diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2010-05-21 00:04:44 -0400 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2010-05-21 00:04:44 -0400 |
commit | f8965467f366fd18f01feafb5db10512d7b4422c (patch) | |
tree | 3706a9cd779859271ca61b85c63a1bc3f82d626e /Documentation/networking | |
parent | a26272e5200765691e67d6780e52b32498fdb659 (diff) | |
parent | 2ec8c6bb5d8f3a62a79f463525054bae1e3d4487 (diff) |
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6: (1674 commits)
qlcnic: adding co maintainer
ixgbe: add support for active DA cables
ixgbe: dcb, do not tag tc_prio_control frames
ixgbe: fix ixgbe_tx_is_paused logic
ixgbe: always enable vlan strip/insert when DCB is enabled
ixgbe: remove some redundant code in setting FCoE FIP filter
ixgbe: fix wrong offset to fc_frame_header in ixgbe_fcoe_ddp
ixgbe: fix header len when unsplit packet overflows to data buffer
ipv6: Never schedule DAD timer on dead address
ipv6: Use POSTDAD state
ipv6: Use state_lock to protect ifa state
ipv6: Replace inet6_ifaddr->dead with state
cxgb4: notify upper drivers if the device is already up when they load
cxgb4: keep interrupts available when the ports are brought down
cxgb4: fix initial addition of MAC address
cnic: Return SPQ credit to bnx2x after ring setup and shutdown.
cnic: Convert cnic_local_flags to atomic ops.
can: Fix SJA1000 command register writes on SMP systems
bridge: fix build for CONFIG_SYSFS disabled
ARCNET: Limit com20020 PCI ID matches for SOHARD cards
...
Fix up various conflicts with pcmcia tree drivers/net/
{pcmcia/3c589_cs.c, wireless/orinoco/orinoco_cs.c and
wireless/orinoco/spectrum_cs.c} and feature removal
(Documentation/feature-removal-schedule.txt).
Also fix a non-content conflict due to pm_qos_requirement getting
renamed in the PM tree (now pm_qos_request) in net/mac80211/scan.c
Diffstat (limited to 'Documentation/networking')
-rw-r--r-- | Documentation/networking/caif/Linux-CAIF.txt | 212 | ||||
-rw-r--r-- | Documentation/networking/caif/README | 109 | ||||
-rw-r--r-- | Documentation/networking/ip-sysctl.txt | 31 | ||||
-rw-r--r-- | Documentation/networking/l2tp.txt | 247 | ||||
-rw-r--r-- | Documentation/networking/x25-iface.txt | 16 |
5 files changed, 573 insertions, 42 deletions
diff --git a/Documentation/networking/caif/Linux-CAIF.txt b/Documentation/networking/caif/Linux-CAIF.txt new file mode 100644 index 000000000000..7fe7a9a33a4f --- /dev/null +++ b/Documentation/networking/caif/Linux-CAIF.txt | |||
@@ -0,0 +1,212 @@ | |||
1 | Linux CAIF | ||
2 | =========== | ||
3 | copyright (C) ST-Ericsson AB 2010 | ||
4 | Author: Sjur Brendeland/ sjur.brandeland@stericsson.com | ||
5 | License terms: GNU General Public License (GPL) version 2 | ||
6 | |||
7 | |||
8 | Introduction | ||
9 | ------------ | ||
10 | CAIF is a MUX protocol used by ST-Ericsson cellular modems for | ||
11 | communication between Modem and host. The host processes can open virtual AT | ||
12 | channels, initiate GPRS Data connections, Video channels and Utility Channels. | ||
13 | The Utility Channels are general purpose pipes between modem and host. | ||
14 | |||
15 | ST-Ericsson modems support a number of transports between modem | ||
16 | and host. Currently, UART and Loopback are available for Linux. | ||
17 | |||
18 | |||
19 | Architecture: | ||
20 | ------------ | ||
21 | The implementation of CAIF is divided into: | ||
22 | * CAIF Socket Layer, Kernel API, and Net Device. | ||
23 | * CAIF Core Protocol Implementation | ||
24 | * CAIF Link Layer, implemented as NET devices. | ||
25 | |||
26 | |||
27 | RTNL | ||
28 | ! | ||
29 | ! +------+ +------+ +------+ | ||
30 | ! +------+! +------+! +------+! | ||
31 | ! ! Sock !! !Kernel!! ! Net !! | ||
32 | ! ! API !+ ! API !+ ! Dev !+ <- CAIF Client APIs | ||
33 | ! +------+ +------! +------+ | ||
34 | ! ! ! ! | ||
35 | ! +----------!----------+ | ||
36 | ! +------+ <- CAIF Protocol Implementation | ||
37 | +-------> ! CAIF ! | ||
38 | ! Core ! | ||
39 | +------+ | ||
40 | +--------!--------+ | ||
41 | ! ! | ||
42 | +------+ +-----+ | ||
43 | ! ! ! TTY ! <- Link Layer (Net Devices) | ||
44 | +------+ +-----+ | ||
45 | |||
46 | |||
47 | Using the Kernel API | ||
48 | ---------------------- | ||
49 | The Kernel API is used for accessing CAIF channels from the | ||
50 | kernel. | ||
51 | The user of the API has to implement two callbacks for receive | ||
52 | and control. | ||
53 | The receive callback gives a CAIF packet as a SKB. The control | ||
54 | callback will | ||
55 | notify of channel initialization complete, and flow-on/flow- | ||
56 | off. | ||
57 | |||
58 | |||
59 | struct caif_device caif_dev = { | ||
60 | .caif_config = { | ||
61 | .name = "MYDEV" | ||
62 | .type = CAIF_CHTY_AT | ||
63 | } | ||
