search

vishvananda / netlink

Simple netlink library for go.
Apache License 2.0
2.85k stars 744 forks source link

linkAttrs VFInfo doesn't show trust #580

Open xagent003 opened 4 years ago

xagent003 commented 4 years ago

I noticed that the trust mode is missing from the VfInfo. Under ip link, trust is shown, and also, it is configurable under SRIOV network plugins for Kubernetes and Openstack. It would be nice to also show this info. For example:

[root@host-02 eth9]# ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: enp3s0f0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000
    link/ether a0:36:9f:20:10:c8 brd ff:ff:ff:ff:ff:ff
    vf 0 MAC 00:00:00:00:00:00, spoof checking on, link-state auto, trust off, query_rss off
    vf 1 MAC 00:00:00:00:00:00, spoof checking on, link-state auto, trust off, query_rss off
    vf 2 MAC 00:00:00:00:00:00, spoof checking on, link-state auto, trust off, query_rss off
    vf 3 MAC 00:00:00:00:00:00, spoof checking on, link-state auto, trust off, query_rss off
    vf 4 MAC 00:00:00:00:00:00, spoof checking on, link-state auto, trust off, query_rss off
    vf 5 MAC 00:00:00:00:00:00, spoof checking on, link-state auto, trust off, query_rss off
    vf 6 MAC 00:00:00:00:00:00, spoof checking on, link-state auto, trust off, query_rss off
    vf 7 MAC 00:00:00:00:00:00, spoof checking on, link-state auto, trust off, query_rss off

And in Kubernetes, CNI config for an SRIOV network: 

{
  "cniVersion": "0.3.1",
  "name": "sriov-advanced",
  "type": "sriov",
  "vlan": 1000,
  "spoofchk": "off",
  "trust": "on",
  "ipam": {
    "type": "host-local",
    "subnet": "10.56.217.0/24",
    "routes": [{
      "dst": "0.0.0.0/0"
    }],
    "gateway": "10.56.217.1"
  }
}
xagent003 commented 4 years ago

I'm looking at the code. It looks like there are functions to set the Trust mode, but it is missing from the parseVfInfo function and structure. Is there a reason it was omitted on purpose? https://github.com/vishvananda/netlink/blob/1e3d26b1b393006411752fc0196d65df9fc6fa15/link_linux.go#L2975

Is it just a matter of adding a new case in the switch statement above?

MichalGuzieniuk commented 3 years ago

Could we expect any update on 'trust' topic?