Re: [pve-devel] [PATCH pve-common 1/2] Inotify: add support for 802.1ad stacked vlans
>>It's also possible to stack 802.1Q on 802.1Q for example,
>>but I'm unaware of any real switch implementation.
>>AFAIK, only 1 802.1Q on top of 802.1ad seem to be possible on
>>cisco,juniper,arista,
sorry, I speak too fast, 1 user on the forum is currently playing with triple
tags and 802.1Q (with ovs) ;)
https://forum.proxmox.com/threads/1st-core-is-overloaded-by-intel-nic-irqs.47166/
I'll rework the patch, and make it more generic.
- Mail original -
De: "aderumier"
À: "Wolfgang Bumiller"
Cc: "pve-devel"
Envoyé: Mardi 25 Septembre 2018 15:34:50
Objet: Re: [pve-devel] [PATCH pve-common 1/2] Inotify: add support for 802.1ad
stacked vlans
>>While 802.1ad seems to be "specified" to be limited to 2 tags, it may
>>still be nice to just condense this into a single branch:
>>
>>if ($d->{type} eq 'vlan' && $iface =~ m/^(\S+(?:\.\d+)*)\.\d+$/) {
>>my $parent_name = $1;
>>my $parent = $ifaces->{$parent_name};
>>
>>And then add a 'vlan' type branch before the `not eth/bridge/bond`
>>branch in the old code?
>>(And then die if $parent_name contains 2 dots (=~ /\..*\./)).
Ok thanks, I'll rework it.
>>Btw. is this a restriction of ifupdown2? Or do we just want to do this
>>for safety? As from "technical" point of view nothing prevents me from
>>tripple-tagging. The kernel also happily allows me to add a range of
>>multiple 802.1Q tags without even using 802.1ad, or mix them.
>>eg.:
>># ip link add br0.5 link br0 type vlan id 5 protocol 802.1Q
>># ip link add br0.5.6 link br0.5 type vlan id 6 protocol 802.1ad
>># ip link add br0.5.6.7 link br0.5.6 type vlan id 7 protocol 802.1Q
>># ip link add br0.5.6.7.8 link br0.5.6.7 type vlan id 8 protocol 802.1ad
>>
>>tcpdump shows the expected data - I have no idea what it would do to
>>the usual switches out there in real networks though ;-)
yes, it was more by safety to avoid user misconfiguration of something not
working.
It's also possible to stack 802.1Q on 802.1Q for example,
but I'm unaware of any real switch implementation.
AFAIK, only 1 802.1Q on top of 802.1ad seem to be possible on
cisco,juniper,arista,
----- Mail original -
De: "Wolfgang Bumiller"
À: "aderumier"
Cc: "pve-devel"
Envoyé: Mardi 25 Septembre 2018 14:55:17
Objet: Re: [pve-devel] [PATCH pve-common 1/2] Inotify: add support for 802.1ad
stacked vlans
On Mon, Sep 24, 2018 at 09:52:46AM +0200, Alexandre Derumier wrote:
> ---
> src/PVE/INotify.pm | 26 -
> test/etc_network_interfaces/t.create_network.pl | 14 +
> 2 files changed, 39 insertions(+), 1 deletion(-)
>
> diff --git a/src/PVE/INotify.pm b/src/PVE/INotify.pm
> index f837596..de61d79 100644
> --- a/src/PVE/INotify.pm
> +++ b/src/PVE/INotify.pm
> @@ -1432,7 +1433,25 @@ sub __write_etc_network_interfaces {
> # check vlan
> foreach my $iface (keys %$ifaces) {
> my $d = $ifaces->{$iface};
> - if ($d->{type} eq 'vlan' && $iface =~ m/^(\S+)\.\d+$/) {
> + if ($d->{type} eq 'vlan' && $iface =~ m/^(\S+\.\d+)\.\d+$/) {
While 802.1ad seems to be "specified" to be limited to 2 tags, it may
still be nice to just condense this into a single branch:
if ($d->{type} eq 'vlan' && $iface =~ m/^(\S+(?:\.\d+)*)\.\d+$/) {
my $parent_name = $1;
my $parent = $ifaces->{$parent_name};
And then add a 'vlan' type branch before the `not eth/bridge/bond`
branch in the old code?
(And then die if $parent_name contains 2 dots (=~ /\..*\./)).
