+ nla_total_size(sizeof(u16)) /* IFLA_BRPORT_DESIGNATED_PORT */
Expand Down Expand Up @@ -194,7 +202,9 @@ static int br_port_fill_attrs(struct sk_buff *skb,
nla_put_u16(skb, IFLA_BRPORT_NO, p->port_no) ||
nla_put_u8(skb, IFLA_BRPORT_TOPOLOGY_CHANGE_ACK,
p->topology_change_ack) ||
nla_put_u8(skb, IFLA_BRPORT_CONFIG_PENDING, p->config_pending))
nla_put_u8(skb, IFLA_BRPORT_CONFIG_PENDING, p->config_pending) ||
nla_put_u8(skb, IFLA_BRPORT_VLAN_TUNNEL, !!(p->flags &
BR_VLAN_TUNNEL)))
return -EMSGSIZE;

timerval = br_timer_value(&p->message_age_timer);
Expand Down Expand Up @@ -417,6 +427,9 @@ static int br_fill_ifinfo(struct sk_buff *skb,
err = br_fill_ifvlaninfo_compressed(skb, vg);
else
err = br_fill_ifvlaninfo(skb, vg);

if (port && (port->flags & BR_VLAN_TUNNEL))
err = br_fill_vlan_tunnel_info(skb, vg);
rcu_read_unlock();
if (err)
goto nla_put_failure;
Expand Down Expand Up @@ -517,60 +530,91 @@ static int br_vlan_info(struct net_bridge *br, struct net_bridge_port *p,
return err;
}

static int br_process_vlan_info(struct net_bridge *br,
struct net_bridge_port *p, int cmd,
struct bridge_vlan_info *vinfo_curr,
struct bridge_vlan_info **vinfo_last)
{
if (!vinfo_curr->vid || vinfo_curr->vid >= VLAN_VID_MASK)
return -EINVAL;

if (vinfo_curr->flags & BRIDGE_VLAN_INFO_RANGE_BEGIN) {
/* check if we are already processing a range */
if (*vinfo_last)
return -EINVAL;
*vinfo_last = vinfo_curr;
/* don't allow range of pvids */
if ((*vinfo_last)->flags & BRIDGE_VLAN_INFO_PVID)
return -EINVAL;
return 0;
}

if (*vinfo_last) {
struct bridge_vlan_info tmp_vinfo;
int v, err;

if (!(vinfo_curr->flags & BRIDGE_VLAN_INFO_RANGE_END))
return -EINVAL;

if (vinfo_curr->vid <= (*vinfo_last)->vid)
return -EINVAL;

memcpy(&tmp_vinfo, *vinfo_last,
sizeof(struct bridge_vlan_info));
for (v = (*vinfo_last)->vid; v <= vinfo_curr->vid; v++) {
tmp_vinfo.vid = v;
err = br_vlan_info(br, p, cmd, &tmp_vinfo);
if (err)
break;
}
*vinfo_last = NULL;

return 0;
}

return br_vlan_info(br, p, cmd, vinfo_curr);
}

static int br_afspec(struct net_bridge *br,
struct net_bridge_port *p,
struct nlattr *af_spec,
int cmd)
{
struct bridge_vlan_info *vinfo_start = NULL;
struct bridge_vlan_info *vinfo = NULL;
struct bridge_vlan_info *vinfo_curr = NULL;
struct bridge_vlan_info *vinfo_last = NULL;
struct nlattr *attr;
int err = 0;
int rem;
struct vtunnel_info tinfo_last = {};
struct vtunnel_info tinfo_curr = {};
int err = 0, rem;

nla_for_each_nested(attr, af_spec, rem) {
if (nla_type(attr) != IFLA_BRIDGE_VLAN_INFO)
continue;
if (nla_len(attr) != sizeof(struct bridge_vlan_info))
return -EINVAL;
vinfo = nla_data(attr);
if (!vinfo->vid || vinfo->vid >= VLAN_VID_MASK)
return -EINVAL;
if (vinfo->flags & BRIDGE_VLAN_INFO_RANGE_BEGIN) {
if (vinfo_start)
err = 0;
switch (nla_type(attr)) {
case IFLA_BRIDGE_VLAN_TUNNEL_INFO:
if (!(p->flags & BR_VLAN_TUNNEL))
return -EINVAL;
vinfo_start = vinfo;
/* don't allow range of pvids */
if (vinfo_start->flags & BRIDGE_VLAN_INFO_PVID)
err = br_parse_vlan_tunnel_info(attr, &tinfo_curr);
if (err)
return err;
err = br_process_vlan_tunnel_info(br, p, cmd,
&tinfo_curr,
&tinfo_last);
if (err)
return err;
break;
case IFLA_BRIDGE_VLAN_INFO:
if (nla_len(attr) != sizeof(struct bridge_vlan_info))
return -EINVAL;
continue;
vinfo_curr = nla_data(attr);
err = br_process_vlan_info(br, p, cmd, vinfo_curr,
&vinfo_last);
if (err)
return err;
break;
}

if (vinfo_start) {
struct bridge_vlan_info tmp_vinfo;
int v;

if (!(vinfo->flags & BRIDGE_VLAN_INFO_RANGE_END))
return -EINVAL;

if (vinfo->vid <= vinfo_start->vid)
return -EINVAL;

memcpy(&tmp_vinfo, vinfo_start,
sizeof(struct bridge_vlan_info));

for (v = vinfo_start->vid; v <= vinfo->vid; v++) {
tmp_vinfo.vid = v;
err = br_vlan_info(br, p, cmd, &tmp_vinfo);
if (err)
break;
}
vinfo_start = NULL;
} else {
err = br_vlan_info(br, p, cmd, vinfo);
}
if (err)
break;
return err;
}

return err;
Expand Down Expand Up @@ -630,8 +674,9 @@ static void br_set_port_flag(struct net_bridge_port *p, struct nlattr *tb[],
/* Process bridge protocol info on port */
static int br_setport(struct net_bridge_port *p, struct nlattr *tb[])
{
int err;
unsigned long old_flags = p->flags;
bool br_vlan_tunnel_old = false;
int err;

br_set_port_flag(p, tb, IFLA_BRPORT_MODE, BR_HAIRPIN_MODE);
br_set_port_flag(p, tb, IFLA_BRPORT_GUARD, BR_BPDU_GUARD);
Expand All @@ -644,6 +689,11 @@ static int br_setport(struct net_bridge_port *p, struct nlattr *tb[])
br_set_port_flag(p, tb, IFLA_BRPORT_PROXYARP, BR_PROXYARP);
br_set_port_flag(p, tb, IFLA_BRPORT_PROXYARP_WIFI, BR_PROXYARP_WIFI);

br_vlan_tunnel_old = (p->flags & BR_VLAN_TUNNEL) ? true : false;
br_set_port_flag(p, tb, IFLA_BRPORT_VLAN_TUNNEL, BR_VLAN_TUNNEL);
if (br_vlan_tunnel_old && !(p->flags & BR_VLAN_TUNNEL))
nbp_vlan_tunnel_info_flush(p);

if (tb[IFLA_BRPORT_COST]) {
err = br_stp_set_path_cost(p, nla_get_u32(tb[IFLA_BRPORT_COST]));
if (err)
Expand Down
Loading

0 comments on commit efa5356

Please sign in to comment.