.RB "[ " port_guid " eui64 ] ]"
.br
.in -9
+.RB "[ " xdp " { " off " | "
+.br
+.in +8
+.BR object
+.IR FILE
+.RB "[ " section
+.IR NAME " ]"
+.RB "[ " verbose " ] |"
+.br
+.BR pinned
+.IR FILE " } ]"
+.br
+.in -8
.RB "[ " master
.IR DEVICE " ]"
.br
.br
.RB "[ " addrgenmode " { " eui64 " | " none " | " stable_secret " | " random " } ]"
.br
-.B macaddr " |"
-.IR "COMMAND MACADDR |"
-
+.RB "[ " macaddr " { " flush " | { " add " | " del " } "
+.IR MACADDR " | set [ "
+.IR MACADDR " [ "
+.IR MACADDR " [ ... ] ] ] } ]"
+.br
.ti -8
.B ip link show
.B master
.IR DEVICE " ] ["
.B type
-.IR ETYPE " ]"
+.IR ETYPE " ] ["
.B vrf
.IR NAME " ]"
+.ti -8
+.B ip link xstats
+.BI type " TYPE"
+.RI "[ " ARGS " ]"
+
+.ti -8
+.B ip link afstats
+.RB "[ " dev
+.IR DEVICE " ]"
+
.ti -8
.B ip link help
.RI "[ " TYPE " ]"
- IP over Infiniband device
.sp
.B macvlan
-.I MODE
- Virtual interface base on link layer address (MAC)
.sp
-Modes:
-.in +8
-.B private
-- The device never communicates with any other device on the same upper_dev.
-This even includes frames coming back from a reflective relay, where supported
-by the adjacent bridge.
-.sp
-.B vepa
-- we assume that the adjacent bridge returns all frames where both source and
-destination are local to the macvlan port, i.e. the bridge is set up as a
-reflective relay. Broadcast frames coming in from the upper_dev get flooded to
-all macvlan interfaces in VEPA mode. We never deliver any frames locally.
-.sp
-.B bridge
-- behave as simple bridge between different macvlan interfaces on the same
-port. Frames from one interface to another one get delivered directly and are
-not sent out externally. Broadcast frames get flooded to all other bridge
-ports and to the external interface, but when they come back from a reflective
-relay, we don't deliver them again. Since we know all the MAC addresses, the
-macvlan bridge mode does not require learning or STP like the bridge module
-does.
-.sp
-.B passthru
-- allows takeover of the underlying device and passing it to a guest using
-virtio with macvtap backend. Only one macvlan device is allowed in passthru
-mode and it inherits the mac address from the underlying device and sets it in
-promiscuous mode to receive and forward all the packets.
-.sp
-.B source
-- allows one to set a list of allowed mac address, which is used to match
-against source mac address from received frames on underlying interface. This
-allows creating mac based VLAN associations, instead of standard port or tag
-based. The feature is useful to deploy 802.1x mac based behavior,
-where drivers of underlying interfaces doesn't allows that.
-.sp
-.in -8
-.sp
.B macvtap
- Virtual interface based on link layer address (MAC) and TAP.
.sp
.BI "ip link add link " DEVICE " name " NAME
.BR type " { " macvlan " | " macvtap " } "
.BR mode " { " private " | " vepa " | " bridge " | " passthru
-.RB " [ " nopromisc " ] } "
+.RB " [ " nopromisc " ] | " source " } "
.in +8
.sp
forces the underlying interface into promiscuous mode. Passing the
.BR nopromisc " flag prevents this, so the promisc flag may be controlled "
using standard tools.
+
+.B mode source
+- allows one to set a list of allowed mac address, which is used to match
+against source mac address from received frames on underlying interface. This
+allows creating mac based VLAN associations, instead of standard port or tag
+based. The feature is useful to deploy 802.1x mac based behavior,
+where drivers of underlying interfaces doesn't allows that.
.in -8
.TP
.SS ip link set - change device attributes
-.TP
-.BI macaddr " COMMAND MACADDR"
-add or removes MACADDR from allowed list for source mode macvlan type link
-Commands:
-.in +8
-.B add
-- add MACADDR to allowed list
-.sp
-.B del
-- remove MACADDR from allowed list
-.sp
-.B flush
-- flush whole allowed list
-.sp
-.in -8
-
.PP
.B Warning:
If multiple parameter changes are requested,
- configure port GUID for the VF.
.in -8
+.TP
+.B xdp object "|" pinned "|" off
+set (or unset) a XDP ("express data path") BPF program to run on every
+packet at driver level.
+
+.B off
+(or
+.B none
+)
+- Detaches any currently attached XDP/BPF program from the given device.
