diff --git a/build_patches/openwrt/0013-vxlan-remove-mandatory-peeraddr.patch b/build_patches/openwrt/0004-vxlan-remove-mandatory-peeraddr.patch similarity index 80% rename from build_patches/openwrt/0013-vxlan-remove-mandatory-peeraddr.patch rename to build_patches/openwrt/0004-vxlan-remove-mandatory-peeraddr.patch index 0ae6e3b..d782889 100644 --- a/build_patches/openwrt/0013-vxlan-remove-mandatory-peeraddr.patch +++ b/build_patches/openwrt/0004-vxlan-remove-mandatory-peeraddr.patch @@ -1,6 +1,7 @@ +From 5222aadbf353b7cc030c39aa816f33951b104552 Mon Sep 17 00:00:00 2001 From: Johannes Kimmel Date: Mon, 20 Jul 2020 08:05:09 +0200 -Subject: vxlan: remove mandatory peeraddr +Subject: [PATCH 4/8] vxlan: remove mandatory peeraddr vxlan can be configured without a peer address. This is used to prepare an interface and add peers later. @@ -9,10 +10,12 @@ Fixes: FS#2743 Signed-off-by: Johannes Kimmel Acked-by: Matthias Schiffer -(cherry picked from commit 5222aadbf353b7cc030c39aa816f33951b104552) +--- + package/network/config/vxlan/files/vxlan.sh | 12 ------------ + 1 file changed, 12 deletions(-) diff --git a/package/network/config/vxlan/files/vxlan.sh b/package/network/config/vxlan/files/vxlan.sh -index 7b1c7039551b7781f5f7a8e73b964db698f3697b..bdcaa628c4416cc83258dd38a6fc0978ea55a3bb 100755 +index 7b1c703955..bdcaa628c4 100755 --- a/package/network/config/vxlan/files/vxlan.sh +++ b/package/network/config/vxlan/files/vxlan.sh @@ -55,12 +55,6 @@ proto_vxlan_setup() { @@ -41,3 +44,6 @@ index 7b1c7039551b7781f5f7a8e73b964db698f3697b..bdcaa628c4416cc83258dd38a6fc0978 ( proto_add_host_dependency "$cfg" '' "$tunlink" ) [ -z "$ip6addr" ] && { +-- +2.30.0 + diff --git a/build_patches/openwrt/0014-vxlan-add-capability-for-multiple-fdb-entries.patch b/build_patches/openwrt/0005-vxlan-add-capability-for-multiple-fdb-entries.patch similarity index 92% rename from build_patches/openwrt/0014-vxlan-add-capability-for-multiple-fdb-entries.patch rename to build_patches/openwrt/0005-vxlan-add-capability-for-multiple-fdb-entries.patch index 3e4567a..6987d63 100644 --- a/build_patches/openwrt/0014-vxlan-add-capability-for-multiple-fdb-entries.patch +++ b/build_patches/openwrt/0005-vxlan-add-capability-for-multiple-fdb-entries.patch @@ -1,6 +1,7 @@ +From 65e9de3c333bae1ccef1dfb0cc008ad6f13958e4 Mon Sep 17 00:00:00 2001 From: Johannes Kimmel Date: Mon, 20 Jul 2020 08:05:10 +0200 -Subject: vxlan: add capability for multiple fdb entries +Subject: [PATCH 5/8] vxlan: add capability for multiple fdb entries Similar to wireguard, vxlan can configure multiple peers or add specific entries to the fdb for a single mac address. @@ -69,10 +70,13 @@ All available peer options for completeness: option src_vni '123' # see man 3 bridge Signed-off-by: Johannes Kimmel -(cherry picked from commit 65e9de3c333bae1ccef1dfb0cc008ad6f13958e4) +--- + package/network/config/vxlan/Makefile | 2 +- + package/network/config/vxlan/files/vxlan.sh | 48 ++++++++++++++++++++- + 2 files changed, 48 insertions(+), 2 deletions(-) diff --git a/package/network/config/vxlan/Makefile b/package/network/config/vxlan/Makefile -index 13fcf0c55d07d97f5dcc3cbfcf2478020e7107cc..7232f71b45e6f72f2c62a245ad44cb9ade144f52 100644 +index 13fcf0c55d..7232f71b45 100644 --- a/package/network/config/vxlan/Makefile +++ b/package/network/config/vxlan/Makefile @@ -1,7 +1,7 @@ @@ -85,7 +89,7 @@ index 13fcf0c55d07d97f5dcc3cbfcf2478020e7107cc..7232f71b45e6f72f2c62a245ad44cb9a include $(INCLUDE_DIR)/package.mk diff --git