From: William Tu <u9012063@gmail.com>
To: netdev@vger.kernel.org
Subject: [PATCH net-next] gre: introduce native tunnel support for ERSPAN
Date: Wed, 9 Aug 2017 13:22:36 -0700 [thread overview]
Message-ID: <1502310157-7827-1-git-send-email-u9012063@gmail.com> (raw)
The patch adds ERSPAN type II tunnel support. The implementation
is based on the draft at [1]. One of the purposes is for Linux
box to be able to receive ERSPAN monitoring traffic sent from
the Cisco switch, by creating a ERSPAN tunnel device.
In addition, the patch also adds ERSPAN TX, so traffic can
also be encapsulated into ERSPAN and sent out.
The implementation reuses tunnel key as ERSPAN session ID, and
field 'erspan' as ERSPAN Index fields:
./ip link add dev ers11 type erspan seq key 100 erspan 123 \
local 172.16.1.200 remote 172.16.1.100
[1] https://tools.ietf.org/html/draft-foschiano-erspan-01
The change to the iproute2 will be submitted in a separate patch.
I use the following script to create end-to-end ERSPAN tunnel test.
#!/bin/bash
# In the namespace NS0, create veth0 and erspan00
# Out of the namespace, create veth1 and erspan11
# Ping in and out of namespace using ERSPAN protocol
# Namespace0:
# - erspan00
# IP: 10.1.1.100
# local 192.16.1.100 remote 192.16.1.200
# - veth0
# IP: 172.16.1.100
# Out of namespace:
# - erspan11
# IP: 10.1.1.200
# local 172.16.1.200 remote 172.16.1.100
# - veth1
# IP: 172.16.1.200
set -ex
TYPE=erspan
DEV_NS=erspan00
DEV=erspan11
cleanup() {
set +ex
ip netns del ns0
ip link del erspan11
ip link del veth1
}
trap cleanup 0 2 3 9
ip netns add ns0
ip link add veth0 type veth peer name veth1
ip link set veth0 netns ns0
ip netns exec ns0 ip addr add 172.16.1.100/24 dev veth0
ip netns exec ns0 ip link set dev veth0 up
# Tunnel
ip netns exec ns0 ip link add dev $DEV_NS type $TYPE \
key 1 seq local 172.16.1.100 remote 172.16.1.200 erspan 123
ip netns exec ns0 ip addr add dev $DEV_NS 10.1.1.100/24
ip netns exec ns0 ip link set dev $DEV_NS up
# Linux
ip link set dev veth1 up
ip addr add dev veth1 172.16.1.200/24
ip link add dev $DEV type $TYPE seq key 1 \
local 172.16.1.200 remote 172.16.1.100 erspan 123
ip addr add dev $DEV 10.1.1.200/24
ip link set dev $DEV up
# Ping from NS0
ip netns exec ns0 ping -c 3 10.1.1.200
ping -c 3 10.1.1.100
exit 0
# End
Thanks a lot!
William Tu (1):
gre: introduce native tunnel support for ERSPAN
include/net/ip_tunnels.h | 3 +
include/uapi/linux/if_ether.h | 1 +
include/uapi/linux/if_tunnel.h | 1 +
net/ipv4/ip_gre.c | 248 +++++++++++++++++++++++++++++++++++++++++
4 files changed, 253 insertions(+)
--
2.7.4
next reply other threads:[~2017-08-09 20:23 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-08-09 20:22 William Tu [this message]
2017-08-09 20:22 ` [PATCH net-next] gre: introduce native tunnel support for ERSPAN William Tu
2017-08-11 13:54 ` kbuild test robot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1502310157-7827-1-git-send-email-u9012063@gmail.com \
--to=u9012063@gmail.com \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).