Message ID | 20200720131003.40233-1-freifunk@adrianschmutzler.de |
---|---|
State | Accepted |
Headers | show |
diff --git a/build_patches/openwrt/0011-vxlan-fix-udp-checksum-control.patch b/build_patches/openwrt/0011-vxlan-fix-udp-checksum-control.patch new file mode 100644 index 00000000..5539d557 --- /dev/null +++ b/build_patches/openwrt/0011-vxlan-fix-udp-checksum-control.patch @@ -0,0 +1,27 @@ +From: Johannes Kimmel <fff@bareminimum.eu> +Date: Mon, 8 Jun 2020 16:14:43 +0200 +Subject: vxlan: fix udp checksum control + +So far, passing "rxcsum" and "txcsum" had no effect. + +Fixes: 95ab18e0124e ("vxlan: add options to enable and disable UDP +checksums") + +Signed-off-by: Johannes Kimmel <fff@bareminimum.eu> +[add Fixes:] +Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> +(cherry picked from commit 0453c3866feb701160bbab4ecf9762c5a3038503) + +diff --git a/package/network/config/vxlan/files/vxlan.sh b/package/network/config/vxlan/files/vxlan.sh +index d055d41edc59f50c0c132849bbcd0235edeef5b9..7b1c7039551b7781f5f7a8e73b964db698f3697b 100755 +--- a/package/network/config/vxlan/files/vxlan.sh ++++ b/package/network/config/vxlan/files/vxlan.sh +@@ -129,6 +129,8 @@ vxlan_generic_init_config() { + proto_config_add_int "ttl" + proto_config_add_int "tos" + proto_config_add_int "mtu" ++ proto_config_add_boolean "rxcsum" ++ proto_config_add_boolean "txcsum" + proto_config_add_string "macaddr" + } + diff --git a/build_patches/openwrt/0012-vxlan-bump-and-change-to-PKG_RELEASE.patch b/build_patches/openwrt/0012-vxlan-bump-and-change-to-PKG_RELEASE.patch new file mode 100644 index 00000000..a9c603fa --- /dev/null +++ b/build_patches/openwrt/0012-vxlan-bump-and-change-to-PKG_RELEASE.patch @@ -0,0 +1,29 @@ +From: Adrian Schmutzler <freifunk@adrianschmutzler.de> +Date: Wed, 15 Jul 2020 16:49:36 +0200 +Subject: vxlan: bump and change to PKG_RELEASE + +Bumping package version has been overlooked in a previous commit. + +While at it, use PKG_RELEASE instead of PKG_VERSION, as the latter +is meant for upstream version number only. +(The effective version string for the package would be "3" in both +cases, so there is no harm done for version comparison.) + +Fixes: 0453c3866feb ("vxlan: fix udp checksum control") + +Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> +(cherry picked from commit b29d620ed2521fe6fda40ddafe6cb0f1d70e4503) + +diff --git a/package/network/config/vxlan/Makefile b/package/network/config/vxlan/Makefile +index 5850c443e73131f19fbeb1f986f85259d5747ac4..13fcf0c55d07d97f5dcc3cbfcf2478020e7107cc 100644 +--- a/package/network/config/vxlan/Makefile ++++ b/package/network/config/vxlan/Makefile +@@ -1,7 +1,7 @@ + include $(TOPDIR)/rules.mk + + PKG_NAME:=vxlan +-PKG_VERSION:=2 ++PKG_RELEASE:=3 + PKG_LICENSE:=GPL-2.0 + + include $(INCLUDE_DIR)/package.mk diff --git a/build_patches/openwrt/0013-vxlan-remove-mandatory-peeraddr.patch b/build_patches/openwrt/0013-vxlan-remove-mandatory-peeraddr.patch new file mode 100644 index 00000000..90ce449d --- /dev/null +++ b/build_patches/openwrt/0013-vxlan-remove-mandatory-peeraddr.patch @@ -0,0 +1,42 @@ +From: Johannes Kimmel <fff@bareminimum.eu> +Date: Mon, 20 Jul 2020 08:05:09 +0200 +Subject: vxlan: remove mandatory peeraddr + +vxlan can be configured without a peer address. This is used to prepare +an interface and add peers later. + +Fixes: FS#2743 + +Signed-off-by: Johannes Kimmel <fff@bareminimum.eu> +Acked-by: Matthias Schiffer <mschiffer@universe-factory.net> + +diff --git a/package/network/config/vxlan/files/vxlan.sh b/package/network/config/vxlan/files/vxlan.sh +index 7b1c7039551b7781f5f7a8e73b964db698f3697b..bdcaa628c4416cc83258dd38a6fc0978ea55a3bb 100755 +--- a/package/network/config/vxlan/files/vxlan.sh ++++ b/package/network/config/vxlan/files/vxlan.sh +@@ -55,12 +55,6 @@ proto_vxlan_setup() { + local ipaddr peeraddr + json_get_vars ipaddr peeraddr tunlink + +- [ -z "$peeraddr" ] && { +- proto_notify_error "$cfg" "MISSING_ADDRESS" +- proto_block_restart "$cfg" +- exit +- } +- + ( proto_add_host_dependency "$cfg" '' "$tunlink" ) + + [ -z "$ipaddr" ] && { +@@ -85,12 +79,6 @@ proto_vxlan6_setup() { + local ip6addr peer6addr + json_get_vars ip6addr peer6addr tunlink + +- [ -z "$peer6addr" ] && { +- proto_notify_error "$cfg" "MISSING_ADDRESS" +- proto_block_restart "$cfg" +- exit +- } +- + ( proto_add_host_dependency "$cfg" '' "$tunlink" ) + + [ -z "$ip6addr" ] && { diff --git a/build_patches/openwrt/0014-vxlan-add-capability-for-multiple-fdb-entries.patch b/build_patches/openwrt/0014-vxlan-add-capability-for-multiple-fdb-entries.patch new file mode 100644 index 00000000..243917d4 --- /dev/null +++ b/build_patches/openwrt/0014-vxlan-add-capability-for-multiple-fdb-entries.patch @@ -0,0 +1,158 @@ +From: Johannes Kimmel <fff@bareminimum.eu> +Date: Mon, 20 Jul 2020 08:05:10 +0200 +Subject: vxlan: add capability for multiple fdb entries + +Similar to wireguard, vxlan can configure multiple peers or add specific +entries to the fdb for a single mac address. + +While you can still use peeraddr/peer6addr option within the proto +vxlan/vxlan6 section to not break existing configurations, this patch +allows to add multiple sections that conigure fdb entries via the bridge +command. As such, the bridge command is now a dependency of the vxlan +package. (To be honest without the bridge command available, vxlan isn't +very much fun to use or debug at all) + +Field names are taken direclty from the bridge command. + +Example with all supported parameters, since this hasn't been documented so +far: + + config interface 'vx0' + option proto 'vxlan6' # use vxlan over ipv6 + + # main options + option ip6addr '2001:db8::1' # listen address + option tunlink 'wan6' # optional if listen address given + option peer6addr '2001:db8::2' # now optional + option port '8472' # this is the standard port under linux + option vid '42' # VXLAN Network Identifier to use + option mtu '1430' # vxlan6 has 70 bytes overhead + + # extra options + option rxcsum '0' # allow receiving packets without checksum + option txcsum '0' # send packets without checksum + option ttl '16' # specifies the TTL value for outgoing packets + option tos '0' # specifies the TOS value for outgoing packets + option macaddr '11:22:33:44:55:66' # optional, manually specify mac + # default is a random address + +Single peer with head-end replication. Corresponds to the following call +to bridge: + + $ bridge fdb append 00:00:00:00:00:00 dev vx0 dst 2001:db8::3 + + config vxlan_peer + option vxlan 'vx0' + option dst '2001:db8::3' # always required + +For multiple peers, this section can be repeated for each dst address. + +It's possible to specify a multicast address as destination. Useful when +multicast routing is available or within one lan segment: + + config vxlan_peer + option vxlan 'vx0' + option dst 'ff02::1337' # multicast group to join. + # all bum traffic will be send there + option via 'eth1' # for multicast, an outgoing interface needs + # to be specified + +All available peer options for completeness: + + config vxlan_peer + option vxlan 'vx0' # the interface to configure + option lladdr 'aa:bb:cc:dd:ee:ff' # specific mac, + option dst '2001:db8::4' # connected to this peer + option via 'eth0.1' # use this interface only + option port '4789' # use different port for this peer + option vni '23' # override vni for this peer + option src_vni '123' # see man 3 bridge + +Signed-off-by: Johannes Kimmel <fff@bareminimum.eu> + +diff --git a/package/network/config/vxlan/Makefile b/package/network/config/vxlan/Makefile +index 13fcf0c55d07d97f5dcc3cbfcf2478020e7107cc..7232f71b45e6f72f2c62a245ad44cb9ade144f52 100644 +--- a/package/network/config/vxlan/Makefile ++++ b/package/network/config/vxlan/Makefile +@@ -1,7 +1,7 @@ + include $(TOPDIR)/rules.mk + + PKG_NAME:=vxlan +-PKG_RELEASE:=3 ++PKG_RELEASE:=4 + PKG_LICENSE:=GPL-2.0 + + include $(INCLUDE_DIR)/package.mk +diff --git a/package/network/config/vxlan/files/vxlan.sh b/package/network/config/vxlan/files/vxlan.sh +index bdcaa628c4416cc83258dd38a6fc0978ea55a3bb..d063c47d47d0f4e339b21e97f4e25f55a33c0497 100755 +--- a/package/network/config/vxlan/files/vxlan.sh ++++ b/package/network/config/vxlan/files/vxlan.sh +@@ -7,6 +7,50 @@ + init_proto "$@" + } + ++proto_vxlan_setup_peer() { ++ type bridge &> /dev/null || { ++ proto_notify_error "$cfg" "MISSING_BRIDGE_COMMAND" ++ exit ++ } ++ ++ local peer_config="$1" ++ ++ local vxlan ++ local lladdr ++ local dst ++ local src_vni ++ local vni ++ local port ++ local via ++ ++ config_get vxlan "${peer_config}" "vxlan" ++ config_get lladdr "${peer_config}" "lladdr" ++ config_get dst "${peer_config}" "dst" ++ config_get src_vni "${peer_config}" "src_vni" ++ config_get vni "${peer_config}" "vni" ++ config_get port "${peer_config}" "port" ++ config_get via "${peer_config}" "via" ++ ++ [ "$cfg" = "$vxlan" ] || { ++ # This peer section belongs to another device ++ return ++ } ++ ++ [ -n "${dst}" ] || { ++ proto_notify_error "$cfg" "MISSING_PEER_ADDRESS" ++ exit ++ } ++ ++ bridge fdb append \ ++ ${lladdr:-00:00:00:00:00:00} \ ++ dev ${cfg} \ ++ dst ${dst} \ ++ ${src_vni:+src_vni $src_vni} \ ++ ${vni:+vni $vni} \ ++ ${port:+port $port} \ ++ ${via:+via $via} ++} ++ + vxlan_generic_setup() { + local cfg="$1" + local mode="$2" +@@ -18,7 +62,6 @@ vxlan_generic_setup() { + local port vid ttl tos mtu macaddr zone rxcsum txcsum + json_get_vars port vid ttl tos mtu macaddr zone rxcsum txcsum + +- + proto_init_update "$link" 1 + + proto_add_tunnel +@@ -47,6 +90,9 @@ vxlan_generic_setup() { + proto_close_data + + proto_send_update "$cfg" ++ ++ config_load network ++ config_foreach proto_vxlan_setup_peer "vxlan_peer" + } + + proto_vxlan_setup() {
Moin, Reviewed-by: Johannes Kimmel <fff@bareminimum.eu> Tested-by: Johannes Kimmel <fff@bareminimum.eu> Laeuft uebrigens vorruebergehend gerade hier: https://monitoring.freifunk-franken.de/routers/15604 Gruesse, Johannes On 20.07.20 15:10, Adrian Schmutzler wrote: > This adds a few improvements and fixes for vxlan support. > > The following two patches are already backported to openwrt-1907 and > can be dropped after bumping to the next point release: > > 0011-vxlan-fix-udp-checksum-control.patch > 0012-vxlan-bump-and-change-to-PKG_RELEASE.patch > > The other two patches won't be backported and have to be kept until > we move up to 20.xx: > > 0013-vxlan-remove-mandatory-peeraddr.patch > 0014-vxlan-add-capability-for-multiple-fdb-entries.patch > > Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> > --- > .../0011-vxlan-fix-udp-checksum-control.patch | 27 +++ > ...vxlan-bump-and-change-to-PKG_RELEASE.patch | 29 ++++ > ...0013-vxlan-remove-mandatory-peeraddr.patch | 42 +++++ > ...-capability-for-multiple-fdb-entries.patch | 158 ++++++++++++++++++ > 4 files changed, 256 insertions(+) > create mode 100644 build_patches/openwrt/0011-vxlan-fix-udp-checksum-control.patch > create mode 100644 build_patches/openwrt/0012-vxlan-bump-and-change-to-PKG_RELEASE.patch > create mode 100644 build_patches/openwrt/0013-vxlan-remove-mandatory-peeraddr.patch > create mode 100644 build_patches/openwrt/0014-vxlan-add-capability-for-multiple-fdb-entries.patch > > diff --git a/build_patches/openwrt/0011-vxlan-fix-udp-checksum-control.patch b/build_patches/openwrt/0011-vxlan-fix-udp-checksum-control.patch > new file mode 100644 > index 00000000..5539d557 > --- /dev/null > +++ b/build_patches/openwrt/0011-vxlan-fix-udp-checksum-control.patch > @@ -0,0 +1,27 @@ > +From: Johannes Kimmel <fff@bareminimum.eu> > +Date: Mon, 8 Jun 2020 16:14:43 +0200 > +Subject: vxlan: fix udp checksum control > + > +So far, passing "rxcsum" and "txcsum" had no effect. > + > +Fixes: 95ab18e0124e ("vxlan: add options to enable and disable UDP > +checksums") > + > +Signed-off-by: Johannes Kimmel <fff@bareminimum.eu> > +[add Fixes:] > +Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> > +(cherry picked from commit 0453c3866feb701160bbab4ecf9762c5a3038503) > + > +diff --git a/package/network/config/vxlan/files/vxlan.sh b/package/network/config/vxlan/files/vxlan.sh > +index d055d41edc59f50c0c132849bbcd0235edeef5b9..7b1c7039551b7781f5f7a8e73b964db698f3697b 100755 > +--- a/package/network/config/vxlan/files/vxlan.sh > ++++ b/package/network/config/vxlan/files/vxlan.sh > +@@ -129,6 +129,8 @@ vxlan_generic_init_config() { > + proto_config_add_int "ttl" > + proto_config_add_int "tos" > + proto_config_add_int "mtu" > ++ proto_config_add_boolean "rxcsum" > ++ proto_config_add_boolean "txcsum" > + proto_config_add_string "macaddr" > + } > + > diff --git a/build_patches/openwrt/0012-vxlan-bump-and-change-to-PKG_RELEASE.patch b/build_patches/openwrt/0012-vxlan-bump-and-change-to-PKG_RELEASE.patch > new file mode 100644 > index 00000000..a9c603fa > --- /dev/null > +++ b/build_patches/openwrt/0012-vxlan-bump-and-change-to-PKG_RELEASE.patch > @@ -0,0 +1,29 @@ > +From: Adrian Schmutzler <freifunk@adrianschmutzler.de> > +Date: Wed, 15 Jul 2020 16:49:36 +0200 > +Subject: vxlan: bump and change to PKG_RELEASE > + > +Bumping package version has been overlooked in a previous commit. > + > +While at it, use PKG_RELEASE instead of PKG_VERSION, as the latter > +is meant for upstream version number only. > +(The effective