Advanced packet-handling configuration

Red Hat Enterprise Linux 8.6 LPAR mode z/VM guest

Use VNIC characteristics to control how OSA or HiperSockets devices in layer 2 mode handle special scenarios, for example, packets with unknown MAC addresses, address takeover, or traffic with bridge ports.

Before you begin

  • See your IBM® Z hardware documentation about support for VNIC characteristics. Support might differ for OSA and HiperSockets devices.
  • VNIC characteristics are supported for layer 2 mode only.
  • VNIC characteristics cannot be configured on devices that are configured as bridge ports.

About this task

You can configure and fine-tune a promiscuous mode for incoming packets. You can configure the device to receive all packets regardless of the MAC address, or you can reject incoming multicast packets, or broadcast packets, or both.

For Linux® instances that host multiple guest operating systems with different MAC addresses, you can configure the device to learn and handle these MAC addresses. The device then provides functions similar to a switch or to a software bridge.

The VNIC characteristics also include settings that can protect the MAC address of the device from being taken over by another device. You can deny takeover, or you can explicitly permit takeover to facilitate migration, for example in a recovery situation.

The VNIC characteristics of a qeth device are represented by sysfs attributes in /sys/devices/qeth/<device_bus_id>/vnicc:
flooding
With flooding enabled, the device receives packets to any unknown destination MAC address. Valid values are 0 for disabled and 1 for enabled. By default, flooding is disabled.

For a shared OSA adapter, flooding applies to traffic between the physical port and the OSA interfaces, but not to communication between the interfaces that share the adapter. Enable learning to configure bridge-like behavior of shared OSA adapters.

An OSA Express adapter can support a maximum of 64 devices with flooding enabled.

mcast_flooding
With multicast flooding enabled, the device receives packets to any multicast MAC addresses. Valid values are 0 for disabled and 1 for enabled. By default, multicast flooding is disabled and the device receives only packets to multicast MAC addresses to which it has previously registered.
rx_bcast
With broadcast receiving enabled, the device receives packets with the broadcast destination MAC address. Valid values are 0 for disabled and 1 for enabled. By default, the device is enabled to receive broadcast packets.
learning
With learning enabled, the device assembles a list of source MAC addresses of outgoing packets. The device then receives incoming packets to any MAC address in the list. Valid values are 0 for disabled and 1 for enabled. By default, learning is disabled.

A MAC address is added to the list unless it has been explicitly assigned to another device on the same channel. An exception are addresses of devices on which the takeover_learning characteristic is set. Such devices surrender their address to a learning device. If an address is already listed by a different learning device on the same channel, the address is removed from that learning device's list. Explicitly configuring a MAC address on a different device removes the address from the learning device list.

A learned MAC address is dropped from the list of learned MAC addresses unless packets with this MAC address are sent within a specific timeout period. The default timeout period is 600 s. You can specify a different timeout period with the learning_timeout attribute.

takeover_setvmac
With this option enabled, the device's MAC address can be configured on a different device, without notification. Valid values are 0 for disabled and 1 for enabled. By default, this option is disabled and the MAC address cannot be configured on a different device.
takeover_learning
With takeover by learning enabled, the MAC address of this device can be learned on a different device and, thus, taken over by this other device, without notification. Valid values are 0 for disabled and 1 for enabled. By default, takeover by learning is disabled.
bridge_invisible
With bridge-port invisible enabled, packets are not transferred between the device and any other device that is configured as a bridge port. Valid values are 0 for disabled and 1 for enabled. By default, this option is disabled and, thus, traffic to and from bridge ports is permitted.

This characteristic applies to HiperSockets devices only.

learning_timeout
With learning enabled, this attribute specifies a timeout period, in seconds. A MAC address is dropped from the list of learned MAC addresses if this timeout period expires without any packets with this MAC address being received.

You can set this timeout period by writing a value in the range 60 - 86400 to the attribute. The default is 600. The timeout must be set before learning is enabled on the device.

Procedure

  1. Optional: To read a VNIC characteristic setting from sysfs, issue a command of this form:
    # cat /sys/devices/qeth/<device_bus_id>/vnicc/<attribute>
    where <device_bus_id> is the device-bus ID of the qeth device and <attribute> is one of the attributes that represent the VNIC characteristics.
    Example:
    # cat /sys/devices/qeth/0.0.a016/vnicc/learning
    0
    Tip: For an overview of all VNIC characteristics of the device, find the interface name of the device, then use the lsqeth command, or lszdev -i <dev_bus_ID>.
    Example:
    # cat /sys/devices/qeth/0.0.a016/if_name
    enca160
    # lsqeth enca160 | grep vnicc
            vnicc/bridge_invisible   : 0
            vnicc/flooding           : 0
            vnicc/learning           : 0
            vnicc/learning_timeout   : 600
            vnicc/mcast_flooding     : 1
            vnicc/rx_bcast           : 1
            vnicc/takeover_learning  : 0
            vnicc/takeover_setvmac   : 0
  2. To set a VNIC characteristic issue a command of this form:
    # chzdev <device_bus_id> vnicc/<attribute>=<value>
    where <device_bus_id> is the device-bus ID of the qeth device, <attribute> is one of the attributes that represent the VNIC characteristics, and <value> is the value to be set.

    This setting persists across re-boots. To apply this setting to the running system only, use the chzdev command with the -a option or use the corresponding sysfs attribute.

    Example: In this example, learning is enabled for a device with bus-ID 0.0.a016.
    # chzdev 0.0.a016 vnicc/learning=1
    or, using sysfs:
    # echo 1 > /sys/devices/qeth/0.0.a016/vnicc/learning

Example

This example shows a typical configuration for a bridge-like behavior of the device.

# lsqeth enca160 | grep vnicc
        vnicc/bridge_invisible   : 0
        vnicc/flooding           : 1
        vnicc/learning           : 1
        vnicc/learning_timeout   : 600
        vnicc/mcast_flooding     : 1
        vnicc/rx_bcast           : 1
        vnicc/takeover_learning  : 1
        vnicc/takeover_setvmac   : 1