* [PATCH net-next V11 0/4] openvswitch: Add support for 802.1AD
@ 2015-06-23 18:26 Thomas F Herbert
[not found] ` <1435083990-12986-1-git-send-email-thomasfherbert-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
` (2 more replies)
0 siblings, 3 replies; 11+ messages in thread
From: Thomas F Herbert @ 2015-06-23 18:26 UTC (permalink / raw)
To: netdev-u79uwXL29TY76Z2rM5mHXA, pshelar-l0M0P4e3n4LQT0dZR+AlfA
Cc: dev-yBygre7rU0TnMu66kgdUjQ, therbert-H+wXaHxf7aLQT0dZR+AlfA
V11: Add inner tpid to flow key. Fix separate inner encap attribute
when parsing netlink attributes. Merge 2 patches to consolidate
qinq changes.
V10: Implement reviewer comments: Consolidate vlan parsing functions.
Splits netlink parsing and flow conversion into a separate patch. Uses
double encap attribute encapsulation for 802.1ad. Netlink attributes
now look like this:
eth_type(0x88a8),vlan(vid=100),encap(eth_type(0x8100), vlan(vid=200),
encap(eth_type(0x0800), ...))
The double encap atributes in this version of the patch is incompatible with
old versions of the user level 802.1ad patch. A new user level patch which
is also being submitted simultaneously to openvswitch dev mailing list.
V9: Includes changes suggested by reviewers
V8: Includes changes suggested by reviewers
V7: Includes changes suggested by reviewers
V6: Rebased to net-next
V5: Use encapsulated attributes
Although the Open Flow specification specified support for 802.1AD (qinq)
as well as push and pop vlan headers, So far Open vSwitch has only
supported a single tag header.
This patch accompanies version 10 of the user level openvswitch patch
submitted to openvswitch dev list.
For discussion, history and previous versions of the kernel module
patch and the user code patch see the OVS dev mailing list,
openvswitch.org/pipermail/dev/..
Thomas F Herbert (3):
openvswitch: 802.1ad uapi changes.
Check for vlan ethernet types for 8021.q or 802.1ad
802.1AD: Flow handling, actions, vlan parsing and netlink attributes
include/linux/if_vlan.h | 9 ++
include/uapi/linux/openvswitch.h | 17 ++--
net/openvswitch/flow.c | 84 ++++++++++++++---
net/openvswitch/flow.h | 5 +
net/openvswitch/flow_netlink.c | 195 +++++++++++++++++++++++++++++++++------
5 files changed, 260 insertions(+), 50 deletions(-)
--
2.1.0
_______________________________________________
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev
^ permalink raw reply [flat|nested] 11+ messages in thread
* [PATCH net-next V11 1/3] openvswitch: 802.1ad uapi changes.
[not found] ` <1435083990-12986-1-git-send-email-thomasfherbert-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
@ 2015-06-23 18:26 ` Thomas F Herbert
0 siblings, 0 replies; 11+ messages in thread
From: Thomas F Herbert @ 2015-06-23 18:26 UTC (permalink / raw)
To: netdev-u79uwXL29TY76Z2rM5mHXA, pshelar-l0M0P4e3n4LQT0dZR+AlfA
Cc: dev-yBygre7rU0TnMu66kgdUjQ, therbert-H+wXaHxf7aLQT0dZR+AlfA
openvswitch: Add support for 8021.AD
Change the description of the VLAN tpid field.
Signed-off-by: Thomas F Herbert <thomasfherbert@gmail.com>
---
include/uapi/linux/openvswitch.h | 17 +++++++++--------
1 file changed, 9 insertions(+), 8 deletions(-)
diff --git a/include/uapi/linux/openvswitch.h b/include/uapi/linux/openvswitch.h
index bbd49a0..f2ccdef 100644
--- a/include/uapi/linux/openvswitch.h
+++ b/include/uapi/linux/openvswitch.h
@@ -559,13 +559,13 @@ struct ovs_action_push_mpls {
* @vlan_tci: Tag control identifier (TCI) to push. The CFI bit must be set
* (but it will not be set in the 802.1Q header that is pushed).
*
- * The @vlan_tpid value is typically %ETH_P_8021Q. The only acceptable TPID
- * values are those that the kernel module also parses as 802.1Q headers, to
- * prevent %OVS_ACTION_ATTR_PUSH_VLAN followed by %OVS_ACTION_ATTR_POP_VLAN
- * from having surprising results.
+ * The @vlan_tpid value is typically %ETH_P_8021Q or %ETH_P_8021AD.
+ * The only acceptable TPID values are those that the kernel module also parses
+ * as 802.1Q or 802.1AD headers, to prevent %OVS_ACTION_ATTR_PUSH_VLAN followed
+ * by %OVS_ACTION_ATTR_POP_VLAN from having surprising results.
*/
struct ovs_action_push_vlan {
- __be16 vlan_tpid; /* 802.1Q TPID. */
+ __be16 vlan_tpid; /* 802.1Q or 802.1ad TPID. */
__be16 vlan_tci; /* 802.1Q TCI (VLAN ID and priority). */
};
@@ -605,9 +605,10 @@ struct ovs_action_hash {
* is copied from the value to the packet header field, rest of the bits are
* left unchanged. The non-masked value bits must be passed in as zeroes.
* Masking is not supported for the %OVS_KEY_ATTR_TUNNEL attribute.
- * @OVS_ACTION_ATTR_PUSH_VLAN: Push a new outermost 802.1Q header onto the
- * packet.
- * @OVS_ACTION_ATTR_POP_VLAN: Pop the outermost 802.1Q header off the packet.
+ * @OVS_ACTION_ATTR_PUSH_VLAN: Push a new outermost 802.1Q or 802.1ad header
+ * onto the packet.
+ * @OVS_ACTION_ATTR_POP_VLAN: Pop the outermost 802.1Q or 802.1ad header
+ * from the packet.
* @OVS_ACTION_ATTR_SAMPLE: Probabilitically executes actions, as specified in
* the nested %OVS_SAMPLE_ATTR_* attributes.
* @OVS_ACTION_ATTR_PUSH_MPLS: Push a new MPLS label stack entry onto the
--
2.1.0
_______________________________________________
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev
^ permalink raw reply related [flat|nested] 11+ messages in thread
* [PATCH net-next V11 2/3] Check for vlan ethernet types for 8021.q or 802.1ad
2015-06-23 18:26 [PATCH net-next V11 0/4] openvswitch: Add support for 802.1AD Thomas F Herbert
[not found] ` <1435083990-12986-1-git-send-email-thomasfherbert-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
@ 2015-06-23 18:26 ` Thomas F Herbert
[not found] ` <1435083990-12986-3-git-send-email-thomasfherbert-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2015-06-23 18:26 ` [PATCH net-next 3/3] openvswitch: 802.1AD: Flow handling, actions, and vlan parsing Thomas F Herbert
2 siblings, 1 reply; 11+ messages in thread
From: Thomas F Herbert @ 2015-06-23 18:26 UTC (permalink / raw)
To: netdev, pshelar; +Cc: therbert, dev, Thomas F Herbert
Signed-off-by: Thomas F Herbert <thomasfherbert@gmail.com>
---
include/linux/if_vlan.h | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/include/linux/if_vlan.h b/include/linux/if_vlan.h
index 920e445..3713454 100644
--- a/include/linux/if_vlan.h
+++ b/include/linux/if_vlan.h
@@ -627,5 +627,14 @@ static inline netdev_features_t vlan_features_check(const struct sk_buff *skb,
return features;
}
+/**
+ * Check for legal valid vlan ether type.
+ */
+static inline bool eth_type_vlan(__be16 ethertype)
+{
+ if (ethertype == htons(ETH_P_8021Q) || ethertype == htons(ETH_P_8021AD))
+ return true;
+ return false;
+}
#endif /* !(_LINUX_IF_VLAN_H_) */
--
2.1.0
^ permalink raw reply related [flat|nested] 11+ messages in thread
* [PATCH net-next 3/3] openvswitch: 802.1AD: Flow handling, actions, and vlan parsing
2015-06-23 18:26 [PATCH net-next V11 0/4] openvswitch: Add support for 802.1AD Thomas F Herbert
[not found] ` <1435083990-12986-1-git-send-email-thomasfherbert-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2015-06-23 18:26 ` [PATCH net-next V11 2/3] Check for vlan ethernet types for 8021.q or 802.1ad Thomas F Herbert
@ 2015-06-23 18:26 ` Thomas F Herbert
[not found] ` <1435083990-12986-4-git-send-email-thomasfherbert-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2 siblings, 1 reply; 11+ messages in thread
From: Thomas F Herbert @ 2015-06-23 18:26 UTC (permalink / raw)
To: netdev, pshelar; +Cc: therbert, dev, Thomas F Herbert
Add support for 802.1ad including the ability to push and pop double
tagged vlans. Add support for 802.1ad to netlink parsing and flow
conversion. Uses double nested encap attributes to represent double
tagged vlan. Inner TPID encoded along with ctci in nested attributes.
Signed-off-by: Thomas F Herbert <thomasfherbert@gmail.com>
---
net/openvswitch/flow.c | 84 +++++++++++++++---
net/openvswitch/flow.h | 5 ++
net/openvswitch/flow_netlink.c | 195 ++++++++++++++++++++++++++++++++++-------
3 files changed, 242 insertions(+), 42 deletions(-)
diff --git a/net/openvswitch/flow.c b/net/openvswitch/flow.c
index 2dacc7b..e268865 100644
--- a/net/openvswitch/flow.c
+++ b/net/openvswitch/flow.c
@@ -298,21 +298,80 @@ static bool icmp6hdr_ok(struct sk_buff *skb)
static int parse_vlan(struct sk_buff *skb, struct sw_flow_key *key)
{
struct qtag_prefix {
- __be16 eth_type; /* ETH_P_8021Q */
+ __be16 eth_type; /* ETH_P_8021Q or ETH_P_8021AD */
__be16 tci;
};
- struct qtag_prefix *qp;
+ struct qtag_prefix *qp = (struct qtag_prefix *)skb->data;
- if (unlikely(skb->len < sizeof(struct qtag_prefix) + sizeof(__be16)))
+ struct qinqtag_prefix {
+ __be16 eth_type; /* ETH_P_8021Q or ETH_P_8021AD */
+ __be16 tci;
+ __be16 inner_tpid; /* ETH_P_8021Q */
+ __be16 ctci;
+ };
+
+ if (likely(skb_vlan_tag_present(skb))) {
+ key->eth.tci = htons(skb->vlan_tci);
+
+ /* Case where upstream
+ * processing has already stripped the outer vlan tag.
