From patchwork Sat Mar 23 08:36:10 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Daniel Ding <danieldin186@gmail.com>
X-Patchwork-Id: 1915108
X-Patchwork-Delegate: aconole@redhat.com
Return-Path: <ovs-dev-bounces@openvswitch.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@legolas.ozlabs.org
Authentication-Results: legolas.ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
 unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256
 header.s=20230601 header.b=YUmgs5LT;
	dkim-atps=neutral
Authentication-Results: legolas.ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org
 (client-ip=140.211.166.133; helo=smtp2.osuosl.org;
 envelope-from=ovs-dev-bounces@openvswitch.org; receiver=patchwork.ozlabs.org)
Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384)
	(No client certificate requested)
	by legolas.ozlabs.org (Postfix) with ESMTPS id 4V1sx93b6Cz1yXy
	for <incoming@patchwork.ozlabs.org>; Sat, 23 Mar 2024 19:36:27 +1100 (AEDT)
Received: from localhost (localhost [127.0.0.1])
	by smtp2.osuosl.org (Postfix) with ESMTP id ACDBB4026F;
	Sat, 23 Mar 2024 08:36:23 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from smtp2.osuosl.org ([127.0.0.1])
	by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id wevspheB5H7k; Sat, 23 Mar 2024 08:36:22 +0000 (UTC)
X-Comment: SPF check N/A for local connections - client-ip=140.211.9.56;
 helo=lists.linuxfoundation.org;
 envelope-from=ovs-dev-bounces@openvswitch.org; receiver=<UNKNOWN>
DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org 8D8204029F
Authentication-Results: smtp2.osuosl.org;
	dkim=fail reason="signature verification failed" (2048-bit key)
 header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20230601
 header.b=YUmgs5LT
Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56])
	by smtp2.osuosl.org (Postfix) with ESMTPS id 8D8204029F;
	Sat, 23 Mar 2024 08:36:22 +0000 (UTC)
Received: from lf-lists.osuosl.org (localhost [127.0.0.1])
	by lists.linuxfoundation.org (Postfix) with ESMTP id 50F2EC0077;
	Sat, 23 Mar 2024 08:36:22 +0000 (UTC)
X-Original-To: dev@openvswitch.org
Delivered-To: ovs-dev@lists.linuxfoundation.org
Received: from smtp2.osuosl.org (smtp2.osuosl.org [IPv6:2605:bc80:3010::133])
 by lists.linuxfoundation.org (Postfix) with ESMTP id CCE62C0037
 for <dev@openvswitch.org>; Sat, 23 Mar 2024 08:36:21 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by smtp2.osuosl.org (Postfix) with ESMTP id B4CD6403A9
 for <dev@openvswitch.org>; Sat, 23 Mar 2024 08:36:21 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from smtp2.osuosl.org ([127.0.0.1])
 by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id oD8-iQFg0B3x for <dev@openvswitch.org>;
 Sat, 23 Mar 2024 08:36:21 +0000 (UTC)
Received-SPF: Pass (mailfrom) identity=mailfrom;
 client-ip=2607:f8b0:4864:20::636; helo=mail-pl1-x636.google.com;
 envelope-from=danieldin186@gmail.com; receiver=<UNKNOWN>
DMARC-Filter: OpenDMARC Filter v1.4.2 smtp2.osuosl.org E32AD4026F
Authentication-Results: smtp2.osuosl.org;
 dmarc=pass (p=none dis=none) header.from=gmail.com
DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org E32AD4026F
Received: from mail-pl1-x636.google.com (mail-pl1-x636.google.com
