VLAN overhaul

[jukkar]

This one overhauls VLAN support to use virtual interfaces. When the VLAN support was originally created, there was no virtual interfaces so the VLAN support was implemented a bit hackish way.
This does not change user APIs related to VLANs, but the Ethernet drivers need to be changed meaning that most of the VLAN code can be removed from the driver.

Tested Ethernet drivers:

• stm32, used nucleo_f767zi
• native_sim
• sam_gmac, used sam_e70_xplained
• enc28j60
• mcux, used frdm-k64f and mimxrt1050_evk
• nxp_s32_gmac
• nxp_enet, used mimxrt1050_evk
• xmc4xxx
• e1000, used qemu_x86
• nxp_s32_netc

[jukkar]

@pdgendt, this should simplify the VLAN support we discussed recently, the code does not yet work fully but I am working on it.

[jukkar]

• Rebased against upstream
• IPv6 over VLAN works
• ARP over VLAN still has some issues
• tests not touched yet
• native_sim driver fixed, all the other drivers pending

[jukkar]

• Rebased against upstream
• ARP over VLAN still has some issues. The pending packet that is sent after an ARP reply, is sent without a VLAN tag. This is a bit tricky to fix.
• VLAN test fixed to work with newer VLAN

[jukkar]

As the description says, this refactors the VLAN support to use virtual network interfaces we have in zephyr. What this means in practice:

• we use less resources in the system (especially if there are multiple Ethernet network interfaces)
• the VLAN packet handling does not need to be done in the Ethernet driver

Setup Linux VLAN interfaces for simple testing

If using native_sim board, do this

cd tools/net-setup
./net-setup -c zeth-vlan.conf

And compile the exe like this

west build -p -b native_sim -d ~/zephyrproject/build/echo-server ~/zephyrproject/zephyr/samples/net/sockets/echo_server/ -- \
-DCONFIG_NATIVE_UART_AUTOATTACH_DEFAULT_CMD="\"gnome-terminal -- screen %s\"" \
-DCONFIG_LOG_BUFFER_SIZE=65535 \
-DCONFIG_NET_INTERFACE_NAME_LEN=15 \
-DOVERLAY_CONFIG=overlay-vlan.conf

~/zephyrproject/build/echo-server/zephyr/zephyr.exe -attach_uart

Currently supported boards that enable VLAN in driver capabilities:

• nxp_s32_netc
• e1000
• xmc4xxx
• nxp_enet
• nxp_s32_gmac
• mcux
• enc28j60
• sam_gmac
• stm32
• native_sim

This script could be used to compile and flash echo-server to a specific board:

#!/bin/bash

if [ "$1" == "" ]; then
    BOARD=native_sim
    OPTS=""
else
    BOARD="$1"
    OPTS=""
fi

west build -p -b $BOARD -d ~/zephyrproject/build/echo-server ~/zephyrproject/zephyr/samples/net/sockets/echo_server/ -- \
-DCONFIG_NATIVE_UART_AUTOATTACH_DEFAULT_CMD="\"gnome-terminal -- screen %s\"" \
-DCONFIG_LOG_BUFFER_SIZE=65535 \
-DCONFIG_NET_INTERFACE_NAME_LEN=15 \
-DOVERLAY_CONFIG=overlay-vlan.conf \
-DCONFIG_NET_DHCPV4=y \
$OPTS

if [ "$BOARD" == native_sim ]; then
    if [ $? -eq 0 ]; then
	~/zephyrproject/build/echo-server/zephyr/zephyr.exe -attach_uart
    fi
else
    west flash -d ~/zephyrproject/build/echo-server
fi

Example:

./vlan-echo-server nucleo_f767zi

The following script can be used in Linux to setup/remove the VLAN interfaces, IP addresses and routes.