64 | .receive_cb = my_receive, | ||
65 | .control_cb = my_control, | ||
66 | }; | ||
67 | caif_add_device(&caif_dev); | ||
68 | caif_transmit(&caif_dev, skb); | ||
69 | |||
70 | See the caif_kernel.h for details about the CAIF kernel API. | ||
71 | |||
72 | |||
73 | I M P L E M E N T A T I O N | ||
74 | =========================== | ||
75 | =========================== | ||
76 | |||
77 | CAIF Core Protocol Layer | ||
78 | ========================================= | ||
79 | |||
80 | CAIF Core layer implements the CAIF protocol as defined by ST-Ericsson. | ||
81 | It implements the CAIF protocol stack in a layered approach, where | ||
82 | each layer described in the specification is implemented as a separate layer. | ||
83 | The architecture is inspired by the design patterns "Protocol Layer" and | ||
84 | "Protocol Packet". | ||
85 | |||
86 | == CAIF structure == | ||
87 | The Core CAIF implementation contains: | ||
88 | - Simple implementation of CAIF. | ||
89 | - Layered architecture (a la Streams), each layer in the CAIF | ||
90 | specification is implemented in a separate c-file. | ||
91 | - Clients must implement PHY layer to access physical HW | ||
92 | with receive and transmit functions. | ||
93 | - Clients must call configuration function to add PHY layer. | ||
94 | - Clients must implement CAIF layer to consume/produce | ||
95 | CAIF payload with receive and transmit functions. | ||
96 | - Clients must call configuration function to add and connect the | ||
97 | Client layer. | ||
98 | - When receiving / transmitting CAIF Packets (cfpkt), ownership is passed | ||
99 | to the called function (except for framing layers' receive functions | ||
100 | or if a transmit function returns an error, in which case the caller | ||
101 | must free the packet). | ||
102 | |||
103 | Layered Architecture | ||
104 | -------------------- | ||
105 | The CAIF protocol can be divided into two parts: Support functions and Protocol | ||
106 | Implementation. The support functions include: | ||
107 | |||
108 | - CFPKT CAIF Packet. Implementation of CAIF Protocol Packet. The | ||
109 | CAIF Packet has functions for creating, destroying and adding content | ||
110 | and for adding/extracting header and trailers to protocol packets. | ||
111 | |||
112 | - CFLST CAIF list implementation. | ||
113 | |||
114 | - CFGLUE CAIF Glue. Contains OS Specifics, such as memory | ||
115 | allocation, endianness, etc. | ||
116 | |||
117 | The CAIF Protocol implementation contains: | ||
118 | |||
119 | - CFCNFG CAIF Configuration layer. Configures the CAIF Protocol | ||
120 | Stack and provides a Client interface for adding Link-Layer and | ||
121 | Driver interfaces on top of the CAIF Stack. | ||
122 | |||
123 | - CFCTRL CAIF Control layer. Encodes and Decodes control messages | ||
124 | such as enumeration and channel setup. Also matches request and | ||
125 | response messages. | ||
126 | |||
127 | - CFSERVL General CAIF Service Layer functionality; handles flow | ||
128 | control and remote shutdown requests. | ||
129 | |||
130 | - CFVEI CAIF VEI layer. Handles CAIF AT Channels on VEI (Virtual | ||
131 | External Interface). This layer encodes/decodes VEI frames. | ||
132 | |||
133 | - CFDGML CAIF Datagram layer. Handles CAIF Datagram layer (IP | ||
134 | traffic), encodes/decodes Datagram frames. | ||
135 | |||
136 | - CFMUX CAIF Mux layer. Handles multiplexing between multiple | ||
137 | physical bearers and multiple channels such as VEI, Datagram, etc. | ||
138 | The MUX keeps track of the existing CAIF Channels and | ||
139 | Physical Instances and selects the apropriate instance based | ||
140 | on Channel-Id and Physical-ID. | ||
141 | |||
142 | - CFFRML CAIF Framing layer. Handles Framing i.e. Frame length | ||
143 | and frame checksum. | ||
144 | |||
145 | - CFSERL CAIF Serial layer. Handles concatenation/split of frames | ||
146 | into CAIF Frames with correct length. | ||
147 | |||
148 | |||
149 | |||
150 | +---------+ | ||
151 | | Config | | ||
152 | | CFCNFG | | ||
153 | +---------+ | ||
154 | ! | ||
155 | +---------+ +---------+ +---------+ | ||
156 | | AT | | Control | | Datagram| | ||
157 | | CFVEIL | | CFCTRL | | CFDGML | | ||
158 | +---------+ +---------+ +---------+ | ||
159 | \_____________!______________/ | ||
160 | ! | ||
161 | +---------+ | ||
162 | | MUX | | ||
163 | | | | ||
164 | +---------+ | ||
165 | _____!_____ | ||
166 | / \ | ||
167 | +---------+ +---------+ | ||
168 | | CFFRML | | CFFRML | | ||
169 | | Framing | | Framing | | ||
170 | +---------+ +---------+ | ||
171 | ! ! | ||
172 | +---------+ +---------+ | ||
173 | | | | Serial | | ||
174 | | | | CFSERL | | ||
175 | +---------+ +---------+ | ||
176 | |||
177 | |||
178 | In this layered approach the following "rules" apply. | ||
