195978 – Add vlan support to xen netfront

Bug 195978 - Add vlan support to xen netfront

Summary: Add vlan support to xen netfront

Status:	New

Alias:	None

Product:	Base System
Classification:	Unclassified
Component:	kern (show other bugs)
Version:	10.1-STABLE
Hardware:	amd64 Any

Importance:	--- Affects Some People
Assignee:	freebsd-xen (Nobody)

URL:
Keywords:	patch

Depends on:
Blocks:

Reported:	2014-12-14 20:56 UTC by Grischa Zengel
Modified:	2015-07-28 14:11 UTC (History)
CC List:	5 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Grischa Zengel 2014-12-14 20:56:02 UTC

My pfsense is running on XEN with Debian Wheezy and now Jessie.
I'm using vlans in my pfsense because I have more than 8 networks on xen host.

After upgrading from pfsense 2.1.5 to 2.2 beta (FreeBSD 10.1) I can use PV drivers and interface changed from em0 to xn0 (netfront).

But Pfsense didn't let me use VLANs on xn0 because this interface is not VLANMTU capable.
All my arguments that tagging is always posible won't be heared.
https://redmine.pfsense.org/issues/4103

Chris Buechler means that there are problems with vlans in the netfront driver.

So I can't use the improvements of PV enabled systems.

Please make the netfront driver VLAN cappable.

Here I found a patch:
https://forum.pfsense.org/index.php/topic,37693.0.html

Comment 1 Marcelo Araujo freebsd_committer

2015-03-25 07:30:26 UTC

(In reply to Grischa Zengel from comment #0)
Hello Grischa,

I made few tests using FreeBSD HEAD(r280410) as dom0 and two domU with FreeBSD 10.1-RELEASE. The xen version is 4.6-unstable.
I successfully setup a vlan(4) interface without any problem and without the patch you mentioned, here is the output:

Dom0:
root@:/z/src/sys/dev/xen/netfront # xl list
Name                                        ID   Mem VCPUs	State	Time(s)
Domain-0                                     0  2047     8     r-----     373.0
FreeBSDPVHVM2                                3   512     2     -b----      20.2
FreeBSDPVHVM                                 4   512     2     -b----      29.0


FreeBSDPVHVM:
root@pvhvm:~ # ifconfig xn0.10
xn0.10: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1496
	ether 00:16:3e:50:e2:8d
	inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255 
	nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
	media: Ethernet manual
	status: active
	vlan: 10 parent interface: xn0

FreeBSDPVHVM2:
root@pvhvm2:~ # ifconfig xn0.10
xn0.10: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1496
	ether 00:16:3e:58:40:14
	inet 192.168.1.2 netmask 0xffffff00 broadcast 192.168.1.255 
	nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
	media: Ethernet manual
	status: active
	vlan: 10 parent interface: xn0

root@pvhvm:~ # ping 192.168.1.2
PING 192.168.1.2 (192.168.1.2): 56 data bytes
64 bytes from 192.168.1.2: icmp_seq=0 ttl=64 time=0.178 ms
64 bytes from 192.168.1.2: icmp_seq=1 ttl=64 time=0.171 ms
64 bytes from 192.168.1.2: icmp_seq=2 ttl=64 time=0.147 ms

root@pvhvm2:~ # ping 192.168.1.1
PING 192.168.1.1 (192.168.1.1): 56 data bytes
64 bytes from 192.168.1.1: icmp_seq=0 ttl=64 time=0.134 ms
64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=0.118 ms
64 bytes from 192.168.1.1: icmp_seq=2 ttl=64 time=0.184 ms


I'm wondering, if you still have this problem, and if you can give a try with FreeBSD HEAD.

Best Regards,

Comment 2 Grischa Zengel 2015-03-30 16:18:17 UTC

Hi Marcelo,
the developers of pfsense won't use a NIC for tagging, unless it supports tagging in hardware.

In release 2.2.2 they will get altq support in xn:
https://redmine.pfsense.org/issues/4401

Regards,

Comment 3 Marcelo Araujo freebsd_committer

2015-04-07 02:11:34 UTC

I took a look at pfsense's patch, it seems not right for me.
First it needs to check if the real NIC has support to hardware VLAN and then enable it on xen interface.

I have no idea yet how we can pass this information when we attache a bridge interface to Xen, I do believe the changes must be in netback and netfront. I'm still investigating it and it will cost some time.

Best,

Comment 4 Glen Barber freebsd_committer

2015-07-07 16:15:24 UTC

Colin, can you provide feedback on this?

Comment 5 Colin Percival freebsd_committer

2015-07-07 18:30:28 UTC

No.  I have no experience with VLANs and very little with netfront.  Maybe royger can help here?

Comment 6 Roger Pau Monné freebsd_committer

2015-07-20 16:11:37 UTC

I'm quite lost on this one because I have 0 experience with vlans. Marcelo seems to have vlans working with netfront, but I guess there's something I'm missing. Can someone please clarify what's missing?

Comment 7 Grischa Zengel 2015-07-21 01:22:25 UTC

1. You have to look if netback can have frames with >= 1522 Bytes.
See 802.1q at http://www.firewall.cx/networking-topics/vlan-networks/219-vlan-tagging.html
Here is some code from Linux:
netfront (DomU): http://lxr.free-electrons.com/source/drivers/net/xen-netfront.c
netback (Dom0): http://lxr.free-electrons.com/source/drivers/net/xen-netback/xenbus.c

2a. https://www.freebsd.org/cgi/man.cgi?query=altq&sektion=4
2b. https://www.freebsd.org/cgi/man.cgi?query=altq&sektion=9&apropos=0&manpath=FreeBSD+10.1-RELEASE#HOW_TO_CONVERT_THE_EXISTING_DRIVERS

I can't help much more.

Comment 8 Grischa Zengel 2015-07-21 01:29:44 UTC

(In reply to Roger Pau MonnÃ© from comment #6)

Really missing is ALTQ to have throttling and VLAN tagging with MTU 1504 (called Baby Jumbo Frames).

Comment 9 matt.thyer 2015-07-23 02:14:41 UTC

(In reply to Grischa Zengel from comment #8)

Really missing is Jumbo Frame support with VLANs.
After all, we want FreeBSD DomU to be able to saturate 10 gigE don't we?