On 10/28/19 2:36 AM, Toke Høiland-Jørgensen wrote:
>
>> Linux bridge on the other hand seems fairly straightforward to
>> refactor. One helper is needed to convert ingress <port,mac,vlan> to
>> an L2 device (and needs to consider stacked devices) and then a second
>> one to access the fdb for that device.
>
> Why not just a single lookup like what you did for routing? Not too
> familiar with the routing code...
The current code for routing only works for forwarding across ports
without vlans or other upper level devices. That is a very limited use
case and needs to be extended for VLANs and bonds (I have a POC for both).
The API is setup for the extra layers:
struct bpf_fib_lookup {
...
/* input: L3 device index for lookup
* output: device index from FIB lookup
*/
__u32 ifindex;
...
For bridging, certainly step 1 is the same - define a bpf_fdb_lookup
struct and helper that takes on L2 device index and returns a
<port,vlan> pair.
However, this thread is about bridging with VMs / containers. A viable
solution for this use case MUST handle both vlans and bonds.