+ */
+ if (unlikely(skb->vlan_proto == htons(ETH_P_8021AD))) {
+ if (unlikely(skb->len < sizeof(struct qtag_prefix) +
+ sizeof(__be16))) {
+ key->eth.tci = 0;
+ return 0;
+ }
+
+ if (unlikely(!pskb_may_pull(skb,
+ sizeof(struct qtag_prefix) +
+ sizeof(__be16)))) {
+ return -ENOMEM;
+ }
+
+ if (likely(qp->eth_type == htons(ETH_P_8021Q))) {
+ key->eth.cvlan.ctci =
+ qp->tci | htons(VLAN_TAG_PRESENT);
+ key->eth.cvlan.c_tpid = skb->vlan_proto;
+ __skb_pull(skb, sizeof(struct qtag_prefix));
+ }
+ }
return 0;
+ }
- if (unlikely(!pskb_may_pull(skb, sizeof(struct qtag_prefix) +
- sizeof(__be16))))
- return -ENOMEM;
- qp = (struct qtag_prefix *) skb->data;
- key->eth.tci = qp->tci | htons(VLAN_TAG_PRESENT);
- __skb_pull(skb, sizeof(struct qtag_prefix));
+ if (qp->eth_type == htons(ETH_P_8021AD)) {
+ struct qinqtag_prefix *qinqp =
+ (struct qinqtag_prefix *)skb->data;
+
+ if (unlikely(skb->len < sizeof(struct qinqtag_prefix) +
+ sizeof(__be16)))
+ return 0;
+
+ if (unlikely(!pskb_may_pull(skb, sizeof(struct qinqtag_prefix) +
+ sizeof(__be16)))) {
+ return -ENOMEM;
+ }
+ key->eth.tci = qinqp->tci | htons(VLAN_TAG_PRESENT);
+ key->eth.cvlan.ctci = qinqp->ctci | htons(VLAN_TAG_PRESENT);
+ key->eth.cvlan.c_tpid = qinqp->inner_tpid;
+
+ __skb_pull(skb, sizeof(struct qinqtag_prefix));
+
+ return 0;
+ }
+ if (qp->eth_type == htons(ETH_P_8021Q)) {
+ if (unlikely(skb->len < sizeof(struct qtag_prefix) +
+ sizeof(__be16)))
+ return -ENOMEM;
+
+ if (unlikely(!pskb_may_pull(skb, sizeof(struct qtag_prefix) +
+ sizeof(__be16))))
+ return 0;
+ key->eth.tci = qp->tci | htons(VLAN_TAG_PRESENT);
+
+ __skb_pull(skb, sizeof(struct qtag_prefix));
+ }
return 0;
}
@@ -474,9 +533,10 @@ static int key_extract(struct sk_buff *skb, struct sw_flow_key *key)
*/
key->eth.tci = 0;
- if (skb_vlan_tag_present(skb))
- key->eth.tci = htons(skb->vlan_tci);
- else if (eth->h_proto == htons(ETH_P_8021Q))
+ key->eth.cvlan.ctci = 0;
+ if ((skb_vlan_tag_present(skb)) ||
+ (eth->h_proto == htons(ETH_P_8021Q)) ||
+ (eth->h_proto == htons(ETH_P_8021AD)))
if (unlikely(parse_vlan(skb, key)))
return -ENOMEM;
diff --git a/net/openvswitch/flow.h b/net/openvswitch/flow.h
index a076e44..d41f3cc 100644
--- a/net/openvswitch/flow.h
+++ b/net/openvswitch/flow.h
@@ -134,6 +134,11 @@ struct sw_flow_key {
u8 src[ETH_ALEN]; /* Ethernet source address. */
u8 dst[ETH_ALEN]; /* Ethernet destination address. */
__be16 tci; /* 0 if no VLAN, VLAN_TAG_PRESENT set otherwise. */
+ struct {
+ __be16 c_tpid; /* Vlan DL_type 802.1q or 802.1ad */
+ __be16 ctci; /* 0 if no CVLAN, VLAN_TAG_PRESENT */
+ /* set otherwise. */
+ } cvlan;
__be16 type; /* Ethernet frame type. */
} eth;
union {
diff --git a/net/openvswitch/flow_netlink.c b/net/openvswitch/flow_netlink.c
index c691b1a..ff782f7 100644
--- a/net/openvswitch/flow_netlink.c
+++ b/net/openvswitch/flow_netlink.c
@@ -771,6 +771,29 @@ static int metadata_from_nlattrs(struct sw_flow_match *match, u64 *attrs,
return 0;
}
+static int cust_vlan_from_nlattrs(struct sw_flow_match *match, u64 attrs,
+ const struct nlattr **a, bool is_mask,
+ bool log)
+{
+ /* This should be nested inner or "customer" tci" */
+ if (attrs & (1 << OVS_KEY_ATTR_VLAN)) {
+ __be16 ctci;
+
+ ctci = nla_get_be16(a[OVS_KEY_ATTR_VLAN]);
+ if (!(ctci & htons(VLAN_TAG_PRESENT))) {
+ if (is_mask)
+ OVS_NLERR(log, "VLAN CTCI mask does not have exact match for VLAN_TAG_PRESENT bit.");
+ else
+ OVS_NLERR(log, "VLAN CTCI does not have VLAN_TAG_PRESENT bit set.");
+
+ return -EINVAL;
+ }
+ SW_FLOW_KEY_PUT(match, eth.cvlan.c_tpid, ctci, is_mask);
+ SW_FLOW_KEY_PUT(match, eth.cvlan.ctci, ctci, is_mask);
+ }
+ return 0;
+}
+
static int ovs_key_from_nlattrs(struct sw_flow_match *match, u64 attrs,
const struct nlattr **a, bool is_mask,
bool log)
@@ -1024,6 +1047,105 @@ static void mask_set_nlattr(struct nlattr *attr, u8 val)
nlattr_set(attr, val, ovs_key_lens);
}
+static int parse_vlan_from_nlattrs(const struct nlattr *nla,
+ struct sw_flow_match *match,
+ u64 *key_attrs, bool *ie_valid,
+ const struct nlattr **a, bool is_mask,
+ bool log)
+{
+ int err;
+ __be16 tci;
+ const struct nlattr *encap;
+
+ if (!is_mask) {
+ u64 v_attrs = 0;
+
+ tci = nla_get_be16(a[OVS_KEY_ATTR_VLAN]);
+
+ if (tci & htons(VLAN_TAG_PRESENT)) {
+ if (unlikely((nla_get_be16(a[OVS_KEY_ATTR_ETHERTYPE]) ==
+ htons(ETH_P_8021AD)))) {
+ err = parse_flow_nlattrs(nla, a, &v_attrs, log);
+ if (err)
+ return err;
+ if (!v_attrs)
+ return -EINVAL;
+
+ if (!((v_attrs &
+ (1ULL << OVS_KEY_ATTR_VLAN)) &&
+ (v_attrs &
+ (1ULL << OVS_KEY_ATTR_ENCAP)))) {
+ OVS_NLERR(log, "Invalid Vlan frame.");
+ return -EINVAL;
+ }
+ v_attrs &= ~(1 << OVS_KEY_ATTR_ETHERTYPE);
+ encap = a[OVS_KEY_ATTR_ENCAP];
+ v_attrs &= ~(1 << OVS_KEY_ATTR_ENCAP);
+ *ie_valid = true;
+
+ err = cust_vlan_from_nlattrs(match, v_attrs,
+ &encap, is_mask,
+ log);
+ if (err)
+ return err;
+ /* Insure that tci key attribute isn't
+ * overwritten by encapsulated customer tci.
+ */
+ v_attrs &= ~(1 << OVS_KEY_ATTR_VLAN);
+ *key_attrs |= v_attrs;
+ } else {
+ *key_attrs &= ~(1 << OVS_KEY_ATTR_VLAN);
+ err = parse_flow_nlattrs(nla, a, key_attrs,
+ log);
+ if (err)
+ return err;
+ }
+ } else if (!tci) {
+ /* Corner case for truncated 802.1Q header. */
+ if (nla_len(nla)) {
+ OVS_NLERR(log, "Truncated 802.1Q header has non-zero encap attribute.");
+ return -EINVAL;
+ }
+ } else {
+ OVS_NLERR(log, "Encap attr is set for non-VLAN frame");
+ return -EINVAL;
+ }
+
+ } else {
+ u64 mask_v_attrs = 0;
+
+ tci = 0;
+ if (a[OVS_KEY_ATTR_VLAN])
+ tci = nla_get_be16(a[OVS_KEY_ATTR_VLAN]);
+
+ if (!(tci & htons(VLAN_TAG_PRESENT))) {
+ OVS_NLERR(log, "VLAN tag present bit must have an exact match (tci_mask=%x).",
+ ntohs(tci));
+ err = -EINVAL;
+ return err;
+ }
+ err = parse_flow_mask_nlattrs(nla, a, &mask_v_attrs,
+ log);
+ if (err)
+ return err;
+
+ if (mask_v_attrs & (1ULL << OVS_KEY_ATTR_VLAN)) {
+ err = cust_vlan_from_nlattrs(match, mask_v_attrs,
+ a, is_mask, log);
+ if (err)
+ return err;
+
+ mask_v_attrs &= ~(1ULL << OVS_KEY_ATTR_VLAN);
+ *key_attrs |= mask_v_attrs;
+ } else {
+ *key_attrs &= ~(1 << OVS_KEY_ATTR_VLAN);
+ if (err)
+ return err;
+ }
+ }
+ return 0;
+}
+
/**
* ovs_nla_get_match - parses Netlink attributes into a flow key and
* mask. In case the 'mask' is NULL, the flow is treated as exact match
@@ -1050,6 +1172,7 @@ int ovs_nla_get_match(struct sw_flow_match *match,
u64 key_attrs = 0;
u64 mask_attrs = 0;
bool encap_valid = false;
+ bool i_encap_valid = false;
int err;
err = parse_flow_nlattrs(nla_key, a, &key_attrs, log);
@@ -1058,35 +1181,24 @@ int ovs_nla_get_match(struct sw_flow_match *match,
if ((key_attrs & (1 << OVS_KEY_ATTR_ETHERNET)) &&
(key_attrs & (1 << OVS_KEY_ATTR_ETHERTYPE)) &&
- (nla_get_be16(a[OVS_KEY_ATTR_ETHERTYPE]) == htons(ETH_P_8021Q))) {
- __be16 tci;
+ eth_type_vlan(nla_get_be16(a[OVS_KEY_ATTR_ETHERTYPE]))) {
- if (!((key_attrs & (1 << OVS_KEY_ATTR_VLAN)) &&
- (key_attrs & (1 << OVS_KEY_ATTR_ENCAP)))) {
+ if (!((key_attrs & (1ULL << OVS_KEY_ATTR_VLAN)) &&
+ (key_attrs & (1ULL << OVS_KEY_ATTR_ENCAP)))) {
OVS_NLERR(log, "Invalid Vlan frame.");
return -EINVAL;
}
key_attrs &= ~(1 << OVS_KEY_ATTR_ETHERTYPE);
- tci = nla_get_be16(a[OVS_KEY_ATTR_VLAN]);
encap = a[OVS_KEY_ATTR_ENCAP];
key_attrs &= ~(1 << OVS_KEY_ATTR_ENCAP);
encap_valid = true;
- if (tci & htons(VLAN_TAG_PRESENT)) {
- err = parse_flow_nlattrs(encap, a, &key_attrs, log);
- if (err)
- return err;
- } else if (!tci) {
- /* Corner case for truncated 802.1Q header. */
- if (nla_len(encap)) {
- OVS_NLERR(log, "Truncated 802.1Q header has non-zero encap attribute.");
- return -EINVAL;
- }
- } else {
- OVS_NLERR(log, "Encap attr is set for non-VLAN frame");
- return -EINVAL;
- }
+ err = parse_vlan_from_nlattrs(encap, match, &key_attrs,
+ &i_encap_valid, a, false, log);
+ if (err)
+ return err;
+
}
err = ovs_key_from_nlattrs(match, key_attrs, a, false, log);
@@ -1132,7 +1244,6 @@ int ovs_nla_get_match(struct sw_flow_match *match,
if (mask_attrs & 1 << OVS_KEY_ATTR_ENCAP) {
__be16 eth_type = 0;
- __be16 tci = 0;
if (!encap_valid) {
OVS_NLERR(log, "Encap mask attribute is set for non-VLAN frame.");
@@ -1158,15 +1269,13 @@ int ovs_nla_get_match(struct sw_flow_match *match,
goto free_newmask;
}
- if (a[OVS_KEY_ATTR_VLAN])
- tci = nla_get_be16(a[OVS_KEY_ATTR_VLAN]);
-
- if (!(tci & htons(VLAN_TAG_PRESENT))) {
- OVS_NLERR(log, "VLAN tag present bit must have an exact match (tci_mask=%x).",
- ntohs(tci));
- err = -EINVAL;
+ err = parse_vlan_from_nlattrs(encap, match,
+ &mask_attrs,
+ &i_encap_valid, a, true,
+ log);
+ if (err)
goto free_newmask;
- }
+
}
err = ovs_key_from_nlattrs(match, mask_attrs, a, true, log);
@@ -1277,6 +1386,7 @@ static int __ovs_nla_put_key(const struct sw_flow_key *swkey,
{
struct ovs_key_ethernet *eth_key;
struct nlattr *nla, *encap;
+ struct nlattr *in_encap = NULL;
if (nla_put_u32(skb, OVS_KEY_ATTR_RECIRC_ID, output->recirc_id))
goto nla_put_failure;
@@ -1331,8 +1441,30 @@ static int __ovs_nla_put_key(const struct sw_flow_key *swkey,
encap = nla_nest_start(skb, OVS_KEY_ATTR_ENCAP);
if (!swkey->eth.tci)
goto unencap;
- } else
+ } else if (swkey->eth.cvlan.ctci || swkey->eth.type ==
+ htons(ETH_P_8021AD)) {
+ __be16 eth_type;
+
+ eth_type = !is_mask ? htons(ETH_P_8021AD) : htons(0xffff);
+ if (nla_put_be16(skb, OVS_KEY_ATTR_ETHERTYPE, eth_type) ||
+ nla_put_be16(skb, OVS_KEY_ATTR_VLAN, output->eth.tci))
+ goto nla_put_failure;
+ encap = nla_nest_start(skb, OVS_KEY_ATTR_ENCAP);
+ if (!swkey->eth.tci)
+ goto unencap;
+ /* Customer tci is nested but uses same key attribute.
