On 08/05/2024 10:38 pm, Leigh Brown wrote: > Hello all, > > I realised over the weekend that there is a valid use case for providing > a VIF to a domain that has access to multiple VLANs, e.g. a router. Yes, > you can create a VIF per VLAN, but if you start having several VLANs (as > I do), it would be nicer to create a single interface that has access to > all the relevant VLANs (e.g. enX0.10, enX0.20, etc.). > > So, version 2 changes the name and type of the parameter from an integer > called `vid' to a string called `vlan'. The vlan parameter is then > parsed by the vif-bridge script (actually, the functions called by it in > xen-network-common.sh). > > As it quite a common practice to allocate VLANs in round numbers, I also > implemented the ability to specify contiguous or non-contiguous ranges. > You can specify whether a VLAN is tagged or untagged, and which VLAN is > the PVID (only one PVID is allowed). For example, > > vif = [ 'mac=xx:xx:xx:xx:xx:xx, bridge=br0, vlan=10p/20-29' ] > > will setup the VIF so that 10 is the PVID and VLAN IDs 20 through 29 > are permitted with tags. Another example: > > vif = [ 'mac=xx:xx:xx:xx:xx:xx, bridge=br0, vlan=1p/10+10x9' ] > > will setup the bridge to set 1 as the PVID and permit access with > tags for VLAN IDs 10, 20, 30, 40, 50, 60, 70, 80 and 90. > > This patch set enables this capability as follows: > > 1. Adds `vlan' as a new member of the libxl_device_nic structure; > 2. Adds support to read and write the vlan parameter from the xenstore; > 3. Adds `vlan' as a new keyword for the vif configuration option; > 4. Adds support to assign the bridge VLANs in the Linux hotplug scripts; > 5. Updated xl-network-configuration(5) manpage and example configs. > > Original blurb below: > > For many years I have been configuring VLANs on my Linux Dom0 by > creating VLAN interfaces for each VLAN I wanted to connect a domain > to and then a corresponding bridge. So I would tend to have things > like: > > enp0s0 -> br0 -> vif1, vif2 > enp0s0.10 -> br0vl10 -> vif3, vif4 > enp0s0.20 -> br0vl20 -> vif5 > dummy0 -> br1 -> vif6 > > I recently discovered that iproute2 supports creating bridge VLANs that > allows you to assign a VLAN to each of the interfaces associated to a > bridge. This allows a greatly simplified configuration where a single > bridge can support all the domains, and the iproute2 bridge command can > assign each VIF to the required VLAN. This looks like this: > > # bridge vlan > port vlan-id > enp0s0 1 PVID Egress Untagged > 10 > 20 > br0 1 PVID Egress Untagged > vif1.0 1 PVID Egress Untagged > vif2.0 1 PVID Egress Untagged > vif3.0 10 PVID Egress Untagged > vif4.0 10 PVID Egress Untagged > vif5.0 20 PVID Egress Untagged > vif6.0 30 PVID Egress Untagged > > This patch set enables this capability as follows: > > 1. Adds `vid' as a new member of the libxl_device_nic structure; > 2. Adds support to read and write vid from the xenstore; > 3. Adds `vid' as a new keyword for the vif configuration option; > 4. Adds support for assign the bridge VLAN in the Linux hotplug scripts. > > I don't believe NetBSD or FreeBSD support this capability, but if they > do please point me in the direction of some documentation and/or examples. > > NB: I'm not very familiar with Xen code base so may have missed > something important, although I have tested it and it is working well > for me. > > Cheers, > > Leigh. > > > Leigh Brown (5): > tools/libs/light: Add vlan field to libxl_device_nic > tools/xl: add vlan keyword to vif option > tools/hotplug/Linux: Add bridge VLAN support > docs/man: document VIF vlan keyword > tools/examples: Example Linux bridge VLAN config > > docs/man/xl-network-configuration.5.pod.in | 38 ++++++ > tools/examples/linux-bridge-vlan/README | 68 +++++++++++ > tools/examples/linux-bridge-vlan/br0.netdev | 7 ++ > tools/examples/linux-bridge-vlan/br0.network | 8 ++ > .../examples/linux-bridge-vlan/enp0s0.network | 16 +++ > tools/hotplug/Linux/xen-network-common.sh | 111 ++++++++++++++++++ > tools/libs/light/libxl_nic.c | 10 ++ > tools/libs/light/libxl_types.idl | 1 + > tools/xl/xl_parse.c | 2 + > 9 files changed, 261 insertions(+) > create mode 100644 tools/examples/linux-bridge-vlan/README > create mode 100644 tools/examples/linux-bridge-vlan/br0.netdev > create mode 100644 tools/examples/linux-bridge-vlan/br0.network > create mode 100644 tools/examples/linux-bridge-vlan/enp0s0.network >
This is past the last-post date, so Oleksii will need to decide whether he's happy to make an exception for it. Anthony is OoO for a month now, so if this is to get in for 4.19, then it will need reviewing by others. I've CC'd a few plausible candidates... ~Andrew
