Making veth a shared library for ip caused build problems (not PIC)
and is unneeded.
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Fix xfrm state or policy flush message.
And minor updates are included:
o Use static buffer to show unknown value as string.
o Show policy type (ptype) only when kernel specified it.
o Clean-up xfrm_monitor.
Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
o Support policy flag with string format.
Note that kernel defines only one name "localok" for the flag
and it has not had any effect currently.
o Support state flag value XFRM_STATE_NOPMTUDISC.
o Fix to show detailed flags value when "-s" option is used.
o Fix minor typo.
Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Remove unused or redundant usage for xfrm_filter.
Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
The usage is
# ip link add [name] type veth [peer <name>] [mac <mac>] [peer_mac <mac>]
This version doesn't include the fix for ip/iplink.c as Patrick
said that he had included it into his patches already.
Signed-off-by: Pavel Emelianov <xemul@openvz.org>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
This is a resend of the iproute VLAN patch with the if_link.h changes
edited out since the headers are already synced.
[IPROUTE]: VLAN support
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
This patch fixes a bug in the 'ip' command to display
IPv6 cloned routes.
ip -6 route ls cache
returns empty even when there are cloned routes because of
of a missing else in print_route() routine.
Signed-off-by: Sridhar Samudrala <sri@us.ibm.com>
Add support for using netlink for link configuration. Kernel-support is
probed, when not available it falls back to using ioctls.
Signed-off-by: Patrick McHardy <kaber@trash.net>
The new command is called "veth" with the following syntax:
* ip veth add <dev1> <dev2>
creates interconnected pair of veth devices.
* ip veth del <dev>
destroys the pair of veth devices, where <dev> is either
<dev1> or <dev2> used to create the pair.
One question that is to be solved is whether or not to create
a hard-coded netlink family for veth driver. Without it the
family resolution code has to be moved to general place in ip
utility (by now it is copy-paste-ed from one file to another
till final decision).
Signed-off-by: Pavel Emelianov <xemul@openvz.org>
Use the FRA attributes for routing rules, with exception of RTA_GATEWAY
(used for route-NAT) which isn't supported by current kernels anymore
and thus doesn't exist as FRA attribute.
Signed-off-by: Patrick McHardy <kaber@trash.net>
keep people from screwing their systems with routef
minor patch here ... if you run `routef --help`,
it'll turn around and flush your routing tables anyways :)
so patch will have routef output usage if any arguments are given,
otherwise it'll flush the tables ... idea is from Lars Strojny
In order to support these new flags add current
linux/if.h into the directory with the local copies.
This caused troubles with outdated redefinitions from net/if.h
so I've removed the dependency on it.
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Need to use correct XFRMA_ constants.
Get rid of bogus casts. Fix case where no attribute returned.
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
and heres the SPD version ...
cheers,
jamal
[XFRM] see SPD info
i.e instead of something like ip xfrm policy ls | grep -i src | wc -l
do:
ip xfrm policy count
And you get the count; you can also pass -s or -s -s to see more
details
Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Stephen,
Use this patch instead of the one i sent yesterday.
As before, you will need to pull include/linux/xfrm.h from
net-2.6 once Dave applies the kernel patch.
cheers,
jamal
[XFRM] see SAD info
i.e instead of something like ip xfrm state ls | grep -i src | wc -l
do:
ip xfrm state count
And you get the count; you can also pass -s to the command line and
get the hash info.
Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
cheers,
jamal
[ALL] update rest to use nl_mgrp
Signed-off-by: J Hadi Salim <hadi@cyberus.ca>
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Hi,
This patch enables ip command to add IFA_F_HOMEADDRESS and
IFA_F_NODAD flags while adding the IPv6 address.
Signed-off-by: Noriaki TAKAMIYA<takamiya@po.ntts.co.jp>
Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org>
Stephen,
I will wait until you sync all these patches ive sent; then send a
couple more then i will be done.
cheers,
jamal
[XFRM] update xfrm monitoring to use nl_mgrp
Signed-off-by: J Hadi Salim <hadi@cyberus.ca>
Signed-off-by: Stephen Hemminger <shemminger@osdl.org>
To support Mobile IPv6 RO, the following extension is included:
o Use XFRM_MODE_XXX macro instead of magic number
o New attribute option for all state: source address for
deleting or getting message
o New attribute options for RO: care-of address, last-used timestamp
and wild-receive flag
Note:
Flush command like `ip xfrm state flush` is to remove all XFRM state.
It has been effected for IPsec SAD but with this patch it flushes both
IPsec SAD and Mobile IPv6 RO states.
To make only IPsec SA flush, it is recommanded to specify each XFRM
protocol like below:
`ip x s f proto esp ; ip x s f proto ah ; ip x s f proto comp`
Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org>
Signed-off-by: Stephen Hemminger <shemminger@osdl.org>
Fix ip6tunnel.c to be fit with current ip command style.
Unlike other modules currently iptunnel (and ip6tunnel) is not
designed as protocol-independent because of unarranged structure
between IPv4 and IPv6.
Usage: ip -f inet6 tunnel { add | change | del | show } [ NAME ]
[ remote ADDR local ADDR ] [ dev PHYS_DEV ]
[ encaplimit ELIM ]
[ hoplimit HLIM ] [ tc TC ] [ fl FL ]
[ dscp inherit ]
Where: NAME := STRING
ADDR := IPV6_ADDRESS
ELIM := { none | 0..255 }(default=4)
HLIM := 0..255 (default=64)
TC := { 0x0..0xff | inherit }
FL := { 0x0..0xfffff | inherit }
Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org>
Signed-off-by: Stephen Hemminger <shemminger@osdl.org>
This file (ip6tunnel.c) is renamed from ipv6tunnel.c which is imported
from usagi cvs tree. It is originally ported by MIPL to work on their
2.4 kernel patch (MIPL1).
Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org>
Signed-off-by: Stephen Hemminger <shemminger@osdl.org>
Split common functions like ioctl to export them.
This is a preparation to support to configure IPv6-over-IPv6 tunnel.
This patch also includes minor improvemen:
o to stop to include unused headers
o to change function static if it is not needed to be exported
Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org>
Signed-off-by: Stephen Hemminger <shemminger@osdl.org>
Patch which allows for setting SA and SP also for
new IPSec mode BEET, beside tunnel and transport, according to the latest
changes in the kernel you can find at the following link:
Signed-off-by: Diego Beltrami <diego.beltrami@gmail.com>
Signed-off-by: Miika Komu <miika@iki.fi>
Signed-off-by: Stephen Hemminger <shemminger@osdl.org>
[IPROUTE]: Fix struct alignment with cris architecture
gcc for the cris arch does not pad structures to the next multiple of 4
bytes, as the i386 gcc does.
This causes errors like this when displaying xfrm policies:
# ip x p
!!!Deficit 3, rta_len=300
src 192.168.251.32/29 dst 192.168.251.32/29
dir in priority 0
!!!Deficit 3, rta_len=180
src 0.0.0.0/0 dst 192.168.251.32/29
dir in priority 2208
....
Similar errors are seen from ip x s.
This patch fixes the errors when printing. I'm not sure whether we
should worry about other uses of the affected structs, I've not seen any
other bad effects from this though, so hopefully this is enough.
(Thanks to Herbert Xu for pointing out that NLMSG_SPACE is the correct
macro to use here.)
Tested against 2.6.17.6 kernel on i386, and 2.6.16.1 kernel on cris.
Signed-off-by: Andy Gay <andy@andynet.net>
Signed-off-by: Stephen Hemminger <shemminger@osdl.org>
[IPROUTE]: Add support for larger number of routing tables
Support support for 2^32 routing tables by using the new RTA_TABLE
attribute for specifying tables > 255 and intepreting it if it is
sent by the kernel.
When tables > 255 are used on a kernel not supporting it an error will
occur because of the unknown netlink attribute.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Stephen Hemminger <shemminger@osdl.org>
[IPROUTE]: Preparation for 32 bit table IDs
The route table filter uses an integer for the table number and the value
-1 to represent cloned routes. For 32 bit table IDs it needs to become an
unsigned, so this won't work anymore. Introduce a new filter flag "cloned"
and use instead of filter.tb = -1.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Stephen Hemminger <shemminger@osdl.org>
table from the route type. This doesn't really work anymore now that IPv6
supports multiple tables. Add detection for IPv6 multiple table support
(relying on the fact that the first routes dumped belong to the local table
and have rtm_table == RT_TABLE_LOCAL with multiple tables) and handle it
like other protocols.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Vince Worthington wrote:
> Hello,
>
> We've been working with a customer of ours who was experiencing some
> latency issues, and in the process of helping them solve their problem
> we found that adding the ability to adjust the Initial Max Congestion
> Window size on a route, they were able to tune their routes to perform
> more favorably in their mixed Linux and Solaris environment. There
> were a couple of other tuning steps necessary as well but we did find
> that the ability to set a larger initial max congestion window size
> was helpful in making Linux behave more like Solaris in low-latency
> situations.
>
> The kernel already supports this route attribute, this patch simply
> adds the option to iproute.c to provide a means to set it from userspace.
>
> I've attached the patch we used in test builds of the iproute packages
> we distribute in RHEL3 and RHEL4 for your consideration for possible
> acceptance and inclusion in iproute. Please let us know if there is
> any further information you would need or if there is a more
> appropriate venue to submit this patch.
>
> Thanks,
> Vince Worthington
> Red Hat, Inc.
Stephen,
I apologize for the last patch I sent not applying cleanly to the latest
iproute2 sources. I realized that this might impede any
review/acceptance of the patch and created a separate patch against the
20060323 build of iproute2, which seems to be the latest (by looking at
the website).
The previous patch wouldn't apply cleanly due to the label of the
ssthresh argument being corrected from REALMS to NUMBER.
Please let us know if there is any other information or assistance we
can be with this patch submission.
Thanks
Vince
/sbin/ifcfg: line 25: [: too many arguments
/sbin/ifcfg: line 26: [: -ge: unary operator expected
/sbin/ifcfg: line 27: [: -ge: unary operator expected
/sbin/ifcfg: line 28: [: -ge: unary operator expected
might i suggest the attached patch
-mike
addresses. Specifically it does not correctly handle the addition of
new entries in the neighbor/arp table. For example, this command will
fail:
ip neigh add 192.168.0.138 lladdr
00:00:04:04:fe:80:00:00:00:00:00:00:00:01:73:00:00:00:8a:91 nud
permanent dev ib0
An IPoIB link layer address is 20-bytes (see
http://www.ietf.org/internet-drafts/draft-ietf-ipoib-ip-over-infiniband-09.txt,
section 9.1.1).
The command line parsing code expects link layer addresses to be a
maximum of 16-bytes. Addresses over 16-bytes are truncated.
It fixes flush feature for IPsec(ip xfrm).
Jamal gave me comment about it. I've tested it on 2.6.11.7.
Please find the log below, check code and pull it:
bk://bk.skbuff.net:38000/iproute2-xfrm-flush
ChangeSet@1.182, 2005-04-13 21:19:44+09:00, nakam@linux-ipv6.org
[ip] add "deleteall" command for xfrm;
"flush" uses kernel's flush interface and
"deleteall" uses legacy iproute2's flush feature like
getting-and-deleting-for-each.