179 | - All layers embed the same structure "struct cflayer" | ||
180 | - A layer does not depend on any other layer's private data. | ||
181 | - Layers are stacked by setting the pointers | ||
182 | layer->up , layer->dn | ||
183 | - In order to send data upwards, each layer should do | ||
184 | layer->up->receive(layer->up, packet); | ||
185 | - In order to send data downwards, each layer should do | ||
186 | layer->dn->transmit(layer->dn, packet); | ||
187 | |||
188 | |||
189 | Linux Driver Implementation | ||
190 | =========================== | ||
191 | |||
192 | Linux GPRS Net Device and CAIF socket are implemented on top of the | ||
193 | CAIF Core protocol. The Net device and CAIF socket have an instance of | ||
194 | 'struct cflayer', just like the CAIF Core protocol stack. | ||
195 | Net device and Socket implement the 'receive()' function defined by | ||
196 | 'struct cflayer', just like the rest of the CAIF stack. In this way, transmit and | ||
197 | receive of packets is handled as by the rest of the layers: the 'dn->transmit()' | ||
198 | function is called in order to transmit data. | ||
199 | |||
200 | The layer on top of the CAIF Core implementation is | ||
201 | sometimes referred to as the "Client layer". | ||
202 | |||
203 | |||
204 | Configuration of Link Layer | ||
205 | --------------------------- | ||
206 | The Link Layer is implemented as Linux net devices (struct net_device). | ||
207 | Payload handling and registration is done using standard Linux mechanisms. | ||
208 | |||
209 | The CAIF Protocol relies on a loss-less link layer without implementing | ||
210 | retransmission. This implies that packet drops must not happen. | ||
211 | Therefore a flow-control mechanism is implemented where the physical | ||
212 | interface can initiate flow stop for all CAIF Channels. | ||
diff --git a/Documentation/networking/caif/README b/Documentation/networking/caif/README new file mode 100644 index 000000000000..757ccfaa1385 --- /dev/null +++ b/Documentation/networking/caif/README | |||
@@ -0,0 +1,109 @@ | |||
1 | Copyright (C) ST-Ericsson AB 2010 | ||
2 | Author: Sjur Brendeland/ sjur.brandeland@stericsson.com | ||
3 | License terms: GNU General Public License (GPL) version 2 | ||
4 | --------------------------------------------------------- | ||
5 | |||
6 | === Start === | ||
7 | If you have compiled CAIF for modules do: | ||
8 | |||
9 | $modprobe crc_ccitt | ||
10 | $modprobe caif | ||
11 | $modprobe caif_socket | ||
12 | $modprobe chnl_net | ||
13 | |||
14 | |||
15 | === Preparing the setup with a STE modem === | ||
16 | |||
17 | If you are working on integration of CAIF you should make sure | ||
18 | that the kernel is built with module support. | ||
19 | |||
20 | There are some things that need to be tweaked to get the host TTY correctly | ||
21 | set up to talk to the modem. | ||
22 | Since the CAIF stack is running in the kernel and we want to use the existing | ||
23 | TTY, we are installing our physical serial driver as a line discipline above | ||
24 | the TTY device. | ||
25 | |||
26 | To achieve this we need to install the N_CAIF ldisc from user space. | ||
27 | The benefit is that we can hook up to any TTY. | ||
28 | |||
29 | The use of Start-of-frame-extension (STX) must also be set as | ||
30 | module parameter "ser_use_stx". | ||
31 | |||
32 | Normally Frame Checksum is always used on UART, but this is also provided as a | ||
33 | module parameter "ser_use_fcs". | ||
34 | |||
35 | $ modprobe caif_serial ser_ttyname=/dev/ttyS0 ser_use_stx=yes | ||
36 | $ ifconfig caif_ttyS0 up | ||
37 | |||
38 | PLEASE NOTE: There is a limitation in Android shell. | ||
39 | It only accepts one argument to insmod/modprobe! | ||
40 | |||
41 | === Trouble shooting === | ||
42 | |||
43 | There are debugfs parameters provided for serial communication. | ||
44 | /sys/kernel/debug/caif_serial/<tty-name>/ | ||
45 | |||
46 | * ser_state: Prints the bit-mask status where | ||
47 | - 0x02 means SENDING, this is a transient state. | ||
48 | - 0x10 means FLOW_OFF_SENT, i.e. the previous frame has not been sent | ||
49 | and is blocking further send operation. Flow OFF has been propagated | ||
50 | to all CAIF Channels using this TTY. | ||
51 | |||
52 | * tty_status: Prints the bit-mask tty status information | ||
53 | - 0x01 - tty->warned is on. | ||
54 | - 0x02 - tty->low_latency is on. | ||
55 | - 0x04 - tty->packed is on. | ||
56 | - 0x08 - tty->flow_stopped is on. | ||
57 | - 0x10 - tty->hw_stopped is on. | ||
58 | - 0x20 - tty->stopped is on. | ||
59 | |||
60 | * last_tx_msg: Binary blob Prints the last transmitted frame. | ||
61 | This can be printed with | ||
62 | $od --format=x1 /sys/kernel/debug/caif_serial/<tty>/last_rx_msg. | ||
