From: David S. Miller Date: Tue, 27 Feb 2018 19:46:28 +0000 (-0500) Subject: Merge branch 'mlxsw-Offloading-encapsulated-SPAN' X-Git-Tag: v4.17-rc1~148^2~345 X-Git-Url: https://asedeno.scripts.mit.edu/gitweb/?a=commitdiff_plain;h=431c7ec3b3bac0136c61dd38814d51519db6eee6;p=linux.git Merge branch 'mlxsw-Offloading-encapsulated-SPAN' Jiri Pirko says: ==================== mlxsw: Offloading encapsulated SPAN Petr says: This patch series introduces support for mirroring with GRE encapsulation. It offloads tc action mirred mirror from a mlxsw port to either a gretap or an ip6gretap netdevice. Spectrum hardware needs to know all the details of the requested encapsulation: source and destination MAC and IP addresses, details of VLAN tagging, etc. The only variables are the encapsulated packet itself, and TOS field, which may be inherited. To that end, mlxsw driver resolves the route that encapsulated packets would take, queries the corresponding neighbor, and with that configuration in hand, configures the mirroring in the hardware. The driver also hooks into event handlers for netdevice changes, FIB and neighbor events, and reconsiders the configuration on each such change. When the new configuration differs from the currently-offloaded one, the existing offload is removed and replaced with a new one. It is possible to mirror to {ip6,}gretap from a matchall rule as well as from a flower match. ** Note that with this patch set, mlxsw build depends on NET_IPGRE and IPV6_GRE. Current limitations: - There has to be a route that directs packets to an mlxsw port. We intend to extend the logic to support other netdevice types in the future, but the eventual egress netdevice will have to be an mlxsw port in any case. - Offload reconfiguration due to changes in netdevice configuration creates a window of time where packets are not mirrored. Under some circumstances this can be prevented by configuring an unused port analyzer and migrating mirrors over to that. However that's currently not implemented. - Remote address of a tunnel device needs to be set, there may not be a GRE key, checksumming or sequence numbers, and TTL needs to be fixed (non-inherit). These are hard requirements imposed by the underlying hardware. - TOS of a tunnel device needs to be "inherit". The hardware supports a fixed TOS, but that's currently not implemented. The series start with two patches, #1 and #2, that publish one function and add support for querying IPv6 tunnel parameters. In patches #3 and #4, we introduce helpers to GRE and tunneling code that we will use later in the patchset from the SPAN code. Patches #5 and #6 introduce support for encapsulated SPAN in reg.h. The following seven patches, #7-#13, then prepare the SPAN codebase for introduction of mirroring to netdevices that don't correspond to front panel ports. Then #14 and #15 pull all this together to implement mirroring to {ip6,}gretap netdevices. ==================== Signed-off-by: David S. Miller --- 431c7ec3b3bac0136c61dd38814d51519db6eee6