Date: Sun, 14 Jun 2015 03:14:45 +0000 (UTC) From: Bryan Venteicher <bryanv@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r284365 - in stable/10: sbin/ifconfig share/man/man4 sys/conf sys/modules sys/modules/if_vxlan sys/net sys/sys Message-ID: <201506140314.t5E3EjFb089270@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: bryanv Date: Sun Jun 14 03:14:45 2015 New Revision: 284365 URL: https://svnweb.freebsd.org/changeset/base/284365 Log: MFC r273331, r273371, r275851: - Add vxlan interface - Use the size of the Ethernet address, not the entire header, when copying into forwarding entry. - Prefix all the vxlan ifconfig commands so they are unique Added: stable/10/sbin/ifconfig/ifvxlan.c - copied, changed from r273331, head/sbin/ifconfig/ifvxlan.c stable/10/share/man/man4/vxlan.4 - copied, changed from r273331, head/share/man/man4/vxlan.4 stable/10/sys/modules/if_vxlan/ - copied from r273331, head/sys/modules/if_vxlan/ stable/10/sys/net/if_vxlan.c - copied, changed from r273331, head/sys/net/if_vxlan.c stable/10/sys/net/if_vxlan.h - copied unchanged from r273331, head/sys/net/if_vxlan.h Modified: stable/10/sbin/ifconfig/Makefile stable/10/sbin/ifconfig/ifconfig.8 stable/10/share/man/man4/Makefile stable/10/sys/conf/NOTES stable/10/sys/conf/files stable/10/sys/modules/Makefile stable/10/sys/sys/priv.h Directory Properties: stable/10/ (props changed) Modified: stable/10/sbin/ifconfig/Makefile ============================================================================== --- stable/10/sbin/ifconfig/Makefile Sun Jun 14 02:21:19 2015 (r284364) +++ stable/10/sbin/ifconfig/Makefile Sun Jun 14 03:14:45 2015 (r284365) @@ -31,6 +31,7 @@ SRCS+= ifmac.c # MAC support SRCS+= ifmedia.c # SIOC[GS]IFMEDIA support SRCS+= iffib.c # non-default FIB support SRCS+= ifvlan.c # SIOC[GS]ETVLAN support +SRCS+= ifvxlan.c # VXLAN support SRCS+= ifgre.c # GRE keys etc SRCS+= ifgif.c # GIF reversed header workaround Modified: stable/10/sbin/ifconfig/ifconfig.8 ============================================================================== --- stable/10/sbin/ifconfig/ifconfig.8 Sun Jun 14 02:21:19 2015 (r284364) +++ stable/10/sbin/ifconfig/ifconfig.8 Sun Jun 14 03:14:45 2015 (r284365) @@ -2586,6 +2586,76 @@ argument is useless and hence deprecated .El .Pp The following parameters are used to configure +.Xr vxlan 4 +interfaces. +.Bl -tag -width indent +.It Cm vxlanid Ar identifier +This value is a 24-bit VXLAN Network Identifier (VNI) that identifies the +virtual network segment membership of the interface. +.It Cm vxlanlocal Ar address +The source address used in the encapsulating IPv4/IPv6 header. +The address should already be assigned to an existing interface. +When the interface is configured in unicast mode, the listening socket +is bound to this address. +.It Cm vxlanremote Ar address +The interface can be configured in a unicast, or point-to-point, mode +to create a tunnel between two hosts. +This is the IP address of the remote end of the tunnel. +.It Cm vxlangroup Ar address +The interface can be configured in a multicast mode +to create a virtual network of hosts. +This is the IP multicast group address the interface will join. +.It Cm vxlanlocalport Ar port +The port number the interface will listen on. +The default port number is 4789. +.It Cm vxlanremoteport Ar port +The destination port number used in the encapsulating IPv4/IPv6 header. +The remote host should be listening on this port. +The default port number is 4789. +Note some other implementations, such as Linux, +do not default to the IANA assigned port, +but instead listen on port 8472. +.It Cm vxlanportrange Ar low high +The range