#!/bin/bash

if [ -z "$1" ]; then
    echo "$0 setup|remove"
    exit 1
fi

ACTION="$1"

if [ -z "$2" ]; then
    IFACE=enp0s31f6
else
    IFACE="$2"
fi

if [ "$ACTION" == setup ]; then
    sudo ip link add link "$IFACE" name vlan.100 type vlan id 100
    sudo ip link set vlan.100 type up
    sudo ip addr add 198.51.100.2/24 dev vlan.100
    sudo ip route add 198.51.100/24 dev vlan.100
    sudo ip -6 addr add 2001:db8:100::2/64 dev vlan.100
    sudo ip -6 route add 2001:db8:100::/64 dev vlan.100
    sudo ifconfig vlan.100 up

    sudo ip link add link "$IFACE" name vlan.200 type vlan id 200
    sudo ip link set vlan.200 type up
    sudo ip addr add 203.0.113.2/24 dev vlan.200
    sudo ip route add 203.0.113/24 dev vlan.200
    sudo ip -6 addr add 2001:db8:200::2/64 dev vlan.200
    sudo ip -6 route add 2001:db8:200::/64 dev vlan.200
    sudo ifconfig vlan.200 up

    exit
fi

if [ "$ACTION" == remove ]; then
    sudo ifconfig vlan.100 down
    sudo ip -6 route del 2001:db8:100::/64 dev vlan.100
    sudo ip -6 addr del 2001:db8:100::2/64 dev vlan.100
    sudo ip route del 198.51.100/24 dev vlan.100
    sudo ip addr del 198.51.100.2/24 dev vlan.100
    sudo ip link set vlan.100 type down
    sudo ip link del link "$IFACE" name vlan.100

    sudo ifconfig vlan.200 down
    sudo ip -6 route del 2001:db8:200::/64 dev vlan.200
    sudo ip -6 addr del 2001:db8:200::2/64 dev vlan.200
    sudo ip route del 203.0.113/24 dev vlan.200
    sudo ip addr del 203.0.113.2/24 dev vlan.200
    sudo ip link set vlan.200 type down
    sudo ip link del link "$IFACE" name vlan.200

    exit
fi

Example:

./vlan.sh setup eth0

will configure host VLANs to use eth0 as a master interface. The vlan.100 and vlan.200 interfaces will use the master interface to send packets.

Then

ping -c 1 198.51.100.1

will send a ICMP Echo-Request to VLAN-100 interface in zephyr.
And

ping -c 1 203.0.113.1

will send a ICMP Echo-Request to VLAN-200 interface in zephyr.

If using the echo-server sample and the overlay-vlan.conf file like in above example, the Zephyr VLAN interfaces are by default down, and you must turn them on before they can be pinged.

net iface up 2
net iface up 3

The Zephyr interfaces look like this with this example overlay-vlan.conf

uart:~$ net iface

Interface eth0 (0x20023198) (Ethernet) [1]
===================================
Virtual interfaces attached to this : 2 3 
Link addr : 00:80:E1:EB:47:F7
MTU       : 1500
Flags     : AUTO_START,IPv4,IPv6
Device    : ethernet@40028000 (0x802974c)
Ethernet capabilities supported:
        Virtual LAN
        10 Mbits
        100 Mbits
IPv6 unicast addresses (max 3):
        fe80::280:e1ff:feeb:47f7 autoconf tentative infinite
        2001:db8::1 manual preferred infinite
IPv6 multicast addresses (max 4):
        ff02::1
        ff02::1:ffeb:47f7  <not joined>
        ff02::1:ff00:1
IPv6 prefixes (max 2):
        <none>
IPv6 hop limit           : 64
IPv6 base reachable time : 30000
IPv6 reachable time      : 35562
IPv6 retransmit timer    : 0
IPv4 unicast addresses (max 1):
        192.168.88.14/255.255.255.0 DHCP preferred
IPv4 multicast addresses (max 2):
        224.0.0.1
IPv4 gateway : 192.168.88.1
DHCPv4 lease time : 600
DHCPv4 renew time : 300
DHCPv4 server     : 192.168.88.1
DHCPv4 requested  : 192.168.88.14
DHCPv4 state      : bound
DHCPv4 attempts   : 1

