From nobody Fri Nov 22 13:40:53 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=none dis=none) header.from=solinno.co.uk ARC-Seal: i=1; a=rsa-sha256; t=1715954734; cv=none; d=zohomail.com; s=zohoarc; b=RJIIVLYAXdba0r5TYdYifrxPh6a+5fcBpUMbFuD2vim0lmZUGEh7MuErZhW+J6GCrt9u5fd71XkWvNsVbwp8PSHgyXSHS0yvw51W9GtsfvUCVOPm70XbiJJH6JKxnnLI5R9+ajLRI7ychkQx0i+sZXBWvazL0hfyK7XFT479LQc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1715954734; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=lB9ov5QtT71mcDm+Dz5SwyF4+76TM8X0cGvOls4Bzy4=; b=BkIsAq3q1agm8j4S0ovRVPnMjg0fRciW3LVPO/dpJTDob/pdLm4JPfhMChoGvPC7HzFTd74E1HGZexr+5iNEKUmiJTbxRBt+9BKRbrQHwivw3WCeWNylJl2RJlwkHMgIRzrv2S/qdWc9B+cMLn8s4Fypt4gbBpXmHBfRf3ysM7c= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1715954734615811.3896937573628; Fri, 17 May 2024 07:05:34 -0700 (PDT) Received: from list by lists.xenproject.org with outflank-mailman.724259.1129533 (Exim 4.92) (envelope-from ) id 1s7yCz-0005OY-GF; Fri, 17 May 2024 14:05:17 +0000 Received: by outflank-mailman (output) from mailman id 724259.1129533; Fri, 17 May 2024 14:05:17 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1s7yCz-0005OQ-Cl; Fri, 17 May 2024 14:05:17 +0000 Received: by outflank-mailman (input) for mailman id 724259; Fri, 17 May 2024 14:05:15 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1s7yCx-0005Nn-FJ for xen-devel@lists.xenproject.org; Fri, 17 May 2024 14:05:15 +0000 Received: from doppler.solinno.uk (doppler.solinno.uk [81.2.106.178]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id 7a6930c2-1456-11ef-b4bb-af5377834399; Fri, 17 May 2024 16:05:12 +0200 (CEST) Received: from folly.solinno.co.uk (folly.dyn.solinno.co.uk [192.168.2.135]) by doppler.solinno.uk (Postfix) with ESMTPSA id 6AB3A80078; Fri, 17 May 2024 15:05:12 +0100 (BST) Received: by folly.solinno.co.uk (Postfix, from userid 1000) id 486B02016C; Fri, 17 May 2024 15:05:12 +0100 (BST) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 7a6930c2-1456-11ef-b4bb-af5377834399 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=solinno.co.uk; s=mail; t=1715954712; bh=zsHXVKI9xcbrElKiMA1O6RG7/JYFBSB09X+Lmvdpy1w=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=XWu3UlR9zsIzuiqzQzVaaCSR31zaHU66zWlTZ1DhWb3jDwdDHgAOEQfRtDAnr9aZM 5mf4vodeDhiFaIe7uX2sXfnj/BVYEZZm8//l7Nu/F4/xl1EDFqtWslHdxmFdfW0URg Px2nsaF0X1rXeVpQrqACojeZCwAeTdZri6WEKRdg= From: Leigh Brown To: xen-devel@lists.xenproject.org Cc: Andrew Cooper , Anthony Perard , Jason Andryuk , Leigh Brown Subject: [PATCH v4 1/2] tools/hotplug/Linux: Add bridge VLAN support Date: Fri, 17 May 2024 15:05:05 +0100 Message-Id: <20240517140506.8460-2-leigh@solinno.co.uk> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20240517140506.8460-1-leigh@solinno.co.uk> References: <20240517140506.8460-1-leigh@solinno.co.uk> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @solinno.co.uk) X-ZM-MESSAGEID: 1715954735490100003 Content-Type: text/plain; charset="utf-8" Update add_to_bridge shell function to read the vlan parameter from xenstore and set the bridge VLAN configuration for the VID. Add additional helper functions to parse the vlan specification, which consists of one or more of the following: a) single VLAN (e.g. 10). b) contiguous range of VLANs (e.g. 10-15). c) discontiguous range with base, increment and count (e.g. 100+10x9 which gives VLAN IDs 100, 110, ... 