a/package/network/config/vxlan/files/vxlan.sh b/package/network/config/vxlan/files/vxlan.sh -index bdcaa628c4416cc83258dd38a6fc0978ea55a3bb..d063c47d47d0f4e339b21e97f4e25f55a33c0497 100755 +index bdcaa628c4..d063c47d47 100755 --- a/package/network/config/vxlan/files/vxlan.sh +++ b/package/network/config/vxlan/files/vxlan.sh @@ -7,6 +7,50 @@ @@ -157,3 +161,6 @@ index bdcaa628c4416cc83258dd38a6fc0978ea55a3bb..d063c47d47d0f4e339b21e97f4e25f55 } proto_vxlan_setup() { +-- +2.30.0 + diff --git a/build_patches/openwrt/0006-vxlan-add-extra-config-options.patch b/build_patches/openwrt/0006-vxlan-add-extra-config-options.patch new file mode 100644 index 0000000..b3cb3a8 --- /dev/null +++ b/build_patches/openwrt/0006-vxlan-add-extra-config-options.patch @@ -0,0 +1,97 @@ +From 036221ce5a899eb99ef1c1623fc9460af00a69e7 Mon Sep 17 00:00:00 2001 +From: Hans Dedecker +Date: Mon, 14 Sep 2020 21:55:01 +0200 +Subject: [PATCH 6/8] vxlan: add extra config options + +Add config options: + srcportmin/srcportmax : range of port numbers to use as UDP source ports + to communicate to the remote VXLAN tunnel endpoint + ageing : lifetime in seconds of FDB entries learnt by the kernel + maxaddress : maximum number of FDB entries + learning : enable/disable entering unknown source link layer addresses + and IP addresses into the VXLAN device FDB. + rsc : enable/disable route short circuit + proxy : enable/disable ARP proxy + l2miss : enable/disable netlink LLADDR miss notifications + l3miss : enable/disable netlink IP ADDR miss notifications + gbp : enable/disable the Group Policy extension + +Signed-off-by: Hans Dedecker +--- + package/network/config/vxlan/Makefile | 2 +- + package/network/config/vxlan/files/vxlan.sh | 26 +++++++++++++++++++-- + 2 files changed, 25 insertions(+), 3 deletions(-) + +diff --git a/package/network/config/vxlan/Makefile b/package/network/config/vxlan/Makefile +index 7232f71b45..eb053bf111 100644 +--- a/package/network/config/vxlan/Makefile ++++ b/package/network/config/vxlan/Makefile +@@ -1,7 +1,7 @@ + include $(TOPDIR)/rules.mk + + PKG_NAME:=vxlan +-PKG_RELEASE:=4 ++PKG_RELEASE:=5 + PKG_LICENSE:=GPL-2.0 + + include $(INCLUDE_DIR)/package.mk +diff --git a/package/network/config/vxlan/files/vxlan.sh b/package/network/config/vxlan/files/vxlan.sh +index d063c47d47..8b3a0a53d4 100755 +--- a/package/network/config/vxlan/files/vxlan.sh ++++ b/package/network/config/vxlan/files/vxlan.sh +@@ -59,8 +59,8 @@ vxlan_generic_setup() { + + local link="$cfg" + +- local port vid ttl tos mtu macaddr zone rxcsum txcsum +- json_get_vars port vid ttl tos mtu macaddr zone rxcsum txcsum ++ local port vid ttl tos mtu macaddr zone rxcsum txcsum srcportmin srcportmax ageing maxaddress learning proxy l2miss l3miss gbp ++ json_get_vars port vid ttl tos mtu macaddr zone rxcsum txcsum srcportmin srcportmax ageing maxaddress learning proxy l2miss l3miss gbp + + proto_init_update "$link" 1 + +@@ -78,9 +78,20 @@ vxlan_generic_setup() { + json_add_object 'data' + [ -n "$port" ] && json_add_int port "$port" + [ -n "$vid" ] && json_add_int id "$vid" ++ [ -n "$srcportmin" ] && json_add_int srcportmin "$srcportmin" ++ [ -n "$srcportmax" ] && json_add_int srcportmax "$srcportmax" ++ [ -n "$ageing" ] && json_add_int ageing "$ageing" ++ [ -n "$maxaddress" ] && json_add_int maxaddress "$maxaddress" + [ -n "$macaddr" ] && json_add_string macaddr "$macaddr" + [ -n "$rxcsum" ] && json_add_boolean rxcsum "$rxcsum" + [ -n "$txcsum" ] && json_add_boolean txcsum "$txcsum" ++ [ -n "$learning" ] && json_add_boolean