[RFC] fff-node: add package vxlan-node

This package adds vxlan support to the node variant and configures the vxlan-vpn tunnels to the gateways.

A vpn section has to be added to the hoodfile for every peer (GW) supporting vxlan:

{
    "version": 1,
    "network": {
        "ula_prefix": "fd43:5602:29bd:16:\/64"
    },
    "vpn": [
        {
            "name": "rl-fff1-vx",
            "protocol": "vxlan",
            "vid": "7",
            "address": "rl-fff1.fff.community"
        },
        {
            "name": "fff-gw-mc",
            "protocol": "fastd",
...

An example hoodfile is delivered with this patch: /etc/hoodfile

For testing the hoods schweinfurt, hassfurt, coburg, ebern and geo can be used. "address" is the same for all hoods: rl-fff1.fff.community. The respective hood-id is used as vid.

Signed-off-by: Robert Langhammer <rlanghammer@web.de>

src/packages/fff/fff-node/Makefile

@@ -1,7 +1,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=fff-node
-PKG_RELEASE:=2
+PKG_RELEASE:=3
 
 PKG_BUILD_DIR:=$(BUILD_DIR)/fff-node
 
@@ -15,6 +15,7 @@ define Package/fff-node
 	DEPENDS:=+fff-batman-adv \
 	         +fff-fastd \
 	         +fff-firewall \
+	         +fff-vxlan-node \
 	         +fff-hoods \
 	         +fff-uradvd
 endef

src/packages/fff/fff-vpn-select/files/etc/uci-defaults/58_vpn-select

@@ -1,5 +1,5 @@
 uci set fff.vpnselect=fff
-uci set fff.vpnselect.protocol_order="fastd"
+uci set fff.vpnselect.protocol_order="fastd vxlan"
 uci commit fff
 
 exit 0

src/packages/fff/fff-vxlan/Makefile

@@ -0,0 +1,39 @@
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=fff-vxlan-node
+PKG_RELEASE:=1
+
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/$(PKG_NAME)
+	SECTION:=base
+	CATEGORY:=Freifunk
+	TITLE:=Freifunk-Franken vxlan configuration
+	URL:=http://www.freifunk-franken.de
+	DEPENDS:=+vxlan
+endef
+
+define Package/$(PKG_NAME)/description
+	This is the vxlan for the Freifunk Franken node-Firmware
+	It is used to configure vxlan.
+endef
+
+define Build/Prepare
+	echo "all: " > $(PKG_BUILD_DIR)/Makefile
+endef
+
+define Build/Configure
+	# nothing
+endef
+
+define Build/Compile
+	# nothing
+endef
+
+define Package/$(PKG_NAME)/install
+	$(CP) ./files/* $(1)/
+endef
+
+$(eval $(call BuildPackage,$(PKG_NAME)))

src/packages/fff/fff-vxlan/files/etc/hoodfile

@@ -0,0 +1,50 @@
+{
+    "version": 1,
+    "network": {
+        "ula_prefix": "fd43:5602:29bd:16:\/64"
+    },
+    "vpn": [
+        {
+            "name": "rl-fff1",
+            "protocol": "fastd",
+            "address": "rl-fff1.fff.community",
+            "port": "10001",
+            "key": "a58ff2aae73eaff03c74d7360630aff60d1ae997941e0fc7545d15127134f925"
+        },
+        {
+            "name": "rl-fff1",
+            "protokol": "vxlan",
+            "address": "rl-fff1.fff.community"
+        },
+        {
+            "name": "fff-gw-mc",
+            "protocol": "fastd",
+            "address": "fff-gw-mc.fff.community",
+            "port": "10018",
+            "key": "d6727882f6a6d85357c352f57cc3df704ce6b31702b5fd6d990453ba1e3f0219"
+        },
+        {
+            "name": "fff-gw-mc",
+            "protocol": "vxlan",
+            "address": "fff-gw-mc.fff.community",
+        }
+    ],
+    "hood": {
+        "id": "7",
+        "name": "Schweinfurt",
+        "essid": "schweinfurt.freifunk.net",
+        "mesh_bssid": "",
+        "mesh_essid": "mesh.schweinfurt.freifunk.net",
+        "mesh_id": "mesh.schweinfurt.freifunk.net",
+        "protocol": "batman-adv-v15",
+        "channel2": "13",
+        "mode2": "ht20",
+        "mesh_type2": "802.11s",
+        "channel5": "40",
+        "mode5": "ht20",
+        "mesh_type5": "802.11s",
+        "upgrade_path": "http:\/\/[fd43:5602:29bd:ffff::feee]:83",
+        "ntp_ip": "fd43:5602:29bd:ffff::1",
+        "timestamp": "1577226481"
+    }
+}

src/packages/fff/fff-vxlan/files/etc/uci-defaults/55-vxlan

@@ -0,0 +1,17 @@
+uci batch <<EOF
+ set network.vxVLAN=interface
+ set network.vxVLAN.proto=vxlan6
+ set network.vxVLAN.port=8472
+ set network.vxVLAN.ip6addr=auto
+ set network.vxVLAN.srcport='8472 8473'
+ set network.vxVLAN.srcportmin=8472
+ set network.vxVLAN.srcportmax=8473
+ set network.vxVLAN.ageing=60
+ set network.vxVLAN.mtu=1422
+ set network.vxVLAN.disabled=1
+
+ set network.vxbat=interface
+ set network.vxbat.proto=batadv_hardif
+ set network.vxbat.master=bat0
+ set network.vxbat.ifname=vxVLAN
+EOF

src/packages/fff/fff-vxlan/files/usr/lib/vpn-select.d/vxlan

@@ -0,0 +1,36 @@
+protocol=vxlan
+
+# if ipv6 is missing, remove vxlan from protocol_order
+ping6 -w5 -c2 keyserver.freifunk-franken.de || protocol_order="${protocol_order/vxlan/}"
+
+vxlan_clear() {
+	uci set network.vxVLAN.disabled="1"
+	while uci -q delete network.@vxlan_peer[0]; do :; done
+}
+
+vxlan_addpeer() {
+	json_get_var address address
+	address="$( ping6 -w1 -c1 "$address" | awk -F '[()]' '{print $2; exit}' )"
+	[ -z $address ] && return
+	uci set network.vxVLAN.vid="$hood_id"
+	uci set network.vxVLAN.disabled="0"
+	uci add network vxlan_peer
+	uci set network.@vxlan_peer[-1].vxlan="vxVLAN"
+	uci set network.@vxlan_peer[-1].dst="$address"
+}
+
+vxlan_start_stop() {
+	uci commit network
+	rm -rf /var/run/config.check
+	mkdir -p /var/run/config.check
+	uci show network > /var/run/config.check/network
+	MD5FILE=/var/run/config.md5
+	if md5sum -c $MD5FILE 2>/dev/null | grep -q "network: FAILED" ; then
+		bridge fdb | grep vxVLAN | while read entry; do
+			bridge fdb del $entry
+		done
+		ifup vxVLAN
+	fi
+	rm -rf /var/run/config.check
+	reload_config
+}