 [IPv6:2607:f8b0:4864:20::636])
 by smtp2.osuosl.org (Postfix) with ESMTPS id E32AD4026F
 for <dev@openvswitch.org>; Sat, 23 Mar 2024 08:36:20 +0000 (UTC)
Received: by mail-pl1-x636.google.com with SMTP id
 d9443c01a7336-1dde26f7e1dso20846445ad.1
 for <dev@openvswitch.org>; Sat, 23 Mar 2024 01:36:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1711182979; x=1711787779; darn=openvswitch.org;
 h=content-transfer-encoding:mime-version:message-id:date:subject:cc
 :to:from:from:to:cc:subject:date:message-id:reply-to;
 bh=bnoJrFifWrl5qnTDqVFnM1E4XZ8h2aWPv0RRrnyHEKE=;
 b=YUmgs5LTXIJtCF/IHh8qkt4v9ALZxpA+vUtD3kudfThzE+ILI3jd7oDRGnaLGzW/2p
 jVhm4A5yiXZCpDjw8czARD4Ce3i6/ezTfIgmdu05mfZYkZQgWLjq4gV/WCWAmic+hhs8
 HqNTrcvfVfjtSJTTDjJQPEAcsOqxLsXEsXs9M3uPPcv4OLTYxE4YeozastbxxFN8aO+J
 iOriFzLzi8q5G/lOTy9cDRYL6TbiMUKoKO3hyUR8zrBF1KuUom/1y0GXl1aMDUFHX73P
 nuFMN4wn2guy4QvsM0sXIA0M6l7GIxybE9L9iaYq3E8bBSjk+P8IdS04wKGBZBKcviEl
 q+rQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1711182979; x=1711787779;
 h=content-transfer-encoding:mime-version:message-id:date:subject:cc
 :to:from:x-gm-message-state:from:to:cc:subject:date:message-id
 :reply-to;
 bh=bnoJrFifWrl5qnTDqVFnM1E4XZ8h2aWPv0RRrnyHEKE=;
 b=luoJmhKcPgB0SKNd0EzJkHwBv47O7KtDBb0/4rbpf4DfVDTzmsC9oWdrb68Sugaarj
 rHyyS5CH67B8V5+3NbsdngGDdudPPg91oLjMLOsQXHxzlnD77yaGz+e9svA5od96yBug
 TXrGfy7sxz1+oGS0xJmzeLhNe/6qQUiRGb+QGxR+ijeXcXGqjW1Mv4PvpH08AfxFhsnZ
 Ln9xIBXW1RQiAFN1nKfKph00IzQUtxbZbGlmwH098Kjtp6SvQRoASs0++citgd69qfgB
 ohrRqFHhczkwCNOYlm2X3I6CnhI4JWsmGUlt7XOUQ8pL6IJSfvlLeb+/L2wSPKOyW2UQ
 Mw8Q==
X-Gm-Message-State: AOJu0YwNztEZFESYGnDaVGLVLiye75xtgwO6Y15xVMvWGZ/ZuKvu+rkP
 CdN2hDAzGd0RRP56FEDs+x2ztVNqJChFwa30l87Gqjj2Vr7N59ypnxqVUeBc
X-Google-Smtp-Source: 
 AGHT+IGmihpeKD+9sL3XkLooz40RU4DuB+noUwc9icNwqGZYkh6jPDihPnag8p2+f6oye9c6OXM0IQ==
X-Received: by 2002:a17:903:90d:b0:1e0:4cfa:5e65 with SMTP id
 ll13-20020a170903090d00b001e04cfa5e65mr2144194plb.16.1711182979440;
 Sat, 23 Mar 2024 01:36:19 -0700 (PDT)
Received: from localhost.localdomain ([45.159.50.93])
 by smtp.gmail.com with ESMTPSA id
 e4-20020a17090301c400b001dcfbbb1ddesm1083114plh.7.2024.03.23.01.36.17
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Sat, 23 Mar 2024 01:36:19 -0700 (PDT)
From: Daniel Ding <danieldin186@gmail.com>
To: dev@openvswitch.org
Date: Sat, 23 Mar 2024 16:36:10 +0800
Message-ID: <20240323083610.79102-1-danieldin186@gmail.com>
X-Mailer: git-send-email 2.43.0
MIME-Version: 1.0
Cc: Daniel Ding <danieldin186@gmail.com>
Subject: [ovs-dev] [PATCH] ovs-tcpdump: Support vlan option.
X-BeenThere: ovs-dev@openvswitch.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <ovs-dev.openvswitch.org>
List-Unsubscribe: <https://mail.openvswitch.org/mailman/options/ovs-dev>,
 <mailto:ovs-dev-request@openvswitch.org?subject=unsubscribe>
List-Archive: <http://mail.openvswitch.org/pipermail/ovs-dev/>
List-Post: <mailto:ovs-dev@openvswitch.org>
List-Help: <mailto:ovs-dev-request@openvswitch.org?subject=help>
List-Subscribe: <https://mail.openvswitch.org/mailman/listinfo/ovs-dev>,
 <mailto:ovs-dev-request@openvswitch.org?subject=subscribe>
Errors-To: ovs-dev-bounces@openvswitch.org
Sender: "dev" <ovs-dev-bounces@openvswitch.org>

