Re: [vpp-dev] MAC Learning in vpp

[Neale Ranns]

Hi Mohsen,

Perhaps I misunderstood your intentions. MAC learning I was talking about is 
what a switch/bridge domain does to populate its forwarding tables to perform 
l2 forwarding. My old and limited experience with port-security was as a 
feature on l2 interface in a BD.
If what you wanted was ARP for L3 interfaces, then we’re talking about IP 
neighbours. The size of the ip-neighbour DB (which is shared between ARP and ND 
entries) has only a global not a per-interface limit.
DBGvpp# set ip neighbor-config ?
  set ip neighbor-config   set ip neighbor-config ip4|ip6 
[limit ] [age ] [recycle|norecycle]
there are no other means to control what IP neighbours are or aren’t learned.

/neale


From: Mohsen Meamarian 
Date: Wednesday, 4 August 2021 at 07:26
To: Neale Ranns 
Cc: vpp-dev@lists.fd.io 
Subject: Re: [vpp-dev] MAC Learning in vpp
Hi Neal,
Thanks, Is there a way to view and limit learned MAC addresses for an interface 
without adding an interface to a bridge-domain?

On Tue, Aug 3, 2021 at 12:15 PM Neale Ranns 
mailto:ne...@graphiant.com>> wrote:
HI Mohsen,

Learning in a BD is enabled by default – your trace shows learning on. You can 
turn in on or off through configuration on the BD or on the input interface.
DBGvpp# set bridge-domain ?
  set bridge-domain learn  set bridge-domain learn 
 [disable]
  set bridge-domain learn-limitset bridge-domain learn-limit 
 

or

DBGvpp# set interface l2 ?
  set interface l2 learn   set interface l2 learn  
[disable]

Ping and ARP work with learning on.

Note also in the commands above, there is a mechanism to limit the number of 
MACs that can be learnt in each BD.

/neale


From: Mohsen Meamarian 
mailto:meamarian.moh...@gmail.com>>
Date: Tuesday, 3 August 2021 at 06:37
To: Neale Ranns mailto:ne...@graphiant.com>>
Cc: vpp-dev@lists.fd.io 
mailto:vpp-dev@lists.fd.io>>
Subject: Re: [vpp-dev] MAC Learning in vpp
Thanks neale,
What is the easiest way to enable learning on an interface while other 
functionality , including passing the ping and arp packets , work normally?

I want l2_learn_process run for that interface so that I can write a function 
to do something like put a limiting on maximum connected devices with it's help.


On Mon, Aug 2, 2021, 23:38 Neale Ranns 
mailto:ne...@graphiant.com>> wrote:

HI Moshen,

From: vpp-dev@lists.fd.io 
mailto:vpp-dev@lists.fd.io>> on behalf of Mohsen Meamarian 
via lists.fd.io 
mailto:gmail@lists.fd.io>>
Date: Monday, 2 August 2021 at 18:45
To: vpp-dev@lists.fd.io 
mailto:vpp-dev@lists.fd.io>>
Subject: [vpp-dev] MAC Learning in vpp
Hi friends,
I want to implement port security in vpp. I assume that the l2learn_process 
function in l2_learn.c runs periodically when vpp is active and When a device 
is connected to my system , this function helps to learn it's mac. Is this 
assumption true ?

No. l2_learn runs for all packets that are received on a link on which learning 
is enabled. You can see it in the trace you provided. It is learning in this 
VLIB node that will populated the l2fib.

because when I run the sh l2fib command , it returns nothing. but when I set an 
interface as a bridge , the sh l2fib command returns something. my commands :

create bridge-domain 2 arp-term 1
create loopback interface
set int l2 bridge loop0 2 bvi
set interface state loop0 up
set interface l2 bridge GigabitEthernet0/8/0 2

show bridge-domain 2 detail
show l2fib all

but i have a problem here. vpp drop ping packet.Where can the problem come from?

I attached my trace command result to this mail.I get " l2-flood: BVI L3 mac 
mismatch " error.

That shows an ARP packet destined to a unicast MAC. That packet was flooded, 
suggesting an l2fib miss and unknown-unicast flooding is enabled. The dst MAC 
of the packet did not match the MAC of the BVI (the only other interface in the 
BD) so it was dropped.

