diff options
-rw-r--r-- | configure.ac | 2 | ||||
-rw-r--r-- | man/systemd.network.xml | 43 | ||||
-rw-r--r-- | src/basic/missing.h | 6 | ||||
-rw-r--r-- | src/libsystemd/sd-netlink/netlink-types.c | 3 | ||||
-rw-r--r-- | src/network/networkd-link.c | 23 | ||||
-rw-r--r-- | src/network/networkd-network-gperf.gperf | 5 | ||||
-rw-r--r-- | src/network/networkd.h | 5 | ||||
-rw-r--r-- | units/systemd-networkd.service.m4.in | 2 |
8 files changed, 81 insertions, 8 deletions
diff --git a/configure.ac b/configure.ac index cdfb21c2f3..2fddf29f36 100644 --- a/configure.ac +++ b/configure.ac @@ -307,7 +307,7 @@ AC_CHECK_DECLS([IFLA_INET6_ADDR_GEN_MODE, IFLA_IPTUN_ENCAP_DPORT, IFLA_GRE_ENCAP_DPORT, IFLA_BRIDGE_VLAN_INFO, - IFLA_BRPORT_UNICAST_FLOOD, + IFLA_BRPORT_LEARNING_SYNC, NDA_IFINDEX, IFA_FLAGS], [], [], [[ diff --git a/man/systemd.network.xml b/man/systemd.network.xml index 90a0e8fff6..d654db4993 100644 --- a/man/systemd.network.xml +++ b/man/systemd.network.xml @@ -669,6 +669,48 @@ following keys.</para> <variablelist class='network-directives'> <varlistentry> + <term><varname>UnicastFlood=</varname></term> + <listitem> + <para>A boolean. UnicastFlood configures whether a given port will flood + unicast traffic for which there is no FDB entry. By default this + flag is off.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>HairPin=</varname></term> + <listitem> + <para> A boolean. Configures whether traffic may be send back + out of the port on which it was received. By default, this + flag is false. and the bridge will not forward traffic back + out of the receiving port. By default the flag is off.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>BPDUGuard=</varname></term> + <listitem> + <para> A boolean. Configures whether STP Bridge Protocol Data Units will be + processed by the bridge port. By default, the flag is false allowing BPDU + processing. Turning this flag on will cause the port to stop processing + STP Bridge Protocol Data Units. By default the flag is off.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>FastLeave=</varname></term> + <listitem> + <para> A boolean. This flag allows the bridge to immediately stop multicast + traffic on a port that receives IGMP Leave message. It is only used with + IGMP snooping if enabled on the bridge. By default the flag is off.</para> + </listitem> + </varlistentry> + <varlistentry> + <term><varname>RootBlock=</varname></term> + <listitem> + <para> A boolean. Configures whether a given port is allowed to + become root port or not. Only used when STP is enabled on the bridge. + By default the flag is off.</para> + </listitem> + </varlistentry> + <varlistentry> <term><varname>Cost=</varname></term> <listitem> <para>Each port in a bridge may have different speed. Cost @@ -678,7 +720,6 @@ </varlistentry> </variablelist> </refsect1> - <refsect1> <title>[BridgeFDB] Section Options</title> <para>The <literal>[BridgeFDB]</literal> section manages the diff --git a/src/basic/missing.h b/src/basic/missing.h index bd49f10e76..ed6cd80c75 100644 --- a/src/basic/missing.h +++ b/src/basic/missing.h @@ -832,7 +832,7 @@ static inline int setns(int fd, int nstype) { #define IFLA_BRIDGE_MAX (__IFLA_BRIDGE_MAX - 1) #endif -#if !HAVE_DECL_IFLA_BRPORT_UNICAST_FLOOD +#if !HAVE_DECL_IFLA_BRPORT_LEARNING_SYNC #define IFLA_BRPORT_UNSPEC 0 #define IFLA_BRPORT_STATE 1 #define IFLA_BRPORT_PRIORITY 2 @@ -843,7 +843,9 @@ static inline int setns(int fd, int nstype) { #define IFLA_BRPORT_FAST_LEAVE 7 #define IFLA_BRPORT_LEARNING 8 #define IFLA_BRPORT_UNICAST_FLOOD 9 -#define __IFLA_BRPORT_MAX 10 +#define IFLA_BRPORT_PROXYARP 10 +#define IFLA_BRPORT_LEARNING_SYNC 11 +#define __IFLA_BRPORT_MAX 12 #define IFLA_BRPORT_MAX (__IFLA_BRPORT_MAX - 1) #endif diff --git a/src/libsystemd/sd-netlink/netlink-types.c b/src/libsystemd/sd-netlink/netlink-types.c index 8c6fd8ad30..ff1b8a260f 100644 --- a/src/libsystemd/sd-netlink/netlink-types.c +++ b/src/libsystemd/sd-netlink/netlink-types.c @@ -329,8 +329,11 @@ static const struct NLType rtnl_prot_info_bridge_port_types[IFLA_BRPORT_MAX + 1] [IFLA_BRPORT_MODE] = { .type = NETLINK_TYPE_U8 }, [IFLA_BRPORT_GUARD] = { .type = NETLINK_TYPE_U8 }, [IFLA_BRPORT_PROTECT] = { .type = NETLINK_TYPE_U8 }, + [IFLA_BRPORT_FAST_LEAVE] = { .type = NETLINK_TYPE_U8 }, [IFLA_BRPORT_LEARNING] = { .type = NETLINK_TYPE_U8 }, [IFLA_BRPORT_UNICAST_FLOOD] = { .type = NETLINK_TYPE_U8 }, + [IFLA_BRPORT_PROXYARP] = { .type = NETLINK_TYPE_U8 }, + [IFLA_BRPORT_LEARNING_SYNC] = { .type = NETLINK_TYPE_U8 }, }; static const NLTypeSystem rtnl_prot_info_type_systems[AF_MAX] = { diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c index 9550e89a15..55510b46e9 100644 --- a/src/network/networkd-link.c +++ b/src/network/networkd-link.c @@ -846,9 +846,6 @@ static int link_set_bridge(Link *link) { assert(link); assert(link->network); - if(link->network->cost == 0) - return 0; - r = sd_rtnl_message_new_link(link->manager->rtnl, &req, RTM_SETLINK, link->ifindex); if (r < 0) return log_link_error_errno(link, r, "Could not allocate RTM_SETLINK message: %m"); @@ -861,6 +858,26 @@ static int link_set_bridge(Link *link) { if (r < 0) return log_link_error_errno(link, r, "Could not append IFLA_PROTINFO attribute: %m"); + r = sd_netlink_message_append_u8(req, IFLA_BRPORT_GUARD, link->network->bpdu_guard); + if (r < 0) + return log_link_error_errno(link, r, "Could not append IFLA_BRPORT_GUARD attribute: %m"); + + r = sd_netlink_message_append_u8(req, IFLA_BRPORT_MODE, link->network->hairpin); + if (r < 0) + return log_link_error_errno(link, r, "Could not append IFLA_BRPORT_MODE attribute: %m"); + + r = sd_netlink_message_append_u8(req, IFLA_BRPORT_FAST_LEAVE, link->network->fast_leave); + if (r < 0) + return log_link_error_errno(link, r, "Could not append IFLA_BRPORT_FAST_LEAVE attribute: %m"); + + r = sd_netlink_message_append_u8(req, IFLA_BRPORT_PROTECT, link->network->root_block); + if (r < 0) + return log_link_error_errno(link, r, "Could not append IFLA_BRPORT_PROTECT attribute: %m"); + + r = sd_netlink_message_append_u8(req, IFLA_BRPORT_UNICAST_FLOOD, link->network->unicast_flood); + if (r < 0) + return log_link_error_errno(link, r, "Could not append IFLA_BRPORT_UNICAST_FLOOD attribute: %m"); + if(link->network->cost != 0) { r = sd_netlink_message_append_u32(req, IFLA_BRPORT_COST, link->network->cost); if (r < 0) diff --git a/src/network/networkd-network-gperf.gperf b/src/network/networkd-network-gperf.gperf index 3a78c3d8a8..720f6b9d0b 100644 --- a/src/network/networkd-network-gperf.gperf +++ b/src/network/networkd-network-gperf.gperf @@ -73,6 +73,11 @@ DHCP.CriticalConnection, config_parse_bool, 0 DHCP.VendorClassIdentifier, config_parse_string, 0, offsetof(Network, dhcp_vendor_class_identifier) DHCP.RouteMetric, config_parse_unsigned, 0, offsetof(Network, dhcp_route_metric) Bridge.Cost, config_parse_unsigned, 0, offsetof(Network, cost) +Bridge.BPDUGuard, config_parse_bool, 0, offsetof(Network, bpdu_guard) +Bridge.HairPin, config_parse_bool, 0, offsetof(Network, hairpin) +Bridge.FastLeave, config_parse_bool, 0, offsetof(Network, fast_leave) +Bridge.RootBlock, config_parse_bool, 0, offsetof(Network, root_block) +Bridge.UnicastFlood, config_parse_bool, 0, offsetof(Network, unicast_flood) BridgeFDB.MACAddress, config_parse_fdb_hwaddr, 0, 0 BridgeFDB.VLANId, config_parse_fdb_vlan_id, 0, 0 /* backwards compatibility: do not add new entries to this section */ diff --git a/src/network/networkd.h b/src/network/networkd.h index fb95f90169..6418c0a536 100644 --- a/src/network/networkd.h +++ b/src/network/networkd.h @@ -150,6 +150,11 @@ struct Network { bool dhcp_server; + bool bpdu_guard; + bool hairpin; + bool fast_leave; + bool root_block; + bool unicast_flood; unsigned cost; AddressFamilyBoolean ip_forward; diff --git a/units/systemd-networkd.service.m4.in b/units/systemd-networkd.service.m4.in index 64d9130c24..35be713ade 100644 --- a/units/systemd-networkd.service.m4.in +++ b/units/systemd-networkd.service.m4.in @@ -12,7 +12,7 @@ ConditionCapability=CAP_NET_ADMIN DefaultDependencies=no # dbus.service can be dropped once on kdbus, and systemd-udevd.service can be # dropped once tuntap is moved to netlink -After=systemd-udevd.service dbus.service network-pre.target systemd-sysusers.service +After=systemd-udevd.service dbus.service network-pre.target systemd-sysusers.service systemd-sysctl.service Before=network.target multi-user.target shutdown.target Conflicts=shutdown.target Wants=network.target |