Page MenuHomeFreeBSD

bpf: Add an ioctl to set the VLAN Priority on packets sent by bpf
ClosedPublic

Authored by kp on Jul 21 2021, 7:32 PM.
Tags
None
Referenced Files
Unknown Object (File)
Thu, Jan 23, 6:29 AM
Unknown Object (File)
Sun, Jan 19, 8:32 AM
Unknown Object (File)
Sun, Jan 19, 5:20 AM
Unknown Object (File)
Sat, Jan 18, 1:34 AM
Unknown Object (File)
Dec 9 2024, 2:56 AM
Unknown Object (File)
Nov 21 2024, 10:07 AM
Unknown Object (File)
Nov 15 2024, 12:31 PM
Unknown Object (File)
Nov 15 2024, 11:54 AM

Details

Summary

This allows the use of VLAN PCP in dhclient, which is required for
certain ISPs (such as Orange.fr).

MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

kp requested review of this revision.Jul 21 2021, 7:32 PM

Do I understand correctly, that this is the first bpf-option to alter the packet in transit?
Usually I'd solve this problem by adding a simple netgraph network to the outgoing interface.

net80211 has a whole chunk of things you can set when raw tx'ing frames via BPF. I think this is fine!

bcr added a subscriber: bcr.

OK from manpages.

Do I understand correctly, that this is the first bpf-option to alter the packet in transit?

We're modifying a packet (or to be more exact, adding a tag that will modify it when it hits if_vlan) we've injected ourselves, in bpfwrite(). I don't think that's an issue.

Usually I'd solve this problem by adding a simple netgraph network to the outgoing interface.

It'd be a bit odd to change the network configuration for the sake of a handful of DHCP packets, when all other traffic flows just fine, but yes, that could also work.
It should also be possible to accomplish this with pf. pf's 'set prio' command does basically exactly the same thing: it also attaches an MTAG_8021Q_PCP_OUT mtag, to tell if_vlan to set the PCP to a specific value.

Still, it makes more sense to give dhclient control over its own destiny, and allow the PCP to also be set through bpf. It's very similar to say setsockopt(s, IPPROTO_IP, IP_TOS, &tos, sizeof(tos));, which also affects the packet (and is also similar in that it affects a protocol layer below what we're actually providing from userspace), only there it's through a socket rather than bpf.

Overall, this patch looks good to me.

sys/net/bpf.c
134

Maybe we should tmove this definition to <net/if_vlan_var.h> and use it in bpf and pf code?

1176

This function completely copies https://github.com/freebsd/freebsd-src/blob/main/sys/netpfil/pf/pf.c#L2712

Can it also be made common for pf and bpf?

1297

bpf_setpcp() return an error which ignored.

1388

May be: BIOCSETPCP -> BIOCSETVLANPCP?

sys/net/bpf.c
134

We should. I have a local patch for that (and to dedupe this the bpf and pf functions) pending. It'll turn up in phab in a few minutes.

1176

Yes. Expect a patch soon. I'd prefer to keep it out of this one, for merge reasons.

1297

Yes. I think I prefer it this way, on the grounds that sending a packet with the wrong PCP is better than not sending it at all, but that's not a strong opinion.

1388

Yeah, that makes sense. I'll update this patch.

BIOCSETPCP -> BIOCSETVLANPCP

This revision was not accepted when it landed; it landed in state Needs Review.Jul 26 2021, 9:15 PM
This revision was automatically updated to reflect the committed changes.