TestNeighAddDelLLIPAddr was failing due to the Neighbour table
not getting properly populated when using a ipip tunnel.
This matches the behaviour in the latest kernel when using
the ip command.
Switch the tunnel type to a gre point to multi-point tunnel.
The neighbour table gets properly populated in this case.
Signed-off-by: Manohar Castelino <manohar.r.castelino@intel.com>
Encountered this in a local test. It turns out that in parseActions
mirred has a bug where it parses the action attributes but then on the
very next line overwrites this hard work by assigning an empty
ActionAttrs struct on top. I copy pasta'd this into connmark. Fix both
instances and amend the unit tests to catch this going forward.
Signed-off-by: Krister Johansen <krister.johansen@oracle.com>
Devlink device currently has legacy and switchdev mode.
Add an API to set devlink device mode for discovered devlink device.
Signed-off-by: Parav Pandit <parav@mellanox.com>
Add a command to get information about a specific devlink device
referenced by device name (bus, device).
Remove unused setupDevlinkKModule().
Signed-off-by: Parav Pandit <parav@mellanox.com>
XFRM interfaces are available in Linux Kernel 4.19+
When an IF_ID is applied to a XFRM policy and state, the corresponding
traffic will be sent through the virtual interface with the same IF_ID.
Currently each call to Receive() allocates 64K buffer on the heap
for the data to receive from a netlink socket. This is rather costly
considering that in most cases only fraction of this memory is actually
needed.
A quick fix is to make sure that the large buffer does not "escape" -
i.e. that it is sufficient to have it allocated on the stack.
Then only the prefix of the buffer that was actually used
is copied to the heap.
Fix for issue: #379
Signed-off-by: Milan Lenco <milan.lenco@pantheon.tech>
This patch adds very basic support for getting information about
devlink devices which are typically PCI devices which exposes Networking
switch or legacy devices.
This information includes bus name, device name and eswitch modes.
This is done through devlink family of commands via generic netlink
sockets provided by Linux kernel.
DevlinkDevice represents a devlink device which is identified by bus
name and device name (unlike interface index for netdevices).
It contains the DevlinkDevAttrs device attributes.
Currently only eswitch attributes are queried. In future more attributes
such as port, shared buffer, traffic class will be added.
Signed-off-by: Parav Pandit <parav@mellanox.com>
The kernel sends a RTM_DELNEIGH for every neighbours on link
deletion by the time the message is deserialized, the interface
no longer exists so we cannot call LinkByIndex on it.
This call to LinkByIndex is only used to get the encapType to be
able to set either IP or HardwareAddr correctly. The attrLen
attribute can be used here as only ipv4 are used with a size of 4,
and only ipv6 and FireWire HWaddr have a size of 16.
As such this change decrease the number of calls to LinkByIndex,
so it is called only when needed to choose between ipv6 or
FireWire Hwaddr, it also fallback to HWaddr in case of error with
LinkByIndex.
Fix: 921f7441f1Fix#409
Signed-off-by: Nicolas Belouin <nicolas.belouin@gandi.net>
This patch replaces TcU32Sel and TcU32Key that are copied from nl
package with type aliases for the original types. This eliminates the
usages of unsafe packages and redundant copied structs that are
identical to the original ones.
Type aliases are newly introduced in Go 1.9 and it is not backward
compatibile. Therefore this patch shall be merged only if the project is
entirely migrated to Go 1.9. Currently we are building this project
with Go 1.10 and Go 1.11, so it is reasonable to require Go version
greater than 1.9.
See #206 and #261, which is the previous life of this patch.
This patch also moves TcU32Sel, TcU32Key and U32 structs from filter.go
to filter_linux.go to make it possible to build on macOS. See #243 for
more details.
Signed-off-by: Taku Fukushima <taku@soracom.jp>
Today the filter implementation implements
only ip matching for src,dst,reply src,reply dst.
Updating the comments on the filter to reflect that
more clearly and deprecate confusing constants
Signed-off-by: Flavio Crisciani <flavio.crisciani@docker.com>
This was causing a QdiscReplace() call for a generic qdisc
(QdiscType="clsact", Parent=HANDLE_CLSACT) to fail with the error
"invalid argument" after the qdisc was first created.
Signed-off-by: Joe Stringer <joe@wand.net.nz>
The action and ifindex fields aren't represented in the XfrmPolicy type
although they exist in the the linux equivalent data structures. They
are represented in the serialized versions of those datatypes. So this
patch simply exposes those fields to the user-consumable side of the
API. This patch makes the policy's action a specific type in the same
style as the Dir field in XfrmPolicy.
Update the existing unit tests to compare Ifindex and Action fields in
the XFRM structure. Verify that the default policy returns an action of
ALLOW and an ifindex of 0. Add a unit test to add and read back a
policy to the loopback interface (ifindex 1) with action "block".
Signed-off-by: Chris Telfer <ctelfer@docker.com>
Having fou.go build only for linux breaks builds for darwin:
```
$ go build main.go
src/github.com/vishvananda/netlink/fou_unspecified.go:5:15: undefined: Fou
src/github.com/vishvananda/netlink/fou_unspecified.go:9:15: undefined: Fou
src/github.com/vishvananda/netlink/fou_unspecified.go:13:26: undefined: Fou
```
Instead, build fou.go for all platforms since it doesn't have platform-specific code:
```
$ go build main.go
$ ./main
not implemented
```
Testing and functionality for the use of HFSC has been implemented.
The use of service curves is implenented closely as to how they behave
with the TC implementation.
Automated checks and testing were succesful.
chg: addtl comment and made minor logic optimization as disscussed in PR #296
chg: flipped Persist to NonPersist
chg: comments, only unpersist tuntap if flag is set
chg: tuntap persist optional, allow empty intfc name
chg: added conditional build
Signed-off-by: Ralph Schmieder <ralph.schmieder@gmail.com>
Avoid segfaults in certain environments by checking if the Stringer
interface pointer receiver function is `nil` and return "<nil>" in
those scenarios.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Closes#354
Previous attemt to fix#354 was only hiding a true issue with too small
buffer to pick up the message from kernel.
According to https://github.com/vishvananda/netlink/issues/354#issuecomment-401559441
such situation could occur not only during dump of VF list, but also
* statistics
* tc rules and tc filters
* large conn track dump
* rdma resource details dump for debugging
or any other place where kernel can return more data than default (4kB)
sized buffer could hold.
iproute2 in this case for rtnl_dump_filter_l has buffer with size of
16kB, but we don't have distinction between different receiving funcs,
so I'm proposing to stick with original issue cause finder (kudos to
Parav Pandit aka paravmellanox) who is proposing 64kB as a buffer size.
From libnl addr.c comment:
IPv6 sends the local address as IFA_ADDRESS with no
IFA_LOCAL, IPv4 sends both IFA_LOCAL and IFA_ADDRESS
with IFA_ADDRESS being the peer address if they differ
But obviously, IPv6 sends IFA_LOCAL in case of PtP.
From iproute2 manual:
If a peer address is specified, the local address
cannot have a prefix length. The network prefix is
associated with the peer rather than with the local
address.