+ */
+ eth_type = !is_mask ? htons(ETH_P_8021Q) : htons(0xffff);
+ if (nla_put_be16(skb, OVS_KEY_ATTR_ETHERTYPE, eth_type) ||
+ nla_put_be16(skb, OVS_KEY_ATTR_VLAN,
+ output->eth.cvlan.ctci))
+ goto nla_put_failure;
+ in_encap = nla_nest_start(skb, OVS_KEY_ATTR_ENCAP);
+ if (!swkey->eth.cvlan.ctci)
+ goto unencap;
+ } else {
encap = NULL;
+ }
if (swkey->eth.type == htons(ETH_P_802_2)) {
/*
@@ -1479,6 +1611,8 @@ static int __ovs_nla_put_key(const struct sw_flow_key *swkey,
unencap:
if (encap)
nla_nest_end(skb, encap);
+ if (in_encap)
+ nla_nest_end(skb, in_encap);
return 0;
@@ -2078,7 +2212,8 @@ static int __ovs_nla_copy_actions(const struct nlattr *attr,
case OVS_ACTION_ATTR_PUSH_VLAN:
vlan = nla_data(a);
- if (vlan->vlan_tpid != htons(ETH_P_8021Q))
+ if ((vlan->vlan_tpid != htons(ETH_P_8021Q)) &&
+ (vlan->vlan_tpid != htons(ETH_P_8021AD)))
return -EINVAL;
if (!(vlan->vlan_tci & htons(VLAN_TAG_PRESENT)))
return -EINVAL;
--
2.1.0
^ permalink raw reply related [flat|nested] 11+ messages in thread
* Re: [PATCH net-next V11 2/3] Check for vlan ethernet types for 8021.q or 802.1ad
[not found] ` <1435083990-12986-3-git-send-email-thomasfherbert-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
@ 2015-06-23 18:43 ` Sergei Shtylyov
2015-06-23 19:01 ` Thomas F Herbert
0 siblings, 1 reply; 11+ messages in thread
From: Sergei Shtylyov @ 2015-06-23 18:43 UTC (permalink / raw)
To: Thomas F Herbert, netdev-u79uwXL29TY76Z2rM5mHXA,
pshelar-l0M0P4e3n4LQT0dZR+AlfA
Cc: dev-yBygre7rU0TnMu66kgdUjQ, therbert-H+wXaHxf7aLQT0dZR+AlfA
Hello.
On 06/23/2015 09:26 PM, Thomas F Herbert wrote:
> Signed-off-by: Thomas F Herbert <thomasfherbert@gmail.com>
[...]
> diff --git a/include/linux/if_vlan.h b/include/linux/if_vlan.h
> index 920e445..3713454 100644
> --- a/include/linux/if_vlan.h
> +++ b/include/linux/if_vlan.h
> @@ -627,5 +627,14 @@ static inline netdev_features_t vlan_features_check(const struct sk_buff *skb,
>
> return features;
> }
> +/**
> + * Check for legal valid vlan ether type.
The comment doesn't follow the kernel-doc format determined by /**.
> + */
> +static inline bool eth_type_vlan(__be16 ethertype)
> +{
> + if (ethertype == htons(ETH_P_8021Q) || ethertype == htons(ETH_P_8021AD))
> + return true;
> + return false;
Perhaps *switch*?
[...]
WBR, Sergei
_______________________________________________
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH net-next V11 2/3] Check for vlan ethernet types for 8021.q or 802.1ad
2015-06-23 18:43 ` Sergei Shtylyov
@ 2015-06-23 19:01 ` Thomas F Herbert
0 siblings, 0 replies; 11+ messages in thread
From: Thomas F Herbert @ 2015-06-23 19:01 UTC (permalink / raw)
To: Sergei Shtylyov, netdev, pshelar; +Cc: therbert, dev
On 6/23/15 2:43 PM, Sergei Shtylyov wrote:
> Hello.
>
> On 06/23/2015 09:26 PM, Thomas F Herbert wrote:
>
>> Signed-off-by: Thomas F Herbert <thomasfherbert@gmail.com>
> [...]
>
>> diff --git a/include/linux/if_vlan.h b/include/linux/if_vlan.h
>> index 920e445..3713454 100644
>> --- a/include/linux/if_vlan.h
>> +++ b/include/linux/if_vlan.h
>> @@ -627,5 +627,14 @@ static inline netdev_features_t
>> vlan_features_check(const struct sk_buff *skb,
>>
>> return features;
>> }
>> +/**
>> + * Check for legal valid vlan ether type.
>
> The comment doesn't follow the kernel-doc format determined by /**.
OK, I will change it to the proper kernel doc format.
>
>> + */
>> +static inline bool eth_type_vlan(__be16 ethertype)
>> +{
>> + if (ethertype == htons(ETH_P_8021Q) || ethertype ==
>> htons(ETH_P_8021AD))
>> + return true;
>> + return false;
>
> Perhaps *switch*?
I have no objection to changing this to a switch statement.
>
> [...]
>
> WBR, Sergei
>
--
Thomas F. Herbert
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH net-next 3/3] openvswitch: 802.1AD: Flow handling, actions, and vlan parsing
[not found] ` <1435083990-12986-4-git-send-email-thomasfherbert-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
@ 2015-06-30 4:16 ` Pravin Shelar
[not found] ` <CALnjE+pZB+NkG2Q=ZsLzGNLy4PixwY+U9+HwgfmLQLv+Vd_hgg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
0 siblings, 1 reply; 11+ messages in thread
From: Pravin Shelar @ 2015-06-30 4:16 UTC (permalink / raw)
To: Thomas F Herbert
Cc: dev-yBygre7rU0TnMu66kgdUjQ, netdev, therbert-H+wXaHxf7aLQT0dZR+AlfA
On Tue, Jun 23, 2015 at 11:26 AM, Thomas F Herbert
<thomasfherbert@gmail.com> wrote:
> Add support for 802.1ad including the ability to push and pop double
> tagged vlans. Add support for 802.1ad to netlink parsing and flow
> conversion. Uses double nested encap attributes to represent double
> tagged vlan. Inner TPID encoded along with ctci in nested attributes.
>
> Signed-off-by: Thomas F Herbert <thomasfherbert@gmail.com>
> ---
> net/openvswitch/flow.c | 84 +++++++++++++++---
> net/openvswitch/flow.h | 5 ++
> net/openvswitch/flow_netlink.c | 195 ++++++++++++++++++++++++++++++++++-------
> 3 files changed, 242 insertions(+), 42 deletions(-)
>
> diff --git a/net/openvswitch/flow.c b/net/openvswitch/flow.c
> index 2dacc7b..e268865 100644
> --- a/net/openvswitch/flow.c
> +++ b/net/openvswitch/flow.c
> @@ -298,21 +298,80 @@ static bool icmp6hdr_ok(struct sk_buff *skb)
> static int parse_vlan(struct sk_buff *skb, struct sw_flow_key *key)
> {
> struct qtag_prefix {
> - __be16 eth_type; /* ETH_P_8021Q */
> + __be16 eth_type; /* ETH_P_8021Q or ETH_P_8021AD */
> __be16 tci;
> };
> - struct qtag_prefix *qp;
> + struct qtag_prefix *qp = (struct qtag_prefix *)skb->data;
>
> - if (unlikely(skb->len < sizeof(struct qtag_prefix) + sizeof(__be16)))
> + struct qinqtag_prefix {
> + __be16 eth_type; /* ETH_P_8021Q or ETH_P_8021AD */
> + __be16 tci;
> + __be16 inner_tpid; /* ETH_P_8021Q */
> + __be16 ctci;
> + };
> +
> + if (likely(skb_vlan_tag_present(skb))) {
> + key->eth.tci = htons(skb->vlan_tci);
> +
> + /* Case where upstream
> + * processing has already stripped the outer vlan tag.
> + */
> + if (unlikely(skb->vlan_proto == htons(ETH_P_8021AD))) {
> + if (unlikely(skb->len < sizeof(struct qtag_prefix) +
> + sizeof(__be16))) {
> + key->eth.tci = 0;
> + return 0;
> + }
> +
> + if (unlikely(!pskb_may_pull(skb,
> + sizeof(struct qtag_prefix) +
> + sizeof(__be16)))) {
> + return -ENOMEM;
> + }
> +
> + if (likely(qp->eth_type == htons(ETH_P_8021Q))) {
> + key->eth.cvlan.ctci =
> + qp->tci | htons(VLAN_TAG_PRESENT);
> + key->eth.cvlan.c_tpid = skb->vlan_proto;
We should directly copy qp->inner_tpid here. As you have done it for
non offloaded case below.
