[OpenWrt-Devel] [PATCH 3/3] vxlan: add capability for multiple fdb entries
Johannes Kimmel
info at bareminimum.eu
Mon Jul 20 02:24:54 EDT 2020
Thanks for the feedback. I reworked the patch to incorporate the
requested changes.
On 18.07.20 17:33, Matthias Schiffer wrote:
> On 6/8/20 4:14 PM, Johannes Kimmel wrote:
>> Similar to wireguard, vxlan can configure multiple peers or add specific
>> entries to the fdb for a single mac address.
>>
>> While you can still use peeraddr/peer6addr option within the proto
>> vxlan/vxlan6 section to not break existing configurations, this patch
>> allows to add multiple sections that conigure fdb entries via the bridge
>> command. As such, the bridge command is now a dependency of the vxlan
>> package. (To be honest without the bridge command available, vxlan isn't
>> very much fun to use or debug at all)
> I have added two comments below; apart from this, the patch is looking good.
>
>> Field names are taken direclty from the bridge command.
>>
>> Example with all supported parameters, since this hasn't been documented so
>> far:
>>
>> config interface 'vx0'
>> option proto 'vxlan6' # use vxlan over ipv6
>>
>> # main options
>> option ip6addr '2001:db8::1' # listen address
>> option tunlink 'wan6' # optional if listen address given
>> option peer6addr '2001:db8::2' # now optional
>> option port '8472' # this is the standard port under linux
>> option vid '42' # VXLAN Network Identifier to use
>> option mtu '1430' # vxlan6 has 70 bytes overhead
>>
>> # extra options
>> option rxcsum '0' # allow receiving packets without checksum
>> option txcsum '0' # send packets without checksum
>> option ttl '16' # specifies the TTL value for outgoing packets
>> option tos '0' # specifies the TOS value for outgoing packets
>> option macaddr '11:22:33:44:55:66' # optional, manually specify mac
>> # default is a random address
>>
>> Single peer with head-end replication. Corresponds to the following call
>> to bridge:
>>
>> $ bridge fdb append 00:00:00:00:00:00 dev vx0 dst 2001:db8::3
>>
>> config vxlan_vx0
> We usually keep the UCI section name a constant string, and `vxlan_*` is
> not very descriptive.
>
> Let's call this 'vxlan_peer' or 'vxlan_dst'. The reference to the interface
> should be specified as a separate option, for example:
>
> option vxlan 'vx0'
>
>
>
>> option dst '2001:db8::3' # always required
>>
>> It's possible to specify a multicast address as destination. Useful when
>> multicast routing is available or within one lan segment:
>>
>> config vxlan_vx0
>> option dst 'ff02::1337' # multicast group to join.
>> # all bum traffic will be send there
>> option via 'eth1' # for multicast, an outgoing interface needs
>> # to be specified
>>
>> All available peer options for completeness:
>>
>> config vxlan_vx0
>> option lladdr 'aa:bb:cc:dd:ee:ff' # specific mac,
>> option dst '2001:db8::4' # connected to this peer
>> option via 'eth0.1' # use this interface only
>> option port '4789' # use different port for this peer
>> option vni '23' # override vni for this peer
>> option src_vni '123' # see man 3 bridge
>>
>> Signed-off-by: Johannes Kimmel <fff at bareminimum.eu>> ---
>> package/network/config/vxlan/Makefile | 2 +-
>> package/network/config/vxlan/files/vxlan.sh | 36 ++++++++++++++++++++-
>> 2 files changed, 36 insertions(+), 2 deletions(-)
>>
>> diff --git a/package/network/config/vxlan/Makefile b/package/network/config/vxlan/Makefile
>> index 5850c44..46970d9 100644
>> --- a/package/network/config/vxlan/Makefile
>> +++ b/package/network/config/vxlan/Makefile
>> @@ -11,7 +11,7 @@ define Package/vxlan
>> CATEGORY:=Network
>> MAINTAINER:=Matthias Schiffer <mschiffer at universe-factory.net>
>> TITLE:=Virtual eXtensible LAN config support
>> - DEPENDS:=+kmod-vxlan
>> + DEPENDS:=+kmod-vxlan +ip-bridge
> I'd like to avoid making this dependency mandatory, as we're using the
> vxlan package in Gluon on devices with small flash.
>
> Let's just call proto_notify_error from proto_vxlan_setup_peer when
> `bridge` is not available.
>
>
>> PKGARCH:=all
>> endef
>>
>> diff --git a/package/network/config/vxlan/files/vxlan.sh b/package/network/config/vxlan/files/vxlan.sh
>> index bdcaa62..319d95c 100755
>> --- a/package/network/config/vxlan/files/vxlan.sh
>> +++ b/package/network/config/vxlan/files/vxlan.sh
>> @@ -7,6 +7,38 @@
>> init_proto "$@"
>> }
>>
>> +proto_vxlan_setup_peer() {
>> + local peer_config="$1"
>> +
>> + local lladdr
>> + local dst
>> + local src_vni
>> + local vni
>> + local port
>> + local via
>> +
>> + config_get lladdr "${peer_config}" "lladdr"
>> + config_get dst "${peer_config}" "dst"
>> + config_get src_vni "${peer_config}" "src_vni"
>> + config_get vni "${peer_config}" "vni"
>> + config_get port "${peer_config}" "port"
>> + config_get via "${peer_config}" "via"
>> +
>> + [ -z "${dst}" ] && {
>> + proto_notify_error "$cfg" "MISSING_PEER_ADDRESS"
>> + exit
>> + }
>> +
>> + bridge fdb append \
>> + ${lladdr:-00:00:00:00:00:00} \
>> + dev ${cfg} \
>> + ${dst:+dst $dst} \
>> + ${src_vni:+src_vni $src_vni} \
>> + ${vni:+vni $vni} \
>> + ${port:+port $port} \
>> + ${via:+via $via}
>> +}
>> +
>> vxlan_generic_setup() {
>> local cfg="$1"
>> local mode="$2"
>> @@ -18,7 +50,6 @@ vxlan_generic_setup() {
>> local port vid ttl tos mtu macaddr zone rxcsum txcsum
>> json_get_vars port vid ttl tos mtu macaddr zone rxcsum txcsum
>>
>> -
>> proto_init_update "$link" 1
>>
>> proto_add_tunnel
>> @@ -47,6 +78,9 @@ vxlan_generic_setup() {
>> proto_close_data
>>
>> proto_send_update "$cfg"
>> +
>> + config_load network
>> + config_foreach proto_vxlan_setup_peer "vxlan_${cfg}"
>> }
>>
>> proto_vxlan_setup() {
>>
>
More information about the openwrt-devel
mailing list