Re: [PATCH iproute2-next v2] ip-link: add support for nolocalbypass in vxlan

[Ido Schimmel <idosch@idosch.org>]

On Tue, May 16, 2023 at 10:04:57PM +0800, Vladimir Nikishkin wrote:
> Add userspace support for the [no]localbypass vxlan netlink
> attribute. With localbypass on (default), the vxlan driver processes
> the packets destined to the local machine by itself, bypassing the
> nework stack. With nolocalbypass the packets are always forwarded to
> the userspace network stack, so usepspace programs, such as tcpdump

s/usepspace/userspace/

> have a chance to process them.
> 
> Signed-off-by: Vladimir Nikishkin <vladimir@nikishkin.pw>
> ---
> v2: this patch matches commit 69474a8a5837be63f13c6f60a7d622b98ed5c539
> in the main tree.
> 
>  ip/iplink_vxlan.c     | 19 +++++++++++++++++++
>  man/man8/ip-link.8.in | 10 ++++++++++
>  2 files changed, 29 insertions(+)
> 
> diff --git a/ip/iplink_vxlan.c b/ip/iplink_vxlan.c
> index c7e0e1c4..98fbc65c 100644
> --- a/ip/iplink_vxlan.c
> +++ b/ip/iplink_vxlan.c
> @@ -45,6 +45,7 @@ static void print_explain(FILE *f)
>  		"		[ [no]remcsumtx ] [ [no]remcsumrx ]\n"
>  		"		[ [no]external ] [ gbp ] [ gpe ]\n"
>  		"		[ [no]vnifilter ]\n"
> +		"		[ [no]localbypass ]\n"
>  		"\n"
>  		"Where:	VNI	:= 0-16777215\n"
>  		"	ADDR	:= { IP_ADDRESS | any }\n"
> @@ -276,6 +277,12 @@ static int vxlan_parse_opt(struct link_util *lu, int argc, char **argv,
>  		} else if (!matches(*argv, "noudpcsum")) {
>  			check_duparg(&attrs, IFLA_VXLAN_UDP_CSUM, *argv, *argv);
>  			addattr8(n, 1024, IFLA_VXLAN_UDP_CSUM, 0);
> +		} else if (0 == strcmp(*argv, "localbypass")) {

To be consistent with other strcmp() instances in this file, please
either use '!strcmp()' or 'strcmp() == 0'

> +			check_duparg(&attrs, IFLA_VXLAN_LOCALBYPASS, *argv, *argv);

Make this fit in 80 chars like other options

> +			addattr8(n, 1024, IFLA_VXLAN_LOCALBYPASS, 1);
> +		} else if (0 == strcmp(*argv, "nolocalbypass")) {
> +			check_duparg(&attrs, IFLA_VXLAN_LOCALBYPASS, *argv, *argv);

Likewise

> +			addattr8(n, 1024, IFLA_VXLAN_LOCALBYPASS, 0);
>  		} else if (!matches(*argv, "udp6zerocsumtx")) {
>  			check_duparg(&attrs, IFLA_VXLAN_UDP_ZERO_CSUM6_TX,
>  				     *argv, *argv);
> @@ -613,6 +620,18 @@ static void vxlan_print_opt(struct link_util *lu, FILE *f, struct rtattr *tb[])
>  		}
>  	}
>  
> +	if (tb[IFLA_VXLAN_LOCALBYPASS]) {
> +		__u8 localbypass = rta_getattr_u8(tb[IFLA_VXLAN_LOCALBYPASS]);
> +
> +		if (is_json_context()) {
> +			print_bool(PRINT_ANY, "localbypass", NULL, localbypass);
> +		} else {
> +			if (!localbypass)
> +				fputs("no", f);
> +			fputs("localbypass ", f);
> +		}
> +	}
> +
>  	if (tb[IFLA_VXLAN_UDP_ZERO_CSUM6_TX]) {
>  		__u8 csum6 = rta_getattr_u8(tb[IFLA_VXLAN_UDP_ZERO_CSUM6_TX]);
>  
> diff --git a/man/man8/ip-link.8.in b/man/man8/ip-link.8.in
> index bf3605a9..e53efc45 100644
> --- a/man/man8/ip-link.8.in
> +++ b/man/man8/ip-link.8.in
> @@ -630,6 +630,8 @@ the following additional arguments are supported:
>  ] [
>  .RB [ no ] udpcsum
>  ] [
> +.RB [ no ] localbypass
> +] [
>  .RB [ no ] udp6zerocsumtx
>  ] [
>  .RB [ no ] udp6zerocsumrx
> @@ -734,6 +736,14 @@ are entered into the VXLAN device forwarding database.
>  .RB [ no ] udpcsum
>  - specifies if UDP checksum is calculated for transmitted packets over IPv4.
>  
> +.sp
> +.RB [ no ] localbypass
> +- if fdb destination is local, with nolocalbypass set, forward packets

s/fdb/FDB/

forward encapsulated packets

> +to the userspace network stack. If there is a userspace process
> +listening for these packets, it will have a chance to process them.
> +If localbypass is active (default), bypass the network stack and

bypass the kernel network stack (since you mentioned "userspace network
stack" earlier)

> +inject the packet into the driver directly.

inject the packets to the target VXLAN device, assuming one exists.


> +
>  .sp
>  .RB [ no ] udp6zerocsumtx
>  - skip UDP checksum calculation for transmitted packets over IPv6.
> -- 
> 2.35.8
> 
> --
> Fastmail.
> 
>