63 | The first two tx messages sent look like this. Note: The initial | ||
64 | byte 02 is start of frame extension (STX) used for re-syncing | ||
65 | upon errors. | ||
66 | |||
67 | - Enumeration: | ||
68 | 0000000 02 05 00 00 03 01 d2 02 | ||
69 | | | | | | | | ||
70 | STX(1) | | | | | ||
71 | Length(2)| | | | ||
72 | Control Channel(1) | ||
73 | Command:Enumeration(1) | ||
74 | Link-ID(1) | ||
75 | Checksum(2) | ||
76 | - Channel Setup: | ||
77 | 0000000 02 07 00 00 00 21 a1 00 48 df | ||
78 | | | | | | | | | | ||
79 | STX(1) | | | | | | | ||
80 | Length(2)| | | | | | ||
81 | Control Channel(1) | ||
82 | Command:Channel Setup(1) | ||
83 | Channel Type(1) | ||
84 | Priority and Link-ID(1) | ||
85 | Endpoint(1) | ||
86 | Checksum(2) | ||
87 | |||
88 | * last_rx_msg: Prints the last transmitted frame. | ||
89 | The RX messages for LinkSetup look almost identical but they have the | ||
90 | bit 0x20 set in the command bit, and Channel Setup has added one byte | ||
91 | before Checksum containing Channel ID. | ||
92 | NOTE: Several CAIF Messages might be concatenated. The maximum debug | ||
93 | buffer size is 128 bytes. | ||
94 | |||
95 | == Error Scenarios: | ||
96 | - last_tx_msg contains channel setup message and last_rx_msg is empty -> | ||
97 | The host seems to be able to send over the UART, at least the CAIF ldisc get | ||
98 | notified that sending is completed. | ||
99 | |||
100 | - last_tx_msg contains enumeration message and last_rx_msg is empty -> | ||
101 | The host is not able to send the message from UART, the tty has not been | ||
102 | able to complete the transmit operation. | ||
103 | |||
104 | - if /sys/kernel/debug/caif_serial/<tty>/tty_status is non-zero there | ||
105 | might be problems transmitting over UART. | ||
106 | E.g. host and modem wiring is not correct you will typically see | ||
107 | tty_status = 0x10 (hw_stopped) and ser_state = 0x10 (FLOW_OFF_SENT). | ||
108 | You will probably see the enumeration message in last_tx_message | ||
109 | and empty last_rx_message. | ||
diff --git a/Documentation/networking/ip-sysctl.txt b/Documentation/networking/ip-sysctl.txt index 8b72c88ba213..d0536b5a4e01 100644 --- a/Documentation/networking/ip-sysctl.txt +++ b/Documentation/networking/ip-sysctl.txt | |||
@@ -588,6 +588,37 @@ ip_local_port_range - 2 INTEGERS | |||
588 | (i.e. by default) range 1024-4999 is enough to issue up to | 588 | (i.e. by default) range 1024-4999 is enough to issue up to |
589 | 2000 connections per second to systems supporting timestamps. | 589 | 2000 connections per second to systems supporting timestamps. |
590 | 590 | ||
591 | ip_local_reserved_ports - list of comma separated ranges | ||
592 | Specify the ports which are reserved for known third-party | ||
593 | applications. These ports will not be used by automatic port | ||
594 | assignments (e.g. when calling connect() or bind() with port | ||
595 | number 0). Explicit port allocation behavior is unchanged. | ||
596 | |||
597 | The format used for both input and output is a comma separated | ||
598 | list of ranges (e.g. "1,2-4,10-10" for ports 1, 2, 3, 4 and | ||
599 | 10). Writing to the file will clear all previously reserved | ||
600 | ports and update the current list with the one given in the | ||
601 | input. | ||
602 | |||
603 | Note that ip_local_port_range and ip_local_reserved_ports | ||
604 | settings are independent and both are considered by the kernel | ||
605 | when determining which ports are available for automatic port | ||
606 | assignments. | ||
607 | |||
608 | You can reserve ports which are not in the current | ||
609 | ip_local_port_range, e.g.: | ||
610 | |||
611 | $ cat /proc/sys/net/ipv4/ip_local_port_range | ||
612 | 32000 61000 | ||
613 | $ cat /proc/sys/net/ipv4/ip_local_reserved_ports | ||
614 | 8080,9148 | ||
615 | |||
616 | although this is redundant. However such a setting is useful | ||
617 | if later the port range is changed to a value that will | ||
618 | include the reserved ports. | ||
619 | |||
620 | Default: Empty | ||
621 | |||
591 | ip_nonlocal_bind - BOOLEAN | 622 | ip_nonlocal_bind - BOOLEAN |
592 | If set, allows processes to bind() to non-local IP addresses, | 623 | If set, allows processes to bind() to non-local IP addresses, |
593 | which can be quite useful - but may break some applications. | 624 | which can be quite useful - but may break some applications. |
diff --git a/Documentation/networking/l2tp.txt b/Documentation/networking/l2tp.txt index 63214b280e00..e7bf3979facb 100644 --- a/Documentation/networking/l2tp.txt +++ b/Documentation/networking/l2tp.txt | |||
@@ -1,44 +1,95 @@ | |||
1 | This brief document describes how to use the kernel's PPPoL2TP driver | 1 | This document describes how to use the kernel's L2TP drivers to |
