From: Ido Schimmel <idosch@nvidia.com>
To: netdev@vger.kernel.org
Cc: dsahern@gmail.com, stephen@networkplumber.org,
razor@blackwall.org, liuhangbin@gmail.com,
Ido Schimmel <idosch@nvidia.com>
Subject: [PATCH iproute2-next 1/2] bridge: vlan: Add support for neigh_suppress option
Date: Mon, 24 Apr 2023 19:09:50 +0300 [thread overview]
Message-ID: <20230424160951.232878-2-idosch@nvidia.com> (raw)
In-Reply-To: <20230424160951.232878-1-idosch@nvidia.com>
Add support for the per-VLAN neigh_suppress option. Example:
# bridge vlan set vid 10 dev swp1 neigh_suppress on
# bridge -d -j -p vlan show dev swp1 vid 10
[ {
"ifname": "swp1",
"vlans": [ {
"vlan": 10,
"state": "forwarding",
"mcast_router": 1,
"neigh_suppress": true
} ]
} ]
# bridge -d vlan show dev swp1 vid 10
port vlan-id
swp1 10
state forwarding mcast_router 1 neigh_suppress on
# bridge vlan set vid 10 dev swp1 neigh_suppress off
# bridge -d -j -p vlan show dev swp1 vid 10
[ {
"ifname": "swp1",
"vlans": [ {
"vlan": 10,
"state": "forwarding",
"mcast_router": 1,
"neigh_suppress": false
} ]
} ]
# bridge -d vlan show dev swp1 vid 10
port vlan-id
swp1 10
state forwarding mcast_router 1 neigh_suppress off
Signed-off-by: Ido Schimmel <idosch@nvidia.com>
---
bridge/vlan.c | 18 ++++++++++++++++++
man/man8/bridge.8 | 11 ++++++++++-
2 files changed, 28 insertions(+), 1 deletion(-)
diff --git a/bridge/vlan.c b/bridge/vlan.c
index 44e1ba39f01d..5b304ea94224 100644
--- a/bridge/vlan.c
+++ b/bridge/vlan.c
@@ -38,6 +38,7 @@ static void usage(void)
" bridge vlan { set } vid VLAN_ID dev DEV [ state STP_STATE ]\n"
" [ mcast_router MULTICAST_ROUTER ]\n"
" [ mcast_max_groups MAX_GROUPS ]\n"
+ " [ neigh_suppress {on | off} ]\n"
" bridge vlan { show } [ dev DEV ] [ vid VLAN_ID ]\n"
" bridge vlan { tunnelshow } [ dev DEV ] [ vid VLAN_ID ]\n"
" bridge vlan global { set } vid VLAN_ID dev DEV\n"
@@ -354,6 +355,18 @@ static int vlan_option_set(int argc, char **argv)
addattr32(&req.n, sizeof(req),
BRIDGE_VLANDB_ENTRY_MCAST_MAX_GROUPS,
max_groups);
+ } else if (strcmp(*argv, "neigh_suppress") == 0) {
+ bool neigh_suppress;
+ int ret;
+
+ NEXT_ARG();
+ neigh_suppress = parse_on_off("neigh_suppress", *argv,
+ &ret);
+ if (ret)
+ return ret;
+ addattr8(&req.n, sizeof(req),
+ BRIDGE_VLANDB_ENTRY_NEIGH_SUPPRESS,
+ neigh_suppress);
} else {
if (matches(*argv, "help") == 0)
NEXT_ARG();
@@ -1041,6 +1054,11 @@ static void print_vlan_opts(struct rtattr *a, int ifindex)
print_uint(PRINT_ANY, "mcast_max_groups", "mcast_max_groups %u ",
rta_getattr_u32(vattr));
}
+ if (vtb[BRIDGE_VLANDB_ENTRY_NEIGH_SUPPRESS]) {
+ vattr = vtb[BRIDGE_VLANDB_ENTRY_NEIGH_SUPPRESS];
+ print_on_off(PRINT_ANY, "neigh_suppress", "neigh_suppress %s ",
+ rta_getattr_u8(vattr));
+ }
print_nl();
if (show_stats)
__print_one_vlan_stats(&vstats);
diff --git a/man/man8/bridge.8 b/man/man8/bridge.8
index 4006ad23ea74..3bda6dbd61d0 100644
--- a/man/man8/bridge.8
+++ b/man/man8/bridge.8
@@ -184,7 +184,8 @@ bridge \- show / manipulate bridge addresses and devices
.B mcast_max_groups
.IR MAX_GROUPS " ] [ "
.B mcast_router
-.IR MULTICAST_ROUTER " ]"
+.IR MULTICAST_ROUTER " ] [ "
+.BR neigh_suppress " { " on " | " off " } ]"
.ti -8
.BR "bridge vlan" " [ " show " | " tunnelshow " ] [ "
@@ -1204,6 +1205,14 @@ may be either
enable multicast traffic forwarding. This mode is available only for ports.
.sp
+.TP
+.BR "neigh_suppress on " or " neigh_suppress off "
+Controls whether neigh discovery (arp and nd) proxy and suppression is enabled
+for a given VLAN on a given port. By default this flag is off.
+
+Note that this option only takes effect when \fBbridge link\fR option
+\fBneigh_vlan_suppress\fR is enabled for a given port.
+
.SS bridge vlan show - list vlan configuration.
This command displays the current VLAN filter table.
--
2.40.0
next prev parent reply other threads:[~2023-04-24 16:10 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-04-24 16:09 [PATCH iproute2-next 0/2] bridge: Add support for per-{Port, VLAN} neighbor suppression Ido Schimmel
2023-04-24 16:09 ` Ido Schimmel [this message]
2023-04-25 6:47 ` [PATCH iproute2-next 1/2] bridge: vlan: Add support for neigh_suppress option Nikolay Aleksandrov
2023-04-24 16:09 ` [PATCH iproute2-next 2/2] bridge: link: Add support for neigh_vlan_suppress option Ido Schimmel
2023-04-25 6:48 ` Nikolay Aleksandrov
2023-04-25 15:00 ` [PATCH iproute2-next 0/2] bridge: Add support for per-{Port, VLAN} neighbor suppression patchwork-bot+netdevbpf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230424160951.232878-2-idosch@nvidia.com \
--to=idosch@nvidia.com \
--cc=dsahern@gmail.com \
--cc=liuhangbin@gmail.com \
--cc=netdev@vger.kernel.org \
--cc=razor@blackwall.org \
--cc=stephen@networkplumber.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).