[OpenWrt-Devel] [PATCH 3/3] vxlan: add capability for multiple fdb entries

Johannes Kimmel fff at bareminimum.eu
Mon Jun 8 10:14:45 EDT 2020 

Similar to wireguard, vxlan can configure multiple peers or add specific
entries to the fdb for a single mac address.

While you can still use peeraddr/peer6addr option within the proto
vxlan/vxlan6 section to not break existing configurations, this patch
allows to add multiple sections that conigure fdb entries via the bridge
command. As such, the bridge command is now a dependency of the vxlan
package. (To be honest without the bridge command available, vxlan isn't
very much fun to use or debug at all)

Field names are taken direclty from the bridge command.

Example with all supported parameters, since this hasn't been documented so
far:

  config interface 'vx0'
      option proto     'vxlan6'      # use vxlan over ipv6

      # main options
      option ip6addr   '2001:db8::1' # listen address
      option tunlink   'wan6'        # optional if listen address given
      option peer6addr '2001:db8::2' # now optional
      option port      '8472'        # this is the standard port under linux
      option vid       '42'          # VXLAN Network Identifier to use
      option mtu       '1430'        # vxlan6 has 70 bytes overhead

      # extra options
      option rxcsum  '0'  # allow receiving packets without checksum
      option txcsum  '0'  # send packets without checksum
      option ttl     '16' # specifies the TTL value for outgoing packets
      option tos     '0'  # specifies the TOS value for outgoing packets
      option macaddr '11:22:33:44:55:66' # optional, manually specify mac
                                         # default is a random address

Single peer with head-end replication. Corresponds to the following call
to bridge:

  $ bridge fdb append 00:00:00:00:00:00 dev vx0 dst 2001:db8::3

  config vxlan_vx0
      option dst '2001:db8::3' # always required

It's possible to specify a multicast address as destination. Useful when
multicast routing is available or within one lan segment:

  config vxlan_vx0
      option dst 'ff02::1337' # multicast group to join.
                              # all bum traffic will be send there
      option via 'eth1'       # for multicast, an outgoing interface needs
                              # to be specified

All available peer options for completeness:

  config vxlan_vx0
      option lladdr  'aa:bb:cc:dd:ee:ff' # specific mac,
      option dst     '2001:db8::4'       # connected to this peer
      option via     'eth0.1'            # use this interface only
      option port    '4789'              # use different port for this peer
      option vni     '23'                # override vni for this peer
      option src_vni '123'               # see man 3 bridge

Signed-off-by: Johannes Kimmel <fff at bareminimum.eu>
---
 package/network/config/vxlan/Makefile       |  2 +-
 package/network/config/vxlan/files/vxlan.sh | 36 ++++++++++++++++++++-
 2 files changed, 36 insertions(+), 2 deletions(-)

diff --git a/package/network/config/vxlan/Makefile b/package/network/config/vxlan/Makefile
index 5850c44..46970d9 100644
--- a/package/network/config/vxlan/Makefile
+++ b/package/network/config/vxlan/Makefile
@@ -11,7 +11,7 @@ define Package/vxlan
   CATEGORY:=Network
   MAINTAINER:=Matthias Schiffer <mschiffer at universe-factory.net>
   TITLE:=Virtual eXtensible LAN config support
-  DEPENDS:=+kmod-vxlan
+  DEPENDS:=+kmod-vxlan +ip-bridge
   PKGARCH:=all
 endef
 
diff --git a/package/network/config/vxlan/files/vxlan.sh b/package/network/config/vxlan/files/vxlan.sh
index bdcaa62..319d95c 100755
--- a/package/network/config/vxlan/files/vxlan.sh
+++ b/package/network/config/vxlan/files/vxlan.sh
@@ -7,6 +7,38 @@
 	init_proto "$@"
 }
 
+proto_vxlan_setup_peer() {
+	local peer_config="$1"
+
+	local lladdr
+	local dst
+	local src_vni
+	local vni
+	local port
+	local via
+
+	config_get lladdr  "${peer_config}" "lladdr"
+	config_get dst     "${peer_config}" "dst"
+	config_get src_vni "${peer_config}" "src_vni"
+	config_get vni     "${peer_config}" "vni"
+	config_get port    "${peer_config}" "port"
+	config_get via     "${peer_config}" "via"
+
+	[ -z "${dst}" ] && {
+		proto_notify_error "$cfg" "MISSING_PEER_ADDRESS"
+		exit
+	}
+
+	bridge fdb append \
+		${lladdr:-00:00:00:00:00:00} \
+		dev ${cfg}                   \
+		${dst:+dst $dst}             \
+		${src_vni:+src_vni $src_vni} \
+		${vni:+vni $vni}             \
+		${port:+port $port}          \
+		${via:+via $via}
+}
+
 vxlan_generic_setup() {
 	local cfg="$1"
 	local mode="$2"
@@ -18,7 +50,6 @@ vxlan_generic_setup() {
 	local port vid ttl tos mtu macaddr zone rxcsum txcsum
 	json_get_vars port vid ttl tos mtu macaddr zone rxcsum txcsum
 
-
 	proto_init_update "$link" 1
 
 	proto_add_tunnel
@@ -47,6 +78,9 @@ vxlan_generic_setup() {
 	proto_close_data
 
 	proto_send_update "$cfg"
+
+	config_load network
+	config_foreach proto_vxlan_setup_peer "vxlan_${cfg}"
 }
 
 proto_vxlan_setup() {
-- 
2.27.0


_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel

More information about the openwrt-devel mailing list