From patchwork Wed May 8 21:38:20 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Leigh Brown X-Patchwork-Id: 13659178 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id AA0BAC04FFE for ; Wed, 8 May 2024 21:39:16 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.718968.1121571 (Exim 4.92) (envelope-from ) id 1s4p0B-0004Yg-ST; Wed, 08 May 2024 21:39:03 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 718968.1121571; Wed, 08 May 2024 21:39:03 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1s4p0B-0004Y3-OY; Wed, 08 May 2024 21:39:03 +0000 Received: by outflank-mailman (input) for mailman id 718968; Wed, 08 May 2024 21:39:02 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1s4p0A-00044I-A7 for xen-devel@lists.xenproject.org; Wed, 08 May 2024 21:39:02 +0000 Received: from doppler.solinno.uk (doppler.solinno.uk [81.2.106.178]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id 611416e4-0d83-11ef-909c-e314d9c70b13; Wed, 08 May 2024 23:38:59 +0200 (CEST) Received: from folly.solinno.co.uk (folly.dyn.solinno.co.uk [192.168.2.135]) by doppler.solinno.uk (Postfix) with ESMTPSA id 2010F8007B; Wed, 8 May 2024 22:38:59 +0100 (BST) Received: by folly.solinno.co.uk (Postfix, from userid 1000) id EC76220166; Wed, 8 May 2024 22:38:58 +0100 (BST) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 611416e4-0d83-11ef-909c-e314d9c70b13 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=solinno.co.uk; s=mail; t=1715204339; bh=NwExQyE50t0WzUcJcVbwpgO12YLzpS7FSJX0VovsD2w=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=0p+fVAK8o9JhCJg0v5dza9u9Fi5JpN2LJfm8aDeFs5HqXP3kQATXlN3LphiN+I8v9 I4A0NE276Pj55g6Dwknjzd5zrWUIygNHMKk4m++Tp4vtfaVHaYfuBqgcqAuoUDVUuE RH/FHx9hXn/S7UVSt+9h6UYjOZZ0eD/DlRWWWOjM= From: Leigh Brown To: xen-devel@lists.xenproject.org Cc: andrew.cooper3@citrix.com, anthony.perard@citrix.com, Leigh Brown Subject: [RFC PATCH v2 1/5] tools/libs/light: Add vlan field to libxl_device_nic Date: Wed, 8 May 2024 22:38:20 +0100 Message-Id: <20240508213824.55824-2-leigh@solinno.co.uk> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20240508213824.55824-1-leigh@solinno.co.uk> References: <20240508213824.55824-1-leigh@solinno.co.uk> MIME-Version: 1.0 Add `vlan' string field to libxl_device_nic, to allow a VLAN configuration to be specified for the VIF when adding it to the bridge device. Update libxl_nic.c to read and write the vlan field from the xenstore. This provides the capability for supported operating systems (e.g. Linux) to perform VLAN filtering on bridge ports. The Xen hotplug scripts need to be updated to read this information from the xenstore and perform the required configuration. Signed-off-by: Leigh Brown Reviewed-by: Jason Andryuk --- tools/libs/light/libxl_nic.c | 10 ++++++++++ tools/libs/light/libxl_types.idl | 1 + 2 files changed, 11 insertions(+) diff --git a/tools/libs/light/libxl_nic.c b/tools/libs/light/libxl_nic.c index d6bf06fc34..d861e3726d 100644 --- a/tools/libs/light/libxl_nic.c +++ b/tools/libs/light/libxl_nic.c @@ -233,6 +233,11 @@ static int libxl__set_xenstore_nic(libxl__gc *gc, uint32_t domid, flexarray_append(back, GCSPRINTF("%u", nic->mtu)); } + if (nic->vlan) { + flexarray_append(back, "vlan"); + flexarray_append(back, libxl__strdup(gc, nic->vlan)); + } + flexarray_append(back, "bridge"); flexarray_append(back, libxl__strdup(gc, nic->bridge)); flexarray_append(back, "handle"); @@ -313,6 +318,11 @@ static int libxl__nic_from_xenstore(libxl__gc *gc, const char *libxl_path, nic->mtu = LIBXL_DEVICE_NIC_MTU_DEFAULT; } + rc = libxl__xs_read_checked(gc, XBT_NULL, + GCSPRINTF("%s/vlan", libxl_path), + (const char **)(&nic->vlan)); + if (rc) goto out; + rc = libxl__xs_read_checked(gc, XBT_NULL, GCSPRINTF("%s/mac", libxl_path), &tmp); if (rc) goto out; diff --git a/tools/libs/light/libxl_types.idl b/tools/libs/light/libxl_types.idl index 7d8bd5d216..5c510dc272 100644 --- a/tools/libs/light/libxl_types.idl +++ b/tools/libs/light/libxl_types.idl @@ -809,6 +809,7 @@ libxl_device_nic = Struct("device_nic", [ ("backend_domname", string), ("devid", libxl_devid), ("mtu", integer), + ("vlan", string), ("model", string), ("mac", libxl_mac), ("ip", string), From patchwork Wed May 8 21:38:21 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Leigh Brown X-Patchwork-Id: 13659179 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 03EA2C25B74 for ; Wed, 8 May 2024 21:39:18 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.718967.1121558 (Exim 4.92) (envelope-from ) id 1s4p0A-00046d-OH; Wed, 08 May 2024 21:39:02 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 718967.1121558; Wed, 08 May 2024 21:39:02 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1s4p0A-00045T-GT; Wed, 08 May 2024 21:39:02 +0000 Received: by outflank-mailman (input) for mailman id 718967; Wed, 08 May 2024 21:39:01 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1s4p09-00044I-KG for xen-devel@lists.xenproject.org; Wed, 08 May 2024 21:39:01 +0000 Received: from doppler.solinno.uk (doppler.solinno.uk [81.2.106.178]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id 611b41a1-0d83-11ef-909c-e314d9c70b13; Wed, 08 May 2024 23:38:59 +0200 (CEST) Received: from folly.solinno.co.uk (folly.dyn.solinno.co.uk [192.168.2.135]) by doppler.solinno.uk (Postfix) with ESMTPSA id 2561B8009E; Wed, 8 May 2024 22:38:59 +0100 (BST) Received: by folly.solinno.co.uk (Postfix, from userid 1000) id F01BE20167; Wed, 8 May 2024 22:38:58 +0100 (BST) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 611b41a1-0d83-11ef-909c-e314d9c70b13 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=solinno.co.uk; s=mail; t=1715204339; bh=aK+rR4WSKsfVDFqSo21YMhoedb8+5SFZWoGq++M/1CY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=z9Km2AAeaGZp8E5gVbHMQzWSZ/jxogBa0gsn7AqAHpBmYIJKLxo5nZbuQOgazXjGt iyfZer4aO/4nefLHaj3Ga8/kZwRFta8c290LOz6Sqa8V801mBqVLH7eN1znO7hJm7X 1smoj4EfSIQ+IRk/HzDu82G0wjjuqOHaRLm2X8GI= From: Leigh Brown To: xen-devel@lists.xenproject.org Cc: andrew.cooper3@citrix.com, anthony.perard@citrix.com, Leigh Brown Subject: [RFC PATCH v2 2/5] tools/xl: add vlan keyword to vif option Date: Wed, 8 May 2024 22:38:21 +0100 Message-Id: <20240508213824.55824-3-leigh@solinno.co.uk> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20240508213824.55824-1-leigh@solinno.co.uk> References: <20240508213824.55824-1-leigh@solinno.co.uk> MIME-Version: 1.0 Update parse_nic_config() to support a new `vlan' keyword. This keyword specifies the VLAN configuration to assign to the VIF when attaching it to the bridge port, on operating systems that support the capability (e.g. Linux). The vlan keyword will allow one or more VLANs to be configured on the VIF when adding it to the bridge port. This will be done by the vif-bridge script and functions. Signed-off-by: Leigh Brown Reviewed-by: Jason Andryuk --- tools/xl/xl_parse.