Merge pull request #12513 from ssahani/vxlan

networkd: Allow users to set the IPv4 DF bit in outgoing packets
2024-07-22 10:44:58 +00:00 · 2019-05-09 11:26:43 +02:00 · 2019-05-09 11:26:43 +02:00 · da35a1c9fc
parent 4eb086a387 1189c00a3c
commit da35a1c9fc
6 changed files with 51 additions and 1 deletions
--- a/man/systemd.netdev.xml
+++ b/man/systemd.netdev.xml
@ -661,7 +661,8 @@
         <para>Takes a boolean. When true, Generic Protocol Extension extends the existing VXLAN protocol
         to provide protocol typing, OAM, and versioning capabilities. For details about the VXLAN GPE
         Header, see the <ulink url="https://tools.ietf.org/html/draft-ietf-nvo3-vxlan-gpe-07">
-         Generic Protocol Extension for VXLAN </ulink> document. Defaults to false.</para>
+         Generic Protocol Extension for VXLAN </ulink> document. If destination port is not specified and
+         Generic Protocol Extension is set then default port of 4790 is used. Defaults to false.</para>
       </listitem>
    </varlistentry>
    <varlistentry>
@ -690,6 +691,15 @@
          The valid range is 0-1048575.
          </para>
        </listitem>
+    </varlistentry>
+      <varlistentry>
+        <term><varname>IPDoNotFragment=</varname></term>
+        <listitem>
+          <para>Allows to set the IPv4 Do not Fragment (DF) bit in outgoing packets, or to inherit its
+          value from the IPv4 inner header. Takes a boolean value, or <literal>inherit</literal>. Set
+          to <literal>inherit</literal> if the encapsulated protocol is IPv6. When unset, the kernel's
+          default will be used.</para>
+        </listitem>
      </varlistentry>
    </variablelist>
  </refsect1>
--- a/src/libsystemd/sd-netlink/netlink-types.c
+++ b/src/libsystemd/sd-netlink/netlink-types.c
@ -170,6 +170,8 @@ static const NLType rtnl_link_info_data_vxlan_types[] = {
        [IFLA_VXLAN_COLLECT_METADATA]  = { .type = NETLINK_TYPE_U8 },
        [IFLA_VXLAN_LABEL]             = { .type = NETLINK_TYPE_U32 },
        [IFLA_VXLAN_GPE]               = { .type = NETLINK_TYPE_FLAG },
+        [IFLA_VXLAN_TTL_INHERIT]       = { .type = NETLINK_TYPE_FLAG },
+        [IFLA_VXLAN_DF]                = { .type = NETLINK_TYPE_U8 },
 };

 static const NLType rtnl_bond_arp_target_types[] = {
--- a/src/network/netdev/netdev-gperf.gperf
+++ b/src/network/netdev/netdev-gperf.gperf
@ -124,6 +124,7 @@ VXLAN.MaximumFDBEntries,                  config_parse_unsigned,
 VXLAN.PortRange,                          config_parse_port_range,                   0,                             0
 VXLAN.DestinationPort,                    config_parse_ip_port,                      0,                             offsetof(VxLan, dest_port)
 VXLAN.FlowLabel,                          config_parse_flow_label,                   0,                             0
+VXLAN.IPDoNotFragment,                    config_parse_df,                           0,                             offsetof(VxLan, df)
 GENEVE.Id,                                config_parse_geneve_vni,                   0,                             offsetof(Geneve, id)
 GENEVE.Remote,                            config_parse_geneve_address,               0,                             offsetof(Geneve, remote)
 GENEVE.TOS,                               config_parse_uint8,                        0,                             offsetof(Geneve, tos)
--- a/src/network/netdev/vxlan.c
+++ b/src/network/netdev/vxlan.c
@ -7,6 +7,7 @@
 #include "conf-parser.h"
 #include "alloc-util.h"
 #include "extract-word.h"
+#include "string-table.h"
 #include "string-util.h"
 #include "strv.h"
 #include "parse-util.h"
@ -15,6 +16,15 @@
 #include "networkd-link.h"
 #include "netdev/vxlan.h"

