[PATCH] build_patches: add updates for vxlan support

[Adrian Schmutzler]

This adds a few improvements and fixes for vxlan support.

The following two patches are already backported to openwrt-1907 and
can be dropped after bumping to the next point release:

0011-vxlan-fix-udp-checksum-control.patch
0012-vxlan-bump-and-change-to-PKG_RELEASE.patch

The other two patches won't be backported and have to be kept until
we move up to 20.xx:

0013-vxlan-remove-mandatory-peeraddr.patch
0014-vxlan-add-capability-for-multiple-fdb-entries.patch

Signed-off-by: Adrian Schmutzler <freifunk at adrianschmutzler.de>
---
 .../0011-vxlan-fix-udp-checksum-control.patch |  27 +++
 ...vxlan-bump-and-change-to-PKG_RELEASE.patch |  29 ++++
 ...0013-vxlan-remove-mandatory-peeraddr.patch |  42 +++++
 ...-capability-for-multiple-fdb-entries.patch | 158 ++++++++++++++++++
 4 files changed, 256 insertions(+)
 create mode 100644 build_patches/openwrt/0011-vxlan-fix-udp-checksum-control.patch
 create mode 100644 build_patches/openwrt/0012-vxlan-bump-and-change-to-PKG_RELEASE.patch
 create mode 100644 build_patches/openwrt/0013-vxlan-remove-mandatory-peeraddr.patch
 create mode 100644 build_patches/openwrt/0014-vxlan-add-capability-for-multiple-fdb-entries.patch

