* [PATCH iproute2-next 1/2] man: ip link: document GRE tunnels
@ 2018-04-19 10:22 Sabrina Dubroca
2018-04-19 10:22 ` [PATCH iproute2-next 2/2] gre/gre6: allow clearing {,i,o}{key,seq,csum} flags Sabrina Dubroca
0 siblings, 1 reply; 3+ messages in thread
From: Sabrina Dubroca @ 2018-04-19 10:22 UTC (permalink / raw)
To: netdev; +Cc: dsahern, Sabrina Dubroca
GRE tunnels are currently only documented together with IPIP and SIT
tunnels, but they actually have very different configuration
options. Let's separate them.
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
---
man/man8/ip-link.8.in | 152 ++++++++++++++++++++++++++++++++++++++++--
1 file changed, 148 insertions(+), 4 deletions(-)
diff --git a/man/man8/ip-link.8.in b/man/man8/ip-link.8.in
index 5dee9fcd627a..77ab8a3b9723 100644
--- a/man/man8/ip-link.8.in
+++ b/man/man8/ip-link.8.in
@@ -693,13 +693,13 @@ tunnel.
.in -8
.TP
-GRE, IPIP, SIT Type Support
-For a link of types
-.I GRE/IPIP/SIT
+IPIP, SIT Type Support
+For a link of type
+.IR IPIP or SIT
the following additional arguments are supported:
.BI "ip link add " DEVICE
-.BR type " { " gre " | " ipip " | " sit " }"
+.BR type " { " ipip " | " sit " }"
.BI " remote " ADDR " local " ADDR
[
.BR encap " { " fou " | " gue " | " none " }"
@@ -764,6 +764,150 @@ IPv6-Over-IPv4 is not supported for IPIP.
- make this tunnel externally controlled
.RB "(e.g. " "ip route encap" ).
+.in -8
+.TP
+GRE Type Support
+For a link of type
+.IR GRE " or " GRETAP
+the following additional arguments are supported:
+
+.BI "ip link add " DEVICE
+.BR type " { " gre " | " gretap " }"
+.BI " remote " ADDR " local " ADDR
+[
+.RB [ i | o ] seq
+] [
+.RB [ i | o ] key
+.I KEY
+] [
+.RB [ i | o ] csum
+] [
+.BI ttl " TTL "
+] [
+.BI tos " TOS "
+] [
+.RB [ no ] pmtudisc
+] [
+.RB [ no ] ignore-df
+] [
+.BI dev " PHYS_DEV "
+] [
+.BR encap " { " fou " | " gue " | " none " }"
+] [
+.BR encap-sport " { " \fIPORT " | " auto " }"
+] [
+.BI "encap-dport " PORT
+] [
+.RB [ no ] encap-csum
+] [
+.RB [ no ] encap-remcsum
+] [
+.BR external
+]
+
+.in +8
+.sp
+.BI remote " ADDR "
+- specifies the remote address of the tunnel.
+
+.sp
+.BI local " ADDR "
+- specifies the fixed local address for tunneled packets.
+It must be an address on another interface on this host.
+
+.sp
+.RB [ i | o ] seq
+- serialize packets.
+The
+.B oseq
+flag enables sequencing of outgoing packets.
+The
+.B iseq
+flag requires that all input packets are serialized.
+
+.sp
+.RB [ i | o ] key
+.I KEY
+- use keyed GRE with key
+.IR KEY ". "KEY
+is either a number or an IPv4 address-like dotted quad.
+The
+.B key
+parameter specifies the same key to use in both directions.
+The
+.BR ikey " and " okey
+parameters specify different keys for input and output.
+
+.sp
+.RB [ i | o ] csum
+- generate/require checksums for tunneled packets.
+The
+.B ocsum
+flag calculates checksums for outgoing packets.
+The
+.B icsum
+flag requires that all input packets have the correct
+checksum. The
+.B csum
+flag is equivalent to the combination
+.B "icsum ocsum" .
+
+.sp
+.BI ttl " TTL"
+- specifies the TTL value to use in outgoing packets.
+
+.sp
+.BI tos " TOS"
+- specifies the TOS value to use in outgoing packets.
+
+.sp
+.RB [ no ] pmtudisc
+- enables/disables Path MTU Discovery on this tunnel.
+It is enabled by default. Note that a fixed ttl is incompatible
+with this option: tunneling with a fixed ttl always makes pmtu
+discovery.
+
+.sp
+.RB [ no ] ignore-df
+- enables/disables IPv4 DF suppression on this tunnel.
