[RFC PATCH v2] vxlan: netifd and vxlan package patches
Johannes Kimmel
fff at bareminimum.eu
Mo Aug 3 05:43:12 CEST 2020
netifd:
- add srcportmin option
- add srcportmax option (port exclusive)
- add most missing boolean options
- add aging and maxaddress options
vxlan:
- wire up the new vxlan options support
- srcport
option srcport "1337 31337" # for range, max is exclusive
option srcport "1337" # for single srcport
srcport string is split before sending over to netifd to make
processing more robust on the netifd side.
- learning
- rsc
- proxy
- l2miss
- l3miss
- gbp
- aging
- maxaddress
- allow automatic source ip
see ip-link(3)
Signed-off-by: Johannes Kimmel <fff at bareminimum.eu>
---
.../openwrt/0015-netifd-vxlan-patches.patch | 368 ++++++++++++++++++
.../0016-vxlan-wire-up-more-options.patch | 73 ++++
...ow-for-automatic-source-ip-selection.patch | 98 +++++
3 files changed, 539 insertions(+)
create mode 100644 build_patches/openwrt/0015-netifd-vxlan-patches.patch
create mode 100644 build_patches/openwrt/0016-vxlan-wire-up-more-options.patch
create mode 100644 build_patches/openwrt/0017-vxlan-allow-for-automatic-source-ip-selection.patch
diff --git a/build_patches/openwrt/0015-netifd-vxlan-patches.patch b/build_patches/openwrt/0015-netifd-vxlan-patches.patch
new file mode 100644
index 0000000..99c70fb
--- /dev/null
+++ b/build_patches/openwrt/0015-netifd-vxlan-patches.patch
@@ -0,0 +1,368 @@
+From 2de21bdf584075c690d6516edfb4996426d31b89 Mon Sep 17 00:00:00 2001
+From: Johannes Kimmel <fff at bareminimum.eu>
+Date: Sat, 1 Aug 2020 04:23:41 +0200
+Subject: [PATCH 15/17] netifd: vxlan patches
+
+84e8570 netifd: vxlan: handle srcport range
+9b258d8 netifd: vxlan: refactor mapping of boolean attrs
+1c7cc90 netifd: vxlan: add most missing boolean options
+01cccf0 netifd: vxlan: add aging and maxaddress options
+
+Signed-off-by: Johannes Kimmel <fff at bareminimum.eu>
+---
+ ...01-netifd-vxlan-handle-srcport-range.patch | 98 +++++++++++++++++++
+ ...an-refactor-mapping-of-boolean-attrs.patch | 59 +++++++++++
+ ...lan-add-most-missing-boolean-options.patch | 97 ++++++++++++++++++
+ ...lan-add-aging-and-maxaddress-options.patch | 65 ++++++++++++
+ 4 files changed, 319 insertions(+)
+ create mode 100644 package/network/config/netifd/patches/0001-netifd-vxlan-handle-srcport-range.patch
+ create mode 100644 package/network/config/netifd/patches/0002-netifd-vxlan-refactor-mapping-of-boolean-attrs.patch
+ create mode 100644 package/network/config/netifd/patches/0003-netifd-vxlan-add-most-missing-boolean-options.patch
+ create mode 100644 package/network/config/netifd/patches/0004-netifd-vxlan-add-aging-and-maxaddress-options.patch
+
+diff --git a/package/network/config/netifd/patches/0001-netifd-vxlan-handle-srcport-range.patch b/package/network/config/netifd/patches/0001-netifd-vxlan-handle-srcport-range.patch
+new file mode 100644
+index 0000000000..9016e15dea
+--- /dev/null
++++ b/package/network/config/netifd/patches/0001-netifd-vxlan-handle-srcport-range.patch
+@@ -0,0 +1,98 @@
++From 84e857013a2880362d16aa7890cd62981c152ddb Mon Sep 17 00:00:00 2001
++From: Johannes Kimmel <fff at bareminimum.eu>
++Date: Sat, 1 Aug 2020 03:38:27 +0200
++Subject: [PATCH 1/4] netifd: vxlan: handle srcport range
++
++This adds adds the ability to set the source port range for vxlan
++interfaces.
++
++By default vxlans will use a random port within the ephermal range as
++source ports for packets. This is done to aid scaleability within a
++datacenter.
++
++But with these defaults it's impossible to punch through NATs or
++traverese most stateful firewalls easily. One solution is to fix the
++srcport to the same as dstport.
