From nobody Sun Dec 22 02:31:44 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=fail(p=none dis=none) header.from=solinno.co.uk Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1734690881251600.704171259563; Fri, 20 Dec 2024 02:34:41 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 996) id 3293D12AF; Fri, 20 Dec 2024 05:34:40 -0500 (EST) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id E057F15FE; Fri, 20 Dec 2024 05:33:12 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 996) id 7AF8212A3; Fri, 20 Dec 2024 05:33:04 -0500 (EST) Received: from doppler.solinno.uk (doppler.solinno.uk [81.2.106.178]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 7A2D11573 for ; Fri, 20 Dec 2024 05:33:02 -0500 (EST) Received: from plato.solinno.co.uk (plato.dyn.solinno.co.uk [192.168.2.203]) by doppler.solinno.uk (Postfix) with ESMTPSA id 9A9F020273; Fri, 20 Dec 2024 10:33:00 +0000 (GMT) Received: by plato.solinno.co.uk (Postfix, from userid 1000) id BA84344; Fri, 20 Dec 2024 10:33:05 +0000 (GMT) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-0.6 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, RCVD_IN_VALIDITY_RPBL_BLOCKED,RCVD_IN_VALIDITY_SAFE_BLOCKED, SPF_HELO_PASS autolearn=unavailable autolearn_force=no version=3.4.4 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=solinno.co.uk; s=mail; t=1734690780; bh=H5ndDmZmBufZTjCG1jSh2d3qlH9rPu60XxJ/Qnm1Uf4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=enNNHFI3VQyZz3VTgfG4S7bw4gUdzqjBOCECuCliWSu2SGTb2ME3jrCuDTQUocKW3 Pk01hfhsIE/ZnuQMx6vwr5t5P1PAXbnKciJySq+ClZGn9qbQZJF49puyES5ZPxs0gt GkaKBvUyLB+OW7BmBYFEPcjhiVzo6d8Ih7X/xMYk= From: Leigh Brown To: devel@lists.libvirt.org Subject: [RFC v2 PATCH 1/4] util: Add virNetDevBridgeSetupVlans function Date: Fri, 20 Dec 2024 10:33:01 +0000 Message-ID: <20241220103304.29496-2-leigh@solinno.co.uk> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20241220103304.29496-1-leigh@solinno.co.uk> References: <20241220103304.29496-1-leigh@solinno.co.uk> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Message-ID-Hash: P3SBLWOVNUQPFEXOLO5DLAANF5GDV6D4 X-Message-ID-Hash: P3SBLWOVNUQPFEXOLO5DLAANF5GDV6D4 X-MailFrom: leigh@solinno.co.uk X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header CC: Leigh Brown X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-ZohoMail-DKIM: fail (Computed bodyhash is different from the expected one) X-ZM-MESSAGEID: 1734690882174116600 Content-Type: text/plain; charset="utf-8" In preparation for adding vlan support using iproute2 bridge vlan functionality, add the virNetDevBridgeSetupVlans function that configures a bridge interface using the passed virNetDevVlan struct. Signed-off-by: Leigh Brown --- meson.build | 1 + src/util/virnetdevbridge.c | 57 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 58 insertions(+) diff --git a/meson.build b/meson.build index ca1b915737..39c01ebeef 100644 --- a/meson.build +++ b/meson.build @@ -857,6 +857,7 @@ optional_programs =3D [ 'ovs-vsctl', 'rmmod', 'tc', + 'bridge', ] + optional_test_programs =20 missing_optional_programs =3D [] diff --git a/src/util/virnetdevbridge.c b/src/util/virnetdevbridge.c index 5fd88f3195..353f95b040 100644 --- a/src/util/virnetdevbridge.c +++ b/src/util/virnetdevbridge.c @@ -24,6 +24,7 @@ #include "virfile.h" #include "virlog.h" #include "virstring.h" +#include "vircommand.h" =20 #ifdef WITH_NET_IF_H # include @@ -379,8 +380,64 @@ virNetDevBridgePortSetIsolated(const char *brname G_GN= UC_UNUSED, _("Unable to set bridge port isolated on this pla= tform")); return -1; } + #endif =20 +static int +virNetDevBridgeSetupVlans(const char *ifname, const virNetDevVlan *virtVla= n) +{ + g_autoptr(virCommand) cmd =3D NULL; + + if (!virtVlan || !virtVlan->nTags) + return 0; + + // The interface will have been automatically added to vlan 1, so remo= ve it + cmd =3D virCommandNewArgList(BRIDGE, "vlan", "delete", + "dev", ifname, "vid", "1", NULL); + if (virCommandRun(cmd, NULL) < 0) + return -1; + + // If trunk mode, add the native VLAN then add any others + if (virtVlan->trunk) { + size_t i; + + if (virtVlan->nativeTag) { + virCommandFree(cmd); + cmd =3D virCommandNewArgList(BRIDGE, "vlan", "add", + "dev", ifname, "vid", NULL); + virCommandAddArgFormat(cmd, "%d", virtVlan->nativeTag); + virCommandAddArg(cmd, "pvid"); + if (virtVlan->nativeMode =3D=3D VIR_NATIVE_VLAN_MODE_UNTAGGED = || + virtVlan->nativeMode =3D=3D VIR_NATIVE_VLAN_MODE_DEFAULT) + virCommandAddArg(cmd, "untagged"); + if (virCommandRun(cmd, NULL) < 0) + return -1; + } + + for (i =3D 0; i < virtVlan->nTags; i++) { + if (virtVlan->tag[i] !=3D virtVlan->nativeTag) { + virCommandFree(cmd); + cmd =3D virCommandNewArgList(BRIDGE, "vlan", "add", + "dev", ifname, "vid", NULL); + virCommandAddArgFormat(cmd, "%d", virtVlan->tag[i]); + if (virCommandRun(cmd, NULL) < 0) + return -1; + } + } + } else { + // In native mode, add the single VLAN as pvid untagged + virCommandFree(cmd); + cmd =3D virCommandNewArgList(BRIDGE, "vlan", "add", + "dev", ifname, "vid", NULL); + virCommandAddArgFormat(cmd, "%d", virtVlan->tag[0]); + virCommandAddArgList(cmd, "pvid", "untagged", NULL); + if (virCommandRun(cmd, NULL) < 0) + return -1; + } + + return 0; +} + =20 /** * virNetDevBridgeCreate: --=20 2.39.5 From nobody Sun Dec 22 02:31:44 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=fail(p=none dis=none) header.from=solinno.co.uk Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1734690813517335.3783219334978; Fri, 20 Dec 2024 02:33:33 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 996) id 792EC165D; Fri, 20 Dec 2024 05:33:32 -0500 (EST) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id D16641554; Fri, 20 Dec 2024 05:33:07 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 996) id 0236815A2; Fri, 20 Dec 2024 05:33:04 -0500 (EST) Received: from doppler.solinno.uk (doppler.solinno.uk [81.2.106.178]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 762C01550 for ; Fri, 20 Dec 2024 05:33:02 -0500 (EST) Received: from plato.solinno.co.uk (e.d.1.4.d.2.c.e.4.d.9.9.7.9.7.e.a.c.f.8.6.f.d.1.0.b.8.0.1.0.0.2.ip6.arpa [IPv6:2001:8b0:1df6:8fca:e797:99d4:ec2d:41de]) by doppler.solinno.uk (Postfix) with ESMTPSA id C863820B78; Fri, 20 Dec 2024 10:33:00 +0000 (GMT) Received: by plato.solinno.co.uk (Postfix, from userid 1000) id BDFAC45; Fri, 20 Dec 2024 10:33:05 +0000 (GMT) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-0.6 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, RCVD_IN_VALIDITY_RPBL_BLOCKED,RCVD_IN_VALIDITY_SAFE_BLOCKED, SPF_HELO_PASS autolearn=unavailable autolearn_force=no version=3.4.4 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=solinno.co.uk; s=mail; t=1734690780; bh=HRQvWtHa6tqYQmSI8IflpbkFRBZlMlDNyvROQZFNHp8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=mDifpnX1UuOwQua+9d0IRht+rzfc0eSsoS55ffmVL5ggFUDP1Uhe2LusFbWo66nxL +AOll+xzzWvPciXwemwl2WDaoAeh+lha83ONLb0RseSb/F5m1iNJBvB9hUwP9VuUTO K0Moh7WtkQPI4y3ij/Sf4izEJJQKOrM2ng647drs= From: Leigh Brown To: devel@lists.libvirt.org Subject: [RFC v2 PATCH 2/4] util: Add vlan support to virNetDevBridgeAddPort Date: Fri, 20 Dec 2024 10:33:02 +0000 Message-ID: <20241220103304.29496-3-leigh@solinno.co.uk> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20241220103304.29496-1-leigh@solinno.co.uk> References: <20241220103304.29496-1-leigh@solinno.co.uk> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Message-ID-Hash: USOIQTUVN27NFPTG2DNRYLJMRU5GHVBQ X-Message-ID-Hash: USOIQTUVN27NFPTG2DNRYLJMRU5GHVBQ X-MailFrom: leigh@solinno.co.uk X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header CC: Leigh Brown X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-ZohoMail-DKIM: fail (Computed bodyhash is different from the expected one) X-ZM-MESSAGEID: 1734690816362116600 Content-Type: text/plain; charset="utf-8" Add virVlan parameter to the Linux version of the virNetDevBridgeAddPort function. Update the function to call virNetDevBridgeSetupVlans to run the appropriate iproute2 bridge vlan commands to set up the required vlan configuration. Update callers of this function to pass NULL for now. Signed-off-by: Leigh Brown --- src/lxc/lxc_process.c | 2 +- src/util/virnetdevbridge.c | 11 +++++++---- src/util/virnetdevbridge.h | 4 +++- src/util/virnetdevtap.c | 2 +- 4 files changed, 12 insertions(+), 7 deletions(-) diff --git a/src/lxc/lxc_process.c b/src/lxc/lxc_process.c index cd8bcfc282..2a91896328 100644 --- a/src/lxc/lxc_process.c +++ b/src/lxc/lxc_process.c @@ -290,7 +290,7 @@ virLXCProcessSetupInterfaceTap(virDomainDef *vm, vport, virDomainNetGetActualVl= an(net)) < 0) return NULL; } else { - if (virNetDevBridgeAddPort(brname, parentVeth) < 0) + if (virNetDevBridgeAddPort(brname, parentVeth, NULL) < 0) return NULL; =20 if (virDomainNetGetActualPortOptionsIsolated(net) =3D=3D VIR_T= RISTATE_BOOL_YES && diff --git a/src/util/virnetdevbridge.c b/src/util/virnetdevbridge.c index 353f95b040..7d7440e7ab 100644 --- a/src/util/virnetdevbridge.c +++ b/src/util/virnetdevbridge.c @@ -650,7 +650,8 @@ int virNetDevBridgeDelete(const char *brname G_GNUC_UNU= SED) */ #if defined(WITH_STRUCT_IFREQ) && defined(SIOCBRADDIF) int virNetDevBridgeAddPort(const char *brname, - const char *ifname) + const char *ifname, + const virNetDevVlan *virtVlan) { struct ifreq ifr; VIR_AUTOCLOSE fd =3D -1; @@ -670,11 +671,12 @@ int virNetDevBridgeAddPort(const char *brname, return -1; } =20 - return 0; + return virNetDevBridgeSetupVlans(ifname, virtVlan); } #elif defined(WITH_BSD_BRIDGE_MGMT) int virNetDevBridgeAddPort(const char *brname, - const char *ifname) + const char *ifname, + const virNetDevVlan *virtVlan) { struct ifbreq req =3D { 0 }; =20 @@ -695,7 +697,8 @@ int virNetDevBridgeAddPort(const char *brname, } #else int virNetDevBridgeAddPort(const char *brname, - const char *ifname) + const char *ifname, + const virNetDevVlan *virtVlan) { virReportSystemError(ENOSYS, _("Unable to add bridge %1$s port %2$s"), brname,= ifname); diff --git a/src/util/virnetdevbridge.h b/src/util/virnetdevbridge.h index db4099bf0b..5f51656abe 100644 --- a/src/util/virnetdevbridge.h +++ b/src/util/virnetdevbridge.h @@ -20,6 +20,7 @@ =20 #include "internal.h" #include "virmacaddr.h" +#include "virnetdevvlan.h" =20 