+Normally datagrams that exceed the MTU will be fragmented; the presence
+of the DF flag inhibits this, resulting instead in an ICMP Unreachable
+(Fragmentation Required) message. Enabling this attribute casues the
+DF flag to be ignored.
+
+.sp
+.BI dev " PHYS_DEV"
+- specifies the physical device to use for tunnel endpoint communication.
+
+.sp
+.BR encap " { " fou " | " gue " | " none " }"
+- specifies type of secondary UDP encapsulation. "fou" indicates
+Foo-Over-UDP, "gue" indicates Generic UDP Encapsulation.
+
+.sp
+.BR encap-sport " { " \fIPORT " | " auto " }"
+- specifies the source port in UDP encapsulation.
+.IR PORT
+indicates the port by number, "auto"
+indicates that the port number should be chosen automatically
+(the kernel picks a flow based on the flow hash of the
+encapsulated packet).
+
+.sp
+.RB [ no ] encap-csum
+- specifies if UDP checksums are enabled in the secondary
+encapsulation.
+
+.sp
+.RB [ no ] encap-remcsum
+- specifies if Remote Checksum Offload is enabled. This is only
+applicable for Generic UDP Encapsulation.
+
+.sp
+.BR external
+- make this tunnel externally controlled
+.RB "(e.g. " "ip route encap" ).
+
.in -8
.TP
--
2.17.0
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [PATCH iproute2-next 2/2] gre/gre6: allow clearing {,i,o}{key,seq,csum} flags
2018-04-19 10:22 [PATCH iproute2-next 1/2] man: ip link: document GRE tunnels Sabrina Dubroca
@ 2018-04-19 10:22 ` Sabrina Dubroca
2018-04-19 10:40 ` Sabrina Dubroca
0 siblings, 1 reply; 3+ messages in thread
From: Sabrina Dubroca @ 2018-04-19 10:22 UTC (permalink / raw)
To: netdev; +Cc: dsahern, Sabrina Dubroca
Currently, iproute allows setting those flags, but it's impossible to
clear them, since their current value is fetched from the kernel and
then we OR in the additional flags passed on the command line.
Add no* variants to allow clearing them.
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
---
ip/link_gre.c | 27 ++++++++++++++++++++++++---
ip/link_gre6.c | 27 ++++++++++++++++++++++++---
man/man8/ip-link.8.in | 27 ++++++++++++++++++---------
3 files changed, 66 insertions(+), 15 deletions(-)
diff --git a/ip/link_gre.c b/ip/link_gre.c
index bc1cee8fbca2..4c8849f7051d 100644
--- a/ip/link_gre.c
+++ b/ip/link_gre.c
@@ -31,9 +31,9 @@ static void gre_print_help(struct link_util *lu, int argc, char **argv, FILE *f)
);
fprintf(f,
" [ local ADDR ]\n"
- " [ [i|o]seq ]\n"
- " [ [i|o]key KEY ]\n"
- " [ [i|o]csum ]\n"
+ " [ [no][i|o]seq ]\n"
+ " [ [i|o]key KEY | no[i|o]key ]\n"
+ " [ [no][i|o]csum ]\n"
" [ ttl TTL ]\n"
" [ tos TOS ]\n"
" [ [no]pmtudisc ]\n"
@@ -210,28 +210,49 @@ get_failed:
iflags |= GRE_KEY;
oflags |= GRE_KEY;
ikey = okey = tnl_parse_key("key", *argv);
+ } else if (!matches(*argv, "nokey")) {
+ iflags &= ~GRE_KEY;
+ oflags &= ~GRE_KEY;
} else if (!matches(*argv, "ikey")) {
NEXT_ARG();
iflags |= GRE_KEY;
ikey = tnl_parse_key("ikey", *argv);
+ } else if (!matches(*argv, "noikey")) {
+ iflags &= ~GRE_KEY;
} else if (!matches(*argv, "okey")) {
NEXT_ARG();
oflags |= GRE_KEY;
okey = tnl_parse_key("okey", *argv);
+ } else if (!matches(*argv, "noikey")) {
+ iflags &= ~GRE_KEY;
} else if (!matches(*argv, "seq")) {
iflags |= GRE_SEQ;
oflags |= GRE_SEQ;
+ } else if (!matches(*argv, "noseq")) {
+ iflags &= ~GRE_SEQ;
+ oflags &= ~GRE_SEQ;
