system/systemd
system/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd synced 2024-07-22 18:55:10 +00:00
Code Issues Actions 7 Packages Projects Releases Wiki Activity

Add support for isolated parameter

Browse source 
Add the "Isolated" parameter in the *.network file, e.g.,

[Bridge]
Isolated=true|false

When the Isolated parameter is true, traffic coming out of this port
will only be forward to other ports whose Isolated parameter is false.

When Isolated is not specified, the port uses the kernel default
setting (false).

The "Isolated" parameter was introduced in Linux 4.19.
See man bridge(8) for more details.
But even though the kernel and bridge/iproute2 recognize the "Isolated"
parameter, systemd-networkd did not have a way to set it.
This commit is contained in:
Santa Wiryaman 2021-05-03 18:48:26 -04:00 committed by Yu Watanabe
parent 10139b4e3c
commit 97f27f8a16
11 changed files with 25 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
man/systemd.network.xml
View file

@ -2960,6 +2960,15 @@ Token=prefixstable:2002:da8:1::</programlisting></para>
receiving port. When unset, the kernel's default will be used.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>Isolated=</varname></term>
<listitem>
<para>Takes a boolean. Configures whether this port is isolated or not. Within a bridge,
isolated ports can only communicate with non-isolated ports. When set to true, this port can only
communicate with other ports whose Isolated setting is false. When set to false, this port
can communicate with any other ports. When unset, the kernel's default will be used.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>UseBPDU=</varname></term>
<listitem>

1
src/network/networkd-network-gperf.gperf
View file

@ -308,6 +308,7 @@ DHCPServerStaticLease.MACAddress, config_parse_dhcp_static_lease_hwad
Bridge.Cost, config_parse_uint32, 0, offsetof(Network, cost)
Bridge.UseBPDU, config_parse_tristate, 0, offsetof(Network, use_bpdu)
Bridge.HairPin, config_parse_tristate, 0, offsetof(Network, hairpin)
Bridge.Isolated, config_parse_tristate, 0, offsetof(Network, isolated)
Bridge.FastLeave, config_parse_tristate, 0, offsetof(Network, fast_leave)
Bridge.AllowPortToBeRoot, config_parse_tristate, 0, offsetof(Network, allow_port_to_be_root)
Bridge.UnicastFlood, config_parse_tristate, 0, offsetof(Network, unicast_flood)

1
src/network/networkd-network.c
View file

@ -437,6 +437,7 @@ int network_load_one(Manager *manager, OrderedHashmap **networks, const char *fi
.use_bpdu = -1,
.hairpin = -1,
.isolated = -1,
.fast_leave = -1,
.allow_port_to_be_root = -1,
.unicast_flood = -1,

1
src/network/networkd-network.h
View file

@ -244,6 +244,7 @@ struct Network {
/* Bridge Support */
int use_bpdu;
int hairpin;
int isolated;
int fast_leave;
int allow_port_to_be_root;
int unicast_flood;

6
src/network/networkd-setlink.c
View file

@ -303,6 +303,12 @@ static int link_configure_fill_message(
return r;
}
if (link->network->isolated >= 0) {
r = sd_netlink_message_append_u8(req, IFLA_BRPORT_ISOLATED, link->network->isolated);
if (r < 0)
return r;
}
if (link->network->fast_leave >= 0) {
r = sd_netlink_message_append_u8(req, IFLA_BRPORT_FAST_LEAVE, link->network->fast_leave);
if (r < 0)

1
test/fuzz/fuzz-network-parser/26-bridge-slave-interface-1.network
View file

@ -7,6 +7,7 @@ Bridge=bridge99
[Bridge]
Cost=400
HairPin = true
Isolated = true
FastLeave = true
UnicastFlood = true
MulticastToUnicast = true

1
test/fuzz/fuzz-network-parser/directives.network
View file

@ -2,6 +2,7 @@
Cost=
UseBPDU=
HairPin=
Isolated=
UnicastFlood=
FastLeave=
Priority=

1
test/fuzz/fuzz-unit-file/directives-all.service
View file

@ -451,6 +451,7 @@ Group=
GroupForwardMask=
GroupPolicyExtension=
HairPin=
Isolated=
MulticastToUnicast=
HelloTimeSec=
HomeAddress=

2
test/networkd-test.py
View file

@ -273,6 +273,7 @@ Priority=0
[Bridge]
UnicastFlood=true
HairPin=true
Isolated=true
UseBPDU=true
FastLeave=true
AllowPortToBeRoot=true
@ -286,6 +287,7 @@ Priority=23
self.assertEqual(self.read_attr('port2', 'brport/priority'), '23')
self.assertEqual(self.read_attr('port2', 'brport/hairpin_mode'), '1')
self.assertEqual(self.read_attr('port2', 'brport/isolated'), '1')
self.assertEqual(self.read_attr('port2', 'brport/path_cost'), '555')
self.assertEqual(self.read_attr('port2', 'brport/multicast_fast_leave'), '1')
self.assertEqual(self.read_attr('port2', 'brport/unicast_flood'), '1')

1
test/test-network/conf/26-bridge-slave-interface-1.network
View file

@ -8,6 +8,7 @@ Bridge=bridge99
[Bridge]
Cost=400
HairPin = true
Isolated = true
FastLeave = true
UnicastFlood = true
MulticastFlood = false

1
test/test-network/systemd-networkd-tests.py
View file

@ -3864,6 +3864,7 @@ class NetworkdBridgeTests(unittest.TestCase, Utilities):
print(output)
self.assertEqual(read_bridge_port_attr('bridge99', 'dummy98', 'path_cost'), '400')
self.assertEqual(read_bridge_port_attr('bridge99', 'dummy98', 'hairpin_mode'), '1')
self.assertEqual(read_bridge_port_attr('bridge99', 'dummy98', 'isolated'), '1')
self.assertEqual(read_bridge_port_attr('bridge99', 'dummy98', 'multicast_fast_leave'), '1')
self.assertEqual(read_bridge_port_attr('bridge99', 'dummy98', 'unicast_flood'), '1')
self.assertEqual(read_bridge_port_attr('bridge99', 'dummy98', 'multicast_flood'), '0')