diff options
author | David S. Miller <davem@davemloft.net> | 2017-11-04 01:15:18 +0100 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2017-11-04 01:15:18 +0100 |
commit | de4cc8bd68c0aefdbbdbdaad28185f1c0ac18442 (patch) | |
tree | 5e45dadf8c97c9b0ad72070194741c848e96645e /security | |
parent | Merge branch 'net-mini_Qdisc' (diff) | |
parent | mlxsw: spectrum_router: Handle down of tunnel underlay (diff) | |
download | linux-de4cc8bd68c0aefdbbdbdaad28185f1c0ac18442.tar.xz linux-de4cc8bd68c0aefdbbdbdaad28185f1c0ac18442.zip |
Merge branch 'mlxsw-Handle-changes-in-GRE-configuration'
Jiri Pirko says:
====================
mlxsw: Handle changes in GRE configuration
Petr says:
Until now, when an IP tunnel was offloaded by the mlxsw driver, the
offload was pretty much static, and changes in Linux configuration were
not reflected in the hardware. That led to discrepancies between traffic
flows in slow path and fast path. The work-around used to be to remove
all routes that forward to the netdevice and re-add them. This is
clearly suboptimal, but actually, as of the decap-only patchset, it's
not even enough anymore, and one needs to go all the way and simply drop
the tunnel and recreate it correctly.
With this patchset, the NETDEV_CHANGE events that are generated for
changes of up'd tunnel netdevices are captured and interpreted to
correctly reconfigure the HW in accordance with changes requested at the
software layer. In addition, NETDEV_CHANGEUPPER, NETDEV_UP and
NETDEV_DOWN are now handled not only for tunnel devices themselves, but
also for their bound devices. Each change is then translated to one or
more of the following updates to the HW configuration:
- refresh of offload of local route that corresponds to tunnel's local
address
- refresh of the loopback RIF
- refresh of offloads of routes that forward to the changed tunnel
- removal of tunnel offloads
These tools are used to implement the following configuration changes:
- addition of a new offloadable tunnel with local address that conflicts
with that of an already-offloaded tunnel (the existing tunnel is
onloaded, the new one isn't offloaded)
- changes to TTL, TOS that make tunnel unsuitable for offloading
- changes to ikey, okey, remote
- changes to local, which when they cause conflict with another
tunnel, lead to onloading of both newly-conflicting tunnels
- migration of a bound device of an offloaded tunnel device to a
different VRF
- changes to what device is bound to a tunnel device (i.e. like what
"ip tunnel change name g dev another" does)
- changes to up / down state of a bound device. A down bound device
doesn't forward encapsulated traffic anymore, but decap still works.
This patchset starts with a suite of patches that adapt the existing
code base step by step to facilitate introduction of the offloading
code. The five substantial patches at the end then implement the changes
mentioned above.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'security')
0 files changed, 0 insertions, 0 deletions