> + __skb_pull(skb, sizeof(struct qtag_prefix));
> + }
> + }
> return 0;
> + }
>
> - if (unlikely(!pskb_may_pull(skb, sizeof(struct qtag_prefix) +
> - sizeof(__be16))))
> - return -ENOMEM;
>
> - qp = (struct qtag_prefix *) skb->data;
> - key->eth.tci = qp->tci | htons(VLAN_TAG_PRESENT);
> - __skb_pull(skb, sizeof(struct qtag_prefix));
> + if (qp->eth_type == htons(ETH_P_8021AD)) {
> + struct qinqtag_prefix *qinqp =
> + (struct qinqtag_prefix *)skb->data;
> +
> + if (unlikely(skb->len < sizeof(struct qinqtag_prefix) +
> + sizeof(__be16)))
> + return 0;
> +
> + if (unlikely(!pskb_may_pull(skb, sizeof(struct qinqtag_prefix) +
> + sizeof(__be16)))) {
> + return -ENOMEM;
> + }
> + key->eth.tci = qinqp->tci | htons(VLAN_TAG_PRESENT);
> + key->eth.cvlan.ctci = qinqp->ctci | htons(VLAN_TAG_PRESENT);
> + key->eth.cvlan.c_tpid = qinqp->inner_tpid;
> +
> + __skb_pull(skb, sizeof(struct qinqtag_prefix));
> +
> + return 0;
> + }
> + if (qp->eth_type == htons(ETH_P_8021Q)) {
> + if (unlikely(skb->len < sizeof(struct qtag_prefix) +
> + sizeof(__be16)))
> + return -ENOMEM;
> +
> + if (unlikely(!pskb_may_pull(skb, sizeof(struct qtag_prefix) +
> + sizeof(__be16))))
> + return 0;
> + key->eth.tci = qp->tci | htons(VLAN_TAG_PRESENT);
> +
> + __skb_pull(skb, sizeof(struct qtag_prefix));
> + }
>
> return 0;
> }
> @@ -474,9 +533,10 @@ static int key_extract(struct sk_buff *skb, struct sw_flow_key *key)
> */
>
> key->eth.tci = 0;
> - if (skb_vlan_tag_present(skb))
> - key->eth.tci = htons(skb->vlan_tci);
> - else if (eth->h_proto == htons(ETH_P_8021Q))
> + key->eth.cvlan.ctci = 0;
cvlan.c_tpid is not initialized for all cases.
> + if ((skb_vlan_tag_present(skb)) ||
> + (eth->h_proto == htons(ETH_P_8021Q)) ||
> + (eth->h_proto == htons(ETH_P_8021AD)))
These are redundant check. so we can directly call this function.
> if (unlikely(parse_vlan(skb, key)))
> return -ENOMEM;
>
...
>
> +static int cust_vlan_from_nlattrs(struct sw_flow_match *match, u64 attrs,
> + const struct nlattr **a, bool is_mask,
> + bool log)
> +{
> + /* This should be nested inner or "customer" tci" */
> + if (attrs & (1 << OVS_KEY_ATTR_VLAN)) {
> + __be16 ctci;
> +
> + ctci = nla_get_be16(a[OVS_KEY_ATTR_VLAN]);
> + if (!(ctci & htons(VLAN_TAG_PRESENT))) {
> + if (is_mask)
> + OVS_NLERR(log, "VLAN CTCI mask does not have exact match for VLAN_TAG_PRESENT bit.");
> + else
> + OVS_NLERR(log, "VLAN CTCI does not have VLAN_TAG_PRESENT bit set.");
> +
> + return -EINVAL;
> + }
> + SW_FLOW_KEY_PUT(match, eth.cvlan.c_tpid, ctci, is_mask);
> + SW_FLOW_KEY_PUT(match, eth.cvlan.ctci, ctci, is_mask);
> + }
Same value is set to tpid and tci.
> + return 0;
> +}
> +
> static int ovs_key_from_nlattrs(struct sw_flow_match *match, u64 attrs,
> const struct nlattr **a, bool is_mask,
> bool log)
> @@ -1024,6 +1047,105 @@ static void mask_set_nlattr(struct nlattr *attr, u8 val)
> nlattr_set(attr, val, ovs_key_lens);
> }
>
> +static int parse_vlan_from_nlattrs(const struct nlattr *nla,
> + struct sw_flow_match *match,
> + u64 *key_attrs, bool *ie_valid,
> + const struct nlattr **a, bool is_mask,
> + bool log)
> +{
> + int err;
> + __be16 tci;
> + const struct nlattr *encap;
> +
> + if (!is_mask) {
> + u64 v_attrs = 0;
> +
> + tci = nla_get_be16(a[OVS_KEY_ATTR_VLAN]);
> +
> + if (tci & htons(VLAN_TAG_PRESENT)) {
> + if (unlikely((nla_get_be16(a[OVS_KEY_ATTR_ETHERTYPE]) ==
> + htons(ETH_P_8021AD)))) {
Since we have added tpid to flow key, we have flexibility of
supporting generic double encapsulation. Therefore in netlink parsing
of key, double encap should not be limited to just 8021AD. for example
it should allow 8021Q in 8021Q header as valid key.
> + err = parse_flow_nlattrs(nla, a, &v_attrs, log);
> + if (err)
> + return err;
> + if (!v_attrs)
> + return -EINVAL;
> +
_______________________________________________
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH net-next 3/3] openvswitch: 802.1AD: Flow handling, actions, and vlan parsing
[not found] ` <CALnjE+pZB+NkG2Q=ZsLzGNLy4PixwY+U9+HwgfmLQLv+Vd_hgg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
@ 2015-07-26 0:32 ` Thomas F Herbert
[not found] ` <55B42AB1.6080200-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
0 siblings, 1 reply; 11+ messages in thread
From: Thomas F Herbert @ 2015-07-26 0:32 UTC (permalink / raw)
To: Pravin Shelar
Cc: dev-yBygre7rU0TnMu66kgdUjQ, netdev, therbert-H+wXaHxf7aLQT0dZR+AlfA
On 6/30/15 12:16 AM, Pravin Shelar wrote:
> On Tue, Jun 23, 2015 at 11:26 AM, Thomas F Herbert
Pravin, I apologize because I realize now that I am finishing V12 of
this patch that I never responded to your comments in this email.
> <thomasfherbert@gmail.com> wrote:
>> Add support for 802.1ad including the ability to push and pop double
>> tagged vlans. Add support for 802.1ad to netlink parsing and flow
>> conversion. Uses double nested encap attributes to represent double
>> tagged vlan. Inner TPID encoded along with ctci in nested attributes.
>>
>> Signed-off-by: Thomas F Herbert <thomasfherbert@gmail.com>
>> ---
>> net/openvswitch/flow.c | 84 +++++++++++++++---
>> net/openvswitch/flow.h | 5 ++
>> net/openvswitch/flow_netlink.c | 195 ++++++++++++++++++++++++++++++++++-------
>> 3 files changed, 242 insertions(+), 42 deletions(-)
>>
>> diff --git a/net/openvswitch/flow.c b/net/openvswitch/flow.c
>> index 2dacc7b..e268865 100644
>> --- a/net/openvswitch/flow.c
>> +++ b/net/openvswitch/flow.c
>> @@ -298,21 +298,80 @@ static bool icmp6hdr_ok(struct sk_buff *skb)
>> static int parse_vlan(struct sk_buff *skb, struct sw_flow_key *key)
>> {
>> struct qtag_prefix {
>> - __be16 eth_type; /* ETH_P_8021Q */
>> + __be16 eth_type; /* ETH_P_8021Q or ETH_P_8021AD */
>> __be16 tci;
>> };
>> - struct qtag_prefix *qp;
>> + struct qtag_prefix *qp = (struct qtag_prefix *)skb->data;
>>
>> - if (unlikely(skb->len < sizeof(struct qtag_prefix) + sizeof(__be16)))
>> + struct qinqtag_prefix {
>> + __be16 eth_type; /* ETH_P_8021Q or ETH_P_8021AD */
>> + __be16 tci;
>> + __be16 inner_tpid; /* ETH_P_8021Q */
>> + __be16 ctci;
>> + };
>> +
>> + if (likely(skb_vlan_tag_present(skb))) {
>> + key->eth.tci = htons(skb->vlan_tci);
>> +
>> + /* Case where upstream
>> + * processing has already stripped the outer vlan tag.
>> + */
>> + if (unlikely(skb->vlan_proto == htons(ETH_P_8021AD))) {
>> + if (unlikely(skb->len < sizeof(struct qtag_prefix) +
>> + sizeof(__be16))) {
>> + key->eth.tci = 0;
>> + return 0;
>> + }
>> +
>> + if (unlikely(!pskb_may_pull(skb,
>> + sizeof(struct qtag_prefix) +
>> + sizeof(__be16)))) {
>> + return -ENOMEM;
>> + }
>> +
>> + if (likely(qp->eth_type == htons(ETH_P_8021Q))) {
>> + key->eth.cvlan.ctci =
>> + qp->tci | htons(VLAN_TAG_PRESENT);
>> + key->eth.cvlan.c_tpid = skb->vlan_proto;
>
> We should directly copy qp->inner_tpid here. As you have done it for
> non offloaded case below.
Thanks! It is copied but it is set to the wrong tpid. The c_tpid field
in the key should be set to the ethertype in the packet itself which is
the inner tpid, not the offloaded skb-vlan_proto which is the outer
tpid. Fixed in V12.
>
>> + __skb_pull(skb, sizeof(struct qtag_prefix));
>> + }
>> + }
>> return 0;
>> + }
>>
>> - if (unlikely(!pskb_may_pull(skb, sizeof(struct qtag_prefix) +
>> - sizeof(__be16))))
>> - return -ENOMEM;
>>
>> - qp = (struct qtag_prefix *) skb->data;
>> - key->eth.tci = qp->tci | htons(VLAN_TAG_PRESENT);
>> - __skb_pull(skb, sizeof(struct qtag_prefix));
>> + if (qp->eth_type == htons(ETH_P_8021AD)) {
>> + struct qinqtag_prefix *qinqp =
>> + (struct qinqtag_prefix *)skb->data;
>> +
>> + if (unlikely(skb->len < sizeof(struct qinqtag_prefix) +
>> + sizeof(__be16)))
>> + return 0;
>> +
>> + if (unlikely(!pskb_may_pull(skb, sizeof(struct qinqtag_prefix) +
>> + sizeof(__be16)))) {
>> + return -ENOMEM;
>> + }
>> + key->eth.tci = qinqp->tci | htons(VLAN_TAG_PRESENT);
>> + key->eth.cvlan.ctci = qinqp->ctci | htons(VLAN_TAG_PRESENT);
>> + key->eth.cvlan.c_tpid = qinqp->inner_tpid;
>> +
>> + __skb_pull(skb, sizeof(struct qinqtag_prefix));
>> +
>> + return 0;
>> + }
>> + if (qp->eth_type == htons(ETH_P_8021Q)) {
>> + if (unlikely(skb->len < sizeof(struct qtag_prefix) +
>> + sizeof(__be16)))
>> + return -ENOMEM;
>> +
>> + if (unlikely(!pskb_may_pull(skb, sizeof(struct qtag_prefix) +
>> + sizeof(__be16))))
>> + return 0;
>> + key->eth.tci = qp->tci | htons(VLAN_TAG_PRESENT);
>> +
>> + __skb_pull(skb, sizeof(struct qtag_prefix));
>> + }
>>
>> return 0;
>> }
>> @@ -474,9 +533,10 @@ static int key_extract(struct sk_buff *skb, struct sw_flow_key *key)
>> */
>>
>> key->eth.tci = 0;
>> - if (skb_vlan_tag_present(skb))
>> - key->eth.tci = htons(skb->vlan_tci);
>> - else if (eth->h_proto == htons(ETH_P_8021Q))
>> + key->eth.cvlan.ctci = 0;
> cvlan.c_tpid is not initialized for all cases.