190). A single VLAN can be suffixed with "p" to indicate the PVID, or "u" to indicate untagged. A range of VLANs can be suffixed with "u" to indicate untagged. A complex example would be: vlan=3D1p/10-15/20-25u This capability requires the iproute2 bridge command to be installed. An error will be generated if the vlan parameter is set and the bridge command is not available. Signed-off-by: Leigh Brown Reviewed-by: Jason Andryuk --- tools/hotplug/Linux/xen-network-common.sh | 109 ++++++++++++++++++++++ 1 file changed, 109 insertions(+) diff --git a/tools/hotplug/Linux/xen-network-common.sh b/tools/hotplug/Linu= x/xen-network-common.sh index 42fa704e8d..31d359b83c 100644 --- a/tools/hotplug/Linux/xen-network-common.sh +++ b/tools/hotplug/Linux/xen-network-common.sh @@ -121,10 +121,111 @@ create_bridge () { fi } =20 +_vif_vlan_add() { + # References vlans and pvid variables from the calling function + local -i vid=3D$1 + local flag=3D${2:-} + + if (( vid < 1 || vid > 4094 )) ;then + fatal "vlan id $vid not between 1 and 4094" + fi + if [[ -n "${vlans[$vid]}" ]] ;then + fatal "vlan id $vid specified more than once" + fi + case $flag in + p) if (( pvid !=3D 0 )) ;then + fatal "more than one pvid specified ($vid and $pvid)" + fi + pvid=3D$vid + vlans[$vid]=3Dp ;; + u) vlans[$vid]=3Du ;; + *) vlans[$vid]=3Dt ;; + esac +} + +_vif_vlan_parse_term() { + local vid incr last term=3D${1:-} + + if [[ $term =3D~ ^([0-9]+)([pu])?$ ]] ;then + _vif_vlan_add ${BASH_REMATCH[1]} ${BASH_REMATCH[2]} + elif [[ $term =3D~ ^([0-9]+)-([0-9]+)(u)?$ ]] ;then + vid=3D${BASH_REMATCH[1]} + last=3D${BASH_REMATCH[2]} + if (( last >=3D vid )) ;then + for (( ; vid<=3Dlast; vid++ )) ;do + _vif_vlan_add $vid ${BASH_REMATCH[3]} + done + else + fatal "invalid vlan id range: $term" + fi + elif [[ $term =3D~ ^([0-9]+)\+([0-9]+)x([0-9]+)(u)?$ ]] ;then + vid=3D${BASH_REMATCH[1]} + incr=3D${BASH_REMATCH[2]} + for (( j=3D${BASH_REMATCH[3]}; j>0; --j, vid+=3Dincr )) + do + _vif_vlan_add $vid ${BASH_REMATCH[4]} + done + else + fatal "invalid vlan specification: $term" + fi +} + +_vif_vlan_validate_pvid() { + # References vlans and pvid variables from the calling function + if (( pvid =3D=3D 0 )) ;then + if (( ${#vlans[@]} =3D=3D 1 )) ;then + vlans[${!vlans[*]}]=3Dp + else + fatal "pvid required when using multiple vlan ids" + fi + fi +} + +_vif_vlan_setup() { + # References vlans and dev variable from the calling function + local -i vid + local -a args + + # Remove the default vlan id automatically added to the vif + bridge vlan del dev $dev vid 1 + + # Add the required vlans + for vid in ${!vlans[@]} ;do + case ${vlans[$vid]} in + p) args=3D(pvid untagged) ;; + u) args=3D(untagged) ;; + t) args=3D() ;; + esac + bridge vlan add dev $dev vid $vid ${args[@]} + done +} + +_vif_vlan_membership() { + # The vlans, pvid and dev variables are used by sub-functions + local -A vlans=3D() + local -a terms=3D() + local -i i pvid=3D0 + local dev=3D$1 term + + # Split the vlan specification string into its terms, removing the new= line + # that readarray adds to the last element + readarray -d / -t terms <<<$2 + terms[-1]=3D${terms[-1]%%[[:space:]]} + + for term in ${terms[@]} ;do + _vif_vlan_parse_term $term + done + + _vif_vlan_validate_pvid + _vif_vlan_setup + return 0 +} + # Usage: add_to_bridge bridge dev add_to_bridge () { local bridge=3D$1 local dev=3D$2 + local vlan=3D$(xenstore_read_default "$XENBUS_PATH/vlan" "") =20 # Don't add $dev to $bridge if it's already on the bridge. if [ ! -e "/sys/class/net/${bridge}/brif/${dev}" ]; then @@ -134,6 +235,14 @@ add_to_bridge () { else ip link set ${dev} master ${bridge} fi + if [ -n "${vlan}" ] ;then + log debug "configuring vlans for ${dev} on ${bridge}" + if which bridge >&/dev/null; then + _vif_vlan_membership "${dev}" "${vlan}" + else + fatal "vlan configuration failed: bridge command not found" + fi + fi else log debug "$dev already on bridge $bridge" fi --=20 2.39.2 From nobody Fri Nov 22 13:40:53 