subject:"vmd\: interface rdomains"

Re: vmd: interface rdomains

2017-05-03 Thread Mike Larkin

On Wed, May 03, 2017 at 12:06:01PM +0200, Reyk Floeter wrote:
> Hi,
> 
> the attached diff adds support for rdomains in vmd.
> 
> In vm.conf, add an interface to a specified rdomain.  local interfaces
> work as expected, but the host-side routing and PF has to be done in
> the non-default rdomain as well.
> 
> vm "foo" {
>   local interface rdomain 1
>   interface {
>   rdomain 2
>   }
>   ...
> }
> 
> Or add all VM interfaces on a switch to a specified rdomain:
> 
> switch "bar" {
>   rdomain 1
>   ...
> }
> 
> OK?
> 

no objections, ok mlarkin if you didn't already get to this

> Reyk
> 
> Index: usr.sbin/vmd/config.c
> ===
> RCS file: /cvs/src/usr.sbin/vmd/config.c,v
> retrieving revision 1.30
> diff -u -p -u -p -r1.30 config.c
> --- usr.sbin/vmd/config.c 21 Apr 2017 07:03:26 -  1.30
> +++ usr.sbin/vmd/config.c 3 May 2017 10:02:58 -
> @@ -282,6 +282,9 @@ config_setvm(struct privsep *ps, struct 
>   }
>   }
>  
> + /* non-default rdomain (requires VMIFF_RDOMAIN below) */
> + vif->vif_rdomain = vmc->vmc_ifrdomain[i];
> +
>   /* Set the interface status */
>   vif->vif_flags =
>   vmc->vmc_ifflags[i] & (VMIFF_UP|VMIFF_OPTMASK);
> Index: usr.sbin/vmd/parse.y
> ===
> RCS file: /cvs/src/usr.sbin/vmd/parse.y,v
> retrieving revision 1.28
> diff -u -p -u -p -r1.28 parse.y
> --- usr.sbin/vmd/parse.y  3 May 2017 08:21:57 -   1.28
> +++ usr.sbin/vmd/parse.y  3 May 2017 10:02:59 -
> @@ -116,7 +116,7 @@ typedef struct {
>  
>  %token   INCLUDE ERROR
>  %token   ADD BOOT DISABLE DISK DOWN ENABLE GROUP INTERFACE LLADDR LOCAL 
> LOCKED
> -%token   MEMORY NIFS OWNER PATH PREFIX SIZE SWITCH UP VM VMID
> +%token   MEMORY NIFS OWNER PATH PREFIX RDOMAIN SIZE SWITCH UP VM VMID
>  %token NUMBER
>  %token STRING
>  %type  lladdr
> @@ -263,6 +263,14 @@ switch_opts  : disable   {
>   | LOCKED LLADDR {
>   vsw->sw_flags |= VMIFF_LOCKED;
>   }
> + | RDOMAIN NUMBER{
> + if ($2 < 0 || $2 > RT_TABLEID_MAX) {
> + yyerror("invalid rdomain: %lld", $2);
> + YYERROR;
> + }
> + vsw->sw_flags |= VMIFF_RDOMAIN;
> + vsw->sw_rdomain = $2;
> + }
>   | updown{
>   if ($1)
>   vsw->sw_flags |= VMIFF_UP;
> @@ -532,6 +540,14 @@ iface_opts   : SWITCH string {
>   vmc.vmc_ifflags[vcp_nnics] |= VMIFF_LOCKED;
>   memcpy(vcp->vcp_macs[vcp_nnics], $3, ETHER_ADDR_LEN);
>   }
> + | RDOMAIN NUMBER{
> + if ($2 < 0 || $2 > RT_TABLEID_MAX) {
> + yyerror("invalid rdomain: %lld", $2);
> + YYERROR;
> + }
> + vmc.vmc_ifflags[vcp_nnics] |= VMIFF_RDOMAIN;
> + vmc.vmc_ifrdomain[vcp_nnics] = $2;
> + }
>   | updown{
>   if ($1)
>   vmc.vmc_ifflags[vcp_nnics] |= VMIFF_UP;
> @@ -645,6 +661,7 @@ lookup(char *s)
>   { "memory", MEMORY },
>   { "owner",  OWNER },
>   { "prefix", PREFIX },
> + { "rdomain",RDOMAIN },
>   { "size",   SIZE },
>   { "switch", SWITCH },
>   { "up", UP },
> Index: usr.sbin/vmd/priv.c
> ===
> RCS file: /cvs/src/usr.sbin/vmd/priv.c,v
> retrieving revision 1.8
> diff -u -p -u -p -r1.8 priv.c
> --- usr.sbin/vmd/priv.c   21 Apr 2017 07:03:26 -  1.8
> +++ usr.sbin/vmd/priv.c   3 May 2017 10:02:59 -
> @@ -88,6 +88,7 @@ priv_dispatch_parent(int fd, struct priv
>   switch (imsg->hdr.type) {
>   case IMSG_VMDOP_PRIV_IFDESCR:
>   case IMSG_VMDOP_PRIV_IFCREATE:
> + case IMSG_VMDOP_PRIV_IFRDOMAIN:
>   case IMSG_VMDOP_PRIV_IFADD:
>   case IMSG_VMDOP_PRIV_IFUP:
>   case IMSG_VMDOP_PRIV_IFDOWN:
> @@ -124,6 +125,12 @@ priv_dispatch_parent(int fd, struct priv
>   errno != EEXIST)
>   log_warn("SIOCIFCREATE");
>   break;
> + case IMSG_VMDOP_PRIV_IFRDOMAIN:
> + strlcpy(ifr.ifr_name, vfr.vfr_name, sizeof(ifr.ifr_name));
> + ifr.ifr_rdomainid = vfr.vfr_id;
> + if (ioctl(env->vmd_fd, SIOCSI

vmd: interface rdomains

2017-05-03 Thread Reyk Floeter

Hi,

the attached diff adds support for rdomains in vmd.