Fixed in V12
>
>> + if ((skb_vlan_tag_present(skb)) ||
>> + (eth->h_proto == htons(ETH_P_8021Q)) ||
>> + (eth->h_proto == htons(ETH_P_8021AD)))
> These are redundant check. so we can directly call this function.
I don't agree that these 3 checks are redundant. parse_vlan parses both
the offloaded and non-offloaded cases. In V12, I changed it to call
eth_type_vlan() to do the checks for the non-offloaded ethertypes.
Hmmm ... maybe I should add another function to if_vlan.h to check if a
packet is a vlan regardless of whether it is offloaded or not?
>
>> if (unlikely(parse_vlan(skb, key)))
>> return -ENOMEM;
>>
>
> ...
>>
>> +static int cust_vlan_from_nlattrs(struct sw_flow_match *match, u64 attrs,
>> + const struct nlattr **a, bool is_mask,
>> + bool log)
>> +{
>> + /* This should be nested inner or "customer" tci" */
>> + if (attrs & (1 << OVS_KEY_ATTR_VLAN)) {
>> + __be16 ctci;
>> +
>> + ctci = nla_get_be16(a[OVS_KEY_ATTR_VLAN]);
>> + if (!(ctci & htons(VLAN_TAG_PRESENT))) {
>> + if (is_mask)
>> + OVS_NLERR(log, "VLAN CTCI mask does not have exact match for VLAN_TAG_PRESENT bit.");
>> + else
>> + OVS_NLERR(log, "VLAN CTCI does not have VLAN_TAG_PRESENT bit set.");
>> +
>> + return -EINVAL;
>> + }
>> + SW_FLOW_KEY_PUT(match, eth.cvlan.c_tpid, ctci, is_mask);
>> + SW_FLOW_KEY_PUT(match, eth.cvlan.ctci, ctci, is_mask);
>> + }
> Same value is set to tpid and tci.
Thanks! Fixed in V12.
>
>> + return 0;
>> +}
>> +
>> static int ovs_key_from_nlattrs(struct sw_flow_match *match, u64 attrs,
>> const struct nlattr **a, bool is_mask,
>> bool log)
>> @@ -1024,6 +1047,105 @@ static void mask_set_nlattr(struct nlattr *attr, u8 val)
>> nlattr_set(attr, val, ovs_key_lens);
>> }
>>
>> +static int parse_vlan_from_nlattrs(const struct nlattr *nla,
>> + struct sw_flow_match *match,
>> + u64 *key_attrs, bool *ie_valid,
>> + const struct nlattr **a, bool is_mask,
>> + bool log)
>> +{
>> + int err;
>> + __be16 tci;
>> + const struct nlattr *encap;
>> +
>> + if (!is_mask) {
>> + u64 v_attrs = 0;
>> +
>> + tci = nla_get_be16(a[OVS_KEY_ATTR_VLAN]);
>> +
>> + if (tci & htons(VLAN_TAG_PRESENT)) {
>> + if (unlikely((nla_get_be16(a[OVS_KEY_ATTR_ETHERTYPE]) ==
>> + htons(ETH_P_8021AD)))) {
> Since we have added tpid to flow key, we have flexibility of
> supporting generic double encapsulation. Therefore in netlink parsing
> of key, double encap should not be limited to just 8021AD. for example
> it should allow 8021Q in 8021Q header as valid key.
I agree. Although Open Flow specification doesn't support non 802.1AD
double tagged vlans, we probably should be as least restrictive as
possible here in the kernel module. I recoded this in V12 to allow a
more "generic" qinq.
>
>> + err = parse_flow_nlattrs(nla, a, &v_attrs, log);
>> + if (err)
>> + return err;
>> + if (!v_attrs)
>> + return -EINVAL;
>> +
_______________________________________________
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH net-next 3/3] openvswitch: 802.1AD: Flow handling, actions, and vlan parsing
[not found] ` <55B42AB1.6080200-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
@ 2015-07-26 13:57 ` ravulakollu.kumar-uxC5H9eHYlcAvxtiuMwx3w
[not found] ` <SG2PR03MB07969B4C4555CB2E370AE8F3E48F0-ePYYJTVkT3RaLI7+W3dM6q82SN/2zMuYvxpqHgZTriW3zl9H0oFU5g@public.gmane.org>
0 siblings, 1 reply; 11+ messages in thread
From: ravulakollu.kumar-uxC5H9eHYlcAvxtiuMwx3w @ 2015-07-26 13:57 UTC (permalink / raw)
To: thomasfherbert-Re5JQEeQqe8AvxtiuMwx3w, pshelar-l0M0P4e3n4LQT0dZR+AlfA
Cc: dev-yBygre7rU0TnMu66kgdUjQ, netdev-u79uwXL29TY76Z2rM5mHXA,
therbert-H+wXaHxf7aLQT0dZR+AlfA
Hi Thomas,
I am currently using the beta version of ovs(2.3.90). In my phy-phy scenario , I am configuring the two physical ports(eth0, eth1) attached to ovs bridge
as trunk ports using the below commands.
ovs-vsctl --no-wait add-port br0 eth0 vlan_mode=trunk
ovs-vsctl --no-wait add-port br0 eth1 vlan_mode=trunk
I configured the bridge to work in legacy mode as shown below
$ ovs-ofctl dump-flows br0
NXST_FLOW reply (xid=0x4):
cookie=0x0, duration=15.458s, table=0, n_packets=0, n_bytes=0, idle_age=15, priority=0 actions=NORMAL
I tried sending 802.1ad tagged(outer tag tpid=0x88a8, inter tag tpid=ox8100) packet from packetgen to phyport1 (eth0), and receiving back on phyport2(eth2).
When I captured the received packet on eth1 , the received packet is not same as sent packet, means outer vlan TPID is not 0x88a8(instead 0x8100).
Could you please let me know , whether the below mentioned patch helps here.
Thanks in Advance,
Uday
-----Original Message-----
From: dev [mailto:dev-bounces@openvswitch.org] On Behalf Of Thomas F Herbert
Sent: Sunday, July 26, 2015 6:03 AM
To: Pravin Shelar
Cc: dev@openvswitch.org; netdev; therbert@redhat.com
Subject: Re: [ovs-dev] [PATCH net-next 3/3] openvswitch: 802.1AD: Flow handling, actions, and vlan parsing
On 6/30/15 12:16 AM, Pravin Shelar wrote:
> On Tue, Jun 23, 2015 at 11:26 AM, Thomas F Herbert
Pravin, I apologize because I realize now that I am finishing V12 of this patch that I never responded to your comments in this email.
> <thomasfherbert@gmail.com> wrote:
>> Add support for 802.1ad including the ability to push and pop double
>> tagged vlans. Add support for 802.1ad to netlink parsing and flow
>> conversion. Uses double nested encap attributes to represent double
>> tagged vlan. Inner TPID encoded along with ctci in nested attributes.
>>
>> Signed-off-by: Thomas F Herbert <thomasfherbert@gmail.com>
>> ---
>> net/openvswitch/flow.c | 84 +++++++++++++++---
>> net/openvswitch/flow.h | 5 ++
>> net/openvswitch/flow_netlink.c | 195 ++++++++++++++++++++++++++++++++++-------
>> 3 files changed, 242 insertions(+), 42 deletions(-)
>>
>> diff --git a/net/openvswitch/flow.c b/net/openvswitch/flow.c index
>> 2dacc7b..e268865 100644
>> --- a/net/openvswitch/flow.c
>> +++ b/net/openvswitch/flow.c
>> @@ -298,21 +298,80 @@ static bool icmp6hdr_ok(struct sk_buff *skb)
>> static int parse_vlan(struct sk_buff *skb, struct sw_flow_key *key)
>> {
>> struct qtag_prefix {
>> - __be16 eth_type; /* ETH_P_8021Q */
>> + __be16 eth_type; /* ETH_P_8021Q or ETH_P_8021AD */
>> __be16 tci;
>> };
>> - struct qtag_prefix *qp;
>> + struct qtag_prefix *qp = (struct qtag_prefix *)skb->data;
>>
>> - if (unlikely(skb->len < sizeof(struct qtag_prefix) + sizeof(__be16)))
>> + struct qinqtag_prefix {
>> + __be16 eth_type; /* ETH_P_8021Q or ETH_P_8021AD */
>> + __be16 tci;
>> + __be16 inner_tpid; /* ETH_P_8021Q */
>> + __be16 ctci;
>> + };
>> +
>> + if (likely(skb_vlan_tag_present(skb))) {
>> + key->eth.tci = htons(skb->vlan_tci);
>> +
>> + /* Case where upstream
>> + * processing has already stripped the outer vlan tag.
>> + */
>> + if (unlikely(skb->vlan_proto == htons(ETH_P_8021AD))) {
>> + if (unlikely(skb->len < sizeof(struct qtag_prefix) +
>> + sizeof(__be16))) {
>> + key->eth.tci = 0;
>> + return 0;
>> + }
>> +
>> + if (unlikely(!pskb_may_pull(skb,
>> + sizeof(struct qtag_prefix) +
>> + sizeof(__be16)))) {
>> + return -ENOMEM;
>> + }
>> +
>> + if (likely(qp->eth_type == htons(ETH_P_8021Q))) {
>> + key->eth.cvlan.ctci =
>> + qp->tci | htons(VLAN_TAG_PRESENT);
>> + key->eth.cvlan.c_tpid =
>> + skb->vlan_proto;
>
> We should directly copy qp->inner_tpid here. As you have done it for
> non offloaded case below.
Thanks! It is copied but it is set to the wrong tpid. The c_tpid field in the key should be set to the ethertype in the packet itself which is the inner tpid, not the offloaded skb-vlan_proto which is the outer tpid. Fixed in V12.
>
>> + __skb_pull(skb, sizeof(struct qtag_prefix));
>> + }
>> + }
>> return 0;
>> + }
>>
>> - if (unlikely(!pskb_may_pull(skb, sizeof(struct qtag_prefix) +
>> - sizeof(__be16))))
>> - return -ENOMEM;
>>
>> - qp = (struct qtag_prefix *) skb->data;
>> - key->eth.tci = qp->tci | htons(VLAN_TAG_PRESENT);
>> - __skb_pull(skb, sizeof(struct qtag_prefix));
>> + if (qp->eth_type == htons(ETH_P_8021AD)) {
>> + struct qinqtag_prefix *qinqp =
>> + (struct qinqtag_prefix
>> + *)skb->data;
>> +
>> + if (unlikely(skb->len < sizeof(struct qinqtag_prefix) +
>> + sizeof(__be16)))
>> + return 0;
>> +
>> + if (unlikely(!pskb_may_pull(skb, sizeof(struct qinqtag_prefix) +
>> + sizeof(__be16)))) {
>> + return -ENOMEM;
>> + }
>> + key->eth.tci = qinqp->tci | htons(VLAN_TAG_PRESENT);
>> + key->eth.cvlan.ctci = qinqp->ctci | htons(VLAN_TAG_PRESENT);
>> + key->eth.cvlan.c_tpid = qinqp->inner_tpid;
>> +
>> + __skb_pull(skb, sizeof(struct qinqtag_prefix));
>> +
>> + return 0;
>> + }
>> + if (qp->eth_type == htons(ETH_P_8021Q)) {
>> + if (unlikely(skb->len < sizeof(struct qtag_prefix) +
>> + sizeof(__be16)))
>> + return -ENOMEM;
>> +
>> + if (unlikely(!pskb_may_pull(skb, sizeof(struct qtag_prefix) +
>> + sizeof(__be16))))
>> + return 0;
>> + key->eth.tci = qp->tci | htons(VLAN_TAG_PRESENT);
>> +
>> + __skb_pull(skb, sizeof(struct qtag_prefix));
>> + }
>>
>> return 0;
>> }
>> @@ -474,9 +533,10 @@ static int key_extract(struct sk_buff *skb, struct sw_flow_key *key)
>> */
>>
>> key->eth.tci = 0;
>> - if (skb_vlan_tag_present(skb))
>> - key->eth.tci = htons(skb->vlan_tci);
>> - else if (eth->h_proto == htons(ETH_P_8021Q))
>> + key->eth.cvlan.ctci = 0;
> cvlan.c_tpid is not initialized for all cases.
