From patchwork Thu Aug 10 20:14:27 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: William Tu X-Patchwork-Id: 800327 X-Patchwork-Delegate: shemminger@vyatta.com Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="AZXokkP1"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 3xSzrK3dGYz9sNv for ; Fri, 11 Aug 2017 06:14:41 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753282AbdHJUOi (ORCPT ); Thu, 10 Aug 2017 16:14:38 -0400 Received: from mail-pf0-f193.google.com ([209.85.192.193]:37222 "EHLO mail-pf0-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753123AbdHJUOh (ORCPT ); Thu, 10 Aug 2017 16:14:37 -0400 Received: by mail-pf0-f193.google.com with SMTP id p13so1566089pfd.4 for ; Thu, 10 Aug 2017 13:14:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id; bh=W2SN7rPj4WR5DuYGeozGRCKG4c3CXxxajy9fdoxzubk=; b=AZXokkP14arD4sFqkGSXS6I6Rt9/2pOFGwK7bLfgUM5X11Z1e7NTeO3x2aEcWCXwGC vN2N5OZV96HwSVcemqEb/8EY6bnmzP5kuZdAANbxLf36OqPMMXG+JyH1+39MnJCxQBWy 3ZtfPaxaaglkKyxNthTZLzswatFpN43sA5ldaKezuY9iQS3Vrl+YsLwKc1dHWsRz279d Hj3C/JRkLpW1L1nmGMC4HFmHyGvjWMaGqh2rZCyAmqL7cFF2NHnPnTxls5+KGKQbLBAr dMxfo0FNCMb6gwXihhOci8rrmoJueJEnL0oRGXfHmc4xNJLgvad5TfcU3/Ys5da7Jiar ywYg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=W2SN7rPj4WR5DuYGeozGRCKG4c3CXxxajy9fdoxzubk=; b=BD6j7MfCPCHnWZD9iHY5Pl1Zb+eGBO4TG0htduByN6Mj42XtGC5I4cujZBhC+TqXV6 p1pf2hPIXlo+D0hILYH+X+HsxholzZSA0nP6N4wlK4wvJpJpzBvN2nuWF5XIDYIxZMKr 0/RXg/aambsfKA69lOsrx9tRjovvkBRiSKDZC3jSWTfW17HJwoSmsBWLFf8T8gDTgo6k re8M3Tcx814SsGUNbw20ODXIbJs5Zy+73NkRQlHDCyIvZ2C7ADqVawxk6DN3N3X4kawE oCWph/HrR6zpZqc/c8GMRuILVGFtivu/7BZ7IdwJRMQZoNhyQraoGNUXLjI1TjzOUaay OVsQ== X-Gm-Message-State: AHYfb5gjwzkLR6t9QtT3rchVYg7V24aVCSFdlssusg+X0hfetkxlegXL W483eejEOP5gMrRVgsc= X-Received: by 10.98.152.4 with SMTP id q4mr9244608pfd.38.1502396076463; Thu, 10 Aug 2017 13:14:36 -0700 (PDT) Received: from sc9-mailhost3.vmware.com ([208.91.1.34]) by smtp.gmail.com with ESMTPSA id k4sm14825490pfk.26.2017.08.10.13.14.35 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 10 Aug 2017 13:14:35 -0700 (PDT) From: William Tu To: netdev@vger.kernel.org Cc: Meenakshi Vohra , Stephen Hemminger , Alexey Kuznetsov Subject: [PATCHv2 net-next iproute2] gre: add support for ERSPAN tunnel Date: Thu, 10 Aug 2017 13:14:27 -0700 Message-Id: <1502396067-21274-1-git-send-email-u9012063@gmail.com> X-Mailer: git-send-email 2.7.4 Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org The patch adds ERSPAN type II tunnel support. The implementation is based on the draft at https://tools.ietf.org/html/draft-foschiano-erspan-01 One of the purposes is for Linux box to be able to receive ERSPAN monitoring traffic sent from the Cisco switch, by creating a ERSPAN tunnel device. In addition, the patch also adds ERSPAN TX, so traffic can also be encapsulated into ERSPAN and sent out. The implementation reuses the key as ERSPAN session ID, and field 'erspan' as ERSPAN Index fields: ./ip link add dev ers11 type erspan seq key 100 erspan 123 \ local 172.16.1.200 remote 172.16.1.100 Signed-off-by: William Tu Signed-off-by: Meenakshi Vohra Cc: Stephen Hemminger Cc: Alexey Kuznetsov --- v1->v2: Add manual entry