/neale


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#19912): https://lists.fd.io/g/vpp-dev/message/19912
Mute This Topic: https://lists.fd.io/mt/84615988/21656
Group Owner: vpp-dev+ow...@lists.fd.io
Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [vpp-dev] FDIO Maintenance - 2021-08-04 15:00 UTC to 1900 UTC

[Vanessa Valderrama]

Jenkins has been placed in shutdown mode in preparation for maintenance

On 7/27/21 10:11 AM, Vanessa Valderrama wrote:
>
> *What:*
>
>   * Jenkins sandbox and production
>   o OS and security updates
>   o Jenkins upgrade
>   o Plugin upgrades
>
>   * Gerrit
>   o OS and security updates
>   o Gerrit upgrade
>
>   * Nexus
>   o OS and security updates
>   o Nexus upgrade
>
>   * JIRA
>   o OS and security updates
>   o JIRA upgrade
>
>   * Ingress
>   o OS and security updates
>
> *When:  *2021-08-04 15:00 UTC to 1900 UTC
>
> *Impact:*
>
> Jenkins will be placed in shutdown mode at 1400 UTC. All running jobs
> will be terminated at 15:00 UTC.
>
> The following services will be unavailable during the maintenance window:
>
>   * Jenkins sandbox and production
>   * Gerrit
>   * Nexus
>   * JIRA
>

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#19913): https://lists.fd.io/g/vpp-dev/message/19913
Mute This Topic: https://lists.fd.io/mt/84483932/21656
Group Owner: vpp-dev+ow...@lists.fd.io
Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [vpp-dev] FDIO Maintenance - 2021-08-04 15:00 UTC to 1900 UTC

[Vanessa Valderrama]

Starting maintenance

On 8/4/21 9:02 AM, Vanessa Valderrama wrote:
>
> Jenkins has been placed in shutdown mode in preparation for maintenance
>
> On 7/27/21 10:11 AM, Vanessa Valderrama wrote:
>>
>> *What:*
>>
>>   * Jenkins sandbox and production
>>   o OS and security updates
>>   o Jenkins upgrade
>>   o Plugin upgrades
>>
>>   * Gerrit
>>   o OS and security updates
>>   o Gerrit upgrade
>>
>>   * Nexus
>>   o OS and security updates
>>   o Nexus upgrade
>>
>>   * JIRA
>>   o OS and security updates
>>   o JIRA upgrade
>>
>>   * Ingress
>>   o OS and security updates
>>
>> *When:  *2021-08-04 15:00 UTC to 1900 UTC
>>
>> *Impact:*
>>
>> Jenkins will be placed in shutdown mode at 1400 UTC. All running jobs
>> will be terminated at 15:00 UTC.
>>
>> The following services will be unavailable during the maintenance window:
>>
>>   * Jenkins sandbox and production
>>   * Gerrit
>>   * Nexus
>>   * JIRA
>>

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#19914): https://lists.fd.io/g/vpp-dev/message/19914
Mute This Topic: https://lists.fd.io/mt/84483932/21656
Group Owner: vpp-dev+ow...@lists.fd.io
Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [vpp-dev] FDIO Maintenance - 2021-08-04 15:00 UTC to 1900 UTC

[Vanessa Valderrama]

Maintenance is complete. If you experience any issues, please open a
request at support.linuxfoundation.org.

Thank you,

Anton & Vanessa

On 8/4/21 10:00 AM, Vanessa Valderrama wrote:
>
> Starting maintenance
>
> On 8/4/21 9:02 AM, Vanessa Valderrama wrote:
>>
>> Jenkins has been placed in shutdown mode in preparation for maintenance
>>
>> On 7/27/21 10:11 AM, Vanessa Valderrama wrote:
>>>
>>> *What:*
>>>
>>>   * Jenkins sandbox and production
>>>   o OS and security updates
>>>   o Jenkins upgrade
>>>   o Plugin upgrades
>>>
>>>   * Gerrit
>>>   o OS and security updates
>>>   o Gerrit upgrade
>>>
>>>   * Nexus
>>>   o OS and security updates
>>>   o Nexus upgrade
>>>
>>>   * JIRA
>>>   o OS and security updates
>>>   o JIRA upgrade
>>>
>>>   * Ingress
>>>   o OS and security updates
>>>
>>> *When:  *2021-08-04 15:00 UTC to 1900 UTC
>>>
>>> *Impact:*
>>>
>>> Jenkins will be placed in shutdown mode at 1400 UTC. All running
>>> jobs will be terminated at 15:00 UTC.
>>>
>>> The following services will be unavailable during the maintenance
>>> window:
>>>
>>>   * Jenkins sandbox and production
>>>   * Gerrit
>>>   * Nexus
>>>   * JIRA
>>>