diff --git a/build_patches/openwrt/0011-vxlan-fix-udp-checksum-control.patch b/build_patches/openwrt/0011-vxlan-fix-udp-checksum-control.patch
new file mode 100644
index 00000000..5539d557
--- /dev/null
+++ b/build_patches/openwrt/0011-vxlan-fix-udp-checksum-control.patch
@@ -0,0 +1,27 @@
+From: Johannes Kimmel <fff at bareminimum.eu>
+Date: Mon, 8 Jun 2020 16:14:43 +0200
+Subject: vxlan: fix udp checksum control
+
+So far, passing "rxcsum" and "txcsum" had no effect.
+
+Fixes: 95ab18e0124e ("vxlan: add options to enable and disable UDP
+checksums")
+
+Signed-off-by: Johannes Kimmel <fff at bareminimum.eu>
+[add Fixes:]
+Signed-off-by: Adrian Schmutzler <freifunk at adrianschmutzler.de>
+(cherry picked from commit 0453c3866feb701160bbab4ecf9762c5a3038503)
+
+diff --git a/package/network/config/vxlan/files/vxlan.sh b/package/network/config/vxlan/files/vxlan.sh
+index d055d41edc59f50c0c132849bbcd0235edeef5b9..7b1c7039551b7781f5f7a8e73b964db698f3697b 100755
+--- a/package/network/config/vxlan/files/vxlan.sh
++++ b/package/network/config/vxlan/files/vxlan.sh
+@@ -129,6 +129,8 @@ vxlan_generic_init_config() {
+ 	proto_config_add_int "ttl"
+ 	proto_config_add_int "tos"
+ 	proto_config_add_int "mtu"
++	proto_config_add_boolean "rxcsum"
++	proto_config_add_boolean "txcsum"
+ 	proto_config_add_string "macaddr"
+ }
+ 
diff --git a/build_patches/openwrt/0012-vxlan-bump-and-change-to-PKG_RELEASE.patch b/build_patches/openwrt/0012-vxlan-bump-and-change-to-PKG_RELEASE.patch
new file mode 100644
index 00000000..a9c603fa
--- /dev/null
+++ b/build_patches/openwrt/0012-vxlan-bump-and-change-to-PKG_RELEASE.patch
@@ -0,0 +1,29 @@
+From: Adrian Schmutzler <freifunk at adrianschmutzler.de>
+Date: Wed, 15 Jul 2020 16:49:36 +0200
+Subject: vxlan: bump and change to PKG_RELEASE
+
+Bumping package version has been overlooked in a previous commit.
+
+While at it, use PKG_RELEASE instead of PKG_VERSION, as the latter
+is meant for upstream version number only.
+(The effective version string for the package would be "3" in both
+cases, so there is no harm done for version comparison.)
+
+Fixes: 0453c3866feb ("vxlan: fix udp checksum control")
+
+Signed-off-by: Adrian Schmutzler <freifunk at adrianschmutzler.de>
+(cherry picked from commit b29d620ed2521fe6fda40ddafe6cb0f1d70e4503)
+
+diff --git a/package/network/config/vxlan/Makefile b/package/network/config/vxlan/Makefile
+index 5850c443e73131f19fbeb1f986f85259d5747ac4..13fcf0c55d07d97f5dcc3cbfcf2478020e7107cc 100644
+--- a/package/network/config/vxlan/Makefile
++++ b/package/network/config/vxlan/Makefile
+@@ -1,7 +1,7 @@
+ include $(TOPDIR)/rules.mk
+ 
+ PKG_NAME:=vxlan
+-PKG_VERSION:=2
++PKG_RELEASE:=3
+ PKG_LICENSE:=GPL-2.0
+ 
+ include $(INCLUDE_DIR)/package.mk
diff --git a/build_patches/openwrt/0013-vxlan-remove-mandatory-peeraddr.patch b/build_patches/openwrt/0013-vxlan-remove-mandatory-peeraddr.patch
new file mode 100644
index 00000000..90ce449d
--- /dev/null
+++ b/build_patches/openwrt/0013-vxlan-remove-mandatory-peeraddr.patch
@@ -0,0 +1,42 @@
+From: Johannes Kimmel <fff at bareminimum.eu>
+Date: Mon, 20 Jul 2020 08:05:09 +0200
+Subject: vxlan: remove mandatory peeraddr
+
+vxlan can be configured without a peer address. This is used to prepare
+an interface and add peers later.
+
+Fixes: FS#2743
+
+Signed-off-by: Johannes Kimmel <fff at bareminimum.eu>
+Acked-by: Matthias Schiffer <mschiffer at universe-factory.net>
+
+diff --git a/package/network/config/vxlan/files/vxlan.sh b/package/network/config/vxlan/files/vxlan.sh
+index 7b1c7039551b7781f5f7a8e73b964db698f3697b..bdcaa628c4416cc83258dd38a6fc0978ea55a3bb 100755
+--- a/package/network/config/vxlan/files/vxlan.sh
++++ b/package/network/config/vxlan/files/vxlan.sh
+@@ -55,12 +55,6 @@ proto_vxlan_setup() {
+ 	local ipaddr peeraddr
+ 	json_get_vars ipaddr peeraddr tunlink
+ 
+-	[ -z "$peeraddr" ] && {
+-		proto_notify_error "$cfg" "MISSING_ADDRESS"
+-		proto_block_restart "$cfg"
+-		exit
+-	}
+-
+ 	( proto_add_host_dependency "$cfg" '' "$tunlink" )
+ 
+ 	[ -z "$ipaddr" ] && {
+@@ -85,12 +79,6 @@ proto_vxlan6_setup() {
+ 	local ip6addr peer6addr
+ 	json_get_vars ip6addr peer6addr tunlink
+ 
+-	[ -z "$peer6addr" ] && {
+-		proto_notify_error "$cfg" "MISSING_ADDRESS"
+-		proto_block_restart "$cfg"
+-		exit
+-	}
+-
+ 	( proto_add_host_dependency "$cfg" '' "$tunlink" )
+ 
+ 	[ -z "$ip6addr" ] && {
diff --git a/build_patches/openwrt/0014-vxlan-add-capability-for-multiple-fdb-entries.patch b/build_patches/openwrt/0014-vxlan-add-capability-for-multiple-fdb-entries.patch
new file mode 100644
index 00000000..243917d4
--- /dev/null
+++ b/build_patches/openwrt/0014-vxlan-add-capability-for-multiple-fdb-entries.patch
@@ -0,0 +1,158 @@
+From: Johannes Kimmel <fff at bareminimum.eu>
+Date: Mon, 20 Jul 2020 08:05:10 +0200
+Subject: vxlan: add capability for multiple fdb entries
+
+Similar to wireguard, vxlan can configure multiple peers or add specific
+entries to the fdb for a single mac address.
+
+While you can still use peeraddr/peer6addr option within the proto
+vxlan/vxlan6 section to not break existing configurations, this patch
