Details

Reviewers

tuexen
glebius
rscheff
kp
peter.lei_ieee.org
melifaro
zlei
adrian

Group Reviewers

network
transport

Commits

rGe44d2e941e8e: if_geneve: Add Support for Geneve (RFC8926)

Summary

if_geneve: Add geneve support (RFC8926)
geneve creates a generic network virtualization tunnel
interface for Tentant Systems over an L3 (IP/UDP) underlay network that
provides a Layer 2 (ethernet) or Layer 3 service using the geneve protocol.
This implementation is based on RFC8926.

IPv4 and IPv6 is fully supported for both unicast and multicast underlay.
Per-VNET geneve tunnel is implemented.
RXCSUM/TXCSUM/TSO offloading capabilities are implemented.

Test Plan

see D55183

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

There are a very large number of changes, so older changes are hidden. Show Older Changes

crest_freebsd_rlwinm.de added a subscriber: crest_freebsd_rlwinm.de.Dec 15 2025, 3:29 PM

zlei added a subscriber: zlei.Dec 16 2025, 4:03 AM

zlei added inline comments.

sys/net/if_geneve.c
1676	I'm recently fighting with `ifp->if_drv_flags & IFF_DRV_RUNNING`. I think the flag should ( if ever wanted ) be write only by the driver and protected by driver locks, but not by the net stack. For sync issue, the net stack should use atomic_load but not merely a test by `ifp->if_drv_flags & IFF_DRV_RUNNING`.

glebius added inline comments.Dec 16 2025, 4:24 PM

sys/net/if_geneve.c
1676	IMHO, the idea of the flag was not correct in the first place. A new properly written driver shall not rely on it as a measure to prevent the stack from talking to the driver.

Rebase and update according to 0bd0c3295ac09f759f2816b73cbd2d950e3bef7e .

There is no ether_reassign, therefore, geneve_reassign removed for good.

All geneve tests are passed and reassignment is also tested.

Harbormaster completed remote builds in B69472: Diff 168596.Dec 26 2025, 8:07 AM

zlei mentioned this in D54387: gre: use its own internal flag.Dec 29 2025, 4:53 AM

Fix ability to modifying generic and link-specific attributes at the same time in geneve_clone_modify_nl

Harbormaster completed remote builds in B69563: Diff 168865.Jan 1 2026, 11:26 PM

emaste added a subscriber: emaste.Jan 14 2026, 8:52 PM

pouria added inline comments.Feb 7 2026, 6:42 PM

sbin/ifconfig/ifgeneve.c
233 ↗	(On Diff #168865)	D54443: @zlei This is an example of netlink implementation of ifconfig for geneve. For the same reason, we need the `nl_parsed_geneve` here. That's why I want the `nl_parsed_gre` to be public KPI.

pouria added a reviewer: zlei.Feb 7 2026, 8:53 PM

I'm going to breakdown this revision to be easier to review.
So, sorry for noise in advance.

Rebase geneve to main and limit this revision kernel only.
ifconfig netlink helper: D55174
ifconfig geneve implementation (netlink): D55184
ifconfig geneve implementation (without netlink): D55185
ifconfig(8) manual for geneve: D55181
geneve(4) manual: D55182
geneve tests: D55183
update geneve to follow RFC 6040: D55186

If you want to test all of the Geneve patches together,
you can find them with all patches applied on my github:
https://github.com/spmzt/freebsd-src/tree/geneve_total

pouria edited the summary of this revision. (Show Details)Feb 8 2026, 4:25 PM

pouria edited the test plan for this revision. (Show Details)

pouria removed a reviewer: manpages.

pouria removed a parent revision: D53516: Update ip_ecn to RFC 6040.

pouria removed a subscriber: ziaee.

pouria added a child revision: D55182: geneve(4): Add geneve manual.Feb 8 2026, 4:27 PM

pouria added a child revision: D55183: geneve: Add geneve tests.

pouria added a child revision: D55184: ifconfig: Add support for geneve (netlink).

pouria added a child revision: D55186: geneve: follow RFC 6040 and use ECN_COMPLETE.Feb 8 2026, 4:30 PM

pouria marked 12 inline comments as done.Feb 8 2026, 4:50 PM

pouria mentioned this in D55602: Pouria's geneve report for Status/2026Q.Mar 1 2026, 1:01 PM

@glebius Do you think removing nvlist/non-netlink support will help this revision get reviewed faster?
since it will reduce the code size.

Sorry if I wasn't clear - I have no objections against pushing this in. I'm not able to do a protocol level review, but wrt the interaction with the rest of the network stack all looks good to me.

P.S. My only comment was about use of IFF_DRV_RUNNING, which IMHO is not a real protection from stack calling into the driver. You can improve that later, though.

This revision is now accepted and ready to land.Mar 16 2026, 6:47 PM

Rebase to main, apply and close D55186.

This revision now requires review to proceed.Thu, Mar 19, 10:37 AM

Harbormaster completed remote builds in B71503: Diff 173889.Thu, Mar 19, 10:37 AM

In D54172#1277853, @pouria wrote:

Do you think removing nvlist/non-netlink support will help this revision get reviewed faster?
since it will reduce the code size.

