19 Sep, 2016

1 commit

• 4fbae7d83   ipvlan: Introduce l3s mode ... Browse Code »

  In a typical IPvlan L3 setup where master is in default-ns and
  each slave is into different (slave) ns. In this setup egress
  packet processing for traffic originating from slave-ns will
  hit all NF_HOOKs in slave-ns as well as default-ns. However same
  is not true for ingress processing. All these NF_HOOKs are
  hit only in the slave-ns skipping them in the default-ns.
  IPvlan in L3 mode is restrictive and if admins want to deploy
  iptables rules in default-ns, this asymmetric data path makes it
  impossible to do so.

  This patch makes use of the l3_rcv() (added as part of l3mdev
  enhancements) to perform input route lookup on RX packets without
  changing the skb->dev and then uses nf_hook at NF_INET_LOCAL_IN
  to change the skb->dev just before handing over skb to L4.

  Signed-off-by: Mahesh Bandewar
  CC: David Ahern
  Reviewed-by: David Ahern
  Signed-off-by: David S. Miller

  Mahesh Bandewar

  2016-09-19 13:25:22 +0800  

29 Apr, 2016

1 commit

• edb9a1b89   Documentation: networking: fix spelling mistakes ... Browse Code »

  Signed-off-by: Eric Engestrom
  Signed-off-by: David S. Miller

  Eric Engestrom

  2016-04-29 02:21:13 +0800  

25 Nov, 2014

1 commit

• 2ad7bf363   ipvlan: Initial check-in of the IPVLAN driver. ... Browse Code »

  This driver is very similar to the macvlan driver except that it
  uses L3 on the frame to determine the logical interface while
  functioning as packet dispatcher. It inherits L2 of the master
  device hence the packets on wire will have the same L2 for all
  the packets originating from all virtual devices off of the same
  master device.

  This driver was developed keeping the namespace use-case in
  mind. Hence most of the examples given here take that as the
  base setup where main-device belongs to the default-ns and
  virtual devices are assigned to the additional namespaces.

  The device operates in two different modes and the difference
  in these two modes in primarily in the TX side.

  (a) L2 mode : In this mode, the device behaves as a L2 device.
  TX processing upto L2 happens on the stack of the virtual device
  associated with (namespace). Packets are switched after that
  into the main device (default-ns) and queued for xmit.

  RX processing is simple and all multicast, broadcast (if
  applicable), and unicast belonging to the address(es) are
  delivered to the virtual devices.

  (b) L3 mode : In this mode, the device behaves like a L3 device.
  TX processing upto L3 happens on the stack of the virtual device
  associated with (namespace). Packets are switched to the
  main-device (default-ns) for the L2 processing. Hence the routing
  table of the default-ns will be used in this mode.

  RX processins is somewhat similar to the L2 mode except that in
  this mode only Unicast packets are delivered to the virtual device
  while main-dev will handle all other packets.

  The devices can be added using the "ip" command from the iproute2
  package -

  ip link add link type ipvlan mode [ l2 | l3 ]

  Signed-off-by: Mahesh Bandewar
  Cc: Eric Dumazet
  Cc: Maciej Żenczykowski
  Cc: Laurent Chavey
  Cc: Tim Hockin
  Cc: Brandon Philips
  Cc: Pavel Emelianov
  Signed-off-by: David S. Miller

  Mahesh Bandewar

  2014-11-25 04:29:18 +0800