Add section for additional arguments to GRE, IPIP, and SIT types
that are related to Foo-over-UDP and Generic UDP Encapsulation.
Also, added an example GUE configuration in the examples section.
Signed-off-by: Tom Herbert <therbert@google.com>
This change allows to exec some cmd on each
named netns (except default) by specifying '-all' option:
# ip -all netns exec ip link
Each command executes synchronously.
Exit status is not considered, so there might be a case
that some CMD can fail on some netns but success on the other.
EXAMPLES:
1) Show link info on all netns:
$ ip -all netns exec ip link
netns: test_net
1: lo: <LOOPBACK> mtu 65536 qdisc noop state DOWN mode DEFAULT group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
4: tap0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT group default qlen 500
link/ether 1a:19:6f:25:eb:85 brd ff:ff:ff:ff:ff:ff
netns: home0
1: lo: <LOOPBACK> mtu 65536 qdisc noop state DOWN mode DEFAULT group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
4: tap0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT group default qlen 500
link/ether ea:1a:59:40:d3:29 brd ff:ff:ff:ff:ff:ff
netns: lan0
1: lo: <LOOPBACK> mtu 65536 qdisc noop state DOWN mode DEFAULT group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
4: tap0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT group default qlen 500
link/ether ce:49:d5:46:81:ea brd ff:ff:ff:ff:ff:ff
2) Set UP tap0 device for the all netns:
$ ip -all netns exec ip link set dev tap0 up
netns: test_net
netns: home0
netns: lan0
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
In the ip-link(8) man page, for the gretap, ip6gre, and ip6gretap types, the
word tunnel was incorrectly spelled 'tuunel'.
Signed-off-by: Reese Moore <ram@vt.edu>
This patch adds configuration and dumping of congestion control metric
for ip route, for example:
ip route add <dst> dev foo congctl [lock] dctcp
Reference: http://thread.gmane.org/gmane.linux.network/344733
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
v2:
Resending now that the dust has cleared in 3.18 on "self" vs. hwmode debate for
brport settings. learning_sync is now set/cleared using "self" qualifier on
brport.
v1:
Add 'learned_sync' flag to turn on/off syncing of learned MAC addresses from
offload device to bridge's FDB. Flag is be set/cleared on offload device port
using "self" qualifier:
$ sudo bridge link set dev swp1 learning_sync on self
$ bridge -d link show dev swp1
2: swp1 state UNKNOWN : <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 master br0 state forwarding priority 32 cost 2
hairpin off guard off root_block off fastleave off learning off flood off
2: swp1 state UNKNOWN : <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 master br0
learning on learning_sync on
Adds new IFLA_BRPORT_LEARNED_SYNCED attribute for IFLA_PROTINFO on the SELF
brport.
Signed-off-by: Scott Feldman <sfeldma@gmail.com>
Added new '-netns' option to simplify executing following cmd:
ip netns exec NETNS ip OPTIONS COMMAND OBJECT
to
ip -n[etns] NETNS OPTIONS COMMAND OBJECT
e.g.:
ip -net vnet0 link add br0 type bridge
ip -n vnet0 link
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Jiri Pirko <jiri@resnulli.us>
Extend "ip-address" man page to reflect the recent extension of
allowing to list addresses with flags tentative, deprecated, dadfailed
not being set.
Signed-off-by: Heiner Kallweit <heiner.kallweit@web.de>
Added new option 'type' to 'ip link show'
command which allows to filter devices by type:
ip link show type bridge
ip link show type vlan
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Added another timestamp format to look like more logging info:
[2014-12-22T22:36:50.489 ] 2: enp0s25: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default
link/ether 3c:97:0e:a3:86:2e brd ff:ff:ff:ff:ff:ff
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
This permits to selectively enable explicit congestion notification via
the routing table.
If this ecn feature is not set, the kernel will use the tcp_ecn sysctl
to decide wheter to use ECN when establising a TCP connection.
At the time of this writing, the kernel supports ecn and allfrags, but
allfrags is of dubious value and not implemented here.
Example:
ip route change 192.168.2.0/24 dev eth0 features ecn
Signed-off-by: Florian Westphal <fw@strlen.de>
BEFORE:
The show command has additional formatting options:
-s, -stats, -statistics
output more statistics about packet usage.
