mirror of
https://git.proxmox.com/git/mirror_iproute2
synced 2025-08-08 19:14:52 +00:00
02a261b5ba
Add support for the new TCA_MPLS_ACT_MAC_PUSH action (kernel commit
a45294af9e96 ("net/sched: act_mpls: Add action to push MPLS LSE before
Ethernet header")). This action let TC push an MPLS header before the
MAC header of a frame.
Example (encapsulate all outgoing frames with label 20, then add an
outer Ethernet header):
# tc filter add dev ethX matchall \
action mpls mac_push label 20 ttl 64 \
action vlan push_eth dst_mac 0a:00:00:00:00:02 \
src_mac 0a:00:00:00:00:01
This patch also adds an alias for ETH_P_TEB, since it is useful when
decapsulating MPLS packets that contain an Ethernet frame.
With MAC_PUSH, there's no previous Ethertype to modify. However, the
"protocol" option is still needed, because the kernel uses it to set
skb->protocol. So rename can_modify_ethtype() to can_set_ethtype().
Also add a test suite for m_mpls, which covers the new action and the
pre-existing ones.
Signed-off-by: Guillaume Nault <gnault@redhat.com>
Signed-off-by: David Ahern <dsahern@gmail.com>
165 lines
4.1 KiB
Groff
165 lines
4.1 KiB
Groff
.TH "VLAN manipulation action in tc" 8 "12 Jan 2015" "iproute2" "Linux"
|
|
|
|
.SH NAME
|
|
vlan - vlan manipulation module
|
|
.SH SYNOPSIS
|
|
.in +8
|
|
.ti -8
|
|
.BR tc " ... " "action vlan" " { " pop " | " pop_eth " |"
|
|
.IR PUSH " | " MODIFY " | " PUSH_ETH " } [ " CONTROL " ]"
|
|
|
|
.ti -8
|
|
.IR PUSH " := "
|
|
.BR push " [ " protocol
|
|
.IR VLANPROTO " ]"
|
|
.BR " [ " priority
|
|
.IR VLANPRIO " ] "
|
|
.BI id " VLANID"
|
|
|
|
.ti -8
|
|
.IR MODIFY " := "
|
|
.BR modify " [ " protocol
|
|
.IR VLANPROTO " ]"
|
|
.BR " [ " priority
|
|
.IR VLANPRIO " ] "
|
|
.BI id " VLANID"
|
|
|
|
.ti -8
|
|
.IR PUSH_ETH " := "
|
|
.B push_eth
|
|
.BI dst_mac " LLADDR " src_mac " LLADDR "
|
|
|
|
.ti -8
|
|
.IR CONTROL " := { "
|
|
.BR reclassify " | " pipe " | " drop " | " continue " | " pass " | " goto " " chain " " CHAIN_INDEX " }"
|
|
.SH DESCRIPTION
|
|
The
|
|
.B vlan
|
|
action allows to perform 802.1Q en- or decapsulation on a packet, reflected by
|
|
the operation modes
|
|
.IR POP ", " PUSH " and " MODIFY .
|
|
The
|
|
.I POP
|
|
mode is simple, as no further information is required to just drop the
|
|
outer-most VLAN encapsulation. The
|
|
.IR PUSH " and " MODIFY
|
|
modes require at least a
|
|
.I VLANID
|
|
and allow to optionally choose the
|
|
.I VLANPROTO
|
|
to use.
|
|
|
|
The
|
|
.B vlan
|
|
action can also be used to add or remove the base Ethernet header. The
|
|
.B pop_eth
|
|
mode, which takes no argument, is used to remove the base Ethernet header. All
|
|
existing VLANs must have been previously dropped. The opposite operation,
|
|
adding a base Ethernet header, is done with the
|
|
.B push_eth
|
|
mode. In that case, the packet must have no MAC header (stacking MAC headers is
|
|
not permitted). This mode is mostly useful when a previous action has
|
|
encapsulated the whole original frame behind a network header and one needs
|
|
to prepend an Ethernet header before forwarding the resulting packet.
