Project

General

Profile

Actions

Feature #3344

closed

EthernetTransport: 802.1Q VLAN tagging

Added by susmit shannigrahi about 9 years ago. Updated almost 9 years ago.

Status:
Rejected
Priority:
Normal
Assignee:
-
Category:
Faces
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
3.00 h

Description

In EthernetTransport, prepend a 802.1Q VLAN tag to Ethernet frames.

VLAN headers are 4 octets and should be simple to add to an Ethernet frame, either constructed manually or with the VLAN tagging API provided by libpcap.

Use case:

The scientific testbed has multiple VLANs and the ability to create on-demand VLANs. NFD should be able to write packets to these VLANs without creating layer 3 tunnels. This will also demonstrate NDN's ability to work over long distance links without needing to use IP.


Related issues 1 (0 open1 closed)

Blocked by NFD - Feature #3170: EthernetTransportClosedDavide Pesavento

Actions
Actions #1

Updated by susmit shannigrahi about 9 years ago

  • Subject changed from Support 802.1Q (VLAN) headers in NFD ethernet to Support 802.1Q (VLAN) headers in NFD
Actions #2

Updated by Junxiao Shi about 9 years ago

  • Tracker changed from Task to Feature
  • Subject changed from Support 802.1Q (VLAN) headers in NFD to EthernetTransport: 802.1Q VLAN tagging
  • Description updated (diff)
  • Category set to Faces
  • Target version set to v0.5
  • Start date deleted (11/19/2015)
  • Estimated time set to 3.00 h

I generally agree with this feature.

I wonder the implication on receive path:

Does EthernetTransport need to construct a libpcap filter string so that it only receives Ethernet frames with a specific VLAN tag or no VLAN tag?

Does EthernetTransport need to unwrap received frames by deleting the 802.11Q header?

Also, to test this feature:

Does VirtualBox / Emulab / Mininet support VLAN tags, so that we can create an integration test?

Actions #3

Updated by Junxiao Shi about 9 years ago

Actions #4

Updated by susmit shannigrahi about 9 years ago

Junxiao Shi wrote:

I generally agree with this feature.

I wonder the implication on receive path:

Does EthernetTransport need to construct a libpcap filter string so that it only receives Ethernet frames with a specific VLAN tag or no VLAN tag?

Note that their might be multiple such tags (VLAN hierarchy). NFD should be able receive a packet, check if VLAN tag(s) exist and decode properly.

Does EthernetTransport need to unwrap received frames by deleting the 802.11Q header?

I think so, but not sure about the implications. Some Intel drivers strip vlan tags.

Actions #5

Updated by Davide Pesavento about 9 years ago

What are the advantages of adding VLAN handling in NFD?

I might have misunderstood your scenario/application/use case, but I think VLAN encap/decap should not be done by NFD. This is something that should be handled at the kernel level or even below. The obvious advantage is that the kernel is able to exploit the hardware VLAN acceleration provided by most Ethernet controllers.

Actions #6

Updated by susmit shannigrahi about 9 years ago

Davide Pesavento wrote:
What are the advantages of adding VLAN handling in NFD?

I might have misunderstood your scenario/application/use case,

This is the use case I am interested in:

Let's say, I have two machines.

I bring up a VLAN interface on the first machine as eth0.801 (VLAN ID=801). The Ethernet address is a0:36:9g:36:23:7c.

On the other end of the VLAN, I add an interface on the second machine as eth0.801 (VLAN ID=801). The Ethernet address is a0:36:9f:23:df:56.

I want to exchange NDN packets between these two machines without needing to configure IP tunnels.

but I think VLAN encap/decap should not be done by NFD. This is something that should be handled at the kernel level or even below. The obvious advantage is that the kernel is able to exploit the hardware VLAN acceleration provided by most Ethernet controllers.

Maybe.

Actions #7

Updated by Davide Pesavento about 9 years ago

susmit shannigrahi wrote:

I bring up a VLAN interface on the first machine as eth0.801 (VLAN ID=801). The Ethernet address is a0:36:9g:36:23:7c.
On the other end of the VLAN, I add an interface on the second machine as eth0.801 (VLAN ID=801). The Ethernet address is a0:36:9f:23:df:56.
I want to exchange NDN packets between these two machines without needing to configure IP tunnels.

Right. So, if NFD is configured to use eth0.801 on the two machines, isn't the kernel automatically adding/removing the VLAN tags from packets sent/received through those (pseudo-)interfaces?