version string for the package would be "3" in both > +cases, so there is no harm done for version comparison.) > + > +Fixes: 0453c3866feb ("vxlan: fix udp checksum control") > + > +Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> > +(cherry picked from commit b29d620ed2521fe6fda40ddafe6cb0f1d70e4503) > + > +diff --git a/package/network/config/vxlan/Makefile b/package/network/config/vxlan/Makefile > +index 5850c443e73131f19fbeb1f986f85259d5747ac4..13fcf0c55d07d97f5dcc3cbfcf2478020e7107cc 100644 > +--- a/package/network/config/vxlan/Makefile > ++++ b/package/network/config/vxlan/Makefile > +@@ -1,7 +1,7 @@ > + include $(TOPDIR)/rules.mk > + > + PKG_NAME:=vxlan > +-PKG_VERSION:=2 > ++PKG_RELEASE:=3 > + PKG_LICENSE:=GPL-2.0 > + > + include $(INCLUDE_DIR)/package.mk > diff --git a/build_patches/openwrt/0013-vxlan-remove-mandatory-peeraddr.patch b/build_patches/openwrt/0013-vxlan-remove-mandatory-peeraddr.patch > new file mode 100644 > index 00000000..90ce449d > --- /dev/null > +++ b/build_patches/openwrt/0013-vxlan-remove-mandatory-peeraddr.patch > @@ -0,0 +1,42 @@ > +From: Johannes Kimmel <fff@bareminimum.eu> > +Date: Mon, 20 Jul 2020 08:05:09 +0200 > +Subject: vxlan: remove mandatory peeraddr > + > +vxlan can be configured without a peer address. This is used to prepare > +an interface and add peers later. > + > +Fixes: FS#2743 > + > +Signed-off-by: Johannes Kimmel <fff@bareminimum.eu> > +Acked-by: Matthias Schiffer <mschiffer@universe-factory.net> > + > +diff --git a/package/network/config/vxlan/files/vxlan.sh b/package/network/config/vxlan/files/vxlan.sh > +index 7b1c7039551b7781f5f7a8e73b964db698f3697b..bdcaa628c4416cc83258dd38a6fc0978ea55a3bb 100755 > +--- a/package/network/config/vxlan/files/vxlan.sh > ++++ b/package/network/config/vxlan/files/vxlan.sh > +@@ -55,12 +55,6 @@ proto_vxlan_setup() { > + local ipaddr peeraddr > + json_get_vars ipaddr peeraddr tunlink > + > +- [ -z "$peeraddr" ] && { > +- proto_notify_error "$cfg" "MISSING_ADDRESS" > +- proto_block_restart "$cfg" > +- exit > +- } > +- > + ( proto_add_host_dependency "$cfg" '' "$tunlink" ) > + > + [ -z "$ipaddr" ] && { > +@@ -85,12 +79,6 @@ proto_vxlan6_setup() { > + local ip6addr peer6addr > + json_get_vars ip6addr peer6addr tunlink > + > +- [ -z "$peer6addr" ] && { > +- proto_notify_error "$cfg" "MISSING_ADDRESS" > +- proto_block_restart "$cfg" > +- exit > +- } > +- > + ( proto_add_host_dependency "$cfg" '' "$tunlink" ) > + > + [ -z "$ip6addr" ] && { > diff --git a/build_patches/openwrt/0014-vxlan-add-capability-for-multiple-fdb-entries.patch b/build_patches/openwrt/0014-vxlan-add-capability-for-multiple-fdb-entries.patch > new file mode 100644 > index 00000000..243917d4 > --- /dev/null > +++ b/build_patches/openwrt/0014-vxlan-add-capability-for-multiple-fdb-entries.patch > @@ -0,0 +1,158 @@ > +From: Johannes Kimmel <fff@bareminimum.eu> > +Date: Mon, 20 Jul 2020 08:05:10 +0200 > +Subject: vxlan: add capability for multiple fdb entries > + > +Similar to wireguard, vxlan can configure multiple peers or add specific > +entries to the fdb for a single mac address. > + > +While you can still use peeraddr/peer6addr option within the proto > +vxlan/vxlan6 section to not break existing configurations, this patch > +allows to add multiple sections that conigure fdb entries via the bridge > +command. As such, the bridge command is now a dependency of the vxlan > +package. (To be honest without the bridge command available, vxlan isn't > +very much fun to use or debug at all) > + > +Field names are taken direclty from the bridge command. > + > +Example with all supported parameters, since this hasn't been documented so > +far: > + > + config interface 'vx0' > + option proto 'vxlan6' # use vxlan over ipv6 > + > + # main options > + option ip6addr '2001:db8::1' # listen address > + option tunlink 'wan6' # optional if listen address given > + option peer6addr '2001:db8::2' # now optional > + option port '8472' # this is the standard port under linux > + option vid '42' # VXLAN Network Identifier to use > + option mtu '1430' # vxlan6 has 70 bytes overhead > + > + # extra options > + option rxcsum '0' # allow receiving packets without checksum > + option txcsum '0' # send packets without checksum > + option ttl '16' # specifies the TTL value for outgoing packets > + option tos '0' # specifies the TOS value for outgoing packets > + option macaddr '11:22:33:44:55:66' # optional, manually specify mac > + # default is a random address > + > +Single peer with head-end replication. Corresponds to the following call > +to bridge: > + > + $ bridge fdb append 00:00:00:00:00:00 dev vx0 dst 2001:db8::3 > + > + config vxlan_peer > + option vxlan 'vx0' > + option dst '2001:db8::3' # always required > + > +For multiple peers, this section can be repeated for each dst address. > + > +It's possible to specify a multicast address as destination. Useful when > +multicast routing is available or within one lan segment: > + > + config vxlan_peer > + option vxlan 'vx0' > + option dst 'ff02::1337' # multicast group to join. > + # all bum traffic will be send there > + option via 'eth1' # for multicast, an outgoing interface needs > + # to be specified > + > +All available peer options for completeness: > + > + config vxlan_peer > + option vxlan 'vx0' # the interface to configure > + option lladdr 'aa:bb:cc:dd:ee:ff' # specific mac, > + option dst '2001:db8::4' # connected to this peer > + option via 'eth0.1' # use this interface only > + option port '4789' # use different port for this peer > + option vni '23' # override vni for this peer > + option src_vni '123' # see man 3 bridge > + > +Signed-off-by: Johannes Kimmel <fff@bareminimum.eu> > + > +diff --git a/package/network/config/vxlan/Makefile b/package/network/config/vxlan/Makefile > +index 13fcf0c55d07d97f5dcc3cbfcf2478020e7107cc..7232f71b45e6f72f2c62a245ad44cb9ade144f52 100644 > +--- a/package/network/config/vxlan/Makefile > ++++ b/package/network/config/vxlan/Makefile > +@@ -1,7 +1,7 @@ > + include $(TOPDIR)/rules.mk > + > + PKG_NAME:=vxlan > +-PKG_RELEASE:=3 > ++PKG_RELEASE:=4 > + PKG_LICENSE:=GPL-2.0 > + > + include $(INCLUDE_DIR)/package.mk > +diff --git a/package/network/config/vxlan/files/vxlan.sh b/package/network/config/vxlan/files/vxlan.sh > +index bdcaa628c4416cc83258dd38a6fc0978ea55a3bb..d063c47d47d0f4e339b21e97f4e25f55a33c0497 100755 > +--- a/package/network/config/vxlan/files/vxlan.sh > ++++ b/package/network/config/vxlan/files/vxlan.sh > +@@ -7,6 +7,50 @@ > + init_proto "$@" > + } > + > ++proto_vxlan_setup_peer() { > ++ type bridge &> /dev/null || { > ++ proto_notify_error "$cfg" "MISSING_BRIDGE_COMMAND" > ++ exit > ++ } > ++ > ++ local peer_config="$1" > ++ > ++ local vxlan > ++ local lladdr > ++ local dst > ++ local src_vni > ++ local vni > ++ local port > ++ local via > ++ > ++ config_get vxlan "${peer_config}" "vxlan" > ++ config_get lladdr "${peer_config}" "lladdr" > ++ config_get dst "${peer_config}" "dst" > ++ config_get src_vni "${peer_config}" "src_vni" > ++ config_get vni "${peer_config}" "vni" > ++ config_get port "${peer_config}" "port" > ++ config_get via "${peer_config}" "via" > ++ > ++ [ "$cfg" = "$vxlan" ] || { > ++ # This peer section belongs to another device > ++ return > ++ } > ++ > ++ [ -n "${dst}" ] || { > ++ proto_notify_error "$cfg" "MISSING_PEER_ADDRESS" > ++ exit > ++ } > ++ > ++ bridge fdb append \ > ++ ${lladdr:-00:00:00:00:00:00} \ > ++ dev ${cfg} \ > ++ dst ${dst} \ > ++ ${src_vni:+src_vni $src_vni} \ > ++ ${vni:+vni $vni} \ > ++ ${port:+port $port} \ > ++ ${via:+via $via} > ++} > ++ > + vxlan_generic_setup() { > + local cfg="$1" > + local mode="$2" > +@@ -18,7 +62,6 @@ vxlan_generic_setup() { > + local port vid ttl tos mtu macaddr zone rxcsum txcsum > + json_get_vars port vid ttl tos mtu macaddr zone rxcsum txcsum > + > +- > + proto_init_update "$link" 1 > + > + proto_add_tunnel > +@@ -47,6 +90,9 @@ vxlan_generic_setup() { > + proto_close_data > + > + proto_send_update "$cfg" > ++ > ++ config_load network > ++ config_foreach proto_vxlan_setup_peer "vxlan_peer" > + } > + > + proto_vxlan_setup() { >
Applied. > -----Original Message----- > From: franken-dev [mailto:franken-dev-bounces@freifunk.net] On Behalf > Of Johannes Kimmel > Sent: Dienstag, 21. Juli 2020 05:06 > To: Adrian Schmutzler <freifunk@adrianschmutzler.de>; franken- > dev@freifunk.net > Subject: Re: [PATCH] build_patches: add updates for vxlan support > > Moin, > > Reviewed-by: Johannes Kimmel <fff@bareminimum.eu> > Tested-by: Johannes Kimmel <fff@bareminimum.eu> > > Laeuft uebrigens vorruebergehend gerade hier: > https://monitoring.freifunk-franken.de/routers/15604 > > Gruesse, > > Johannes > > On 20.07.20 15:10, Adrian Schmutzler wrote: > > This adds a few improvements and fixes for vxlan support. > > > > The following two patches are