2 | to provide L2TP functionality. L2TP is a protocol that tunnels one or | 2 | provide L2TP functionality. L2TP is a protocol that tunnels one or |
3 | more PPP sessions over a UDP tunnel. It is commonly used for VPNs | 3 | more sessions over an IP tunnel. It is commonly used for VPNs |
4 | (L2TP/IPSec) and by ISPs to tunnel subscriber PPP sessions over an IP | 4 | (L2TP/IPSec) and by ISPs to tunnel subscriber PPP sessions over an IP |
5 | network infrastructure. | 5 | network infrastructure. With L2TPv3, it is also useful as a Layer-2 |
6 | tunneling infrastructure. | ||
7 | |||
8 | Features | ||
9 | ======== | ||
10 | |||
11 | L2TPv2 (PPP over L2TP (UDP tunnels)). | ||
12 | L2TPv3 ethernet pseudowires. | ||
13 | L2TPv3 PPP pseudowires. | ||
14 | L2TPv3 IP encapsulation. | ||
15 | Netlink sockets for L2TPv3 configuration management. | ||
16 | |||
17 | History | ||
18 | ======= | ||
19 | |||
20 | The original pppol2tp driver was introduced in 2.6.23 and provided | ||
21 | L2TPv2 functionality (rfc2661). L2TPv2 is used to tunnel one or more PPP | ||
22 | sessions over a UDP tunnel. | ||
23 | |||
24 | L2TPv3 (rfc3931) changes the protocol to allow different frame types | ||
25 | to be passed over an L2TP tunnel by moving the PPP-specific parts of | ||
26 | the protocol out of the core L2TP packet headers. Each frame type is | ||
27 | known as a pseudowire type. Ethernet, PPP, HDLC, Frame Relay and ATM | ||
28 | pseudowires for L2TP are defined in separate RFC standards. Another | ||
29 | change for L2TPv3 is that it can be carried directly over IP with no | ||
30 | UDP header (UDP is optional). It is also possible to create static | ||
31 | unmanaged L2TPv3 tunnels manually without a control protocol | ||
32 | (userspace daemon) to manage them. | ||
33 | |||
34 | To support L2TPv3, the original pppol2tp driver was split up to | ||
35 | separate the L2TP and PPP functionality. Existing L2TPv2 userspace | ||
36 | apps should be unaffected as the original pppol2tp sockets API is | ||
37 | retained. L2TPv3, however, uses netlink to manage L2TPv3 tunnels and | ||
38 | sessions. | ||
6 | 39 | ||
7 | Design | 40 | Design |
8 | ====== | 41 | ====== |
9 | 42 | ||
10 | The PPPoL2TP driver, drivers/net/pppol2tp.c, provides a mechanism by | 43 | The L2TP protocol separates control and data frames. The L2TP kernel |
11 | which PPP frames carried through an L2TP session are passed through | 44 | drivers handle only L2TP data frames; control frames are always |
12 | the kernel's PPP subsystem. The standard PPP daemon, pppd, handles all | 45 | handled by userspace. L2TP control frames carry messages between L2TP |
13 | PPP interaction with the peer. PPP network interfaces are created for | 46 | clients/servers and are used to setup / teardown tunnels and |
14 | each local PPP endpoint. | 47 | sessions. An L2TP client or server is implemented in userspace. |
15 | 48 | ||
16 | The L2TP protocol http://www.faqs.org/rfcs/rfc2661.html defines L2TP | 49 | Each L2TP tunnel is implemented using a UDP or L2TPIP socket; L2TPIP |
17 | control and data frames. L2TP control frames carry messages between | 50 | provides L2TPv3 IP encapsulation (no UDP) and is implemented using a |
18 | L2TP clients/servers and are used to setup / teardown tunnels and | 51 | new l2tpip socket family. The tunnel socket is typically created by |
19 | sessions. An L2TP client or server is implemented in userspace and | 52 | userspace, though for unmanaged L2TPv3 tunnels, the socket can also be |
20 | will use a regular UDP socket per tunnel. L2TP data frames carry PPP | 53 | created by the kernel. Each L2TP session (pseudowire) gets a network |
21 | frames, which may be PPP control or PPP data. The kernel's PPP | 54 | interface instance. In the case of PPP, these interfaces are created |
55 | indirectly by pppd using a pppol2tp socket. In the case of ethernet, | ||
56 | the netdevice is created upon a netlink request to create an L2TPv3 | ||
57 | ethernet pseudowire. | ||
58 | |||
59 | For PPP, the PPPoL2TP driver, net/l2tp/l2tp_ppp.c, provides a | ||
60 | mechanism by which PPP frames carried through an L2TP session are | ||
61 | passed through the kernel's PPP subsystem. The standard PPP daemon, | ||
62 | pppd, handles all PPP interaction with the peer. PPP network | ||
63 | interfaces are created for each local PPP endpoint. The kernel's PPP | ||
22 | subsystem arranges for PPP control frames to be delivered to pppd, | 64 | subsystem arranges for PPP control frames to be delivered to pppd, |
23 | while data frames are forwarded as usual. | 65 | while data frames are forwarded as usual. |
24 | 66 | ||
67 | For ethernet, the L2TPETH driver, net/l2tp/l2tp_eth.c, implements a | ||