} else if (!matches(*argv, "iseq")) {
iflags |= GRE_SEQ;
+ } else if (!matches(*argv, "noiseq")) {
+ iflags &= ~GRE_SEQ;
} else if (!matches(*argv, "oseq")) {
oflags |= GRE_SEQ;
+ } else if (!matches(*argv, "nooseq")) {
+ oflags &= ~GRE_SEQ;
} else if (!matches(*argv, "csum")) {
iflags |= GRE_CSUM;
oflags |= GRE_CSUM;
+ } else if (!matches(*argv, "nocsum")) {
+ iflags &= ~GRE_CSUM;
+ oflags &= ~GRE_CSUM;
} else if (!matches(*argv, "icsum")) {
iflags |= GRE_CSUM;
+ } else if (!matches(*argv, "noicsum")) {
+ iflags &= ~GRE_CSUM;
} else if (!matches(*argv, "ocsum")) {
oflags |= GRE_CSUM;
+ } else if (!matches(*argv, "noocsum")) {
+ oflags &= ~GRE_CSUM;
} else if (!matches(*argv, "nopmtudisc")) {
pmtudisc = 0;
} else if (!matches(*argv, "pmtudisc")) {
diff --git a/ip/link_gre6.c b/ip/link_gre6.c
index a6fe0b73d235..542da0c3ccc9 100644
--- a/ip/link_gre6.c
+++ b/ip/link_gre6.c
@@ -38,9 +38,9 @@ static void gre_print_help(struct link_util *lu, int argc, char **argv, FILE *f)
);
fprintf(f,
" [ local ADDR ]\n"
- " [ [i|o]seq ]\n"
- " [ [i|o]key KEY ]\n"
- " [ [i|o]csum ]\n"
+ " [ [no][i|o]seq ]\n"
+ " [ [i|o]key KEY | no[i|o]key ]\n"
+ " [ [no][i|o]csum ]\n"
" [ hoplimit TTL ]\n"
" [ encaplimit ELIM ]\n"
" [ tclass TCLASS ]\n"
@@ -220,28 +220,49 @@ get_failed:
iflags |= GRE_KEY;
oflags |= GRE_KEY;
ikey = okey = tnl_parse_key("key", *argv);
+ } else if (!matches(*argv, "nokey")) {
+ iflags &= ~GRE_KEY;
+ oflags &= ~GRE_KEY;
} else if (!matches(*argv, "ikey")) {
NEXT_ARG();
iflags |= GRE_KEY;
ikey = tnl_parse_key("ikey", *argv);
+ } else if (!matches(*argv, "noikey")) {
+ iflags &= ~GRE_KEY;
} else if (!matches(*argv, "okey")) {
NEXT_ARG();
oflags |= GRE_KEY;
okey = tnl_parse_key("okey", *argv);
+ } else if (!matches(*argv, "noikey")) {
+ iflags &= ~GRE_KEY;
} else if (!matches(*argv, "seq")) {
iflags |= GRE_SEQ;
oflags |= GRE_SEQ;
+ } else if (!matches(*argv, "noseq")) {
+ iflags &= ~GRE_SEQ;
+ oflags &= ~GRE_SEQ;
} else if (!matches(*argv, "iseq")) {
iflags |= GRE_SEQ;
+ } else if (!matches(*argv, "noiseq")) {
+ iflags &= ~GRE_SEQ;
} else if (!matches(*argv, "oseq")) {
oflags |= GRE_SEQ;
+ } else if (!matches(*argv, "nooseq")) {
+ oflags &= ~GRE_SEQ;
} else if (!matches(*argv, "csum")) {
iflags |= GRE_CSUM;
oflags |= GRE_CSUM;
+ } else if (!matches(*argv, "nocsum")) {
+ iflags &= ~GRE_CSUM;
+ oflags &= ~GRE_CSUM;
} else if (!matches(*argv, "icsum")) {
iflags |= GRE_CSUM;
+ } else if (!matches(*argv, "noicsum")) {
+ iflags &= ~GRE_CSUM;
} else if (!matches(*argv, "ocsum")) {
oflags |= GRE_CSUM;
+ } else if (!matches(*argv, "noocsum")) {
+ oflags &= ~GRE_CSUM;
} else if (!matches(*argv, "remote")) {
NEXT_ARG();
get_addr(&daddr, *argv, AF_INET6);
diff --git a/man/man8/ip-link.8.in b/man/man8/ip-link.8.in
index 77ab8a3b9723..83ef3cae54b9 100644
--- a/man/man8/ip-link.8.in
+++ b/man/man8/ip-link.8.in
@@ -775,12 +775,14 @@ the following additional arguments are supported:
.BR type " { " gre " | " gretap " }"
.BI " remote " ADDR " local " ADDR
[
-.RB [ i | o ] seq
+.RB [ no ] "" [ i | o ] seq
] [
.RB [ i | o ] key
.I KEY
+|
+.BR no [ i | o ] key
] [
-.RB [ i | o ] csum
+.RB [ no ] "" [ i | o ] csum
] [
.BI ttl " TTL "
] [
@@ -816,7 +818,7 @@ the following additional arguments are supported:
It must be an address on another interface on this host.