for ERSPAN. Check 20-bit ERSPAN index field. --- include/linux/if_tunnel.h | 1 + ip/ipaddress.c | 2 +- ip/iplink.c | 5 +++-- ip/link_gre.c | 28 +++++++++++++++++++++++++++- man/man8/ip-address.8.in | 1 + man/man8/ip-link.8.in | 19 ++++++++++++++++--- 6 files changed, 49 insertions(+), 7 deletions(-) diff --git a/include/linux/if_tunnel.h b/include/linux/if_tunnel.h index 7375335a0773..21834cac4c0d 100644 --- a/include/linux/if_tunnel.h +++ b/include/linux/if_tunnel.h @@ -134,6 +134,7 @@ enum { IFLA_GRE_COLLECT_METADATA, IFLA_GRE_IGNORE_DF, IFLA_GRE_FWMARK, + IFLA_GRE_ERSPAN_INDEX, __IFLA_GRE_MAX, }; diff --git a/ip/ipaddress.c b/ip/ipaddress.c index 4d37c5e04507..f7296991e483 100644 --- a/ip/ipaddress.c +++ b/ip/ipaddress.c @@ -76,7 +76,7 @@ static void usage(void) fprintf(stderr, "LFT := forever | SECONDS\n"); fprintf(stderr, "TYPE := { vlan | veth | vcan | dummy | ifb | macvlan | macvtap |\n"); fprintf(stderr, " bridge | bond | ipoib | ip6tnl | ipip | sit | vxlan | lowpan |\n"); - fprintf(stderr, " gre | gretap | ip6gre | ip6gretap | vti | nlmon | can |\n"); + fprintf(stderr, " gre | gretap | erspan | ip6gre | ip6gretap | vti | nlmon | can |\n"); fprintf(stderr, " bond_slave | ipvlan | geneve | bridge_slave | vrf | hsr | macsec }\n"); exit(-1); diff --git a/ip/iplink.c b/ip/iplink.c index 5aff2fde38da..62430110bfab 100644 --- a/ip/iplink.c +++ b/ip/iplink.c @@ -112,8 +112,9 @@ void iplink_usage(void) "\n" "TYPE := { vlan | veth | vcan | dummy | ifb | macvlan | macvtap |\n" " bridge | bond | team | ipoib | ip6tnl | ipip | sit | vxlan |\n" - " gre | gretap | ip6gre | ip6gretap | vti | nlmon | team_slave |\n" - " bond_slave | ipvlan | geneve | bridge_slave | vrf | macsec }\n"); + " gre | gretap | erspan | ip6gre | ip6gretap | vti | nlmon |\n" + " team_slave | bond_slave | ipvlan | geneve | bridge_slave |\n" + " vrf | macsec }\n"); } exit(-1); } diff --git a/ip/link_gre.c b/ip/link_gre.c index c2ec5f26902f..e3fcab3a8ca7 100644 --- a/ip/link_gre.c +++ b/ip/link_gre.c @@ -26,7 +26,7 @@ static void print_usage(FILE *f) { fprintf(f, - "Usage: ... { gre | gretap } [ remote ADDR ]\n" + "Usage: ... { gre | gretap | erspan } [ remote ADDR ]\n" " [ local ADDR ]\n" " [ [i|o]seq ]\n" " [ [i|o]key KEY ]\n" @@ -44,6 +44,7 @@ static void print_usage(FILE *f) " [ [no]encap-csum6 ]\n" " [ [no]encap-remcsum ]\n" " [ fwmark MARK ]\n" + " [ erspan IDX ]\n" "\n" "Where: ADDR := { IP_ADDRESS | any }\n" " TOS := { NUMBER | inherit }\n" @@ -96,6 +97,7 @@ static int gre_parse_opt(struct link_util *lu, int argc, char **argv, __u8 metadata = 0; __u8 ignore_df = 0; __u32 fwmark = 0; + __u32 erspan_idx = 0; if (!(n->nlmsg_flags & NLM_F_CREATE)) { if (rtnl_talk(&rth, &req.n, &req.n, sizeof(req)) < 0) { @@ -172,6 +174,9 @@ get_failed: if (greinfo[IFLA_GRE_FWMARK]) fwmark = rta_getattr_u32(greinfo[IFLA_GRE_FWMARK]); + + if (greinfo[IFLA_GRE_ERSPAN_INDEX]) + erspan_idx = rta_getattr_u32(greinfo[IFLA_GRE_ERSPAN_INDEX]); } while (argc > 0) { @@ -328,6 +333,12 @@ get_failed: NEXT_ARG(); if (get_u32(&fwmark, *argv, 0)) invarg("invalid fwmark\n", *argv); + } else if (strcmp(*argv, "erspan") == 0) { + NEXT_ARG(); + if (get_u32(&erspan_idx, *argv, 