IFLA_NETKIT_HEADROOM and IFLA_NETKIT_TAILROOM attributes were added to
upstream kernel 6.14, allowing Netkit devices to be configured with
appropriate headroom/tailroom space to accommodate additional headers,
packet length changes and so forth.
Signed-off-by: Alasdair McWilliam <alasdair.mcwilliam@isovalent.com>
Introduces a configuration flag to disable Virtual Function polling,
providing users with control over polling behavior for performance
optimization scenarios.
Fixes: #1097
Signed-off-by: pasteley <ceasebeing@gmail.com>
Add support for geneve feature to specify source port range, see
kernel commits:
- e1f95b1992b8 ("geneve: Allow users to specify source port range")
- 5a41a00cd5d5 ("geneve, specs: Add port range to rt_link specification")
This is exactly equivalent on what is done in case of vxlan today.
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
binary.Read() != nil check means error case, so the vxlan.Port{Low,High}
are never populated. Fix the check.
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
These attributes are supported since kernel v5.14 (see [1]). Here's
what iproute2 shows:
```
$ ip -d link show eth0
4: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 65535 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
... parentbus virtio parentdev virtio0
```
[1]: 00e77ed8e6
Signed-off-by: Albin Kerouanton <albinker@gmail.com>
Add deserialization of the `IFF_RUNNING` link flag which translates to
`net.FlagRunning`.
Signed-off-by: Dylan Reimerink <dylan.reimerink@isovalent.com>
Add a specific error to report that a netlink response had
NLM_F_DUMP_INTR set, indicating that the set of results may be
incomplete or inconsistent.
unix.EINTR was previously returned (with no results) when the
NLM_F_DUMP_INTR flag was set. Now, errors.Is(err, unix.EINTR) will
still work. But, this will be a breaking change for any code that's
checking for equality with unix.EINTR.
Return results with ErrDumpInterrupted. Results may be incomplete
or inconsistent, but give the caller the option of using them.
Look for NLM_F_DUMP_INTR in more places:
- linkSubscribeAt, neighSubscribeAt, routeSubscribeAt
- can do an initial dump, which may report inconsistent results
-> if there's an error callback, call it with ErrDumpInterrupted
- socketDiagXDPExecutor
- makes an NLM_F_DUMP request, without using Execute()
-> give it the same behaviour as functions that do use Execute()
Signed-off-by: Rob Murray <rob.murray@docker.com>
Function `LinkDeserialize` checked for presence of `IFF_PROMISC` in
the link's flags to determine whether it was in promiscuous mode.
This flag only tracks what is set with commands such as
ip set <link> promisc on
but is not set when you run `tcpdump` or `wireshark` for example,
which also put the device in promiscuous mode.
There is a counter that tracks the number of times promiscuous mode
has been requested. It reacts to all the ways, `ip set`, and also
`tcpdump` and co.
With this change this counter is used instead of checking the flag.
This makes the library reflect what
ip -d link show <link>
would show in its `promiscuity` field.
To test this change, start some processes of `tcpdump` or similar
and see the counter increase in `ip -d link show <link>` as well
as in the patched version of this netlink library. With the
unpatched version the counter remains 0. Then enable promiscuous
mode globally for the interface. This will increase the count in
all variants, `ip link`, the old unpatched and the patched version
of this netlink library.
Simple test program for reference:
package main
import "fmt"
import "github.com/vishvananda/netlink"
func main() {
handle, _ := netlink.NewHandle()
links, _ := handle.LinkList()
for _, link := range links {
attrs := link.Attrs()
fmt.Printf("dev=%v promisc=%v\n",
attrs.Name, attrs.Promisc)
}
}
Linux 5.6 and higher support IFLA_PERM_ADDRESS, which contains the
permanent hardware address of the interface if an interface has such an
address. This can be used to identify interfaces even when the normal
hardware address has been changed.
Signed-off-by: Lorenz Brun <lorenz@monogon.tech>
This commit add the support for alternative names.
* exposing the attributes in the link object.
* adding the add and delete functions
* allow LinkByName() to also find devices by altname like `ip link`
Signed-off-by: Sebastian Sch <sebassch@gmail.com>
When there are a large number of existing results for the link, neighbor, and
address subscribe functions with ListExisting are likely to fail with ENOBUFS.