++
++If only srcportmin is specified, then srcportmax is set in a way that
++outgoing packets will only use srcportmin.
++
++If a range is to be specified, srcportmin and srcportmax have to be
++specified. srcportmax is exclusive.
++
++If only srcportmax is specified, the value is ignored and defaults are
++used.
++
++Signed-off-by: Johannes Kimmel <fff at bareminimum.eu>
++---
++ system-linux.c | 26 ++++++++++++++++++++++++++
++ system.c | 2 ++
++ system.h | 2 ++
++ 3 files changed, 30 insertions(+)
++
++diff --git a/system-linux.c b/system-linux.c
++index c5583e0..5ff8749 100644
++--- a/system-linux.c
+++++ b/system-linux.c
++@@ -3184,6 +3184,32 @@ static int system_add_vxlan(const char *name, const unsigned int link, struct bl
++ }
++ nla_put_u16(msg, IFLA_VXLAN_PORT, htons(port));
++
+++ if ((cur = tb_data[VXLAN_DATA_ATTR_SRCPORTMIN])) {
+++ struct ifla_vxlan_port_range srcports = {0,0};
+++
+++ uint32_t low = blobmsg_get_u32(cur);
+++ if (low < 1 || low > 65535 - 1) {
+++ ret = -EINVAL;
+++ goto failure;
+++ }
+++
+++ srcports.low = htons((uint16_t) low);
+++ srcports.high = htons((uint16_t) (low+1));
+++
+++ if ((cur = tb_data[VXLAN_DATA_ATTR_SRCPORTMAX])) {
+++ uint32_t high = blobmsg_get_u32(cur);
+++ if (high < 1 || high > 65535) {
+++ ret = -EINVAL;
+++ goto failure;
+++ }
+++ if (high > low) {
+++ srcports.high = htons((uint16_t) high);
+++ }
+++ }
+++
+++ nla_put(msg, IFLA_VXLAN_PORT_RANGE, sizeof(srcports), &srcports);
+++ }
+++
++ if ((cur = tb_data[VXLAN_DATA_ATTR_RXCSUM])) {
++ bool rxcsum = blobmsg_get_bool(cur);
++ nla_put_u8(msg, IFLA_VXLAN_UDP_ZERO_CSUM6_RX, !rxcsum);
++diff --git a/system.c b/system.c
++index bbdfef7..4133e55 100644
++--- a/system.c
+++++ b/system.c
++@@ -38,6 +38,8 @@ static const struct blobmsg_policy vxlan_data_attrs[__VXLAN_DATA_ATTR_MAX] = {
++ [VXLAN_DATA_ATTR_MACADDR] = { .name = "macaddr", .type = BLOBMSG_TYPE_STRING },
++ [VXLAN_DATA_ATTR_RXCSUM] = { .name = "rxcsum", .type = BLOBMSG_TYPE_BOOL },
++ [VXLAN_DATA_ATTR_TXCSUM] = { .name = "txcsum", .type = BLOBMSG_TYPE_BOOL },
+++ [VXLAN_DATA_ATTR_SRCPORTMIN] = { .name = "srcportmin", .type = BLOBMSG_TYPE_INT32 },
+++ [VXLAN_DATA_ATTR_SRCPORTMAX] = { .name = "srcportmax", .type = BLOBMSG_TYPE_INT32 },
++ };
++
++ const struct uci_blob_param_list vxlan_data_attr_list = {
++diff --git a/system.h b/system.h
++index 015987f..bf9e1d7 100644
++--- a/system.h
+++++ b/system.h
++@@ -44,6 +44,8 @@ enum vxlan_data {
++ VXLAN_DATA_ATTR_MACADDR,
++ VXLAN_DATA_ATTR_RXCSUM,
++ VXLAN_DATA_ATTR_TXCSUM,
+++ VXLAN_DATA_ATTR_SRCPORTMIN,
+++ VXLAN_DATA_ATTR_SRCPORTMAX,
++ __VXLAN_DATA_ATTR_MAX
++ };
++
++--
++2.28.0
++
+diff --git a/package/network/config/netifd/patches/0002-netifd-vxlan-refactor-mapping-of-boolean-attrs.patch b/package/network/config/netifd/patches/0002-netifd-vxlan-refactor-mapping-of-boolean-attrs.patch
+new file mode 100644
+index 0000000000..51196fa6c7
+--- /dev/null
++++ b/package/network/config/netifd/patches/0002-netifd-vxlan-refactor-mapping-of-boolean-attrs.patch