of source ports used in the encapsulating IPv4/IPv6 header. +The port selected within the range is based on a hash of the inner frame. +A range is useful to provide entropy within the outer IP header +for more effective load balancing. +The default range is between the +.Xr sysctl 8 +variables +.Va net.inet.ip.portrange.first +and +.Va net.inet.ip.portrange.last +.It Cm vxlantimeout Ar timeout +The maximum time, in seconds, before an entry in the forwarding table +is pruned. +The default is 1200 seconds (20 minutes). +.It Cm vxlanmaxaddr Ar max +The maximum number of entries in the forwarding table. +The default is 2000. +.It Cm vxlandev Ar dev +When the interface is configured in multicast mode, the +.Cm dev +interface is used to transmit IP multicast packets. +.It Cm vxlanttl Ar ttl +The TTL used in the encapsulating IPv4/IPv6 header. +The default is 64. +.It Cm vxlanlearn +The source IP address and inner source Ethernet MAC address of +received packets are used to dynamically populate the forwarding table. +When in multicast mode, an entry in the forwarding table allows the +interface to send the frame directly to the remote host instead of +broadcasting the frame to the multicast group. +This is the default. +.It Fl vxlanlearn +The forwarding table is not populated by recevied packets. +.It Cm vxlanflush +Delete all dynamically-learned addresses from the forwarding table. +.It Cm vxlanflushall +Delete all addresses, including static addresses, from the forwarding table. +.El +.Pp +The following parameters are used to configure .Xr carp 4 protocol on an interface: .Bl -tag -width indent @@ -2790,6 +2860,7 @@ tried to alter an interface's configurat .Xr pfsync 4 , .Xr polling 4 , .Xr vlan 4 , +.Xr vxlan 4 , .Xr devd.conf 5 , .\" .Xr eon 5 , .Xr devd 8 , Copied and modified: stable/10/sbin/ifconfig/ifvxlan.c (from r273331, head/sbin/ifconfig/ifvxlan.c) ============================================================================== --- head/sbin/ifconfig/ifvxlan.c Mon Oct 20 14:42:42 2014 (r273331, copy source) +++ stable/10/sbin/ifconfig/ifvxlan.c Sun Jun 14 03:14:45 2015 (r284365) @@ -595,36 +595,36 @@ setvxlan_flush(const char *val, int d, i static struct cmd vxlan_cmds[] = { - DEF_CLONE_CMD_ARG("vni", setvxlan_vni), - DEF_CLONE_CMD_ARG("local", setvxlan_local), - DEF_CLONE_CMD_ARG("remote", setvxlan_remote), - DEF_CLONE_CMD_ARG("group", setvxlan_group), - DEF_CLONE_CMD_ARG("localport", setvxlan_local_port), - DEF_CLONE_CMD_ARG("remoteport", setvxlan_remote_port), - DEF_CLONE_CMD_ARG2("portrange", setvxlan_port_range), - DEF_CLONE_CMD_ARG("timeout", setvxlan_timeout), - DEF_CLONE_CMD_ARG("maxaddr", setvxlan_maxaddr), + DEF_CLONE_CMD_ARG("vxlanid", setvxlan_vni), + DEF_CLONE_CMD_ARG("vxlanlocal", setvxlan_local), + DEF_CLONE_CMD_ARG("vxlanremote", setvxlan_remote), + DEF_CLONE_CMD_ARG("vxlangroup", setvxlan_group), + DEF_CLONE_CMD_ARG("vxlanlocalport", setvxlan_local_port), + DEF_CLONE_CMD_ARG("vxlanremoteport", setvxlan_remote_port), + DEF_CLONE_CMD_ARG2("vxlanportrange", setvxlan_port_range), + DEF_CLONE_CMD_ARG("vxlantimeout", setvxlan_timeout), + DEF_CLONE_CMD_ARG("vxlanmaxaddr", setvxlan_maxaddr), DEF_CLONE_CMD_ARG("vxlandev", setvxlan_dev), - DEF_CLONE_CMD_ARG("ttl", setvxlan_ttl), - DEF_CLONE_CMD("learn", 1, setvxlan_learn), - DEF_CLONE_CMD("-learn", 0, setvxlan_learn), - - DEF_CMD_ARG("vni", setvxlan_vni), - DEF_CMD_ARG("local", setvxlan_local), - DEF_CMD_ARG("remote", setvxlan_remote), - DEF_CMD_ARG("group", setvxlan_group), - DEF_CMD_ARG("localport", setvxlan_local_port), - DEF_CMD_ARG("remoteport", setvxlan_remote_port), - DEF_CMD_ARG2("portrange", setvxlan_port_range), - DEF_CMD_ARG("timeout", setvxlan_timeout), - DEF_CMD_ARG("maxaddr", setvxlan_maxaddr), + DEF_CLONE_CMD_ARG("vxlanttl", setvxlan_ttl), + DEF_CLONE_CMD("vxlanlearn", 