Fixed in V12
>
>> + if ((skb_vlan_tag_present(skb)) ||
>> + (eth->h_proto == htons(ETH_P_8021Q)) ||
>> + (eth->h_proto == htons(ETH_P_8021AD)))
> These are redundant check. so we can directly call this function.
I don't agree that these 3 checks are redundant. parse_vlan parses both the offloaded and non-offloaded cases. In V12, I changed it to call
eth_type_vlan() to do the checks for the non-offloaded ethertypes.
Hmmm ... maybe I should add another function to if_vlan.h to check if a packet is a vlan regardless of whether it is offloaded or not?
>
>> if (unlikely(parse_vlan(skb, key)))
>> return -ENOMEM;
>>
>
> ...
>>
>> +static int cust_vlan_from_nlattrs(struct sw_flow_match *match, u64 attrs,
>> + const struct nlattr **a, bool is_mask,
>> + bool log) {
>> + /* This should be nested inner or "customer" tci" */
>> + if (attrs & (1 << OVS_KEY_ATTR_VLAN)) {
>> + __be16 ctci;
>> +
>> + ctci = nla_get_be16(a[OVS_KEY_ATTR_VLAN]);
>> + if (!(ctci & htons(VLAN_TAG_PRESENT))) {
>> + if (is_mask)
>> + OVS_NLERR(log, "VLAN CTCI mask does not have exact match for VLAN_TAG_PRESENT bit.");
>> + else
>> + OVS_NLERR(log, "VLAN CTCI does not
>> + have VLAN_TAG_PRESENT bit set.");
>> +
>> + return -EINVAL;
>> + }
>> + SW_FLOW_KEY_PUT(match, eth.cvlan.c_tpid, ctci, is_mask);
>> + SW_FLOW_KEY_PUT(match, eth.cvlan.ctci, ctci, is_mask);
>> + }
> Same value is set to tpid and tci.
Thanks! Fixed in V12.
>
>> + return 0;
>> +}
>> +
>> static int ovs_key_from_nlattrs(struct sw_flow_match *match, u64 attrs,
>> const struct nlattr **a, bool is_mask,
>> bool log) @@ -1024,6 +1047,105 @@
>> static void mask_set_nlattr(struct nlattr *attr, u8 val)
>> nlattr_set(attr, val, ovs_key_lens);
>> }
>>
>> +static int parse_vlan_from_nlattrs(const struct nlattr *nla,
>> + struct sw_flow_match *match,
>> + u64 *key_attrs, bool *ie_valid,
>> + const struct nlattr **a, bool is_mask,
>> + bool log) {
>> + int err;
>> + __be16 tci;
>> + const struct nlattr *encap;
>> +
>> + if (!is_mask) {
>> + u64 v_attrs = 0;
>> +
>> + tci = nla_get_be16(a[OVS_KEY_ATTR_VLAN]);
>> +
>> + if (tci & htons(VLAN_TAG_PRESENT)) {
>> + if (unlikely((nla_get_be16(a[OVS_KEY_ATTR_ETHERTYPE]) ==
>> + htons(ETH_P_8021AD)))) {
> Since we have added tpid to flow key, we have flexibility of
> supporting generic double encapsulation. Therefore in netlink parsing
> of key, double encap should not be limited to just 8021AD. for example
> it should allow 8021Q in 8021Q header as valid key.
I agree. Although Open Flow specification doesn't support non 802.1AD double tagged vlans, we probably should be as least restrictive as possible here in the kernel module. I recoded this in V12 to allow a more "generic" qinq.
>
>> + err = parse_flow_nlattrs(nla, a, &v_attrs, log);
>> + if (err)
>> + return err;
>> + if (!v_attrs)
>> + return -EINVAL;
>> +
_______________________________________________
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev
The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com
_______________________________________________
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH net-next 3/3] openvswitch: 802.1AD: Flow handling, actions, and vlan parsing
[not found] ` <SG2PR03MB07969B4C4555CB2E370AE8F3E48F0-ePYYJTVkT3RaLI7+W3dM6q82SN/2zMuYvxpqHgZTriW3zl9H0oFU5g@public.gmane.org>
@ 2015-07-26 14:33 ` Thomas F Herbert
[not found] ` <55B4EFA4.4070804-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
0 siblings, 1 reply; 11+ messages in thread
From: Thomas F Herbert @ 2015-07-26 14:33 UTC (permalink / raw)
To: ravulakollu.kumar-uxC5H9eHYlcAvxtiuMwx3w,
thomasfherbert-Re5JQEeQqe8AvxtiuMwx3w,
pshelar-l0M0P4e3n4LQT0dZR+AlfA
Cc: dev-yBygre7rU0TnMu66kgdUjQ, netdev-u79uwXL29TY76Z2rM5mHXA
On 7/26/15 9:57 AM, ravulakollu.kumar@wipro.com wrote:
> Hi Thomas,
>
> I am currently using the beta version of ovs(2.3.90). In my phy-phy scenario , I am configuring the two physical ports(eth0, eth1) attached to ovs bridge
> as trunk ports using the below commands.
>
> ovs-vsctl --no-wait add-port br0 eth0 vlan_mode=trunk
> ovs-vsctl --no-wait add-port br0 eth1 vlan_mode=trunk
>
> I configured the bridge to work in legacy mode as shown below
>
> $ ovs-ofctl dump-flows br0
> NXST_FLOW reply (xid=0x4):
> cookie=0x0, duration=15.458s, table=0, n_packets=0, n_bytes=0, idle_age=15, priority=0 actions=NORMAL
>
> I tried sending 802.1ad tagged(outer tag tpid=0x88a8, inter tag tpid=ox8100) packet from packetgen to phyport1 (eth0), and receiving back on phyport2(eth2).
> When I captured the received packet on eth1 , the received packet is not same as sent packet, means outer vlan TPID is not 0x88a8(instead 0x8100).
>
This patch supports pushing and popping of double tagged vlans. It
shouldn't affect double tagged traffic flowing through the switch unless
your ovs bridge has flows to pop or push a vlan.
Are you using tcpdump to look at the packets? There is a bug in libpcap
where the outer TPID of outgoing packets is miss-reported as 0x8100
whether or not the tpid is actually 0x88a8
> Could you please let me know , whether the below mentioned patch helps here.
>
> Thanks in Advance,
> Uday
>
> -----Original Message-----
> From: dev [mailto:dev-bounces@openvswitch.org] On Behalf Of Thomas F Herbert
> Sent: Sunday, July 26, 2015 6:03 AM
> To: Pravin Shelar
> Cc: dev@openvswitch.org; netdev; therbert@redhat.com
> Subject: Re: [ovs-dev] [PATCH net-next 3/3] openvswitch: 802.1AD: Flow handling, actions, and vlan parsing
>
> On 6/30/15 12:16 AM, Pravin Shelar wrote:
>> On Tue, Jun 23, 2015 at 11:26 AM, Thomas F Herbert
> Pravin, I apologize because I realize now that I am finishing V12 of this patch that I never responded to your comments in this email.
>> <thomasfherbert@gmail.com> wrote:
>>> Add support for 802.1ad including the ability to push and pop double
>>> tagged vlans. Add support for 802.1ad to netlink parsing and flow
>>> conversion. Uses double nested encap attributes to represent double
>>> tagged vlan. Inner TPID encoded along with ctci in nested attributes.
>>>
>>> Signed-off-by: Thomas F Herbert <thomasfherbert@gmail.com>
>>> ---
>>> net/openvswitch/flow.c | 84 +++++++++++++++---
>>> net/openvswitch/flow.h | 5 ++
>>> net/openvswitch/flow_netlink.c | 195 ++++++++++++++++++++++++++++++++++-------
>>> 3 files changed, 242 insertions(+), 42 deletions(-)
>>>
>>> diff --git a/net/openvswitch/flow.c b/net/openvswitch/flow.c index
>>> 2dacc7b..e268865 100644
>>> --- a/net/openvswitch/flow.c
>>> +++ b/net/openvswitch/flow.c
>>> @@ -298,21 +298,80 @@ static bool icmp6hdr_ok(struct sk_buff *skb)
>>> static int parse_vlan(struct sk_buff *skb, struct sw_flow_key *key)
>>> {
>>> struct qtag_prefix {
>>> - __be16 eth_type; /* ETH_P_8021Q */
>>> + __be16 eth_type; /* ETH_P_8021Q or ETH_P_8021AD */
>>> __be16 tci;
>>> };
>>> - struct qtag_prefix *qp;
>>> + struct qtag_prefix *qp = (struct qtag_prefix *)skb->data;
>>>
>>> - if (unlikely(skb->len < sizeof(struct qtag_prefix) + sizeof(__be16)))
>>> + struct qinqtag_prefix {
>>> + __be16 eth_type; /* ETH_P_8021Q or ETH_P_8021AD */
>>> + __be16 tci;
>>> + __be16 inner_tpid; /* ETH_P_8021Q */
>>> + __be16 ctci;
>>> + };
>>> +
>>> + if (likely(skb_vlan_tag_present(skb))) {
>>> + key->eth.tci = htons(skb->vlan_tci);
>>> +
>>> + /* Case where upstream
>>> + * processing has already stripped the outer vlan tag.
>>> + */
>>> + if (unlikely(skb->vlan_proto == htons(ETH_P_8021AD))) {
>>> + if (unlikely(skb->len < sizeof(struct qtag_prefix) +
>>> + sizeof(__be16))) {
>>> + key->eth.tci = 0;
>>> + return 0;
>>> + }
>>> +
>>> + if (unlikely(!pskb_may_pull(skb,
>>> + sizeof(struct qtag_prefix) +
>>> + sizeof(__be16)))) {
>>> + return -ENOMEM;
>>> + }
>>> +
>>> + if (likely(qp->eth_type == htons(ETH_P_8021Q))) {
>>> + key->eth.cvlan.ctci =
>>> + qp->tci | htons(VLAN_TAG_PRESENT);
>>> + key->eth.cvlan.c_tpid =
>>> + skb->vlan_proto;
>>
>> We should directly copy qp->inner_tpid here. As you have done it for
>> non offloaded case below.