-d, -details
output more detailed information.
-h, -human, -human-readble
output statistics with human readable values number followed by suffix
-iec print human readable rates in IEC units (ie. 1K = 1024).
AFTER:
The show command has additional formatting options:
-s, -stats, -statistics
output more statistics about packet usage.
-d, -details
output more detailed information.
-h, -human, -human-readble
output statistics with human readable values number followed by suffix
-iec print human readable rates in IEC units (ie. 1K = 1024).
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
As 'ip' util will share the same netns from the caller
process then we can just look at /proc/self/.. to show
the netns of the current process by:
ip netns id
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Man pages for Foo-over-UDP and Generic UDP Encapsulation receive
port configuration. gue man page links to fou one.
Signed-off-by: Tom Herbert <therbert@google.com>
For hsr link there was no short description in ip-link man page.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Not sure how these typos slipped in back then, I suspect
too much coffee. ;) So lets fix them up properly.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
o "min_tx_rate" option has been added for minimum Tx rate. Hence, for
consistent naming, "max_tx_rate" option has been introduced for maximum
Tx rate.
o Change in v2: "rate" can be used along with "max_tx_rate".
When both are specified, "max_tx_rate" should override.
o Change in v3:
* IFLA_VF_RATE: When IFLA_VF_RATE is used, and user has given only one of
min_tx_rate or max_tx_rate, reading of previous rate limits is done in
userspace instead of in kernel space before ndo_set_vf_rate.
* IFLA_VF_TX_RATE: When IFLA_VF_TX_RATE is used, min_tx_rate is always read
in kernel space. This takes care of below scenarios:
(1) when old tool sends "rate" but kernel is new (expects min and max)
(2) when new tool sends only "rate" but kernel is old (expects only "rate")
o Change in v4 as suggested by Stephen Hemminger:
* As per iproute policy, input and output formats should match. Changing display
of max_tx_rate and min_tx_rate options accordingly.
./ip/ip link show p3p1
8: p3p1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT qlen 1000
link/ether 00:0e:1e:16:ce:40 brd ff:ff:ff:ff:ff:ff
vf 0 MAC 2a:18:8f:4d:3d:d4, tx rate 700 (Mbps), max_tx_rate 700Mbps, min_tx_rate 200Mbps
vf 1 MAC 72:dc:ba:f9:df:fd
Signed-off-by: Sucheta Chakraborty <sucheta.chakraborty@qlogic.com>
Controller Area Network (CAN) interfaces are physical network interfaces.
They can't be 'created' like software devices by 'ip link add type can'.
Signed-off-by: Oliver Hartkopp <socketcan@hartkopp.net>
The process SELinux contexts can be added to the output using the -Z
option. Using the -z option will show the process and socket contexts (see
the man page for details).
For netlink sockets: if valid process show process context, if pid = 0
show kernel initial context, if unknown show "unavailable".
Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
This adds the manpage for PIE: Proportional Integral controller Enhanced AQM
scheme.
Signed-off-by: Vijay Subramanian <subramanian.vijay@gmail.com>
Signed-off-by: Vijay Subramanian <vijaynsu@cisco.com>
CC: Dave Taht <dave.taht@bufferbloat.net>
This augments bridge(8) manual page with `bridge mdb' and `bridge
monitor mdb' commands which have been added recently.
Signed-off-by: Petr Písař <ppisar@redhat.com>
When configuring a system with multiple network uplinks and default routes, it
is often convenient to reference a routing table multiple times - but reject
its routing decision if certain constraints are not met by it.
Consider this setup:
$ ip route add table secuplink default via 10.42.23.1
$ ip rule add pref 100 table main suppress_prefixlength 0
$ ip rule add pref 150 fwmark 0xA table secuplink
With this setup, packets marked 0xA will be processed by the additional routing
table "secuplink", but only if no suitable route in the main routing table can
be found. By suppressing entries with a prefixlength of 0 (or less), the
default route (/0) of the table "main" is hidden to packets processed by rule
100; packets traveling to destinations via more specific routes are processed
as usual.