+@@ -0,0 +1,59 @@
++From 9b258d8c7f5140fa3e19d3e5c19b9cef84ff80f7 Mon Sep 17 00:00:00 2001
++From: Johannes Kimmel <fff at bareminimum.eu>
++Date: Sat, 1 Aug 2020 03:59:55 +0200
++Subject: [PATCH 2/4] netifd: vxlan: refactor mapping of boolean attrs
++
++Add a small function to handle boolean options and make use of it to handle:
++ - rxcsum
++ - txcsum
++
++Signed-off-by: Johannes Kimmel <fff at bareminimum.eu>
++---
++ system-linux.c | 24 ++++++++++++++----------
++ 1 file changed, 14 insertions(+), 10 deletions(-)
++
++diff --git a/system-linux.c b/system-linux.c
++index 5ff8749..82b65e3 100644
++--- a/system-linux.c
+++++ b/system-linux.c
++@@ -3073,6 +3073,17 @@ failure:
++ #endif
++
++ #ifdef IFLA_VXLAN_MAX
+++static void system_vxlan_map_bool_attr(struct nl_msg *msg, struct blob_attr **tb_data, int attrtype, int vxlandatatype, bool invert) {
+++ struct blob_attr *cur;
+++ if ((cur = tb_data[vxlandatatype])) {
+++ bool val = blobmsg_get_bool(cur);
+++ if (invert) {
+++ val = !val;
+++ }
+++ nla_put_u8(msg, attrtype, val);
+++ }
+++}
+++
++ static int system_add_vxlan(const char *name, const unsigned int link, struct blob_attr **tb, bool v6)
++ {
++ struct blob_attr *tb_data[__VXLAN_DATA_ATTR_MAX];
++@@ -3210,16 +3221,9 @@ static int system_add_vxlan(const char *name, const unsigned int link, struct bl
++ nla_put(msg, IFLA_VXLAN_PORT_RANGE, sizeof(srcports), &srcports);
++ }
++
++- if ((cur = tb_data[VXLAN_DATA_ATTR_RXCSUM])) {
++- bool rxcsum = blobmsg_get_bool(cur);
++- nla_put_u8(msg, IFLA_VXLAN_UDP_ZERO_CSUM6_RX, !rxcsum);
++- }
++-
++- if ((cur = tb_data[VXLAN_DATA_ATTR_TXCSUM])) {
++- bool txcsum = blobmsg_get_bool(cur);
++- nla_put_u8(msg, IFLA_VXLAN_UDP_CSUM, txcsum);
++- nla_put_u8(msg, IFLA_VXLAN_UDP_ZERO_CSUM6_TX, !txcsum);
++- }
+++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_UDP_ZERO_CSUM6_RX, VXLAN_DATA_ATTR_RXCSUM, true);
+++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_UDP_CSUM, VXLAN_DATA_ATTR_TXCSUM, false);
+++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_UDP_ZERO_CSUM6_TX, VXLAN_DATA_ATTR_TXCSUM, true);
++
++ if ((cur = tb[TUNNEL_ATTR_TOS])) {
++ char *str = blobmsg_get_string(cur);
++--
++2.28.0
++
+diff --git a/package/network/config/netifd/patches/0003-netifd-vxlan-add-most-missing-boolean-options.patch b/package/network/config/netifd/patches/0003-netifd-vxlan-add-most-missing-boolean-options.patch
+new file mode 100644
+index 0000000000..96acbccf61
+--- /dev/null
++++ b/package/network/config/netifd/patches/0003-netifd-vxlan-add-most-missing-boolean-options.patch
+@@ -0,0 +1,97 @@
++From 1c7cc903287f54ad7d7727f3e58b683057e184d3 Mon Sep 17 00:00:00 2001
++From: Johannes Kimmel <fff at bareminimum.eu>
++Date: Sat, 1 Aug 2020 04:05:31 +0200
++Subject: [PATCH 3/4] netifd: vxlan: add most missing boolean options
++
++adds the folloing missing options:
++ - learning
++ - rsc
++ - proxy
++ - l2miss
++ - l3miss
++ - gbp
++
++See ip-link(3) for their meaning.
