@@ -18,14 +18,14 @@ clone git golang.org/x/net 3cffabab72adf04f8e3b01c5baf775361837b5fe https://gith

 clone hg code.google.com/p/gosqlite 74691fb6f837

 #get libnetwork packages

-clone git github.com/docker/libnetwork 4c14cd316f40f16bc1c17e420b18a1902dc575a7

+clone git github.com/docker/libnetwork 0517ceae7dea82ded435b99af810efa27b56de73

 clone git github.com/armon/go-metrics eb0af217e5e9747e41dd5303755356b62d28e3ec

 clone git github.com/hashicorp/go-msgpack 71c2886f5a673a35f909803f38ece5810165097b

 clone git github.com/hashicorp/memberlist 9a1e242e454d2443df330bdd51a436d5a9058fc4

 clone git github.com/hashicorp/serf 7151adcef72687bf95f451a2e0ba15cb19412bf2

-clone git github.com/docker/libkv e8cde779d58273d240c1eff065352a6cd67027dd

-clone git github.com/vishvananda/netns 5478c060110032f972e86a1f844fdb9a2f008f2c

-clone git github.com/vishvananda/netlink 8eb64238879fed52fd51c5b30ad20b928fb4c36c

+clone git github.com/docker/libkv 60c7c881345b3c67defc7f93a8297debf041d43c

+clone git github.com/vishvananda/netns 493029407eeb434d0c2d44e02ea072ff2488d322

+clone git github.com/vishvananda/netlink 20397a138846e4d6590e01783ed023ed7e1c38a6

 clone git github.com/BurntSushi/toml f706d00e3de6abe700c994cdd545a1a4915af060

 clone git github.com/samuel/go-zookeeper d0e0d8e11f318e000a8cc434616d69e329edc374

 clone git github.com/coreos/go-etcd v2.0.0

@@ -11,8 +11,8 @@ sudo: false

 before_install:

   # Symlink below is needed for Travis CI to work correctly on personal forks of libkv

   - ln -s $HOME/gopath/src/github.com/${TRAVIS_REPO_SLUG///libkv/} $HOME/gopath/src/github.com/docker

-  - go get code.google.com/p/go.tools/cmd/vet

-  - go get code.google.com/p/go.tools/cmd/cover

+  - go get golang.org/x/tools/cmd/vet

+  - go get golang.org/x/tools/cmd/cover

   - go get github.com/mattn/goveralls

   - go get github.com/golang/lint/golint

   - go get github.com/GeertJohan/fgt

@@ -99,8 +99,9 @@ func (s *Consul) refreshSession(pair *api.KVPair) error {

 	if session == "" {

 		entry := &api.SessionEntry{

-			Behavior: api.SessionBehaviorDelete,

-			TTL:      s.ephemeralTTL.String(),

+			Behavior:  api.SessionBehaviorDelete,       // Delete the key when the session expires

+			TTL:       ((s.ephemeralTTL) / 2).String(), // Consul multiplies the TTL by 2x

+			LockDelay: 1 * time.Millisecond,            // Virtually disable lock delay

 		}

 		// Create the key session

@@ -108,19 +109,19 @@ func (s *Consul) refreshSession(pair *api.KVPair) error {

 		if err != nil {

 			return err

 		}

-	}

-	lockOpts := &api.LockOptions{

-		Key:     pair.Key,

-		Session: session,

-	}

+		lockOpts := &api.LockOptions{

+			Key:     pair.Key,

+			Session: session,

+		}

-	// Lock and ignore if lock is held

-	// It's just a placeholder for the

-	// ephemeral behavior

-	lock, _ := s.client.LockOpts(lockOpts)

-	if lock != nil {

-		lock.Lock(nil)

+		// Lock and ignore if lock is held

+		// It's just a placeholder for the

+		// ephemeral behavior

+		lock, _ := s.client.LockOpts(lockOpts)

+		if lock != nil {

+			lock.Lock(nil)

+		}

 	}

 	_, _, err = s.client.Session().Renew(session, nil)

@@ -321,18 +322,18 @@ func (s *Consul) WatchTree(directory string, stopCh <-chan struct{}) (<-chan []*

 			opts.WaitIndex = meta.LastIndex

 			// Return children KV pairs to the channel

-			kv := []*store.KVPair{}

+			kvpairs := []*store.KVPair{}

 			for _, pair := range pairs {

 				if pair.Key == directory {

 					continue

 				}

-				kv = append(kv, &store.KVPair{

+				kvpairs = append(kvpairs, &store.KVPair{

 					Key:       pair.Key,

 					Value:     pair.Value,

 					LastIndex: pair.ModifyIndex,

 				})

 			}

-			watchCh <- kv

+			watchCh <- kvpairs

 		}

 	}()

@@ -374,11 +375,16 @@ func (l *consulLock) Unlock() error {

 // AtomicPut put a value at "key" if the key has not been

 // modified in the meantime, throws an error if this is the case

 func (s *Consul) AtomicPut(key string, value []byte, previous *store.KVPair, options *store.WriteOptions) (bool, *store.KVPair, error) {

+

+	p := &api.KVPair{Key: s.normalize(key), Value: value}

+

 	if previous == nil {

-		return false, nil, store.ErrPreviousNotSpecified

+		// Consul interprets ModifyIndex = 0 as new key.