> + my $p = $1;
> + my $n = $ifaces->{$p};
> +
> + die "vlan '$iface' - unable to find parent '$p'\n"
> + if !$n;
> +
> + die "stacked vlan '$iface' - parent '$p' is not a vlan interface "
> + if $n->{type} ne 'vlan';
> +
> + die "stacked vlan '$iface' - parent '$p' vlan-protocol is not 802.1ad"
> + if !$n->{'vlan-protocol'} || $n->{'vlan-protocol'} ne '802.1ad';
> +
> + die "stacked vlan '$iface' - vlan-protocol can't be 802.1ad"
> + if $d->{'vlan-protocol'} && $d->{'vlan-protocol'} eq '802.1ad';
Btw. is this a restriction of ifupdown2? Or do we just want to do this
for safety? As from "technical" point of view nothing prevents me from
tripple-tagging. The kernel also happily allows me to add a range of
multiple 802.1Q tags without even using 802.1ad, or mix them.
eg.:
# ip link add br0.5 link br0 type vlan id 5 protocol 802.1Q
# ip link add br0.5.6 link br0.5 type vlan id 6 protocol 802.1ad
# ip link add br0.5.6.7 link br0.5.6 type vlan id 7 protocol 802.1Q
# ip link add br0.5.6.7.8 link br0.5.6.7 type vlan id 8 proto
Re: [pve-devel] [PATCH pve-common 1/2] Inotify: add support for 802.1ad stacked vlans
>>While 802.1ad seems to be "specified" to be limited to 2 tags, it may
>>still be nice to just condense this into a single branch:
>>
>>if ($d->{type} eq 'vlan' && $iface =~ m/^(\S+(?:\.\d+)*)\.\d+$/) {
>>my $parent_name = $1;
>>my $parent = $ifaces->{$parent_name};
>>
>>And then add a 'vlan' type branch before the `not eth/bridge/bond`
>>branch in the old code?
>>(And then die if $parent_name contains 2 dots (=~ /\..*\./)).
Ok thanks, I'll rework it.
>>Btw. is this a restriction of ifupdown2? Or do we just want to do this
>>for safety? As from "technical" point of view nothing prevents me from
>>tripple-tagging. The kernel also happily allows me to add a range of
>>multiple 802.1Q tags without even using 802.1ad, or mix them.
>>eg.:
>># ip link add br0.5 link br0 type vlan id 5 protocol 802.1Q
>># ip link add br0.5.6 link br0.5 type vlan id 6 protocol 802.1ad
>># ip link add br0.5.6.7 link br0.5.6 type vlan id 7 protocol 802.1Q
>># ip link add br0.5.6.7.8 link br0.5.6.7 type vlan id 8 protocol 802.1ad
>>
>>tcpdump shows the expected data - I have no idea what it would do to
>>the usual switches out there in real networks though ;-)
yes, it was more by safety to avoid user misconfiguration of something not
working.
It's also possible to stack 802.1Q on 802.1Q for example,
but I'm unaware of any real switch implementation.
AFAIK, only 1 802.1Q on top of 802.1ad seem to be possible on
cisco,juniper,arista,....
----- Mail original -
De: "Wolfgang Bumiller"
À: "aderumier"
Cc: "pve-devel"
Envoyé: Mardi 25 Septembre 2018 14:55:17
Objet: Re: [pve-devel] [PATCH pve-common 1/2] Inotify: add support for 802.1ad
stacked vlans
On Mon, Sep 24, 2018 at 09:52:46AM +0200, Alexandre Derumier wrote:
> ---
> src/PVE/INotify.pm | 26 -
> test/etc_network_interfaces/t.create_network.pl | 14 +
> 2 files changed, 39 insertions(+), 1 deletion(-)
>
> diff --git a/src/PVE/INotify.pm b/src/PVE/INotify.pm
> index f837596..de61d79 100644
> --- a/src/PVE/INotify.pm
> +++ b/src/PVE/INotify.pm
> @@ -1432,7 +1433,25 @@ sub __write_etc_network_interfaces {
> # check vlan
> foreach my $iface (keys %$ifaces) {
> my $d = $ifaces->{$iface};
> - if ($d->{type} eq 'vlan' && $iface =~ m/^(\S+)\.\d+$/) {
> + if ($d->{type} eq 'vlan' && $iface =~ m/^(\S+\.\d+)\.\d+$/) {
While 802.1ad seems to be "specified" to be limited to 2 tags, it may
still be nice to just condense this into a single branch:
if ($d->{type} eq 'vlan' && $iface =~ m/^(\S+(?:\.\d+)*)\.\d+$/) {
my $parent_name = $1;
my $parent = $ifaces->{$parent_name};
And then add a 'vlan' type branch before the `not eth/bridge/bond`
branch in the old code?
