From owner-freebsd-bugs@freebsd.org Thu Sep 19 13:02:29 2019 Return-Path: Delivered-To: freebsd-bugs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id B279C122E82 for ; Thu, 19 Sep 2019 13:02:29 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 46YxpF4Mqhz3DJy for ; Thu, 19 Sep 2019 13:02:29 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 95ED9122E81; Thu, 19 Sep 2019 13:02:29 +0000 (UTC) Delivered-To: bugs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 95B15122E80 for ; Thu, 19 Sep 2019 13:02:29 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 46YxpF3VTVz3DJx for ; Thu, 19 Sep 2019 13:02:29 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 5CBADDDD9 for ; Thu, 19 Sep 2019 13:02:29 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id x8JD2TKE013142 for ; Thu, 19 Sep 2019 13:02:29 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id x8JD2Tdb013141 for bugs@FreeBSD.org; Thu, 19 Sep 2019 13:02:29 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 240685] netgraph/ng_vlan_rotate: IEEE 802.1ad VLAN manipulation netgraph node type (new type) Date: Thu, 19 Sep 2019 13:02:29 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 12.0-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: lutz@donnerhacke.de X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Sep 2019 13:02:29 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D240685 --- Comment #1 from lutz@donnerhacke.de --- For the sake of reasoning I'll provide the formatted man page as a comment: NG_VLAN_ROTATE(4) FreeBSD Kernel Interfaces Manual NG_VLAN_ROTATE= (4) NAME ng_vlan_rotate - IEEE 802.1ad VLAN manipulation netgraph node type SYNOPSIS #include #include #include DESCRIPTION The vlan_rotate node type manipulates the order of VLAN tags of frames tagged according to the IEEE 802.1ad (an extension of IEEE 802.1Q) standard between different hooks. Each node has four special hooks, original, ordered, excessive, and incomplete. A frame tagged with an arbitrary number of ETHERTYPE_VLAN, ETHERTYPE_QINQ, and 0x9100 tags received on the original hook will be rearranged to a new order of those tags and is sent out the "ordered" hook. After successful processing the histogram counter for the obser= ved stack size increments. If it contains fewer VLANs in the stack, than the configured min limit, the frame is send out to the incomplete hook and the incomplete counter increments. If it contains more VLANs in the stack, than the configured max limit, the frame is send out to the excessive hook and the excessive counter increments. If any destination hook is not connected, the frame is dropped and the drops counter increments. For Ethernet frames received on the ordered hook, the transformation is reversed and is passed to the original hook. Please note, that this process is identical to the one described above, besides the ordered/original hooks and the transformation are swapped. An Ethernet frame received on incomplede or excessive hook is forwarded to the original hook without any modification. This node supports only one operation at the moment: Rotation of the VLANs in the stack. Setting the configuration parameter rot to a posit= ive value, the stack will roll up by this amount. Negative values will roll down. A typical scenario is setting the value to 1 in order to bring t= he innermost VLAN tag to the outmost level. Rotation includes the VLAN id and the ethertype, but the QOS paramenters pcp and cfi stay in place. Typical QOS handling refers to the outmost setting, so this scheme kee= ps QOS intact. HOOKS This node type supports the following hooks: original Typically this hook would be connected to a ng_ether(4) no= de, using the lower hook connected to a carrier network. ordered Typically this hook would be connected to a ng_vlan(4) type node using the downstream hook in order to seperate servic= es. excessive see below. incomplete Typically those hooks would be attached to an ng_eiface(4) type node using the ether hook for anomaly monitoring purposes. CONTROL MESSAGES This node type supports the generic control messages, plus the followi= ng: NGM_VLANROTATE_GET_CONF (getconf) Read the current configuration. NGM_VLANROTATE_SET_CONF (setconf) Set the current configuration. NGM_VLANROTATE_GET_STAT (getstat) Read the current statistics. NGM_VLANROTATE_CLR_STAT (clrstat) Zeroize the statistics. NGM_VLANROTATE_GETCLR_STAT (getclrstat) Read the current statistics and zeroize it in one step. EXAMPLES The first example demonstrates how to rotate double or triple tagged frames so, that the innermost C-VLAN can be used as service discriminator. The single or double tagged frames (C-VLAN removed) are send out the an interface pointing to different infrastucture. #!/bin/sh BNG_IF=3Dixl3 VOIP_IF=3Dbge2 ngctl -f- < 00:01:02:03:04:05, ethertype 802.1Q-9100 (0x9100), length 110: vlan 2, p 1, ethertype 802.1Q-QinQ, vlan 101, p 0, ethertype 802.1Q, vlan 123, p 7, ethertype IPv4, (tos 0x0, ttl 64, id 15994, offset 0, flags [none], proto ICMP (1), length 84) 192.168.140.101 > 192.168.140.1: ICMP echo request, id 40234, seq 0, length 64 The frame ejected on the ordered hook will look like this: 00:00:00:00:01:01 > 00:01:02:03:04:05, ethertype 802.1Q (0x8100), length 110: vlan 123, p 1, ethertype 802.1Q-9100, vlan 2, p 0, ethertype 802.1Q-QinQ, vlan 101, p 7, ethertype IPv4, (tos 0x0, ttl 64, id 15994, offset 0, flags [none], proto ICMP (1), length 84) 192.168.140.101 > 192.168.140.1: ICMP echo request, id 40234, seq 0, length 64 Hence the frame pushed out to the VOIP_IF will have this form: 00:00:00:00:01:01 > 00:01:02:03:04:05, ethertype 802.1Q-9100, vlan 2, p 0, ethertype 802.1Q-QinQ, vlan 101, p 7, ethertype IPv4, (tos 0x0, ttl 64, id 15994, offset 0, flags [none], proto ICMP (1), length 84) 192.168.140.101 > 192.168.140.1: ICMP echo request, id 40234, seq 0, length 64 The second example distinguish between double tagged and single tagged frames. Frames with more VLAN tags are dropped. #!/bin/sh IN_IF=3Dbge1 ngctl -f- < --=20 You are receiving this mail because: You are the assignee for the bug.=