+allows to add multiple sections that conigure fdb entries via the bridge
+command. As such, the bridge command is now a dependency of the vxlan
+package. (To be honest without the bridge command available, vxlan isn't
+very much fun to use or debug at all)
+
+Field names are taken direclty from the bridge command.
+
+Example with all supported parameters, since this hasn't been documented so
+far:
+
+  config interface 'vx0'
+      option proto     'vxlan6'      # use vxlan over ipv6
+
+      # main options
+      option ip6addr   '2001:db8::1' # listen address
+      option tunlink   'wan6'        # optional if listen address given
+      option peer6addr '2001:db8::2' # now optional
+      option port      '8472'        # this is the standard port under linux
+      option vid       '42'          # VXLAN Network Identifier to use
+      option mtu       '1430'        # vxlan6 has 70 bytes overhead
+
+      # extra options
+      option rxcsum  '0'  # allow receiving packets without checksum
+      option txcsum  '0'  # send packets without checksum
+      option ttl     '16' # specifies the TTL value for outgoing packets
+      option tos     '0'  # specifies the TOS value for outgoing packets
+      option macaddr '11:22:33:44:55:66' # optional, manually specify mac
+                                         # default is a random address
+
+Single peer with head-end replication. Corresponds to the following call
+to bridge:
+
+  $ bridge fdb append 00:00:00:00:00:00 dev vx0 dst 2001:db8::3
+
+  config vxlan_peer
+      option vxlan 'vx0'
+      option dst '2001:db8::3' # always required
+
+For multiple peers, this section can be repeated for each dst address.
+
+It's possible to specify a multicast address as destination. Useful when
+multicast routing is available or within one lan segment:
+
+  config vxlan_peer
+      option vxlan 'vx0'
+      option dst 'ff02::1337' # multicast group to join.
+                              # all bum traffic will be send there
+      option via 'eth1'       # for multicast, an outgoing interface needs
+                              # to be specified
+
+All available peer options for completeness:
+
+  config vxlan_peer
+      option vxlan   'vx0'               # the interface to configure
+      option lladdr  'aa:bb:cc:dd:ee:ff' # specific mac,
+      option dst     '2001:db8::4'       # connected to this peer
+      option via     'eth0.1'            # use this interface only
+      option port    '4789'              # use different port for this peer
+      option vni     '23'                # override vni for this peer
+      option src_vni '123'               # see man 3 bridge
+
+Signed-off-by: Johannes Kimmel <fff at bareminimum.eu>
+
+diff --git a/package/network/config/vxlan/Makefile b/package/network/config/vxlan/Makefile
+index 13fcf0c55d07d97f5dcc3cbfcf2478020e7107cc..7232f71b45e6f72f2c62a245ad44cb9ade144f52 100644
+--- a/package/network/config/vxlan/Makefile
++++ b/package/network/config/vxlan/Makefile
+@@ -1,7 +1,7 @@
+ include $(TOPDIR)/rules.mk
+ 
+ PKG_NAME:=vxlan
+-PKG_RELEASE:=3
++PKG_RELEASE:=4
+ PKG_LICENSE:=GPL-2.0
+ 
+ include $(INCLUDE_DIR)/package.mk
+diff --git a/package/network/config/vxlan/files/vxlan.sh b/package/network/config/vxlan/files/vxlan.sh
+index bdcaa628c4416cc83258dd38a6fc0978ea55a3bb..d063c47d47d0f4e339b21e97f4e25f55a33c0497 100755
+--- a/package/network/config/vxlan/files/vxlan.sh
++++ b/package/network/config/vxlan/files/vxlan.sh
+@@ -7,6 +7,50 @@
+ 	init_proto "$@"
+ }
+ 
++proto_vxlan_setup_peer() {
++	type bridge &> /dev/null || {
++		proto_notify_error "$cfg" "MISSING_BRIDGE_COMMAND"
++		exit
++	}
++
++	local peer_config="$1"
++
++	local vxlan
++	local lladdr
++	local dst
++	local src_vni
++	local vni
++	local port
++	local via
++
++	config_get vxlan   "${peer_config}" "vxlan"
++	config_get lladdr  "${peer_config}" "lladdr"
++	config_get dst     "${peer_config}" "dst"
++	config_get src_vni "${peer_config}" "src_vni"
++	config_get vni     "${peer_config}" "vni"
++	config_get port    "${peer_config}" "port"
++	config_get via     "${peer_config}" "via"
++
++	[ "$cfg" = "$vxlan" ] || {
++		# This peer section belongs to another device
++		return
++	}
++
++	[ -n "${dst}" ] || {
++		proto_notify_error "$cfg" "MISSING_PEER_ADDRESS"
++		exit
++	}
++
++	bridge fdb append \
++		${lladdr:-00:00:00:00:00:00} \
++		dev ${cfg}                   \
++		dst ${dst}                   \
++		${src_vni:+src_vni $src_vni} \
++		${vni:+vni $vni}             \
++		${port:+port $port}          \
++		${via:+via $via}
++}
++
+ vxlan_generic_setup() {
+ 	local cfg="$1"
+ 	local mode="$2"
+@@ -18,7 +62,6 @@ vxlan_generic_setup() {
+ 	local port vid ttl tos mtu macaddr zone rxcsum txcsum
+ 	json_get_vars port vid ttl tos mtu macaddr zone rxcsum txcsum
+ 
+-
+ 	proto_init_update "$link" 1
+ 
+ 	proto_add_tunnel
+@@ -47,6 +90,9 @@ vxlan_generic_setup() {
+ 	proto_close_data
+ 
+ 	proto_send_update "$cfg"
++
++	config_load network
++	config_foreach proto_vxlan_setup_peer "vxlan_peer"
+ }
+ 
+ proto_vxlan_setup() {
-- 
2.20.1