int virNetDevBridgeCreate(const char *brname, const virMacAddr *mac) @@ -28,7 +29,8 @@ int virNetDevBridgeDelete(const char *brname) ATTRIBUTE_NONNULL(1) G_GNUC_WARN_UNUSED_RESULT; =20 int virNetDevBridgeAddPort(const char *brname, - const char *ifname) + const char *ifname, + const virNetDevVlan *virtVlan) ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) G_GNUC_WARN_UNUSED_RESULT; =20 int virNetDevBridgeRemovePort(const char *brname, diff --git a/src/util/virnetdevtap.c b/src/util/virnetdevtap.c index 2701ba6dfc..a9573eb8e1 100644 --- a/src/util/virnetdevtap.c +++ b/src/util/virnetdevtap.c @@ -483,7 +483,7 @@ virNetDevTapAttachBridge(const char *tapname, return -1; } } else { - if (virNetDevBridgeAddPort(brname, tapname) < 0) + if (virNetDevBridgeAddPort(brname, tapname, NULL) < 0) return -1; =20 if (isolatedPort =3D=3D VIR_TRISTATE_BOOL_YES && --=20 2.39.5 From nobody Sun Dec 22 02:31:44 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=fail(p=none dis=none) header.from=solinno.co.uk Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 173469086146362.19629989117027; Fri, 20 Dec 2024 02:34:21 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 996) id 66B3217AA; Fri, 20 Dec 2024 05:34:20 -0500 (EST) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id 40824176D; Fri, 20 Dec 2024 05:33:10 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 996) id 76FC01548; Fri, 20 Dec 2024 05:33:04 -0500 (EST) Received: from doppler.solinno.uk (doppler.solinno.uk [81.2.106.178]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 7791312A3 for ; Fri, 20 Dec 2024 05:33:02 -0500 (EST) Received: from plato.solinno.co.uk (plato.dyn.solinno.co.uk [192.168.2.203]) by doppler.solinno.uk (Postfix) with ESMTPSA id 9CFF120B77; Fri, 20 Dec 2024 10:33:00 +0000 (GMT) Received: by plato.solinno.co.uk (Postfix, from userid 1000) id C09C646; Fri, 20 Dec 2024 10:33:05 +0000 (GMT) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-0.6 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, RCVD_IN_VALIDITY_RPBL_BLOCKED,RCVD_IN_VALIDITY_SAFE_BLOCKED, SPF_HELO_PASS autolearn=unavailable autolearn_force=no version=3.4.4 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=solinno.co.uk; s=mail; t=1734690780; bh=KFTVjX6iyuexa1uYuWJHDYsYSmK85FMLH88eP6KBrXI=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=R8gcm2EncFvot/bZrQZshCAKRlS2/9kF462xBQ3O0B/m+jRpTZRWoOA2DrjEOAIni 8pW8ESr+JpZYOll/nt7CiDuNZWQsfuY8K/6sv8nEhPeMyqjnLouDT+sIefHh5Lz1Ib /8iX/UEyRYOs5Dd4cuZPxbrJBR/bGM/9K/ZOHC8k= From: Leigh Brown To: devel@lists.libvirt.org Subject: [RFC v2 PATCH 3/4] Enable vlan support for standard linux bridges Date: Fri, 20 Dec 2024 10:33:03 +0000 Message-ID: <20241220103304.29496-4-leigh@solinno.co.uk> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20241220103304.29496-1-leigh@solinno.co.uk> References: <20241220103304.29496-1-leigh@solinno.co.uk> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Message-ID-Hash: VWTUKEOIGLIZKBGHGSSVT5QMQSEZY25F X-Message-ID-Hash: VWTUKEOIGLIZKBGHGSSVT5QMQSEZY25F X-MailFrom: leigh@solinno.co.uk X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header CC: Leigh Brown X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-ZohoMail-DKIM: fail (Computed bodyhash is different from the expected one) X-ZM-MESSAGEID: 1734690862118116600 Content-Type: text/plain; charset="utf-8" Adjust domain and network validation to