2020-10-02 00:20:10 +00:00
|
|
|
#!/bin/sh
|
|
|
|
|
#
|
2020-10-02 01:06:22 +00:00
|
|
|
# This executor is responsible for setting up the Virtual Extensible LAN (VXLAN) overlay interfaces.
|
2020-10-02 00:20:10 +00:00
|
|
|
#
|
|
|
|
|
# Fri, 02 Oct 2020 01:10:29 +0200
|
|
|
|
|
# -- Maximilian Wilhelm <max@sdn.clinic>
|
|
|
|
|
#
|
|
|
|
|
# Known options for the main interface are:
|
|
|
|
|
#
|
|
|
|
|
# IF_VXLAN_ID The VXLAN Network Identifier (VNI)
|
|
|
|
|
# IF_VXLAN_PHYSDEV Specifies the physical device to use for tunnel endpoint communication
|
|
|
|
|
# IF_VXLAN_LOCAL_IP Specifies the source IP address to use in outgoing packets
|
2021-10-16 13:15:35 +00:00
|
|
|
# IF_VXLAN_PEER_IPS Space separated list of IPs of the remote VTEP endpoint (for ptp/ptmp mode with ingress replication)
|
|
|
|
|
# IF_VXLAN_PEER_GROUP Multicast group to use for this VNI (for ptmp mode with multicast)
|
2020-10-02 00:20:10 +00:00
|
|
|
# IF_VXLAN_LEARNING Wether to activate MAC learning on this instance (on/off)
|
|
|
|
|
# IF_VXLAN_AGEING Specifies the lifetime in seconds of FDB entries learnt by the kernel
|
|
|
|
|
# IF_VXLAN_DSTPORT UDP destination port to communicate to the remote VXLAN tunnel endpoint (default 4789)
|
|
|
|
|
#
|
|
|
|
|
[ -n "$VERBOSE" ] && set -x
|
|
|
|
|
|
|
|
|
|
# No VNI, nuthin' to do for us
|
|
|
|
|
if [ ! "${IF_VXLAN_ID}" ]; then
|
|
|
|
|
exit 0
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
case "$PHASE" in
|
|
|
|
|
depend)
|
|
|
|
|
if [ "${IF_VXLAN_PHYSDEV}" ]; then
|
|
|
|
|
echo "${IF_VXLAN_PHYSDEV}"
|
|
|
|
|
fi
|
|
|
|
|
;;
|
|
|
|
|
|
|
|
|
|
create)
|
|
|
|
|
if [ -d "/sys/class/net/${IFACE}" ]; then
|
|
|
|
|
exit 0
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
# Input validation
|
2021-10-16 13:15:35 +00:00
|
|
|
if [ "${IF_VXLAN_PEER_IPS}" -a "${IF_VXLAN_PEER_GROUP}" ]; then
|
|
|
|
|
echo "Error on ${IFACE} (vxlan): Only one of 'vxlan-peer-ips' and 'vxlan-peer-group' can be used!" >&2
|
2020-10-02 00:20:10 +00:00
|
|
|
exit 1
|
|
|
|
|
fi
|
|
|
|
|
|
2021-10-16 13:15:35 +00:00
|
|
|
# Check if we should operate in unicast ptp or ptmp mode
|
|
|
|
|
if [ "${IF_VXLAN_PEER_IPS}" ]; then
|
|
|
|
|
# If it's only one thing which looks like an IPv4/IPv6 address we assume it's ptp
|
|
|
|
|
if echo "${IF_VXLAN_PEER_IPS}" | grep -q '^[[:space:]]*[[:xdigit:].:]\+[[:space:]]*$'; then
|
|
|
|
|
UCAST_MODE="ptp"
|
|
|
|
|
else
|
|
|
|
|
UCAST_MODE="ptmp"
|
|
|
|
|
fi
|
|
|
|
|
fi
|
|
|
|
|
|
2020-10-02 00:20:10 +00:00
|
|
|
# Gather arguments
|
|
|
|
|
ARGS=""
|
|
|
|
|
[ "${IF_VXLAN_PHYSDEV}" ] && ARGS="${ARGS} dev ${IF_VXLAN_PHYSDEV}"
|
|
|
|
|
[ "${IF_VXLAN_LOCAL_IP}" ] && ARGS="${ARGS} local ${IF_VXLAN_LOCAL_IP}"
|
2021-10-16 13:15:35 +00:00
|
|
|
[ "${UCAST_MODE}" = "ptp" ] && ARGS="${ARGS} remote ${IF_VXLAN_PEER_IPS}"
|
|
|
|
|
[ "${IF_VXLAN_PEER_GROUP}" ] && ARGS="${ARGS} group ${IF_VXLAN_PEER_GROUP}"
|
2020-10-02 00:20:10 +00:00
|
|
|
[ "${IF_VXLAN_AGEING}" ] && ARGS="${ARGS} ageing ${IF_VXLAN_AGEING}"
|
|
|
|
|
|
|
|
|
|
# Linux uses non-standard default port - WTF?
|
|
|
|
|
if [ "${IF_VXLAN_DSTPORT}" ]; then
|
|
|
|
|
ARGS="${ARGS} dstport ${IF_VXLAN_DSTPORT}"
|
|
|
|
|
else
|
|
|
|
|
ARGS="${ARGS} dstport 4789"
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
case "${IF_VXLAN_LEARNING}" in
|
|
|
|
|
on|yes)
|
|
|
|
|
ARGS="${ARGS} learning"
|
|
|
|
|
;;
|
|
|
|
|
|
|
|
|
|
off|no)
|
|
|
|
|
ARGS="${ARGS} nolearning"
|
|
|
|
|
;;
|
|
|
|
|
esac
|
|
|
|
|
|
|
|
|
|
${MOCK} ip link add "${IFACE}" type vxlan id "${IF_VXLAN_ID}" ${ARGS}
|
2021-10-16 13:15:35 +00:00
|
|
|
|
|
|
|
|
# Set up FDB entries for peer VTEPs
|
|
|
|
|
if [ "${UCAST_MODE}" = "ptmp" ]; then
|
|
|
|
|
for peer in ${IF_VXLAN_PEER_IPS}; do
|
|
|
|
|
${MOCK} bridge fdb append 00:00:00:00:00:00 dev "${IFACE}" dst "${peer}" self permanent
|
|
|
|
|
done
|
|
|
|
|
fi
|
2020-10-02 00:20:10 +00:00
|
|
|
;;
|
|
|
|
|
|
|
|
|
|
destroy)
|
|
|
|
|
if [ -z "${MOCK}" -a ! -d "/sys/class/net/${IFACE}" ]; then
|
|
|
|
|
exit 0
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
${MOCK} ip link del "${IFACE}"
|
|
|
|
|
;;
|
|
|
|
|
esac
|