FYI, deleting nvlist/non-netlink support, removes ~550 LOC.

zarychtam_plan-b.pwste.edu.pl added a subscriber: zarychtam_plan-b.pwste.edu.pl.Thu, Mar 19, 1:38 PM

I have not looked through the related RFC. So this quick review is not completed.

sys/net/if.h
258–260	I'd like to test this HW offload feature for GENEVE, but I think the ethernet drivers in-tree are not ready for that yet. @pouria Do you have any WIP updates for any drivers ?
sys/net/if_geneve.c
98	The sx lock `geneve_sx` is only used in this file. Make it static to limit the scope.
613	I guess a memcmp() is sufficient ?
2103	The in-tree drivers are approaching to netlink based config. Shall we still support nvlist ? @kp How do you think about this ?
3080	No need for parentheses in case labels.
3094	Ditto.
3107	I believe the default branch is unreachable.
3201	Shall the drivers be updated to support the inner csum offload ?
3237	Unreachable code. The `ip_output()` shall handle the mbuf, and free it if error occurs. So this is not required.
3385	Ditto.
4534	Shall this move to VNET_SYSUNINIT ?

Address @zlei comments

Harbormaster completed remote builds in B71828: Diff 174551.Mon, Mar 30, 4:00 PM

Thank you for your review.

sys/net/if.h
258–260	You're right. There are drivers that should support GENEVE hw offload, but not implemented yet. I want to work on it after geneve lands. I'm currently busy with v6 and routing stack.
sys/net/if_geneve.c
613	It'll be used in line 785 to order entries on the ftable. It's basically the same mechanism used in if_vxlan.
2103	np from me. I've a branch prepared without nvlist. I also like to remove the nvlist support too.
3107	In that case, IMHO, we shouldn't panic.
3201	Of course, but I don't want to update them on this revision. I prepared the CSUM requirements for geneve here and I'll update other drivers in another revision.
4534	It should, but please see the D54175.

kind ping @zlei

sys/net/if_geneve.c
2103	kind ping @kp

kp added inline comments.Tue, Apr 7, 12:25 PM

sys/net/if_geneve.c
2103	I'm entirely on board with the "Netlink only" approach. I don't think it's a good idea to have multiple different sets of configuration code. Just do netlink, it's the best available option right now.

zlei added inline comments.Tue, Apr 7, 2:38 PM

sys/net/if_geneve.c
4534	IMO the cloner is not to be blamed. ( The socket ) Leaking of refcount of prison should be handled properly on prison remove event. I have an idea to fix it, then destroy cloner via `VNET_SYSUNINIT` should work as intended.

Remove nvlist/ioctl support.

Harbormaster completed remote builds in B72064: Diff 175142.Wed, Apr 8, 4:46 PM

pouria edited the summary of this revision. (Show Details)Wed, Apr 8, 4:48 PM

@kp @zlei Done.
Could you please review this again?
I just removed the support without netlink completely and successfully ran my tests.
There should be no nvlist interface/header left.
I also abandoned the support for ifconfig WITHOUT_NETLINK.

Final style check before landing.

Harbormaster completed remote builds in B72136: Diff 175289.Sat, Apr 11, 6:11 PM

Add spdx tag to geneve header and replace its email with my freebsd email.

Harbormaster completed remote builds in B72137: Diff 175291.Sat, Apr 11, 6:17 PM

adrian added a subscriber: adrian.Sun, Apr 12, 8:44 PM

adrian added inline comments.

sys/net/if_geneve.c
2869	why are there semicolons here? :p

@adrian done.

Harbormaster completed remote builds in B72161: Diff 175384.Sun, Apr 12, 8:56 PM

pouria marked an inline comment as done.Sun, Apr 12, 8:56 PM

pouria added inline comments.

sys/net/if_geneve.c
2869	bad habit of declaring first and copying from it. Nice catch! How did you find that? :)))

adrian accepted this revision as: adrian.Sun, Apr 12, 11:00 PM

adrian added inline comments.

sys/net/if_geneve.c
2869	eyeballs :p

This revision is now accepted and ready to land.Sun, Apr 12, 11:00 PM

Closed by commit rGe44d2e941e8e: if_geneve: Add Support for Geneve (RFC8926) (authored by pouria). · Explain WhyMon, Apr 13, 2:17 PM

This revision was automatically updated to reflect the committed changes.

pouria marked an inline comment as done.

pouria added a commit: rGe44d2e941e8e: if_geneve: Add Support for Geneve (RFC8926).

Add Support for Geneve (RFC8926)
ClosedPublic
Actions

Details

Diff Detail

Event Timeline

Revision Contents
Changeset List

Diff 175427

sys/conf/NOTES

sys/conf/files

sys/kern/kern_jail.c

sys/modules/Makefile

sys/modules/if_geneve/Makefile

sys/net/if.h

sys/net/if.c

sys/net/if_geneve.h

sys/net/if_geneve.c

sys/net/if_strings.h

sys/netlink/route/interface.h

sys/sys/mbuf.h

sys/sys/priv.h

Add Support for Geneve (RFC8926)ClosedPublicActions

Details

Diff Detail

Event Timeline

Revision ContentsChangeset List

Diff 175427

sys/conf/NOTES

sys/conf/files

sys/kern/kern_jail.c

sys/modules/Makefile

sys/modules/if_geneve/Makefile

sys/net/if.h

sys/net/if.c

sys/net/if_geneve.h

sys/net/if_geneve.c

sys/net/if_strings.h

sys/netlink/route/interface.h

sys/sys/mbuf.h

sys/sys/priv.h

Add Support for Geneve (RFC8926)
ClosedPublic
Actions

Revision Contents
Changeset List