From patchwork Mon Aug 3 03:43:12 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: [RFC,v2] vxlan: netifd and vxlan package patches From: Johannes Kimmel X-Patchwork-Id: 1419 Message-Id: <20200803034311.24240-1-fff@bareminimum.eu> To: franken-dev@freifunk.net Date: Mon, 3 Aug 2020 05:43:12 +0200 netifd: - add srcportmin option - add srcportmax option (port exclusive) - add most missing boolean options - add aging and maxaddress options vxlan: - wire up the new vxlan options support - srcport option srcport "1337 31337" # for range, max is exclusive option srcport "1337" # for single srcport srcport string is split before sending over to netifd to make processing more robust on the netifd side. - learning - rsc - proxy - l2miss - l3miss - gbp - aging - maxaddress - allow automatic source ip see ip-link(3) Signed-off-by: Johannes Kimmel --- .../openwrt/0015-netifd-vxlan-patches.patch | 368 ++++++++++++++++++ .../0016-vxlan-wire-up-more-options.patch | 73 ++++ ...ow-for-automatic-source-ip-selection.patch | 98 +++++ 3 files changed, 539 insertions(+) create mode 100644 build_patches/openwrt/0015-netifd-vxlan-patches.patch create mode 100644 build_patches/openwrt/0016-vxlan-wire-up-more-options.patch create mode 100644 build_patches/openwrt/0017-vxlan-allow-for-automatic-source-ip-selection.patch diff --git a/build_patches/openwrt/0015-netifd-vxlan-patches.patch b/build_patches/openwrt/0015-netifd-vxlan-patches.patch new file mode 100644 index 0000000..99c70fb --- /dev/null +++ b/build_patches/openwrt/0015-netifd-vxlan-patches.patch @@ -0,0 +1,368 @@ +From 2de21bdf584075c690d6516edfb4996426d31b89 Mon Sep 17 00:00:00 2001 +From: Johannes Kimmel +Date: Sat, 1 Aug 2020 04:23:41 +0200 +Subject: [PATCH 15/17] netifd: vxlan patches + +84e8570 netifd: vxlan: handle srcport range +9b258d8 netifd: vxlan: refactor mapping of boolean attrs +1c7cc90 netifd: vxlan: add most missing boolean options +01cccf0 netifd: vxlan: add aging and maxaddress options + +Signed-off-by: Johannes Kimmel +--- + ...01-netifd-vxlan-handle-srcport-range.patch | 98 +++++++++++++++++++ + ...an-refactor-mapping-of-boolean-attrs.patch | 59 +++++++++++ + ...lan-add-most-missing-boolean-options.patch | 97 ++++++++++++++++++ + ...lan-add-aging-and-maxaddress-options.patch | 65 ++++++++++++ + 4 files changed, 319 insertions(+) + create mode 100644 package/network/config/netifd/patches/0001-netifd-vxlan-handle-srcport-range.patch + create mode 100644 package/network/config/netifd/patches/0002-netifd-vxlan-refactor-mapping-of-boolean-attrs.patch + create mode 100644 package/network/config/netifd/patches/0003-netifd-vxlan-add-most-missing-boolean-options.patch + create mode 100644 package/network/config/netifd/patches/0004-netifd-vxlan-add-aging-and-maxaddress-options.patch + +diff --git a/package/network/config/netifd/patches/0001-netifd-vxlan-handle-srcport-range.patch b/package/network/config/netifd/patches/0001-netifd-vxlan-handle-srcport-range.patch +new file mode 100644 +index 0000000000..9016e15dea +--- /dev/null ++++ b/package/network/config/netifd/patches/0001-netifd-vxlan-handle-srcport-range.patch +@@ -0,0 +1,98 @@ ++From 84e857013a2880362d16aa7890cd62981c152ddb Mon Sep 17 00:00:00 2001 ++From: Johannes Kimmel ++Date: Sat, 1 Aug 2020 03:38:27 +0200 ++Subject: [PATCH 1/4] netifd: vxlan: handle srcport range ++ ++This adds adds the ability to set the source port range for vxlan ++interfaces. ++ ++By default vxlans will use a random port within the ephermal range as ++source ports for packets. This is done to aid scaleability within a ++datacenter. ++ ++But with these defaults it's impossible to punch through NATs or ++traverese most stateful firewalls easily. One solution is to fix the ++srcport to the same as dstport. ++ ++If only srcportmin is specified, then srcportmax is set in a way that ++outgoing packets will only use srcportmin. ++ ++If a range is to be specified, srcportmin and srcportmax have to be ++specified. srcportmax is exclusive. ++ ++If only srcportmax is specified, the value is ignored and defaults are ++used. ++ ++Signed-off-by: Johannes Kimmel ++--- ++ system-linux.c | 26 ++++++++++++++++++++++++++ ++ system.c | 2 ++ ++ system.h | 2 ++ ++ 3 files changed, 30 insertions(+) ++ ++diff --git a/system-linux.c b/system-linux.c ++index c5583e0..5ff8749 100644 ++--- a/system-linux.c +++++ b/system-linux.c ++@@ -3184,6 +3184,32 @@ static int system_add_vxlan(const char *name, const unsigned int link, struct bl ++ } ++ nla_put_u16(msg, IFLA_VXLAN_PORT, htons(port)); ++ +++ if ((cur = tb_data[VXLAN_DATA_ATTR_SRCPORTMIN])) { +++ struct ifla_vxlan_port_range srcports = {0,0}; +++ +++ uint32_t low = blobmsg_get_u32(cur); +++ if (low < 1 || low > 65535 - 1) { +++ ret = -EINVAL; +++ goto failure; +++ } +++ +++ srcports.low = htons((uint16_t) low); +++ srcports.high = htons((uint16_t) (low+1)); +++ +++ if ((cur = tb_data[VXLAN_DATA_ATTR_SRCPORTMAX])) { +++ uint32_t high = blobmsg_get_u32(cur); +++ if (high < 1 || high > 65535) { +++ ret = -EINVAL; +++ goto failure; +++ } +++ if (high > low) { +++ srcports.high = htons((uint16_t) high); +++ } +++ } +++ +++ nla_put(msg, IFLA_VXLAN_PORT_RANGE, sizeof(srcports), &srcports); +++ } +++ ++ if ((cur = tb_data[VXLAN_DATA_ATTR_RXCSUM])) { ++ bool rxcsum = blobmsg_get_bool(cur); ++ nla_put_u8(msg, IFLA_VXLAN_UDP_ZERO_CSUM6_RX, !rxcsum); ++diff --git a/system.c b/system.c ++index bbdfef7..4133e55 100644 ++--- a/system.c +++++ b/system.c ++@@ -38,6 +38,8 @@ static const struct blobmsg_policy vxlan_data_attrs[__VXLAN_DATA_ATTR_MAX] = { ++ [VXLAN_DATA_ATTR_MACADDR] = { .name = "macaddr", .type = BLOBMSG_TYPE_STRING }, ++ [VXLAN_DATA_ATTR_RXCSUM] = { .name = "rxcsum", .type = BLOBMSG_TYPE_BOOL }, ++ [VXLAN_DATA_ATTR_TXCSUM] = { .name = "txcsum", .type = BLOBMSG_TYPE_BOOL }, +++ [VXLAN_DATA_ATTR_SRCPORTMIN] = { .name = "srcportmin", .type = BLOBMSG_TYPE_INT32 }, +++ [VXLAN_DATA_ATTR_SRCPORTMAX] = { .name = "srcportmax", .type = BLOBMSG_TYPE_INT32 }, ++ }; ++ ++ const struct uci_blob_param_list vxlan_data_attr_list = { ++diff --git a/system.h b/system.h ++index 015987f..bf9e1d7 100644 ++--- a/system.h +++++ b/system.h ++@@ -44,6 +44,8 @@ enum vxlan_data { ++ VXLAN_DATA_ATTR_MACADDR, ++ VXLAN_DATA_ATTR_RXCSUM, ++ VXLAN_DATA_ATTR_TXCSUM, +++ VXLAN_DATA_ATTR_SRCPORTMIN, +++ VXLAN_DATA_ATTR_SRCPORTMAX, ++ __VXLAN_DATA_ATTR_MAX ++ }; ++ ++-- ++2.28.0 ++ +diff --git a/package/network/config/netifd/patches/0002-netifd-vxlan-refactor-mapping-of-boolean-attrs.patch b/package/network/config/netifd/patches/0002-netifd-vxlan-refactor-mapping-of-boolean-attrs.patch +new file mode 100644 +index 0000000000..51196fa6c7 +--- /dev/null ++++ b/package/network/config/netifd/patches/0002-netifd-vxlan-refactor-mapping-of-boolean-attrs.patch +@@ -0,0 +1,59 @@ ++From 9b258d8c7f5140fa3e19d3e5c19b9cef84ff80f7 Mon Sep 17 00:00:00 2001 ++From: Johannes Kimmel ++Date: Sat, 1 Aug 2020 03:59:55 +0200 ++Subject: [PATCH 2/4] netifd: vxlan: refactor mapping of boolean attrs ++ ++Add a small function to handle boolean options and make use of it to handle: ++ - rxcsum ++ - txcsum ++ ++Signed-off-by: Johannes Kimmel ++--- ++ system-linux.c | 24 ++++++++++++++---------- ++ 1 file changed, 14 insertions(+), 10 deletions(-) ++ ++diff --git a/system-linux.c b/system-linux.c ++index 5ff8749..82b65e3 100644 ++--- a/system-linux.c +++++ b/system-linux.c ++@@ -3073,6 +3073,17 @@ failure: ++ #endif ++ ++ #ifdef IFLA_VXLAN_MAX +++static void system_vxlan_map_bool_attr(struct nl_msg *msg, struct blob_attr **tb_data, int attrtype, int vxlandatatype, bool invert) { +++ struct blob_attr *cur; +++ if ((cur = tb_data[vxlandatatype])) { +++ bool val = blobmsg_get_bool(cur); +++ if (invert) { +++ val = !val; +++ } +++ nla_put_u8(msg, attrtype, val); +++ } +++} +++ ++ static int system_add_vxlan(const char *name, const unsigned int link, struct blob_attr **tb, bool v6) ++ { ++ struct blob_attr *tb_data[__VXLAN_DATA_ATTR_MAX]; ++@@ -3210,16 +3221,9 @@ static int system_add_vxlan(const char *name, const unsigned int link, struct bl ++ nla_put(msg, IFLA_VXLAN_PORT_RANGE, sizeof(srcports), &srcports); ++ } ++ ++- if ((cur = tb_data[VXLAN_DATA_ATTR_RXCSUM])) { ++- bool rxcsum = blobmsg_get_bool(cur); ++- nla_put_u8(msg, IFLA_VXLAN_UDP_ZERO_CSUM6_RX, !rxcsum); ++- } ++- ++- if ((cur = tb_data[VXLAN_DATA_ATTR_TXCSUM])) { ++- bool txcsum = blobmsg_get_bool(cur); ++- nla_put_u8(msg, IFLA_VXLAN_UDP_CSUM, txcsum); ++- nla_put_u8(msg, IFLA_VXLAN_UDP_ZERO_CSUM6_TX, !txcsum); ++- } +++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_UDP_ZERO_CSUM6_RX, VXLAN_DATA_ATTR_RXCSUM, true); +++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_UDP_CSUM, VXLAN_DATA_ATTR_TXCSUM, false); +++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_UDP_ZERO_CSUM6_TX, VXLAN_DATA_ATTR_TXCSUM, true); ++ ++ if ((cur = tb[TUNNEL_ATTR_TOS])) { ++ char *str = blobmsg_get_string(cur); ++-- ++2.28.0 ++ +diff --git a/package/network/config/netifd/patches/0003-netifd-vxlan-add-most-missing-boolean-options.patch b/package/network/config/netifd/patches/0003-netifd-vxlan-add-most-missing-boolean-options.patch +new file mode 100644 +index 0000000000..96acbccf61 +--- /dev/null ++++ b/package/network/config/netifd/patches/0003-netifd-vxlan-add-most-missing-boolean-options.patch +@@ -0,0 +1,97 @@ ++From 1c7cc903287f54ad7d7727f3e58b683057e184d3 