> Thanks! It is copied but it is set to the wrong tpid. The c_tpid field in the key should be set to the ethertype in the packet itself which is the inner tpid, not the offloaded skb-vlan_proto which is the outer tpid. Fixed in V12.
>>
>>> + __skb_pull(skb, sizeof(struct qtag_prefix));
>>> + }
>>> + }
>>> return 0;
>>> + }
>>>
>>> - if (unlikely(!pskb_may_pull(skb, sizeof(struct qtag_prefix) +
>>> - sizeof(__be16))))
>>> - return -ENOMEM;
>>>
>>> - qp = (struct qtag_prefix *) skb->data;
>>> - key->eth.tci = qp->tci | htons(VLAN_TAG_PRESENT);
>>> - __skb_pull(skb, sizeof(struct qtag_prefix));
>>> + if (qp->eth_type == htons(ETH_P_8021AD)) {
>>> + struct qinqtag_prefix *qinqp =
>>> + (struct qinqtag_prefix
>>> + *)skb->data;
>>> +
>>> + if (unlikely(skb->len < sizeof(struct qinqtag_prefix) +
>>> + sizeof(__be16)))
>>> + return 0;
>>> +
>>> + if (unlikely(!pskb_may_pull(skb, sizeof(struct qinqtag_prefix) +
>>> + sizeof(__be16)))) {
>>> + return -ENOMEM;
>>> + }
>>> + key->eth.tci = qinqp->tci | htons(VLAN_TAG_PRESENT);
>>> + key->eth.cvlan.ctci = qinqp->ctci | htons(VLAN_TAG_PRESENT);
>>> + key->eth.cvlan.c_tpid = qinqp->inner_tpid;
>>> +
>>> + __skb_pull(skb, sizeof(struct qinqtag_prefix));
>>> +
>>> + return 0;
>>> + }
>>> + if (qp->eth_type == htons(ETH_P_8021Q)) {
>>> + if (unlikely(skb->len < sizeof(struct qtag_prefix) +
>>> + sizeof(__be16)))
>>> + return -ENOMEM;
>>> +
>>> + if (unlikely(!pskb_may_pull(skb, sizeof(struct qtag_prefix) +
>>> + sizeof(__be16))))
>>> + return 0;
>>> + key->eth.tci = qp->tci | htons(VLAN_TAG_PRESENT);
>>> +
>>> + __skb_pull(skb, sizeof(struct qtag_prefix));
>>> + }
>>>
>>> return 0;
>>> }
>>> @@ -474,9 +533,10 @@ static int key_extract(struct sk_buff *skb, struct sw_flow_key *key)
>>> */
>>>
>>> key->eth.tci = 0;
>>> - if (skb_vlan_tag_present(skb))
>>> - key->eth.tci = htons(skb->vlan_tci);
>>> - else if (eth->h_proto == htons(ETH_P_8021Q))
>>> + key->eth.cvlan.ctci = 0;
>> cvlan.c_tpid is not initialized for all cases.
> Fixed in V12
>>
>>> + if ((skb_vlan_tag_present(skb)) ||
>>> + (eth->h_proto == htons(ETH_P_8021Q)) ||
>>> + (eth->h_proto == htons(ETH_P_8021AD)))
>> These are redundant check. so we can directly call this function.
> I don't agree that these 3 checks are redundant. parse_vlan parses both the offloaded and non-offloaded cases. In V12, I changed it to call
> eth_type_vlan() to do the checks for the non-offloaded ethertypes.
>
> Hmmm ... maybe I should add another function to if_vlan.h to check if a packet is a vlan regardless of whether it is offloaded or not?
>>
>>> if (unlikely(parse_vlan(skb, key)))
>>> return -ENOMEM;
>>>
>>
>> ...
>>>
>>> +static int cust_vlan_from_nlattrs(struct sw_flow_match *match, u64 attrs,
>>> + const struct nlattr **a, bool is_mask,
>>> + bool log) {
>>> + /* This should be nested inner or "customer" tci" */
>>> + if (attrs & (1 << OVS_KEY_ATTR_VLAN)) {
>>> + __be16 ctci;
>>> +
>>> + ctci = nla_get_be16(a[OVS_KEY_ATTR_VLAN]);
>>> + if (!(ctci & htons(VLAN_TAG_PRESENT))) {
>>> + if (is_mask)
>>> + OVS_NLERR(log, "VLAN CTCI mask does not have exact match for VLAN_TAG_PRESENT bit.");
>>> + else
>>> + OVS_NLERR(log, "VLAN CTCI does not
>>> + have VLAN_TAG_PRESENT bit set.");
>>> +
>>> + return -EINVAL;
>>> + }
>>> + SW_FLOW_KEY_PUT(match, eth.cvlan.c_tpid, ctci, is_mask);
>>> + SW_FLOW_KEY_PUT(match, eth.cvlan.ctci, ctci, is_mask);
>>> + }
>> Same value is set to tpid and tci.
> Thanks! Fixed in V12.
>>
>>> + return 0;
>>> +}
>>> +
>>> static int ovs_key_from_nlattrs(struct sw_flow_match *match, u64 attrs,
>>> const struct nlattr **a, bool is_mask,
>>> bool log) @@ -1024,6 +1047,105 @@
>>> static void mask_set_nlattr(struct nlattr *attr, u8 val)
>>> nlattr_set(attr, val, ovs_key_lens);
>>> }
>>>
>>> +static int parse_vlan_from_nlattrs(const struct nlattr *nla,
>>> + struct sw_flow_match *match,
>>> + u64 *key_attrs, bool *ie_valid,
>>> + const struct nlattr **a, bool is_mask,
>>> + bool log) {
>>> + int err;
>>> + __be16 tci;
>>> + const struct nlattr *encap;
>>> +
>>> + if (!is_mask) {
>>> + u64 v_attrs = 0;
>>> +
>>> + tci = nla_get_be16(a[OVS_KEY_ATTR_VLAN]);
>>> +
>>> + if (tci & htons(VLAN_TAG_PRESENT)) {
>>> + if (unlikely((nla_get_be16(a[OVS_KEY_ATTR_ETHERTYPE]) ==
>>> + htons(ETH_P_8021AD)))) {
>> Since we have added tpid to flow key, we have flexibility of
>> supporting generic double encapsulation. Therefore in netlink parsing
>> of key, double encap should not be limited to just 8021AD. for example
>> it should allow 8021Q in 8021Q header as valid key.
> I agree. Although Open Flow specification doesn't support non 802.1AD double tagged vlans, we probably should be as least restrictive as possible here in the kernel module. I recoded this in V12 to allow a more "generic" qinq.
>>
>>> + err = parse_flow_nlattrs(nla, a, &v_attrs, log);
>>> + if (err)
>>> + return err;
>>> + if (!v_attrs)
>>> + return -EINVAL;
>>> +
>
> _______________________________________________
> dev mailing list
> dev@openvswitch.org
> http://openvswitch.org/mailman/listinfo/dev
>
--
Thomas F Herbert Red Hat
_______________________________________________
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH net-next 3/3] openvswitch: 802.1AD: Flow handling, actions, and vlan parsing
[not found] ` <55B4EFA4.4070804-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
@ 2015-07-26 15:17 ` ravulakollu.kumar-uxC5H9eHYlcAvxtiuMwx3w
0 siblings, 0 replies; 11+ messages in thread
From: ravulakollu.kumar-uxC5H9eHYlcAvxtiuMwx3w @ 2015-07-26 15:17 UTC (permalink / raw)
To: therbert-H+wXaHxf7aLQT0dZR+AlfA,
thomasfherbert-Re5JQEeQqe8AvxtiuMwx3w,
pshelar-l0M0P4e3n4LQT0dZR+AlfA
Cc: dev-yBygre7rU0TnMu66kgdUjQ, netdev-u79uwXL29TY76Z2rM5mHXA
Hi Thomas,
Thank you very much for your response.
Does this patch adds 802.1ad tag on ingress and pops the same on egress by default? or is it to be configured via ofctl commands
explicitly?
Thanks in Advance,
Uday
________________________________________
From: Thomas F Herbert <therbert@redhat.com>
Sent: Sunday, July 26, 2015 8:03 PM
To: Ravulakollu Udaya Kumar (WT01 - Digital Marketing); thomasfherbert@gmail.com; pshelar@nicira.com
Cc: dev@openvswitch.org; netdev@vger.kernel.org
Subject: Re: [ovs-dev] [PATCH net-next 3/3] openvswitch: 802.1AD: Flow handling, actions, and vlan parsing
On 7/26/15 9:57 AM, ravulakollu.kumar@wipro.com wrote:
> Hi Thomas,
>
> I am currently using the beta version of ovs(2.3.90). In my phy-phy scenario , I am configuring the two physical ports(eth0, eth1) attached to ovs bridge
> as trunk ports using the below commands.
>
> ovs-vsctl --no-wait add-port br0 eth0 vlan_mode=trunk
> ovs-vsctl --no-wait add-port br0 eth1 vlan_mode=trunk
>
> I configured the bridge to work in legacy mode as shown below
>
> $ ovs-ofctl dump-flows br0
> NXST_FLOW reply (xid=0x4):
> cookie=0x0, duration=15.458s, table=0, n_packets=0, n_bytes=0, idle_age=15, priority=0 actions=NORMAL
>
> I tried sending 802.1ad tagged(outer tag tpid=0x88a8, inter tag tpid=ox8100) packet from packetgen to phyport1 (eth0), and receiving back on phyport2(eth2).
> When I captured the received packet on eth1 , the received packet is not same as sent packet, means outer vlan TPID is not 0x88a8(instead 0x8100).
>
This patch supports pushing and popping of double tagged vlans. It
shouldn't affect double tagged traffic flowing through the switch unless
your ovs bridge has flows to pop or push a vlan.
Are you using tcpdump to look at the packets? There is a bug in libpcap
where the outer TPID of outgoing packets is miss-reported as 0x8100
whether or not the tpid is actually 0x88a8
> Could you please let me know , whether the below mentioned patch helps here.
>
> Thanks in Advance,
> Uday
>
> -----Original Message-----
> From: dev [mailto:dev-bounces@openvswitch.org] On Behalf Of Thomas F Herbert
> Sent: Sunday, July 26, 2015 6:03 AM
> To: Pravin Shelar
> Cc: dev@openvswitch.org; netdev; therbert@redhat.com
> Subject: Re: [ovs-dev] [PATCH net-next 3/3] openvswitch: 802.1AD: Flow handling, actions, and vlan parsing
>
> On 6/30/15 12:16 AM, Pravin Shelar wrote:
>> On Tue, Jun 23, 2015 at 11:26 AM, Thomas F Herbert
> Pravin, I apologize because I realize now that I am finishing V12 of this patch that I never responded to your comments in this email.
>> <thomasfherbert@gmail.com> wrote:
>>> Add support for 802.1ad including the ability to push and pop double
>>> tagged vlans. Add support for 802.1ad to netlink parsing and flow
>>> conversion. Uses double nested encap attributes to represent double
>>> tagged vlan. Inner TPID encoded along with ctci in nested attributes.