It is also possible to suppress a routing entry if a device belonging to
a specific interface group is to be used:
$ ip rule add pref 150 table main suppress_group 1
Signed-off-by: Stefan Tomanek <stefan.tomanek@wertarbyte.de>
This patch allows setting VXLAN destination to unicast address.
It allows that VXLAN can be used as peer-to-peer tunnel without
multicast.
v6: change back to the v3 except for using new attribute because
replacing command-line parameters breaks existing scripts,
based by Cong Wang's comments.
v5: rebase on the latest.
v4: replace "group" with "remote" based by David Stevens's comments.
v3: move a new attribute REMOTE into the last of an enum list
based by Stephen Hemminger's comments.
fix the usage to show explicitly that both "remote" and "group"
cannot be specified, based by Ben Hutchings's comments.
v2: use a new argument "remote" instead of "group" based by
Stephen Hemminger's comments.
Signed-off-by: Atzm Watanabe <atzm@stratosphere.co.jp>
These do nothing on an 80-column display. They were clearly somebody's
boilerplate way of setting up hanging indents, but the syntax lines
are way too short to require them. And since most were argumentless
they would have been no-ops on any sized display.
The ip link command line help and the ip-link.8.in
man page are outdated in regards to the vxlan support.
The patch updates both the command line help for the
ip command and its man page.
Signed-off-by: Thomas Richter <tmricht@linux.vnet.ibm.com>
The bridge fdb command line help and the bridge.8
man page are outdated in regards to the vxlan support.
The patch updates both the command line help for the
bridge command and its man page.
Signed-off-by: Thomas Richter <tmricht@linux.vnet.ibm.com>
The command synopsis is regularized and part of it split off into an
OPTIONS section. This allows the page to lift to XML-DocBook.
An invalid \p escape was removed.
This page was written by someone who didn't understand the use of
definite and indefinite articles in English, nor its punctuation rules.
I've fixed these mistakes, and some glitches in punctuation and
capitalization.
Enclosed patch fixes inappropriate uses of the .SS macro. Fuller explanation
in the change comment.
There are other problems in these pages that block lifting to
XML-DocBook, most notably in the command synopses. They will take
some creativity to fix. I'm working on it
>From 75745adba4b45b87577b61a2daa886dd444f44da Mon Sep 17 00:00:00 2001
From: "Eric S. Raymond" <esr@thyrsus.com>
Date: Fri, 21 Jun 2013 15:27:38 -0400
Subject: [PATCH] Abolish presentation-level misuse of the .SS macro.
This change fixes most (but not all) fatal errors in attempts to lift
the iproute2 manual pages to XML-DocBook. Where .SS is still used it
is a real subsection header, not just a way to outdent and bold text.
Presentation-level instances are turned into .TP calls and tables.
This patch adds quickack option to enable/disable TCP quick ack
mode for per-route.
Cc: Stephen Hemminger <stephen@networkplumber.org>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Cong Wang <amwang@redhat.com>
This patch adds support for tokenized IIDs, that enable
administrators to assign well-known host-part addresses
to nodes whilst still obtaining global network prefix
from Router Advertisements. This is the iproute2 part for
the kernel patch f53adae4eae5 (``net: ipv6: add tokenized
interface identifier support'').
Example commands with iproute2:
Setting a device token:
# ip token set ::1a:2b:3c:4d/64 dev eth1
Getting a device token:
# ip token get dev eth1
token ::1a:2b:3c:4d dev eth1
Listing all tokens:
# ip token list (or: ip token)
token :: dev eth0
token ::1a:2b:3c:4d dev eth1
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Acked-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
The tc command is missing documentation of -batch and -force switches
that are returned by "tc -help".
Add short description on their syntax and usage.
Change ALGO-KEY to ALGO-KEYMAT to make it more obvious that the
keying material might need to contain more than just the key (such
as a salt or nonce value).
List the algorithm names that currently exist in the kernel.
Indicate that for IPComp, the Compression Parameter Index (CPI) is
used as the SPI.
Group the list of mode values by transform protocol.
Signed-off-by: David Ward <david.ward@ll.mit.edu>
In older versions of traffic shaping the Alpha kernel was special
and had higher HZ. This no longer matters, TC is based on high
resoulution timers in kernel.