+		p.ModifyIndex = 0

+	} else {

+		p.ModifyIndex = previous.LastIndex

 	}

-	p := &api.KVPair{Key: s.normalize(key), Value: value, ModifyIndex: previous.LastIndex}

 	if work, _, err := s.client.KV().CAS(p, nil); err != nil {

 		return false, nil, err

 	} else if !work {

@@ -278,11 +278,32 @@ func (s *Etcd) WatchTree(directory string, stopCh <-chan struct{}) (<-chan []*st

 // AtomicPut put a value at "key" if the key has not been

 // modified in the meantime, throws an error if this is the case

 func (s *Etcd) AtomicPut(key string, value []byte, previous *store.KVPair, options *store.WriteOptions) (bool, *store.KVPair, error) {

-	if previous == nil {

-		return false, nil, store.ErrPreviousNotSpecified

-	}

-	meta, err := s.client.CompareAndSwap(store.Normalize(key), string(value), 0, "", previous.LastIndex)

+	var meta *etcd.Response

+	var err error

+	if previous != nil {

+		meta, err = s.client.CompareAndSwap(store.Normalize(key), string(value), 0, "", previous.LastIndex)

+	} else {

+		// Interpret previous == nil as Atomic Create

+		meta, err = s.client.Create(store.Normalize(key), string(value), 0)

+		if etcdError, ok := err.(*etcd.EtcdError); ok {

+

+			// Directory doesn't exist.

+			if etcdError.ErrorCode == 104 {

+				// Remove the last element (the actual key)

+				// and create the full directory path

+				err = s.createDirectory(store.GetDirectory(key))

+				if err != nil {

+					return false, nil, err

+				}

+

+				// Now that the directory is created, create the key

+				if _, err := s.client.Create(key, string(value), 0); err != nil {

+					return false, nil, err

+				}

+			}

+		}

+	}

 	if err != nil {

 		if etcdError, ok := err.(*etcd.EtcdError); ok {

 			// Compare Failed

@@ -11,11 +11,11 @@ type Backend string

 const (

 	// CONSUL backend

-	CONSUL = "consul"

+	CONSUL Backend = "consul"

 	// ETCD backend

-	ETCD = "etcd"

+	ETCD Backend = "etcd"

 	// ZK backend

-	ZK = "zk"

+	ZK Backend = "zk"

 )

 var (

@@ -77,7 +77,8 @@ type Store interface {

 	// DeleteTree deletes a range of keys under a given directory

 	DeleteTree(directory string) error

-	// Atomic operation on a single value

+	// Atomic CAS operation on a single value.

+	// Pass previous = nil to create a new key.

 	AtomicPut(key string, value []byte, previous *KVPair, options *WriteOptions) (bool, *KVPair, error)

 	// Atomic delete of a single value

@@ -265,23 +265,47 @@ func (s *Zookeeper) DeleteTree(directory string) error {

 // AtomicPut put a value at "key" if the key has not been

 // modified in the meantime, throws an error if this is the case

 func (s *Zookeeper) AtomicPut(key string, value []byte, previous *store.KVPair, _ *store.WriteOptions) (bool, *store.KVPair, error) {

-	if previous == nil {

-		return false, nil, store.ErrPreviousNotSpecified

-	}

-	meta, err := s.client.Set(store.Normalize(key), value, int32(previous.LastIndex))

-	if err != nil {

-		// Compare Failed

-		if err == zk.ErrBadVersion {

-			return false, nil, store.ErrKeyModified

+	var lastIndex uint64

+	if previous != nil {

+		meta, err := s.client.Set(store.Normalize(key), value, int32(previous.LastIndex))

+		if err != nil {

+			// Compare Failed

+			if err == zk.ErrBadVersion {

+				return false, nil, store.ErrKeyModified

+			}

+			return false, nil, err

 		}

-		return false, nil, err

+		lastIndex = uint64(meta.Version)

+	} else {

+		// Interpret previous == nil as create operation.

