[openwrt/openwrt] vxlan: add capability for multiple fdb entries
LEDE Commits
lede-commits at lists.infradead.org
Mon Jul 20 07:43:48 EDT 2020
adrian pushed a commit to openwrt/openwrt.git, branch master:
https://git.openwrt.org/65e9de3c333bae1ccef1dfb0cc008ad6f13958e4
commit 65e9de3c333bae1ccef1dfb0cc008ad6f13958e4
Author: Johannes Kimmel <fff at bareminimum.eu>
AuthorDate: Mon Jul 20 08:05:10 2020 +0200
vxlan: add capability for multiple fdb entries
Similar to wireguard, vxlan can configure multiple peers or add specific
entries to the fdb for a single mac address.
While you can still use peeraddr/peer6addr option within the proto
vxlan/vxlan6 section to not break existing configurations, this patch
allows to add multiple sections that conigure fdb entries via the bridge
command. As such, the bridge command is now a dependency of the vxlan
package. (To be honest without the bridge command available, vxlan isn't
very much fun to use or debug at all)
Field names are taken direclty from the bridge command.
Example with all supported parameters, since this hasn't been documented so
far:
config interface 'vx0'
option proto 'vxlan6' # use vxlan over ipv6
# main options
option ip6addr '2001:db8::1' # listen address
option tunlink 'wan6' # optional if listen address given
option peer6addr '2001:db8::2' # now optional
option port '8472' # this is the standard port under linux
option vid '42' # VXLAN Network Identifier to use
option mtu '1430' # vxlan6 has 70 bytes overhead
# extra options
option rxcsum '0' # allow receiving packets without checksum
option txcsum '0' # send packets without checksum
option ttl '16' # specifies the TTL value for outgoing packets
option tos '0' # specifies the TOS value for outgoing packets
option macaddr '11:22:33:44:55:66' # optional, manually specify mac
# default is a random address
Single peer with head-end replication. Corresponds to the following call
to bridge:
$ bridge fdb append 00:00:00:00:00:00 dev vx0 dst 2001:db8::3
config vxlan_peer
option vxlan 'vx0'
option dst '2001:db8::3' # always required
For multiple peers, this section can be repeated for each dst address.
It's possible to specify a multicast address as destination. Useful when
multicast routing is available or within one lan segment:
config vxlan_peer
option vxlan 'vx0'
option dst 'ff02::1337' # multicast group to join.
# all bum traffic will be send there
option via 'eth1' # for multicast, an outgoing interface needs
# to be specified
All available peer options for completeness:
config vxlan_peer
option vxlan 'vx0' # the interface to configure
option lladdr 'aa:bb:cc:dd:ee:ff' # specific mac,
option dst '2001:db8::4' # connected to this peer
option via 'eth0.1' # use this interface only
option port '4789' # use different port for this peer
option vni '23' # override vni for this peer
option src_vni '123' # see man 3 bridge
Signed-off-by: Johannes Kimmel <fff at bareminimum.eu>
---
package/network/config/vxlan/Makefile | 2 +-
package/network/config/vxlan/files/vxlan.sh | 48 ++++++++++++++++++++++++++++-
2 files changed, 48 insertions(+), 2 deletions(-)
diff --git a/package/network/config/vxlan/Makefile b/package/network/config/vxlan/Makefile
index 13fcf0c55d..7232f71b45 100644
--- a/package/network/config/vxlan/Makefile
+++ b/package/network/config/vxlan/Makefile
@@ -1,7 +1,7 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=vxlan
-PKG_RELEASE:=3
+PKG_RELEASE:=4
PKG_LICENSE:=GPL-2.0
include $(INCLUDE_DIR)/package.mk
diff --git a/package/network/config/vxlan/files/vxlan.sh b/package/network/config/vxlan/files/vxlan.sh
index bdcaa628c4..d063c47d47 100755
--- a/package/network/config/vxlan/files/vxlan.sh
+++ b/package/network/config/vxlan/files/vxlan.sh
@@ -7,6 +7,50 @@
init_proto "$@"
}
+proto_vxlan_setup_peer() {
+ type bridge &> /dev/null || {
+ proto_notify_error "$cfg" "MISSING_BRIDGE_COMMAND"
+ exit
+ }
+
+ local peer_config="$1"
+
+ local vxlan
+ local lladdr
+ local dst
+ local src_vni
+ local vni
+ local port
+ local via
+
+ config_get vxlan "${peer_config}" "vxlan"
+ config_get lladdr "${peer_config}" "lladdr"
+ config_get dst "${peer_config}" "dst"
+ config_get src_vni "${peer_config}" "src_vni"
+ config_get vni "${peer_config}" "vni"
+ config_get port "${peer_config}" "port"
+ config_get via "${peer_config}" "via"
+
+ [ "$cfg" = "$vxlan" ] || {
+ # This peer section belongs to another device
+ return
+ }
+
+ [ -n "${dst}" ] || {
+ proto_notify_error "$cfg" "MISSING_PEER_ADDRESS"
+ exit
+ }
+
+ bridge fdb append \
+ ${lladdr:-00:00:00:00:00:00} \
+ dev ${cfg} \
+ dst ${dst} \
+ ${src_vni:+src_vni $src_vni} \
+ ${vni:+vni $vni} \
+ ${port:+port $port} \
+ ${via:+via $via}
+}
+
vxlan_generic_setup() {
local cfg="$1"
local mode="$2"
@@ -18,7 +62,6 @@ vxlan_generic_setup() {
local port vid ttl tos mtu macaddr zone rxcsum txcsum
json_get_vars port vid ttl tos mtu macaddr zone rxcsum txcsum
-
proto_init_update "$link" 1
proto_add_tunnel
@@ -47,6 +90,9 @@ vxlan_generic_setup() {
proto_close_data
proto_send_update "$cfg"
+
+ config_load network
+ config_foreach proto_vxlan_setup_peer "vxlan_peer"
}
proto_vxlan_setup() {
More information about the lede-commits
mailing list