Bridge tool now supports setting and retrieving bridge port specific
link attributes. Document what attributes are supported and what
they mean.
Signed-off-by: Vlad Yasevich <vyasevic@redhat.com>
Both ip-link and ip-address support the 'up' argument, however this
isn't documented in neither their help outputs or ip-address' manpage.
This patch fixes that.
Signed-off-by: Petr Šabata <contyk@redhat.com>
Reported-by: Jiří Popelka <jpopelka@redhat.com>
While looking into a sysctl regression in decnet on old kernels I
discovered this omission in the iproute2 documentation.
I can't imagine anyone's muscle memory remembering the longer forms.
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Rephrasing for clarity.
Note that in ip-rule.8 I rephrased a sentence to "The RPDB is scanned
in order of decreasing priority." The original version talked about
*in*creasing priority, but from the context that didn't make sense.
Signed-off-by: Kees van Reeuwijk <reeuwijk@few.vu.nl>
The 'inherit/STRING' or 'inherit/00..ff' syntax indicates that the
TOS field of tunneled packets should be copied from the original IP
header, but for non-IP packets the value STRING or 00..ff should be
used instead. (This syntax is already used by 'ip tunnel show'.)
Also clarify the man page and the command usage text (particularly
that the TOS is not specified as a decimal number).
Signed-off-by: David Ward <david.ward@ll.mit.edu>
Add command that go between network namespace names and process
identifiers. The code builds and runs agains older kernels but
only works on Linux 3.8+ kernels where I have fixed stat to work
properly.
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Document ip netns monitor.
Add a few senteces describing each command. The manpage was looking
very scrawny.
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
The debian package checking tool, lintian, spotted that the
tc ematch manpage seems to have an error in the specified section.
Signed-off-by: Andreas Henriksson <andreas@fatal.se>
Added support to ipoib rtnl ops through which one can create, configure,
query and delete IPoIB devices, for example
$ ip link add link ib0.8001 name ib0.8001 type ipoib pkey 0x8001
$ ip link add link ib0.1 name ib0.1 type ipoib mode connected
$ ip --details link show dev ib0.1
Cc: Patrick McHardy <kaber@trash.net>
Signed-off-by: Or Gerlitz <ogerlitz@mellanox.com>
ip tcp_metrics/tcpmetrics
We support get/del for single entry and dump for
show/flush.
v3:
- fix rtt/rttvar shifts as suggested by Eric Dumazet
- show rtt/rttvar usecs as suggested by David Laight
Signed-off-by: Julian Anastasov <ja@ssi.bg>
This patch finishes removing the replace option from the bridge
man page which I missed in this commit
commit 57b9785de3
Author: John Fastabend <john.r.fastabend@intel.com>
Date: Mon Aug 27 10:52:31 2012 -0700
iproute2: bridge: remove replace and change options
Also add documentation for "{ self | embedded }" already shown on
the cmd line help msg.
Signed-off-by: John Fastabend <john.r.fastabend@intel.com>
- rename section UNITS to PARAMETERS.
- break section PARAMETERS down to four subsections to cover the
common used parameter types(RATES, TIMES, SIZES, VALUES).
- add some explaination for IEC units in RATES.
- point out the max value we can set for RATES, TIMES and SIZES.
Signed-off-by: Li Wei <lw@cn.fujitsu.com>
After latest commit 'Install all tc and ip sub pages' this error
occurs on make.
make[2]: Nothing to be done for `all'.
make[2]: Leaving directory `/home/git/kernel.org/iproute2/man/man3'
make[2]: Entering directory `/home/git/kernel.org/iproute2/man/man8'
Makefile:8: *** commands commence before first target. Stop.
make[2]: Leaving directory `/home/git/kernel.org/iproute2/man/man8'
Signed-off-by: John Fastabend <john.r.fastabend@intel.com>
Since the get_rate() code incorrectly interpreted bare number, the
behavior is not the same as man page and comment described.
We need to change the man page and comment for compatible with the
existing usage by scripts.
This makes 2 changes:
1: Add fq_codel to SEE ALSO section in tc manpage.
2: Reorder the SEE ALSO section to make the order alphabetical
(suggested by Jan Ceuleers ).