Mon Sep 17 00:00:00 2001 ++From: Johannes Kimmel ++Date: Sat, 1 Aug 2020 04:05:31 +0200 ++Subject: [PATCH 3/4] netifd: vxlan: add most missing boolean options ++ ++adds the folloing missing options: ++ - learning ++ - rsc ++ - proxy ++ - l2miss ++ - l3miss ++ - gbp ++ ++See ip-link(3) for their meaning. ++ ++still missing: ++ - external ++ - gpe ++ ++I'm not sure how to handle them at the moment. It's unclear to me what ++IFLA_VXLAN_* value corresponds to the 'external' option and according to ++the manpage, gpe depends on it. ++ ++Signed-off-by: Johannes Kimmel ++--- ++ system-linux.c | 12 +++++++++++- ++ system.c | 6 ++++++ ++ system.h | 6 ++++++ ++ 3 files changed, 23 insertions(+), 1 deletion(-) ++ ++diff --git a/system-linux.c b/system-linux.c ++index 82b65e3..0626128 100644 ++--- a/system-linux.c +++++ b/system-linux.c ++@@ -3080,7 +3080,11 @@ static void system_vxlan_map_bool_attr(struct nl_msg *msg, struct blob_attr **tb ++ if (invert) { ++ val = !val; ++ } ++- nla_put_u8(msg, attrtype, val); +++ if ((attrtype == IFLA_VXLAN_GBP) && val) { +++ nla_put_flag(msg, attrtype); +++ } else { +++ nla_put_u8(msg, attrtype, val); +++ } ++ } ++ } ++ ++@@ -3224,6 +3228,12 @@ static int system_add_vxlan(const char *name, const unsigned int link, struct bl ++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_UDP_ZERO_CSUM6_RX, VXLAN_DATA_ATTR_RXCSUM, true); ++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_UDP_CSUM, VXLAN_DATA_ATTR_TXCSUM, false); ++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_UDP_ZERO_CSUM6_TX, VXLAN_DATA_ATTR_TXCSUM, true); +++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_LEARNING, VXLAN_DATA_ATTR_LEARNING, false); +++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_RSC , VXLAN_DATA_ATTR_RSC, false); +++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_PROXY , VXLAN_DATA_ATTR_PROXY, false); +++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_L2MISS , VXLAN_DATA_ATTR_L2MISS, false); +++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_L3MISS , VXLAN_DATA_ATTR_L3MISS, false); +++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_GBP , VXLAN_DATA_ATTR_GBP, false); ++ ++ if ((cur = tb[TUNNEL_ATTR_TOS])) { ++ char *str = blobmsg_get_string(cur); ++diff --git a/system.c b/system.c ++index 4133e55..95721e1 100644 ++--- a/system.c +++++ b/system.c ++@@ -40,6 +40,12 @@ static const struct blobmsg_policy vxlan_data_attrs[__VXLAN_DATA_ATTR_MAX] = { ++ [VXLAN_DATA_ATTR_TXCSUM] = { .name = "txcsum", .type = BLOBMSG_TYPE_BOOL }, ++ [VXLAN_DATA_ATTR_SRCPORTMIN] = { .name = "srcportmin", .type = BLOBMSG_TYPE_INT32 }, ++ [VXLAN_DATA_ATTR_SRCPORTMAX] = { .name = "srcportmax", .type = BLOBMSG_TYPE_INT32 }, +++ [VXLAN_DATA_ATTR_LEARNING] = { .name = "learning", .type = BLOBMSG_TYPE_BOOL }, +++ [VXLAN_DATA_ATTR_RSC] = { .name = "rsc", .type = BLOBMSG_TYPE_BOOL }, +++ [VXLAN_DATA_ATTR_PROXY] = { .name = "proxy", .type = BLOBMSG_TYPE_BOOL }, +++ [VXLAN_DATA_ATTR_L2MISS] = { .name = "l2miss", .type = BLOBMSG_TYPE_BOOL }, +++ [VXLAN_DATA_ATTR_L3MISS] = { .name = "l3miss", .type = BLOBMSG_TYPE_BOOL }, +++ [VXLAN_DATA_ATTR_GBP] = { .name = "gbp", .type = BLOBMSG_TYPE_BOOL }, ++ }; ++ ++ const struct uci_blob_param_list vxlan_data_attr_list = { ++diff --git a/system.h b/system.h ++index bf9e1d7..290c2e5 100644 ++--- a/system.h +++++ b/system.h ++@@ -46,6 +46,12 @@ enum vxlan_data { ++ VXLAN_DATA_ATTR_TXCSUM, ++ VXLAN_DATA_ATTR_SRCPORTMIN, ++ VXLAN_DATA_ATTR_SRCPORTMAX, +++ VXLAN_DATA_ATTR_LEARNING, +++ VXLAN_DATA_ATTR_RSC, +++ VXLAN_DATA_ATTR_PROXY, +++ VXLAN_DATA_ATTR_L2MISS, +++ VXLAN_DATA_ATTR_L3MISS, +++ VXLAN_DATA_ATTR_GBP, ++ __VXLAN_DATA_ATTR_MAX ++ }; ++ ++-- ++2.28.0 ++ +diff --git a/package/network/config/netifd/patches/0004-netifd-vxlan-add-aging-and-maxaddress-options.patch b/package/network/config/netifd/patches/0004-netifd-vxlan-add-aging-and-maxaddress-options.patch +new file mode 100644 +index 0000000000..9fa810551e +--- /dev/null ++++ b/package/network/config/netifd/patches/0004-netifd-vxlan-add-aging-and-maxaddress-options.patch +@@ -0,0 +1,65 @@ ++From 01cccf0f8f61764be48a77a07afe84d695d8633c Mon Sep 17 00:00:00 2001 ++From: Johannes Kimmel ++Date: Mon, 3 Aug 2020 03:41:55 +0200 ++Subject: [PATCH 4/4] netifd: vxlan: add aging and maxaddress options ++ ++For both options the values can just be passed to the kernel. All ++unsigned values are accepted, thus no range checking required. ++ ++Signed-off-by: Johannes Kimmel ++--- ++ system-linux.c | 10 ++++++++++ ++ system.c | 2 ++ ++ system.h | 2 ++ ++ 3 files changed, 14 insertions(+) ++ ++diff --git a/system-linux.c b/system-linux.c ++index 0626128..ad1caf2 100644 ++--- a/system-linux.c +++++ b/system-linux.c ++@@ -3235,6 +3235,16 @@ static int system_add_vxlan(const char *name, const unsigned int link, struct bl ++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_L3MISS , VXLAN_DATA_ATTR_L3MISS, false); ++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_GBP , VXLAN_DATA_ATTR_GBP, false); ++ +++ if ((cur = tb_data[VXLAN_DATA_ATTR_AGEING])) { +++ uint32_t ageing = blobmsg_get_u32(cur); +++ nla_put_u32(msg, IFLA_VXLAN_AGEING, ageing); +++ } +++ +++ if ((cur = tb_data[VXLAN_DATA_ATTR_LIMIT])) { +++ uint32_t maxaddress = blobmsg_get_u32(cur); +++ nla_put_u32(msg, IFLA_VXLAN_LIMIT, maxaddress); +++ } +++ ++ if ((cur = tb[TUNNEL_ATTR_TOS])) { ++ char *str = blobmsg_get_string(cur); ++ unsigned tos = 1; ++diff --git a/system.c b/system.c ++index 95721e1..834748e 100644 ++--- a/system.c +++++ b/system.c ++@@ -46,6 +46,8 @@ static const struct blobmsg_policy vxlan_data_attrs[__VXLAN_DATA_ATTR_MAX] = { ++ [VXLAN_DATA_ATTR_L2MISS] = { .name = "l2miss", .type = BLOBMSG_TYPE_BOOL }, ++ [VXLAN_DATA_ATTR_L3MISS] = { .name = "l3miss", .type = BLOBMSG_TYPE_BOOL }, ++ [VXLAN_DATA_ATTR_GBP] = { .name = "gbp", .type = BLOBMSG_TYPE_BOOL }, +++ [VXLAN_DATA_ATTR_AGEING] = { .name = "ageing", .type = BLOBMSG_TYPE_INT32 }, +++ [VXLAN_DATA_ATTR_LIMIT] = { .name = "maxaddress", .type = BLOBMSG_TYPE_INT32 }, ++ }; ++ ++ const struct uci_blob_param_list vxlan_data_attr_list = { ++diff --git a/system.h b/system.h ++index 290c2e5..52161a8 100644 ++--- a/system.h +++++ b/system.h ++@@ -52,6 +52,8 @@ enum vxlan_data { ++ VXLAN_DATA_ATTR_L2MISS, ++ VXLAN_DATA_ATTR_L3MISS, ++ VXLAN_DATA_ATTR_GBP, +++ VXLAN_DATA_ATTR_AGEING, +++ VXLAN_DATA_ATTR_LIMIT, ++ __VXLAN_DATA_ATTR_MAX ++ }; ++ ++-- ++2.28.0 ++ +-- +2.28.0 + diff --git a/build_patches/openwrt/0016-vxlan-wire-up-more-options.patch b/build_patches/openwrt/0016-vxlan-wire-up-more-options.patch new file mode 100644 index 0000000..5c0d9a5 --- /dev/null +++ b/build_patches/openwrt/0016-vxlan-wire-up-more-options.patch @@ -0,0 +1,73 @@ +From 5dca02ecf3070f55e3c4aaaf9018bcdefe1f1a1d Mon Sep 17 00:00:00 2001 +From: Johannes Kimmel +Date: Sat, 1 Aug 2020 04:33:11 +0200 +Subject: [PATCH 16/17] vxlan: wire-up more options + +Signed-off-by: Johannes Kimmel +--- + package/network/config/vxlan/files/vxlan.sh | 26 +++++++++++++++++++-- + 1 file changed, 24 insertions(+), 2 deletions(-) + +diff --git a/package/network/config/vxlan/files/vxlan.sh b/package/network/config/vxlan/files/vxlan.sh +index d063c47d47..856f2ca76b 100755 +--- a/package/network/config/vxlan/files/vxlan.sh ++++ b/package/network/config/vxlan/files/vxlan.sh +@@ -59,8 +59,11 @@ vxlan_generic_setup() { + + local link="$cfg" + +- local port vid ttl tos mtu macaddr zone rxcsum txcsum +- json_get_vars port vid ttl tos mtu macaddr zone rxcsum txcsum ++ local port srcport srcportmin srcportmax vid ttl tos mtu macaddr zone rxcsum txcsum learning rsc proxy l2miss l3miss gbp ageing maxaddress ++ json_get_vars port srcport vid ttl tos mtu macaddr zone rxcsum txcsum learning rsc proxy l2miss l3miss gbp ageing maxaddress ++ ++ srcportmin=$(echo $srcport | cut -d' ' -f1) ++ srcportmax=$(echo $srcport | cut -d' ' -f2) + + proto_init_update "$link" 1 + +@@ -77,10 +80,20 @@ vxlan_generic_setup() { + + json_add_object 'data' + [ -n "$port" ] && json_add_int port "$port" ++ [ -n "$srcportmin" ] && json_add_int srcportmin "$srcportmin" ++ [ -n "$srcportmax" ] && json_add_int srcportmax "$srcportmax" + [ -n "$vid" ] && json_add_int id "$vid" + [ -n "$macaddr" ] && json_add_string macaddr "$macaddr" + [ -n "$rxcsum" ] && json_add_boolean rxcsum "$rxcsum" + [ -n "$txcsum" ] && json_add_boolean txcsum "$txcsum" ++ [ -n "$learning" ] && json_add_boolean learning "$learning" ++ [ -n "$rsc" ] && json_add_boolean rsc "$rsc" ++ [ -n "$proxy" ] && json_add_boolean proxy "$proxy" ++ [ -n "$l2miss" ] && json_add_boolean l2miss "$l2miss" ++ [ -n "$l3miss" ] && json_add_boolean l3miss "$l3miss" ++ [ -n "$gbp" ] && json_add_boolean gbp "$gbp" ++ [ -n "$ageing" ] && json_add_int ageing "$ageing" ++ [ -n "$maxaddress" ] && json_add_int maxaddress "$maxaddress" + json_close_object + + proto_close_tunnel +@@ -160,11 +173,20 @@ vxlan_generic_init_config() { + + proto_config_add_int "vid" + proto_config_add_int "port" ++ proto_config_add_string "srcport" + proto_config_add_int "ttl" + proto_config_add_int "tos" + proto_config_add_int "mtu" + proto_config_add_boolean "rxcsum" + proto_config_add_boolean "txcsum" ++ proto_config_add_boolean "learning" ++ proto_config_add_boolean "rsc" ++ proto_config_add_boolean "proxy" ++ proto_config_add_boolean "l2miss" ++ proto_config_add_boolean "l3miss" ++ proto_config_add_boolean "gbp" ++ proto_config_add_int "ageing" ++ proto_config_add_int "maxaddress" + proto_config_add_string "macaddr" + } + +-- +2.28.0 + diff --git a/build_patches/openwrt/0017-vxlan-allow-for-automatic-source-ip-selection.patch b/build_patches/openwrt/0017-vxlan-allow-for-automatic-source-ip-selection.patch new file mode 100644 index 0000000..d9f3eff --- /dev/null +++ b/build_patches/openwrt/0017-vxlan-allow-for-automatic-source-ip-selection.patch @@ -0,0 +1,98 @@ +From 6d9d59becb79d63017542ec35544a7ae1fb8146e Mon Sep 17 00:00:00 2001 +From: Johannes Kimmel +Date: Mon, 3 Aug 2020 04:43:47 +0200 +Subject: [PATCH 17/17] vxlan: allow for automatic source ip selection + +By setting no or preferably the zero address as source address, vxlan +will choose one automatically. This helps in setups where a wan ip or +prefix changes. + +To not break old behaviour, the new automatic behaviour is not used when +no source address is specified. + +Specifying 'inherit' or the empty string as source ip will try to +calculate a source ip once from the tunlink interface. + +Signed-off-by: Johannes Kimmel +--- + package/network/config/vxlan/files/vxlan.sh | 55 ++++++++++++--------- + 1 file changed, 33 insertions(+), 22 deletions(-) + +diff --git a/package/network/config/vxlan/files/vxlan.sh b/package/network/config/vxlan/files/vxlan.sh +index 856f2ca76b..e7b67a0830 100755 +--- a/package/network/config/vxlan/files/vxlan.sh ++++ b/package/network/config/vxlan/files/vxlan.sh +@@ -116,18 +116,23 @@ proto_vxlan_setup() { + + ( proto_add_host_dependency "$cfg" '' "$tunlink" ) + +- [ -z "$ipaddr" ] && { +- local wanif="$tunlink" +- if [ -z "$wanif" ] && ! network_find_wan wanif; then +- proto_notify_error "$cfg" "NO_WAN_LINK" +- exit +- fi ++ case "$ipaddr" in ++ "inherit"|"") ++ local wanif="$tunlink" ++ if [ -z "$wanif" ] && ! network_find_wan wanif; then ++ proto_notify_error "$cfg" "NO_WAN_LINK" ++ exit ++ fi + +- if ! network_get_ipaddr ipaddr "$wanif"; then +- proto_notify_error "$cfg" "NO_WAN_LINK" +- exit +- fi +- } ++ if ! network_get_ipaddr ipaddr "$wanif"; then ++ proto_notify_error "$cfg" "NO_WAN_LINK" ++ exit ++ fi ++ ;; ++ "auto") ++ ipaddr="0.0.0.0" ++ ;; ++ esac + + vxlan_generic_setup "$cfg" 'vxlan' "$ipaddr" "$peeraddr" + } +@@ -140,18 +145,24 @@ proto_vxlan6_setup() { + + ( proto_add_host_dependency "$cfg" '' "$tunlink" ) + +- [ -z "$ip6addr" ] && { +- local wanif="$tunlink" +- if [ -z "$wanif" ] && ! network_find_wan6 wanif; then +- proto_notify_error "$cfg" "NO_WAN_LINK" +- exit +- fi ++ case "$ip6addr" in ++ "inherit"|"") ++ local wanif="$tunlink" ++ if [ -z "$wanif" ] && ! network_find_wan6 wanif; then ++ proto_notify_error "$cfg" "NO_WAN_LINK" ++ exit ++ fi + +- if ! network_get_ipaddr6 ip6addr "$wanif"; then +- proto_notify_error "$cfg" "NO_WAN_LINK" +- exit +- fi +- } ++ if ! network_get_ipaddr6 ip6addr "$wanif"; then ++ proto_notify_error "$cfg" "NO_WAN_LINK" ++ exit ++ fi ++ ;; ++ "auto") ++ # ensure tunnel via ipv6 ++ ip6addr="::" ++ ;; ++ esac + + vxlan_generic_setup "$cfg" 'vxlan6' "$ip6addr" "$peer6addr" + } +-- +2.28.0 +