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tools/xl/xl_parse.c b/tools/xl/xl_parse.c index ed983200c3..7546fe7e7a 100644 --- a/tools/xl/xl_parse.c +++ b/tools/xl/xl_parse.c @@ -565,6 +565,8 @@ int parse_nic_config(libxl_device_nic *nic, XLU_Config **config, char *token) nic->devid = parse_ulong(oparg); } else if (MATCH_OPTION("mtu", token, oparg)) { nic->mtu = parse_ulong(oparg); + } else if (MATCH_OPTION("vlan", token, oparg)) { + replace_string(&nic->vlan, oparg); } else if (!strcmp("trusted", token)) { libxl_defbool_set(&nic->trusted, true); } else if (!strcmp("untrusted", token)) { From patchwork Wed May 8 21:38:22 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Leigh Brown X-Patchwork-Id: 13659180 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 2A36AC25B4F for ; Wed, 8 May 2024 21:39:19 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.718966.1121552 (Exim 4.92) (envelope-from ) id 1s4p0A-00044o-Dn; Wed, 08 May 2024 21:39:02 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 718966.1121552; Wed, 08 May 2024 21:39:02 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1s4p0A-00044h-9M; Wed, 08 May 2024 21:39:02 +0000 Received: by outflank-mailman (input) for mailman id 718966; Wed, 08 May 2024 21:39:01 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1s4p09-0003oG-5k for xen-devel@lists.xenproject.org; Wed, 08 May 2024 21:39:01 +0000 Received: from doppler.solinno.uk (doppler.solinno.uk [81.2.106.178]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id 61228ae4-0d83-11ef-b4bb-af5377834399; Wed, 08 May 2024 23:38:59 +0200 (CEST) Received: from folly.solinno.co.uk (folly.dyn.solinno.co.uk [192.168.2.135]) by doppler.solinno.uk (Postfix) with ESMTPSA id 2C084800A4; Wed, 8 May 2024 22:38:59 +0100 (BST) Received: by folly.solinno.co.uk (Postfix, from userid 1000) id F408220174; Wed, 8 May 2024 22:38:58 +0100 (BST) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 61228ae4-0d83-11ef-b4bb-af5377834399 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=solinno.co.uk; s=mail; t=1715204339; bh=tu/eViqs6PEWINbRyoFYh4zDxVMHi/C0o7aOqYaz5Tc=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=k5+w8Px9oNv5TbaY4ri+l5AsGUbFSwrz1Wa8vA2/fe9HwFiUaR9ZQj6cG55Y2aMkH WKTx2PCeTVvDpRvLRtbcNSadHZ9fkAzziz5raPHnD9oYNIZzYgiKP9SYR8eLYI7fgS w+936cXMqEfkSAVs76rum/DTRlHQSkMHbRwvh4TY= From: Leigh Brown To: xen-devel@lists.xenproject.org Cc: andrew.cooper3@citrix.com, anthony.perard@citrix.com, Leigh Brown Subject: [RFC PATCH v2 3/5] tools/hotplug/Linux: Add bridge VLAN support Date: Wed, 8 May 2024 22:38:22 +0100 Message-Id: <20240508213824.55824-4-leigh@solinno.co.uk> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20240508213824.55824-1-leigh@solinno.co.uk> References: <20240508213824.55824-1-leigh@solinno.co.uk> MIME-Version: 1.0 Update add_to_bridge shell function to read the vlan parameter from xenstore and set the bridge VLAN configuration for the VID. Add additional helper functions to parse the vlan specification, which consists of one or more of the follow: a) single VLAN (e.g. 10). b) contiguous range of VLANs (e.g. 10-15). c) discontiguous range with base, increment and count (e.g. 100+10x9 which gives VLAN IDs 100, 110, ... 190). A single VLAN can be suffixed with "p" to indicate the PVID, or "u" to indicate untagged. A range of VLANs can be suffixed with "u" to indicate untagged. A complex example would be: vlan=1p/10-15/20-25u This capability only works when using the iproute2 bridge command, so a warning is issued if the vlan parameter is set and the bridge command is not available, as it will be ignored. Signed-off-by: Leigh Brown --- tools/hotplug/Linux/xen-network-common.sh | 111 ++++++++++++++++++++++ 1 file changed, 111 insertions(+) diff --git a/tools/hotplug/Linux/xen-network-common.sh