+		_, err := s.client.Create(store.Normalize(key), value, 0, zk.WorldACL(zk.PermAll))

+		if err != nil {

+			// Zookeeper will complain if the directory doesn't exist.

+			if err == zk.ErrNoNode {

+				// Create the directory

+				parts := store.SplitKey(key)

+				parts = parts[:len(parts)-1]

+				if err = s.createFullPath(parts, false); err != nil {

+					// Failed to create the directory.

+					return false, nil, err

+				}

+				if _, err := s.client.Create(store.Normalize(key), value, 0, zk.WorldACL(zk.PermAll)); err != nil {

+					return false, nil, err

+				}

+

+			} else {

+				// Unhandled error

+				return false, nil, err

+			}

+		}

+		lastIndex = 0 // Newly created nodes have version 0.

 	}

 	pair := &store.KVPair{

 		Key:       key,

 		Value:     value,

-		LastIndex: uint64(meta.Version),

+		LastIndex: lastIndex,

 	}

 	return true, pair, nil

@@ -1,10 +1,6 @@

 # Roadmap

-Libnetwork is a young project and is still being defined.

-This document defines the high-level goals of the project and defines the release-relationship to the Docker Platform.

-

-* [Goals](#goals)

-* [Project Planning](#project-planning): release-relationship to the Docker Platform.

+This document defines the high-level goals of the libnetwork project. See [Project Planning](#project-planning) for information on Releases.

 ## Long-term Goal

@@ -18,12 +14,7 @@ libnetwork aims to satisfy that composable need for Networking in Containers.

 - Define a flexible model that allows local and remote drivers to provide networking to containers

 - Provide a stand-alone tool "dnet" for managing and testing libnetwork

-## Project Planning

-

-Libnetwork versions do not map 1:1 with Docker Platform releases.

-Milestones and Project Pages are used to define the set of features that are included in each release.

+Project Planning

+================

-| Platform Version | Libnetwork Version | Planning |

-|------------------|--------------------|----------|

-| Docker 1.7       | [0.3](https://github.com/docker/libnetwork/milestones/0.3) | [Project Page](https://github.com/docker/libnetwork/wiki/Docker-1.7-Project-Page) |

-| Docker 1.8       | [1.0](https://github.com/docker/libnetwork/milestones/1.0) | [Project Page](https://github.com/docker/libnetwork/wiki/Docker-1.8-Project-Page) |

+[Project Pages](https://github.com/docker/libnetwork/wiki) define the goals for each Milestone and identify the release-relationship to the Docker Platform.

@@ -55,12 +55,11 @@ func NewHandle(app string, ds datastore.DataStore, id string, numElements uint32

 	h.watchForChanges()

 	// Get the initial status from the ds if present.

-	err := h.store.GetObject(datastore.Key(h.Key()...), h)

-	if err != datastore.ErrKeyNotFound {

+	if err := h.store.GetObject(datastore.Key(h.Key()...), h); err != nil && err != datastore.ErrKeyNotFound {

 		return nil, err

 	}

-	return h, err

+	return h, nil

 }

 // Sequence reresents a recurring sequence of 32 bits long bitmasks

@@ -40,7 +40,12 @@ func (h *Handle) Value() []byte {

 // SetValue unmarshals the data from the KV store

 func (h *Handle) SetValue(value []byte) error {

-	return h.FromByteArray(value)

+	var b []byte

+	if err := json.Unmarshal(value, &b); err != nil {

+		return err

+	}

+

+	return h.FromByteArray(b)

 }

 // Index returns the latest DB Index as seen by this object

@@ -2,12 +2,14 @@ package bridge

 import (

 	"errors"

+	"fmt"

 	"net"

 	"os/exec"

 	"strconv"

 	"sync"

 	"github.com/Sirupsen/logrus"

+	bri "github.com/docker/libcontainer/netlink"

 	"github.com/docker/libnetwork/driverapi"

 	"github.com/docker/libnetwork/ipallocator"

 	"github.com/docker/libnetwork/iptables"

@@ -754,6 +756,20 @@ func (d *driver) DeleteNetwork(nid types.UUID) error {

 	return err

 }

+func addToBridge(ifaceName, bridgeName string) error {

+	iface, err := net.InterfaceByName(ifaceName)

+	if err != nil {

+		return fmt.Errorf("could not find interface %s: %v", ifaceName, err)

+	}

+

+	master, err := net.InterfaceByName(bridgeName)

+	if err != nil {

+		return fmt.Errorf("could not find bridge %s: %v", bridgeName, err)

+	}

+

+	return bri.AddToBridge(iface, master)