0)) + invarg("invalid erspan index\n", *argv); + if (erspan_idx & ~((1<<20) - 1)) + invarg("erspan index must be <= 20-bit\n", *argv); } else usage(); argc--; argv++; @@ -359,6 +370,7 @@ get_failed: addattr_l(n, 1024, IFLA_GRE_TTL, &ttl, 1); addattr_l(n, 1024, IFLA_GRE_TOS, &tos, 1); addattr32(n, 1024, IFLA_GRE_FWMARK, fwmark); + addattr32(n, 1024, IFLA_GRE_ERSPAN_INDEX, htonl(erspan_idx)); } else { addattr_l(n, 1024, IFLA_GRE_COLLECT_METADATA, NULL, 0); } @@ -473,6 +485,12 @@ static void gre_print_opt(struct link_util *lu, FILE *f, struct rtattr *tb[]) if (tb[IFLA_GRE_IGNORE_DF] && rta_getattr_u8(tb[IFLA_GRE_IGNORE_DF])) fputs("ignore-df ", f); + if (tb[IFLA_GRE_ERSPAN_INDEX]) { + __u32 erspan_idx = rta_getattr_u32(tb[IFLA_GRE_ERSPAN_INDEX]); + + fprintf(f, "erspan_index %u", erspan_idx); + } + if (tb[IFLA_GRE_ENCAP_TYPE] && rta_getattr_u16(tb[IFLA_GRE_ENCAP_TYPE]) != TUNNEL_ENCAP_NONE) { __u16 type = rta_getattr_u16(tb[IFLA_GRE_ENCAP_TYPE]); @@ -538,3 +556,11 @@ struct link_util gretap_link_util = { .print_opt = gre_print_opt, .print_help = gre_print_help, }; + +struct link_util erspan_link_util = { + .id = "erspan", + .maxattr = IFLA_GRE_MAX, + .parse_opt = gre_parse_opt, + .print_opt = gre_print_opt, + .print_help = gre_print_help, +}; diff --git a/man/man8/ip-address.8.in b/man/man8/ip-address.8.in index 43385813a134..988a79652f6f 100644 --- a/man/man8/ip-address.8.in +++ b/man/man8/ip-address.8.in @@ -120,6 +120,7 @@ ip-address \- protocol address management .BR sit " |" .BR gre " |" .BR gretap " |" +.BR erspan " |" .BR ip6gre " |" .BR ip6gretap " |" .BR vti " |" diff --git a/man/man8/ip-link.8.in b/man/man8/ip-link.8.in index c0207281905d..851b308cbe1a 100644 --- a/man/man8/ip-link.8.in +++ b/man/man8/ip-link.8.in @@ -202,6 +202,7 @@ ip-link \- network device configuration .BR sit " |" .BR gre " |" .BR gretap " |" +.BR erspan " |" .BR ip6gre " |" .BR ip6gretap " |" .BR vti " |" @@ -297,6 +298,9 @@ Link types: .BR gretap - Virtual L2 tunnel interface GRE over IPv4 .sp +.BR erspan +- Encapsulated Remote SPAN over GRE and IPv4 +.sp .BR ip6gre - Virtual tunnel interface GRE over IPv6 .sp @@ -643,13 +647,13 @@ keyword. .in -8 .TP -GRE, IPIP, SIT Type Support +GRE, IPIP, SIT, ERSPAN Type Support For a link of types -.I GRE/IPIP/SIT +.I GRE/IPIP/SIT/ERSPAN the following additional arguments are supported: .BI "ip link add " DEVICE -.BR type " { " gre " | " ipip " | " sit " }" +.BR type " { " gre " | " ipip " | " sit " | " erspan " }" .BI " remote " ADDR " local " ADDR [ .BR encap " { " fou " | " gue " | " none " }" @@ -663,6 +667,8 @@ the following additional arguments are supported: .I " [no]encap-remcsum " ] [ .I " mode " { ip6ip | ipip | mplsip | any } " +] [ +.BR erspan " \fIIDX " ] .in +8 @@ -707,6 +713,13 @@ MPLS-Over-IPv4, "any" indicates IPv6, IPv4 or MPLS Over IPv4. Supported for SIT where the default is "ip6ip" and IPIP where the default is "ipip". IPv6-Over-IPv4 is not supported for IPIP. +.sp +.BR erspan " \fIIDX " +- specifies the ERSPAN index field. +.IR IDX +indicates a 20 bit index/port number associated with the ERSPAN +traffic's source port and direction. + .in -8 .TP