++
++still missing:
++ - external
++ - gpe
++
++I'm not sure how to handle them at the moment. It's unclear to me what
++IFLA_VXLAN_* value corresponds to the 'external' option and according to
++the manpage, gpe depends on it.
++
++Signed-off-by: Johannes Kimmel <fff at bareminimum.eu>
++---
++ system-linux.c | 12 +++++++++++-
++ system.c | 6 ++++++
++ system.h | 6 ++++++
++ 3 files changed, 23 insertions(+), 1 deletion(-)
++
++diff --git a/system-linux.c b/system-linux.c
++index 82b65e3..0626128 100644
++--- a/system-linux.c
+++++ b/system-linux.c
++@@ -3080,7 +3080,11 @@ static void system_vxlan_map_bool_attr(struct nl_msg *msg, struct blob_attr **tb
++ if (invert) {
++ val = !val;
++ }
++- nla_put_u8(msg, attrtype, val);
+++ if ((attrtype == IFLA_VXLAN_GBP) && val) {
+++ nla_put_flag(msg, attrtype);
+++ } else {
+++ nla_put_u8(msg, attrtype, val);
+++ }
++ }
++ }
++
++@@ -3224,6 +3228,12 @@ static int system_add_vxlan(const char *name, const unsigned int link, struct bl
++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_UDP_ZERO_CSUM6_RX, VXLAN_DATA_ATTR_RXCSUM, true);
++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_UDP_CSUM, VXLAN_DATA_ATTR_TXCSUM, false);
++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_UDP_ZERO_CSUM6_TX, VXLAN_DATA_ATTR_TXCSUM, true);
+++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_LEARNING, VXLAN_DATA_ATTR_LEARNING, false);
+++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_RSC , VXLAN_DATA_ATTR_RSC, false);
+++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_PROXY , VXLAN_DATA_ATTR_PROXY, false);
+++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_L2MISS , VXLAN_DATA_ATTR_L2MISS, false);
+++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_L3MISS , VXLAN_DATA_ATTR_L3MISS, false);
+++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_GBP , VXLAN_DATA_ATTR_GBP, false);
++
++ if ((cur = tb[TUNNEL_ATTR_TOS])) {
++ char *str = blobmsg_get_string(cur);
++diff --git a/system.c b/system.c
++index 4133e55..95721e1 100644
++--- a/system.c
+++++ b/system.c
++@@ -40,6 +40,12 @@ static const struct blobmsg_policy vxlan_data_attrs[__VXLAN_DATA_ATTR_MAX] = {
++ [VXLAN_DATA_ATTR_TXCSUM] = { .name = "txcsum", .type = BLOBMSG_TYPE_BOOL },
++ [VXLAN_DATA_ATTR_SRCPORTMIN] = { .name = "srcportmin", .type = BLOBMSG_TYPE_INT32 },
++ [VXLAN_DATA_ATTR_SRCPORTMAX] = { .name = "srcportmax", .type = BLOBMSG_TYPE_INT32 },
+++ [VXLAN_DATA_ATTR_LEARNING] = { .name = "learning", .type = BLOBMSG_TYPE_BOOL },
+++ [VXLAN_DATA_ATTR_RSC] = { .name = "rsc", .type = BLOBMSG_TYPE_BOOL },
+++ [VXLAN_DATA_ATTR_PROXY] = { .name = "proxy", .type = BLOBMSG_TYPE_BOOL },
+++ [VXLAN_DATA_ATTR_L2MISS] = { .name = "l2miss", .type = BLOBMSG_TYPE_BOOL },
+++ [VXLAN_DATA_ATTR_L3MISS] = { .name = "l3miss", .type = BLOBMSG_TYPE_BOOL },
+++ [VXLAN_DATA_ATTR_GBP] = { .name = "gbp", .type = BLOBMSG_TYPE_BOOL },
++ };
++
++ const struct uci_blob_param_list vxlan_data_attr_list = {
++diff --git a/system.h b/system.h
++index bf9e1d7..290c2e5 100644
++--- a/system.h
+++++ b/system.h
++@@ -46,6 +46,12 @@ enum vxlan_data {
++ VXLAN_DATA_ATTR_TXCSUM,
++ VXLAN_DATA_ATTR_SRCPORTMIN,
++ VXLAN_DATA_ATTR_SRCPORTMAX,
+++ VXLAN_DATA_ATTR_LEARNING,
+++ VXLAN_DATA_ATTR_RSC,
+++ VXLAN_DATA_ATTR_PROXY,
+++ VXLAN_DATA_ATTR_L2MISS,
+++ VXLAN_DATA_ATTR_L3MISS,
+++ VXLAN_DATA_ATTR_GBP,
++ __VXLAN_DATA_ATTR_MAX
++ };
++
++--
++2.28.0
++
+diff --git a/package/network/config/netifd/patches/0004-netifd-vxlan-add-aging-and-maxaddress-options.patch b/package/network/config/netifd/patches/0004-netifd-vxlan-add-aging-and-maxaddress-options.patch
+new file mode 100644
+index 0000000000..9fa810551e
+--- /dev/null
++++ b/package/network/config/netifd/patches/0004-netifd-vxlan-add-aging-and-maxaddress-options.patch
+@@ -0,0 +1,65 @@
++From 01cccf0f8f61764be48a77a07afe84d695d8633c Mon Sep 17 00:00:00 2001
++From: Johannes Kimmel <fff at bareminimum.eu>
++Date: Mon, 3 Aug 2020 03:41:55 +0200
++Subject: [PATCH 4/4] netifd: vxlan: add aging and maxaddress options
++
++For both options the values can just be passed to the kernel. All
++unsigned values are accepted, thus no range checking required.