learning "$learning" ++ [ -n "$rsc" ] && json_add_boolean rsc "$rsc" ++ [ -n "$proxy" ] && json_add_boolean proxy "$proxy" ++ [ -n "$l2miss" ] && json_add_boolean l2miss "$l2miss" ++ [ -n "$l3miss" ] && json_add_boolean l3miss "$l3miss" ++ [ -n "$gbp" ] && json_add_boolean gbp "$gbp" ++ + json_close_object + + proto_close_tunnel +@@ -163,9 +174,20 @@ vxlan_generic_init_config() { + proto_config_add_int "ttl" + proto_config_add_int "tos" + proto_config_add_int "mtu" ++ proto_config_add_int "srcportmin" ++ proto_config_add_int "srcportmax" ++ proto_config_add_int "ageing" ++ proto_config_add_int "maxaddress" + proto_config_add_boolean "rxcsum" + proto_config_add_boolean "txcsum" ++ proto_config_add_boolean "learning" ++ proto_config_add_boolean "rsc" ++ proto_config_add_boolean "proxy" ++ proto_config_add_boolean "l2miss" ++ proto_config_add_boolean "l3miss" ++ proto_config_add_boolean "gbp" + proto_config_add_string "macaddr" ++ + } + + proto_vxlan_init_config() { +-- +2.30.0 + diff --git a/build_patches/openwrt/0007-vxlan-fix-rsc-config-option.patch b/build_patches/openwrt/0007-vxlan-fix-rsc-config-option.patch new file mode 100644 index 0000000..ef937b1 --- /dev/null +++ b/build_patches/openwrt/0007-vxlan-fix-rsc-config-option.patch @@ -0,0 +1,44 @@ +From ad3044c424510668dd318c6a48c0b56bfba3c2da Mon Sep 17 00:00:00 2001 +From: Hans Dedecker +Date: Thu, 24 Sep 2020 22:04:39 +0200 +Subject: [PATCH 7/8] vxlan: fix rsc config option + +Fix route short circuit config option; fixes commit 036221ce5a899eb99ef1c1623fc9460af00a69e7 + +Signed-off-by: Hans Dedecker +--- + package/network/config/vxlan/Makefile | 2 +- + package/network/config/vxlan/files/vxlan.sh | 4 ++-- + 2 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/package/network/config/vxlan/Makefile b/package/network/config/vxlan/Makefile +index eb053bf111..0b4d6713f9 100644 +--- a/package/network/config/vxlan/Makefile ++++ b/package/network/config/vxlan/Makefile +@@ -1,7 +1,7 @@ + include $(TOPDIR)/rules.mk + + PKG_NAME:=vxlan +-PKG_RELEASE:=5 ++PKG_RELEASE:=6 + PKG_LICENSE:=GPL-2.0 + + include $(INCLUDE_DIR)/package.mk +diff --git a/package/network/config/vxlan/files/vxlan.sh b/package/network/config/vxlan/files/vxlan.sh +index 8b3a0a53d4..5c1c484c47 100755 +--- a/package/network/config/vxlan/files/vxlan.sh ++++ b/package/network/config/vxlan/files/vxlan.sh +@@ -59,8 +59,8 @@ vxlan_generic_setup() { + + local link="$cfg" + +- local port vid ttl tos mtu macaddr zone rxcsum txcsum srcportmin srcportmax ageing maxaddress learning proxy l2miss l3miss gbp +- json_get_vars port vid ttl tos mtu macaddr zone rxcsum txcsum srcportmin srcportmax ageing maxaddress learning proxy l2miss l3miss gbp ++ local port vid ttl tos mtu macaddr zone rxcsum txcsum srcportmin srcportmax ageing maxaddress learning rsc proxy l2miss l3miss gbp ++ json_get_vars port vid ttl tos mtu macaddr zone rxcsum txcsum srcportmin srcportmax ageing maxaddress learning rsc proxy l2miss l3miss gbp + + proto_init_update "$link" 1 + +-- +2.30.0 + diff --git a/build_patches/openwrt/0008-vxlan-allow-for-dynamic-source-ip-selection-FS-3426.patch b/build_patches/openwrt/0008-vxlan-allow-for-dynamic-source-ip-selection-FS-3426.patch new file mode 100644 index 0000000..2baebf8 --- /dev/null +++ b/build_patches/openwrt/0008-vxlan-allow-for-dynamic-source-ip-selection-FS-3426.patch @@ -0,0 +1,108 @@ +From 3f5619f259de42af4404e0e36d11df4adcef9f5e Mon Sep 17 00:00:00 2001 +From: Johannes Kimmel +Date: Tue, 15 Dec 2020 00:31:52 +0100 +Subject: [PATCH 8/8] vxlan: allow for dynamic source ip selection (FS#3426) + +By setting 'auto', the zero address or the empty string as source +address (option ipaddr, option ip6addr), vxlan will choose one +dynamically. This helps in setups where a wan ip or prefix changes. + +This corresponse to setting up an vxlan tunnel with: + +proto vxlan6: + # ip link add vx0 type vxlan id ID local :: ... +proto vxlan: + # ip link add vx0 type vxlan id ID local 0.0.0.0 ... + +While it is possible to not specify a source ip at all, the kernel will +default to setting up a ipv4 tunnel. The kernel will take any hint from +source and peer ips to figure out, what tunnel type to use. To make sure +we setup an ipv6 tunnel for proto vxlan6, this workaround is needed. + +This will not change the behaviour of currently working configurations. +However this will allow former broken configurations, namely those not +specifying both a source address and tunnel interface, to setup a +tunnel interface. Previously those configurations weren't reporting an +error and were stueck in a setup loop like in Bug FS#3426. + +This change lifts the currently very strict behaviour and should fix the +following bug: + +Fixes: FS#3426 +Ref: https://bugs.openwrt.org/index.php?do=details&task_id=3426 + +Signed-off-by: Johannes Kimmel +--- + package/network/config/vxlan/Makefile | 2 +- + package/network/config/vxlan/files/vxlan.sh | 35 +++++++-------------- + 2 files changed, 12 insertions(+), 25 deletions(-) + +diff --git a/package/network/config/vxlan/Makefile b/package/network/config/vxlan/Makefile +index 0b4d6713f9..97972d6d85 100644 +--- a/package/network/config/vxlan/Makefile ++++ b/package/network/config/vxlan/Makefile +@@ -1,7 +1,7 @@ + include $(TOPDIR)/rules.mk + + PKG_NAME:=vxlan +-PKG_RELEASE:=6 ++PKG_RELEASE:=7 + PKG_LICENSE:=GPL-2.0 + + include $(INCLUDE_DIR)/package.mk +diff --git a/package/network/config/vxlan/files/vxlan.sh b/package/network/config/vxlan/files/vxlan.sh +index 5c1c484c47..a087c4a3ce 100755 +--- a/package/network/config/vxlan/files/vxlan.sh ++++ b/package/network/config/vxlan/files/vxlan.sh +@@ -114,18 +114,11 @@ proto_vxlan_setup() { + + ( proto_add_host_dependency "$cfg" '' "$tunlink" ) + +- [ -z "$ipaddr" ] && { +- local wanif="$tunlink" +- if [ -z "$wanif" ] && ! network_find_wan wanif; then +- proto_notify_error "$cfg" "NO_WAN_LINK" +- exit +- fi +- +- if ! network_get_ipaddr ipaddr "$wanif"; then +- proto_notify_error "$cfg" "NO_WAN_LINK" +- exit +- fi +- } ++ case "$ipaddr" in ++ "auto"|"") ++ ipaddr="0.0.0.0" ++ ;; ++ esac + + vxlan_generic_setup "$cfg" 'vxlan' "$ipaddr" "$peeraddr" + } +@@ -138,18 +131,12 @@ proto_vxlan6_setup() { + + ( proto_add_host_dependency "$cfg" '' "$tunlink" ) + +- [ -z "$ip6addr" ] && { +- local wanif="$tunlink" +- if [ -z "$wanif" ] && ! network_find_wan6 wanif; then +- proto_notify_error "$cfg" "NO_WAN_LINK" +- exit +- fi +- +- if ! network_get_ipaddr6 ip6addr "$wanif"; then +- proto_notify_error "$cfg" "NO_WAN_LINK" +- exit +- fi +- } ++ case "$ip6addr" in ++ "auto"|"") ++ # ensure tunnel via ipv6 ++ ip6addr="::" ++ ;; ++ esac + + vxlan_generic_setup "$cfg" 'vxlan6' "$ip6addr" "$peer6addr" + } +-- +2.30.0 + diff --git a/build_patches/openwrt/0009-netifd-backport-vxlan-patches.patch b/build_patches/openwrt/0009-netifd-backport-vxlan-patches.patch new file mode 100644 index 0000000..6186181 --- /dev/null +++ b/build_patches/openwrt/0009-netifd-backport-vxlan-patches.patch @@ -0,0 +1,368 @@ +From 3b4d344d36327b551ba325e6ce87f905e374c7ca