+}

+

 func (d *driver) CreateEndpoint(nid, eid types.UUID, epInfo driverapi.EndpointInfo, epOptions map[string]interface{}) error {

 	var (

 		ipv6Addr *net.IPNet

@@ -821,27 +837,27 @@ func (d *driver) CreateEndpoint(nid, eid types.UUID, epInfo driverapi.EndpointIn

 	}()

 	// Generate a name for what will be the host side pipe interface

-	name1, err := netutils.GenerateIfaceName(vethPrefix, vethLen)

+	hostIfName, err := netutils.GenerateIfaceName(vethPrefix, vethLen)

 	if err != nil {

 		return err

 	}

 	// Generate a name for what will be the sandbox side pipe interface

-	name2, err := netutils.GenerateIfaceName(vethPrefix, vethLen)

+	containerIfName, err := netutils.GenerateIfaceName(vethPrefix, vethLen)

 	if err != nil {

 		return err

 	}

 	// Generate and add the interface pipe host <-> sandbox

 	veth := &netlink.Veth{

-		LinkAttrs: netlink.LinkAttrs{Name: name1, TxQLen: 0},

-		PeerName:  name2}

+		LinkAttrs: netlink.LinkAttrs{Name: hostIfName, TxQLen: 0},

+		PeerName:  containerIfName}

 	if err = netlink.LinkAdd(veth); err != nil {

 		return err

 	}

 	// Get the host side pipe interface handler

-	host, err := netlink.LinkByName(name1)

+	host, err := netlink.LinkByName(hostIfName)

 	if err != nil {

 		return err

 	}

@@ -852,7 +868,7 @@ func (d *driver) CreateEndpoint(nid, eid types.UUID, epInfo driverapi.EndpointIn

 	}()

 	// Get the sandbox side pipe interface handler

-	sbox, err := netlink.LinkByName(name2)

+	sbox, err := netlink.LinkByName(containerIfName)

 	if err != nil {

 		return err

 	}

@@ -879,9 +895,8 @@ func (d *driver) CreateEndpoint(nid, eid types.UUID, epInfo driverapi.EndpointIn

 	}

 	// Attach host side pipe interface into the bridge

-	if err = netlink.LinkSetMaster(host,

-		&netlink.Bridge{LinkAttrs: netlink.LinkAttrs{Name: config.BridgeName}}); err != nil {

-		return err

+	if err = addToBridge(hostIfName, config.BridgeName); err != nil {

+		return fmt.Errorf("adding interface %s to bridge %s failed: %v", hostIfName, config.BridgeName, err)

 	}

 	if !config.EnableUserlandProxy {

@@ -898,14 +913,24 @@ func (d *driver) CreateEndpoint(nid, eid types.UUID, epInfo driverapi.EndpointIn

 	}

 	ipv4Addr := &net.IPNet{IP: ip4, Mask: n.bridge.bridgeIPv4.Mask}

+	// Down the interface before configuring mac address.

+	if err := netlink.LinkSetDown(sbox); err != nil {

+		return fmt.Errorf("could not set link down for container interface %s: %v", containerIfName, err)

+	}

+

 	// Set the sbox's MAC. If specified, use the one configured by user, otherwise generate one based on IP.

 	mac := electMacAddress(epConfig, ip4)

 	err = netlink.LinkSetHardwareAddr(sbox, mac)

 	if err != nil {

-		return err

+		return fmt.Errorf("could not set mac address for container interface %s: %v", containerIfName, err)

 	}

 	endpoint.macAddress = mac

+	// Up the host interface after finishing all netlink configuration

+	if err := netlink.LinkSetUp(host); err != nil {

+		return fmt.Errorf("could not set link up for host interface %s: %v", hostIfName, err)

+	}

+

 	// v6 address for the sandbox side pipe interface

 	ipv6Addr = &net.IPNet{}

 	if config.EnableIPv6 {

@@ -934,7 +959,7 @@ func (d *driver) CreateEndpoint(nid, eid types.UUID, epInfo driverapi.EndpointIn

 	}

 	// Create the sandbox side pipe interface

-	endpoint.srcName = name2

+	endpoint.srcName = containerIfName

 	endpoint.addr = ipv4Addr

 	if config.EnableIPv6 {

@@ -1,15 +1,15 @@

 package bridge

 import (

-	log "github.com/Sirupsen/logrus"

 	"github.com/docker/docker/pkg/parsers/kernel"

-	"github.com/docker/libnetwork/netutils"

-	"github.com/docker/libnetwork/types"

+	bri "github.com/docker/libcontainer/netlink"

 	"github.com/vishvananda/netlink"

 )

 // SetupDevice create a new bridge interface/

 func setupDevice(config *networkConfiguration, i *bridgeInterface) error {

+	var setMac bool

+

 	// We only attempt to create the bridge when the requested device name is

 	// the default one.