68 | netdevice driver, managing virtual ethernet devices, one per | ||
69 | pseudowire. These interfaces can be managed using standard Linux tools | ||
70 | such as "ip" and "ifconfig". If only IP frames are passed over the | ||
71 | tunnel, the interface can be given an IP addresses of itself and its | ||
72 | peer. If non-IP frames are to be passed over the tunnel, the interface | ||
73 | can be added to a bridge using brctl. All L2TP datapath protocol | ||
74 | functions are handled by the L2TP core driver. | ||
75 | |||
25 | Each tunnel and session within a tunnel is assigned a unique tunnel_id | 76 | Each tunnel and session within a tunnel is assigned a unique tunnel_id |
26 | and session_id. These ids are carried in the L2TP header of every | 77 | and session_id. These ids are carried in the L2TP header of every |
27 | control and data packet. The pppol2tp driver uses them to lookup | 78 | control and data packet. (Actually, in L2TPv3, the tunnel_id isn't |
28 | internal tunnel and/or session contexts. Zero tunnel / session ids are | 79 | present in data frames - it is inferred from the IP connection on |
29 | treated specially - zero ids are never assigned to tunnels or sessions | 80 | which the packet was received.) The L2TP driver uses the ids to lookup |
30 | in the network. In the driver, the tunnel context keeps a pointer to | 81 | internal tunnel and/or session contexts to determine how to handle the |
31 | the tunnel UDP socket. The session context keeps a pointer to the | 82 | packet. Zero tunnel / session ids are treated specially - zero ids are |
32 | PPPoL2TP socket, as well as other data that lets the driver interface | 83 | never assigned to tunnels or sessions in the network. In the driver, |
33 | to the kernel PPP subsystem. | 84 | the tunnel context keeps a reference to the tunnel UDP or L2TPIP |
34 | 85 | socket. The session context holds data that lets the driver interface | |
35 | Note that the pppol2tp kernel driver handles only L2TP data frames; | 86 | to the kernel's network frame type subsystems, i.e. PPP, ethernet. |
36 | L2TP control frames are simply passed up to userspace in the UDP | 87 | |
37 | tunnel socket. The kernel handles all datapath aspects of the | 88 | Userspace Programming |
38 | protocol, including data packet resequencing (if enabled). | 89 | ===================== |
39 | 90 | ||
40 | There are a number of requirements on the userspace L2TP daemon in | 91 | For L2TPv2, there are a number of requirements on the userspace L2TP |
41 | order to use the pppol2tp driver. | 92 | daemon in order to use the pppol2tp driver. |
42 | 93 | ||
43 | 1. Use a UDP socket per tunnel. | 94 | 1. Use a UDP socket per tunnel. |
44 | 95 | ||
@@ -86,6 +137,35 @@ In addition to the standard PPP ioctls, a PPPIOCGL2TPSTATS is provided | |||
86 | to retrieve tunnel and session statistics from the kernel using the | 137 | to retrieve tunnel and session statistics from the kernel using the |
87 | PPPoX socket of the appropriate tunnel or session. | 138 | PPPoX socket of the appropriate tunnel or session. |
88 | 139 | ||
140 | For L2TPv3, userspace must use the netlink API defined in | ||
141 | include/linux/l2tp.h to manage tunnel and session contexts. The | ||
142 | general procedure to create a new L2TP tunnel with one session is:- | ||
143 | |||
144 | 1. Open a GENL socket using L2TP_GENL_NAME for configuring the kernel | ||
145 | using netlink. | ||
146 | |||
147 | 2. Create a UDP or L2TPIP socket for the tunnel. | ||
148 | |||
149 | 3. Create a new L2TP tunnel using a L2TP_CMD_TUNNEL_CREATE | ||
150 | request. Set attributes according to desired tunnel parameters, | ||
151 | referencing the UDP or L2TPIP socket created in the previous step. | ||
152 | |||
153 | 4. Create a new L2TP session in the tunnel using a | ||
154 | L2TP_CMD_SESSION_CREATE request. | ||
155 | |||
156 | The tunnel and all of its sessions are closed when the tunnel socket | ||
157 | is closed. The netlink API may also be used to delete sessions and | ||
158 | tunnels. Configuration and status info may be set or read using netlink. | ||
159 | |||
160 | The L2TP driver also supports static (unmanaged) L2TPv3 tunnels. These | ||
161 | are where there is no L2TP control message exchange with the peer to | ||
162 | setup the tunnel; the tunnel is configured manually at each end of the | ||
163 | tunnel. There is no need for an L2TP userspace application in this | ||
164 | case -- the tunnel socket is created by the kernel and configured | ||
165 | using parameters sent in the L2TP_CMD_TUNNEL_CREATE netlink | ||
166 | request. The "ip" utility of iproute2 has commands for managing static | ||
167 | L2TPv3 tunnels; do "ip l2tp help" for more information. | ||
168 | |||
89 | Debugging | 169 | Debugging |
