From f6c1e4da52e228e1d1eae569cbd01a1e8ad6b171 Mon Sep 17 00:00:00 2001 From: Johannes Kimmel Date: Fri, 1 Jan 2021 10:00:33 +0100 Subject: [PATCH] vxlan: backport vxlan patches to 19.07.5 vxlan support in 19.07.5 is very limited. This set of patches adds - more flexible source ip selection - control over most options - multiple remote endpoint configuration List of patches backported: - 5222aadbf3 vxlan: remove mandatory peeraddr - 65e9de3c33 vxlan: add capability for multiple fdb entries - 036221ce5a vxlan: add extra config options - ad3044c424 vxlan: fix rsc config option - 3f5619f259 vxlan: allow for dynamic source ip selection (FS#3426) - a3c033e2af netifd: vxlan: handle srcport range - 226566b967 netifd: vxlan: refactor mapping of boolean attrs - 11223f5550 netifd: vxlan: add most missing boolean options - 55a7b6b7f2 netifd: vxlan: add aging and maxaddress options Signed-off-by: Johannes Kimmel Reviewed-by: Robert Langhammer Tested-by: Robert Langhammer Reviewed-by: Adrian Schmutzler [refresh patches and remove some bloat] Signed-off-by: Adrian Schmutzler --- ...004-vxlan-remove-mandatory-peeraddr.patch} | 0 ...capability-for-multiple-fdb-entries.patch} | 0 .../0006-vxlan-add-extra-config-options.patch | 90 +++++ .../0007-vxlan-fix-rsc-config-option.patch | 37 ++ ...-dynamic-source-ip-selection-FS-3426.patch | 101 ++++++ .../0009-netifd-backport-vxlan-patches.patch | 324 ++++++++++++++++++ 6 files changed, 552 insertions(+) rename build_patches/openwrt/{0013-vxlan-remove-mandatory-peeraddr.patch => 0004-vxlan-remove-mandatory-peeraddr.patch} (100%) rename build_patches/openwrt/{0014-vxlan-add-capability-for-multiple-fdb-entries.patch => 0005-vxlan-add-capability-for-multiple-fdb-entries.patch} (100%) create mode 100644 build_patches/openwrt/0006-vxlan-add-extra-config-options.patch create mode 100644 build_patches/openwrt/0007-vxlan-fix-rsc-config-option.patch create mode 100644 build_patches/openwrt/0008-vxlan-allow-for-dynamic-source-ip-selection-FS-3426.patch create mode 100644 build_patches/openwrt/0009-netifd-backport-vxlan-patches.patch diff --git a/build_patches/openwrt/0013-vxlan-remove-mandatory-peeraddr.patch b/build_patches/openwrt/0004-vxlan-remove-mandatory-peeraddr.patch similarity index 100% rename from build_patches/openwrt/0013-vxlan-remove-mandatory-peeraddr.patch rename to build_patches/openwrt/0004-vxlan-remove-mandatory-peeraddr.patch diff --git a/build_patches/openwrt/0014-vxlan-add-capability-for-multiple-fdb-entries.patch b/build_patches/openwrt/0005-vxlan-add-capability-for-multiple-fdb-entries.patch similarity index 100% rename from build_patches/openwrt/0014-vxlan-add-capability-for-multiple-fdb-entries.patch rename to build_patches/openwrt/0005-vxlan-add-capability-for-multiple-fdb-entries.patch diff --git a/build_patches/openwrt/0006-vxlan-add-extra-config-options.patch b/build_patches/openwrt/0006-vxlan-add-extra-config-options.patch new file mode 100644 index 00000000..24a90124 --- /dev/null +++ b/build_patches/openwrt/0006-vxlan-add-extra-config-options.patch @@ -0,0 +1,90 @@ +From: Hans Dedecker +Date: Mon, 14 Sep 2020 21:55:01 +0200 +Subject: vxlan: add extra config options + +Add config options: + srcportmin/srcportmax : range of port numbers to use as UDP source ports + to communicate to the remote VXLAN tunnel endpoint + ageing : lifetime in seconds of FDB entries learnt by the kernel + maxaddress : maximum number of FDB entries + learning : enable/disable entering unknown source link layer addresses + and IP addresses into the VXLAN device FDB. + rsc : enable/disable route short circuit + proxy : enable/disable ARP proxy + l2miss : enable/disable netlink LLADDR miss notifications + l3miss : enable/disable netlink IP ADDR miss notifications + gbp : enable/disable the Group Policy extension + +Signed-off-by: Hans Dedecker +(cherry picked from commit 036221ce5a899eb99ef1c1623fc9460af00a69e7) + +diff --git a/package/network/config/vxlan/Makefile b/package/network/config/vxlan/Makefile +index 7232f71b45e6f72f2c62a245ad44cb9ade144f52..eb053bf1118dd300db549906bfd474a19f5e3752 100644 +--- a/package/network/config/vxlan/Makefile ++++ b/package/network/config/vxlan/Makefile +@@ -1,7 +1,7 @@ + include $(TOPDIR)/rules.mk + + PKG_NAME:=vxlan +-PKG_RELEASE:=4 ++PKG_RELEASE:=5 + PKG_LICENSE:=GPL-2.0 + + include $(INCLUDE_DIR)/package.mk +diff --git a/package/network/config/vxlan/files/vxlan.sh b/package/network/config/vxlan/files/vxlan.sh +index d063c47d47d0f4e339b21e97f4e25f55a33c0497..8b3a0a53d47c675fcf89981061a250b5f526df3e 100755 +--- a/package/network/config/vxlan/files/vxlan.sh ++++ b/package/network/config/vxlan/files/vxlan.sh +@@ -59,8 +59,8 @@ vxlan_generic_setup() { + + local link="$cfg" + +- local port vid ttl tos mtu macaddr zone rxcsum txcsum +- json_get_vars port vid ttl tos mtu macaddr zone rxcsum txcsum ++ local port vid ttl tos mtu macaddr zone rxcsum txcsum srcportmin srcportmax ageing maxaddress learning proxy l2miss l3miss gbp ++ json_get_vars port vid ttl tos mtu macaddr zone rxcsum txcsum srcportmin srcportmax ageing maxaddress learning proxy l2miss l3miss gbp + + proto_init_update "$link" 1 + +@@ -78,9 +78,20 @@ vxlan_generic_setup() { + json_add_object 'data' + [ -n "$port" ] && json_add_int port "$port" + [ -n "$vid" ] && json_add_int id "$vid" ++ [ -n "$srcportmin" ] && json_add_int srcportmin "$srcportmin" ++ [ -n "$srcportmax" ] && json_add_int srcportmax "$srcportmax" ++ [ -n "$ageing" ] && json_add_int ageing "$ageing" ++ [ -n "$maxaddress" ] && json_add_int maxaddress "$maxaddress" + [ -n "$macaddr" ] && json_add_string macaddr "$macaddr" + [ -n "$rxcsum" ] && json_add_boolean rxcsum "$rxcsum" + [ -n "$txcsum" ] && json_add_boolean txcsum "$txcsum" ++ [ -n "$learning" ] && json_add_boolean learning "$learning" ++ [ -n "$rsc" ] && json_add_boolean rsc "$rsc" ++ [ -n "$proxy" ] && json_add_boolean proxy "$proxy" ++ [ -n "$l2miss" ] && json_add_boolean l2miss "$l2miss" ++ [ -n "$l3miss" ] && json_add_boolean l3miss "$l3miss" ++ [ -n "$gbp" ] && json_add_boolean gbp "$gbp" ++ + json_close_object + + proto_close_tunnel +@@ -163,9 +174,20 @@ vxlan_generic_init_config() { + proto_config_add_int "ttl" + proto_config_add_int "tos" + proto_config_add_int "mtu" ++ proto_config_add_int "srcportmin" ++ proto_config_add_int "srcportmax" ++ proto_config_add_int "ageing" ++ proto_config_add_int "maxaddress" + proto_config_add_boolean "rxcsum" + proto_config_add_boolean "txcsum" ++ proto_config_add_boolean "learning" ++ proto_config_add_boolean "rsc" ++ proto_config_add_boolean "proxy" ++ proto_config_add_boolean "l2miss" ++ proto_config_add_boolean "l3miss" ++ proto_config_add_boolean "gbp" + proto_config_add_string "macaddr" ++ + } + + proto_vxlan_init_config() { diff --git a/build_patches/openwrt/0007-vxlan-fix-rsc-config-option.patch b/build_patches/openwrt/0007-vxlan-fix-rsc-config-option.patch new file mode 100644 index 00000000..d78d8dcf --- /dev/null +++ b/build_patches/openwrt/0007-vxlan-fix-rsc-config-option.patch @@ -0,0 +1,37 @@ +From: Hans Dedecker +Date: Thu, 24 Sep 2020 22:04:39 +0200 +Subject: vxlan: fix rsc config option + +Fix route short circuit config option; fixes commit 036221ce5a899eb99ef1c1623fc9460af00a69e7 + +Signed-off-by: Hans Dedecker +(cherry picked from commit ad3044c424510668dd318c6a48c0b56bfba3c2da) + +diff --git a/package/network/config/vxlan/Makefile b/package/network/config/vxlan/Makefile +index eb053bf1118dd300db549906bfd474a19f5e3752..0b4d6713f9e1cfcad9f4c94272f8dc9192b7f3b4 100644 +--- a/package/network/config/vxlan/Makefile ++++ b/package/network/config/vxlan/Makefile +@@ -1,7 +1,7 @@ + include $(TOPDIR)/rules.mk + + PKG_NAME:=vxlan +-PKG_RELEASE:=5 ++PKG_RELEASE:=6 + PKG_LICENSE:=GPL-2.0 + + include $(INCLUDE_DIR)/package.mk +diff --git a/package/network/config/vxlan/files/vxlan.sh b/package/network/config/vxlan/files/vxlan.sh +index 8b3a0a53d47c675fcf89981061a250b5f526df3e..5c1c484c47f7fb48f1cb705b200d589df77a60f6 100755 +--- a/package/network/config/vxlan/files/vxlan.sh ++++ b/package/network/config/vxlan/files/vxlan.sh +@@ -59,8 +59,8 @@ vxlan_generic_setup() { + + local link="$cfg" + +- local port vid ttl tos mtu macaddr zone rxcsum txcsum srcportmin srcportmax ageing maxaddress learning proxy l2miss l3miss gbp +- json_get_vars port vid ttl tos mtu macaddr zone rxcsum txcsum srcportmin srcportmax ageing maxaddress learning proxy l2miss l3miss gbp ++ local port vid ttl tos mtu macaddr zone rxcsum txcsum srcportmin srcportmax ageing maxaddress learning rsc proxy l2miss l3miss gbp ++ json_get_vars port vid ttl tos mtu macaddr zone rxcsum txcsum srcportmin srcportmax ageing maxaddress learning rsc proxy l2miss l3miss gbp + + proto_init_update "$link" 1 + diff --git a/build_patches/openwrt/0008-vxlan-allow-for-dynamic-source-ip-selection-FS-3426.patch b/build_patches/openwrt/0008-vxlan-allow-for-dynamic-source-ip-selection-FS-3426.patch new file mode 100644 index 00000000..b539882c --- /dev/null +++ b/build_patches/openwrt/0008-vxlan-allow-for-dynamic-source-ip-selection-FS-3426.patch @@ -0,0 +1,101 @@ +From: Johannes Kimmel +Date: Tue, 15 Dec 2020 00:31:52 +0100 +Subject: vxlan: allow for dynamic source ip selection (FS#3426) + +By setting 'auto', the zero address or the empty string as source +address (option ipaddr, option ip6addr), vxlan will choose one +dynamically. This helps in setups where a wan ip