+
+.BI object " FILE "
+- Attaches a XDP/BPF program to the given device. The
+.I FILE
+points to a BPF ELF file (f.e. generated by LLVM) that contains the BPF
+program code, map specifications, etc. If a XDP/BPF program is already
+attached to the given device, an error will be thrown. If no XDP/BPF
+program is currently attached, the device supports XDP and the program
+from the BPF ELF file passes the kernel verifier, then it will be attached
+to the device. If the option
+.I -force
+is passed to
+.B ip
+then any prior attached XDP/BPF program will be atomically overridden and
+no error will be thrown in this case. If no
+.B section
+option is passed, then the default section name ("prog") will be assumed,
+otherwise the provided section name will be used. If no
+.B verbose
+option is passed, then a verifier log will only be dumped on load error.
+See also
+.B EXAMPLES
+section for usage examples.
+
+.BI section " NAME "
+- Specifies a section name that contains the BPF program code. If no section
+name is specified, the default one ("prog") will be used. This option is
+to be passed with the
+.B object
+option.
+
+.BI verbose
+- Act in verbose mode. For example, even in case of success, this will
+print the verifier log in case a program was loaded from a BPF ELF file.
+
+.BI pinned " FILE "
+- Attaches a XDP/BPF program to the given device. The
+.I FILE
+points to an already pinned BPF program in the BPF file system. The option
+.B section
+doesn't apply here, but otherwise semantics are the same as with the option
+.B object
+described already.
+
.TP
.BI master " DEVICE"
set master device of the device (enslave device).
.B "ip link set type bridge_slave"
[
+.B fdb_flush
+] [
.BI state " STATE"
] [
.BI priority " PRIO"
] [
.BI mcast_router " MULTICAST_ROUTER"
] [
-.BR mcast_fast_leave " { " on " | " off "} ]"
+.BR mcast_fast_leave " { " on " | " off "}"
+] [
+.BR mcast_flood " { " on " | " off " } ]"
.in +8
.sp
+.B fdb_flush
+- flush bridge slave's fdb dynamic entries.
+
.BI state " STATE"
- Set port state.
.I STATE
.B fastleave
option above.
+.BR mcast_flood " { " on " | " off " }"
+- controls whether a given port will be flooded with multicast traffic for which there is no MDB entry.
+
.in -8
.TP
.in -8
+.TP
+MACVLAN and MACVTAP Support
+Modify list of allowed macaddr for link in source mode.
+
+.B "ip link set type { macvlan | macvap } "
+[
+.BI macaddr " " "" COMMAND " " MACADDR " ..."
+]
+
+Commands:
+.in +8
+.B add
+- add MACADDR to allowed list
+.sp
+.B set
+- replace allowed list
+.sp
+.B del
+- remove MACADDR from allowed list
+.sp
+.B flush
+- flush whole allowed list
+.sp
+.in -8
+
+
.SS ip link show - display device attributes
.TP
didn't filter already. Therefore any string is accepted, but may lead to empty
output.
+.SS ip link xstats - display extended statistics
+
+.TP
+.BI type " TYPE "
+.I TYPE
+specifies the type of devices to display extended statistics for.
+
+.SS ip link afstats - display address-family specific statistics
+
+.TP
+.BI dev " DEVICE "
+.I DEVICE
+specifies the device to display address-family statistics for.
+
.SS ip link help - display help
.PP
.RS 4
Creates an IPIP that is encapsulated with Generic UDP Encapsulation,
and the outer UDP checksum and remote checksum offload are enabled.
-
+.RE
+.PP
+ip link set dev eth0 xdp obj prog.o
+.RS 4
+Attaches a XDP/BPF program to device eth0, where the program is
+located in prog.o, section "prog" (default section). In case a
+XDP/BPF program is already attached, throw an error.
+.RE
+.PP
+ip -force link set dev eth0 xdp obj prog.o sec foo
+.RS 4
+Attaches a XDP/BPF program to device eth0, where the program is
+located in prog.o, section "foo". In case a XDP/BPF program is
+already attached, it will be overridden by the new one.
+.RE
+.PP
+ip -force link set dev eth0 xdp pinned /sys/fs/bpf/foo
+.RS 4
+Attaches a XDP/BPF program to device eth0, where the program was
+previously pinned as an object node into BPF file system under
+name foo.
+.RE
+.PP
+ip link set dev eth0 xdp off
+.RS 4
+If a XDP/BPF program is attached on device eth0, detach it and
+effectively turn off XDP for device eth0.
.RE
.PP
ip link add link wpan0 lowpan0 type lowpan
projects / mirror_iproute2.git / blobdiff