From patchwork Tue Nov 24 03:26:29 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Johannes Kimmel X-Patchwork-Id: 1405213 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.openwrt.org (client-ip=2001:8b0:10b:1231::1; helo=merlin.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=bareminimum.eu Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=merlin.20170209 header.b=aO/vxeYx; dkim-atps=neutral Received: from merlin.infradead.org (merlin.infradead.org [IPv6:2001:8b0:10b:1231::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4Cg8cx2V2xz9sRR for ; Tue, 24 Nov 2020 14:28:48 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:MIME-Version:Message-Id:Date:Subject:To:From: Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender :Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Owner; bh=p6KEQfzxZPWcHYcQb5C3lF5zyVobcuQwuTWCDkeIeT4=; b=aO/vxeYxWWvbUiI7rre7v5yvEH eOOzLxCig7GSRG4BSopC2CYziBug9F7Ef9MZHCgYf8uW527ES4mjArYue6ihXzKL+xillgX5Ysv1a moBQWYZhKUD+Y8oWU6y0pWk41IjDtV7m78lw2haFkGvo/mZUswk2arOlN+XvUKUSPArx5YcJzpPUN TvTiNrg8vib4wOHiK/EXadDxowr4/G/94+BIVQ7ywwzpi9nN+7mPL7907PtcK+Z33iTq42QxaXpEp 4wDtTyAYd8gTjpyPO7/r0orXYU4G4QOFWfldRXTQnf+ALh72/PkqbUlywRXnzOT8G6SUyH6pG0a58 YM6YTgKA==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1khOyc-0000YB-Pq; Tue, 24 Nov 2020 03:26:46 +0000 Received: from mail.nerd2nerd.org ([148.251.171.25]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1khOyY-0000XE-FO for openwrt-devel@lists.openwrt.org; Tue, 24 Nov 2020 03:26:43 +0000 Received: from kosch.limbus.lpm.pw (200116b8288bb6027b341f8ada9e4f34.dip.versatel-1u1.de [IPv6:2001:16b8:288b:b602:7b34:1f8a:da9e:4f34]) by mail.nerd2nerd.org (Postfix) with ESMTPA id E3DBA606B2; Tue, 24 Nov 2020 04:26:38 +0100 (CET) From: Johannes Kimmel To: openwrt-devel@lists.openwrt.org Subject: [PATCH v2] vxlan: allow for dynamic source ip selection Date: Tue, 24 Nov 2020 04:26:29 +0100 Message-Id: <20201124032629.647-1-fff@bareminimum.eu> X-Mailer: git-send-email 2.29.2 MIME-Version: 1.0 Authentication-Results: mail.nerd2nerd.org; auth=pass smtp.auth=info@bareminimum.eu smtp.mailfrom=fff@bareminimum.eu X-Spam: Yes X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20201123_222642_650022_5D9EBF03 X-CRM114-Status: GOOD ( 15.28 ) X-Spam-Score: 0.0 (/) X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary: Content analysis details: (0.0 points) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 SPF_NONE SPF: sender does not publish an SPF Record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record X-BeenThere: openwrt-devel@lists.openwrt.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OpenWrt Development List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: dedeckeh@gmail.com, mschiffer@universe-factory.net Sender: "openwrt-devel" Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org By setting 'auto', the zero address or the empty string as source address (option ipaddr, option ip6addr), vxlan will choose one dynamically. This helps in setups where a wan ip or prefix changes. This corresponse to setting up an vxlan tunnel with: proto vxlan6: # ip link add vx0 type vxlan id ID local :: ... proto vxlan: # ip link add vx0 type vxlan id ID local 0.0.0.0 ... While it is possible to not specify a source ip at all, the kernel will default to setting up a ipv4 tunnel. The kernel will take any hint from source and peer ips to figure out, what tunnel type to use. To make sure we setup an ipv6 tunnel for proto vxlan6, this workaround is needed. Specifying 'inherit' as source ip, the old behaviour is used whereby a source ip is calculated once from the tunlink interface. This will not change the behaviour of currently working configurations. However this will allow former broken configurations, namely those not specifying both a source address and tunnel interface, to setup a tunnel interface. Previously those configurations weren't reporting an error and were stueck in a setup loop like in Bug FS#3426. This change lifts the currently very strict behaviour and should fix the following bug: Fixes: FS#3426 Ref: https://bugs.openwrt.org/index.php?do=details&task_id=3426 V2: - bump PKG_RELEASE - add small explaination about behaviour changes Signed-off-by: Johannes Kimmel Tested-by: Bastian Bittorf --- package/network/config/vxlan/Makefile | 2 +- package/network/config/vxlan/files/vxlan.sh | 55 ++++++++++++--------- 2 files changed, 34 insertions(+), 23 deletions(-) diff --git a/package/network/config/vxlan/Makefile b/package/network/config/vxlan/Makefile index 0b4d6713f9..97972d6d85 100644 --- a/package/network/config/vxlan/Makefile +++ b/package/network/config/vxlan/Makefile @@ -1,7 +1,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=vxlan -PKG_RELEASE:=6 +PKG_RELEASE:=7 PKG_LICENSE:=GPL-2.0 include $(INCLUDE_DIR)/package.mk diff --git a/package/network/config/vxlan/files/vxlan.sh b/package/network/config/vxlan/files/vxlan.sh index 5c1c484c47..579964b385 100755 --- a/package/network/config/vxlan/files/vxlan.sh +++ b/package/network/config/vxlan/files/vxlan.sh @@ -114,18 +114,23 @@ proto_vxlan_setup() { ( proto_add_host_dependency "$cfg" '' "$tunlink" ) - [ -z "$ipaddr" ] && { - local wanif="$tunlink" - if [ -z "$wanif" ] && ! network_find_wan wanif; then - proto_notify_error "$cfg" "NO_WAN_LINK" - exit - fi + case "$ipaddr" in + "inherit") + local wanif="$tunlink" + if [ -z "$wanif" ] && ! network_find_wan wanif; then + proto_notify_error "$cfg" "NO_WAN_LINK" + exit + fi - if ! network_get_ipaddr ipaddr "$wanif"; then - proto_notify_error "$cfg" "NO_WAN_LINK" - exit - fi - } + if ! network_get_ipaddr ipaddr "$wanif"; then + proto_notify_error "$cfg" "NO_WAN_LINK" + exit + fi + ;; + "auto"|"") + ipaddr="0.0.0.0" + ;; + esac vxlan_generic_setup "$cfg" 'vxlan' "$ipaddr" "$peeraddr" } @@ -138,18 +143,24 @@ proto_vxlan6_setup() { ( proto_add_host_dependency "$cfg" '' "$tunlink" ) - [ -z "$ip6addr" ] && { - local wanif="$tunlink" - if [ -z "$wanif" ] && ! network_find_wan6 wanif; then - proto_notify_error "$cfg" "NO_WAN_LINK" - exit - fi + case "$ip6addr" in + "inherit") + local wanif="$tunlink" + if [ -z "$wanif" ] && ! network_find_wan6 wanif; then + proto_notify_error "$cfg" "NO_WAN_LINK" + exit + fi - if ! network_get_ipaddr6 ip6addr "$wanif"; then - proto_notify_error "$cfg" "NO_WAN_LINK" - exit - fi - } + if ! network_get_ipaddr6 ip6addr "$wanif"; then + proto_notify_error "$cfg" "NO_WAN_LINK" + exit + fi + ;; + "auto"|"") + # ensure tunnel via ipv6 + ip6addr="::" + ;; + esac vxlan_generic_setup "$cfg" 'vxlan6' "$ip6addr" "$peer6addr" }