 	if config.BridgeName != DefaultBridgeName && !config.AllowNonDefaultBridge {

@@ -27,15 +27,10 @@ func setupDevice(config *networkConfiguration, i *bridgeInterface) error {

 	// was not supported before that.

 	kv, err := kernel.GetKernelVersion()

 	if err == nil && (kv.Kernel >= 3 && kv.Major >= 3) {

-		i.Link.Attrs().HardwareAddr = netutils.GenerateRandomMAC()

-		log.Debugf("Setting bridge mac address to %s", i.Link.Attrs().HardwareAddr)

+		setMac = true

 	}

-	// Call out to netlink to create the device.

-	if err = netlink.LinkAdd(i.Link); err != nil {

-		return types.InternalErrorf("Failed to program bridge link: %s", err.Error())

-	}

-	return nil

+	return bri.CreateBridge(config.BridgeName, setMac)

 }

 // SetupDeviceUp ups the given bridge interface.

@@ -57,7 +57,11 @@ func (d *driver) EndpointOperInfo(nid, eid types.UUID) (map[string]interface{},

 // Join method is invoked when a Sandbox is attached to an endpoint.

 func (d *driver) Join(nid, eid types.UUID, sboxKey string, jinfo driverapi.JoinInfo, options map[string]interface{}) error {

-	return (jinfo.SetHostsPath("/etc/hosts"))

+	if err := jinfo.SetHostsPath("/etc/hosts"); err != nil {

+		return err

+	}

+

+	return jinfo.SetResolvConfPath("/etc/resolv.conf")

 }

 // Leave method is invoked when a Sandbox detaches from an endpoint.

@@ -155,7 +155,7 @@ func (n *network) initSandbox() error {

 func (n *network) watchMiss(nlSock *nl.NetlinkSocket) {

 	for {

-		msgs, err := nlSock.Recieve()

+		msgs, err := nlSock.Receive()

 		if err != nil {

 			logrus.Errorf("Failed to receive from netlink: %v ", err)

 			continue

@@ -54,6 +54,7 @@ func createVxlan(vni uint32) (string, error) {

 		LinkAttrs: netlink.LinkAttrs{Name: name},

 		VxlanId:   int(vni),

 		Learning:  true,

+		Port:      vxlanPort,

 		Proxy:     true,

 		L3miss:    true,

 		L2miss:    true,

@@ -21,6 +21,7 @@ const (

 	vethLen      = 7

 	vxlanIDStart = 256

 	vxlanIDEnd   = 1000

+	vxlanPort    = 4789

 )

 type driver struct {

@@ -811,9 +811,19 @@ func (ep *endpoint) updateDNS(resolvConf []byte) error {

 	return os.Rename(tmpResolvFile.Name(), container.config.resolvConfPath)

 }

+func copyFile(src, dst string) error {

+	sBytes, err := ioutil.ReadFile(src)

+	if err != nil {

+		return err

+	}

+

+	return ioutil.WriteFile(dst, sBytes, 0644)

+}

+

 func (ep *endpoint) setupDNS() error {

 	ep.Lock()

 	container := ep.container

+	joinInfo := ep.joinInfo

 	ep.Unlock()

 	if container == nil {

@@ -830,6 +840,14 @@ func (ep *endpoint) setupDNS() error {

 		return err

 	}

+	if joinInfo.resolvConfPath != "" {

+		if err := copyFile(joinInfo.resolvConfPath, container.config.resolvConfPath); err != nil {

+			return fmt.Errorf("could not copy source resolv.conf file %s to %s: %v", joinInfo.resolvConfPath, container.config.resolvConfPath, err)

+		}

+

+		return nil

+	}

+

 	resolvConf, err := resolvconf.Get()

 	if err != nil {

 		return err

@@ -43,13 +43,19 @@ import (

 )

 func main() {

-    mybridge := &netlink.Bridge{netlink.LinkAttrs{Name: "foo"}}

+    la := netlink.NewLinkAttrs()

+    la.Name = "foo"

+    mybridge := &netlink.Bridge{la}}

     _ := netlink.LinkAdd(mybridge)

     eth1, _ := netlink.LinkByName("eth1")

     netlink.LinkSetMaster(eth1, mybridge)