permit standard linux bridges to allow vlan configuration. Update calls to virNetDevBridgeAddPort to pass the vlan configuration. Signed-off-by: Leigh Brown --- src/conf/domain_validate.c | 3 ++- src/lxc/lxc_process.c | 3 ++- src/network/bridge_driver.c | 13 ++++++++----- src/util/virnetdevtap.c | 2 +- 4 files changed, 13 insertions(+), 8 deletions(-) diff --git a/src/conf/domain_validate.c b/src/conf/domain_validate.c index 1034bb57f5..c7a79a0277 100644 --- a/src/conf/domain_validate.c +++ b/src/conf/domain_validate.c @@ -2077,7 +2077,8 @@ virDomainActualNetDefValidate(const virDomainNetDef *= net) (actualType =3D=3D VIR_DOMAIN_NET_TYPE_DIRECT && virDomainNetGetActualDirectMode(net) =3D=3D VIR_NETDEV_MACV= LAN_MODE_PASSTHRU) || (actualType =3D=3D VIR_DOMAIN_NET_TYPE_BRIDGE && - vport && vport->virtPortType =3D=3D VIR_NETDEV_VPORT_PROFI= LE_OPENVSWITCH))) { + vport && vport->virtPortType =3D=3D VIR_NETDEV_VPORT_PROFI= LE_OPENVSWITCH) || + (actualType =3D=3D VIR_DOMAIN_NET_TYPE_BRIDGE && !vport))) { virReportError(VIR_ERR_CONFIG_UNSUPPORTED, _("interface %1$s - vlan tag not supported for = this connection type"), macstr); diff --git a/src/lxc/lxc_process.c b/src/lxc/lxc_process.c index 2a91896328..7c8dc703ca 100644 --- a/src/lxc/lxc_process.c +++ b/src/lxc/lxc_process.c @@ -290,7 +290,8 @@ virLXCProcessSetupInterfaceTap(virDomainDef *vm, vport, virDomainNetGetActualVl= an(net)) < 0) return NULL; } else { - if (virNetDevBridgeAddPort(brname, parentVeth, NULL) < 0) + if (virNetDevBridgeAddPort(brname, parentVeth, + virDomainNetGetActualVlan(net)) < 0) return NULL; =20 if (virDomainNetGetActualPortOptionsIsolated(net) =3D=3D VIR_T= RISTATE_BOOL_YES && diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c index e700a614a9..7ce943aabc 100644 --- a/src/network/bridge_driver.c +++ b/src/network/bridge_driver.c @@ -2997,7 +2997,8 @@ networkValidate(virNetworkDriverState *driver, =20 /* The only type of networks that currently support transparent * vlan configuration are those using hostdev sr-iov devices from - * a pool, and those using an Open vSwitch bridge. + * a pool, those using an Open vSwitch bridge, and standard linux + * bridges. */ =20 vlanAllowed =3D (def->forward.type =3D=3D VIR_NETWORK_FORWARD_HOSTDEV = || @@ -3005,15 +3006,17 @@ networkValidate(virNetworkDriverState *driver, (def->forward.type =3D=3D VIR_NETWORK_FORWARD_BRIDGE && def->virtPortProfile && def->virtPortProfile->virtPortType - =3D=3D VIR_NETDEV_VPORT_PROFILE_OPENVSWITCH)); + =3D=3D VIR_NETDEV_VPORT_PROFILE_OPENVSWITCH) || + (def->forward.type =3D=3D VIR_NETWORK_FORWARD_BRIDGE && + !def->virtPortProfile)); =20 vlanUsed =3D def->vlan.nTags > 0; for (i =3D 0; i < def->nPortGroups; i++) { if (vlanUsed || def->portGroups[i].vlan.nTags > 0) { /* anyone using this portgroup will get a vlan tag. Verify - * that they will also be using an openvswitch connection, - * as that is the only type of network that currently - * supports a vlan tag. + * that they will also be using an openvswitch connection + * or a standard linux bridge as they are the only types of + * network that currently support a vlan tag. */ if (def->portGroups[i].virtPortProfile) { if (def->forward.type !