Signed-off-by: Vijay Subramanian <subramanian.vijay@gmail.com>
<groff: tc-drr.8>:67: warning: tab character in unquoted macro argument
<groff: tc-drr.8>:69: warning: tab character in unquoted macro argument
*********************
Originally filed at: http://bugs.debian.org/674706
Signed-off-by: Andreas Henriksson <andreas@fatal.se>
<groff: tc.8>:51: warning: total indent cannot be negative
<groff: tc.8>:57: warning: escape character ignored before `i'
*********************
Space at end of line removed
General considerations
a) Manuals should usually only be left justified. Use ".ad l"
as the first regular command.
b) Each sentence should begin on a new line. The conventions
about the amount of space between sentences are different. This
also makes a check on the number of space characters between
words easier.
c) Separate numbers from units with a (no-break) space. A
no-break space can be code 0xA0, "\ " (\<space>), or "\~"
(groff).
d) Use macros "TS/TE" for tables with more than two columns.
Then use
'\" t
as the first line in the source to tell "man" to use the "tbl"
preprocessor.
e) Protect last period (full stop) in abbreviations with "\&",
if it is or might be (through new formatting of source) at the
end of line, if it is also not an end of sentence.
*********************
Originally filed at: http://bugs.debian.org/674704
Signed-off-by: Andreas Henriksson <andreas@fatal.se>
This patch updates the netem manpage to describe how to use
netem to mark packets with ecn instead of dropping them.
Signed-off-by: Vijay Subramanian <subramanian.vijay@gmail.com>
Reported by Ivan Vilata i Balaguer <ivan@selidor.net>
found that the description of the `ip link add` command in the manpage
is outdated regarding the compulsory `link DEVICE` option.
For instance, `ip link help` says:
Usage: ip link add [link DEV] [ name ] NAME
...
But the manpage still says:
ip link add link DEVICE [ name ] NAME
(Trying to provide a `link` option e.g. under an LXC container can frustrate
the creation of dummy devices which don't need an actual device.)
The syntax of the "ip link help" output was fixed in commit
"iproute2: Fix usage and man page for 'ip link'" (a22e92951d).
This updates the manpage to mark "link DEVICE" as an optional
argument there as well.
http://bugs.debian.org/673171
Signed-off-by: Andreas Henriksson <andreas@fatal.se>
Commit (761a1e60 iproute2 - Split up manual page installation )
introduced man/man8/Makefile but did not add all the man pages.
This patch adds the missing man pages for installation.
Signed-off-by: Vijay Subramanian <subramanian.vijay@gmail.com>
Add a man page to cover the "ip l2tp" commands. Add a reference to it
in the main ip page.
This version removes the unnecessary setting of promiscuous mode
in the examples.
Signed-off-by: James Chapman <jchapman@katalix.com>
Generate manual pages based on where the config files are installed.
Add missing manual pages for utilities which are links to other binaries.
Make tc-pfifo.8 a real file that points to tc-bfifo.8 instead of symlink
which causes problems with compressing manual pages.
Signed-off-by: Christoph J. Thompson <cjsthompson@gmail.com>
The kernel supports a link mode attribute (which can be dormant or default).
This attribute is used to control how the link watch engine
handles operstate transistion.
This adds a new parameter to ip link command to allow setting and
displaying the value.
---
* update synopsis to match "ip address help" output
* specify IPv4, since "IP" is ambiguous
* remove deprecated site scope
* document lifetimes, home, and nodad
* update wording to make sense since page was split from the ip(8) page
* git rid of extra spaces
A new option -p is added to the arpd command that accepts
a time indicating the number of seconds
to wait between kernel arp table polling attempts.
The minimum value is .1 (100ms).
If not specified, polling defaults to 30 seconds.
Patch by Erik Hugne <erik.hugne@ericsson.com> with
modifications
Add documentation for the ip link set spoof checking option. The
expanded text section explaining the VF commands was missing this
text.
Signed-off-by: Greg Rose <gregory.v.rose@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
include documentation for harddrop and adaptive parameters.
All parameters but limit and avpkt are optional.