Mon Sep 17 00:00:00 2001 +From: Johannes Kimmel +Date: Fri, 1 Jan 2021 09:55:25 +0100 +Subject: [PATCH] netifd: backport vxlan patches + +Signed-off-by: Johannes Kimmel +--- + ...01-netifd-vxlan-handle-srcport-range.patch | 98 +++++++++++++++++ + ...an-refactor-mapping-of-boolean-attrs.patch | 59 ++++++++++ + ...lan-add-most-missing-boolean-options.patch | 102 ++++++++++++++++++ + ...lan-add-aging-and-maxaddress-options.patch | 65 +++++++++++ + 4 files changed, 324 insertions(+) + create mode 100644 package/network/config/netifd/patches/0001-netifd-vxlan-handle-srcport-range.patch + create mode 100644 package/network/config/netifd/patches/0002-netifd-vxlan-refactor-mapping-of-boolean-attrs.patch + create mode 100644 package/network/config/netifd/patches/0003-netifd-vxlan-add-most-missing-boolean-options.patch + create mode 100644 package/network/config/netifd/patches/0004-netifd-vxlan-add-aging-and-maxaddress-options.patch + +diff --git a/package/network/config/netifd/patches/0001-netifd-vxlan-handle-srcport-range.patch b/package/network/config/netifd/patches/0001-netifd-vxlan-handle-srcport-range.patch +new file mode 100644 +index 0000000000..e035fc65a1 +--- /dev/null ++++ b/package/network/config/netifd/patches/0001-netifd-vxlan-handle-srcport-range.patch +@@ -0,0 +1,98 @@ ++From a3c033e2afc289672e0ed4b8d8a835d509715af8 Mon Sep 17 00:00:00 2001 ++From: Johannes Kimmel ++Date: Fri, 4 Sep 2020 04:59:40 +0200 ++Subject: [PATCH 1/4] netifd: vxlan: handle srcport range ++ ++This adds adds the ability to set the source port range for vxlan ++interfaces. ++ ++By default vxlans will use a random port within the ephermal range as ++source ports for packets. This is done to aid scaleability within a ++datacenter. ++ ++But with these defaults it's impossible to punch through NATs or ++traverese most stateful firewalls easily. One solution is to fix the ++srcport to the same as dstport. ++ ++If only srcportmin is specified, then srcportmax is set in a way that ++outgoing packets will only use srcportmin. ++ ++If a range is to be specified, srcportmin and srcportmax have to be ++specified. srcportmax is exclusive. ++ ++If only srcportmax is specified, the value is ignored and defaults are ++used. ++ ++Signed-off-by: Johannes Kimmel ++--- ++ system-linux.c | 26 ++++++++++++++++++++++++++ ++ system.c | 2 ++ ++ system.h | 2 ++ ++ 3 files changed, 30 insertions(+) ++ ++diff --git a/system-linux.c b/system-linux.c ++index c5583e0..42f0de3 100644 ++--- a/system-linux.c +++++ b/system-linux.c ++@@ -3184,6 +3184,32 @@ static int system_add_vxlan(const char *name, const unsigned int link, struct bl ++ } ++ nla_put_u16(msg, IFLA_VXLAN_PORT, htons(port)); ++ +++ if ((cur = tb_data[VXLAN_DATA_ATTR_SRCPORTMIN])) { +++ struct ifla_vxlan_port_range srcports = {0,0}; +++ +++ uint32_t low = blobmsg_get_u32(cur); +++ if (low < 1 || low > 65535 - 1) { +++ ret = -EINVAL; +++ goto failure; +++ } +++ +++ srcports.low = htons((uint16_t) low); +++ srcports.high = htons((uint16_t) (low+1)); +++ +++ if ((cur = tb_data[VXLAN_DATA_ATTR_SRCPORTMAX])) { +++ uint32_t high = blobmsg_get_u32(cur); +++ if (high < 1 || high > 65535) { +++ ret = -EINVAL; +++ goto failure; +++ } +++ +++ if (high > low) +++ srcports.high = htons((uint16_t) high); +++ } +++ +++ nla_put(msg, IFLA_VXLAN_PORT_RANGE, sizeof(srcports), &srcports); +++ } +++ ++ if ((cur = tb_data[VXLAN_DATA_ATTR_RXCSUM])) { ++ bool rxcsum = blobmsg_get_bool(cur); ++ nla_put_u8(msg, IFLA_VXLAN_UDP_ZERO_CSUM6_RX, !rxcsum); ++diff --git a/system.c b/system.c ++index bbdfef7..4133e55 100644 ++--- a/system.c +++++ b/system.c ++@@ -38,6 +38,8 @@ static const struct blobmsg_policy vxlan_data_attrs[__VXLAN_DATA_ATTR_MAX] = { ++ [VXLAN_DATA_ATTR_MACADDR] = { .name = "macaddr", .type = BLOBMSG_TYPE_STRING }, ++ [VXLAN_DATA_ATTR_RXCSUM] = { .name = "rxcsum", .type = BLOBMSG_TYPE_BOOL }, ++ [VXLAN_DATA_ATTR_TXCSUM] = { .name = "txcsum", .type = BLOBMSG_TYPE_BOOL }, +++ [VXLAN_DATA_ATTR_SRCPORTMIN] = { .name = "srcportmin", .type = BLOBMSG_TYPE_INT32 }, +++ [VXLAN_DATA_ATTR_SRCPORTMAX] = { .name = "srcportmax", .type = BLOBMSG_TYPE_INT32 }, ++ }; ++ ++ const struct uci_blob_param_list vxlan_data_attr_list = { ++diff --git a/system.h b/system.h ++index 015987f..bf9e1d7 100644 ++--- a/system.h +++++ b/system.h ++@@ -44,6 +44,8 @@ enum vxlan_data { ++ VXLAN_DATA_ATTR_MACADDR, ++ VXLAN_DATA_ATTR_RXCSUM, ++ VXLAN_DATA_ATTR_TXCSUM, +++ VXLAN_DATA_ATTR_SRCPORTMIN, +++ VXLAN_DATA_ATTR_SRCPORTMAX, ++ __VXLAN_DATA_ATTR_MAX ++ }; ++ ++-- ++2.30.0 ++ +diff --git a/package/network/config/netifd/patches/0002-netifd-vxlan-refactor-mapping-of-boolean-attrs.patch b/package/network/config/netifd/patches/0002-netifd-vxlan-refactor-mapping-of-boolean-attrs.patch +new file mode 100644 +index 0000000000..f0dbc385b9 +--- /dev/null ++++ b/package/network/config/netifd/patches/0002-netifd-vxlan-refactor-mapping-of-boolean-attrs.patch +@@ -0,0 +1,59 @@ ++From 226566b967dc4ef4d83ed7844b8ad746f4306f8d Mon Sep 17 00:00:00 2001 ++From: Johannes Kimmel ++Date: Fri, 4 Sep 2020 04:59:41 +0200 ++Subject: [PATCH 2/4] netifd: vxlan: refactor mapping of boolean attrs ++ ++Add a small function to handle boolean options and make use of it to handle: ++ - rxcsum ++ - txcsum ++ ++Signed-off-by: Johannes Kimmel ++--- ++ system-linux.c | 24 ++++++++++++++---------- ++ 1 file changed, 14 insertions(+), 10 deletions(-) ++ ++diff --git a/system-linux.c b/system-linux.c ++index 42f0de3..d87a9ee 100644 ++--- a/system-linux.c +++++ b/system-linux.c ++@@ -3073,6 +3073,17 @@ failure: ++ #endif ++ ++ #ifdef IFLA_VXLAN_MAX +++static void system_vxlan_map_bool_attr(struct nl_msg *msg, struct blob_attr **tb_data, int attrtype, int vxlandatatype, bool invert) { +++ struct blob_attr *cur; +++ if ((cur = tb_data[vxlandatatype])) { +++ bool val = blobmsg_get_bool(cur); +++ if (invert) { +++ val = !val; +++ } +++ nla_put_u8(msg, attrtype, val); +++ } +++} +++ ++ static int system_add_vxlan(const char *name, const unsigned int link, struct blob_attr **tb, bool v6) ++ { ++ struct blob_attr *tb_data[__VXLAN_DATA_ATTR_MAX]; ++@@ -3210,16 +3221,9 @@ static int system_add_vxlan(const char *name, const unsigned int link, struct bl ++ nla_put(msg, IFLA_VXLAN_PORT_RANGE, sizeof(srcports), &srcports); ++ } ++ ++- if ((cur = tb_data[VXLAN_DATA_ATTR_RXCSUM])) { ++- bool rxcsum = blobmsg_get_bool(cur); ++- nla_put_u8(msg, IFLA_VXLAN_UDP_ZERO_CSUM6_RX, !rxcsum); ++- } ++- ++- if ((cur = tb_data[VXLAN_DATA_ATTR_TXCSUM])) { ++- bool txcsum = blobmsg_get_bool(cur); ++- nla_put_u8(msg, IFLA_VXLAN_UDP_CSUM, txcsum); ++- nla_put_u8(msg, IFLA_VXLAN_UDP_ZERO_CSUM6_TX, !txcsum); ++- } +++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_UDP_CSUM, VXLAN_DATA_ATTR_TXCSUM, false); +++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_UDP_ZERO_CSUM6_RX, VXLAN_DATA_ATTR_RXCSUM, true); +++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_UDP_ZERO_CSUM6_TX, VXLAN_DATA_ATTR_TXCSUM, true); ++ ++ if ((cur = tb[TUNNEL_ATTR_TOS])) { ++ char *str = blobmsg_get_string(cur); ++-- ++2.30.0 ++ +diff --git a/package/network/config/netifd/patches/0003-netifd-vxlan-add-most-missing-boolean-options.patch b/package/network/config/netifd/patches/0003-netifd-vxlan-add-most-missing-boolean-options.patch +new file mode 100644 +index 0000000000..e8aee863a1 +--- /dev/null ++++ b/package/network/config/netifd/patches/0003-netifd-vxlan-add-most-missing-boolean-options.patch +@@ -0,0 +1,102 @@ ++From 11223f5550f7dd8faefb85441065b682be16e61f Mon Sep 17 00:00:00 2001 ++From: Johannes Kimmel ++Date: Fri, 4 Sep 2020 04:59:42 +0200 ++Subject: [PATCH 3/4] netifd: vxlan: add most missing boolean options ++ ++adds the folloing missing options: ++ - learning ++ - rsc ++ - proxy ++ - l2miss ++ - l3miss ++ - gbp ++ ++See ip-link(3) for their meaning. ++ ++still missing: ++ - external ++ - gpe ++ ++I'm not sure how to handle them at the moment. It's unclear to me what ++IFLA_VXLAN_* value corresponds to the 'external' option and according to ++the manpage, gpe depends on it. ++ ++Signed-off-by: Johannes Kimmel ++--- ++ system-linux.c | 16 +++++++++++++--- ++ system.c | 6 ++++++ ++ system.h | 6 ++++++ ++ 3 files changed, 25 insertions(+), 3 deletions(-) ++ ++diff --git a/system-linux.c b/system-linux.c ++index d87a9ee..c232c5f 100644 ++--- a/system-linux.c +++++ b/system-linux.c ++@@ -3077,10 +3077,14 @@ static void system_vxlan_map_bool_attr(struct nl_msg *msg, struct blob_attr **tb ++ struct blob_attr *cur; ++ if ((cur = tb_data[vxlandatatype])) { ++ bool val = blobmsg_get_bool(cur); ++- if (invert) { +++ if (invert) ++ val = !val; ++- } ++- nla_put_u8(msg, attrtype, val); +++ +++ if ((attrtype == IFLA_VXLAN_GBP) && val) +++ nla_put_flag(msg, attrtype); +++ else +++ nla_put_u8(msg, attrtype, val); +++ ++ } ++ } ++ ++@@ -3224,6 +3228,12 @@ static int system_add_vxlan(const char *name, const unsigned int link, struct bl ++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_UDP_CSUM, VXLAN_DATA_ATTR_TXCSUM, false); ++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_UDP_ZERO_CSUM6_RX, VXLAN_DATA_ATTR_RXCSUM, true); ++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_UDP_ZERO_CSUM6_TX, VXLAN_DATA_ATTR_TXCSUM, true); +++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_LEARNING, VXLAN_DATA_ATTR_LEARNING, false); +++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_RSC , VXLAN_DATA_ATTR_RSC, false); +++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_PROXY , VXLAN_DATA_ATTR_PROXY, false); +++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_L2MISS , VXLAN_DATA_ATTR_L2MISS, false); +++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_L3MISS , VXLAN_DATA_ATTR_L3MISS, false); +++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_GBP , VXLAN_DATA_ATTR_GBP, false); ++ ++ if ((cur = tb[TUNNEL_ATTR_TOS])) { ++ char *str = blobmsg_get_string(cur); ++diff --git a/system.c b/system.c ++index 4133e55..95721e1 100644 ++--- a/system.c +++++ b/system.c ++@@ -40,6 +40,12 @@ static const struct blobmsg_policy vxlan_data_attrs[__VXLAN_DATA_ATTR_MAX] = { ++ [VXLAN_DATA_ATTR_TXCSUM] = { .name = "txcsum", .type = BLOBMSG_TYPE_BOOL }, ++ [VXLAN_DATA_ATTR_SRCPORTMIN] = { .name = "srcportmin", .type = BLOBMSG_TYPE_INT32 }, ++ [VXLAN_DATA_ATTR_SRCPORTMAX] = { .name = "srcportmax", .type = BLOBMSG_TYPE_INT32 }, +++ [VXLAN_DATA_ATTR_LEARNING] = { .name = "learning", .type = BLOBMSG_TYPE_BOOL }, +++ [VXLAN_DATA_ATTR_RSC] = { .name = "rsc", .type = BLOBMSG_TYPE_BOOL }, +++ [VXLAN_DATA_ATTR_PROXY] = { .name = "proxy", .type = BLOBMSG_TYPE_BOOL }, +++ [VXLAN_DATA_ATTR_L2MISS] = { .name = "l2miss", .type = BLOBMSG_TYPE_BOOL }, +++ [VXLAN_DATA_ATTR_L3MISS] = { .name = "l3miss", .type = BLOBMSG_TYPE_BOOL }, +++ [VXLAN_DATA_ATTR_GBP] = { .name = "gbp", .type = BLOBMSG_TYPE_BOOL }, ++ }; ++ ++ const struct uci_blob_param_list vxlan_data_attr_list = { ++diff --git a/system.h b/system.h ++index bf9e1d7..290c2e5 100644 ++--- a/system.h +++++ b/system.h ++@@ -46,6 +46,12 @@ enum vxlan_data { ++ VXLAN_DATA_ATTR_TXCSUM, ++ VXLAN_DATA_ATTR_SRCPORTMIN, ++ VXLAN_DATA_ATTR_SRCPORTMAX, +++ VXLAN_DATA_ATTR_LEARNING, +++ VXLAN_DATA_ATTR_RSC, +++ VXLAN_DATA_ATTR_PROXY, +++ VXLAN_DATA_ATTR_L2MISS, +++ VXLAN_DATA_ATTR_L3MISS, +++ VXLAN_DATA_ATTR_GBP, ++ __VXLAN_DATA_ATTR_MAX ++ }; ++ ++-- ++2.30.0 ++ +diff --git a/package/network/config/netifd/patches/0004-netifd-vxlan-add-aging-and-maxaddress-options.patch b/package/network/config/netifd/patches/0004-netifd-vxlan-add-aging-and-maxaddress-options.patch +new file mode 100644 +index 0000000000..a8f8bcc039 +--- /dev/null ++++ b/package/network/config/netifd/patches/0004-netifd-vxlan-add-aging-and-maxaddress-options.patch +@@ -0,0 +1,65 @@ ++From 55a7b6b7f2f773c06a79cb7359ffdab54ba32450 Mon Sep 17 00:00:00 2001 ++From: Johannes Kimmel ++Date: Fri, 4 Sep 2020 04:59:43 +0200 ++Subject: [PATCH 4/4] netifd: vxlan: add aging and maxaddress options ++ ++For both options the values can just be passed to the kernel. All ++unsigned values are accepted, thus no range checking required. ++ ++Signed-off-by: Johannes Kimmel ++--- ++ system-linux.c | 10 ++++++++++ ++ system.c | 2 ++ ++ system.h | 2 ++ ++ 3 files changed, 14 insertions(+) ++ ++diff --git a/system-linux.c b/system-linux.c ++index c232c5f..6778b1d 100644 ++--- a/system-linux.c +++++ b/system-linux.c ++@@ -3235,6 +3235,16 @@ static int system_add_vxlan(const char *name, const unsigned int link, struct bl ++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_L3MISS , VXLAN_DATA_ATTR_L3MISS, false); ++ system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_GBP , VXLAN_DATA_ATTR_GBP, false); ++ +++ if ((cur = tb_data[VXLAN_DATA_ATTR_AGEING])) { +++ uint32_t ageing = blobmsg_get_u32(cur); +++ nla_put_u32(msg, IFLA_VXLAN_AGEING, ageing); +++ } +++ +++ if ((cur = tb_data[VXLAN_DATA_ATTR_LIMIT])) { +++ uint32_t maxaddress = blobmsg_get_u32(cur); +++ nla_put_u32(msg, IFLA_VXLAN_LIMIT, maxaddress); +++ } +++ ++ if ((cur = tb[TUNNEL_ATTR_TOS])) { ++ char *str = blobmsg_get_string(cur); ++ unsigned tos = 1; ++diff --git a/system.c b/system.c ++index 95721e1..834748e 100644 ++--- a/system.c +++++ b/system.c ++@@ -46,6 +46,8 @@ static const struct blobmsg_policy vxlan_data_attrs[__VXLAN_DATA_ATTR_MAX] = { ++ [VXLAN_DATA_ATTR_L2MISS] = { .name = "l2miss", .type = BLOBMSG_TYPE_BOOL }, ++ [VXLAN_DATA_ATTR_L3MISS] = { .name = "l3miss", .type = BLOBMSG_TYPE_BOOL }, ++ [VXLAN_DATA_ATTR_GBP] = { .name = "gbp", .type = BLOBMSG_TYPE_BOOL }, +++ [VXLAN_DATA_ATTR_AGEING] = { .name = "ageing", .type = BLOBMSG_TYPE_INT32 }, +++ [VXLAN_DATA_ATTR_LIMIT] = { .name = "maxaddress", .type = BLOBMSG_TYPE_INT32 }, ++ }; ++ ++ const struct uci_blob_param_list vxlan_data_attr_list = { ++diff --git a/system.h b/system.h ++index 290c2e5..52161a8 100644 ++--- a/system.h +++++ b/system.h ++@@ -52,6 +52,8 @@ enum vxlan_data { ++ VXLAN_DATA_ATTR_L2MISS, ++ VXLAN_DATA_ATTR_L3MISS, ++ VXLAN_DATA_ATTR_GBP, +++ VXLAN_DATA_ATTR_AGEING, +++ VXLAN_DATA_ATTR_LIMIT, ++ __VXLAN_DATA_ATTR_MAX ++ }; ++ ++-- ++2.30.0 ++ +-- +2.30.0 +