Allow the caller to specify the desired link index at link creation.
This is equivalent to
ip link add link eth0 name testmacvtap index 1000 type macvtap
ip link add dummy1 index 1001 type dummy
Signed-off-by: Manohar Castelino <manohar.r.castelino@intel.com>
When receiving a lot of route changes (10,000 routes are enough), the
default receive buffer size (value of
`/proc/sys/net/core/rmem_default`) is too small and we get a `ENOBUF`
error. A user may want to increase the buffer size up to the value of
`/proc/sys/net/core/rmem_max` (by default, this is the same value). A
`SetSocketReceiveBufferSize()` function is provided to this
destination.
Possible improvements:
1. automatically increase receive buffer size in higher level
functions until we hit a maximum (get an error and/or the current
value is smaller than expected)
2. accept a "force" argument to use `SO_RCVBUFFORCE` to increase the
value over `rmem_max` value
This test spawns a go routine that subscribe for some
events while the main thread will close the socket.
The go routine will returns after 5s when the timetout
on the recv fires and the fd is actually == -1
Signed-off-by: Flavio Crisciani <flavio.crisciani@docker.com>
If the socket is closed the recv that are waiting for messages
are not woken up. The result especially for Subscribe socket is
most likely a go routine leak.
This commit introduces a method to set the timeout
Signed-off-by: Flavio Crisciani <flavio.crisciani@docker.com>
For link, address, route, add a `WithOptions` variant to the
`*Subscribe()` function to specify a namespace and an error
callback. Those options can be extended in the future without adding
more functions. For example, it could be possible to subscribe only
for a given family by adding a `Family` member to the appropriate
struct.
As a minor change, the private function is always suffixed by `At`,
since it was the case for route and raw netlink functions (but not for
address and link).
When a fatal error happens in a `*Subscribe*()` function, the error
was not available to the user. We add a callback function that will be
invoked when such an error happens.
This also modifies the behavior of `AddrSubscribe*()` function to turn
parse errors into fatal errors, as it happens with the other functions.
This is a `net.IP` and therefore, we should use `%s`. Using `%d` gives
something like this:
Gw: [0 0 0 0 0 0 0 0 0 0 255 255 192 168 24 2]
After this fix, we get:
Gw: 192.168.24.2
On newer linux kernels (4.12), netlink rejects a request to set an XDP
program with flags set to 0. Instead, flags need to not be specified if they
are 0.
Add support for creating and managing gre tunnels.
This is equivalent to
Point to Point:
ip tunnel add tun4 mode gre local 192.0.2.1 remote 203.0.113.6 key 123
Point to Multipoint:
ip tunnel add tun8 mode gre local 192.0.2.1 key 1234
Signed-off-by: Manohar Castelino <manohar.r.castelino@intel.com>
The ip neighbour supports adding of peers statically using commands
where the lladdr is an IP address.
ip neighbor add 10.0.0.2 lladdr 203.0.113.6 dev tun8
This is used in the case of point-to-multipoint GRE to setup the
remote end point of the tunnel
Note that link-layer address and neighbor address are both IP addresses
Signed-off-by: Manohar Castelino <manohar.r.castelino@intel.com>
This is like "ip addr add 127.0.0.1/8 broadcast +" and prevents interfaces without broadcast addresses.
Configuring the IP and netmask, but not the broadcast address leaves many applications in a broken state on Linux interfaces.
Corrected function signature to have correct name LinkSetVfTrust
instead of LinkSetTrust.
This aligns with code comment and rest of the other VF functions.
Signed-off-by: Parav Pandit <parav@mellanox.com>
Add support for setting trust state of a VF. This allows restricting
certain operations on VF when its untrusted such as disabling
promiscuous mode.
Signed-off-by: Parav Pandit <parav@mellanox.com>
Fix the following two issues reported by go vet:
bridge_linux_test.go:41: possible formatting directive in Fatal call
filter_test.go:204: possible formatting directive in Fatal call
by using Fatalf instead of Fatal when using formatting directives.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Add bond parameters corresponding to:
* IFLA_BOND_AD_ACTOR_SYS_PRIO
* IFLA_BOND_AD_USER_PORT_KEY
* IFLA_BOND_AD_ACTOR_SYSTEM
* IFLA_BOND_TLB_DYNAMIC_LB
These are available in new(ish) kernels.
A new error type LinkNotFoundError is returned instead
of the default error type to facilitate better error
handling by downstream consumers of this package
This patch fixes the bug of U32 filters which byte orders are not
appropriately updated based on the endianess of the host. Golang's
range returns copied values instead of their references when it
iterates through a map and the indices should be used to access the
specific value of the map by reference.
This patch also fixes the bug of netlink.FilterAdd that breaks the user
facing model changing the type of cSel, the copied TcU32Sel, from its
pointer to the struct. Previously the pointer is copied and therefore
the data that is given by the users is modified if the endiannesses of
the fields in it need to be changed.
To validate these changes, I added the validation that the user facing
model is identical before and after netlink.FilterAdd. In addition to
that, the fix for the reference bug enables the endianness validations
in the same test case.
Signed-off-by: Taku Fukushima <taku@soracom.jp>
* Multicast snooping and hello time are the only ones supported at the
moment
* Only pass values to kernel when user sets them, otherwise let kernel
decide default
* Can set multicast snooping on existing bridges
* Tests disabled on Travis CI as the kernel version is too old
* All bridge flags copied from Kernel code, but only the two mentioned
above work
(5a7ad1146c/include/uapi/linux/if_link.h (L232-L281))
Signed-off-by: Petar Petrov <pppepito86@gmail.com>
Signed-off-by: Ed King <eking@pivotal.io>
Signed-off-by: Konstantinos Karampogias <konstantinos.karampogias@swisscom.com>
Signed-off-by: Will Martin <wmartin@pivotal.io>
Bridge ports can be set to use the proxy arp features by calling
either LinkSetBrProxyArp() or LinkSetBrProxyArpWiFi().
Signed-off-by: David Wilder <wilder@us.ibm.com>
This patch removes the unnecessary condition of parsing U32 data that
checks if sel.Flags has nl.TC_U32_TERMINAL or sel.Nkeys is not 1.
Because of the modification to U32 that enalbed to specify multiple sel
keys, this condition is not valid anymore. This condition stops the
parsing of U32 fliter data with multiple attributes and this prevents
the users from getting all the necessary attributes, e.g., the class Id
of the filter.
Signed-off-by: Taku Fukushima <taku@soracom.jp>
Having the extra data available in the notification for new addresses is useful
to, for instance, filter out temporary addresses or keep track of address
lifetimes.
Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
This adds parsing of the preferred and valid lifetime information from the
netlink IFA_CACHEINFO attribute. They are stored as PreferedLft and ValidLft in
the Addr struct if found.
Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