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=none dis=none) header.from=solinno.co.uk ARC-Seal: i=1; a=rsa-sha256; t=1715954736; cv=none; d=zohomail.com; s=zohoarc; b=OohIlZiKWvEgHGLKK4xHV8uBYpuF5eEBJKjzbQELRu0v9hUYsU2ACBD9HS+7QMPAdd8W4bgPiFaQ4/JIpktEpQPysmRf9gXnICx6St1UNO2t5D7+tLav/wYO0i8q0soCkyJUUMYABfq6t/nAJZUit5dXMbQmpB65bubs4WwnjmI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1715954736; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=l4d5rg/v8opjTExaifVItMPRBGFO7Uvt0NR5HJY47lM=; b=QBn8MyerXF/20BtqEl5HmQaNf1Pssjf6XJgt3Va9dGbI7wBxZVrVF283CQE35anTCTTbQFS4zSJAaWYofqU8uFRe29iIJctR9UlPwycn07c9aIHk1yurJKK2PzeTvtJPZ2VA+x527qmsFj/jkIpboy3oH/V9LbQHxQGKe2oKA3k= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1715954736474744.9221112160898; Fri, 17 May 2024 07:05:36 -0700 (PDT) Received: from list by lists.xenproject.org with outflank-mailman.724260.1129537 (Exim 4.92) (envelope-from ) id 1s7yCz-0005RE-PM; Fri, 17 May 2024 14:05:17 +0000 Received: by outflank-mailman (output) from mailman id 724260.1129537; Fri, 17 May 2024 14:05:17 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1s7yCz-0005QU-JS; Fri, 17 May 2024 14:05:17 +0000 Received: by outflank-mailman (input) for mailman id 724260; Fri, 17 May 2024 14:05:16 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1s7yCy-0005Nn-5R for xen-devel@lists.xenproject.org; Fri, 17 May 2024 14:05:16 +0000 Received: from doppler.solinno.uk (doppler.solinno.uk [81.2.106.178]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id 7b1f8177-1456-11ef-b4bb-af5377834399; Fri, 17 May 2024 16:05:13 +0200 (CEST) Received: from folly.solinno.co.uk (folly.dyn.solinno.co.uk [192.168.2.135]) by doppler.solinno.uk (Postfix) with ESMTPSA id 973458009E; Fri, 17 May 2024 15:05:13 +0100 (BST) Received: by folly.solinno.co.uk (Postfix, from userid 1000) id 73F292016C; Fri, 17 May 2024 15:05:13 +0100 (BST) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 7b1f8177-1456-11ef-b4bb-af5377834399 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=solinno.co.uk; s=mail; t=1715954713; bh=/lU9yTgpboEAtXceuLIDss8GmkMWmz9roeXA4WqyFzY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=LeKEDUoIMtzl6EmCLfeTsvLFR1NFFx/nn7+0tUmg9kju+CjdEemopvyXefryc4FMl su7fEiYrJwChL/JFX0lWVeUIKsHNZ5wANkxs231xIFyMDEm6kc4MIp+AsFEWMaZXly +U3HhyoLjmizKmeW90iB0eVdtkpKTqMmwUMgnAN0= From: Leigh Brown To: xen-devel@lists.xenproject.org Cc: Andrew Cooper , Anthony Perard , Jason Andryuk , Leigh Brown Subject: [PATCH v4 2/2] tools/examples: Example Linux bridge VLAN config Date: Fri, 17 May 2024 15:05:06 +0100 Message-Id: <20240517140506.8460-3-leigh@solinno.co.uk> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20240517140506.8460-1-leigh@solinno.co.uk> References: <20240517140506.8460-1-leigh@solinno.co.uk> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @solinno.co.uk) X-ZM-MESSAGEID: 1715954736890100005 Content-Type: text/plain; charset="utf-8" Add a new directory linux-bridge-vlan with example files showing how to configure systemd-networkd to support a bridge VLAN configuration. Signed-off-by: Leigh Brown Reviewed-by: Jason Andryuk --- docs/misc/linux-bridge-vlan/README | 68 ++++++++++++++++++++++ docs/misc/linux-bridge-vlan/br0.netdev | 7 +++ docs/misc/linux-bridge-vlan/br0.network | 8 +++ docs/misc/linux-bridge-vlan/enp0s0.network | 16 +++++ 4 files changed, 99 insertions(+) create mode 100644 docs/misc/linux-bridge-vlan/README create mode 100644 docs/misc/linux-bridge-vlan/br0.netdev create mode 100644 docs/misc/linux-bridge-vlan/br0.network create mode 100644 docs/misc/linux-bridge-vlan/enp0s0.network diff --git a/docs/misc/linux-bridge-vlan/README b/docs/misc/linux-bridge-vl= an/README