Lines Matching +full:add +full:- +full:device
1 .. SPDX-License-Identifier: GPL-2.0
13 exception of using L3 for mux-ing /demux-ing among slaves. This property makes
14 the master device share the L2 with its slave devices. I have developed this
34 ip link add link <master> name <slave> type ipvlan [ mode MODE ] [ FLAGS ]
44 bash# ip link add link eth0 name ipvl0 type ipvlan
47 bash# ip link add link eth0 name ipvl0 type ipvlan mode l2 bridge
49 (c) This command will create an IPvlan device in L2 private mode::
51 bash# ip link add link eth0 name ipvlan type ipvlan mode l2 private
53 (d) This command will create an IPvlan device in L2 vepa mode::
55 bash# ip link add link eth0 name ipvlan type ipvlan mode l2 vepa
61 IPvlan has two modes of operation - L2 and L3. For a given master device,
69 ------------
72 slave device and packets are switched and queued to the master device to send
77 ------------
80 to the slave device and packets are switched to the stack instance of the
81 master device for the L2 processing and routing from that instance will be
82 used before packets are queued on the outbound device. In this mode the slaves
86 -------------
88 This is very similar to the L3 mode except that iptables (conn-tracking)
89 works in this mode and hence it is L3-symmetric (L3s). This will have slightly less
90 performance but that shouldn't matter since you are choosing this mode over plain-L3
91 mode to make conn-tracking work.
99 -----------
101 user can choose to either add this option on the command-line or don't specify
102 anything. This is the traditional mode where slaves can cross-talk among
103 themselves apart from talking through the master device.
106 ------------
107 If this option is added to the command-line, the port is set in private
111 ---------
112 If this is added to the command-line, the port is set in VEPA mode.
115 Note: VEPA mode in IPvlan has limitations. IPvlan uses the mac-address of the
116 master-device, so the packets which are emitted in this mode for the adjacent
124 case could very well define which device to choose. if one of the following
132 (c) If the slave device is to be put into the hostile / untrusted network
144 | +----------------------+ +----------------------+ |
149 | +----------#-----------+ +-----------#----------+ |
156 (a) Create two network namespaces - ns0, ns1::
158 ip netns add ns0
159 ip netns add ns1
161 (b) Create two ipvlan slaves on eth0 (master device)::
163 ip link add link eth0 ipvl0 type ipvlan mode l2
164 ip link add link eth0 ipvl1 type ipvlan mode l2
173 - For ns0::
178 (4) ip -4 addr add 127.0.0.1 dev lo
179 (5) ip -4 addr add $IPADDR dev ipvl0
180 (6) ip -4 route add default via $ROUTER dev ipvl0
182 - For ns1::
187 (4) ip -4 addr add 127.0.0.1 dev lo
188 (5) ip -4 addr add $IPADDR dev ipvl1
189 (6) ip -4 route add default via $ROUTER dev ipvl1