 }

 ```

+Note `NewLinkAttrs` constructor, it sets default values in structure. For now

+it sets only `TxQLen` to `-1`, so kernel will set default by itself. If you're

+using simple initialization(`LinkAttrs{Name: "foo"}`) `TxQLen` will be set to

+`0` unless you specify it like `LinkAttrs{Name: "foo", TxQLen: 1000}`.

 Add a new ip address to loopback:

@@ -14,8 +14,8 @@ type Addr struct {

 }

 // String returns $ip/$netmask $label

-func (addr Addr) String() string {

-	return fmt.Sprintf("%s %s", addr.IPNet, addr.Label)

+func (a Addr) String() string {

+	return fmt.Sprintf("%s %s", a.IPNet, a.Label)

 }

 // ParseAddr parses the string representation of an address in the

@@ -81,7 +81,7 @@ func AddrList(link Link, family int) ([]Addr, error) {

 		index = base.Index

 	}

-	res := make([]Addr, 0)

+	var res []Addr

 	for _, m := range msgs {

 		msg := nl.DeserializeIfAddrmsg(m)

@@ -95,11 +95,17 @@ func AddrList(link Link, family int) ([]Addr, error) {

 			return nil, err

 		}

+		var local, dst *net.IPNet

 		var addr Addr

 		for _, attr := range attrs {

 			switch attr.Attr.Type {

 			case syscall.IFA_ADDRESS:

-				addr.IPNet = &net.IPNet{

+				dst = &net.IPNet{

+					IP:   attr.Value,

+					Mask: net.CIDRMask(int(msg.Prefixlen), 8*len(attr.Value)),

+				}

+			case syscall.IFA_LOCAL:

+				local = &net.IPNet{

 					IP:   attr.Value,

 					Mask: net.CIDRMask(int(msg.Prefixlen), 8*len(attr.Value)),

 				}

@@ -107,6 +113,14 @@ func AddrList(link Link, family int) ([]Addr, error) {

 				addr.Label = string(attr.Value[:len(attr.Value)-1])

 			}

 		}

+

+		// IFA_LOCAL should be there but if not, fall back to IFA_ADDRESS

+		if local != nil {

+			addr.IPNet = local

+		} else {

+			addr.IPNet = dst

+		}

+

 		res = append(res, addr)

 	}

@@ -10,16 +10,29 @@ type Link interface {

 	Type() string

 }

+type (

+	NsPid int

+	NsFd  int

+)

+

 // LinkAttrs represents data shared by most link types

 type LinkAttrs struct {

 	Index        int

 	MTU          int

-	TxQLen       uint32 // Transmit Queue Length

+	TxQLen       int // Transmit Queue Length

 	Name         string

 	HardwareAddr net.HardwareAddr

 	Flags        net.Flags

-	ParentIndex  int // index of the parent link device

-	MasterIndex  int // must be the index of a bridge

+	ParentIndex  int         // index of the parent link device

+	MasterIndex  int         // must be the index of a bridge

+	Namespace    interface{} // nil | NsPid | NsFd

+}

+

+// NewLinkAttrs returns LinkAttrs structure filled with default values

+func NewLinkAttrs() LinkAttrs {

+	return LinkAttrs{

+		TxQLen: -1,

+	}

 }

 // Device links cannot be created via netlink. These links

@@ -76,9 +89,21 @@ func (vlan *Vlan) Type() string {

 	return "vlan"

 }

+type MacvlanMode uint16

+

+const (

+	MACVLAN_MODE_DEFAULT MacvlanMode = iota

+	MACVLAN_MODE_PRIVATE

+	MACVLAN_MODE_VEPA

+	MACVLAN_MODE_BRIDGE

+	MACVLAN_MODE_PASSTHRU

+	MACVLAN_MODE_SOURCE

+)

+

 // Macvlan links have ParentIndex set in their Attrs()

 type Macvlan struct {

 	LinkAttrs

+	Mode MacvlanMode

 }

 func (macvlan *Macvlan) Attrs() *LinkAttrs {

@@ -13,6 +13,15 @@ import (

 var native = nl.NativeEndian()

 var lookupByDump = false

+var macvlanModes = [...]uint32{

+	0,

+	nl.MACVLAN_MODE_PRIVATE,

+	nl.MACVLAN_MODE_VEPA,