Actions #8

Updated by susmit shannigrahi about 9 years ago

Right. So, if NFD is configured to use eth0.801 on the two machines, isn't the kernel automatically adding/removing the VLAN tags from packets sent/received through those (pseudo-)interfaces?

Ah, I didn't realize NFD treats vlan interfaces as separate faces. So this might work already. Thanks for pointing that out.

I did a quick test on a VLAN and it's crashing NFD, so I take that as a good sign. :)

Actions #10

Updated by Davide Pesavento about 9 years ago

susmit shannigrahi wrote:

Ah, I didn't realize NFD treats vlan interfaces as separate faces. So this might work already. Thanks for pointing that out.

I haven't tried with Linux VLAN pseudo-interfaces, but they should look like normal interfaces to userspace programs, so I'm expecting NFD will create a multicast face for each one of them... which might not be desirable in this case, because it means we'd receive the same packets twice (untagged from eth0.801 and tagged from eth0), see #1712 for a to-be-implemented solution to this problem.

Actions #11

Updated by susmit shannigrahi about 9 years ago

Right. So, if NFD is configured to use eth0.801 on the two machines, isn't the kernel automatically adding/removing the VLAN tags from packets sent/received through those (pseudo-)interfaces?

The kernel doesn't seem to be removing the tags, hence the crash in 3348. Kernel delivers the VLAN packet with the tag to NFD.

Actions #12

Updated by Davide Pesavento about 9 years ago

That's surprising. Are you sure the packets are coming from the vlan interface?

Anyway, after we fix #3348, is there anything else we need to do in order to "support" VLANs? I'm expecting that untagged packets sent to a vlan pseudo-interface (e.g. eth0.42) are tagged by the kernel with the vlan id assigned to that interface.

Actions #13

Updated by susmit shannigrahi almost 9 years ago

Davide Pesavento wrote:
That's surprising. Are you sure the packets are coming from the vlan interface?

Anyway, after we fix #3348, is there anything else we need to do in order to "support" VLANs? I'm expecting that untagged packets sent to a vlan pseudo-interface (e.g. eth0.42) are tagged by the kernel with the vlan id assigned to that interface.

So I added this to the Ethernet face's processIncomingPacket.

NFD_LOG_FACE_DEBUG("Ethenet type" << ntohs(eh->ether_type));

It gives me the number 33024, which is "Customer VLAN Tag Type" according to this .

Actions #14

Updated by Davide Pesavento almost 9 years ago

Do you still have the whole log line generated by the statement you added? In particular I care about the part between brackets with the Face URIs.

Actions #15

Updated by susmit shannigrahi almost 9 years ago

Davide Pesavento wrote:
Do you still have the whole log line generated by the statement you added? In particular I care about the part between brackets with the Face URIs.

Sorry, should've included that. It's coming from the actual interface.

1449116144.465650 DEBUG: [EthernetFace] [id=260,local=dev://p2p2,remote=ether://[01:00:5e:00:17:aa]] Ethenet type 33024

Actions #16

Updated by Davide Pesavento almost 9 years ago

  • Status changed from New to Feedback

Indeed, that packet is coming from the "real" interface (where no VLAN encap/decap is happening), not from the vlan pseudo-interface. So this is exactly as I expected and confirms my previous theory. I believe this task should be rejected, vlan handling should be done in the kernel and only untagged packets should reach NFD.

What we should do is finally implementing feature #1712, so that operators can choose which interfaces can be used for multicast faces. The current default of allowing all interfaces doesn't make any sense in this scenario.

Anything else I'm missing?

Actions #17

Updated by susmit shannigrahi almost 9 years ago

  • Status changed from Feedback to Closed

Davide Pesavento wrote:
Indeed, that packet is coming from the "real" interface (where no VLAN encap/decap is happening), not from the vlan pseudo-interface. So this is exactly as I expected and confirms my previous theory. I believe this task should be rejected, vlan handling should be done in the kernel and only untagged packets should reach NFD.

What we should do is finally implementing feature #1712, so that operators can choose which interfaces can be used for multicast faces. The current default of allowing all interfaces doesn't make any sense in this scenario.

Anything else I'm missing?

No, I think we can close this. I'll reopen this if needed.

Actions #18

Updated by Davide Pesavento almost 9 years ago

Ticket status should be "rejected".

Actions #19

Updated by Junxiao Shi almost 9 years ago

  • Status changed from Closed to Rejected
Actions #20

Updated by Davide Pesavento almost 9 years ago

  • Target version deleted (v0.5)
Actions

Also available in: Atom PDF