Hi,
I've been playing around with typeof support (on 2885cf2e on 5.4 kernel)
and came across the following issues:
nft add table bridge t
nft set bridge t s3 '{typeof meta ibrpvid; elements = { 2, 3, 103 }; }'
nft list ruleset
On an embedded system (openwrt on ppc) with kernel 5.4, this results in
table bridge t {
set s3 {
typeof meta ibrpvid
elements = { 2, 3, 103 }
}
}
But on buster-backports kernel 5.4 (x86_64), this results in
table bridge t {
set s3 {
typeof meta ibrpvid
elements = { 512, 768, 26368 }
}
}
Which is strange and not correct. It also happens with v0.9.4.
Debug output on x86_64 Machine:
nft --debug=netlink set bridge t s3 '{typeof meta ibrpvid; elements = {
2, 3, 103 }; }'
(null) (null) 0
s3 t 0
element 00000200 : 0 [end] element 00000300 : 0 [end]
element 00006700 : 0 [end]
Debug output on openwrt machine (ppc):
nft --debug=netlink set bridge t s3 '{typeof meta ibrpvid; elements = {
2, 3, 103 }; }'
(null) (null) 0
s3 t 0
element 00020000 : 0 [end] element 00030000 : 0 [end]
element 00670000 : 0 [end]
So it looks like an endianess issue to me.
The nft set bridge output looks the same when using vlan id instead of
meta ibrvpid.
But nft list ruleset creates the correct output for vlan but not for
meta ibrpvid.
x86_64 machine:
table bridge t {
set s3 {
typeof meta ibrpvid
elements = { 512, 768, 26368 }
}
set s4 {
typeof vlan id
elements = { 2, 3, 103 }
}
}
OpenWRT machine (ppc):
table bridge t {
set s3 {
typeof meta ibrpvid
elements = { 2, 3, 103 }
}
set s4 {
typeof vlan id
elements = { 2, 3, 103 }
}
}
So I'm unsure if this is a display error when reading back? Or is the
wrong value written to the kernel?
nft add chain bridge t c3
nft add rule bridge t c3 'meta ibrpvid @s3 accept;'
nft set bridge t s4 '{typeof vlan id . ip daddr; }'
Error: can not use variable sized data types (integer) in concat
expressions
set bridge t s4 {typeof vlan id . ip daddr; }
So while "typeof vlan id" and typeof with concatenations works, using
both concatenation and vlan id does not.
Any hints here to start?
Regards,
Michael
