* Correct tc-vlan usage
@ 2020-04-15 17:59 Vladimir Oltean
2020-04-15 18:13 ` Edward Cree
2020-04-20 14:37 ` Jiri Pirko
0 siblings, 2 replies; 6+ messages in thread
From: Vladimir Oltean @ 2020-04-15 17:59 UTC (permalink / raw)
To: Jiri Pirko, netdev
Hi,
I am trying to use tc-vlan to create a set of asymmetric tagging
rules: push VID X on egress, and pop VID Y on ingress. I am using
tc-vlan specifically because regular VLAN interfaces are unfit for
this purpose - the VID that gets pushed by the 8021q driver is the
same as the one that gets popped.
The rules look like this:
# tc filter show dev eno2 ingress
filter protocol 802.1Q pref 49150 flower chain 0
filter protocol 802.1Q pref 49150 flower chain 0 handle 0x1
vlan_id 103
dst_mac 00:04:9f:63:35:eb
not_in_hw
action order 1: vlan pop pipe
index 6 ref 1 bind 1
filter protocol 802.1Q pref 49151 flower chain 0
filter protocol 802.1Q pref 49151 flower chain 0 handle 0x1
vlan_id 102
dst_mac 00:04:9f:63:35:eb
not_in_hw
action order 1: vlan pop pipe
index 5 ref 1 bind 1
filter protocol 802.1Q pref 49152 flower chain 0
filter protocol 802.1Q pref 49152 flower chain 0 handle 0x1
vlan_id 101
dst_mac 00:04:9f:63:35:eb
not_in_hw
action order 1: vlan pop pipe
index 4 ref 1 bind 1
# tc filter show dev eno2 egress
filter protocol all pref 49150 flower chain 0
filter protocol all pref 49150 flower chain 0 handle 0x1
dst_mac 00:04:9f:63:35:ec
not_in_hw
action order 1: vlan push id 102 protocol 802.1Q priority 0 pipe
index 3 ref 1 bind 1
filter protocol all pref 49151 flower chain 0
filter protocol all pref 49151 flower chain 0 handle 0x1
dst_mac 00:04:9f:63:35:eb
not_in_hw
action order 1: vlan push id 102 protocol 802.1Q priority 0 pipe
index 2 ref 1 bind 1
filter protocol all pref 49152 flower chain 0
filter protocol all pref 49152 flower chain 0 handle 0x1
dst_mac 00:04:9f:63:35:ea
not_in_hw
action order 1: vlan push id 102 protocol 802.1Q priority 0 pipe
index 1 ref 1 bind 1
My problem is that the VLAN tags are discarded by the network
interface's RX filter:
# ethtool -S eno2
SI VLAN nomatch u-cast discards: 1280
and this is because nobody calls .ndo_vlan_rx_add_vid for these VLANs
(only the 8021q driver does). This makes me think that I am using the
tc-vlan driver incorrectly. What step am I missing?
Thanks,
-Vladimir
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: Correct tc-vlan usage
2020-04-15 17:59 Correct tc-vlan usage Vladimir Oltean
@ 2020-04-15 18:13 ` Edward Cree
2020-04-15 18:14 ` Vladimir Oltean
2020-04-20 14:37 ` Jiri Pirko
1 sibling, 1 reply; 6+ messages in thread
From: Edward Cree @ 2020-04-15 18:13 UTC (permalink / raw)
To: Vladimir Oltean, Jiri Pirko, netdev
On 15/04/2020 18:59, Vladimir Oltean wrote:
> My problem is that the VLAN tags are discarded by the network
> interface's RX filter:
>
> # ethtool -S eno2
> SI VLAN nomatch u-cast discards: 1280
>
> and this is because nobody calls .ndo_vlan_rx_add_vid for these VLANs
> (only the 8021q driver does).
You could try creating the VLAN interfaces anyway; no traffic will hit
them, because the tc rule popped the VLAN, but they'll call the ndo.
Idk if that'll actually work though... and it'd still be possible to
TX through the VLAN devices, which you don't want.
