[PATCH v2] vxlan: allow for dynamic source ip selection

Johannes Kimmel fff at bareminimum.eu
Sat Nov 28 02:01:52 EST 2020 


On 27.11.20 17:13, Matthias Schiffer wrote:
> On 11/24/20 4:26 AM, Johannes Kimmel wrote:
>> By setting 'auto', the zero address or the empty string as source
>> address (option ipaddr, option ip6addr), vxlan will choose one
>> dynamically. This helps in setups where a wan ip or prefix changes.
>>
>> This corresponse to setting up an vxlan tunnel with:
>>
>> proto vxlan6:
>>     # ip link add vx0 type vxlan id ID local :: ...
>> proto vxlan:
>>     # ip link add vx0 type vxlan id ID local 0.0.0.0 ...
>>
>> While it is possible to not specify a source ip at all, the kernel will
>> default to setting up a ipv4 tunnel. The kernel will take any hint from
>> source and peer ips to figure out, what tunnel type to use. To make sure
>> we setup an ipv6 tunnel for proto vxlan6, this workaround is needed.
>>
>> Specifying 'inherit' as source ip, the old behaviour is used whereby
>> a source ip is calculated once from the tunlink interface.
> 
> Do we still need the 'inherit' config, or is the new auto behaviour
> strictly better?
> 

Good question. Personally I don't see myself using this, but I added
this to force the old behaviour, in case a guaranteed stable source
address is needed.
This might be useful when learning is disabled and another control plane
is managing the vxlan fdb entries.
But I'm just guessing here.

>>
>> This will not change the behaviour of currently working configurations.
>> However this will allow former broken configurations, namely those not
>> specifying both a source address and tunnel interface, to setup a
>> tunnel interface. Previously those configurations weren't reporting an
>> error and were stueck in a setup loop like in Bug FS#3426.
>>
>> This change lifts the currently very strict behaviour and should fix the
>> following bug:
>>
>> Fixes: FS#3426
>> Ref: https://bugs.openwrt.org/index.php?do=details&task_id=3426
>>
>> V2:
>>   - bump PKG_RELEASE
>>   - add small explaination about behaviour changes
>>
>> Signed-off-by: Johannes Kimmel <fff at bareminimum.eu>
>> ---
>>  package/network/config/vxlan/Makefile       |  2 +-
>>  package/network/config/vxlan/files/vxlan.sh | 55 ++++++++++++---------
>>  2 files changed, 34 insertions(+), 23 deletions(-)
>>
>> diff --git a/package/network/config/vxlan/Makefile b/package/network/config/vxlan/Makefile
>> index 0b4d6713f9..97972d6d85 100644
>> --- a/package/network/config/vxlan/Makefile
>> +++ b/package/network/config/vxlan/Makefile
>> @@ -1,7 +1,7 @@
>>  include $(TOPDIR)/rules.mk
>>  
>>  PKG_NAME:=vxlan
>> -PKG_RELEASE:=6
>> +PKG_RELEASE:=7
>>  PKG_LICENSE:=GPL-2.0
>>  
>>  include $(INCLUDE_DIR)/package.mk
>> diff --git a/package/network/config/vxlan/files/vxlan.sh b/package/network/config/vxlan/files/vxlan.sh
>> index 5c1c484c47..579964b385 100755
>> --- a/package/network/config/vxlan/files/vxlan.sh
>> +++ b/package/network/config/vxlan/files/vxlan.sh
>> @@ -114,18 +114,23 @@ proto_vxlan_setup() {
>>  
>>  	( proto_add_host_dependency "$cfg" '' "$tunlink" )
>>  
>> -	[ -z "$ipaddr" ] && {
>> -		local wanif="$tunlink"
>> -		if [ -z "$wanif" ] && ! network_find_wan wanif; then
>> -			proto_notify_error "$cfg" "NO_WAN_LINK"
>> -			exit
>> -		fi
>> +	case "$ipaddr" in
>> +		"inherit")
>> +			local wanif="$tunlink"
>> +			if [ -z "$wanif" ] && ! network_find_wan wanif; then
>> +				proto_notify_error "$cfg" "NO_WAN_LINK"
>> +				exit
>> +			fi
>>  
>> -		if ! network_get_ipaddr ipaddr "$wanif"; then
>> -			proto_notify_error "$cfg" "NO_WAN_LINK"
>> -			exit
>> -		fi
>> -	}
>> +			if ! network_get_ipaddr ipaddr "$wanif"; then
>> +				proto_notify_error "$cfg" "NO_WAN_LINK"
>> +				exit
>> +			fi
>> +			;;
>> +		"auto"|"")
>> +			ipaddr="0.0.0.0"
>> +			;;
>> +	esac
>>  
>>  	vxlan_generic_setup "$cfg" 'vxlan' "$ipaddr" "$peeraddr"
>>  }
>> @@ -138,18 +143,24 @@ proto_vxlan6_setup() {
>>  
>>  	( proto_add_host_dependency "$cfg" '' "$tunlink" )
>>  
>> -	[ -z "$ip6addr" ] && {
>> -		local wanif="$tunlink"
>> -		if [ -z "$wanif" ] && ! network_find_wan6 wanif; then
>> -			proto_notify_error "$cfg" "NO_WAN_LINK"
>> -			exit
>> -		fi
>> +	case "$ip6addr" in
>> +		"inherit")
>> +			local wanif="$tunlink"
>> +			if [ -z "$wanif" ] && ! network_find_wan6 wanif; then
>> +				proto_notify_error "$cfg" "NO_WAN_LINK"
>> +				exit
>> +			fi
>>  
>> -		if ! network_get_ipaddr6 ip6addr "$wanif"; then
>> -			proto_notify_error "$cfg" "NO_WAN_LINK"
>> -			exit
>> -		fi
>> -	}
>> +			if ! network_get_ipaddr6 ip6addr "$wanif"; then
>> +				proto_notify_error "$cfg" "NO_WAN_LINK"
>> +				exit
>> +			fi
>> +			;;
>> +		"auto"|"")
>> +			# ensure tunnel via ipv6
>> +			ip6addr="::"
>> +			;;
>> +	esac
>>  
>>  	vxlan_generic_setup "$cfg" 'vxlan6' "$ip6addr" "$peer6addr"
>>  }
>>
> 
> 
> 
> _______________________________________________
> openwrt-devel mailing list
> openwrt-devel at lists.openwrt.org
> https://lists.openwrt.org/mailman/listinfo/openwrt-devel
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openwrt.org/pipermail/openwrt-devel/attachments/20201128/fda69acc/attachment.sig>

More information about the openwrt-devel mailing list