Page MenuHomeFreeBSD

bpf: Add an ioctl to set the VLAN Priority on packets sent by bpf
ClosedPublic

Authored by kp on Wed, Jul 21, 7:32 PM.

Details

Summary

This allows the use of VLAN PCP in dhclient, which is required for
certain ISPs (such as Orange.fr).

MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")

Diff Detail

Repository
R10 FreeBSD src repository
Lint
Automatic diff as part of commit; lint not applicable.
Unit
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

kp requested review of this revision.Wed, Jul 21, 7:32 PM

Do I understand correctly, that this is the first bpf-option to alter the packet in transit?
Usually I'd solve this problem by adding a simple netgraph network to the outgoing interface.

net80211 has a whole chunk of things you can set when raw tx'ing frames via BPF. I think this is fine!

bcr added a subscriber: bcr.

OK from manpages.

Do I understand correctly, that this is the first bpf-option to alter the packet in transit?

We're modifying a packet (or to be more exact, adding a tag that will modify it when it hits if_vlan) we've injected ourselves, in bpfwrite(). I don't think that's an issue.

Usually I'd solve this problem by adding a simple netgraph network to the outgoing interface.

It'd be a bit odd to change the network configuration for the sake of a handful of DHCP packets, when all other traffic flows just fine, but yes, that could also work.
It should also be possible to accomplish this with pf. pf's 'set prio' command does basically exactly the same thing: it also attaches an MTAG_8021Q_PCP_OUT mtag, to tell if_vlan to set the PCP to a specific value.

Still, it makes more sense to give dhclient control over its own destiny, and allow the PCP to also be set through bpf. It's very similar to say setsockopt(s, IPPROTO_IP, IP_TOS, &tos, sizeof(tos));, which also affects the packet (and is also similar in that it affects a protocol layer below what we're actually providing from userspace), only there it's through a socket rather than bpf.

Overall, this patch looks good to me.

sys/net/bpf.c
133

Maybe we should tmove this definition to <net/if_vlan_var.h> and use it in bpf and pf code?

1175

This function completely copies https://github.com/freebsd/freebsd-src/blob/main/sys/netpfil/pf/pf.c#L2712

Can it also be made common for pf and bpf?

1296

bpf_setpcp() return an error which ignored.

1387

May be: BIOCSETPCP -> BIOCSETVLANPCP?

sys/net/bpf.c
133

We should. I have a local patch for that (and to dedupe this the bpf and pf functions) pending. It'll turn up in phab in a few minutes.

1175

Yes. Expect a patch soon. I'd prefer to keep it out of this one, for merge reasons.

1296

Yes. I think I prefer it this way, on the grounds that sending a packet with the wrong PCP is better than not sending it at all, but that's not a strong opinion.

1387

Yeah, that makes sense. I'll update this patch.

BIOCSETPCP -> BIOCSETVLANPCP

This revision was not accepted when it landed; it landed in state Needs Review.Mon, Jul 26, 9:15 PM
This revision was automatically updated to reflect the committed changes.