(And then die if $parent_name contains 2 dots (=~ /\..*\./)).
> + my $p = $1;
> + my $n = $ifaces->{$p};
> +
> + die "vlan '$iface' - unable to find parent '$p'\n"
> + if !$n;
> +
> + die "stacked vlan '$iface' - parent '$p' is not a vlan interface "
> + if $n->{type} ne 'vlan';
> +
> + die "stacked vlan '$iface' - parent '$p' vlan-protocol is not 802.1ad"
> + if !$n->{'vlan-protocol'} || $n->{'vlan-protocol'} ne '802.1ad';
> +
> + die "stacked vlan '$iface' - vlan-protocol can't be 802.1ad"
> + if $d->{'vlan-protocol'} && $d->{'vlan-protocol'} eq '802.1ad';
Btw. is this a restriction of ifupdown2? Or do we just want to do this
for safety? As from "technical" point of view nothing prevents me from
tripple-tagging. The kernel also happily allows me to add a range of
multiple 802.1Q tags without even using 802.1ad, or mix them.
eg.:
# ip link add br0.5 link br0 type vlan id 5 protocol 802.1Q
# ip link add br0.5.6 link br0.5 type vlan id 6 protocol 802.1ad
# ip link add br0.5.6.7 link br0.5.6 type vlan id 7 protocol 802.1Q
# ip link add br0.5.6.7.8 link br0.5.6.7 type vlan id 8 protocol 802.1ad
tcpdump shows the expected data - I have no idea what it would do to
the usual switches out there in real networks though ;-)
> +
> + &$check_mtu($ifaces, $p, $iface);
> +
> + } elsif ($d->{type} eq 'vlan' && $iface =~ m/^(\S+)\.\d+$/) {
> my $p = $1;
> my $n = $ifaces->{$p};
>
___
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] [PATCH pve-common 1/2] Inotify: add support for 802.1ad stacked vlans
On Mon, Sep 24, 2018 at 09:52:46AM +0200, Alexandre Derumier wrote:
> ---
> src/PVE/INotify.pm | 26
> -
> test/etc_network_interfaces/t.create_network.pl | 14 +
> 2 files changed, 39 insertions(+), 1 deletion(-)
>
> diff --git a/src/PVE/INotify.pm b/src/PVE/INotify.pm
> index f837596..de61d79 100644
> --- a/src/PVE/INotify.pm
> +++ b/src/PVE/INotify.pm
> @@ -1432,7 +1433,25 @@ sub __write_etc_network_interfaces {
> # check vlan
> foreach my $iface (keys %$ifaces) {
> my $d = $ifaces->{$iface};
> - if ($d->{type} eq 'vlan' && $iface =~ m/^(\S+)\.\d+$/) {
> + if ($d->{type} eq 'vlan' && $iface =~ m/^(\S+\.\d+)\.\d+$/) {
While 802.1ad seems to be "specified" to be limited to 2 tags, it may
still be nice to just condense this into a single branch:
if ($d->{type} eq 'vlan' && $iface =~ m/^(\S+(?:\.\d+)*)\.\d+$/) {
my $parent_name = $1;
my $parent = $ifaces->{$parent_name};
And then add a 'vlan' type branch before the `not eth/bridge/bond`
branch in the old code?
(And then die if $parent_name contains 2 dots (=~ /\..*\./)).
> + my $p = $1;
> + my $n = $ifaces->{$p};
> +
> + die "vlan '$iface' - unable to find parent '$p'\n"
> + if !$n;
> +
> + die "stacked vlan '$iface' - parent '$p' is not a vlan interface "
> + if $n->{type} ne 'vlan';
> +
> + die "stacked vlan '$iface' - parent '$p' vlan-protocol is not
> 802.1ad"
> + if !$n->{'vlan-protocol'} || $n->{'vlan-protocol'} ne '802.1ad';
> +
> + die "stacked vlan '$iface' - vlan-protocol can't be 802.1ad"
> + if $d->{'vlan-protocol'} && $d->{'vlan-protocol'} eq '802.1ad';
Btw. is this a restriction of ifupdown2? Or do we just want to do this
for safety? As from "technical" point of view nothing prevents me from
tripple-tagging. The kernel also happily allows me to add a range of
multiple 802.1Q tags without even using 802.1ad, or mix them.