+	nl.MACVLAN_MODE_BRIDGE,

+	nl.MACVLAN_MODE_PASSTHRU,

+	nl.MACVLAN_MODE_SOURCE,

+}

+

 func ensureIndex(link *LinkAttrs) {

 	if link != nil && link.Index == 0 {

 		newlink, _ := LinkByName(link.Name)

@@ -39,7 +48,7 @@ func LinkSetUp(link Link) error {

 	return err

 }

-// LinkSetUp disables link device.

+// LinkSetDown disables link device.

 // Equivalent to: `ip link set $link down`

 func LinkSetDown(link Link) error {

 	base := link.Attrs()

@@ -67,7 +76,7 @@ func LinkSetMTU(link Link, mtu int) error {

 	msg.Type = syscall.RTM_SETLINK

 	msg.Flags = syscall.NLM_F_REQUEST

 	msg.Index = int32(base.Index)

-	msg.Change = nl.DEFAULT_CHANGE

+	msg.Change = syscall.IFLA_MTU

 	req.AddData(msg)

 	b := make([]byte, 4)

@@ -91,7 +100,7 @@ func LinkSetName(link Link, name string) error {

 	msg.Type = syscall.RTM_SETLINK

 	msg.Flags = syscall.NLM_F_REQUEST

 	msg.Index = int32(base.Index)

-	msg.Change = nl.DEFAULT_CHANGE

+	msg.Change = syscall.IFLA_IFNAME

 	req.AddData(msg)

 	data := nl.NewRtAttr(syscall.IFLA_IFNAME, []byte(name))

@@ -112,7 +121,7 @@ func LinkSetHardwareAddr(link Link, hwaddr net.HardwareAddr) error {

 	msg.Type = syscall.RTM_SETLINK

 	msg.Flags = syscall.NLM_F_REQUEST

 	msg.Index = int32(base.Index)

-	msg.Change = nl.DEFAULT_CHANGE

+	msg.Change = syscall.IFLA_ADDRESS

 	req.AddData(msg)

 	data := nl.NewRtAttr(syscall.IFLA_ADDRESS, []byte(hwaddr))

@@ -145,7 +154,7 @@ func LinkSetMasterByIndex(link Link, masterIndex int) error {

 	msg.Type = syscall.RTM_SETLINK

 	msg.Flags = syscall.NLM_F_REQUEST

 	msg.Index = int32(base.Index)

-	msg.Change = nl.DEFAULT_CHANGE

+	msg.Change = syscall.IFLA_MASTER

 	req.AddData(msg)

 	b := make([]byte, 4)

@@ -170,7 +179,7 @@ func LinkSetNsPid(link Link, nspid int) error {

 	msg.Type = syscall.RTM_SETLINK

 	msg.Flags = syscall.NLM_F_REQUEST

 	msg.Index = int32(base.Index)

-	msg.Change = nl.DEFAULT_CHANGE

+	msg.Change = syscall.IFLA_NET_NS_PID

 	req.AddData(msg)

 	b := make([]byte, 4)

@@ -183,7 +192,7 @@ func LinkSetNsPid(link Link, nspid int) error {

 	return err

 }

-// LinkSetNsPid puts the device into a new network namespace. The

+// LinkSetNsFd puts the device into a new network namespace. The

 // fd must be an open file descriptor to a network namespace.

 // Similar to: `ip link set $link netns $ns`

 func LinkSetNsFd(link Link, fd int) error {

@@ -195,7 +204,7 @@ func LinkSetNsFd(link Link, fd int) error {

 	msg.Type = syscall.RTM_SETLINK

 	msg.Flags = syscall.NLM_F_REQUEST

 	msg.Index = int32(base.Index)

-	msg.Change = nl.DEFAULT_CHANGE

+	msg.Change = nl.IFLA_NET_NS_FD

 	req.AddData(msg)

 	b := make([]byte, 4)

@@ -312,11 +321,28 @@ func LinkAdd(link Link) error {

 		req.AddData(mtu)

 	}

+	if base.TxQLen >= 0 {

+		qlen := nl.NewRtAttr(syscall.IFLA_TXQLEN, nl.Uint32Attr(uint32(base.TxQLen)))

+		req.AddData(qlen)

+	}

+

+	if base.Namespace != nil {

+		var attr *nl.RtAttr

+		switch base.Namespace.(type) {

+		case NsPid:

+			val := nl.Uint32Attr(uint32(base.Namespace.(NsPid)))

+			attr = nl.NewRtAttr(syscall.IFLA_NET_NS_PID, val)

+		case NsFd:

+			val := nl.Uint32Attr(uint32(base.Namespace.(NsFd)))

+			attr = nl.NewRtAttr(nl.IFLA_NET_NS_FD, val)

+		}

+

+		req.AddData(attr)

+	}

+

 	linkInfo := nl.NewRtAttr(syscall.IFLA_LINKINFO, nil)

