|View Issue Details|
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0012653||CentOS-7||kernel||public||2017-01-14 12:02||2017-02-14 16:58|
|Target Version||Fixed in Version|
|Summary||0012653: VLAN filter unconditionnaly disabled in ixgbe with kernel-3.10.0-514.2.2|
|Description||The kernel distributed with 7.3.1611 doesn't include patch f60439bc21e3337429838e477903214f5bd8277f (https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f60439bc21e3337429838e477903214f5bd8277f).|
The VLAN filter on ixgbe cards is unconditionnaly disabled, making SR-IOV virtual functions unusable as they will all receive all traffic instead of being filtered on a vlan tag as expected.
(The bug doesn't happen on previous kernels, where the vlan filter was unconditionnaly enabled, or on a mainline kernel, which has this fix)
|Steps To Reproduce||1. Enable SR-IOV on an ixgbe NIC: `echo 2 > /sys/class/net/<device>/device/sriov_numvfs`|
2. Assign a vlan to one of its vfs: `ip link set <device> vf 1 vlan 4`
3. dump traffic on the vf: packets from all vlans are displayed. Especially visible with IPv6 RAs in SLAAC mode, where the interface will configure addresses from all available vlans that advertise it.
|Tags||No tags attached.|
We will try to get the patch into the next update to the centosplus kernel.
The fix for the distro kernel must come from RH. Could you file a bug report upstream at http://bugzilla.redhat.com ?
The patch is in the plus kernel as of 3.10.0-514.6.1.el7.
Will close this as 'resolved' for now. If/when the upstream (RHEL) kernel gets fixed, we will add a note here.
|2017-01-14 12:02||natolumin||New Issue|
|2017-01-14 15:45||toracat||Status||new => assigned|
|2017-01-14 15:45||toracat||Note Added: 0028359|
|2017-02-14 16:58||toracat||Status||assigned => resolved|
|2017-02-14 16:58||toracat||Resolution||open => fixed|
|2017-02-14 16:58||toracat||Note Added: 0028573|