-ed
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: Correct tc-vlan usage
2020-04-15 18:13 ` Edward Cree
@ 2020-04-15 18:14 ` Vladimir Oltean
0 siblings, 0 replies; 6+ messages in thread
From: Vladimir Oltean @ 2020-04-15 18:14 UTC (permalink / raw)
To: Edward Cree; +Cc: Jiri Pirko, netdev
Hi Edward,
On Wed, 15 Apr 2020 at 21:13, Edward Cree <ecree@solarflare.com> wrote:
>
> On 15/04/2020 18:59, Vladimir Oltean wrote:
> > My problem is that the VLAN tags are discarded by the network
> > interface's RX filter:
> >
> > # ethtool -S eno2
> > SI VLAN nomatch u-cast discards: 1280
> >
> > and this is because nobody calls .ndo_vlan_rx_add_vid for these VLANs
> > (only the 8021q driver does).
> You could try creating the VLAN interfaces anyway; no traffic will hit
> them, because the tc rule popped the VLAN, but they'll call the ndo.
> Idk if that'll actually work though... and it'd still be possible to
> TX through the VLAN devices, which you don't want.
>
> -ed
That is what I'm already doing. I'm keeping the VLAN subinterfaces
down and it works. It seems like misuse though...
Thanks,
-Vladimir
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: Correct tc-vlan usage
2020-04-15 17:59 Correct tc-vlan usage Vladimir Oltean
2020-04-15 18:13 ` Edward Cree
@ 2020-04-20 14:37 ` Jiri Pirko
2020-04-21 18:26 ` Vladimir Oltean
1 sibling, 1 reply; 6+ messages in thread
From: Jiri Pirko @ 2020-04-20 14:37 UTC (permalink / raw)
To: Vladimir Oltean; +Cc: netdev
Wed, Apr 15, 2020 at 07:59:06PM CEST, olteanv@gmail.com wrote:
>Hi,
>
>I am trying to use tc-vlan to create a set of asymmetric tagging
>rules: push VID X on egress, and pop VID Y on ingress. I am using
>tc-vlan specifically because regular VLAN interfaces are unfit for
>this purpose - the VID that gets pushed by the 8021q driver is the
>same as the one that gets popped.
>The rules look like this:
>
># tc filter show dev eno2 ingress
>filter protocol 802.1Q pref 49150 flower chain 0
>filter protocol 802.1Q pref 49150 flower chain 0 handle 0x1
> vlan_id 103
> dst_mac 00:04:9f:63:35:eb
> not_in_hw
> action order 1: vlan pop pipe
> index 6 ref 1 bind 1
>
>filter protocol 802.1Q pref 49151 flower chain 0
>filter protocol 802.1Q pref 49151 flower chain 0 handle 0x1
> vlan_id 102
> dst_mac 00:04:9f:63:35:eb
> not_in_hw
> action order 1: vlan pop pipe
> index 5 ref 1 bind 1
>
>filter protocol 802.1Q pref 49152 flower chain 0
>filter protocol 802.1Q pref 49152 flower chain 0 handle 0x1
> vlan_id 101
> dst_mac 00:04:9f:63:35:eb
> not_in_hw
> action order 1: vlan pop pipe
> index 4 ref 1 bind 1
>
># tc filter show dev eno2 egress
>filter protocol all pref 49150 flower chain 0
>filter protocol all pref 49150 flower chain 0 handle 0x1
> dst_mac 00:04:9f:63:35:ec
> not_in_hw
> action order 1: vlan push id 102 protocol 802.1Q priority 0 pipe
> index 3 ref 1 bind 1
>
>filter protocol all pref 49151 flower chain 0
>filter protocol all pref 49151 flower chain 0 handle 0x1
> dst_mac 00:04:9f:63:35:eb
> not_in_hw
> action order 1: vlan push id 102 protocol 802.1Q priority 0 pipe
> index 2 ref 1 bind 1
>
>filter protocol all pref 49152 flower chain 0
>filter protocol all pref 49152 flower chain 0 handle 0x1
> dst_mac 00:04:9f:63:35:ea
> not_in_hw
> action order 1: vlan push id 102 protocol 802.1Q priority 0 pipe
> index 1 ref 1 bind 1
>
>My problem is that the VLAN tags are discarded by the network
>interface's RX filter:
>
># ethtool -S eno2
> SI VLAN nomatch u-cast discards: 1280
>
>and this is because nobody calls .ndo_vlan_rx_add_vid for these VLANs
>(only the 8021q driver does). This makes me think that I am using the
>tc-vlan driver incorrectly. What step am I missing?