 	nl.NewRtAttrChild(linkInfo, nl.IFLA_INFO_KIND, nl.NonZeroTerminated(link.Type()))

-	nl.NewRtAttrChild(linkInfo, syscall.IFLA_TXQLEN, nl.Uint32Attr(base.TxQLen))

-

 	if vlan, ok := link.(*Vlan); ok {

 		b := make([]byte, 2)

 		native.PutUint16(b, uint16(vlan.VlanId))

@@ -327,15 +353,23 @@ func LinkAdd(link Link) error {

 		peer := nl.NewRtAttrChild(data, nl.VETH_INFO_PEER, nil)

 		nl.NewIfInfomsgChild(peer, syscall.AF_UNSPEC)

 		nl.NewRtAttrChild(peer, syscall.IFLA_IFNAME, nl.ZeroTerminated(veth.PeerName))

-		nl.NewRtAttrChild(peer, syscall.IFLA_TXQLEN, nl.Uint32Attr(base.TxQLen))

+		if base.TxQLen >= 0 {

+			nl.NewRtAttrChild(peer, syscall.IFLA_TXQLEN, nl.Uint32Attr(uint32(base.TxQLen)))

+		}

 		if base.MTU > 0 {

 			nl.NewRtAttrChild(peer, syscall.IFLA_MTU, nl.Uint32Attr(uint32(base.MTU)))

 		}

+

 	} else if vxlan, ok := link.(*Vxlan); ok {

 		addVxlanAttrs(vxlan, linkInfo)

 	} else if ipv, ok := link.(*IPVlan); ok {

 		data := nl.NewRtAttrChild(linkInfo, nl.IFLA_INFO_DATA, nil)

 		nl.NewRtAttrChild(data, nl.IFLA_IPVLAN_MODE, nl.Uint16Attr(uint16(ipv.Mode)))

+	} else if macv, ok := link.(*Macvlan); ok {

+		if macv.Mode != MACVLAN_MODE_DEFAULT {

+			data := nl.NewRtAttrChild(linkInfo, nl.IFLA_INFO_DATA, nil)

+			nl.NewRtAttrChild(data, nl.IFLA_MACVLAN_MODE, nl.Uint32Attr(macvlanModes[macv.Mode]))

+		}

 	}

 	req.AddData(linkInfo)

@@ -483,6 +517,8 @@ func linkDeserialize(m []byte) (Link, error) {

 						link = &Vxlan{}

 					case "ipvlan":

 						link = &IPVlan{}

+					case "macvlan":

+						link = &Macvlan{}

 					default:

 						link = &Generic{LinkType: linkType}

 					}

@@ -498,6 +534,8 @@ func linkDeserialize(m []byte) (Link, error) {

 						parseVxlanData(link, data)

 					case "ipvlan":

 						parseIPVlanData(link, data)

+					case "macvlan":

+						parseMacvlanData(link, data)

 					}

 				}

 			}

@@ -520,7 +558,7 @@ func linkDeserialize(m []byte) (Link, error) {

 		case syscall.IFLA_MASTER:

 			base.MasterIndex = int(native.Uint32(attr.Value[0:4]))

 		case syscall.IFLA_TXQLEN:

-			base.TxQLen = native.Uint32(attr.Value[0:4])

+			base.TxQLen = int(native.Uint32(attr.Value[0:4]))

 		}

 	}

 	// Links that don't have IFLA_INFO_KIND are hardware devices

@@ -547,8 +585,7 @@ func LinkList() ([]Link, error) {

 		return nil, err

 	}

-	res := make([]Link, 0)

-

+	var res []Link

 	for _, m := range msgs {

 		link, err := linkDeserialize(m)

 		if err != nil {

@@ -593,7 +630,7 @@ func setProtinfoAttr(link Link, mode bool, attr int) error {

 	msg.Type = syscall.RTM_SETLINK

 	msg.Flags = syscall.NLM_F_REQUEST

 	msg.Index = int32(base.Index)

-	msg.Change = nl.DEFAULT_CHANGE

+	msg.Change = syscall.IFLA_PROTINFO | syscall.NLA_F_NESTED

 	req.AddData(msg)

 	br := nl.NewRtAttr(syscall.IFLA_PROTINFO|syscall.NLA_F_NESTED, nil)

@@ -674,6 +711,27 @@ func parseIPVlanData(link Link, data []syscall.NetlinkRouteAttr) {

 	}

 }

+func parseMacvlanData(link Link, data []syscall.NetlinkRouteAttr) {

+	macv := link.(*Macvlan)

+	for _, datum := range data {

+		if datum.Attr.Type == nl.IFLA_MACVLAN_MODE {

+			switch native.Uint32(datum.Value[0:4]) {

+			case nl.MACVLAN_MODE_PRIVATE:

+				macv.Mode = MACVLAN_MODE_PRIVATE

+			case nl.MACVLAN_MODE_VEPA:

+				macv.Mode = MACVLAN_MODE_VEPA

+			case nl.MACVLAN_MODE_BRIDGE:

+				macv.Mode = MACVLAN_MODE_BRIDGE