Add support for decoding Virtual Function (VF) information from netlink
messages. This enables users to retrieve SR-IOV VF details when querying
network interfaces.
The implementation adds:
- VFStats struct containing per-VF traffic statistics (packets, bytes,
broadcast, multicast, dropped counters for both RX and TX)
- VFInfo struct containing VF configuration (MAC address, VLAN, QoS,
TX rate limits, spoof check, link state, RSS query, trust settings)
- VFLinkState type with Auto/Enable/Disable constants
- NumVF and VFInfoList fields to LinkAttributes
- Decoding logic for IFLA_NUM_VF and IFLA_VFINFO_LIST nested attributes
The VF information follows the kernel's nested attribute structure.
This is useful for monitoring and managing SR-IOV enabled network
interfaces where the Physical Function (PF) exposes multiple Virtual
Functions to guest VMs or containers.
Signed-off-by: Anthony Harivel <aharivel@redhat.com>
Add drivers for bridge, macvlan, vlan, vxlan and add helpers to
LinkService to use them (SetMaster, RemoveMaster)
Signed-off-by: Jeroen Simonetti <jeroen@simonetti.nl>
This allows to set route priority/metric for prefix routes created
automatically when an address is assigned.
E.g. `10.0.0.0/8` with metric `32` would generate a route:
```
10.0.0.0/8 via <if> metric 32
```
The default metric is zero. A custom metric allows to prefer
one interface over another when the prefixes overlap.
See https://github.com/siderolabs/talos/issues/10696
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
This properly list is used e.g. by `systemd-udevd` to provide other
alternative names for predictable interface names.
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
* netns: remove iproute2 dependency
This commit introduces a breaking change to rtnetlink.NetNS.
The existing netns implementation had a few problems. It assumed that network
namespaces have names, that they would always be pinned to /var/run/netns, and
that numeric/integer references are pid references. This made the NetNS type
unusable for referring to existing netns by fd, such as ones created by other
libraries, or by opening procfs entries directly as demonstrated in the new
testutils.NetNS() function.
The forced dependency on the `ip` CLI tool also wasn't reasonable for a pure-Go
library. Using the old implementation in a scratch/distroless container would
quickly run into roadblocks.
This commit also removes the functionality of creating and pinning new netns.
There are plenty of options out in the Go ecosystem for that, and providing
your own is only a few lines of code.
Signed-off-by: Timo Beckers <timo@incline.eu>
* test: remove calls to unix.Setrlimit() in favor of rlimit.RemoveMemlock()
ebpf-go provides this out of the box and skips setting the rlimit on kernels
that support bpf memory cgroup accounting.
Signed-off-by: Timo Beckers <timo@incline.eu>
* neigh: fix flaky tests, add State field to Neigh entry
The flaky tests that were documented in the code are expected. Use the State
field to discard entries that can't reasonably be considered in tests.
Signed-off-by: Timo Beckers <timo@incline.eu>
* neigh: fix race in Conn.Neighbours
When running tests locally, I would frequently hit "too many/little matches,
expected 1, actual 0" due to other tests creating and deleting interfaces in
the common host netns used by all tests.
Neigh entries that fail the interface lookup can't have their Interface fields
populated and should be dropped from the result since the interface is no longer
there to begin with.
Signed-off-by: Timo Beckers <timo@incline.eu>
* xdp: refactor test suite to use test helpers and netns-driven tests
While running the test suite for testing netns-related changes, I noticed
some of the xdp tests started failing because they wanted to create a dummy
interface in the host network namespace.
Avoid the complexity of managing dummy interfaces altogether by running all
tests within their own netns and use the existing lo device that's present by
default.
Signed-off-by: Timo Beckers <timo@incline.eu>
* xdp,netkit: remove duplicate kernelMinReq in favor of testutils.SkipOnOldKernel
There were two implementations of this, so move them to common testutils.
Signed-off-by: Timo Beckers <timo@incline.eu>
---------
Signed-off-by: Timo Beckers <timo@incline.eu>
* Add attr validation
This commit removes unix.IFLA_UNSPEC and introduces checks for the interface name,
the link type and the queue disc fields.
Interface name validation is necessary to prevent an 'invalid argument' error
when creating a link with an empty name. Other checks were added to be consistent with the ip tools.
Signed-off-by: Birol Bilgin <birolbilgin@gmail.com>
* Add network namespace type
This commit introduces the NetNS struct and integrates network namespace capabilities into link attributes.
This enhancement facilitates the creation of links, such as veth pairs, across different network namespaces
without the need to execute directly within those namespaces.
Signed-off-by: Birol Bilgin <birolbilgin@gmail.com>
* Add LinkDriver interface
This commit introduces a Driver interface and changes Data and SlaveData fields within the LinkInfo struct
as LinkDriver to accommodate driver-specific data encoding, addressing the limitation
where LinkInfo.Data and SlaveData fields were merely byte slices without support for specific data encoding.
Drivers are registered globally with the RegisterDriver function.
For un-registered drivers, the default LinkData driver is used.
Signed-off-by: Birol Bilgin <birolbilgin@gmail.com>
* Add Driver Package
This commit introduces the 'driver' package, which contains specific implementations of the LinkDriver interface.
It also includes the implementation of the Linux bond driver as LinkDriver and the bond slave driver as LinkSlaveDriver.
Signed-off-by: Birol Bilgin <birolbilgin@gmail.com>
* Add Netkit and Veth drivers
This commit adds Netkit and Veth drivers.
Signed-off-by: Birol Bilgin <birolbilgin@gmail.com>
---------
Signed-off-by: Birol Bilgin <birolbilgin@gmail.com>
* module: `go mod tidy`
Signed-off-by: Jeremiejig <me@jeremiejig.fr>
* route: Implement support for RTA_MARK
The RTA_MARK attribute allow to send get request with mark information;
it is useful when having multiple table selected by rule policy
matching on fwmark.
Signed-off-by: Jeremiejig <me@jeremiejig.fr>