=3D VIR_NETWORK_FORWARD_BRIDGE || diff --git a/src/util/virnetdevtap.c b/src/util/virnetdevtap.c index a9573eb8e1..1dc77f0f5c 100644 --- a/src/util/virnetdevtap.c +++ b/src/util/virnetdevtap.c @@ -483,7 +483,7 @@ virNetDevTapAttachBridge(const char *tapname, return -1; } } else { - if (virNetDevBridgeAddPort(brname, tapname, NULL) < 0) + if (virNetDevBridgeAddPort(brname, tapname, virtVlan) < 0) return -1; =20 if (isolatedPort =3D=3D VIR_TRISTATE_BOOL_YES && --=20 2.39.5 From nobody Sun Dec 22 02:31:44 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=fail(p=none dis=none) header.from=solinno.co.uk Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1734690908828338.9098641760347; Fri, 20 Dec 2024 02:35:08 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 996) id C4B109B2; Fri, 20 Dec 2024 05:35:07 -0500 (EST) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id D093A1794; Fri, 20 Dec 2024 05:33:15 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 996) id A03471548; Fri, 20 Dec 2024 05:33:04 -0500 (EST) Received: from doppler.solinno.uk (doppler.solinno.uk [81.2.106.178]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 78E011569 for ; Fri, 20 Dec 2024 05:33:02 -0500 (EST) Received: from plato.solinno.co.uk (e.d.1.4.d.2.c.e.4.d.9.9.7.9.7.e.a.c.f.8.6.f.d.1.0.b.8.0.1.0.0.2.ip6.arpa [IPv6:2001:8b0:1df6:8fca:e797:99d4:ec2d:41de]) by doppler.solinno.uk (Postfix) with ESMTPSA id C864D20BFD; Fri, 20 Dec 2024 10:33:00 +0000 (GMT) Received: by plato.solinno.co.uk (Postfix, from userid 1000) id C34FF47; Fri, 20 Dec 2024 10:33:05 +0000 (GMT) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-0.6 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, RCVD_IN_VALIDITY_RPBL_BLOCKED,RCVD_IN_VALIDITY_SAFE_BLOCKED, SPF_HELO_PASS autolearn=unavailable autolearn_force=no version=3.4.4 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=solinno.co.uk; s=mail; t=1734690780; bh=CpDma6eoW7kVKU1ygCyyZIkqrGjy5w5R1k0iYbVUAWQ=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=C1Z7kcxiOWweH4x0mhy2Eycm8tu9M4sSKXimCe6kbTuYNuJJLNxS2X0DxhGHm5chK iNSw+J8C6m2cRZjyfqf4QUv/TNX5XYNysRn3w1RqhrooyvcRScoZ8nLfCqypsIZil1 zK4FdewDpMM3mblHZ9Ez4YZjDD7vzdrzt1sE7q/4= From: Leigh Brown To: devel@lists.libvirt.org Subject: [RFC v2 PATCH 4/4] docs: standard linux bridges now support vlans Date: Fri, 20 Dec 2024 10:33:04 +0000 Message-ID: <20241220103304.29496-5-leigh@solinno.co.uk> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20241220103304.29496-1-leigh@solinno.co.uk> References: <20241220103304.29496-1-leigh@solinno.co.uk> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Message-ID-Hash: 5RCUHUVN5CGNIIJVPDMS7IVPOCCPJW4U X-Message-ID-Hash: 5RCUHUVN5CGNIIJVPDMS7IVPOCCPJW4U X-MailFrom: leigh@solinno.co.uk X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header CC: Leigh Brown X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-ZohoMail-DKIM: fail (Computed bodyhash is different from the expected one) X-ZM-MESSAGEID: 1734690910441116600 Content-Type: text/plain; charset="utf-8" Update domain XML and network XML documentation to describe how standard linux bridges support the VLAN configuration. Signed-off-by: Leigh Brown --- docs/formatdomain.rst | 37 +++++++++++++++++----------------- docs/formatnetwork.rst | 45 +++++++++++++++++++++--------------------- 2 files changed, 42 insertions(+), 40 deletions(-) diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst index 60bee8bd4f..b5cd319bf0 100644 --- a/docs/formatdomain.rst +++ b/docs/formatdomain.rst @@ -6036,28 +6036,29 @@ VLAN tags to apply to the guest's network traffic := since:`Since 