In vm.conf, add an interface to a specified rdomain.  local interfaces
work as expected, but the host-side routing and PF has to be done in
the non-default rdomain as well.

vm "foo" {
local interface rdomain 1
interface {
rdomain 2
}
...
}

Or add all VM interfaces on a switch to a specified rdomain:

switch "bar" {
rdomain 1
...
}

OK?

Reyk

Index: usr.sbin/vmd/config.c
===
RCS file: /cvs/src/usr.sbin/vmd/config.c,v
retrieving revision 1.30
diff -u -p -u -p -r1.30 config.c
--- usr.sbin/vmd/config.c   21 Apr 2017 07:03:26 -  1.30
+++ usr.sbin/vmd/config.c   3 May 2017 10:02:58 -
@@ -282,6 +282,9 @@ config_setvm(struct privsep *ps, struct 
}
}
 
+   /* non-default rdomain (requires VMIFF_RDOMAIN below) */
+   vif->vif_rdomain = vmc->vmc_ifrdomain[i];
+
/* Set the interface status */
vif->vif_flags =
vmc->vmc_ifflags[i] & (VMIFF_UP|VMIFF_OPTMASK);
Index: usr.sbin/vmd/parse.y
===
RCS file: /cvs/src/usr.sbin/vmd/parse.y,v
retrieving revision 1.28
diff -u -p -u -p -r1.28 parse.y
--- usr.sbin/vmd/parse.y3 May 2017 08:21:57 -   1.28
+++ usr.sbin/vmd/parse.y3 May 2017 10:02:59 -
@@ -116,7 +116,7 @@ typedef struct {
 
 %token INCLUDE ERROR
 %token ADD BOOT DISABLE DISK DOWN ENABLE GROUP INTERFACE LLADDR LOCAL LOCKED
-%token MEMORY NIFS OWNER PATH PREFIX SIZE SWITCH UP VM VMID
+%token MEMORY NIFS OWNER PATH PREFIX RDOMAIN SIZE SWITCH UP VM VMID
 %token   NUMBER
 %token   STRING
 %typelladdr
@@ -263,6 +263,14 @@ switch_opts: disable   {
| LOCKED LLADDR {
vsw->sw_flags |= VMIFF_LOCKED;
}
+   | RDOMAIN NUMBER{
+   if ($2 < 0 || $2 > RT_TABLEID_MAX) {
+   yyerror("invalid rdomain: %lld", $2);
+   YYERROR;
+   }
+   vsw->sw_flags |= VMIFF_RDOMAIN;
+   vsw->sw_rdomain = $2;
+   }
| updown{
if ($1)
vsw->sw_flags |= VMIFF_UP;
@@ -532,6 +540,14 @@ iface_opts : SWITCH string {
vmc.vmc_ifflags[vcp_nnics] |= VMIFF_LOCKED;
memcpy(vcp->vcp_macs[vcp_nnics], $3, ETHER_ADDR_LEN);
}
+   | RDOMAIN NUMBER{
+   if ($2 < 0 || $2 > RT_TABLEID_MAX) {
+   yyerror("invalid rdomain: %lld", $2);
+   YYERROR;
+   }
+   vmc.vmc_ifflags[vcp_nnics] |= VMIFF_RDOMAIN;
+   vmc.vmc_ifrdomain[vcp_nnics] = $2;
+   }
| updown{
if ($1)
vmc.vmc_ifflags[vcp_nnics] |= VMIFF_UP;
@@ -645,6 +661,7 @@ lookup(char *s)
{ "memory", MEMORY },
{ "owner",  OWNER },
{ "prefix", PREFIX },
+   { "rdomain",RDOMAIN },
{ "size",   SIZE },
{ "switch", SWITCH },
{ "up", UP },
Index: usr.sbin/vmd/priv.c
===
RCS file: /cvs/src/usr.sbin/vmd/priv.c,v
retrieving revision 1.8
diff -u -p -u -p -r1.8 priv.c
--- usr.sbin/vmd/priv.c 21 Apr 2017 07:03:26 -  1.8
+++ usr.sbin/vmd/priv.c 3 May 2017 10:02:59 -
@@ -88,6 +88,7 @@ priv_dispatch_parent(int fd, struct priv
switch (imsg->hdr.type) {
case IMSG_VMDOP_PRIV_IFDESCR:
case IMSG_VMDOP_PRIV_IFCREATE:
+   case IMSG_VMDOP_PRIV_IFRDOMAIN:
case IMSG_VMDOP_PRIV_IFADD:
case IMSG_VMDOP_PRIV_IFUP:
case IMSG_VMDOP_PRIV_IFDOWN:
@@ -124,6 +125,12 @@ priv_dispatch_parent(int fd, struct priv
errno != EEXIST)
log_warn("SIOCIFCREATE");
break;
+   case IMSG_VMDOP_PRIV_IFRDOMAIN:
+   strlcpy(ifr.ifr_name, vfr.vfr_name, sizeof(ifr.ifr_name));
+   ifr.ifr_rdomainid = vfr.vfr_id;
+   if (ioctl(env->vmd_fd, SIOCSIFRDOMAIN, &ifr) < 0)
+   log_warn("SIOCSIFRDOMAIN");
+   break;
case IMSG_VMDOP_PRIV_IFADD:
if (priv_getiftype(vfr.vfr_value, type, NULL) == -1)
fatalx("%s: rejected to add interface: %s",
@@ -272,6 +279,17 @@ vm_

Re: vmd: interface rdomains

vmd: interface rdomains

2 matches

Site Navigation

Mail list logo

Footer information