+static const char* const df_table[_NETDEV_VXLAN_DF_MAX] = {
+        [NETDEV_VXLAN_DF_NO] = "no",
+        [NETDEV_VXLAN_DF_YES] = "yes",
+        [NETDEV_VXLAN_DF_INHERIT] = "inherit",
+};
+
+DEFINE_STRING_TABLE_LOOKUP_WITH_BOOLEAN(df, VxLanDF, NETDEV_VXLAN_DF_YES);
+DEFINE_CONFIG_PARSE_ENUM(config_parse_df, df, VxLanDF, "Failed to parse VXLAN IPDoNotFragment= setting");
+
 static int netdev_vxlan_fill_message_create(NetDev *netdev, Link *link, sd_netlink_message *m) {
        VxLan *v;
        int r;
@ -150,6 +160,12 @@ static int netdev_vxlan_fill_message_create(NetDev *netdev, Link *link, sd_netli
                        return log_netdev_error_errno(netdev, r, "Could not append IFLA_VXLAN_GPE attribute: %m");
        }

+        if (v->df != _NETDEV_VXLAN_DF_INVALID) {
+                r = sd_netlink_message_append_u8(m, IFLA_VXLAN_DF, v->df);
+                if (r < 0)
+                        return log_netdev_error_errno(netdev, r, "Could not append IFLA_VXLAN_DF attribute: %m");
+        }
+
        return r;
 }

@ -289,6 +305,9 @@ static int netdev_vxlan_verify(NetDev *netdev, const char *filename) {
                                                "%s: VXLAN TTL must be <= 255. Ignoring.",
                                                filename);

+        if (!v->dest_port && v->generic_protocol_extension)
+                v->dest_port = 4790;
+
        return 0;
 }

@ -302,6 +321,7 @@ static void vxlan_init(NetDev *netdev) {
        assert(v);

        v->vni = VXLAN_VID_MAX + 1;
+        v->df = _NETDEV_VXLAN_DF_INVALID;
        v->learning = true;
        v->udpcsum = false;
        v->udp6zerocsumtx = false;
--- a/src/network/netdev/vxlan.h
+++ b/src/network/netdev/vxlan.h
@ -3,12 +3,22 @@

 typedef struct VxLan VxLan;

+#include <linux/if_link.h>
+
 #include "in-addr-util.h"
 #include "netdev/netdev.h"

 #define VXLAN_VID_MAX (1u << 24) - 1
 #define VXLAN_FLOW_LABEL_MAX_MASK 0xFFFFFU

+typedef enum VxLanDF {
+        NETDEV_VXLAN_DF_NO = VXLAN_DF_UNSET,
+        NETDEV_VXLAN_DF_YES = VXLAN_DF_SET,
+        NETDEV_VXLAN_DF_INHERIT = VXLAN_DF_INHERIT,
+        _NETDEV_VXLAN_DF_MAX,
+        _NETDEV_VXLAN_DF_INVALID = -1
+} VxLanDF;
+
 struct VxLan {
        NetDev meta;

@ -18,6 +28,8 @@ struct VxLan {
        int local_family;
        int group_family;

+        VxLanDF df;
+
        union in_addr_union remote;
        union in_addr_union local;
        union in_addr_union group;
@ -50,6 +62,10 @@ struct VxLan {
 DEFINE_NETDEV_CAST(VXLAN, VxLan);
 extern const NetDevVTable vxlan_vtable;

+const char *df_to_string(VxLanDF d) _const_;
+VxLanDF df_from_string(const char *d) _pure_;
+
 CONFIG_PARSER_PROTOTYPE(config_parse_vxlan_address);
 CONFIG_PARSER_PROTOTYPE(config_parse_port_range);
 CONFIG_PARSER_PROTOTYPE(config_parse_flow_label);
+CONFIG_PARSER_PROTOTYPE(config_parse_df);
--- a/test/fuzz/fuzz-netdev-parser/directives.netdev
+++ b/test/fuzz/fuzz-netdev-parser/directives.netdev
@ -109,6 +109,7 @@ ReduceARPProxy=
 PortRange=
 UDPChecksum=
 UDP6ZeroCheckSumTx=
+IPDoNotFragment=
 [VXCAN]
 Peer=
 [Bond]