0.10.0`. =20 Network connections that support guest-transparent VLAN tagging include ``type=3D'bridge'`` interfaces connected to an Open vSwitch bridge, SRIOV -Virtual Functions (VF) used via ``type=3D'hostdev'`` (direct device assign= ment) -and, :since:`since 1.3.5`, SRIOV VFs used via ``type=3D'direct'`` with -``mode=3D'passthrough'`` (macvtap "passthru" mode). All other -connection types, including standard linux bridges and libvirt's own virtu= al +Virtual Functions (VF) used via ``type=3D'hostdev'`` (direct device assign= ment), +:since:`since 1.3.5`, SRIOV VFs used via ``type=3D'direct'`` with +``mode=3D'passthrough'`` (macvtap "passthru" mode) and, :since:`since 11.0= .0` +standard linux bridges. Other connection types, including libvirt's own vi= rtual networks, **do not** support it. 802.1Qbh (vn-link) and 802.1Qbg (VEPA) sw= itches provide their own way (outside of libvirt) to tag guest traffic onto a spe= cific VLAN. Each tag is given in a separate ```` subelement of ```` (= for example: ````). For VLAN trunking of multiple tags (which = is -supported only on Open vSwitch connections), multiple ```` subelement= s can -be specified, which implies that the user wants to do VLAN trunking on the -interface for all the specified tags. In the case that VLAN trunking of a = single -tag is desired, the optional attribute ``trunk=3D'yes'`` can be added to t= he -toplevel ```` element to differentiate trunking of a single tag from -normal tagging. - -For network connections using Open vSwitch it is also possible to configure -'native-tagged' and 'native-untagged' VLAN modes :since:`Since 1.1.0`. Thi= s is -done with the optional ``nativeMode`` attribute on the ```` subelemen= t: -``nativeMode`` may be set to 'tagged' or 'untagged'. The ``id`` attribute = of the -```` subelement containing ``nativeMode`` sets which VLAN is consider= ed to -be the "native" VLAN for this interface, and the ``nativeMode`` attribute -determines whether or not traffic for that VLAN will be tagged. +supported on Open vSwitch connections and standard linux bridges), multiple +```` subelements can be specified, which implies that the user wants = to do +VLAN trunking on the interface for all the specified tags. In the case tha= t VLAN +trunking of a single tag is desired, the optional attribute ``trunk=3D'yes= '`` can +be added to the toplevel ```` element to differentiate trunking of a +single tag from normal tagging. + +For network connections using Open vSwitch and standard linux bridges it i= s also +possible to configure 'native-tagged' and 'native-untagged' VLAN modes +:since:`Since 1.1.0`. This is done with the optional ``nativeMode`` attrib= ute on +the ```` subelement: ``nativeMode`` may be set to 'tagged' or 'untagg= ed'. +The ``id`` attribute of the ```` subelement containing ``nativeMode``= sets +which VLAN is considered to be the "native" VLAN for this interface, and t= he +``nativeMode`` attribute determines whether or not traffic for that VLAN w= ill be +tagged. =20 =20 Isolating guests' network traffic from each other diff --git a/docs/formatnetwork.rst b/docs/formatnetwork.rst index 9b4ecbf31d..053fe6ad56 100644 --- a/docs/formatnetwork.rst +++ b/docs/formatnetwork.rst @@ -520,28 +520,29 @@ VLAN tags to apply to the guest's network traffic :si= nce:`Since 0.10.0`. =20 Network connections that support guest-transparent VLAN tagging include ``type=3D'bridge'`` interfaces connected to an Open vSwitch bridge, SRIOV -Virtual Functions (VF) used via ``type=3D'hostdev'`` (direct device assign= ment) -and, :since:`since 1.3.5`, SRIOV VFs used via ``type=3D'direct'`` with -``mode=3D'passthrough'`` (macvtap "passthru" mode). All other -connection types, including standard linux bridges and libvirt's own virtu= al -networks, **do not** support it. 802.1Qbh (vn-link) and 802.1Qbg (VEPA) sw= itches -provide their own way (outside of libvirt) to tag guest traffic onto a spe= cific -VLAN. Each tag is given in a separate ```` subelement of ```` (= for -example: ````). For VLAN trunking of multiple tags (which = is -supported only on Open vSwitch connections), multiple ```` subelement= s can -be specified, which implies that the user wants to do VLAN trunking on the -interface for all the specified tags. In the case that VLAN trunking of a = single -tag is desired, the optional attribute ``trunk=3D'yes'`` can be added to t= he -toplevel ```` element to differentiate trunking of a single tag from -normal tagging. - -For network connections using Open vSwitch it is also possible to configure -'native-tagged' and 'native-untagged' VLAN modes :since:`Since 1.1.0`. Thi= s is -done with the optional ``nativeMode`` attribute on the ```` subelemen= t: -``nativeMode`` may be set to 'tagged' or 'untagged'. The ``id`` attribute = of the -```` subelement containing ``nativeMode`` sets which VLAN is consider= ed to -be the "native" VLAN for this interface, and the ``nativeMode`` attribute -determines whether or not traffic for that VLAN will be tagged. +Virtual Functions (VF) used via ``type=3D'hostdev'`` (direct device assign= ment), +:since:`since 1.3.5`, SRIOV VFs used via ``type=3D'direct'`` with +``mode=3D'passthrough'`` (macvtap "passthru" mode) and, :since:`since 11.0= .0`, +standard linux bridges. All other connection types, including libvirt's own +virtual networks, **do not** support it. 802.1Qbh (vn-link) and 802.1Qbg (= VEPA) +switches provide their own way (outside of libvirt) to tag guest traffic o= nto a +specific VLAN. Each tag is given in a separate ```` subelement of +```` (for example: ````). For VLAN trunking of multi= ple +tags (which is supported on Open vSwitch connections and standard linux +bridges), multiple ```` subelements can be specified, which implies t= hat +the user wants to do VLAN trunking on the interface for all the specified = tags. +In the case that VLAN trunking of a single tag is desired, the optional +attribute ``trunk=3D'yes'`` can be added to the toplevel ```` elemen= t to +differentiate trunking of a single tag from normal tagging. + +For network connections using Open vSwitch :since:`since 1.1.10` and stand= ard +linux bridges :since:`since 11.0.0` it is also possible to configure +'native-tagged' and 'native-untagged' VLAN modes. This is done with the op= tional +``nativeMode`` attribute on the ```` subelement: ``nativeMode`` may b= e set +to 'tagged' or 'untagged'. The ``id`` attribute of the ```` subelement +containing ``nativeMode`` sets which VLAN is considered to be the "native"= VLAN +for this interface, and the ``nativeMode`` attribute determines whether or= not +traffic for that VLAN will be tagged. =20 ```` elements can also be specified in a ```` element, as= well as directly in a domain's ```` element. In the case that a vlan= tag --=20 2.39.5