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
The syntax used in the example on reordering in the manpage is inconsistent with
the usage syntax. Moreover, the text does not describe the reordering process
in the kernel correctly. This patch fixes these two issues.
Signed-off-by: Vijay Subramanian <subramanian.vijay@gmail.com>
Add ip link command parsing for VF spoof checking enable/disable
V2 - Fixed problem with parsing of dump info on kernels that don't
support the spoof checking option and also wrapped the ifla_vf_info
structure in #ifdef __KERNEL__ to prevent user space from directly
accessing the structure
V3 - Improved parsing of vfinfo
V4 - Put Makefile back to proper list of subdirs
V5 - Remove struct ifla_vf_info, it is only used by the kernel
V6 - Make sure spoof check is reported by the driver - rtnl will set
it to -1 to indicate driver didn't report a value.
Signed-off-by: Greg Rose <gregory.v.rose@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
This patch adds detailed documentation for HFSC scheduler. It roughly
follows HFSC paper, but tries to not rely too much on math side of things.
Post-paper/Linux specific subjects (timer resolution, ul service curve, etc.)
are also discussed.
I've read it many times over, but it's a lengthy chunk of text - so try
to be understanding in case I made some mistakes.
tc-hfsc(7): explains algorithm in detail (very long)
tc-hfsc(8): explains command line options briefly
tc(8): adds references to new man pages
Makefile: adds man7 directory to install target
q_hfsc.c: minimal help text changes, consistency with tc-hfsc(8)
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Add bridge as a supported type with 'ip link' in usage and all the missing
types in 'ip' man page. Also fixed some typos.
Signed-off-by: Sridhar Samudrala <sri@us.ibm.com>
$ ip route help 2>&1 | grep monitor
ip route { add | del | change | append | replace | monitor } ROUTE
$ ip route monitor
Command "monitor" is unknown, try "ip route help".
(I guess what was really intended is "ip monitor route", so just remove
the argument from the help output.)
Originally reported by martin f krafft at http://bugs.debian.org/537681
While at it, also drop all non-existant (route,link,netns) monitor
arguments from the ip(8) man page.
Signed-off-by: Andreas Henriksson <andreas@fatal.se>
The goal of this code change is to implement a mechanism such that it is
simple to work with a kernel that is using multiple network namespaces
at once.
This comes in handy for interacting with vpns where there may be rfc1918
address overlaps, and different policies default routes, name servers
and the like.
Configuration specific to a network namespace that would ordinarily be
stored under /etc/ is stored under /etc/netns/<name>. For example if
the dns server configuration is different for your vpn you would create
a file /etc/netns/myvpn/resolv.conf.
File descriptors that can be used to manipulate a network namespace can
be created by opening /var/run/netns/<NAME>.
This adds the following commands to iproute.
ip netns add NAME
ip netns delete NAME
ip netns monitor
ip netns list
ip netns exec NAME cmd ....
ip link set DEV netns NAME
ip netns exec exists to cater the vast majority of programs that only
know how to operate in a single network namespace. ip netns exec
changes the default network namespace, creates a new mount namespace,
remounts /sys and bind mounts netns specific configuration files to
their standard locations.
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
The ip(8) man page and the "ip xfrm [ XFRM-OBJECT ] help" command output
are updated to include missing options, fix errors, and improve grammar.
There are no functional changes made.
The documentation for the ip command has many different meanings for the
same formatting symbols (which really needs to be fixed). This patch makes
consistent use of brackets [ ] to indicate optional parameters, pipes | to
mean "OR", braces { } to group things together, and dashes - instead of
underscores _ inside of parameter names. The parameters are listed in the
order in which they are parsed in the source code.
There are several parameters and options that are still not mentioned or
need to be described more thoroughly in the "COMMAND SYNTAX" section of
the ip(8) man page. I would appreciate help from the developers with this.
Signed-off-by: David Ward <david.ward@ll.mit.edu>
Since July 2008 (2.6.27, c1e20f7c8b9), the kernel stores the values for
RTAX_{RTT{,VAR},RTO_MIN} in milliseconds. When using a kernel > 2.6.27 with
the current iproute2, conversion of these values is broken in either way.