Hmm, that is a good point. Someone should add the vid to the filter. I
believe that "someone" should be the driver in case of flow_offload.
>
>Thanks,
>-Vladimir
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: Correct tc-vlan usage
2020-04-20 14:37 ` Jiri Pirko
@ 2020-04-21 18:26 ` Vladimir Oltean
2020-04-21 19:51 ` Jiri Pirko
0 siblings, 1 reply; 6+ messages in thread
From: Vladimir Oltean @ 2020-04-21 18:26 UTC (permalink / raw)
To: Jiri Pirko; +Cc: netdev
Hi Jiri,
On Mon, 20 Apr 2020 at 17:37, Jiri Pirko <jiri@resnulli.us> wrote:
>
> Wed, Apr 15, 2020 at 07:59:06PM CEST, olteanv@gmail.com wrote:
> >Hi,
> >
> >I am trying to use tc-vlan to create a set of asymmetric tagging
> >rules: push VID X on egress, and pop VID Y on ingress. I am using
> >tc-vlan specifically because regular VLAN interfaces are unfit for
> >this purpose - the VID that gets pushed by the 8021q driver is the
> >same as the one that gets popped.
> >The rules look like this:
> >
> ># tc filter show dev eno2 ingress
> >filter protocol 802.1Q pref 49150 flower chain 0
> >filter protocol 802.1Q pref 49150 flower chain 0 handle 0x1
> > vlan_id 103
> > dst_mac 00:04:9f:63:35:eb
> > not_in_hw
> > action order 1: vlan pop pipe
> > index 6 ref 1 bind 1
> >
> >filter protocol 802.1Q pref 49151 flower chain 0
> >filter protocol 802.1Q pref 49151 flower chain 0 handle 0x1
> > vlan_id 102
> > dst_mac 00:04:9f:63:35:eb
> > not_in_hw
> > action order 1: vlan pop pipe
> > index 5 ref 1 bind 1
> >
> >filter protocol 802.1Q pref 49152 flower chain 0
> >filter protocol 802.1Q pref 49152 flower chain 0 handle 0x1
> > vlan_id 101
> > dst_mac 00:04:9f:63:35:eb
> > not_in_hw
> > action order 1: vlan pop pipe
> > index 4 ref 1 bind 1
> >
> ># tc filter show dev eno2 egress
> >filter protocol all pref 49150 flower chain 0
> >filter protocol all pref 49150 flower chain 0 handle 0x1
> > dst_mac 00:04:9f:63:35:ec
> > not_in_hw
> > action order 1: vlan push id 102 protocol 802.1Q priority 0 pipe
> > index 3 ref 1 bind 1
> >
> >filter protocol all pref 49151 flower chain 0
> >filter protocol all pref 49151 flower chain 0 handle 0x1
> > dst_mac 00:04:9f:63:35:eb
> > not_in_hw
> > action order 1: vlan push id 102 protocol 802.1Q priority 0 pipe
> > index 2 ref 1 bind 1
> >
> >filter protocol all pref 49152 flower chain 0
> >filter protocol all pref 49152 flower chain 0 handle 0x1
> > dst_mac 00:04:9f:63:35:ea
> > not_in_hw
> > action order 1: vlan push id 102 protocol 802.1Q priority 0 pipe
> > index 1 ref 1 bind 1
> >
> >My problem is that the VLAN tags are discarded by the network
> >interface's RX filter:
> >
> ># ethtool -S eno2
> > SI VLAN nomatch u-cast discards: 1280
> >
> >and this is because nobody calls .ndo_vlan_rx_add_vid for these VLANs
> >(only the 8021q driver does). This makes me think that I am using the
> >tc-vlan driver incorrectly. What step am I missing?
>
> Hmm, that is a good point. Someone should add the vid to the filter. I
> believe that "someone" should be the driver in case of flow_offload.
>
>
>
> >
> >Thanks,
> >-Vladimir
This is not with flow_offload, this is a simple software filter.
Somebody needs to add the VLAN of the _key_ to the RX filter of the
interface.