b/tools/hotplug/Linux/xen-network-common.sh index 42fa704e8d..d9fb4f7355 100644 --- a/tools/hotplug/Linux/xen-network-common.sh +++ b/tools/hotplug/Linux/xen-network-common.sh @@ -121,10 +121,113 @@ create_bridge () { fi } +_vif_vlan_add() { + # References vlans, pvid and error variables from the calling function + local -i vid=$1 + local flag=${2:-} + + if (( vid < 1 || vid > 4094 )) ;then + error="vlan id $vid not between 1 and 4094" + return + fi + if [[ -n "${vlans[$vid]}" ]] ;then + error="vlan id $vid specified more than once" + return + fi + case $flag in + p) if (( pvid != 0 )) ;then + error="more than one pvid specified ($vid and $pvid)" + return + fi + pvid=$vid + vlans[$vid]=p ;; + u) vlans[$vid]=u ;; + *) vlans[$vid]=t ;; + esac +} + +_vif_vlan_parse_term() { + # References error variable from the calling function + local vid incr last term=${1:-} + + if [[ $term =~ ^([0-9]+)([pu])?$ ]] ;then + _vif_vlan_add ${BASH_REMATCH[1]} ${BASH_REMATCH[2]} + elif [[ $term =~ ^([0-9]+)-([0-9]+)(u)?$ ]] ;then + vid=${BASH_REMATCH[1]} + last=${BASH_REMATCH[2]} + if (( last >= vid )) ;then + for (( ; vid<=last; vid++ )) ;do + _vif_vlan_add $vid ${BASH_REMATCH[3]} + done + else + error="invalid vlan id range: $term" + fi + elif [[ $term =~ ^([0-9]+)\+([0-9]+)x([0-9]+)(u)?$ ]] ;then + vid=${BASH_REMATCH[1]} + incr=${BASH_REMATCH[2]} + for (( j=${BASH_REMATCH[3]}; j>0; --j, vid+=incr )) + do + _vif_vlan_add $vid ${BASH_REMATCH[4]} + done + else + error="invalid vlan specification: $term" + fi +} + +_vif_vlan_validate_pvid() { + # References vlans and pvid variables from the calling function + if (( pvid == 0 )) ;then + if (( ${#vlans[@]} == 1 )) ;then + vlans[${!vlans[*]}]=p + else + error="pvid required for multiple vlan ids" + fi + fi +} + +_vif_vlan_setup() { + # References vlans and dev variable from the calling function + local vid cmd + + bridge vlan del dev "$dev" vid 1 + for vid in ${!vlans[@]} ;do + cmd="bridge vlan add dev '$dev' vid $vid" + case ${vlans[$vid]} in + p) cmd="$cmd pvid untagged" ;; + u) cmd="$cmd untagged" ;; + t) ;; + esac + eval "$cmd" + done +} + +_vif_vlan_membership() { + # The vlans, pvid, dev and error variables are used by sub-functions + local -A vlans=() + local -a terms=() + local -i i pvid=0 + local dev=$1 error="" + + # Split the vlan specification string into its terms + readarray -d / -t terms <<<$2 + for (( i=0; i<${#terms[@]}; ++i )) ;do + _vif_vlan_parse_term ${terms[$i]%%[[:space:]]} + [[ -n "$error" ]] && break + done + + [[ -z "$error" ]] && _vif_vlan_validate_pvid + [[ -z "$error" ]] && _vif_vlan_setup + [[ -z "$error" ]] && return 0 + + log error "$error" + return 1 +} + # Usage: add_to_bridge bridge dev add_to_bridge () { local bridge=$1 local dev=$2 + local vlan=$(xenstore_read_default "$XENBUS_PATH/vlan" "") # Don't add $dev to $bridge if it's already on the bridge. if [ ! -e "/sys/class/net/${bridge}/brif/${dev}" ]; then @@ -134,6 +237,14 @@ add_to_bridge () { else ip link set ${dev} master ${bridge} fi + if [ -n "${vlan}" ] ;then + if which bridge >&/dev/null; then + log debug "configuring VLANs for ${dev} on ${bridge}" + _vif_vlan_membership "${dev}" "${vlan}" + else + log warning "bridge command not available, ignoring vlan config" + fi + fi else log debug "$dev already on bridge $bridge" fi From patchwork Wed May 8 21:38:23 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Leigh Brown X-Patchwork-Id: 13659181 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id C9279C25B78 for ; Wed, 8 May 2024 