++
++Signed-off-by: Johannes Kimmel <fff at bareminimum.eu>
++---
++ system-linux.c | 10 ++++++++++
++ system.c | 2 ++
++ system.h | 2 ++
++ 3 files changed, 14 insertions(+)
++
++diff --git a/system-linux.c b/system-linux.c
++index 0626128..ad1caf2 100644
++--- a/system-linux.c
+++++ b/system-linux.c
++@@ -3235,6 +3235,16 @@ static int system_add_vxlan(const char *name, const unsigned int link, struct bl
++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_L3MISS , VXLAN_DATA_ATTR_L3MISS, false);
++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_GBP , VXLAN_DATA_ATTR_GBP, false);
++
+++ if ((cur = tb_data[VXLAN_DATA_ATTR_AGEING])) {
+++ uint32_t ageing = blobmsg_get_u32(cur);
+++ nla_put_u32(msg, IFLA_VXLAN_AGEING, ageing);
+++ }
+++
+++ if ((cur = tb_data[VXLAN_DATA_ATTR_LIMIT])) {
+++ uint32_t maxaddress = blobmsg_get_u32(cur);
+++ nla_put_u32(msg, IFLA_VXLAN_LIMIT, maxaddress);
+++ }
+++
++ if ((cur = tb[TUNNEL_ATTR_TOS])) {
++ char *str = blobmsg_get_string(cur);
++ unsigned tos = 1;
++diff --git a/system.c b/system.c
++index 95721e1..834748e 100644
++--- a/system.c
+++++ b/system.c
++@@ -46,6 +46,8 @@ static const struct blobmsg_policy vxlan_data_attrs[__VXLAN_DATA_ATTR_MAX] = {
++ [VXLAN_DATA_ATTR_L2MISS] = { .name = "l2miss", .type = BLOBMSG_TYPE_BOOL },
++ [VXLAN_DATA_ATTR_L3MISS] = { .name = "l3miss", .type = BLOBMSG_TYPE_BOOL },
++ [VXLAN_DATA_ATTR_GBP] = { .name = "gbp", .type = BLOBMSG_TYPE_BOOL },
+++ [VXLAN_DATA_ATTR_AGEING] = { .name = "ageing", .type = BLOBMSG_TYPE_INT32 },
+++ [VXLAN_DATA_ATTR_LIMIT] = { .name = "maxaddress", .type = BLOBMSG_TYPE_INT32 },
++ };
++
++ const struct uci_blob_param_list vxlan_data_attr_list = {
++diff --git a/system.h b/system.h
++index 290c2e5..52161a8 100644
++--- a/system.h
+++++ b/system.h
++@@ -52,6 +52,8 @@ enum vxlan_data {
++ VXLAN_DATA_ATTR_L2MISS,
++ VXLAN_DATA_ATTR_L3MISS,
++ VXLAN_DATA_ATTR_GBP,
+++ VXLAN_DATA_ATTR_AGEING,
+++ VXLAN_DATA_ATTR_LIMIT,
++ __VXLAN_DATA_ATTR_MAX
++ };
++
++--
++2.28.0
++
+--
+2.28.0
+
diff --git a/build_patches/openwrt/0016-vxlan-wire-up-more-options.patch b/build_patches/openwrt/0016-vxlan-wire-up-more-options.patch
new file mode 100644
index 0000000..5c0d9a5
--- /dev/null
+++ b/build_patches/openwrt/0016-vxlan-wire-up-more-options.patch
@@ -0,0 +1,73 @@
+From 5dca02ecf3070f55e3c4aaaf9018bcdefe1f1a1d Mon Sep 17 00:00:00 2001
+From: Johannes Kimmel <fff at bareminimum.eu>
+Date: Sat, 1 Aug 2020 04:33:11 +0200
+Subject: [PATCH 16/17] vxlan: wire-up more options
+
+Signed-off-by: Johannes Kimmel <fff at bareminimum.eu>
+---
+ package/network/config/vxlan/files/vxlan.sh | 26 +++++++++++++++++++--
+ 1 file changed, 24 insertions(+), 2 deletions(-)
+
+diff --git a/package/network/config/vxlan/files/vxlan.sh b/package/network/config/vxlan/files/vxlan.sh
+index d063c47d47..856f2ca76b 100755
+--- a/package/network/config/vxlan/files/vxlan.sh
++++ b/package/network/config/vxlan/files/vxlan.sh