Interface VLAN-100 (0x20023300) (Virtual) [2]
==================================
Virtual name : VLAN to 1
Attached  : 1 (Ethernet / 0x20023198)
Link addr : 00:80:E1:EB:47:F7
MTU       : 1500
Flags     : NO_AUTO_START,IPv4,IPv6
Device    : VLAN_0 (0x8029738)
VLAN tag  : 100 (0x064)
IPv6 unicast addresses (max 3):
        2001:db8:100::1 manual preferred infinite
        fe80::280:e1ff:feeb:47f7 autoconf preferred infinite
IPv6 multicast addresses (max 4):
        ff02::1
        ff02::1:ff00:1
        ff02::1:ffeb:47f7
IPv6 prefixes (max 2):
        <none>
IPv6 hop limit           : 64
IPv6 base reachable time : 30000
IPv6 reachable time      : 22689
IPv6 retransmit timer    : 0
IPv4 unicast addresses (max 1):
        198.51.100.1/255.255.255.0 manual preferred infinite
IPv4 multicast addresses (max 2):
        224.0.0.1
IPv4 gateway : 0.0.0.0
DHCPv4 lease time : 0
DHCPv4 renew time : 0
DHCPv4 server     : 0.0.0.0
DHCPv4 requested  : 0.0.0.0
DHCPv4 state      : disabled
DHCPv4 attempts   : 0

Interface VLAN-200 (0x20023468) (Virtual) [3]
==================================
Virtual name : VLAN to 1
Attached  : 1 (Ethernet / 0x20023198)
Link addr : 00:80:E1:EB:47:F7
MTU       : 1500
Flags     : NO_AUTO_START,IPv4,IPv6
Device    : VLAN_1 (0x8029724)
VLAN tag  : 200 (0x0c8)
IPv6 unicast addresses (max 3):
        2001:db8:200::1 manual preferred infinite
        fe80::280:e1ff:feeb:47f7 autoconf preferred infinite
IPv6 multicast addresses (max 4):
        ff02::1
        ff02::1:ff00:1
        ff02::1:ffeb:47f7
IPv6 prefixes (max 2):
        <none>
IPv6 hop limit           : 64
IPv6 base reachable time : 30000
IPv6 reachable time      : 25054
IPv6 retransmit timer    : 0
IPv4 unicast addresses (max 1):
        203.0.113.1/255.255.255.0 manual preferred infinite
IPv4 multicast addresses (max 2):
        224.0.0.1
IPv4 gateway : 0.0.0.0
DHCPv4 lease time : 0
DHCPv4 renew time : 0
DHCPv4 server     : 0.0.0.0
DHCPv4 requested  : 0.0.0.0
DHCPv4 state      : disabled
DHCPv4 attempts   : 0

[jukkar]

TODO:

• statistics need to updated for VLAN interfaces
• more testing with real boards (reviewers, please help here 🙇‍♂️)
• verify that priority of the sent/received packets is set correctly

[jukkar]

Changes:

• updated to latest main
• went through all the samples that used VLAN and fixed them
• added information to migration guide

@Dat-NguyenDuy the VLAN sample should work now, please take a look.

[Dat-NguyenDuy]

Changes:

• updated to latest main
• went through all the samples that used VLAN and fixed them
• added information to migration guide

@Dat-NguyenDuy the VLAN sample should work now, please take a look.

Hi, i've tested the sample, but seems still doesn't work:

jenkins@CPT00135429C:~$ sudo ping -c 1000 198.51.100.1 -i 0 | tail -2

1000 packets transmitted, 0 received, +302 errors, 100% packet loss, time 125013ms

Do you see the similar issue on any boards?

[jukkar]

The interface is down so your ping is dropped.
Try setting net iface up 2 and then try to ping again.

[jukkar]

The error messages can be ignored, they are printed because the interface was down when doing IPv6 DAD. The operations will be re-done after interface is up.

[Dat-NguyenDuy]

The interface is down so your ping is dropped. Try setting net iface up 2 and then try to ping again.

Thanks for the suggestions. After bring iface 2 and 3 up, i see only the iface 3 has unicast address then the ping is working with this iface. But not for iface 2.

Perhaps the sample can be updated? I see that after init_app function in main finished, the last element in ipv4_addresses is not assigned an IP

[jukkar]

jenkins@CPT00135429C:~$ sudo ping -c 1000 198.51.100.1 -i 0 | tail -2

The VLAN sample is only supporting 203.0.113.1/24 address range set to interface 3. Dunno why I did it like that, I can look into this in a separate PR and configure addresses to interface 2 too. The CONFIG_NET_IF_MAX_IPV4_COUNT=3 does not change the situation here.

[jukkar]

I do not have a boards using enc28j60 nor xmc4xxx drivers so cannot test those. I would assume they work fine like the other drivers have. If not, then we can fix any issues in subsequent PRs.

[rlubos]

LGTM