[OpenWrt-Devel] [PATCH 3/3] vxlan: add capability for multiple fdb entries

mail at adrianschmutzler.de mail at adrianschmutzler.de
Sat Jul 18 12:11:26 EDT 2020 

If you resend this with adjustments, please also bump PKG_RELEASE then as well.

Since both patches received positive feedback, I think it should be enough to bump it once for the 3/3 patch.

Best

Adrian

> -----Original Message-----
> From: openwrt-devel [mailto:openwrt-devel-bounces at lists.openwrt.org]
> On Behalf Of Matthias Schiffer
> Sent: Samstag, 18. Juli 2020 17:34
> To: Johannes Kimmel <fff at bareminimum.eu>
> Cc: openwrt-devel at lists.openwrt.org
> Subject: Re: [OpenWrt-Devel] [PATCH 3/3] vxlan: add capability for multiple
> fdb entries
> 
> On 6/8/20 4:14 PM, Johannes Kimmel wrote:
> > Similar to wireguard, vxlan can configure multiple peers or add
> > specific entries to the fdb for a single mac address.
> >
> > While you can still use peeraddr/peer6addr option within the proto
> > vxlan/vxlan6 section to not break existing configurations, this patch
> > allows to add multiple sections that conigure fdb entries via the
> > bridge command. As such, the bridge command is now a dependency of
> the
> > vxlan package. (To be honest without the bridge command available,
> > vxlan isn't very much fun to use or debug at all)
> 
> I have added two comments below; apart from this, the patch is looking
> good.
> 
> >
> > Field names are taken direclty from the bridge command.
> >
> > Example with all supported parameters, since this hasn't been
> > documented so
> > far:
> >
> >   config interface 'vx0'
> >       option proto     'vxlan6'      # use vxlan over ipv6
> >
> >       # main options
> >       option ip6addr   '2001:db8::1' # listen address
> >       option tunlink   'wan6'        # optional if listen address given
> >       option peer6addr '2001:db8::2' # now optional
> >       option port      '8472'        # this is the standard port under linux
> >       option vid       '42'          # VXLAN Network Identifier to use
> >       option mtu       '1430'        # vxlan6 has 70 bytes overhead
> >
> >       # extra options
> >       option rxcsum  '0'  # allow receiving packets without checksum
> >       option txcsum  '0'  # send packets without checksum
> >       option ttl     '16' # specifies the TTL value for outgoing packets
> >       option tos     '0'  # specifies the TOS value for outgoing packets
> >       option macaddr '11:22:33:44:55:66' # optional, manually specify mac
> >                                          # default is a random address
> >
> > Single peer with head-end replication. Corresponds to the following
> > call to bridge:
> >
> >   $ bridge fdb append 00:00:00:00:00:00 dev vx0 dst 2001:db8::3
> >
> >   config vxlan_vx0
> 
> We usually keep the UCI section name a constant string, and `vxlan_*` is not
> very descriptive.
> 
> Let's call this 'vxlan_peer' or 'vxlan_dst'. The reference to the interface
> should be specified as a separate option, for example:
> 
> 	option vxlan 'vx0'
> 
> 
> 
> >       option dst '2001:db8::3' # always required
> >
> > It's possible to specify a multicast address as destination. Useful
> > when multicast routing is available or within one lan segment:
> >
> >   config vxlan_vx0
> >       option dst 'ff02::1337' # multicast group to join.
> >                               # all bum traffic will be send there
> >       option via 'eth1'       # for multicast, an outgoing interface needs
> >                               # to be specified
> >