+@@ -59,8 +59,11 @@ vxlan_generic_setup() {
+
+ local link="$cfg"
+
+- local port vid ttl tos mtu macaddr zone rxcsum txcsum
+- json_get_vars port vid ttl tos mtu macaddr zone rxcsum txcsum
++ local port srcport srcportmin srcportmax vid ttl tos mtu macaddr zone rxcsum txcsum learning rsc proxy l2miss l3miss gbp ageing maxaddress
++ json_get_vars port srcport vid ttl tos mtu macaddr zone rxcsum txcsum learning rsc proxy l2miss l3miss gbp ageing maxaddress
++
++ srcportmin=$(echo $srcport | cut -d' ' -f1)
++ srcportmax=$(echo $srcport | cut -d' ' -f2)
+
+ proto_init_update "$link" 1
+
+@@ -77,10 +80,20 @@ vxlan_generic_setup() {
+
+ json_add_object 'data'
+ [ -n "$port" ] && json_add_int port "$port"
++ [ -n "$srcportmin" ] && json_add_int srcportmin "$srcportmin"
++ [ -n "$srcportmax" ] && json_add_int srcportmax "$srcportmax"
+ [ -n "$vid" ] && json_add_int id "$vid"
+ [ -n "$macaddr" ] && json_add_string macaddr "$macaddr"
+ [ -n "$rxcsum" ] && json_add_boolean rxcsum "$rxcsum"
+ [ -n "$txcsum" ] && json_add_boolean txcsum "$txcsum"
++ [ -n "$learning" ] && json_add_boolean learning "$learning"
++ [ -n "$rsc" ] && json_add_boolean rsc "$rsc"
++ [ -n "$proxy" ] && json_add_boolean proxy "$proxy"
++ [ -n "$l2miss" ] && json_add_boolean l2miss "$l2miss"
++ [ -n "$l3miss" ] && json_add_boolean l3miss "$l3miss"
++ [ -n "$gbp" ] && json_add_boolean gbp "$gbp"
++ [ -n "$ageing" ] && json_add_int ageing "$ageing"
++ [ -n "$maxaddress" ] && json_add_int maxaddress "$maxaddress"
+ json_close_object
+
+ proto_close_tunnel
+@@ -160,11 +173,20 @@ vxlan_generic_init_config() {
+
+ proto_config_add_int "vid"
+ proto_config_add_int "port"
++ proto_config_add_string "srcport"
+ proto_config_add_int "ttl"
+ proto_config_add_int "tos"
+ proto_config_add_int "mtu"
+ proto_config_add_boolean "rxcsum"
+ proto_config_add_boolean "txcsum"
++ proto_config_add_boolean "learning"
++ proto_config_add_boolean "rsc"
++ proto_config_add_boolean "proxy"
++ proto_config_add_boolean "l2miss"
++ proto_config_add_boolean "l3miss"
++ proto_config_add_boolean "gbp"
++ proto_config_add_int "ageing"
++ proto_config_add_int "maxaddress"
+ proto_config_add_string "macaddr"
+ }
+
+--
+2.28.0
+
diff --git a/build_patches/openwrt/0017-vxlan-allow-for-automatic-source-ip-selection.patch b/build_patches/openwrt/0017-vxlan-allow-for-automatic-source-ip-selection.patch
new file mode 100644
index 0000000..d9f3eff
--- /dev/null
+++ b/build_patches/openwrt/0017-vxlan-allow-for-automatic-source-ip-selection.patch
@@ -0,0 +1,98 @@
+From 6d9d59becb79d63017542ec35544a7ae1fb8146e Mon Sep 17 00:00:00 2001
+From: Johannes Kimmel <fff at bareminimum.eu>
+Date: Mon, 3 Aug 2020 04:43:47 +0200
+Subject: [PATCH 17/17] vxlan: allow for automatic source ip selection
+
+By setting no or preferably the zero address as source address, vxlan
+will choose one automatically. This helps in setups where a wan ip or
+prefix changes.
