On Thu, 2024-05-09 at 16:53 +0100, Andrew Cooper wrote: > On 08/05/2024 10:38 pm, Leigh Brown wrote: > > Hello all, > > > > I realised over the weekend that there is a valid use case for > > providing > > a VIF to a domain that has access to multiple VLANs, e.g. a router. > > Yes, > > you can create a VIF per VLAN, but if you start having several > > VLANs (as > > I do), it would be nicer to create a single interface that has > > access to > > all the relevant VLANs (e.g. enX0.10, enX0.20, etc.). > > > > So, version 2 changes the name and type of the parameter from an > > integer > > called `vid' to a string called `vlan'. The vlan parameter is then > > parsed by the vif-bridge script (actually, the functions called by > > it in > > xen-network-common.sh). > > > > As it quite a common practice to allocate VLANs in round numbers, I > > also > > implemented the ability to specify contiguous or non-contiguous > > ranges. > > You can specify whether a VLAN is tagged or untagged, and which > > VLAN is > > the PVID (only one PVID is allowed). For example, > > > > vif = [ 'mac=xx:xx:xx:xx:xx:xx, bridge=br0, vlan=10p/20-29' ] > > > > will setup the VIF so that 10 is the PVID and VLAN IDs 20 through > > 29 > > are permitted with tags. Another example: > > > > vif = [ 'mac=xx:xx:xx:xx:xx:xx, bridge=br0, vlan=1p/10+10x9' ] > > > > will setup the bridge to set 1 as the PVID and permit access with > > tags for VLAN IDs 10, 20, 30, 40, 50, 60, 70, 80 and 90. > > > > This patch set enables this capability as follows: > > > > 1. Adds `vlan' as a new member of the libxl_device_nic structure; > > 2. Adds support to read and write the vlan parameter from the > > xenstore; > > 3. Adds `vlan' as a new keyword for the vif configuration option; > > 4. Adds support to assign the bridge VLANs in the Linux hotplug > > scripts; > > 5. Updated xl-network-configuration(5) manpage and example configs. > > > > Original blurb below: > > > > For many years I have been configuring VLANs on my Linux Dom0 by > > creating VLAN interfaces for each VLAN I wanted to connect a domain > > to and then a corresponding bridge. So I would tend to have things > > like: > > > > enp0s0 -> br0 -> vif1, vif2 > > enp0s0.10 -> br0vl10 -> vif3, vif4 > > enp0s0.20 -> br0vl20 -> vif5 > > dummy0 -> br1 -> vif6 > > > > I recently discovered that iproute2 supports creating bridge VLANs > > that > > allows you to assign a VLAN to each of the interfaces associated to > > a > > bridge. This allows a greatly simplified configuration where a > > single > > bridge can support all the domains, and the iproute2 bridge command > > can > > assign each VIF to the required VLAN. This looks like this: > > > > # bridge vlan > > port vlan-id > > enp0s0 1 PVID Egress Untagged > > 10 > > 20 > > br0 1 PVID Egress Untagged > > vif1.0 1 PVID Egress Untagged > > vif2.0 1 PVID Egress Untagged > > vif3.0 10 PVID Egress Untagged > > vif4.0 10 PVID Egress Untagged > > vif5.0 20 PVID Egress Untagged > > vif6.0 30 PVID Egress Untagged > > > > This patch set enables this capability as follows: > > > > 1. Adds `vid' as a new member of the libxl_device_nic structure; > > 2. Adds support to read and write vid from the xenstore; > > 3. Adds `vid' as a new keyword for the vif configuration option; > > 4. Adds support for assign the bridge VLAN in the Linux hotplug > > scripts. > > > > I don't believe NetBSD or FreeBSD support this capability, but if > > they > > do please point me in the direction of some documentation and/or > > examples. > > > > NB: I'm not very familiar with Xen code base so may have missed > > something important, although I have tested it and it is working > > well > > for me. > > > > Cheers, > > > > Leigh. > > > > > > Leigh Brown (5): > > tools/libs/light: Add vlan field to libxl_device_nic > > tools/xl: add vlan keyword to vif option > > tools/hotplug/Linux: Add bridge VLAN support > > docs/man: document VIF vlan keyword > > tools/examples: Example Linux bridge VLAN config > > > > docs/man/xl-network-configuration.5.pod.in | 38 ++++++ > > tools/examples/linux-bridge-vlan/README | 68 +++++++++++ > > tools/examples/linux-bridge-vlan/br0.netdev | 7 ++ > > tools/examples/linux-bridge-vlan/br0.network | 8 ++ > > .../examples/linux-bridge-vlan/enp0s0.network | 16 +++ > > tools/hotplug/Linux/xen-network-common.sh | 111 > > ++++++++++++++++++ > > tools/libs/light/libxl_nic.c | 10 ++ > > tools/libs/light/libxl_types.idl | 1 + > > tools/xl/xl_parse.c | 2 + > > 9 files changed, 261 insertions(+) > > create mode 100644 tools/examples/linux-bridge-vlan/README > > create mode 100644 tools/examples/linux-bridge-vlan/br0.netdev > > create mode 100644 tools/examples/linux-bridge-vlan/br0.network > > create mode 100644 tools/examples/linux-bridge-vlan/enp0s0.network > > > > This is past the last-post date, so Oleksii will need to decide > whether > he's happy to make an exception for it. We also have Feature Freeze this week. But if maintainers think they have additional/enough time for reviewing this patch series then we can consider to have in Xen 4.19.
~ Oleksii > > Anthony is OoO for a month now, so if this is to get in for 4.19, > then > it will need reviewing by others. I've CC'd a few plausible > candidates... > > ~Andrew
