Hi Experts,
I'm using VPP v22.02.0-26. I have a physical interface
TwentyFiveGigabitEthernet3/0/0/4096 in bridge-domain 10(untagged) and I have
configured "l2 efp-filter" on all the interfaces.
I expected that at the ingress of interface
TwentyFiveGigabitEthernet3/0/0/4096, only untagged packets or packets with Vlan
tag 10 will be accepted and packets with any other VLAN tags other than 10 will
be dropped. But, I observed that a packet with VLAN tag 11 also was accepted
and it got flooded on bridge-domain 10.
I tried creating a sub-interface with untagged option to see if it would help
in achieving the expected behavior, but I'm seeing the below error.
DBGvpp# create sub-interfaces TwentyFiveGigabitEthernet3/0/0/4096 10 untagged
create sub-interfaces: vlan is already in use
Is there a way to achieve the behavior I'm expecting ? Please let me know if
there is a way.
Thanks in advance.
Best regards,
Parameswaran Krishnamurthy
Trace and show outputs
=======================
DBGvpp# show bridge-domain
BD-ID Index BSN Age(min) Learning U-Forwrd UU-Flood Flooding
ARP-Term arp-ufwd Learn-co Learn-li BVI-Intf
10 1 0 off on on flood on
off off 6 16777216 N/A
11 2 0 off on on flood on
off off 0 16777216 N/A
DBGvpp# show bridge-domain 10 detail
BD-ID Index BSN Age(min) Learning U-Forwrd UU-Flood Flooding
ARP-Term arp-ufwd Learn-co Learn-li BVI-Intf
10 1 0 off on on flood on
off off 6 16777216 N/A
SPAN (span-l2-input)
INPUT_CLASSIFY (l2-input-classify)
INPUT_FEAT_ARC (l2-input-feat-arc)
POLICER_CLAS (l2-policer-classify)
ACL (l2-input-acl)
VPATH (vpath-input-l2)
L2_IP_QOS_RECORD (l2-ip-qos-record)
VTR (l2-input-vtr)
LEARN (l2-learn)
RW (l2-rw)
FWD (l2-fwd)
UU_FLOOD (l2-flood)
FLOOD (l2-flood)
XCONNECT (l2-output)
Interface If-idx ISN SHG BVI TxFlood
VLAN-Tag-Rewrite
TwentyFiveGigabitEthernet3/0/0 1 1 0 - * none
TwentyFiveGigabitEthernet3/0/0 2 1 0 - * none
TwentyFiveGigabitEthernet3/0/0 3 1 0 - * none
DBGvpp#
DBGvpp# show interface TwentyFiveGigabitEthernet3/0/0/4096
Name Idx State MTU (L3/IP4/IP6/MPLS)
Counter Count
TwentyFiveGigabitEthernet3/0/0/4 3 up 8996/0/0/0 rx packets
2176
rx bytes
458059
tx packets
28514
tx bytes
5434852
drops
7
DBGvpp# show hardware-interfaces TwentyFiveGigabitEthernet3/0/0/4096
Name Idx Link Hardware
TwentyFiveGigabitEthernet3/0/0/4 3 up
TwentyFiveGigabitEthernet3/0/0/4096
Link speed: 10 Gbps
RX Queues:
queue thread mode
0 main (0) polling
Ethernet address 4e:82:65:16:80:c6
Mellanox ConnectX-4 Family
carrier up full duplex max-frame-size 9018 promisc
flags: admin-up promisc maybe-multiseg tx-offload intel-phdr-cksum
rx-ip4-cksum
rx: queues 1 (max 1024), desc 1024 (min 0 max 65535 align 1)
tx: queues 1 (max 1024), desc 1024 (min 0 max 65535 align 1)
pci: device 15b3:a2d6 subsystem 15b3:0051 address 0000:03:00.00 numa 0
switch info: name 0000:03:00.0 domain id 0 port id 4096
max rx packet len: 65536
promiscuous: unicast on all-multicast on