This patch
* updates the code to pass and retrieve milliseconds;
* since values < 1msec would be rounded up, also drops the usec/nsec variants;
* since there is no way to query kernel HZ, also drops the jiffies variant.
Arguments such as
rtt 3.23sec
rto_min 0xff
rto_min 0.200s
rttvar 25ms
now all work as expected when reading back previously set values.
Add the group keyword to ip link set, which has the following meaning:
If both a group and a device name are pressent, we change the device's
group to the specified one. If only a group is present, then the
operation specified by the rest of the command should apply on an entire
group, not a single device.
So, to set eth0 to the default group, one would use
ip link set dev eth0 group default
Conversely, to set all the devices in the default group down, use
ip link set group default down
Signed-off-by: Vlad Dogaru <ddvlad@rosedu.org>
User can specify device group to list by using the group keyword:
ip link show group test
If no group is specified, 0 (default) is implied.
Signed-off-by: Vlad Dogaru <ddvlad@rosedu.org>
This patch adds save and restore commands to "ip route". Save dumps
the RTNL stream to stdout which can then be passed to restore later.
This may be helpful in some normal situations, and will allow C/R to
migrate the routing information in userspace. Tweaking of the stream
can be done by userspace helpers to convert between versions and adjust
things like device indexes when restoring routes in a different
environment.
By factoring out some of the common bits of print_route() into
filter_nlmsg(), the "save" command can use the same selection logic
as "list," allowing the caller to save only specific routes as
necessary.
The only change since the RFC is the addition of manpage and doc
material.
Signed-off-by: Dan Smith <danms@us.ibm.com>
The default remains at 10 for backwards compatibility.
For instance:
# ip addr flush dev eth2
*** Flush remains incomplete after 10 rounds. ***
# ip -l 20 addr flush dev eth2
*** Flush remains incomplete after 20 rounds. ***
# ip -loops 0 addr flush dev eth2
#
This is useful for getting rid of large numbers of IP
addresses in scripts.
Signed-off-by: Ben Greear <greearb@candelatech.com>
IPv6 addresses that have IFA_F_SECONDARY set are actually temporary addresses,
hence the IFA_F_TEMPORARY equivalent. Change the output in this case and
allow filtering on the word "temporary".
Signed-off-by: Brian Haley <brian.haley@hp.com>
Currently you can configure "equalize" and it looks all fine and dandy.
The kernel has the interface defined, but apparently there's never actually
been any implementation for it (only a never merged patch in the 2.4 era).
I'm suggesting to drop the code to give any potential users of this feature
the benefit of receiving a proper error message. I see it unlikely that
this will be implemented in the near future, but if it ever happens
reviving the iproute2 side should be as easy as git revert this patch.
For more details see http://bugs.debian.org/149897
David Miller wrote:
> From: Patrick McHardy <kaber@trash.net>
> Date: Mon, 30 Nov 2009 19:00:14 +0100
>
>> This patch contains iproute support for iprule oif classification
>> for the send-to-self RFC I just sent out.
>
> Patrick, you need to submit a new version of this patch with
> the FIB_RULE_* macro fixed, just like the kernel version got
> fixed.
Thanks for reminind me of this. New patch attached.
commit 0fe5164cbaa1d65dda341075710be71bf1f32d10
Author: Patrick McHardy <kaber@trash.net>
Date: Fri Dec 4 07:06:18 2009 +0100
iprule: add oif classification support
Signed-off-by: Patrick McHardy <kaber@trash.net>
--Boundary-01=_wxi/JRaNdLkbr7g
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
Hi Stephen,
please review attached patch to add support for in-kernel potential router=
=20
lists for ISATAP tunnels.
Usage:
ip tunnel add name isatap0 mode isatap local 192.168.1.100
ip tunnel prl dev isatap0 prl-default 192.168.1.1
ip tunnel prl dev isatap0 prl-nodefault 192.168.1.2
ip tunnel prl dev isatap0 prl-delete 192.168.1.1
ip tunnel show # pr and pdr will be listed as well
Patch based on http://osprey67.com/seal/iproute2_diff.v0_3.txt by Fred L.=20
Templin.