+
+To not break old behaviour, the new automatic behaviour is not used when
+no source address is specified.
+
+Specifying 'inherit' or the empty string as source ip will try to
+calculate a source ip once from the tunlink interface.
+
+Signed-off-by: Johannes Kimmel <fff at bareminimum.eu>
+---
+ package/network/config/vxlan/files/vxlan.sh | 55 ++++++++++++---------
+ 1 file changed, 33 insertions(+), 22 deletions(-)
+
+diff --git a/package/network/config/vxlan/files/vxlan.sh b/package/network/config/vxlan/files/vxlan.sh
+index 856f2ca76b..e7b67a0830 100755
+--- a/package/network/config/vxlan/files/vxlan.sh
++++ b/package/network/config/vxlan/files/vxlan.sh
+@@ -116,18 +116,23 @@ proto_vxlan_setup() {
+
+ ( proto_add_host_dependency "$cfg" '' "$tunlink" )
+
+- [ -z "$ipaddr" ] && {
+- local wanif="$tunlink"
+- if [ -z "$wanif" ] && ! network_find_wan wanif; then
+- proto_notify_error "$cfg" "NO_WAN_LINK"
+- exit
+- fi
++ case "$ipaddr" in
++ "inherit"|"")
++ local wanif="$tunlink"
++ if [ -z "$wanif" ] && ! network_find_wan wanif; then
++ proto_notify_error "$cfg" "NO_WAN_LINK"
++ exit
++ fi
+
+- if ! network_get_ipaddr ipaddr "$wanif"; then
+- proto_notify_error "$cfg" "NO_WAN_LINK"
+- exit
+- fi
+- }
++ if ! network_get_ipaddr ipaddr "$wanif"; then
++ proto_notify_error "$cfg" "NO_WAN_LINK"
++ exit
++ fi
++ ;;
++ "auto")
++ ipaddr="0.0.0.0"
++ ;;
++ esac
+
+ vxlan_generic_setup "$cfg" 'vxlan' "$ipaddr" "$peeraddr"
+ }
+@@ -140,18 +145,24 @@ proto_vxlan6_setup() {
+
+ ( proto_add_host_dependency "$cfg" '' "$tunlink" )
+
+- [ -z "$ip6addr" ] && {
+- local wanif="$tunlink"
+- if [ -z "$wanif" ] && ! network_find_wan6 wanif; then
+- proto_notify_error "$cfg" "NO_WAN_LINK"
+- exit
+- fi
++ case "$ip6addr" in
++ "inherit"|"")
++ local wanif="$tunlink"
++ if [ -z "$wanif" ] && ! network_find_wan6 wanif; then
++ proto_notify_error "$cfg" "NO_WAN_LINK"
++ exit
++ fi
+
+- if ! network_get_ipaddr6 ip6addr "$wanif"; then
+- proto_notify_error "$cfg" "NO_WAN_LINK"
+- exit
+- fi
+- }
++ if ! network_get_ipaddr6 ip6addr "$wanif"; then
++ proto_notify_error "$cfg" "NO_WAN_LINK"
++ exit
++ fi
++ ;;
++ "auto")
++ # ensure tunnel via ipv6
++ ip6addr="::"
++ ;;
++ esac
+
+ vxlan_generic_setup "$cfg" 'vxlan6' "$ip6addr" "$peer6addr"
+ }
+--
+2.28.0
+
--
2.28.0
Mehr Informationen über die Mailingliste franken-dev