[ovs-dev] [PATCH v2] vswitch: Allow user to set Ethernet address of any internal interface.

Ian Campbell Ian.Campbell at citrix.com
Mon Oct 12 14:59:59 UTC 2009


On Sat, 2009-10-03 at 01:16 +0100, Ben Pfaff wrote:
> Until now the vswitch configuration file has allowed the user to configure
> the MAC address on bridge local ports only.  This commit adds the ability
> to configure them on any internal interface.

I'm not sure if it is a consequence of this patch or not but I don't
seem to be able to control the MAC address of the bond fake device at
the moment. Currently interface-reconfigure adds "port.bond0.mac" and
I've tried adding "iface.bond0.mac" as well but the bond0 device still
has a MAC in the 00:23:20 space.

The bond device doesn't generate any traffic so I guess this a mostly
cosmetic.

Ian.

> 
> It would be logical to extend this to any bridge port, period, but many
> network devices must be brought down before their Ethernet addresses may be
> changed.  Bringing a network interface down and then back up can reset a
> lot of state, so as we don't actually need the ability to change any bridge
> port's MAC address yet this commit does not implement it.
> 
> CC: Ian Campbell <Ian.Campbell at citrix.com>
> ---
>  vswitchd/bridge.c               |   36 ++++++++++++++
>  vswitchd/ovs-vswitchd.conf.5.in |  103 +++++++++++++++++++++++++++++++--------
>  2 files changed, 119 insertions(+), 20 deletions(-)
> 
> diff --git a/vswitchd/bridge.c b/vswitchd/bridge.c
> index 2d788ae..36be700 100644
> --- a/vswitchd/bridge.c
> +++ b/vswitchd/bridge.c
> @@ -243,6 +243,7 @@ static struct iface *iface_lookup(const struct bridge *, const char *name);
>  static struct iface *iface_from_dp_ifidx(const struct bridge *,
>                                           uint16_t dp_ifidx);
>  static bool iface_is_internal(const struct bridge *, const char *name);
> +static void iface_set_mac(struct iface *);
>  
>  /* Hooks into ofproto processing. */
>  static struct ofhooks bridge_ofhooks;
> @@ -585,7 +586,16 @@ bridge_reconfigure(void)
>      LIST_FOR_EACH (br, struct bridge, node, &all_bridges) {
>          for (i = 0; i < br->n_ports; i++) {
>              struct port *port = br->ports[i];
> +
>              port_update_vlan_compat(port);
> +
> +            for (j = 0; j < port->n_ifaces; j++) {
> +                struct iface *iface = port->ifaces[j];
> +                if (iface->dp_ifidx != ODPP_LOCAL
> +                    && iface_is_internal(br, iface->name)) {
> +                    iface_set_mac(iface);
> +                }
> +            }
>          }
>      }
>      LIST_FOR_EACH (br, struct bridge, node, &all_bridges) {
> @@ -3135,6 +3145,32 @@ iface_is_internal(const struct bridge *br, const char *iface)
>  
>      return false;
>  }
> +
> +/* Set Ethernet address of 'iface', if one is specified in the configuration
> + * file. */
> +static void
> +iface_set_mac(struct iface *iface)
> +{
> +    uint64_t mac = cfg_get_mac(0, "iface.%s.mac", iface->name);
> +    if (mac) {
> +        static uint8_t ea[ETH_ADDR_LEN];
> +
> +        eth_addr_from_uint64(mac, ea);
> +        if (eth_addr_is_multicast(ea)) {
> +            VLOG_ERR("interface %s: cannot set MAC to multicast address",
> +                     iface->name);
> +        } else if (iface->dp_ifidx == ODPP_LOCAL) {
> +            VLOG_ERR("ignoring iface.%s.mac; use bridge.%s.mac instead",
> +                     iface->name, iface->name);
> +        } else {
> +            int error = netdev_nodev_set_etheraddr(iface->name, ea);
> +            if (error) {
> +                VLOG_ERR("interface %s: setting MAC failed (%s)",
> +                         iface->name, strerror(error));
> +            }
> +        }
> +    }
> +}
>  
>  /* Port mirroring. */
>  