new file mode 100644 index 0000000000..9a048bca39 --- /dev/null +++ b/docs/misc/linux-bridge-vlan/README @@ -0,0 +1,68 @@ +Linux Xen Dom0 single bridge multiple VLAN configuration with systemd +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D + +Introduction +------------ + +This directory contains example files to be placed in /etc/systemd/network +to enable a single bridge with multiple VLAN support. + +The example is to support the scenario where the Xen host network interface +is connected to an Ethernet switch configured as a trunk port. Each domain +VIF can then be configured with one or more VLAN IDs, one of which will be +the PVID. + +The example files create a bridge device called br0, with a physical inter= face=20 +called enp0s0. You will need to update this with your system's device name. + +Key points of the configuration are: + +1. In br0.netdev, VLANFiltering=3Don is set. This is required to ensure the + VLAN tags are handled correctly. If it is not set then the packets + from the VIF interfaces will not have the correct VLAN tags set. + +2. In br0.network, a system IPv4 address is configured that can be updated + according to your local network settings. + +3. In enp0s0.network, Bridge=3Dbr0 sets the bridge device to connect to. T= here + is also a [BridgeVLAN] section for each VLAN allowed on the external + interface. Note, if you want to create an internal VLAN private to the + host, do not include its VLAN ID in this file. + + +Domain configuration +-------------------- + +Add the vlan=3D keyword to the vif definition in the domain. The simplest +and most common example is a domain that wishes to connect to a single VLA= N: + +vif =3D [ 'mac=3Dxx:xx:xx:xx:xx:xx, bridge=3Dbr0, vlan=3D10' ] + +If you wish to configure a domain to route between two VLANs, you have two +options. Option 1 is to create multiple interfaces on different VLANs: + +vif =3D [ 'mac=3Dxx:xx:xx:xx:xx:xx, bridge=3Dbr0, vlan=3D10', + 'max=3Dxx:xx:xx:xx:xx:xx, bridge=3Dbr0, vlan=3D20' ] + +Alternatively, you can create single interface: + +vif =3D [ 'mac=3Dxx:xx:xx:xx:xx:xx, bridge=3Dbr0, vlan=3D10p/20' ] + +In the domain, you would, for example, use enX0 for VLAN 10 and enX0.20 fo= r=20 +VLAN 20. + + +Hints and tips +-------------- + +You can run the following commands on dom0 or a driver domain: + +1. To check if vlan_filtering is enabled: + # cat /sys/devices/virtual/net//bridge/vlan_filtering + +2. To check the bridge port VLAN assignments: + # bridge vlan + +3. To check the vlan setting in the xenstore (dom0 only): + # xenstore-ls -f | grep 'vlan =3D' + diff --git a/docs/misc/linux-bridge-vlan/br0.netdev b/docs/misc/linux-bridg= e-vlan/br0.netdev new file mode 100644 index 0000000000..ae1fe487c3 --- /dev/null +++ b/docs/misc/linux-bridge-vlan/br0.netdev @@ -0,0 +1,7 @@ +[NetDev] +Name=3Dbr0 +Kind=3Dbridge +MACAddress=3Dxx:xx:xx:xx:xx:xx + +[Bridge] +VLANFiltering=3Don diff --git a/docs/misc/linux-bridge-vlan/br0.network b/docs/misc/linux-brid= ge-vlan/br0.network new file mode 100644 index 0000000000..b56203b66a --- /dev/null +++ b/docs/misc/linux-bridge-vlan/br0.network @@ -0,0 +1,8 @@ +[Match] +Name=3Dbr0 + +[Network] +DNS=3D8.8.8.8 +#Domains=3Dexample.com +Address=3D10.1.1.10/24 +Gateway=3D10.1.1.1 diff --git a/docs/misc/linux-bridge-vlan/enp0s0.network b/docs/misc/linux-b= ridge-vlan/enp0s0.network new file mode 100644 index 0000000000..6ee3154dfc --- /dev/null +++ b/docs/misc/linux-bridge-vlan/enp0s0.network @@ -0,0 +1,16 @@ +[Match] +Name=3Denp0s0 + +[Network] +Bridge=3Dbr0 + +# If Jumbo frames are required +#[Link] +#MTUBytes=3D9000 + +[BridgeVLAN] +VLAN=3D10 + +[BridgeVLAN] +VLAN=3D20 + --=20 2.39.2