When I try filter geneve protocol with a vlan, the warning message
occurs that tell me the kernel cann't support this combination.

$ ovs-tcpdump -i eth2 -nne vlan 10 and geneve
Warning: Kernel filter failed: Invalid argument

So I fix it by the following:
1. the mirror-to interface was added with a vlan tag, which let
datapath to pop its tag.
2. the traffic will be mirrored with mirror's select_vlan, and that
don't care about will not be received on the mirror-to interface.

Signed-off-by: Daniel Ding <danieldin186@gmail.com>
Signed-off-by: Daniel Ding <danieldin186@gmail.com>
---
 utilities/ovs-tcpdump.in | 37 +++++++++++++++++++++++++++++++++----
 1 file changed, 33 insertions(+), 4 deletions(-)

diff --git a/utilities/ovs-tcpdump.in b/utilities/ovs-tcpdump.in
index eada803bb..b2b69d3c4 100755
--- a/utilities/ovs-tcpdump.in
+++ b/utilities/ovs-tcpdump.in
@@ -142,6 +142,8 @@ The following options are available:
    --mirror-to                The name for the mirror port to use (optional)
                               Default 'miINTERFACE'
    --span                     If specified, mirror all ports (optional)
+   --vlan                     If specified, mirror a vlan traffic and pop
+                              its tag (optional)
 """ % {'prog': sys.argv[0]})
     sys.exit(0)
 
@@ -319,7 +321,7 @@ class OVSDB(object):
                                  (mirror_name, txn.get_error()))
         self._txn = None
 
-    def make_port(self, port_name, bridge_name):
+    def make_port(self, port_name, bridge_name, vlan=None):
         iface_row = self.make_interface(port_name, False)
         txn = self._txn
 
@@ -330,6 +332,12 @@ class OVSDB(object):
         port = txn.insert(self.get_table('Port'))
         port.name = port_name
 
+        if vlan is not None:
+            port.verify('tag')
+            tag = getattr(port, 'tag', [])
+            tag.append(vlan)
+            port.tag = tag
+
         br.verify('ports')
         ports = getattr(br, 'ports', [])
         ports.append(port)
@@ -354,7 +362,7 @@ class OVSDB(object):
         return result
 
     def bridge_mirror(self, intf_name, mirror_intf_name, br_name,
-                      mirror_select_all=False):
+                      mirror_select_all=False, mirrored_vlan=None):
 
         txn = self._start_txn()
         mirror = txn.insert(self.get_table('Mirror'))
@@ -374,6 +382,12 @@ class OVSDB(object):
         src_port.append(mirrored_port)
         mirror.select_src_port = src_port
 
+        if mirrored_vlan:
+            mirror.verify('select_vlan')
+            select_vlan = getattr(mirror, 'select_vlan', [])
+            select_vlan.append(mirrored_vlan)
+            mirror.select_vlan = select_vlan
+
         output_port = self._find_row_by_name('Port', mirror_intf_name)
 
         mirror.verify('output_port')
@@ -440,6 +454,7 @@ def main():
     db_sock = 'unix:%s' % os.path.join(rundir, "db.sock")
     interface = None
     tcpdargs = []
+    vlan = None
 
     skip_next = False
     mirror_interface = None
@@ -474,12 +489,25 @@ def main():
         elif cur in ['--span']:
             mirror_select_all = True
             continue
+        elif cur in ['--vlan']:
+            vlan = nxt
+            skip_next = True
+            continue
         tcpdargs.append(cur)
 
     if interface is None:
         print("Error: must at least specify an interface with '-i' option")
         sys.exit(1)
 
+    if vlan:
+        try:
+            vlan = int(vlan)
+            if vlan < 0 or vlan > 4095:
+                raise ValueError("out of range")
+        except ValueError:
+            print("Error: vlan muse be within <0-4095>")
+            sys.exit(1)
+
     if not py_which(dump_cmd):
         print("Error: unable to execute '%s' (check PATH)" % dump_cmd)
         sys.exit(1)
@@ -523,10 +551,11 @@ def main():
     teardown(db_sock, interface, mirror_interface, tap_created)
 
     try:
-        ovsdb.make_port(mirror_interface, ovsdb.port_bridge(interface))
+        ovsdb.make_port(mirror_interface,
+                        ovsdb.port_bridge(interface), vlan)
         ovsdb.bridge_mirror(interface, mirror_interface,
                             ovsdb.port_bridge(interface),
-                            mirror_select_all)
+                            mirror_select_all, vlan)
     except OVSDBException as oe:
         print("ERROR: Unable to properly setup the mirror: %s." % str(oe))
         sys.exit(1)