> diff --git a/vswitchd/ovs-vswitchd.conf.5.in b/vswitchd/ovs-vswitchd.conf.5.in
> index e1c12f1..7f989b4 100644
> --- a/vswitchd/ovs-vswitchd.conf.5.in
> +++ b/vswitchd/ovs-vswitchd.conf.5.in
> @@ -22,10 +22,73 @@
>  ovs\-vswitchd.conf \- configuration file for \fBovs\-vswitchd\fR
>  .
>  .SH DESCRIPTION
> -This manual page describes the syntax for the configuration file used 
> -by \fBovs\-vswitchd\fR(8), the virtual switch daemon.
> -.PP
> -The configuration file is based on key-value pairs, which are given
> +This manual page explains how to configure \fBovs\-vswitchd\fR, the
> +Open vSwitch virtual switch daemon.  Refer to \fBovs\-vswitchd\fR(8)
> +for instructions on how to start, stop, and control the virtual switch
> +daemon and for an overview of its features.
> +.SS "Overview"
> +\fBovs\-vswitchd\fR configuration is hierarchical.
> +.ST "Global Configuration"
> +A few aspects of configuration apply to the entire \fBovs\-vswitchd\fR
> +process:
> +.IP \(bu
> +Remote management (see \fBRemote Management\fR below).
> +.IP \(bu
> +SSL key and certificate configuration (see \fBSSL Configuration\fR
> +below).
> +.ST "Bridge Configuration"
> +\fBovs\-vswitchd\fR manages one or more ``bridges.''  A bridge is,
> +conceptually, an Ethernet switch.  Properties configurable at the
> +bridge level include:
> +.
> +.IP \(bu
> +The set of bridge ports (see \fBBridge Configuration\fR below).
> +.IP \(bu
> +Mirroring of packets across ports and VLANs (see \fBPort mirroring
> +(SPAN and RSPAN)\fR below).
> +.IP \(bu
> +Flow logging via NetFlow (see \fBNetFlow v5 Flow Logging\fR below).
> +.IP \(bu
> +Connectivity to an OpenFlow controller (see \fBOpenFlow Controller
> +Connectivity\fR below).
> +.IP \(bu
> +Addresses on which to listen for OpenFlow management connections (see
> +\fBOpenFlow Management Connections\fR below) or for snooping on the
> +connection to the primary OpenFlow controller (see \fBOpenFlow
> +Controller Connection Snooping\fR below).
> +.PP
> +.ST "Port Configuration"
> +Each bridge has one or more ``ports.''  The main configurable property
> +of a port is its 802.1Q VLAN configuration (see \fB802.1Q VLAN
> +support\fR below).
> +.PP
> +Most commonly, a port has exactly one ``interface.''  Such a port
> +logically corresponds to a port on a physical Ethernet switch.
> +.PP
> +A port that has more than one interface is a ``bonded port.''  Bonding
> +allows for load balancing and fail-over (see \fBNetwork Device
> +Bonding\fR below).
> +.ST "Interface Configuration"
> +There are two different kinds of interfaces:
> +.IP "``external interfaces''"
> +These interfaces are ordinary network devices, e.g. \fBeth0\fR on
> +Linux.
> +.IP "``internal interfaces''"
> +These interfaces are simulated network device that sent and receive
> +traffic.  Every bridge has one internal interface called the ``local
> +interface'' and may also have additional internal interfaces.  It does
> +not make sense to bond an internal interface, so the terms ``port''
> +and ``interface'' are often used imprecisely for internal interfaces.
> +.PP
> +Interfaces have a few configurable properties of their own:
> +.IP \(bu
> +Ingress rate-limiting (see \fBInterface Rate-Limiting\fR below).
> +.IP \(bu
> +Ethernet address (internal interfaces only, see \fBBridge
> +Configuration\fR below).
> +.SS "Configuration File Syntax"
> +The \fBovs\-vswitchd\fR configuration file syntax is based on
> +key-value pairs, which are given
>  one per line in the form \fIkey\fB=\fIvalue\fR.  Each \fIkey\fR
>  consists of one or more parts separated by dots,
>  e.g. \fIpart1\fB.\fIpart2\fB.\fIpart3\fR.  Each \fIpart\fR may consist
> @@ -53,16 +116,16 @@ the names of its network devices as values for key
>  \fBbridge.\fIname\fB.port\fR.  (The specified \fIname\fR may not begin