21:39:20 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.718969.1121582 (Exim 4.92) (envelope-from ) id 1s4p0D-0004oc-48; Wed, 08 May 2024 21:39:05 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 718969.1121582; Wed, 08 May 2024 21:39:05 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1s4p0D-0004oV-12; Wed, 08 May 2024 21:39:05 +0000 Received: by outflank-mailman (input) for mailman id 718969; Wed, 08 May 2024 21:39:03 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1s4p0B-00044I-A9 for xen-devel@lists.xenproject.org; Wed, 08 May 2024 21:39:03 +0000 Received: from doppler.solinno.uk (doppler.solinno.uk [81.2.106.178]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id 611f7b26-0d83-11ef-909c-e314d9c70b13; Wed, 08 May 2024 23:38:59 +0200 (CEST) Received: from folly.solinno.co.uk (folly.dyn.solinno.co.uk [192.168.2.135]) by doppler.solinno.uk (Postfix) with ESMTPSA id 292668009F; Wed, 8 May 2024 22:38:59 +0100 (BST) Received: by folly.solinno.co.uk (Postfix, from userid 1000) id 030132017E; Wed, 8 May 2024 22:38:59 +0100 (BST) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 611f7b26-0d83-11ef-909c-e314d9c70b13 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=solinno.co.uk; s=mail; t=1715204339; bh=+Btd9KVZELds4IWrVvm32cKo9jGdEkoWQ7GZ1KHgtYw=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=iHPObwfQZEAy1JyUCQI4BAtqbCaTT/dlCv37rO2Tt0tG39UPsSmaCC9mwPwyFt4IQ +rimKjAj/Q+t6x+DEPJ27PJCTpSOZdmsPehguoNqyyneNPNuf2gvVcmRHkcrIvg8fC q2CkZe+gi2jwfxPg+R2DcTX6MLSnk/wLidltzK4g= From: Leigh Brown To: xen-devel@lists.xenproject.org Cc: andrew.cooper3@citrix.com, anthony.perard@citrix.com, Leigh Brown Subject: [RFC PATCH v2 4/5] docs/man: document VIF vlan keyword Date: Wed, 8 May 2024 22:38:23 +0100 Message-Id: <20240508213824.55824-5-leigh@solinno.co.uk> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20240508213824.55824-1-leigh@solinno.co.uk> References: <20240508213824.55824-1-leigh@solinno.co.uk> MIME-Version: 1.0 Document the new `vlan' keyword in xl-network-configuration(5). Signed-off-by: Leigh Brown Reviewed-by: Jason Andryuk --- docs/man/xl-network-configuration.5.pod.in | 38 ++++++++++++++++++++++ 1 file changed, 38 insertions(+) diff --git a/docs/man/xl-network-configuration.5.pod.in b/docs/man/xl-network-configuration.5.pod.in index f3e379bcf8..c35c0922b3 100644 --- a/docs/man/xl-network-configuration.5.pod.in +++ b/docs/man/xl-network-configuration.5.pod.in @@ -259,6 +259,44 @@ Specifies the MTU (i.e. the maximum size of an IP payload, exclusing headers). T default value is 1500 but, if the VIF is attached to a bridge, it will be set to match unless overridden by this parameter. +=head2 vlan + +Specifies the VLAN configuration. The format of this parameter is one or more +VLAN IDs or ranges separated by forward slashes. Each term can be: + +=over + +=item * + +B - a single VLAN ID in the range 1 to 4094. This can optionally followed +by a B

to indicate the PVID or by a B to indicate an untagged VLAN. C

+implies B. + +=item * + +B-B - a range of VLAN IDs from B to B, both between +1 and 4094 and B being less than or equal to B. This can be +optionally followed by a B to indicate that the range of VLANs are untagged. + +=item * + +B+BxB - describing a range of VLAN IDs starting at B +with B additional entries, each incremented by B. This can be +optionally followed by a B to indicate that the range of VLANs are untagged. + +=back + +Note, one VLAN ID must be marked as the PVID. In the case of a vlan +specification consisting of a single VLAN ID (e.g. C), the B