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#19915): https://lists.fd.io/g/vpp-dev/message/19915
Mute This Topic: https://lists.fd.io/mt/84483932/21656
Group Owner: vpp-dev+ow...@lists.fd.io
Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [vpp-dev] FDIO Maintenance - 2021-08-04 15:00 UTC to 1900 UTC

[Vanessa Valderrama]

Jenkins is back in shutdown mode. We need to downgrade the Gerrit
Trigger plugin. The latest version has caused some stability issues for
other projects.



On 8/4/21 11:30 AM, Vanessa Valderrama wrote:
>
> Maintenance is complete. If you experience any issues, please open a
> request at support.linuxfoundation.org.
>
> Thank you,
>
> Anton & Vanessa
>
> On 8/4/21 10:00 AM, Vanessa Valderrama wrote:
>>
>> Starting maintenance
>>
>> On 8/4/21 9:02 AM, Vanessa Valderrama wrote:
>>>
>>> Jenkins has been placed in shutdown mode in preparation for maintenance
>>>
>>> On 7/27/21 10:11 AM, Vanessa Valderrama wrote:

 *What:*

   * Jenkins sandbox and production
   o OS and security updates
   o Jenkins upgrade
   o Plugin upgrades

   * Gerrit
   o OS and security updates
   o Gerrit upgrade

   * Nexus
   o OS and security updates
   o Nexus upgrade

   * JIRA
   o OS and security updates
   o JIRA upgrade

   * Ingress
   o OS and security updates

 *When:  *2021-08-04 15:00 UTC to 1900 UTC

 *Impact:*

 Jenkins will be placed in shutdown mode at 1400 UTC. All running
 jobs will be terminated at 15:00 UTC.

 The following services will be unavailable during the maintenance
 window:

   * Jenkins sandbox and production
   * Gerrit
   * Nexus
   * JIRA


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#19916): https://lists.fd.io/g/vpp-dev/message/19916
Mute This Topic: https://lists.fd.io/mt/84483932/21656
Group Owner: vpp-dev+ow...@lists.fd.io
Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [vpp-dev] FDIO Maintenance - 2021-08-04 15:00 UTC to 1900 UTC

[Vanessa Valderrama]

The plugin has been downgraded. Jenkins is out of shutdown mode.

Thank you,

Vanessa

On 8/4/21 11:41 AM, Vanessa Valderrama wrote:
>
> Jenkins is back in shutdown mode. We need to downgrade the Gerrit
> Trigger plugin. The latest version has caused some stability issues
> for other projects.
>
>
>
> On 8/4/21 11:30 AM, Vanessa Valderrama wrote:
>>
>> Maintenance is complete. If you experience any issues, please open a
>> request at support.linuxfoundation.org.
>>
>> Thank you,
>>
>> Anton & Vanessa
>>
>> On 8/4/21 10:00 AM, Vanessa Valderrama wrote:
>>>
>>> Starting maintenance
>>>
>>> On 8/4/21 9:02 AM, Vanessa Valderrama wrote:

 Jenkins has been placed in shutdown mode in preparation for
 maintenance

 On 7/27/21 10:11 AM, Vanessa Valderrama wrote:
>
> *What:*
>
>   * Jenkins sandbox and production
>   o OS and security updates
>   o Jenkins upgrade
>   o Plugin upgrades
>
>   * Gerrit
>   o OS and security updates
>   o Gerrit upgrade
>
>   * Nexus
>   o OS and security updates
>   o Nexus upgrade
>
>   * JIRA
>   o OS and security updates
>   o JIRA upgrade
>
>   * Ingress
>   o OS and security updates
>
> *When:  *2021-08-04 15:00 UTC to 1900 UTC
>
> *Impact:*
>
> Jenkins will be placed in shutdown mode at 1400 UTC. All running
> jobs will be terminated at 15:00 UTC.
>
> The following services will be unavailable during the maintenance
> window:
>
>   * Jenkins sandbox and production
>   * Gerrit
>   * Nexus
>   * JIRA
>

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#19917): https://lists.fd.io/g/vpp-dev/message/19917
Mute This Topic: https://lists.fd.io/mt/84483932/21656
Group Owner: vpp-dev+ow...@lists.fd.io
Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-