>  with \fBdp\fR or \fBnl:\fR followed by a digit.)
>  .PP
> -The names given on \fBbridge.\fIname\fB.port\fR must be the names of
> -existing network devices, except for ``internal ports.''  An internal
> -port is a simulated network device that receives traffic only
> -through the virtual switch and switches any traffic sent it through
> -virtual switch.  An internal port may configured with an IP address,
> -etc. using the usual system tools (e.g. \fBifconfig\fR, \fBip\fR).  To
> -designate network device \fInetdev\fR as an internal port, add
> -\fBiface.\fInetdev\fB.internal=true\fR to the configuration file.
> -\fBovs\-vswitchd\fR will honor this configuration setting by automatically
> -creating the named internal port.
> +To designate network device \fInetdev\fR as an internal port, add
> +\fBiface.\fInetdev\fB.internal=true\fR to the configuration file,
> +which causes \fBovs\-vswitchd\fR to automatically creates
> +\fInetdev\fR, which may then be configured using the usual system
> +tools (e.g. \fBifconfig\fR, \fBip\fR).  An internal interface by
> +default has a random Ethernet address, but you may configure a
> +specific address by setting \fBiface.\fInetdev\fB.mac\fR to a MAC
> +address in the format
> +\fIxx\fB:\fIxx\fB:\fIxx\fB:\fIxx\fB:\fIxx\fB:\fIxx\fR, where each
> +\fIx\fR is a hex digit.
>  .PP
>  A bridge with a given \fIname\fR always has an internal port with the
>  same \fIname\fR, called the ``local port.''  This network device may
> @@ -307,16 +370,16 @@ mirror.mybr.a.output.port=eth3
>          
>  .fi
>  .RE
> -.SS "Port Rate-Limiting"
> -Traffic policing and shaping are configured on physical ports.  Policing
> +.SS "Interface Rate-Limiting"
> +Traffic policing and shaping are configured on interfaces.  Policing
>  defines a hard limit at which traffic that exceeds the specified rate is
>  dropped.  Shaping uses queues to delay packets so that egress traffic
>  leaves at the specified rate.
>  
>  .ST "Ingress Policing"
> -The rate at which traffic is allowed to enter through a port may be 
> +The rate at which traffic is allowed to enter through a interface may be 
>  configured with ingress policing.  Note that "ingress" is from the 
> -perspective of \fBovs\-vswitchd\fR.  If configured on a physical port, 
> +perspective of \fBovs\-vswitchd\fR.  If configured on a physical interface, 
>  then it limits the rate at which traffic is allowed into the system from 
>  the outside.  If configured on a virtual interface that is connected to 
>  a virtual machine, then it limits the rate at which the guest is able to 
> @@ -326,9 +389,9 @@ The rate is specified in kilobits (1000 bits) per second with a maximum
>  burst size specified in kilobits (1000 bits).  The burst size should be at 
>  least the size of the interface's MTU.  
>  
> -A port may be configured to enforce ingress policing by defining the
> +An interface may be configured to enforce ingress policing by defining the
>  key \fBport.\fIname\fB.ingress.policing-rate\fR with an integer
> -indicating the rate.  The port \fIname\fR will only allow traffic to be
> +indicating the rate.  The interface \fIname\fR will only allow traffic to be
>  received at the rate specified in kilobits per second.  If the rate is zero 
>  or the key is not defined, then ingress policing is disabled.
>  
> @@ -338,7 +401,7 @@ indicating the burst rate in kilobits.  If the key is not supplied or is
>  zero, then the default burst is 10 kilobits.
>  
>  .PP
> -The following syntax limits port \fBeth1\fR to receiving traffic at
> +The following syntax limits interface \fBeth1\fR to receiving traffic at
>  \fB512\fR kilobits per second with a burst of \fB20\fR kilobits:
>  .PP
>  .RS






More information about the dev mailing list