|
|
|
|
.SH OPTIONS
|
|
.TP
|
|
.B pop
|
|
Decapsulation mode, no further arguments allowed.
|
|
.TP
|
|
.B push
|
|
Encapsulation mode. Requires at least
|
|
.B id
|
|
option.
|
|
.TP
|
|
.B modify
|
|
Replace mode. Existing 802.1Q tag is replaced. Requires at least
|
|
.B id
|
|
option.
|
|
.TP
|
|
.B pop_eth
|
|
Ethernet header decapsulation mode. Only works on a plain Ethernet header:
|
|
VLANs, if any, must be removed first.
|
|
.TP
|
|
.B push_eth
|
|
Ethernet header encapsulation mode. The Ethertype is automatically set
|
|
using the network header type. Chaining Ethernet headers is not allowed: the
|
|
packet must have no MAC header when using this mode. Requires the
|
|
.BR "dst_mac " and " src_mac " options.
|
|
.TP
|
|
.BI id " VLANID"
|
|
Specify the VLAN ID to encapsulate into.
|
|
.I VLANID
|
|
is an unsigned 16bit integer, the format is detected automatically (e.g. prefix
|
|
with
|
|
.RB ' 0x '
|
|
for hexadecimal interpretation, etc.).
|
|
.TP
|
|
.BI protocol " VLANPROTO"
|
|
Choose the VLAN protocol to use. At the time of writing, the kernel accepts only
|
|
.BR 802.1Q " or " 802.1ad .
|
|
.TP
|
|
.BI priority " VLANPRIO"
|
|
Choose the VLAN priority to use. Decimal number in range of 0-7.
|
|
.TP
|
|
.BI dst_mac " LLADDR"
|
|
Choose the destination MAC address to use.
|
|
.TP
|
|
.BI src_mac " LLADDR"
|
|
Choose the source MAC address to use.
|
|
.TP
|
|
.I CONTROL
|
|
How to continue after executing this action.
|
|
.RS
|
|
.TP
|
|
.B reclassify
|
|
Restarts classification by jumping back to the first filter attached to this
|
|
action's parent.
|
|
.TP
|
|
.B pipe
|
|
Continue with the next action, this is the default.
|
|
.TP
|
|
.B drop
|
|
Packet will be dropped without running further actions.
|
|
.TP
|
|
.B continue
|
|
Continue classification with next filter in line.
|
|
.TP
|
|
.B pass
|
|
Return to calling qdisc for packet processing. This ends the classification
|
|
process.
|
|
.RE
|
|
.SH EXAMPLES
|
|
The following example encapsulates incoming ICMP packets on eth0 from 10.0.0.2
|
|
into VLAN ID 123:
|
|
|
|
.RS
|
|
.EX
|
|
#tc qdisc add dev eth0 handle ffff: ingress
|
|
#tc filter add dev eth0 parent ffff: pref 11 protocol ip \\
|
|
u32 match ip protocol 1 0xff flowid 1:1 \\
|
|
match ip src 10.0.0.2 flowid 1:1 \\
|
|
action vlan push id 123
|
|
.EE
|
|
.RE
|
|
|
|
Here is an example of the
|
|
.B pop
|
|
function: Incoming VLAN packets on eth0 are decapsulated and the classification
|
|
process then restarted for the plain packet:
|
|
|
|
.RS
|
|
.EX
|
|
#tc qdisc add dev eth0 handle ffff: ingress
|
|
#tc filter add dev $ETH parent ffff: pref 1 protocol 802.1Q \\
|
|
u32 match u32 0 0 flowid 1:1 \\
|
|
action vlan pop reclassify
|
|
.EE
|
|
.RE
|
|
|
|
For an example of the
|
|
.BR pop_eth " and " push_eth " modes, see " tc-mpls (8).
|
|
|
|
.SH SEE ALSO
|
|
.BR tc "(8), " tc-mpls (8)
|