90 | ========= | 170 | ========= |
91 | 171 | ||
@@ -102,6 +182,69 @@ PPPOL2TP_MSG_CONTROL userspace - kernel interface | |||
102 | PPPOL2TP_MSG_SEQ sequence numbers handling | 182 | PPPOL2TP_MSG_SEQ sequence numbers handling |
103 | PPPOL2TP_MSG_DATA data packets | 183 | PPPOL2TP_MSG_DATA data packets |
104 | 184 | ||
185 | If enabled, files under a l2tp debugfs directory can be used to dump | ||
186 | kernel state about L2TP tunnels and sessions. To access it, the | ||
187 | debugfs filesystem must first be mounted. | ||
188 | |||
189 | # mount -t debugfs debugfs /debug | ||
190 | |||
191 | Files under the l2tp directory can then be accessed. | ||
192 | |||
193 | # cat /debug/l2tp/tunnels | ||
194 | |||
195 | The debugfs files should not be used by applications to obtain L2TP | ||
196 | state information because the file format is subject to change. It is | ||
197 | implemented to provide extra debug information to help diagnose | ||
198 | problems.) Users should use the netlink API. | ||
199 | |||
200 | /proc/net/pppol2tp is also provided for backwards compaibility with | ||
201 | the original pppol2tp driver. It lists information about L2TPv2 | ||
202 | tunnels and sessions only. Its use is discouraged. | ||
203 | |||
204 | Unmanaged L2TPv3 Tunnels | ||
205 | ======================== | ||
206 | |||
207 | Some commercial L2TP products support unmanaged L2TPv3 ethernet | ||
208 | tunnels, where there is no L2TP control protocol; tunnels are | ||
209 | configured at each side manually. New commands are available in | ||
210 | iproute2's ip utility to support this. | ||
211 | |||
212 | To create an L2TPv3 ethernet pseudowire between local host 192.168.1.1 | ||
213 | and peer 192.168.1.2, using IP addresses 10.5.1.1 and 10.5.1.2 for the | ||
214 | tunnel endpoints:- | ||
215 | |||
216 | # modprobe l2tp_eth | ||
217 | # modprobe l2tp_netlink | ||
218 | |||
219 | # ip l2tp add tunnel tunnel_id 1 peer_tunnel_id 1 udp_sport 5000 \ | ||
220 | udp_dport 5000 encap udp local 192.168.1.1 remote 192.168.1.2 | ||
221 | # ip l2tp add session tunnel_id 1 session_id 1 peer_session_id 1 | ||
222 | # ifconfig -a | ||
223 | # ip addr add 10.5.1.2/32 peer 10.5.1.1/32 dev l2tpeth0 | ||
224 | # ifconfig l2tpeth0 up | ||
225 | |||
226 | Choose IP addresses to be the address of a local IP interface and that | ||
227 | of the remote system. The IP addresses of the l2tpeth0 interface can be | ||
228 | anything suitable. | ||
229 | |||
230 | Repeat the above at the peer, with ports, tunnel/session ids and IP | ||
231 | addresses reversed. The tunnel and session IDs can be any non-zero | ||
232 | 32-bit number, but the values must be reversed at the peer. | ||
233 | |||
234 | Host 1 Host2 | ||
235 | udp_sport=5000 udp_sport=5001 | ||
236 | udp_dport=5001 udp_dport=5000 | ||
237 | tunnel_id=42 tunnel_id=45 | ||
238 | peer_tunnel_id=45 peer_tunnel_id=42 | ||
239 | session_id=128 session_id=5196755 | ||
240 | peer_session_id=5196755 peer_session_id=128 | ||
241 | |||
242 | When done at both ends of the tunnel, it should be possible to send | ||
243 | data over the network. e.g. | ||
244 | |||
245 | # ping 10.5.1.1 | ||
246 | |||
247 | |||
105 | Sample Userspace Code | 248 | Sample Userspace Code |
106 | ===================== | 249 | ===================== |
107 | 250 | ||
@@ -158,12 +301,48 @@ Sample Userspace Code | |||
158 | } | 301 | } |
159 | return 0; | 302 | return 0; |
160 | 303 | ||
304 | Internal Implementation | ||
305 | ======================= | ||
306 | |||
307 | The driver keeps a struct l2tp_tunnel context per L2TP tunnel and a | ||
308 | struct l2tp_session context for each session. The l2tp_tunnel is | ||
309 | always associated with a UDP or L2TP/IP socket and keeps a list of | ||
310 | sessions in the tunnel. The l2tp_session context keeps kernel state | ||
311 | about the session. It has private data which is used for data specific | ||
312 | to the session type. With L2TPv2, the session always carried PPP | ||
313 | traffic. With L2TPv3, the session can also carry ethernet frames | ||
314 | (ethernet pseudowire) or other data types such as ATM, HDLC or Frame | ||
315 | Relay. | ||
316 | |||
317 | When a tunnel is first opened, the reference count on the socket is | ||
318 | increased using sock_hold(). This ensures that the kernel socket | ||
319 | cannot be removed while L2TP's data structures reference it. | ||
320 | |||
321 | Some L2TP sessions also have a socket (PPP pseudowires) while others | ||
322 | do not (ethernet pseudowires). We can't use the socket reference count | ||
323 | as the reference count for session contexts. The L2TP implementation | ||
324 | therefore has its own internal reference counts on the session | ||
325 | contexts. | ||