Thanks,
Sascha
Fix syntax errors in ip(8) manpage.
lintian said:
W: iproute: manpage-has-errors-from-man usr/share/man/man8/ip.8.gz 2167: warning: `RP' not defined
Signed-off-by: Andreas Henriksson <andreas@fatal.se>
Signed-off-by: Stephen Hemminger <stephen.hemminger@vyatta.com>
Hi Stephen,
I resend you this patch once more. This time I updated the documentation
too (may be that was the reason why you didn't take it before?).
Please tell me if there are other things missing in this patch
It applies on iproute2 git tree.
Regards,
Benjamin
Description:
------------
This patch adds support for the IFLA_NET_NS_PID type. It is used to
move network devices between network namespaces.
The syntax is:
ip link set DEVICE netns PID
PID is the pid of a process in the target network namespace.
(Daniel Lezcano is the original author).
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Signed-off-by: Benjamin Thery <benjamin.thery@bull.net>
Signed-off-by: Stephen Hemminger <stephen.hemminger@vyatta.com>
Don't break scripts that depend on previous offset/value format.
Introduce a new -pretty flag for decoding, and (*gasp*) document
the formatting arguments.
I was asked to at least mention the xfrm option in ip manual. I added
all usage into ip.8 and try to write some basic information about xfrm.
If someone want complete it, I'll be happy.
Marcela Maslanova
a16304c0cdbdbc8926b112743b4bd49069a50cd7
man/man8/ip.8 | 474 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 474 insertions(+), 0 deletions(-)
Signed-off-by: Stephen Hemminger <stephen.hemminger@vyatta.com>
Hello Stephen!
The patches branch of the debian packaging repo, at
git://git.debian.org/git/collab-maint/pkg-iproute, now has four patches still
pending. (Not resending, since they've all been posted multiple times before.
Pick them up from the repo if you're interested.)
Here's the latest addition:
commit 3c904bb5933257533f4afecf805ca5a548a8e885
Author: Andreas Henriksson <andreas@fatal.se>
Date: Fri Feb 22 13:57:10 2008 +0100
Fix typo (syntax error) in ip(8) manpage.
Caught by lintian (debian package checker).
commit 355e1438f73602fbac029d28891dfa889471b679
Author: Andreas Henriksson <andreas@fatal.se>
Date: Wed Jan 2 23:21:59 2008 +0100
Add synonyms for ip rule options to ip(8) manpage.
See:
http://bugs.debian.org/433507http://bugs.debian.org/213673
Signed-off-by: Stephen Hemminger <stephen.hemminger@vyatta.com>
Spotted by Aleš Kozumplík <al_es@seznam.cz>
(http://bugs.debian.org/289225)
Signed-off-by: Andreas Henriksson <andreas@fatal.se>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Fix typo in ss manpage.
Make the backslash visible in ip manpage (http://bugs.debian.org/285507).
Strict syntax for ip addr advice in error message.
Fix typo in libnetlink(3) manpage (writen -> written).
Fix typos in tc-prio(8) manpage.
Fix typo in tc-htb(8) manpage (mininum -> minimum).
Fix typo in tc-cbq-details(8) manpage (occured -> occurred).
Signed-off-by: Andreas Henriksson <andreas@fatal.se>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Symlink rtstat(8) and ctstat(8) to lnstat(8).
Add rtacct/nstat manpage based on doc/nstat.sgml as rtacct(8).
Symlink nstat(8) to rtacct(8).
Add arpd(8) symlink based on doc/arpd.sgml.
Signed-off-by: Andreas Henriksson <andreas@fatal.se>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Spotted by Aleš Kozumplík <al_es@seznam.cz>
(http://bugs.debian.org/289225)
Signed-off-by: Andreas Henriksson <andreas@fatal.se>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Enable users of ip to specify the times for rtt, rttvar and rto_min
in human-friendly terms a la "tc" while maintaining backwards
compatability with the previous "raw" mechanism. Builds upon
David Miller's uncommited patch to set rto_min.
Signed-off-by: Rick Jones <rick.jones2@hp.com>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Contributed man page from Michael Prokop <mika@grml.org>
Note: changed from lnstat.1 to lnstat.8 because that is
the section all the other iproute2 commands are in.
Signed-off-by: Stephen Hemminger <shemminger@osdl.org>