already backported to openwrt-1907 and > > can be dropped after bumping to the next point release: > > > > 0011-vxlan-fix-udp-checksum-control.patch > > 0012-vxlan-bump-and-change-to-PKG_RELEASE.patch > > > > The other two patches won't be backported and have to be kept until we > > move up to 20.xx: > > > > 0013-vxlan-remove-mandatory-peeraddr.patch > > 0014-vxlan-add-capability-for-multiple-fdb-entries.patch > > > > Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> > > --- > > .../0011-vxlan-fix-udp-checksum-control.patch | 27 +++ > > ...vxlan-bump-and-change-to-PKG_RELEASE.patch | 29 ++++ > > ...0013-vxlan-remove-mandatory-peeraddr.patch | 42 +++++ > > ...-capability-for-multiple-fdb-entries.patch | 158 ++++++++++++++++++ > > 4 files changed, 256 insertions(+) > > create mode 100644 build_patches/openwrt/0011-vxlan-fix-udp- > checksum-control.patch > > create mode 100644 build_patches/openwrt/0012-vxlan-bump-and- > change-to-PKG_RELEASE.patch > > create mode 100644 build_patches/openwrt/0013-vxlan-remove- > mandatory-peeraddr.patch > > create mode 100644 > > build_patches/openwrt/0014-vxlan-add-capability-for-multiple-fdb-entri > > es.patch > > > > diff --git > > a/build_patches/openwrt/0011-vxlan-fix-udp-checksum-control.patch > > b/build_patches/openwrt/0011-vxlan-fix-udp-checksum-control.patch > > new file mode 100644 > > index 00000000..5539d557 > > --- /dev/null > > +++ b/build_patches/openwrt/0011-vxlan-fix-udp-checksum-control.patch > > @@ -0,0 +1,27 @@ > > +From: Johannes Kimmel <fff@bareminimum.eu> > > +Date: Mon, 8 Jun 2020 16:14:43 +0200 > > +Subject: vxlan: fix udp checksum control > > + > > +So far, passing "rxcsum" and "txcsum" had no effect. > > + > > +Fixes: 95ab18e0124e ("vxlan: add options to enable and disable UDP > > +checksums") > > + > > +Signed-off-by: Johannes Kimmel <fff@bareminimum.eu> [add Fixes:] > > +Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> > > +(cherry picked from commit > 0453c3866feb701160bbab4ecf9762c5a3038503) > > + > > +diff --git a/package/network/config/vxlan/files/vxlan.sh > > +b/package/network/config/vxlan/files/vxlan.sh > > +index > > > +d055d41edc59f50c0c132849bbcd0235edeef5b9..7b1c7039551b7781f5f7a8e7 > 3b9 > > +64db698f3697b 100755 > > +--- a/package/network/config/vxlan/files/vxlan.sh > > ++++ b/package/network/config/vxlan/files/vxlan.sh > > +@@ -129,6 +129,8 @@ vxlan_generic_init_config() { > > + proto_config_add_int "ttl" > > + proto_config_add_int "tos" > > + proto_config_add_int "mtu" > > ++ proto_config_add_boolean "rxcsum" > > ++ proto_config_add_boolean "txcsum" > > + proto_config_add_string "macaddr" > > + } > > + > > diff --git > > a/build_patches/openwrt/0012-vxlan-bump-and-change-to- > PKG_RELEASE.patc > > h > > b/build_patches/openwrt/0012-vxlan-bump-and-change-to- > PKG_RELEASE.patc > > h > > new file mode 100644 > > index 00000000..a9c603fa > > --- /dev/null > > +++ b/build_patches/openwrt/0012-vxlan-bump-and-change-to- > PKG_RELEASE. > > +++ patch > > @@ -0,0 +1,29 @@ > > +From: Adrian Schmutzler <freifunk@adrianschmutzler.de> > > +Date: Wed, 15 Jul 2020 16:49:36 +0200 > > +Subject: vxlan: bump and change to PKG_RELEASE > > + > > +Bumping package version has been overlooked in a previous commit. > > + > > +While at it, use PKG_RELEASE instead of PKG_VERSION, as the latter is > > +meant for upstream version number only. > > +(The effective version string for the package would be "3" in both > > +cases, so there is no harm done for version comparison.) > > + > > +Fixes: 0453c3866feb ("vxlan: fix udp checksum control") > > + > > +Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> > > +(cherry picked from commit > b29d620ed2521fe6fda40ddafe6cb0f1d70e4503) > > + > > +diff --git a/package/network/config/vxlan/Makefile > > +b/package/network/config/vxlan/Makefile > > +index > > > +5850c443e73131f19fbeb1f986f85259d5747ac4..13fcf0c55d07d97f5dcc3cbfcf2 > > +478020e7107cc 100644 > > +--- a/package/network/config/vxlan/Makefile > > ++++ b/package/network/config/vxlan/Makefile > > +@@ -1,7 +1,7 @@ > > + include $(TOPDIR)/rules.mk > > + > > + PKG_NAME:=vxlan > > +-PKG_VERSION:=2 > > ++PKG_RELEASE:=3 > > + PKG_LICENSE:=GPL-2.0 > > + > > + include $(INCLUDE_DIR)/package.mk > > diff --git > > a/build_patches/openwrt/0013-vxlan-remove-mandatory-peeraddr.patch > > b/build_patches/openwrt/0013-vxlan-remove-mandatory-peeraddr.patch > > new file mode 100644 > > index 00000000..90ce449d > > --- /dev/null > > +++ b/build_patches/openwrt/0013-vxlan-remove-mandatory- > peeraddr.patch > > @@ -0,0 +1,42 @@ > > +From: Johannes Kimmel <fff@bareminimum.eu> > > +Date: Mon, 20 Jul 2020 08:05:09 +0200 > > +Subject: vxlan: remove mandatory peeraddr > > + > > +vxlan can be configured without a peer address. This is used to > > +prepare an interface and add peers later. > > + > > +Fixes: FS#2743 > > + > > +Signed-off-by: Johannes Kimmel <fff@bareminimum.eu> > > +Acked-by: Matthias Schiffer <mschiffer@universe-factory.net> > > + > > +diff --git a/package/network/config/vxlan/files/vxlan.sh > > +b/package/network/config/vxlan/files/vxlan.sh > > +index > > > +7b1c7039551b7781f5f7a8e73b964db698f3697b..bdcaa628c4416cc83258dd38 > a6f > > +c0978ea55a3bb 100755 > > +--- a/package/network/config/vxlan/files/vxlan.sh > > ++++ b/package/network/config/vxlan/files/vxlan.sh > > +@@ -55,12 +55,6 @@ proto_vxlan_setup() { > > + local ipaddr peeraddr > > + json_get_vars ipaddr peeraddr tunlink > > + > > +- [ -z "$peeraddr" ] && { > > +- proto_notify_error "$cfg" "MISSING_ADDRESS" > > +- proto_block_restart "$cfg" > > +- exit > > +- } > > +- > > + ( proto_add_host_dependency "$cfg" '' "$tunlink" ) > > + > > + [ -z "$ipaddr" ] && { > > +@@ -85,12 +79,6 @@ proto_vxlan6_setup() { > > + local ip6addr peer6addr > > + json_get_vars ip6addr peer6addr tunlink > > + > > +- [ -z "$peer6addr" ] && { > > +- proto_notify_error "$cfg" "MISSING_ADDRESS" > > +- proto_block_restart "$cfg" > > +- exit > > +- } > > +- > > + ( proto_add_host_dependency "$cfg" '' "$tunlink" ) > > + > > + [ -z "$ip6addr" ] && { > > diff --git > > a/build_patches/openwrt/0014-vxlan-add-capability-for-multiple-fdb-ent > > ries.patch > > b/build_patches/openwrt/0014-vxlan-add-capability-for-multiple-fdb-ent > > ries.patch > > new file mode 100644 > > index 00000000..243917d4 > > --- /dev/null > > +++ b/build_patches/openwrt/0014-vxlan-add-capability-for-multiple-fdb > > +++ -entries.patch > > @@ -0,0 +1,158 @@ > > +From: Johannes Kimmel <fff@bareminimum.eu> > > +Date: Mon, 20 Jul 2020 08:05:10 +0200 > > +Subject: vxlan: add capability for multiple fdb entries > > + > > +Similar to wireguard, vxlan can configure multiple peers or add > > +specific entries to the fdb for a single mac address. > > + > > +While you can still use peeraddr/peer6addr option within the proto > > +vxlan/vxlan6 section to not break existing configurations, this patch > > +allows to add multiple sections that conigure fdb entries via the > > +bridge command. As such, the bridge command is now a dependency of > > +the vxlan package. (To be honest without the bridge command > > +available, vxlan isn't very much fun to use or debug at all) > > + > > +Field names are taken direclty from the bridge command. > > + > > +Example with all supported parameters, since this hasn't been > > +documented so > > +far: > > + > > + config interface 'vx0' > > + option proto 'vxlan6' # use vxlan over ipv6 > > + > > + # main options > > + option ip6addr '2001:db8::1' # listen address > > + option tunlink 'wan6' # optional if listen address given > > + option peer6addr '2001:db8::2' # now optional > > + option port '8472' # this is the standard port under linux > > + option vid '42' # VXLAN Network Identifier to use > > + option mtu '1430' # vxlan6 has 70 bytes overhead > > + > > + # extra options > > + option rxcsum '0' # allow receiving packets without checksum > > + option txcsum '0' # send packets without checksum > > + option ttl '16' # specifies the TTL value for outgoing packets > > + option tos '0' # specifies the TOS value for outgoing packets > > + option macaddr '11:22:33:44:55:66' # optional, manually specify mac > > + # default is a random > > + address > > + > > +Single peer with head-end replication. Corresponds to the following > > +call to bridge: > > + > > + $ bridge fdb append 00:00:00:00:00:00 dev vx0 dst 2001:db8::3 > > + > > + config vxlan_peer > > + option vxlan 'vx0' > > + option dst '2001:db8::3' # always required > > + > > +For multiple peers, this section can be repeated for each dst address. > > + > > +It's possible to specify a multicast address as destination. Useful > > +when multicast routing is available or within one lan segment: > > + > > + config vxlan_peer > > + option vxlan 'vx0' > > + option dst 'ff02::1337' # multicast group to join. > > + # all bum traffic