> > All available peer options for completeness:
> >
> >   config vxlan_vx0
> >       option lladdr  'aa:bb:cc:dd:ee:ff' # specific mac,
> >       option dst     '2001:db8::4'       # connected to this peer
> >       option via     'eth0.1'            # use this interface only
> >       option port    '4789'              # use different port for this peer
> >       option vni     '23'                # override vni for this peer
> >       option src_vni '123'               # see man 3 bridge
> >
> > Signed-off-by: Johannes Kimmel <fff at bareminimum.eu>> ---
> >  package/network/config/vxlan/Makefile       |  2 +-
> >  package/network/config/vxlan/files/vxlan.sh | 36
> > ++++++++++++++++++++-
> >  2 files changed, 36 insertions(+), 2 deletions(-)
> >
> > diff --git a/package/network/config/vxlan/Makefile
> > b/package/network/config/vxlan/Makefile
> > index 5850c44..46970d9 100644
> > --- a/package/network/config/vxlan/Makefile
> > +++ b/package/network/config/vxlan/Makefile
> > @@ -11,7 +11,7 @@ define Package/vxlan
> >    CATEGORY:=Network
> >    MAINTAINER:=Matthias Schiffer <mschiffer at universe-factory.net>
> >    TITLE:=Virtual eXtensible LAN config support
> > -  DEPENDS:=+kmod-vxlan
> > +  DEPENDS:=+kmod-vxlan +ip-bridge
> 
> I'd like to avoid making this dependency mandatory, as we're using the vxlan
> package in Gluon on devices with small flash.
> 
> Let's just call proto_notify_error from proto_vxlan_setup_peer when
> `bridge` is not available.
> 
> 
> >    PKGARCH:=all
> >  endef
> >
> > diff --git a/package/network/config/vxlan/files/vxlan.sh
> > b/package/network/config/vxlan/files/vxlan.sh
> > index bdcaa62..319d95c 100755
> > --- a/package/network/config/vxlan/files/vxlan.sh
> > +++ b/package/network/config/vxlan/files/vxlan.sh
> > @@ -7,6 +7,38 @@
> >  	init_proto "$@"
> >  }
> >
> > +proto_vxlan_setup_peer() {
> > +	local peer_config="$1"
> > +
> > +	local lladdr
> > +	local dst
> > +	local src_vni
> > +	local vni
> > +	local port
> > +	local via
> > +
> > +	config_get lladdr  "${peer_config}" "lladdr"
> > +	config_get dst     "${peer_config}" "dst"
> > +	config_get src_vni "${peer_config}" "src_vni"
> > +	config_get vni     "${peer_config}" "vni"
> > +	config_get port    "${peer_config}" "port"
> > +	config_get via     "${peer_config}" "via"
> > +
> > +	[ -z "${dst}" ] && {
> > +		proto_notify_error "$cfg" "MISSING_PEER_ADDRESS"
> > +		exit
> > +	}
> > +
> > +	bridge fdb append \
> > +		${lladdr:-00:00:00:00:00:00} \
> > +		dev ${cfg}                   \
> > +		${dst:+dst $dst}             \
> > +		${src_vni:+src_vni $src_vni} \
> > +		${vni:+vni $vni}             \
> > +		${port:+port $port}          \
> > +		${via:+via $via}
> > +}
> > +
> >  vxlan_generic_setup() {
> >  	local cfg="$1"
> >  	local mode="$2"
> > @@ -18,7 +50,6 @@ vxlan_generic_setup() {
> >  	local port vid ttl tos mtu macaddr zone rxcsum txcsum
> >  	json_get_vars port vid ttl tos mtu macaddr zone rxcsum txcsum
> >
> > -
> >  	proto_init_update "$link" 1
> >
> >  	proto_add_tunnel
> > @@ -47,6 +78,9 @@ vxlan_generic_setup() {
> >  	proto_close_data
> >
> >  	proto_send_update "$cfg"
> > +
> > +	config_load network
> > +	config_foreach proto_vxlan_setup_peer "vxlan_${cfg}"
> >  }
> >
> >  proto_vxlan_setup() {
> >
> 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openpgp-digital-signature.asc
Type: application/pgp-signature
Size: 834 bytes
Desc: not available
URL: <http://lists.openwrt.org/pipermail/openwrt-devel/attachments/20200718/0726ff8f/attachment.sig>

More information about the openwrt-devel mailing list