openwrt/package/network/config/vxlan/files/vxlan.sh

209 lines
4.9 KiB
Bash
Raw Normal View History

#!/bin/sh
[ -n "$INCLUDE_ONLY" ] || {
. /lib/functions.sh
. /lib/functions/network.sh
. ../netifd-proto.sh
init_proto "$@"
}
vxlan: add capability for multiple fdb entries Similar to wireguard, vxlan can configure multiple peers or add specific entries to the fdb for a single mac address. While you can still use peeraddr/peer6addr option within the proto vxlan/vxlan6 section to not break existing configurations, this patch allows to add multiple sections that conigure fdb entries via the bridge command. As such, the bridge command is now a dependency of the vxlan package. (To be honest without the bridge command available, vxlan isn't very much fun to use or debug at all) Field names are taken direclty from the bridge command. Example with all supported parameters, since this hasn't been documented so far: config interface 'vx0' option proto 'vxlan6' # use vxlan over ipv6 # main options option ip6addr '2001:db8::1' # listen address option tunlink 'wan6' # optional if listen address given option peer6addr '2001:db8::2' # now optional option port '8472' # this is the standard port under linux option vid '42' # VXLAN Network Identifier to use option mtu '1430' # vxlan6 has 70 bytes overhead # extra options option rxcsum '0' # allow receiving packets without checksum option txcsum '0' # send packets without checksum option ttl '16' # specifies the TTL value for outgoing packets option tos '0' # specifies the TOS value for outgoing packets option macaddr '11:22:33:44:55:66' # optional, manually specify mac # default is a random address Single peer with head-end replication. Corresponds to the following call to bridge: $ bridge fdb append 00:00:00:00:00:00 dev vx0 dst 2001:db8::3 config vxlan_peer option vxlan 'vx0' option dst '2001:db8::3' # always required For multiple peers, this section can be repeated for each dst address. It's possible to specify a multicast address as destination. Useful when multicast routing is available or within one lan segment: config vxlan_peer option vxlan 'vx0' option dst 'ff02::1337' # multicast group to join. # all bum traffic will be send there option via 'eth1' # for multicast, an outgoing interface needs # to be specified All available peer options for completeness: config vxlan_peer option vxlan 'vx0' # the interface to configure option lladdr 'aa:bb:cc:dd:ee:ff' # specific mac, option dst '2001:db8::4' # connected to this peer option via 'eth0.1' # use this interface only option port '4789' # use different port for this peer option vni '23' # override vni for this peer option src_vni '123' # see man 3 bridge Signed-off-by: Johannes Kimmel <fff@bareminimum.eu>
2020-07-20 06:05:10 +00:00
proto_vxlan_setup_peer() {
type bridge &> /dev/null || {
proto_notify_error "$cfg" "MISSING_BRIDGE_COMMAND"
exit
}
local peer_config="$1"
local vxlan
local lladdr
local dst
local src_vni
local vni
local port
local via
config_get vxlan "${peer_config}" "vxlan"
config_get lladdr "${peer_config}" "lladdr"
config_get dst "${peer_config}" "dst"
config_get src_vni "${peer_config}" "src_vni"
config_get vni "${peer_config}" "vni"
config_get port "${peer_config}" "port"
config_get via "${peer_config}" "via"
[ "$cfg" = "$vxlan" ] || {
# This peer section belongs to another device
return
}
[ -n "${dst}" ] || {
proto_notify_error "$cfg" "MISSING_PEER_ADDRESS"
exit
}
bridge fdb append \
${lladdr:-00:00:00:00:00:00} \
dev ${cfg} \
dst ${dst} \
${src_vni:+src_vni $src_vni} \
${vni:+vni $vni} \
${port:+port $port} \
${via:+via $via}
}
vxlan_generic_setup() {
local cfg="$1"
local mode="$2"
local local="$3"
local remote="$4"
local link="$cfg"
local port vid ttl tos mtu macaddr zone rxcsum txcsum srcportmin srcportmax ageing maxaddress learning proxy l2miss l3miss gbp
json_get_vars port vid ttl tos mtu macaddr zone rxcsum txcsum srcportmin srcportmax ageing maxaddress learning proxy l2miss l3miss gbp
proto_init_update "$link" 1
proto_add_tunnel
json_add_string mode "$mode"
[ -n "$tunlink" ] && json_add_string link "$tunlink"
[ -n "$local" ] && json_add_string local "$local"
[ -n "$remote" ] && json_add_string remote "$remote"
[ -n "$ttl" ] && json_add_int ttl "$ttl"
[ -n "$tos" ] && json_add_string tos "$tos"
[ -n "$mtu" ] && json_add_int mtu "$mtu"
json_add_object 'data'
[ -n "$port" ] && json_add_int port "$port"
[ -n "$vid" ] && json_add_int id "$vid"
[ -n "$srcportmin" ] && json_add_int srcportmin "$srcportmin"
[ -n "$srcportmax" ] && json_add_int srcportmax "$srcportmax"
[ -n "$ageing" ] && json_add_int ageing "$ageing"
[ -n "$maxaddress" ] && json_add_int maxaddress "$maxaddress"
[ -n "$macaddr" ] && json_add_string macaddr "$macaddr"
[ -n "$rxcsum" ] && json_add_boolean rxcsum "$rxcsum"
[ -n "$txcsum" ] && json_add_boolean txcsum "$txcsum"
[ -n "$learning" ] && json_add_boolean learning "$learning"
[ -n "$rsc" ] && json_add_boolean rsc "$rsc"