or prefix changes. + +This corresponse to setting up an vxlan tunnel with: + +proto vxlan6: + # ip link add vx0 type vxlan id ID local :: ... +proto vxlan: + # ip link add vx0 type vxlan id ID local 0.0.0.0 ... + +While it is possible to not specify a source ip at all, the kernel will +default to setting up a ipv4 tunnel. The kernel will take any hint from +source and peer ips to figure out, what tunnel type to use. To make sure +we setup an ipv6 tunnel for proto vxlan6, this workaround is needed. + +This will not change the behaviour of currently working configurations. +However this will allow former broken configurations, namely those not +specifying both a source address and tunnel interface, to setup a +tunnel interface. Previously those configurations weren't reporting an +error and were stueck in a setup loop like in Bug FS#3426. + +This change lifts the currently very strict behaviour and should fix the +following bug: + +Fixes: FS#3426 +Ref: https://bugs.openwrt.org/index.php?do=details&task_id=3426 + +Signed-off-by: Johannes Kimmel +(cherry picked from commit 3f5619f259de42af4404e0e36d11df4adcef9f5e) + +diff --git a/package/network/config/vxlan/Makefile b/package/network/config/vxlan/Makefile +index 0b4d6713f9e1cfcad9f4c94272f8dc9192b7f3b4..97972d6d85bddc56d1575088d3966ae6899f06da 100644 +--- a/package/network/config/vxlan/Makefile ++++ b/package/network/config/vxlan/Makefile +@@ -1,7 +1,7 @@ + include $(TOPDIR)/rules.mk + + PKG_NAME:=vxlan +-PKG_RELEASE:=6 ++PKG_RELEASE:=7 + PKG_LICENSE:=GPL-2.0 + + include $(INCLUDE_DIR)/package.mk +diff --git a/package/network/config/vxlan/files/vxlan.sh b/package/network/config/vxlan/files/vxlan.sh +index 5c1c484c47f7fb48f1cb705b200d589df77a60f6..a087c4a3ce2ca42a6b8d43b2254d0ea7379c0936 100755 +--- a/package/network/config/vxlan/files/vxlan.sh ++++ b/package/network/config/vxlan/files/vxlan.sh +@@ -114,18 +114,11 @@ proto_vxlan_setup() { + + ( proto_add_host_dependency "$cfg" '' "$tunlink" ) + +- [ -z "$ipaddr" ] && { +- local wanif="$tunlink" +- if [ -z "$wanif" ] && ! network_find_wan wanif; then +- proto_notify_error "$cfg" "NO_WAN_LINK" +- exit +- fi +- +- if ! network_get_ipaddr ipaddr "$wanif"; then +- proto_notify_error "$cfg" "NO_WAN_LINK" +- exit +- fi +- } ++ case "$ipaddr" in ++ "auto"|"") ++ ipaddr="0.0.0.0" ++ ;; ++ esac + + vxlan_generic_setup "$cfg" 'vxlan' "$ipaddr" "$peeraddr" + } +@@ -138,18 +131,12 @@ proto_vxlan6_setup() { + + ( proto_add_host_dependency "$cfg" '' "$tunlink" ) + +- [ -z "$ip6addr" ] && { +- local wanif="$tunlink" +- if [ -z "$wanif" ] && ! network_find_wan6 wanif; then +- proto_notify_error "$cfg" "NO_WAN_LINK" +- exit +- fi +- +- if ! network_get_ipaddr6 ip6addr "$wanif"; then +- proto_notify_error "$cfg" "NO_WAN_LINK" +- exit +- fi +- } ++ case "$ip6addr" in ++ "auto"|"") ++ # ensure tunnel via ipv6 ++ ip6addr="::" ++ ;; ++ esac + + vxlan_generic_setup "$cfg" 'vxlan6' "$ip6addr" "$peer6addr" + } diff --git a/build_patches/openwrt/0009-netifd-backport-vxlan-patches.patch b/build_patches/openwrt/0009-netifd-backport-vxlan-patches.patch new file mode 100644 index 00000000..2de92b97 --- /dev/null +++ b/build_patches/openwrt/0009-netifd-backport-vxlan-patches.patch @@ -0,0 +1,324 @@ +From: Johannes Kimmel +Date: Fri, 1 Jan 2021 09:55:25 +0100 +Subject: netifd: backport vxlan patches + +Signed-off-by: Johannes Kimmel +[refresh patches] +Signed-off-by: Adrian Schmutzler + +diff --git a/package/network/config/netifd/patches/0001-netifd-vxlan-handle-srcport-range.patch b/package/network/config/netifd/patches/0001-netifd-vxlan-handle-srcport-range.patch +new file mode 100644 +index 0000000000000000000000000000000000000000..0b803aca8bebe33ad47f7e441bc9aa36d42b0aea +--- /dev/null ++++ b/package/network/config/netifd/patches/0001-netifd-vxlan-handle-srcport-range.patch +@@ -0,0 +1,89 @@ ++From a3c033e2afc289672e0ed4b8d8a835d509715af8 Mon Sep 17 00:00:00 2001 ++From: Johannes Kimmel ++Date: Fri, 4 Sep 2020 04:59:40 +0200 ++Subject: [PATCH 1/4] netifd: vxlan: handle srcport range ++ ++This adds adds the ability to set the source port range for vxlan ++interfaces. ++ ++By default vxlans will use a random port within the ephermal range as ++source ports for packets. This is done to aid scaleability within a ++datacenter. ++ ++But with these defaults it's impossible to punch through NATs or ++traverese most stateful firewalls easily. One solution is to fix the ++srcport to the same as dstport. ++ ++If only srcportmin is specified, then srcportmax is set in a way that ++outgoing packets will only use srcportmin. ++ ++If a range is to be specified, srcportmin and srcportmax have to be ++specified. srcportmax is exclusive. ++ ++If only srcportmax is specified, the value is ignored and defaults are ++used. ++ ++Signed-off-by: Johannes Kimmel ++--- ++ system-linux.c | 26 ++++++++++++++++++++++++++ ++ system.c | 2 ++ ++ system.h | 2 ++ ++ 3 files changed, 30 insertions(+) ++ ++--- a/system-linux.c +++++ b/system-linux.c ++@@ -3062,6 +3062,32 @@ static int system_add_vxlan(const char * ++ } ++ nla_put_u16(msg, IFLA_VXLAN_PORT, htons(port)); ++ +++ if ((cur = tb_data[VXLAN_DATA_ATTR_SRCPORTMIN])) { +++ struct ifla_vxlan_port_range srcports = {0,0}; +++ +++ uint32_t low = blobmsg_get_u32(cur); +++ if (low < 1 || low > 65535 - 1) { +++ ret = -EINVAL; +++ goto failure; +++ } +++ +++ srcports.low = htons((uint16_t) low); +++ srcports.high = htons((uint16_t) (low+1)); +++ +++ if ((cur = tb_data[VXLAN_DATA_ATTR_SRCPORTMAX])) { +++ uint32_t high = blobmsg_get_u32(cur); +++ if (high < 1 || high > 65535) { +++ ret = -EINVAL; +++ goto failure; +++ } +++ +++ if (high > low) +++ srcports.high = htons((uint16_t) high); +++ } +++ +++ nla_put(msg, IFLA_VXLAN_PORT_RANGE, sizeof(srcports), &srcports); +++ } +++ ++ if ((cur = tb_data[VXLAN_DATA_ATTR_RXCSUM])) { ++ bool rxcsum = blobmsg_get_bool(cur); ++ nla_put_u8(msg, IFLA_VXLAN_UDP_ZERO_CSUM6_RX, !rxcsum); ++--- a/system.c +++++ b/system.c ++@@ -38,6 +38,8 @@ static const struct blobmsg_policy vxlan ++ [VXLAN_DATA_ATTR_MACADDR] = { .name = "macaddr", .type = BLOBMSG_TYPE_STRING }, ++ [VXLAN_DATA_ATTR_RXCSUM] = { .name = "rxcsum", .type = BLOBMSG_TYPE_BOOL }, ++ [VXLAN_DATA_ATTR_TXCSUM] = { .name = "txcsum", .type = BLOBMSG_TYPE_BOOL }, +++ [VXLAN_DATA_ATTR_SRCPORTMIN] = { .name = "srcportmin", .type = BLOBMSG_TYPE_INT32 }, +++ [VXLAN_DATA_ATTR_SRCPORTMAX] = { .name = "srcportmax", .type = BLOBMSG_TYPE_INT32 }, ++ }; ++ ++ const struct uci_blob_param_list vxlan_data_attr_list = { ++--- a/system.h +++++ b/system.h ++@@ -43,6 +43,8 @@ enum vxlan_data { ++ VXLAN_DATA_ATTR_MACADDR, ++ VXLAN_DATA_ATTR_RXCSUM, ++ VXLAN_DATA_ATTR_TXCSUM, +++ VXLAN_DATA_ATTR_SRCPORTMIN, +++ VXLAN_DATA_ATTR_SRCPORTMAX, ++ __VXLAN_DATA_ATTR_MAX ++ }; ++ +diff --git a/package/network/config/netifd/patches/0002-netifd-vxlan-refactor-mapping-of-boolean-attrs.patch b/package/network/config/netifd/patches/0002-netifd-vxlan-refactor-mapping-of-boolean-attrs.patch +new file mode 100644 +index 0000000000000000000000000000000000000000..3c60665354a52159566826bbedf59964077205d5 +--- /dev/null ++++ b/package/network/config/netifd/patches/0002-netifd-vxlan-refactor-mapping-of-boolean-attrs.patch +@@ -0,0 +1,54 @@ ++From 226566b967dc4ef4d83ed7844b8ad746f4306f8d Mon Sep 17 00:00:00 2001 ++From: Johannes Kimmel ++Date: Fri, 4 Sep 2020 04:59:41 +0200 ++Subject: [PATCH 2/4] netifd: vxlan: refactor mapping of boolean attrs ++ ++Add a small function to handle boolean options and make use of it to handle: ++ - rxcsum ++ - txcsum ++ ++Signed-off-by: Johannes Kimmel ++--- ++ system-linux.c | 24 ++++++++++++++---------- ++ 1 file changed, 14 insertions(+), 10 deletions(-) ++ ++--- a/system-linux.c +++++ b/system-linux.c ++@@ -2951,6 +2951,17 @@ failure: ++ #endif ++ ++ #ifdef IFLA_VXLAN_MAX +++static void system_vxlan_map_bool_attr(struct nl_msg *msg, struct blob_attr **tb_data, int attrtype, int vxlandatatype, bool invert) { +++ struct blob_attr *cur; +++ if ((cur = tb_data[vxlandatatype])) { +++ bool val = blobmsg_get_bool(cur); +++ if (invert) { +++ val = !val; +++ } +++ nla_put_u8(msg, attrtype, val); +++ } +++} +++ ++ static int system_add_vxlan(const char *name, const unsigned int link, struct blob_attr **tb, bool v6) ++ { ++ struct blob_attr *tb_data[__VXLAN_DATA_ATTR_MAX]; ++@@ -3088,16 +3099,9 @@ static int system_add_vxlan(const char * ++ nla_put(msg, IFLA_VXLAN_PORT_RANGE, sizeof(srcports), &srcports); ++ } ++ ++- if ((cur = tb_data[VXLAN_DATA_ATTR_RXCSUM])) { ++- bool rxcsum = blobmsg_get_bool(cur); ++- nla_put_u8(msg, IFLA_VXLAN_UDP_ZERO_CSUM6_RX, !rxcsum); ++- } ++- ++- if ((cur = tb_data[VXLAN_DATA_ATTR_TXCSUM])) { ++- bool txcsum = blobmsg_get_bool(cur); ++- nla_put_u8(msg, IFLA_VXLAN_UDP_CSUM, txcsum); ++- nla_put_u8(msg, IFLA_VXLAN_UDP_ZERO_CSUM6_TX, !txcsum); ++- } +++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_UDP_CSUM, VXLAN_DATA_ATTR_TXCSUM, false); +++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_UDP_ZERO_CSUM6_RX, VXLAN_DATA_ATTR_RXCSUM, true); +++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_UDP_ZERO_CSUM6_TX, VXLAN_DATA_ATTR_TXCSUM, true); ++ ++ if ((cur = tb[TUNNEL_ATTR_TOS])) { ++ char *str = blobmsg_get_string(cur); +diff --git a/package/network/config/netifd/patches/0003-netifd-vxlan-add-most-missing-boolean-options.patch b/package/network/config/netifd/patches/0003-netifd-vxlan-add-most-missing-boolean-options.patch +new file mode 100644 +index 0000000000000000000000000000000000000000..693e92b9f6b50f20d8fd220c196440d7bf894eb9 +--- /dev/null ++++ b/package/network/config/netifd/patches/0003-netifd-vxlan-add-most-missing-boolean-options.patch +@@ -0,0 +1,93 @@ ++From 11223f5550f7dd8faefb85441065b682be16e61f Mon Sep 17 00:00:00 2001 ++From: Johannes Kimmel ++Date: Fri, 4 Sep 2020 04:59:42 +0200 ++Subject: [PATCH 3/4] netifd: vxlan: add most missing boolean options ++ ++adds the folloing missing options: ++ - learning ++ - rsc ++ - proxy ++ - l2miss ++ - l3miss ++ - gbp ++ ++See ip-link(3) for their meaning. ++ ++still missing: ++ - external ++ - gpe ++ ++I'm not sure how to handle them at the moment. It's unclear to me what ++IFLA_VXLAN_* value corresponds to the 'external' option and according to ++the manpage, gpe depends on it. ++ ++Signed-off-by: Johannes Kimmel ++--- ++ system-linux.c | 16 +++++++++++++--- ++ system.c | 6 ++++++ ++ system.h | 6 ++++++ ++ 3 files changed, 25 insertions(+), 3 deletions(-) ++ ++--- a/system-linux.c +++++ b/system-linux.c ++@@ -2955,10 +2955,14 @@ static void system_vxlan_map_bool_attr(s ++ struct blob_attr *cur; ++ if ((cur = tb_data[vxlandatatype])) { ++ bool val = blobmsg_get_bool(cur); ++- if (invert) { +++ if (invert) ++ val = !val; ++- } ++- nla_put_u8(msg, attrtype, val); +++ +++ if ((attrtype == IFLA_VXLAN_GBP) && val) +++ nla_put_flag(msg, attrtype); +++ else +++ nla_put_u8(msg, attrtype, val); +++ ++ } ++ } ++ ++@@ -3102,6 +3106,12 @@ static int system_add_vxlan(const char * ++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_UDP_CSUM, VXLAN_DATA_ATTR_TXCSUM, false); ++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_UDP_ZERO_CSUM6_RX, VXLAN_DATA_ATTR_RXCSUM, true); ++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_UDP_ZERO_CSUM6_TX, VXLAN_DATA_ATTR_TXCSUM, true); +++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_LEARNING, VXLAN_DATA_ATTR_LEARNING, false); +++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_RSC , VXLAN_DATA_ATTR_RSC, false); +++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_PROXY , VXLAN_DATA_ATTR_PROXY, false); +++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_L2MISS , VXLAN_DATA_ATTR_L2MISS, false); +++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_L3MISS , VXLAN_DATA_ATTR_L3MISS, false); +++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_GBP , VXLAN_DATA_ATTR_GBP, false); ++ ++ if ((cur = tb[TUNNEL_ATTR_TOS])) { ++ char *str = blobmsg_get_string(cur); ++--- a/system.c +++++ b/system.c ++@@ -40,6 +40,12 @@ static const struct blobmsg_policy vxlan ++ [VXLAN_DATA_ATTR_TXCSUM] = { .name = "txcsum", .type = BLOBMSG_TYPE_BOOL }, ++ [VXLAN_DATA_ATTR_SRCPORTMIN] = { .name = "srcportmin", .type = BLOBMSG_TYPE_INT32 }, ++ [VXLAN_DATA_ATTR_SRCPORTMAX] = { .name = "srcportmax", .type = BLOBMSG_TYPE_INT32 }, +++ [VXLAN_DATA_ATTR_LEARNING] = { .name = "learning", .type = BLOBMSG_TYPE_BOOL }, +++ [VXLAN_DATA_ATTR_RSC] = { .name = "rsc", .type = BLOBMSG_TYPE_BOOL }, +++ [VXLAN_DATA_ATTR_PROXY] = { .name = "proxy", .type = BLOBMSG_TYPE_BOOL }, +++ [VXLAN_DATA_ATTR_L2MISS] = { .name = "l2miss", .type = BLOBMSG_TYPE_BOOL }, +++ [VXLAN_DATA_ATTR_L3MISS] = { .name = "l3miss", .type = BLOBMSG_TYPE_BOOL }, +++ [VXLAN_DATA_ATTR_GBP] = { .name = "gbp", .type = BLOBMSG_TYPE_BOOL }, ++ }; ++ ++ const struct uci_blob_param_list vxlan_data_attr_list = { ++--- a/system.h +++++ b/system.h ++@@ -45,6 +45,12 @@ enum vxlan_data { ++ VXLAN_DATA_ATTR_TXCSUM, ++ VXLAN_DATA_ATTR_SRCPORTMIN, ++ VXLAN_DATA_ATTR_SRCPORTMAX, +++ VXLAN_DATA_ATTR_LEARNING, +++ VXLAN_DATA_ATTR_RSC, +++ VXLAN_DATA_ATTR_PROXY, +++ VXLAN_DATA_ATTR_L2MISS, +++ VXLAN_DATA_ATTR_L3MISS, +++ VXLAN_DATA_ATTR_GBP, ++ __VXLAN_DATA_ATTR_MAX ++ }; ++ +diff --git a/package/network/config/netifd/patches/0004-netifd-vxlan-add-aging-and-maxaddress-options.patch b/package/network/config/netifd/patches/0004-netifd-vxlan-add-aging-and-maxaddress-options.patch +new file mode 100644 +index 0000000000000000000000000000000000000000..8a2b4424fe282492ecf64522ecf3d1b3ba106bbb +--- /dev/null ++++ b/package/network/config/netifd/patches/0004-netifd-vxlan-add-aging-and-maxaddress-options.patch +@@ -0,0 +1,56 @@ ++From 55a7b6b7f2f773c06a79cb7359ffdab54ba32450 Mon Sep 17 00:00:00 2001 ++From: Johannes Kimmel ++Date: Fri, 4 Sep 2020 04:59:43 +0200 ++Subject: [PATCH 4/4] netifd: vxlan: add aging and maxaddress options ++ ++For both options the values can just be passed to the kernel. All ++unsigned values are accepted, thus no range checking required. ++ ++Signed-off-by: Johannes Kimmel ++--- ++ system-linux.c | 10 ++++++++++ ++ system.c | 2 ++ ++ system.h | 2 ++ ++ 3 files changed, 14 insertions(+) ++ ++--- a/system-linux.c +++++ b/system-linux.c ++@@ -3113,6 +3113,16 @@ static int system_add_vxlan(const char * ++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_L3MISS , VXLAN_DATA_ATTR_L3MISS, false); ++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_GBP , VXLAN_DATA_ATTR_GBP, false); ++ +++ if ((cur = tb_data[VXLAN_DATA_ATTR_AGEING])) { +++ uint32_t ageing = blobmsg_get_u32(cur); +++ nla_put_u32(msg, IFLA_VXLAN_AGEING, ageing); +++ } +++ +++ if ((cur = tb_data[VXLAN_DATA_ATTR_LIMIT])) { +++ uint32_t maxaddress = blobmsg_get_u32(cur); +++ nla_put_u32(msg, IFLA_VXLAN_LIMIT, maxaddress); +++ } +++ ++ if ((cur = tb[TUNNEL_ATTR_TOS])) { ++ char *str = blobmsg_get_string(cur); ++ unsigned tos = 1; ++--- a/system.c +++++ b/system.c ++@@ -46,6 +46,8 @@ static const struct blobmsg_policy vxlan ++ [VXLAN_DATA_ATTR_L2MISS] = { .name = "l2miss", .type = BLOBMSG_TYPE_BOOL }, ++ [VXLAN_DATA_ATTR_L3MISS] = { .name = "l3miss", .type = BLOBMSG_TYPE_BOOL }, ++ [VXLAN_DATA_ATTR_GBP] = { .name = "gbp", .type = BLOBMSG_TYPE_BOOL }, +++ [VXLAN_DATA_ATTR_AGEING] = { .name = "ageing", .type = BLOBMSG_TYPE_INT32 }, +++ [VXLAN_DATA_ATTR_LIMIT] = { .name = "maxaddress", .type = BLOBMSG_TYPE_INT32 }, ++ }; ++ ++ const struct uci_blob_param_list vxlan_data_attr_list = { ++--- a/system.h +++++ b/system.h ++@@ -51,6 +51,8 @@ enum vxlan_data { ++ VXLAN_DATA_ATTR_L2MISS, ++ VXLAN_DATA_ATTR_L3MISS, ++ VXLAN_DATA_ATTR_GBP, +++ VXLAN_DATA_ATTR_AGEING, +++ VXLAN_DATA_ATTR_LIMIT, ++ __VXLAN_DATA_ATTR_MAX ++ }; ++