suffix +may be omitted. Specifying more than one untagged VLAN ID is an advanced +configuration - use with caution. + +For example: + + 'vlan=10' -- meaning a single VLAN that is the PVID. + 'vlan=10p/20' -- VLAN 10 is the PVID and VLAN 20 is tagged. + 'vlan=10p/100+10x4' -- VLANs 10, 100, 110, 120, 130, 140, 150. + =head2 trusted / untrusted An advisory setting for the frontend driver on whether the backend should be From patchwork Wed May 8 21:38:24 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Leigh Brown X-Patchwork-Id: 13659183 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 714ECC25B4F for ; Wed, 8 May 2024 21:39:22 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.718970.1121588 (Exim 4.92) (envelope-from ) id 1s4p0D-0004wt-KZ; Wed, 08 May 2024 21:39:05 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 718970.1121588; Wed, 08 May 2024 21:39:05 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1s4p0D-0004uc-Gk; Wed, 08 May 2024 21:39:05 +0000 Received: by outflank-mailman (input) for mailman id 718970; Wed, 08 May 2024 21:39:04 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1s4p0C-00044I-AS for xen-devel@lists.xenproject.org; Wed, 08 May 2024 21:39:04 +0000 Received: from doppler.solinno.uk (doppler.solinno.uk [81.2.106.178]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id 612663b5-0d83-11ef-909c-e314d9c70b13; Wed, 08 May 2024 23:38:59 +0200 (CEST) Received: from folly.solinno.co.uk (folly.dyn.solinno.co.uk [192.168.2.135]) by doppler.solinno.uk (Postfix) with ESMTPSA id 2D09B800A5; Wed, 8 May 2024 22:38:59 +0100 (BST) Received: by folly.solinno.co.uk (Postfix, from userid 1000) id 06DB42017F; Wed, 8 May 2024 22:38:59 +0100 (BST) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 612663b5-0d83-11ef-909c-e314d9c70b13 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=solinno.co.uk; s=mail; t=1715204339; bh=bIUl73UyV+ayA8Z1TZOYtaBLcFb3iD439KxaXODeE/U=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=tCaiftnLTPj7TR5XUPM/tF9fgWEtaFVpTkhb0aVmdLKPFmotpT+z0OUNDZ6adEaJH BRybjeI8ofZSoM9mirE/VKFFGGaAQpuDnFRHbHNuoOBv8451uLn/TJ5aXsnRDk6Snq wNxjXBZTaPN67mOpMMWl9GfeWbfVsyeLBx2I9Fkg= From: Leigh Brown To: xen-devel@lists.xenproject.org Cc: andrew.cooper3@citrix.com, anthony.perard@citrix.com, Leigh Brown Subject: [RFC PATCH v2 5/5] tools/examples: Example Linux bridge VLAN config Date: Wed, 8 May 2024 22:38:24 +0100 Message-Id: <20240508213824.55824-6-leigh@solinno.co.uk> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20240508213824.55824-1-leigh@solinno.co.uk> References: <20240508213824.55824-1-leigh@solinno.co.uk> MIME-Version: 1.0 Add a new directory linux-bridge-vlan with examples files showing how to configure systemd-networkd to support a bridge VLAN configuration. Signed-off-by: Leigh Brown --- tools/examples/linux-bridge-vlan/README | 68 +++++++++++++++++++ tools/examples/linux-bridge-vlan/br0.netdev | 7 ++ tools/examples/linux-bridge-vlan/br0.network | 8 +++ .../examples/linux-bridge-vlan/enp0s0.network | 16 +++++ 4 files changed, 99 insertions(+) create mode 100644 tools/examples/linux-bridge-vlan/README create mode 100644 tools/examples/linux-bridge-vlan/br0.netdev create mode 100644 tools/examples/linux-bridge-vlan/br0.network create mode 100644 tools/examples/linux-bridge-vlan/enp0s0.network diff --git a/tools/examples/linux-bridge-vlan/README b/tools/examples/linux-bridge-vlan/README new file mode 100644 index 0000000000..83b9fa3fd6 --- /dev/null +++ b/tools/examples/linux-bridge-vlan/README @@ -0,0 +1,68 @@ +Linux Xen Dom0 single bridge multiple VLAN configuration with systemd +===================================================================== + +Introduction +------------ + +This directory contains example files to be placed in /etc/systemd/network +to enable a single bridge with multiple VLAN support. + +The example is to support the scenario where the Xen host network interface +is connected to an Ethernet switch configured as a trunk port. Each domain +VIF can then be configured with one or more VLAN IDs, one of which will be +the PVID. + +The example files create a bridge device called br0, with a physical interface +called enp0s0. You will need to update this with your system's device name. + +Key points of the configuration are: + +1. In br0.netdev, VLANFiltering=on is set. This is required to ensure the + VLAN tags are handled correctly. If it is not set then the packets + from the VIF interfaces will not have the correct VLAN tags set. + +2. In br0.network, a system IPv4 address is configured that can be updated + according to your local network settings. + +3. In enp0s0.network, Bridge=br0 sets the bridge device to connect to. There + is also a [BridgeVLAN] section for each VLAN you want to give access + to the switch. Note, if you want to create an internal VLAN private to + the host, do not include its VLAN ID in this file. + + +Domain configuration +-------------------- + +Add the vlan= keyword to the vif definition in the domain. The simplest +and most common example is a domain that wishes to connect to a single VLAN: + +vif = [ 'mac=xx:xx:xx:xx:xx:xx, bridge=br0, vlan=10' ] + +If you wish to configure a domain to route between two VLANs, you have two +options. Option 1 is to create multiple interfaces on different VLANs: + +vif = [ 'mac=xx:xx:xx:xx:xx:xx, bridge=br0, vlan=10', + 'max=xx:xx:xx:xx:xx:xx, bridge=br0, vlan=20' ] + +Alternatively, you can create single interface: + +vif = [ 'mac=xx:xx:xx:xx:xx:xx, bridge=br0, vlan=10p/20' ] + +In the domain, you would, for example, use enX0 for VLAN 10 and enX0.20 for +VLAN 20. + + +Hints and tips +-------------- + +You can run the following commands on dom0 or a driver domain: + +1. To check if vlan_filtering is enabled: + # cat /sys/devices/virtual/net//bridge/vlan_filtering + +2. To check the bridge port VLAN assignments: + # bridge vlan + +3. To check the vlan setting in the xenstore (dom0 only): + # xenstore-ls -f | grep 'vlan =' + diff --git a/tools/examples/linux-bridge-vlan/br0.netdev b/tools/examples/linux-bridge-vlan/br0.netdev new file mode 100644 index 0000000000..ae1fe487c3 --- /dev/null +++ b/tools/examples/linux-bridge-vlan/br0.netdev @@ -0,0 +1,7 @@ +[NetDev] +Name=br0 +Kind=bridge +MACAddress=xx:xx:xx:xx:xx:xx + +[Bridge] +VLANFiltering=on diff --git a/tools/examples/linux-bridge-vlan/br0.network b/tools/examples/linux-bridge-vlan/br0.network new file mode 100644 index 0000000000..b56203b66a --- /dev/null +++ b/tools/examples/linux-bridge-vlan/br0.network @@ -0,0 +1,8 @@ +[Match] +Name=br0 + +[Network] +DNS=8.8.8.8 +#Domains=example.com +Address=10.1.1.10/24 +Gateway=10.1.1.1 diff --git a/tools/examples/linux-bridge-vlan/enp0s0.network b/tools/examples/linux-bridge-vlan/enp0s0.network new file mode 100644 index 0000000000..6ee3154dfc --- /dev/null +++ b/tools/examples/linux-bridge-vlan/enp0s0.network @@ -0,0 +1,16 @@ +[Match] +Name=enp0s0 + +[Network] +Bridge=br0 + +# If Jumbo frames are required +#[Link] +#MTUBytes=9000 + +[BridgeVLAN] +VLAN=10 + +[BridgeVLAN] +VLAN=20 +