326 | |||
327 | To Do | ||
328 | ===== | ||
329 | |||
330 | Add L2TP tunnel switching support. This would route tunneled traffic | ||
331 | from one L2TP tunnel into another. Specified in | ||
332 | http://tools.ietf.org/html/draft-ietf-l2tpext-tunnel-switching-08 | ||
333 | |||
334 | Add L2TPv3 VLAN pseudowire support. | ||
335 | |||
336 | Add L2TPv3 IP pseudowire support. | ||
337 | |||
338 | Add L2TPv3 ATM pseudowire support. | ||
339 | |||
161 | Miscellaneous | 340 | Miscellaneous |
162 | ============ | 341 | ============= |
163 | 342 | ||
164 | The PPPoL2TP driver was developed as part of the OpenL2TP project by | 343 | The L2TP drivers were developed as part of the OpenL2TP project by |
165 | Katalix Systems Ltd. OpenL2TP is a full-featured L2TP client / server, | 344 | Katalix Systems Ltd. OpenL2TP is a full-featured L2TP client / server, |
166 | designed from the ground up to have the L2TP datapath in the | 345 | designed from the ground up to have the L2TP datapath in the |
167 | kernel. The project also implemented the pppol2tp plugin for pppd | 346 | kernel. The project also implemented the pppol2tp plugin for pppd |
168 | which allows pppd to use the kernel driver. Details can be found at | 347 | which allows pppd to use the kernel driver. Details can be found at |
169 | http://openl2tp.sourceforge.net. | 348 | http://www.openl2tp.org. |
diff --git a/Documentation/networking/x25-iface.txt b/Documentation/networking/x25-iface.txt index 975cc87ebdd1..78f662ee0622 100644 --- a/Documentation/networking/x25-iface.txt +++ b/Documentation/networking/x25-iface.txt | |||
@@ -20,23 +20,23 @@ the rest of the skbuff, if any more information does exist. | |||
20 | Packet Layer to Device Driver | 20 | Packet Layer to Device Driver |
21 | ----------------------------- | 21 | ----------------------------- |
22 | 22 | ||
23 | First Byte = 0x00 | 23 | First Byte = 0x00 (X25_IFACE_DATA) |
24 | 24 | ||
25 | This indicates that the rest of the skbuff contains data to be transmitted | 25 | This indicates that the rest of the skbuff contains data to be transmitted |
26 | over the LAPB link. The LAPB link should already exist before any data is | 26 | over the LAPB link. The LAPB link should already exist before any data is |
27 | passed down. | 27 | passed down. |
28 | 28 | ||
29 | First Byte = 0x01 | 29 | First Byte = 0x01 (X25_IFACE_CONNECT) |
30 | 30 | ||
31 | Establish the LAPB link. If the link is already established then the connect | 31 | Establish the LAPB link. If the link is already established then the connect |
32 | confirmation message should be returned as soon as possible. | 32 | confirmation message should be returned as soon as possible. |
33 | 33 | ||
34 | First Byte = 0x02 | 34 | First Byte = 0x02 (X25_IFACE_DISCONNECT) |
35 | 35 | ||
36 | Terminate the LAPB link. If it is already disconnected then the disconnect | 36 | Terminate the LAPB link. If it is already disconnected then the disconnect |
37 | confirmation message should be returned as soon as possible. | 37 | confirmation message should be returned as soon as possible. |
38 | 38 | ||
39 | First Byte = 0x03 | 39 | First Byte = 0x03 (X25_IFACE_PARAMS) |
40 | 40 | ||
41 | LAPB parameters. To be defined. | 41 | LAPB parameters. To be defined. |
42 | 42 | ||
@@ -44,22 +44,22 @@ LAPB parameters. To be defined. | |||
44 | Device Driver to Packet Layer | 44 | Device Driver to Packet Layer |
45 | ----------------------------- | 45 | ----------------------------- |
46 | 46 | ||
47 | First Byte = 0x00 | 47 | First Byte = 0x00 (X25_IFACE_DATA) |
48 | 48 | ||
49 | This indicates that the rest of the skbuff contains data that has been | 49 | This indicates that the rest of the skbuff contains data that has been |
50 | received over the LAPB link. | 50 | received over the LAPB link. |
51 | 51 | ||
52 | First Byte = 0x01 | 52 | First Byte = 0x01 (X25_IFACE_CONNECT) |
53 | 53 | ||
54 | LAPB link has been established. The same message is used for both a LAPB | 54 | LAPB link has been established. The same message is used for both a LAPB |
55 | link connect_confirmation and a connect_indication. | 55 | link connect_confirmation and a connect_indication. |
56 | 56 | ||
57 | First Byte = 0x02 | 57 | First Byte = 0x02 (X25_IFACE_DISCONNECT) |
58 | 58 | ||
59 | LAPB link has been terminated. This same message is used for both a LAPB | 59 | LAPB link has been terminated. This same message is used for both a LAPB |
60 | link disconnect_confirmation and a disconnect_indication. | 60 | link disconnect_confirmation and a disconnect_indication. |
61 | 61 | ||
62 | First Byte = 0x03 | 62 | First Byte = 0x03 (X25_IFACE_PARAMS) |
63 | 63 | ||
64 | LAPB parameters. To be defined. | 64 | LAPB parameters. To be defined. |
65 | 65 | ||