This takes the AddrSubscribeOptions ReceiveBufferSize, already applied
to LinkSubscribeOptions, and applies it to NeighSubscribeOptions and
RouteSubscribeOptions. The ReceiveTimeout option was also added to each.
Added a SetReceiveBufferSize to the nl_linux socket API.
The existing addr_linux subscribe function was modified so instead of setting
the ReceiveBufferSize on the netlink pkghandle, it is set on the socket
associated with the subscription. The new implementations also only change the
receive buffer size on the socket.
Lastly, a new ReceiveBufferForceSize option was applied to all four of the
modified Subscribe functions.
Sometimes with `ListExisting` enabled and enough interfaces configured,
netlink will try to send more data than the buffer can hold and the
caller will get back ENOBUFS. Thus, it's useful to be able to configure
the netlink buffer size.
The IFLA_GENEVE_COLLECT_METADATA netlink attribute shouldn't have any a
payload. For Geneve devices also other attributes can be set next to
FlowBased, however the VNI needs to be 0.
This commit also adds a test for creating a Geneve device in FlowBased
mode.
Signed-off-by: Robin Gögge <r.goegge@isovalent.com>
This is the equivalent of:
bridge link set dev <foo> isolated on|off
Add more bridge port netlink attributes Imported from
include/uapi/linux/if_link.h in Linux v6.3.
Signed-off-by: Robin Jarry <rjarry@redhat.com>
IFLA_IPTUN_COLLECT_METADATA is a "flag" netlink attribute, and shouldn't
have any payload. This also needs to be considered when parsing netlink
messages for Iptun.
This fixes Iptun link, by crafting and parsing messages accordingly and
adds a test.
Signed-off-by: Robin Gögge <r.goegge@isovalent.com>
Ip6tnl devices support IFLA_IPTUN_COLLECT_METADATA (collect_md/external
mode). This commit adds support for this and a respective test.
Signed-off-by: Robin Gögge <r.goegge@isovalent.com>
Commit 2b008399a4 ("link: add LinkSetGSOIPv4MaxSize and
LinkSetGROIPv4MaxSize") introduced the use of these constants, but they
were added only recently to the golang.org/x/sys/unix package. Update
its version in go.mod and use the pre-defined constants instead of
duplicating them.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Add two new methods to allow setting GSO and GRO max size attributes only.
They make it much easier to enable IPv4 BIG TCP [0].
The equivalent iproute2 commands are:
$ ip link set $link gso_ipv4_max_size $maxSize
$ ip link set $link gro_ipv4_max_size $maxSize
Also add tests for them. We already do support the IPv6 counterpart via
543bb1cade ("link: add LinkSetGSOMaxSize and LinkSetGROMaxSize").
[0] https://lore.kernel.org/netdev/cover.1674921359.git.lucien.xin@gmail.com/
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
This pr allows to change the default vlan on a bridge. It is
currently set to 1 by default. A value of 0 means no default vlan.
Signed-off-by: Marcelo Guerrero Viveros <marguerr@redhat.com>
Use the constants provided in the golang.org/x/sys/unix package instead
of locally defining them, as done in commit c94808a88b ("link: add
support for IFLA_GRO_MAX_SIZE").
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
GRE L3 devices support "FlowBased" ("collect_md"/"external") mode.
Add support for this configuration and relevant test.
Signed-off-by: Eyal Birger <eyal.birger@gmail.com>
IFLA_GRE_COLLECT_METADATA is a "flag" netlink attribute. As such it should
not be sent with a data payload.
Fix gretap link to send this flag correctly and re-enable tests.
Signed-off-by: Eyal Birger <eyal.birger@gmail.com>
A value of 0 for IFLA_XFRM_IF_ID is not valid and will be rejected by
the kernel by returning EINVAL, see [1]. Thus, only set the
IFLA_XFRM_IF_ID attribute in case Xfrmi.Ifid != 0.
[1] 8efd0d9c31/net/xfrm/xfrm_interface.c (L645-L648)
When the LinkModify was merged in [1] a function
that exports it outside of pkgHandle was never
added like is available for LinkAdd, LinkDel etc.
Update testing to use exported LinkModify that
itself calls the pkgHandle.LinkModify function.
[1] https://github.com/vishvananda/netlink/pull/541
