Page MenuHomeVyOS Platform

Unclear behaviour when configuring vif and vif-s interfaces
Closed, ResolvedPublicBUG

Description

It is possible to configure a vif-s interface, without a vif-c interface.
It is possible to configure a vif interface with the same VLAN ID as a vif-s inteface, that doesn't have a vif-c interface.
Like so:

ethernet eth1 {
    vif 100 {
        address 192.168.100.1/24
        description "VLAN 100"
    }
    vif-s 100 {
        address 192.168.111.1/24
        description "S-VLAN 100"
    }
}

This will commit without problems.

From a configuration standpoint it is unclear what is going happen. From the code it is clear that vif-s will win and overwrite the configuration.
Also, what happens if we add a vif-c to the vif-s and a single tagged packet with VLAN 100 arrives to the interface? Should it be handled by vif or vif-s?
The code is clear on this, but the admin doesn't know from the config.
In my opinion, this is undesired.

There are several solutions to this:

  1. Always required vif-c with vif-s and disable ability to configure anything under vif-s
  2. Remove vif and only use vif-s/vif-c
  3. Allow configuration as it is, but trow an error if there is config for vif and vif-s with the same VLAN ID

I don't mind doing the coding for either option, but someone has to make a decision on the desired behaviour.

Details

Difficulty level
Easy (less than an hour)
Version
1.3
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Perfectly compatible
Issue type
Improvement (missing useful functionality)

Event Timeline

If you create a VIF and VIF-S interface with the same ID, the resulting device names collide:

vyos@vyos:~$ configure
[edit]
vyos@vyos# set interfaces ethernet eth0 vif 100
[edit]
vyos@vyos# set interfaces ethernet eth0 vif-s 100
[edit]
vyos@vyos# commit
[edit]
vyos@vyos# exit
Warning: configuration changes have not been saved.
exit
vyos@vyos:~$ show interfaces
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface        IP Address                        S/L  Description
---------        ----------                        ---  -----------
eth0             192.168.251.159/24                u/u  
eth0.100         -                                 u/u  
lo               127.0.0.1/8                       u/u  
                 ::1/128

I think solution 3 from the description is the way to go.

It is also allowed in VyOS 1.2 but the Kernel errors out:

cpo@LR1.wue3# set interfaces ethernet eth1 vif 100 address 1.1.1.1/24
[edit]
cpo@LR1.wue3# set interfaces ethernet eth1 vif-s 100 address 2.2.2.2/24
[edit]
cpo@LR1.wue3# commit
[ interfaces ethernet eth1 vif 100 ]
RTNETLINK answers: File exists
Error creating VLAN device eth1.100

[[interfaces ethernet eth1 vif 100]] failed
Commit failed
cpo@LR1.wue3# ip -d link show eth1.100
9: eth1.100@eth1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state LOWERLAYERDOWN mode DEFAULT group default qlen 1000
    link/ether 00:50:56:bf:ef:aa brd ff:ff:ff:ff:ff:ff promiscuity 0 minmtu 0 maxmtu 65535
    vlan protocol 802.1ad id 100 <REORDER_HDR> addrgenmode eui64 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535

So we should add a proper verify() step

c-po changed the task status from Open to Confirmed.Feb 2 2021, 8:09 PM
c-po claimed this task.
c-po added a project: VyOS 1.4 Sagitta.
cpo@LR1.wue3# commit
[ interfaces ethernet eth1 ]
Duplicate VLAN id "100" used for vif and vif-s interfaces!
c-po moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved this task from Need Triage to Finished on the VyOS 1.4 Sagitta board.
erkin set Issue type to Improvement (missing useful functionality).Aug 29 2021, 12:27 PM
erkin removed a subscriber: Active contributors.