vlan offload: strip off filter off qinq off
rx offload avail: vlan-strip ipv4-cksum udp-cksum tcp-cksum tcp-lro
vlan-filter jumbo-frame scatter timestamp rss-hash
buffer-split
rx offload active: ipv4-cksum jumbo-frame scatter
tx offload avail: vlan-insert ipv4-cksum udp-cksum tcp-cksum tcp-tso
outer-ipv4-cksum vxlan-tnl-tso gre-tnl-tso geneve-tnl-tso
multi-segs mbuf-fast-free udp-tnl-tso ip-tnl-tso
tx offload active: ipv4-cksum udp-cksum tcp-cksum multi-segs
rss avail: ipv4-frag ipv4-tcp ipv4-udp ipv4-other ipv4 ipv6-tcp-ex
ipv6-udp-ex ipv6-frag ipv6-tcp ipv6-udp ipv6-other
ipv6-ex ipv6 l4-dst-only l4-src-only l3-dst-only
l3-src-only
rss active: none
tx burst mode: Enhanced MPW + MULTI + TSO + SWP + CSUM + METADATA
tx burst function: mlx5_rx_burst
rx burst mode: Scalar
rx burst function: mlx5_tx_burst_mtsc_empw
tx frames ok 28531
tx bytes ok 5437378
rx frames ok 2056
rx bytes ok 451819
extended stats:
rx_good_packets 2056
tx_good_packets 28531
rx_good_bytes 451819
tx_good_bytes 5437378
rx_q0_packets 2056
rx_q0_bytes 451819
tx_q0_packets 28531
tx_q0_bytes 5437378
rx_vport_packets 2056
rx_vport_bytes 452835
tx_vport_packets 28531
tx_vport_bytes 5551524
DBGvpp#
Packet 6
00:24:03:845812: dpdk-input
TwentyFiveGigabitEthernet3/0/0/4096 rx queue 0
buffer 0x54113: current data 0, length 52, buffer-pool 0, ref-count 1, trace
handle 0x5
ext-hdr-valid
PKT MBUF: port 2, nb_segs 1, pkt_len 52
buf_len 2176, data_len 52, ol_flags 0x80, data_off 128, phys_addr 0x8e008a00
packet_type 0x691 l2_len 0 l3_len 0 outer_l2_len 0 outer_l3_len 0
rss 0x0 fdir.hi 0x0 fdir.lo 0x0
Packet Offload Flags
PKT_RX_IP_CKSUM_GOOD (0x0080) IP cksum of RX pkt. is valid
PKT_RX_IP_CKSUM_NONE (0x0080) no IP cksum of RX pkt.
Packet Types
RTE_PTYPE_L2_ETHER (0x0001) Ethernet packet
RTE_PTYPE_L3_IPV4_EXT_UNKNOWN (0x0090) IPv4 packet with or without
extension headers
RTE_PTYPE_L4_NONFRAG (0x0600) Non-fragmented IP packet
IP4: ce:25:02:c2:a0:f2 -> 0e:ac:8a:83:b6:bb 802.1q vlan 11
IP6_HOP_BY_HOP_OPTIONS: 55.1.1.1 -> 55.1.1.2
tos 0x00, ttl 64, length 20, checksum 0x0ae5 dscp CS0 ecn NON_ECN
fragment id 0x0001
00:24:03:845870: ethernet-input
frame: flags 0x3, hw-if-index 3, sw-if-index 3
IP4: ce:25:02:c2:a0:f2 -> 0e:ac:8a:83:b6:bb 802.1q vlan 11
00:24:03:845915: l2-input
l2-input: sw_if_index 3 dst 0e:ac:8a:83:b6:bb src ce:25:02:c2:a0:f2 [l2-learn
l2-fwd l2-flood l2-flood ]
00:24:03:845927: l2-learn
l2-learn: sw_if_index 3 dst 0e:ac:8a:83:b6:bb src ce:25:02:c2:a0:f2 bd_index 1
00:24:03:845940: l2-fwd
l2-fwd: sw_if_index 3 dst 0e:ac:8a:83:b6:bb src ce:25:02:c2:a0:f2 bd_index
1 result [0xffffffffffffffff, -1] static age-not bvi filter learn-event
learn-move
00:24:03:845952: l2-flood
l2-flood: sw_if_index 3 dst 0e:ac:8a:83:b6:bb src ce:25:02:c2:a0:f2 bd_index 1
l2-flood: sw_if_index 3 dst 0e:ac:8a:83:b6:bb src ce:25:02:c2:a0:f2 bd_index 1
00:24:03:845983: l2-output
l2-output: sw_if_index 2 dst 0e:ac:8a:83:b6:bb src ce:25:02:c2:a0:f2 data 81
