lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Sun,  3 Mar 2019 21:26:32 -0800
From:   Roopa Prabhu <roopa@...ulusnetworks.com>
To:     dsa@...ulusnetworks.com
Cc:     netdev@...r.kernel.org, stephen@...workplumber.org
Subject: [PATCH iproute2-next] bridge: fdb: add support for src_vni option

From: Roopa Prabhu <roopa@...ulusnetworks.com>

We already print src_vni for a fdb entry when present.
This patch adds the ability to set src_vni on a fdb
entry. When not specified, kernel will use vni specified
on the vxlan device. This can be used on a vxlan fdb entry
when the vxlan device is in external or collect metadata
mode.

Signed-off-by: Roopa Prabhu <roopa@...ulusnetworks.com>
---
 bridge/fdb.c      | 10 ++++++++++
 man/man8/bridge.8 |  9 +++++++++
 2 files changed, 19 insertions(+)

diff --git a/bridge/fdb.c b/bridge/fdb.c
index c4bf403..941ce2d 100644
--- a/bridge/fdb.c
+++ b/bridge/fdb.c
@@ -39,6 +39,7 @@ static void usage(void)
 		"              [ self ] [ master ] [ use ] [ router ] [ extern_learn ]\n"
 		"              [ sticky ] [ local | static | dynamic ] [ dst IPADDR ]\n"
 		"              [ vlan VID ] [ port PORT] [ vni VNI ] [ via DEV ]\n"
+		"              [ src_vni VNI ]\n"
 		"       bridge fdb [ show [ br BRDEV ] [ brport DEV ] [ vlan VID ] [ state STATE ] ]\n");
 	exit(-1);
 }
@@ -383,6 +384,7 @@ static int fdb_modify(int cmd, int flags, int argc, char **argv)
 	inet_prefix dst;
 	unsigned long port = 0;
 	unsigned long vni = ~0;
+	unsigned long src_vni = ~0;
 	unsigned int via = 0;
 	char *endptr;
 	short vid = -1;
@@ -416,6 +418,12 @@ static int fdb_modify(int cmd, int flags, int argc, char **argv)
 			if ((endptr && *endptr) ||
 			    (vni >> 24) || vni == ULONG_MAX)
 				invarg("invalid VNI\n", *argv);
+		} else if (strcmp(*argv, "src_vni") == 0) {
+			NEXT_ARG();
+			src_vni = strtoul(*argv, &endptr, 0);
+			if ((endptr && *endptr) ||
+			    (src_vni >> 24) || src_vni == ULONG_MAX)
+				invarg("invalid src VNI\n", *argv);
 		} else if (strcmp(*argv, "via") == 0) {
 			NEXT_ARG();
 			via = ll_name_to_index(*argv);
@@ -495,6 +503,8 @@ static int fdb_modify(int cmd, int flags, int argc, char **argv)
 	}
 	if (vni != ~0)
 		addattr32(&req.n, sizeof(req), NDA_VNI, vni);
+	if (src_vni != ~0)
+		addattr32(&req.n, sizeof(req), NDA_SRC_VNI, src_vni);
 	if (via)
 		addattr32(&req.n, sizeof(req), NDA_IFINDEX, via);
 
diff --git a/man/man8/bridge.8 b/man/man8/bridge.8
index 13c4638..c9af20e 100644
--- a/man/man8/bridge.8
+++ b/man/man8/bridge.8
@@ -69,6 +69,8 @@ bridge \- show / manipulate bridge addresses and devices
 .BR self " ] [ " master " ] [ " router " ] [ " use " ] [ " extern_learn " ] [ " sticky " ] [ "
 .B dst
 .IR IPADDR " ] [ "
+.B src_vni
+.IR SRC_VNI " ] ["
 .B vni
 .IR VNI " ] ["
 .B port
@@ -474,6 +476,13 @@ the IP address of the destination
 VXLAN tunnel endpoint where the Ethernet MAC ADDRESS resides.
 
 .TP
+.BI src_vni " SRC VNI"
+the src VNI Network Identifier (or VXLAN Segment ID)
+this entry belongs to. Used only when the vxlan device is in
+external or collect metadata mode. If omitted the value specified at
+vxlan device creation will be used.
+
+.TP
 .BI vni " VNI"
 the VXLAN VNI Network Identifier (or VXLAN Segment ID)
 to use to connect to the remote VXLAN tunnel endpoint.
-- 
2.1.4

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