eg.:
# ip link add br0.5 link br0 type vlan id 5 protocol 802.1Q
# ip link add br0.5.6 link br0.5 type vlan id 6 protocol 802.1ad
# ip link add br0.5.6.7 link br0.5.6 type vlan id 7 protocol 802.1Q
# ip link add br0.5.6.7.8 link br0.5.6.7 type vlan id 8 protocol 802.1ad
tcpdump shows the expected data - I have no idea what it would do to
the usual switches out there in real networks though ;-)
> +
> + &$check_mtu($ifaces, $p, $iface);
> +
> + } elsif ($d->{type} eq 'vlan' && $iface =~ m/^(\S+)\.\d+$/) {
> my $p = $1;
> my $n = $ifaces->{$p};
>
___
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH pve-common 1/2] Inotify: add support for 802.1ad stacked vlans
---
src/PVE/INotify.pm | 26 -
test/etc_network_interfaces/t.create_network.pl | 14 +
2 files changed, 39 insertions(+), 1 deletion(-)
diff --git a/src/PVE/INotify.pm b/src/PVE/INotify.pm
index f837596..de61d79 100644
--- a/src/PVE/INotify.pm
+++ b/src/PVE/INotify.pm
@@ -954,6 +954,7 @@ sub __read_etc_network_interfaces {
'bridge-multicast-flood' => 1,
'bond_miimon' => 1,
'bond_xmit_hash_policy' => 1,
+ 'vlan-protocol' => 1,
'vxlan-id' => 1,
'vxlan-svcnodeip' => 1,
'vxlan-physdev' => 1,
@@ -1432,7 +1433,25 @@ sub __write_etc_network_interfaces {
# check vlan
foreach my $iface (keys %$ifaces) {
my $d = $ifaces->{$iface};
- if ($d->{type} eq 'vlan' && $iface =~ m/^(\S+)\.\d+$/) {
+ if ($d->{type} eq 'vlan' && $iface =~ m/^(\S+\.\d+)\.\d+$/) {
+ my $p = $1;
+ my $n = $ifaces->{$p};
+
+ die "vlan '$iface' - unable to find parent '$p'\n"
+ if !$n;
+
+ die "stacked vlan '$iface' - parent '$p' is not a vlan interface "
+ if $n->{type} ne 'vlan';
+
+ die "stacked vlan '$iface' - parent '$p' vlan-protocol is not
802.1ad"
+ if !$n->{'vlan-protocol'} || $n->{'vlan-protocol'} ne '802.1ad';
+
+ die "stacked vlan '$iface' - vlan-protocol can't be 802.1ad"
+ if $d->{'vlan-protocol'} && $d->{'vlan-protocol'} eq '802.1ad';
+
+ &$check_mtu($ifaces, $p, $iface);
+
+ } elsif ($d->{type} eq 'vlan' && $iface =~ m/^(\S+)\.\d+$/) {
my $p = $1;
my $n = $ifaces->{$p};
@@ -1445,8 +1464,13 @@ sub __write_etc_network_interfaces {
die "vlan '$iface' - wrong interface type on parent '$p' " .
"('$n->{type}' != 'eth|bond|bridge' )\n";
}
+
+ die "bridge vlan '$iface' - vlan-protocol can't be 802.1ad"
+ if ($n->{'vlan-protocol'} && $n->{'vlan-protocol'} eq '802.1ad'
&& $n->{type} eq 'bridge');
+
&$check_mtu($ifaces, $p, $iface);
}
+
}
# check bridgeport option
diff --git a/test/etc_network_interfaces/t.create_network.pl
b/test/etc_network_interfaces/t.create_network.pl
index e446f53..bf5b4b6 100644
--- a/test/etc_network_interfaces/t.create_network.pl
+++ b/test/etc_network_interfaces/t.create_network.pl
@@ -305,6 +305,15 @@ $config->{ifaces}->{'bond0.100'} = {
mtu => 1300,
method => 'manual',
families => ['inet'],
+'vlan-protocol' => '802.1ad',
+autostart => 1
+};
+
+$config->{ifaces}->{'bond0.100.10'} = {
+type => 'vlan',
+mtu => 1300,
+method => 'manual',
+families => ['inet'],
autostart => 1
};
@@ -336,6 +345,11 @@ $bond0_part
auto bond0.100
iface bond0.100 inet manual
mtu 1300
+ vlan-protocol 802.1ad
+
+auto bond0.100.10
+iface bond0.100.10 inet manual
+ mtu 1300
$vmbr0_part
--
2.11.0
___
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