>>>
>>> Signed-off-by: Thomas F Herbert <thomasfherbert@gmail.com>
>>> ---
>>> net/openvswitch/flow.c | 84 +++++++++++++++---
>>> net/openvswitch/flow.h | 5 ++
>>> net/openvswitch/flow_netlink.c | 195 ++++++++++++++++++++++++++++++++++-------
>>> 3 files changed, 242 insertions(+), 42 deletions(-)
>>>
>>> diff --git a/net/openvswitch/flow.c b/net/openvswitch/flow.c index
>>> 2dacc7b..e268865 100644
>>> --- a/net/openvswitch/flow.c
>>> +++ b/net/openvswitch/flow.c
>>> @@ -298,21 +298,80 @@ static bool icmp6hdr_ok(struct sk_buff *skb)
>>> static int parse_vlan(struct sk_buff *skb, struct sw_flow_key *key)
>>> {
>>> struct qtag_prefix {
>>> - __be16 eth_type; /* ETH_P_8021Q */
>>> + __be16 eth_type; /* ETH_P_8021Q or ETH_P_8021AD */
>>> __be16 tci;
>>> };
>>> - struct qtag_prefix *qp;
>>> + struct qtag_prefix *qp = (struct qtag_prefix *)skb->data;
>>>
>>> - if (unlikely(skb->len < sizeof(struct qtag_prefix) + sizeof(__be16)))
>>> + struct qinqtag_prefix {
>>> + __be16 eth_type; /* ETH_P_8021Q or ETH_P_8021AD */
>>> + __be16 tci;
>>> + __be16 inner_tpid; /* ETH_P_8021Q */
>>> + __be16 ctci;
>>> + };
>>> +
>>> + if (likely(skb_vlan_tag_present(skb))) {
>>> + key->eth.tci = htons(skb->vlan_tci);
>>> +
>>> + /* Case where upstream
>>> + * processing has already stripped the outer vlan tag.
>>> + */
>>> + if (unlikely(skb->vlan_proto == htons(ETH_P_8021AD))) {
>>> + if (unlikely(skb->len < sizeof(struct qtag_prefix) +
>>> + sizeof(__be16))) {
>>> + key->eth.tci = 0;
>>> + return 0;
>>> + }
>>> +
>>> + if (unlikely(!pskb_may_pull(skb,
>>> + sizeof(struct qtag_prefix) +
>>> + sizeof(__be16)))) {
>>> + return -ENOMEM;
>>> + }
>>> +
>>> + if (likely(qp->eth_type == htons(ETH_P_8021Q))) {
>>> + key->eth.cvlan.ctci =
>>> + qp->tci | htons(VLAN_TAG_PRESENT);
>>> + key->eth.cvlan.c_tpid =
>>> + skb->vlan_proto;
>>
>> We should directly copy qp->inner_tpid here. As you have done it for
>> non offloaded case below.
> Thanks! It is copied but it is set to the wrong tpid. The c_tpid field in the key should be set to the ethertype in the packet itself which is the inner tpid, not the offloaded skb-vlan_proto which is the outer tpid. Fixed in V12.
>>
>>> + __skb_pull(skb, sizeof(struct qtag_prefix));
>>> + }
>>> + }
>>> return 0;
>>> + }
>>>
>>> - if (unlikely(!pskb_may_pull(skb, sizeof(struct qtag_prefix) +
>>> - sizeof(__be16))))
>>> - return -ENOMEM;
>>>
>>> - qp = (struct qtag_prefix *) skb->data;
>>> - key->eth.tci = qp->tci | htons(VLAN_TAG_PRESENT);
>>> - __skb_pull(skb, sizeof(struct qtag_prefix));
>>> + if (qp->eth_type == htons(ETH_P_8021AD)) {
>>> + struct qinqtag_prefix *qinqp =
>>> + (struct qinqtag_prefix
>>> + *)skb->data;
>>> +
>>> + if (unlikely(skb->len < sizeof(struct qinqtag_prefix) +
>>> + sizeof(__be16)))
>>> + return 0;
>>> +
>>> + if (unlikely(!pskb_may_pull(skb, sizeof(struct qinqtag_prefix) +
>>> + sizeof(__be16)))) {
>>> + return -ENOMEM;
>>> + }
>>> + key->eth.tci = qinqp->tci | htons(VLAN_TAG_PRESENT);
>>> + key->eth.cvlan.ctci = qinqp->ctci | htons(VLAN_TAG_PRESENT);
>>> + key->eth.cvlan.c_tpid = qinqp->inner_tpid;
>>> +
>>> + __skb_pull(skb, sizeof(struct qinqtag_prefix));
>>> +
>>> + return 0;
>>> + }
>>> + if (qp->eth_type == htons(ETH_P_8021Q)) {
>>> + if (unlikely(skb->len < sizeof(struct qtag_prefix) +
>>> + sizeof(__be16)))
>>> + return -ENOMEM;
>>> +
>>> + if (unlikely(!pskb_may_pull(skb, sizeof(struct qtag_prefix) +
>>> + sizeof(__be16))))
>>> + return 0;
>>> + key->eth.tci = qp->tci | htons(VLAN_TAG_PRESENT);
>>> +
>>> + __skb_pull(skb, sizeof(struct qtag_prefix));
>>> + }
>>>
>>> return 0;
>>> }
>>> @@ -474,9 +533,10 @@ static int key_extract(struct sk_buff *skb, struct sw_flow_key *key)
>>> */
>>>
>>> key->eth.tci = 0;
>>> - if (skb_vlan_tag_present(skb))
>>> - key->eth.tci = htons(skb->vlan_tci);
>>> - else if (eth->h_proto == htons(ETH_P_8021Q))
>>> + key->eth.cvlan.ctci = 0;
>> cvlan.c_tpid is not initialized for all cases.
> Fixed in V12
>>
>>> + if ((skb_vlan_tag_present(skb)) ||
>>> + (eth->h_proto == htons(ETH_P_8021Q)) ||
>>> + (eth->h_proto == htons(ETH_P_8021AD)))
>> These are redundant check. so we can directly call this function.
> I don't agree that these 3 checks are redundant. parse_vlan parses both the offloaded and non-offloaded cases. In V12, I changed it to call
> eth_type_vlan() to do the checks for the non-offloaded ethertypes.
>
> Hmmm ... maybe I should add another function to if_vlan.h to check if a packet is a vlan regardless of whether it is offloaded or not?
>>
>>> if (unlikely(parse_vlan(skb, key)))
>>> return -ENOMEM;
>>>
>>
>> ...
>>>
>>> +static int cust_vlan_from_nlattrs(struct sw_flow_match *match, u64 attrs,
>>> + const struct nlattr **a, bool is_mask,
>>> + bool log) {
>>> + /* This should be nested inner or "customer" tci" */
>>> + if (attrs & (1 << OVS_KEY_ATTR_VLAN)) {
>>> + __be16 ctci;
>>> +
>>> + ctci = nla_get_be16(a[OVS_KEY_ATTR_VLAN]);
>>> + if (!(ctci & htons(VLAN_TAG_PRESENT))) {
>>> + if (is_mask)
>>> + OVS_NLERR(log, "VLAN CTCI mask does not have exact match for VLAN_TAG_PRESENT bit.");
>>> + else
>>> + OVS_NLERR(log, "VLAN CTCI does not
>>> + have VLAN_TAG_PRESENT bit set.");
>>> +
>>> + return -EINVAL;
>>> + }
>>> + SW_FLOW_KEY_PUT(match, eth.cvlan.c_tpid, ctci, is_mask);
>>> + SW_FLOW_KEY_PUT(match, eth.cvlan.ctci, ctci, is_mask);
>>> + }
>> Same value is set to tpid and tci.
> Thanks! Fixed in V12.
>>
>>> + return 0;
>>> +}
>>> +
>>> static int ovs_key_from_nlattrs(struct sw_flow_match *match, u64 attrs,
>>> const struct nlattr **a, bool is_mask,
>>> bool log) @@ -1024,6 +1047,105 @@
>>> static void mask_set_nlattr(struct nlattr *attr, u8 val)
>>> nlattr_set(attr, val, ovs_key_lens);
>>> }
>>>
>>> +static int parse_vlan_from_nlattrs(const struct nlattr *nla,
>>> + struct sw_flow_match *match,
>>> + u64 *key_attrs, bool *ie_valid,
>>> + const struct nlattr **a, bool is_mask,
>>> + bool log) {
>>> + int err;
>>> + __be16 tci;
>>> + const struct nlattr *encap;
>>> +
>>> + if (!is_mask) {
>>> + u64 v_attrs = 0;
>>> +
>>> + tci = nla_get_be16(a[OVS_KEY_ATTR_VLAN]);
>>> +
>>> + if (tci & htons(VLAN_TAG_PRESENT)) {
>>> + if (unlikely((nla_get_be16(a[OVS_KEY_ATTR_ETHERTYPE]) ==
>>> + htons(ETH_P_8021AD)))) {
>> Since we have added tpid to flow key, we have flexibility of
>> supporting generic double encapsulation. Therefore in netlink parsing
>> of key, double encap should not be limited to just 8021AD. for example
>> it should allow 8021Q in 8021Q header as valid key.
> I agree. Although Open Flow specification doesn't support non 802.1AD double tagged vlans, we probably should be as least restrictive as possible here in the kernel module. I recoded this in V12 to allow a more "generic" qinq.
>>
>>> + err = parse_flow_nlattrs(nla, a, &v_attrs, log);
>>> + if (err)
>>> + return err;
>>> + if (!v_attrs)
>>> + return -EINVAL;
>>> +
>
> _______________________________________________
> dev mailing list
> dev@openvswitch.org
> http://openvswitch.org/mailman/listinfo/dev
>
--
Thomas F Herbert Red Hat
The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com
_______________________________________________
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev
^ permalink raw reply [flat|nested] 11+ messages in thread
end of thread, other threads:[~2015-07-26 15:17 UTC | newest]
Thread overview: 11+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-06-23 18:26 [PATCH net-next V11 0/4] openvswitch: Add support for 802.1AD Thomas F Herbert
[not found] ` <1435083990-12986-1-git-send-email-thomasfherbert-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2015-06-23 18:26 ` [PATCH net-next V11 1/3] openvswitch: 802.1ad uapi changes Thomas F Herbert
2015-06-23 18:26 ` [PATCH net-next V11 2/3] Check for vlan ethernet types for 8021.q or 802.1ad Thomas F Herbert
[not found] ` <1435083990-12986-3-git-send-email-thomasfherbert-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2015-06-23 18:43 ` Sergei Shtylyov
2015-06-23 19:01 ` Thomas F Herbert
2015-06-23 18:26 ` [PATCH net-next 3/3] openvswitch: 802.1AD: Flow handling, actions, and vlan parsing Thomas F Herbert
[not found] ` <1435083990-12986-4-git-send-email-thomasfherbert-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2015-06-30 4:16 ` Pravin Shelar
[not found] ` <CALnjE+pZB+NkG2Q=ZsLzGNLy4PixwY+U9+HwgfmLQLv+Vd_hgg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-07-26 0:32 ` Thomas F Herbert
[not found] ` <55B42AB1.6080200-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2015-07-26 13:57 ` ravulakollu.kumar-uxC5H9eHYlcAvxtiuMwx3w
[not found] ` <SG2PR03MB07969B4C4555CB2E370AE8F3E48F0-ePYYJTVkT3RaLI7+W3dM6q82SN/2zMuYvxpqHgZTriW3zl9H0oFU5g@public.gmane.org>
2015-07-26 14:33 ` Thomas F Herbert
[not found] ` <55B4EFA4.4070804-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2015-07-26 15:17 ` ravulakollu.kumar-uxC5H9eHYlcAvxtiuMwx3w
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).