[PATCH v2] vxlan: allow for dynamic source ip selection

Matthias Schiffer mschiffer at universe-factory.net
Fri Nov 27 11:13:32 EST 2020 

On 11/24/20 4:26 AM, Johannes Kimmel wrote:
> By setting 'auto', the zero address or the empty string as source
> address (option ipaddr, option ip6addr), vxlan will choose one
> dynamically. This helps in setups where a wan ip or prefix changes.
> 
> This corresponse to setting up an vxlan tunnel with:
> 
> proto vxlan6:
>     # ip link add vx0 type vxlan id ID local :: ...
> proto vxlan:
>     # ip link add vx0 type vxlan id ID local 0.0.0.0 ...
> 
> While it is possible to not specify a source ip at all, the kernel will
> default to setting up a ipv4 tunnel. The kernel will take any hint from
> source and peer ips to figure out, what tunnel type to use. To make sure
> we setup an ipv6 tunnel for proto vxlan6, this workaround is needed.
> 
> Specifying 'inherit' as source ip, the old behaviour is used whereby
> a source ip is calculated once from the tunlink interface.

Do we still need the 'inherit' config, or is the new auto behaviour
strictly better?

> 
> This will not change the behaviour of currently working configurations.
> However this will allow former broken configurations, namely those not
> specifying both a source address and tunnel interface, to setup a
> tunnel interface. Previously those configurations weren't reporting an
> error and were stueck in a setup loop like in Bug FS#3426.
> 
> This change lifts the currently very strict behaviour and should fix the
> following bug:
> 
> Fixes: FS#3426
> Ref: https://bugs.openwrt.org/index.php?do=details&task_id=3426
> 
> V2:
>   - bump PKG_RELEASE
>   - add small explaination about behaviour changes
> 
> Signed-off-by: Johannes Kimmel <fff at bareminimum.eu>
> ---
>  package/network/config/vxlan/Makefile       |  2 +-
>  package/network/config/vxlan/files/vxlan.sh | 55 ++++++++++++---------
>  2 files changed, 34 insertions(+), 23 deletions(-)
> 
> diff --git a/package/network/config/vxlan/Makefile b/package/network/config/vxlan/Makefile
> index 0b4d6713f9..97972d6d85 100644
> --- a/package/network/config/vxlan/Makefile
> +++ b/package/network/config/vxlan/Makefile
> @@ -1,7 +1,7 @@
>  include $(TOPDIR)/rules.mk
>  
>  PKG_NAME:=vxlan
> -PKG_RELEASE:=6
> +PKG_RELEASE:=7
>  PKG_LICENSE:=GPL-2.0
>  
>  include $(INCLUDE_DIR)/package.mk
> diff --git a/package/network/config/vxlan/files/vxlan.sh b/package/network/config/vxlan/files/vxlan.sh
> index 5c1c484c47..579964b385 100755
> --- a/package/network/config/vxlan/files/vxlan.sh
> +++ b/package/network/config/vxlan/files/vxlan.sh
> @@ -114,18 +114,23 @@ proto_vxlan_setup() {
>  
>  	( proto_add_host_dependency "$cfg" '' "$tunlink" )
>  
> -	[ -z "$ipaddr" ] && {
> -		local wanif="$tunlink"
> -		if [ -z "$wanif" ] && ! network_find_wan wanif; then
> -			proto_notify_error "$cfg" "NO_WAN_LINK"
> -			exit
> -		fi
> +	case "$ipaddr" in
> +		"inherit")
> +			local wanif="$tunlink"
> +			if [ -z "$wanif" ] && ! network_find_wan wanif; then
> +				proto_notify_error "$cfg" "NO_WAN_LINK"
> +				exit
> +			fi
>  
> -		if ! network_get_ipaddr ipaddr "$wanif"; then
> -			proto_notify_error "$cfg" "NO_WAN_LINK"
> -			exit
> -		fi
> -	}
> +			if ! network_get_ipaddr ipaddr "$wanif"; then
> +				proto_notify_error "$cfg" "NO_WAN_LINK"
> +				exit
> +			fi
> +			;;
> +		"auto"|"")
> +			ipaddr="0.0.0.0"
> +			;;
> +	esac
>  
>  	vxlan_generic_setup "$cfg" 'vxlan' "$ipaddr" "$peeraddr"
>  }
> @@ -138,18 +143,24 @@ proto_vxlan6_setup() {
>  
>  	( proto_add_host_dependency "$cfg" '' "$tunlink" )
>  
> -	[ -z "$ip6addr" ] && {
> -		local wanif="$tunlink"
> -		if [ -z "$wanif" ] && ! network_find_wan6 wanif; then
> -			proto_notify_error "$cfg" "NO_WAN_LINK"
> -			exit
> -		fi
> +	case "$ip6addr" in
> +		"inherit")
> +			local wanif="$tunlink"
> +			if [ -z "$wanif" ] && ! network_find_wan6 wanif; then
> +				proto_notify_error "$cfg" "NO_WAN_LINK"
> +				exit
> +			fi
>  
> -		if ! network_get_ipaddr6 ip6addr "$wanif"; then
> -			proto_notify_error "$cfg" "NO_WAN_LINK"
> -			exit
> -		fi
> -	}
> +			if ! network_get_ipaddr6 ip6addr "$wanif"; then
> +				proto_notify_error "$cfg" "NO_WAN_LINK"
> +				exit
> +			fi
> +			;;
> +		"auto"|"")
> +			# ensure tunnel via ipv6
> +			ip6addr="::"
> +			;;
> +	esac
>  
>  	vxlan_generic_setup "$cfg" 'vxlan6' "$ip6addr" "$peer6addr"
>  }
> 


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openwrt.org/pipermail/openwrt-devel/attachments/20201127/0ebb7e1b/attachment.sig>

More information about the openwrt-devel mailing list