.sp
-.RB [ i | o ] seq
+.RB [ no ] "" [ i | o ] seq
- serialize packets.
The
.B oseq
@@ -828,6 +830,8 @@ flag requires that all input packets are serialized.
.sp
.RB [ i | o ] key
.I KEY
+|
+.BR no [ i | o ] key
- use keyed GRE with key
.IR KEY ". "KEY
is either a number or an IPv4 address-like dotted quad.
@@ -839,7 +843,7 @@ The
parameters specify different keys for input and output.
.sp
-.RB [ i | o ] csum
+.RB [ no ] "" [ i | o ] csum
- generate/require checksums for tunneled packets.
The
.B ocsum
@@ -920,12 +924,14 @@ the following additional arguments are supported:
.BR type " { " ip6gre " | " ip6gretap " }"
.BI remote " ADDR " local " ADDR"
[
-.RB [ i | o ] seq
+.RB [ no ] "" [ i | o ] seq
] [
.RB [ i | o ] key
.I KEY
+|
+.BR no [ i | o ] key
] [
-.RB [ i | o ] csum
+.RB [ no ] "" [ i | o ] csum
] [
.BI hoplimit " TTL "
] [
@@ -955,7 +961,7 @@ the following additional arguments are supported:
It must be an address on another interface on this host.
.sp
-.RB [ i | o ] seq
+.RB [ no ] "" [ i | o ] seq
- serialize packets.
The
.B oseq
@@ -965,7 +971,10 @@ The
flag requires that all input packets are serialized.
.sp
-.RB [ i | o ] key " \fIKEY"
+.RB [ i | o ] key
+.I KEY
+|
+.BR no [ i | o ] key
- use keyed GRE with key
.IR KEY ". "KEY
is either a number or an IPv4 address-like dotted quad.
@@ -977,7 +986,7 @@ The
parameters specify different keys for input and output.
.sp
-.RB [ i | o ] csum
+.RB [ no ] "" [ i | o ] csum
- generate/require checksums for tunneled packets.
The
.B ocsum
--
2.17.0
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH iproute2-next 2/2] gre/gre6: allow clearing {,i,o}{key,seq,csum} flags
2018-04-19 10:22 ` [PATCH iproute2-next 2/2] gre/gre6: allow clearing {,i,o}{key,seq,csum} flags Sabrina Dubroca
@ 2018-04-19 10:40 ` Sabrina Dubroca
0 siblings, 0 replies; 3+ messages in thread
From: Sabrina Dubroca @ 2018-04-19 10:40 UTC (permalink / raw)
To: netdev; +Cc: dsahern
2018-04-19, 12:22:42 +0200, Sabrina Dubroca wrote:
> @@ -210,28 +210,49 @@ get_failed:
> iflags |= GRE_KEY;
> oflags |= GRE_KEY;
> ikey = okey = tnl_parse_key("key", *argv);
> + } else if (!matches(*argv, "nokey")) {
> + iflags &= ~GRE_KEY;
> + oflags &= ~GRE_KEY;
> } else if (!matches(*argv, "ikey")) {
> NEXT_ARG();
> iflags |= GRE_KEY;
> ikey = tnl_parse_key("ikey", *argv);
> + } else if (!matches(*argv, "noikey")) {
> + iflags &= ~GRE_KEY;
> } else if (!matches(*argv, "okey")) {
> NEXT_ARG();
> oflags |= GRE_KEY;
> okey = tnl_parse_key("okey", *argv);
> + } else if (!matches(*argv, "noikey")) {
> + iflags &= ~GRE_KEY;
Sorry, posted the wrong version. I'll send v2 after I've had a bucket
of coffee.
--
Sabrina
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2018-04-19 10:40 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-04-19 10:22 [PATCH iproute2-next 1/2] man: ip link: document GRE tunnels Sabrina Dubroca
2018-04-19 10:22 ` [PATCH iproute2-next 2/2] gre/gre6: allow clearing {,i,o}{key,seq,csum} flags Sabrina Dubroca
2018-04-19 10:40 ` Sabrina Dubroca
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.