[ -n "$proxy" ] && json_add_boolean proxy "$proxy"
[ -n "$l2miss" ] && json_add_boolean l2miss "$l2miss"
[ -n "$l3miss" ] && json_add_boolean l3miss "$l3miss"
[ -n "$gbp" ] && json_add_boolean gbp "$gbp"
json_close_object
proto_close_tunnel
proto_add_data
[ -n "$zone" ] && json_add_string zone "$zone"
proto_close_data
proto_send_update "$cfg"
vxlan: add capability for multiple fdb entries Similar to wireguard, vxlan can configure multiple peers or add specific entries to the fdb for a single mac address. While you can still use peeraddr/peer6addr option within the proto vxlan/vxlan6 section to not break existing configurations, this patch allows to add multiple sections that conigure fdb entries via the bridge command. As such, the bridge command is now a dependency of the vxlan package. (To be honest without the bridge command available, vxlan isn't very much fun to use or debug at all) Field names are taken direclty from the bridge command. Example with all supported parameters, since this hasn't been documented so far: config interface 'vx0' option proto 'vxlan6' # use vxlan over ipv6 # main options option ip6addr '2001:db8::1' # listen address option tunlink 'wan6' # optional if listen address given option peer6addr '2001:db8::2' # now optional option port '8472' # this is the standard port under linux option vid '42' # VXLAN Network Identifier to use option mtu '1430' # vxlan6 has 70 bytes overhead # extra options option rxcsum '0' # allow receiving packets without checksum option txcsum '0' # send packets without checksum option ttl '16' # specifies the TTL value for outgoing packets option tos '0' # specifies the TOS value for outgoing packets option macaddr '11:22:33:44:55:66' # optional, manually specify mac # default is a random address Single peer with head-end replication. Corresponds to the following call to bridge: $ bridge fdb append 00:00:00:00:00:00 dev vx0 dst 2001:db8::3 config vxlan_peer option vxlan 'vx0' option dst '2001:db8::3' # always required For multiple peers, this section can be repeated for each dst address. It's possible to specify a multicast address as destination. Useful when multicast routing is available or within one lan segment: config vxlan_peer option vxlan 'vx0' option dst 'ff02::1337' # multicast group to join. # all bum traffic will be send there option via 'eth1' # for multicast, an outgoing interface needs # to be specified All available peer options for completeness: config vxlan_peer option vxlan 'vx0' # the interface to configure option lladdr 'aa:bb:cc:dd:ee:ff' # specific mac, option dst '2001:db8::4' # connected to this peer option via 'eth0.1' # use this interface only option port '4789' # use different port for this peer option vni '23' # override vni for this peer option src_vni '123' # see man 3 bridge Signed-off-by: Johannes Kimmel <fff@bareminimum.eu>
2020-07-20 06:05:10 +00:00
config_load network
config_foreach proto_vxlan_setup_peer "vxlan_peer"
}
proto_vxlan_setup() {
local cfg="$1"
local ipaddr peeraddr
json_get_vars ipaddr peeraddr tunlink
( proto_add_host_dependency "$cfg" '' "$tunlink" )
[ -z "$ipaddr" ] && {
local wanif="$tunlink"
if [ -z "$wanif" ] && ! network_find_wan wanif; then
proto_notify_error "$cfg" "NO_WAN_LINK"
exit
fi
if ! network_get_ipaddr ipaddr "$wanif"; then
proto_notify_error "$cfg" "NO_WAN_LINK"
exit
fi
}
vxlan_generic_setup "$cfg" 'vxlan' "$ipaddr" "$peeraddr"
}
proto_vxlan6_setup() {
local cfg="$1"
local ip6addr peer6addr
json_get_vars ip6addr peer6addr tunlink
( proto_add_host_dependency "$cfg" '' "$tunlink" )
[ -z "$ip6addr" ] && {
local wanif="$tunlink"
if [ -z "$wanif" ] && ! network_find_wan6 wanif; then
proto_notify_error "$cfg" "NO_WAN_LINK"
exit
fi
if ! network_get_ipaddr6 ip6addr "$wanif"; then
proto_notify_error "$cfg" "NO_WAN_LINK"
exit
fi
}
vxlan_generic_setup "$cfg" 'vxlan6' "$ip6addr" "$peer6addr"
}
proto_vxlan_teardown() {
local cfg="$1"
}
proto_vxlan6_teardown() {
local cfg="$1"
}
vxlan_generic_init_config() {
no_device=1
available=1
proto_config_add_string "tunlink"
proto_config_add_string "zone"
proto_config_add_int "vid"
proto_config_add_int "port"
proto_config_add_int "ttl"
proto_config_add_int "tos"
proto_config_add_int "mtu"
proto_config_add_int "srcportmin"
proto_config_add_int "srcportmax"
proto_config_add_int "ageing"
proto_config_add_int "maxaddress"
proto_config_add_boolean "rxcsum"
proto_config_add_boolean "txcsum"
proto_config_add_boolean "learning"
proto_config_add_boolean "rsc"
proto_config_add_boolean "proxy"
proto_config_add_boolean "l2miss"
proto_config_add_boolean "l3miss"
proto_config_add_boolean "gbp"
proto_config_add_string "macaddr"
}
proto_vxlan_init_config() {
vxlan_generic_init_config
proto_config_add_string "ipaddr"
proto_config_add_string "peeraddr"
}
proto_vxlan6_init_config() {
vxlan_generic_init_config
proto_config_add_string "ip6addr"
proto_config_add_string "peer6addr"
}
[ -n "$INCLUDE_ONLY" ] || {
add_protocol vxlan
add_protocol vxlan6
}