Thanks,
-Vladimir
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: Correct tc-vlan usage
2020-04-21 18:26 ` Vladimir Oltean
@ 2020-04-21 19:51 ` Jiri Pirko
0 siblings, 0 replies; 6+ messages in thread
From: Jiri Pirko @ 2020-04-21 19:51 UTC (permalink / raw)
To: Vladimir Oltean; +Cc: netdev
Tue, Apr 21, 2020 at 08:26:42PM CEST, olteanv@gmail.com wrote:
>Hi Jiri,
>
>On Mon, 20 Apr 2020 at 17:37, Jiri Pirko <jiri@resnulli.us> wrote:
>>
>> Wed, Apr 15, 2020 at 07:59:06PM CEST, olteanv@gmail.com wrote:
>> >Hi,
>> >
>> >I am trying to use tc-vlan to create a set of asymmetric tagging
>> >rules: push VID X on egress, and pop VID Y on ingress. I am using
>> >tc-vlan specifically because regular VLAN interfaces are unfit for
>> >this purpose - the VID that gets pushed by the 8021q driver is the
>> >same as the one that gets popped.
>> >The rules look like this:
>> >
>> ># tc filter show dev eno2 ingress
>> >filter protocol 802.1Q pref 49150 flower chain 0
>> >filter protocol 802.1Q pref 49150 flower chain 0 handle 0x1
>> > vlan_id 103
>> > dst_mac 00:04:9f:63:35:eb
>> > not_in_hw
>> > action order 1: vlan pop pipe
>> > index 6 ref 1 bind 1
>> >
>> >filter protocol 802.1Q pref 49151 flower chain 0
>> >filter protocol 802.1Q pref 49151 flower chain 0 handle 0x1
>> > vlan_id 102
>> > dst_mac 00:04:9f:63:35:eb
>> > not_in_hw
>> > action order 1: vlan pop pipe
>> > index 5 ref 1 bind 1
>> >
>> >filter protocol 802.1Q pref 49152 flower chain 0
>> >filter protocol 802.1Q pref 49152 flower chain 0 handle 0x1
>> > vlan_id 101
>> > dst_mac 00:04:9f:63:35:eb
>> > not_in_hw
>> > action order 1: vlan pop pipe
>> > index 4 ref 1 bind 1
>> >
>> ># tc filter show dev eno2 egress
>> >filter protocol all pref 49150 flower chain 0
>> >filter protocol all pref 49150 flower chain 0 handle 0x1
>> > dst_mac 00:04:9f:63:35:ec
>> > not_in_hw
>> > action order 1: vlan push id 102 protocol 802.1Q priority 0 pipe
>> > index 3 ref 1 bind 1
>> >
>> >filter protocol all pref 49151 flower chain 0
>> >filter protocol all pref 49151 flower chain 0 handle 0x1
>> > dst_mac 00:04:9f:63:35:eb
>> > not_in_hw
>> > action order 1: vlan push id 102 protocol 802.1Q priority 0 pipe
>> > index 2 ref 1 bind 1
>> >
>> >filter protocol all pref 49152 flower chain 0
>> >filter protocol all pref 49152 flower chain 0 handle 0x1
>> > dst_mac 00:04:9f:63:35:ea
>> > not_in_hw
>> > action order 1: vlan push id 102 protocol 802.1Q priority 0 pipe
>> > index 1 ref 1 bind 1
>> >
>> >My problem is that the VLAN tags are discarded by the network
>> >interface's RX filter:
>> >
>> ># ethtool -S eno2
>> > SI VLAN nomatch u-cast discards: 1280
>> >
>> >and this is because nobody calls .ndo_vlan_rx_add_vid for these VLANs
>> >(only the 8021q driver does). This makes me think that I am using the
>> >tc-vlan driver incorrectly. What step am I missing?
>>
>> Hmm, that is a good point. Someone should add the vid to the filter. I
>> believe that "someone" should be the driver in case of flow_offload.
>>
>>
>>
>> >
>> >Thanks,
>> >-Vladimir
>
>This is not with flow_offload, this is a simple software filter.
>Somebody needs to add the VLAN of the _key_ to the RX filter of the
>interface.
Hmm, right. So the TC wants to manipulate with VLAN, it would make sense
for it to add the vlan to the filter.
>
>Thanks,
>-Vladimir
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2020-04-21 19:51 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-04-15 17:59 Correct tc-vlan usage Vladimir Oltean
2020-04-15 18:13 ` Edward Cree
2020-04-15 18:14 ` Vladimir Oltean
2020-04-20 14:37 ` Jiri Pirko
2020-04-21 18:26 ` Vladimir Oltean
2020-04-21 19:51 ` Jiri Pirko
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.