will be send there > > + option via 'eth1' # for multicast, an outgoing interface needs > > + # to be specified > > + > > +All available peer options for completeness: > > + > > + config vxlan_peer > > + option vxlan 'vx0' # the interface to configure > > + option lladdr 'aa:bb:cc:dd:ee:ff' # specific mac, > > + option dst '2001:db8::4' # connected to this peer > > + option via 'eth0.1' # use this interface only > > + option port '4789' # use different port for this peer > > + option vni '23' # override vni for this peer > > + option src_vni '123' # see man 3 bridge > > + > > +Signed-off-by: Johannes Kimmel <fff@bareminimum.eu> > > + > > +diff --git a/package/network/config/vxlan/Makefile > > +b/package/network/config/vxlan/Makefile > > +index > > > +13fcf0c55d07d97f5dcc3cbfcf2478020e7107cc..7232f71b45e6f72f2c62a245ad4 > > +4cb9ade144f52 100644 > > +--- a/package/network/config/vxlan/Makefile > > ++++ b/package/network/config/vxlan/Makefile > > +@@ -1,7 +1,7 @@ > > + include $(TOPDIR)/rules.mk > > + > > + PKG_NAME:=vxlan > > +-PKG_RELEASE:=3 > > ++PKG_RELEASE:=4 > > + PKG_LICENSE:=GPL-2.0 > > + > > + include $(INCLUDE_DIR)/package.mk > > +diff --git a/package/network/config/vxlan/files/vxlan.sh > > +b/package/network/config/vxlan/files/vxlan.sh > > +index > > > +bdcaa628c4416cc83258dd38a6fc0978ea55a3bb..d063c47d47d0f4e339b21e97 > f4e > > +25f55a33c0497 100755 > > +--- a/package/network/config/vxlan/files/vxlan.sh > > ++++ b/package/network/config/vxlan/files/vxlan.sh > > +@@ -7,6 +7,50 @@ > > + init_proto "$@" > > + } > > + > > ++proto_vxlan_setup_peer() { > > ++ type bridge &> /dev/null || { > > ++ proto_notify_error "$cfg" "MISSING_BRIDGE_COMMAND" > > ++ exit > > ++ } > > ++ > > ++ local peer_config="$1" > > ++ > > ++ local vxlan > > ++ local lladdr > > ++ local dst > > ++ local src_vni > > ++ local vni > > ++ local port > > ++ local via > > ++ > > ++ config_get vxlan "${peer_config}" "vxlan" > > ++ config_get lladdr "${peer_config}" "lladdr" > > ++ config_get dst "${peer_config}" "dst" > > ++ config_get src_vni "${peer_config}" "src_vni" > > ++ config_get vni "${peer_config}" "vni" > > ++ config_get port "${peer_config}" "port" > > ++ config_get via "${peer_config}" "via" > > ++ > > ++ [ "$cfg" = "$vxlan" ] || { > > ++ # This peer section belongs to another device > > ++ return > > ++ } > > ++ > > ++ [ -n "${dst}" ] || { > > ++ proto_notify_error "$cfg" "MISSING_PEER_ADDRESS" > > ++ exit > > ++ } > > ++ > > ++ bridge fdb append \ > > ++ ${lladdr:-00:00:00:00:00:00} \ > > ++ dev ${cfg} \ > > ++ dst ${dst} \ > > ++ ${src_vni:+src_vni $src_vni} \ > > ++ ${vni:+vni $vni} \ > > ++ ${port:+port $port} \ > > ++ ${via:+via $via} > > ++} > > ++ > > + vxlan_generic_setup() { > > + local cfg="$1" > > + local mode="$2" > > +@@ -18,7 +62,6 @@ vxlan_generic_setup() { > > + local port vid ttl tos mtu macaddr zone rxcsum txcsum > > + json_get_vars port vid ttl tos mtu macaddr zone rxcsum txcsum > > + > > +- > > + proto_init_update "$link" 1 > > + > > + proto_add_tunnel > > +@@ -47,6 +90,9 @@ vxlan_generic_setup() { > > + proto_close_data > > + > > + proto_send_update "$cfg" > > ++ > > ++ config_load network > > ++ config_foreach proto_vxlan_setup_peer "vxlan_peer" > > + } > > + > > + proto_vxlan_setup() { > >
This adds a few improvements and fixes for vxlan support. The following two patches are already backported to openwrt-1907 and can be dropped after bumping to the next point release: 0011-vxlan-fix-udp-checksum-control.patch 0012-vxlan-bump-and-change-to-PKG_RELEASE.patch The other two patches won't be backported and have to be kept until we move up to 20.xx: 0013-vxlan-remove-mandatory-peeraddr.patch 0014-vxlan-add-capability-for-multiple-fdb-entries.patch Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> --- .../0011-vxlan-fix-udp-checksum-control.patch | 27 +++ ...vxlan-bump-and-change-to-PKG_RELEASE.patch | 29 ++++ ...0013-vxlan-remove-mandatory-peeraddr.patch | 42 +++++ ...-capability-for-multiple-fdb-entries.patch | 158 ++++++++++++++++++ 4 files changed, 256 insertions(+) create mode 100644 build_patches/openwrt/0011-vxlan-fix-udp-checksum-control.patch create mode 100644 build_patches/openwrt/0012-vxlan-bump-and-change-to-PKG_RELEASE.patch create mode 100644 build_patches/openwrt/0013-vxlan-remove-mandatory-peeraddr.patch create mode 100644 build_patches/openwrt/0014-vxlan-add-capability-for-multiple-fdb-entries.patch