00 00 0b 08 00 45 00 00 14 00 01
l2-output: sw_if_index 1 dst 0e:ac:8a:83:b6:bb src ce:25:02:c2:a0:f2 data 81
00 00 0b 08 00 45 00 00 14 00 01
00:24:03:845997: l2-efp-filter
l2-output-vtr: sw_if_index 2 dst 0e:ac:8a:83:b6:bb src ce:25:02:c2:a0:f2 data
81 00 00 0b 08 00 45 00 00 14 00 01
l2-output-vtr: sw_if_index 1 dst 0e:ac:8a:83:b6:bb src ce:25:02:c2:a0:f2 data
81 00 00 0b 08 00 45 00 00 14 00 01
00:24:03:846026: TwentyFiveGigabitEthernet3/0/0/4095-output
TwentyFiveGigabitEthernet3/0/0/4095
IP4: ce:25:02:c2:a0:f2 -> 0e:ac:8a:83:b6:bb 802.1q vlan 11
IP6_HOP_BY_HOP_OPTIONS: 55.1.1.1 -> 55.1.1.2
tos 0x00, ttl 64, length 20, checksum 0x0ae5 dscp CS0 ecn NON_ECN
fragment id 0x0001
00:24:03:846038: TwentyFiveGigabitEthernet3/0/0-output
TwentyFiveGigabitEthernet3/0/0
IP4: ce:25:02:c2:a0:f2 -> 0e:ac:8a:83:b6:bb 802.1q vlan 11
IP6_HOP_BY_HOP_OPTIONS: 55.1.1.1 -> 55.1.1.2
tos 0x00, ttl 64, length 20, checksum 0x0ae5 dscp CS0 ecn NON_ECN
fragment id 0x0001
00:24:03:846043: TwentyFiveGigabitEthernet3/0/0/4095-tx
TwentyFiveGigabitEthernet3/0/0/4095 tx queue 0
buffer 0x54113: current data 0, length 52, buffer-pool 0, ref-count 1, trace
handle 0x5
ext-hdr-valid
vlan-1-deep l2-hdr-offset 0 l3-hdr-offset 18
PKT MBUF: port 2, nb_segs 1, pkt_len 52
buf_len 2176, data_len 52, ol_flags 0x80, data_off 128, phys_addr 0x8e008a00
packet_type 0x691 l2_len 0 l3_len 0 outer_l2_len 0 outer_l3_len 0
rss 0x0 fdir.hi 0x0 fdir.lo 0x0
Packet Offload Flags
PKT_RX_IP_CKSUM_GOOD (0x0080) IP cksum of RX pkt. is valid
PKT_RX_IP_CKSUM_NONE (0x0080) no IP cksum of RX pkt.
Packet Types
RTE_PTYPE_L2_ETHER (0x0001) Ethernet packet
RTE_PTYPE_L3_IPV4_EXT_UNKNOWN (0x0090) IPv4 packet with or without
extension headers
RTE_PTYPE_L4_NONFRAG (0x0600) Non-fragmented IP packet
IP4: ce:25:02:c2:a0:f2 -> 0e:ac:8a:83:b6:bb 802.1q vlan 11
IP6_HOP_BY_HOP_OPTIONS: 55.1.1.1 -> 55.1.1.2
tos 0x00, ttl 64, length 20, checksum 0x0ae5 dscp CS0 ecn NON_ECN
fragment id 0x0001
00:24:03:846063: TwentyFiveGigabitEthernet3/0/0-tx
TwentyFiveGigabitEthernet3/0/0 tx queue 0
buffer 0x425d3: current data 0, length 52, buffer-pool 0, ref-count 1, trace
handle 0x5
vlan-1-deep l2-hdr-offset 0 l3-hdr-offset 18
PKT MBUF: port 65535, nb_segs 1, pkt_len 52
buf_len 2176, data_len 52, ol_flags 0x0, data_off 128, phys_addr 0x8ef2ea00
packet_type 0x0 l2_len 0 l3_len 0 outer_l2_len 0 outer_l3_len 0
rss 0x0 fdir.hi 0x0 fdir.lo 0x0
IP4: ce:25:02:c2:a0:f2 -> 0e:ac:8a:83:b6:bb 802.1q vlan 11
IP6_HOP_BY_HOP_OPTIONS: 55.1.1.1 -> 55.1.1.2
tos 0x00, ttl 64, length 20, checksum 0x0ae5 dscp CS0 ecn NON_ECN
fragment id 0x0001
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#22707): https://lists.fd.io/g/vpp-dev/message/22707
Mute This Topic: https://lists.fd.io/mt/97622849/21656
Group Owner: vpp-dev+ow...@lists.fd.io
Unsubscribe: https://lists.fd.io/g/vpp-dev/leave/1480452/21656/631435203/xyzzy
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