1, setvxlan_learn), + DEF_CLONE_CMD("-vxlanlearn", 0, setvxlan_learn), + + DEF_CMD_ARG("vxlanvni", setvxlan_vni), + DEF_CMD_ARG("vxlanlocal", setvxlan_local), + DEF_CMD_ARG("vxlanremote", setvxlan_remote), + DEF_CMD_ARG("vxlangroup", setvxlan_group), + DEF_CMD_ARG("vxlanlocalport", setvxlan_local_port), + DEF_CMD_ARG("vxlanremoteport", setvxlan_remote_port), + DEF_CMD_ARG2("vxlanportrange", setvxlan_port_range), + DEF_CMD_ARG("vxlantimeout", setvxlan_timeout), + DEF_CMD_ARG("vxlanmaxaddr", setvxlan_maxaddr), DEF_CMD_ARG("vxlandev", setvxlan_dev), - DEF_CMD_ARG("ttl", setvxlan_ttl), - DEF_CMD("learn", 1, setvxlan_learn), - DEF_CMD("-learn", 0, setvxlan_learn), + DEF_CMD_ARG("vxlanttl", setvxlan_ttl), + DEF_CMD("vxlanlearn", 1, setvxlan_learn), + DEF_CMD("-vxlanlearn", 0, setvxlan_learn), - DEF_CMD("flush", 0, setvxlan_flush), - DEF_CMD("flushall", 1, setvxlan_flush), + DEF_CMD("vxlanflush", 0, setvxlan_flush), + DEF_CMD("vxlanflushall", 1, setvxlan_flush), }; static struct afswtch af_vxlan = { Modified: stable/10/share/man/man4/Makefile ============================================================================== --- stable/10/share/man/man4/Makefile Sun Jun 14 02:21:19 2015 (r284364) +++ stable/10/share/man/man4/Makefile Sun Jun 14 03:14:45 2015 (r284365) @@ -518,6 +518,7 @@ MAN= aac.4 \ ${_virtio_scsi.4} \ vkbd.4 \ vlan.4 \ + vxlan.4 \ ${_vmx.4} \ vpo.4 \ vr.4 \ @@ -688,6 +689,7 @@ MLINKS+=tx.4 if_tx.4 MLINKS+=txp.4 if_txp.4 MLINKS+=vge.4 if_vge.4 MLINKS+=vlan.4 if_vlan.4 +MLINKS+=vxlan.4 if_vxlan.4 MLINKS+=${_vmx.4} ${_if_vmx.4} MLINKS+=vpo.4 imm.4 MLINKS+=vr.4 if_vr.4 Copied and modified: stable/10/share/man/man4/vxlan.4 (from r273331, head/share/man/man4/vxlan.4) ============================================================================== --- head/share/man/man4/vxlan.4 Mon Oct 20 14:42:42 2014 (r273331, copy source) +++ stable/10/share/man/man4/vxlan.4 Sun Jun 14 03:14:45 2015 (r284365) @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd October 20, 2014 +.Dd December 16, 2014 .Dt VXLAN 4 .Os .Sh NAME @@ -140,7 +140,7 @@ or VNI. .Pp When configured with the .Xr ifconfig 8 -.Cm learn +.Cm vxlanlearn parameter, the interface dynamically creates forwarding table entries from received packets. An entry in the forwarding table maps the inner source MAC address @@ -153,16 +153,16 @@ Otherwise, when configured in multicast the interface must flood the frame to all hosts in the group. The maximum number of entries in the table is configurable with the .Xr ifconfig 8 -.Cm maxaddr +.Cm vxlanmaxaddr command. Stale entries in the table periodically pruned. The timeout is configurable with the .Xr ifconfig 8 -.Cm timeout +.Cm vxlantimeout command. The table may be viewed with the .Xr sysctl 8 -.Cm net.link.vlxan.N.ftable.dump +.Cm net.link.vxlan.N.ftable.dump command. .Sh MTU Since the @@ -187,13 +187,13 @@ Create a .Nm interface in unicast mode with the -.Cm local +.Cm vxlanlocal tunnel address of 192.168.100.1, and the -.Cm remote +.Cm vxlanremote tunnel address of 192.168.100.2. .Bd -literal -offset indent -ifconfig vxlan create vni 108 local 192.168.100.1 remote 192.168.100.2 +ifconfig vxlan create vxlanid 108 vxlanlocal 192.168.100.1 vxlanremote 192.168.100.2 .Ed .Pp Create a @@ -207,7 +207,7 @@ and the address of 224.0.2.6. The em0 interface will be used to transmit multicast packets. .Bd -literal -offset indent -ifconfig vxlan create vni 42 local 192.168.10.95 group 224.0.2.6 vxlandev em0 +ifconfig vxlan create vxlanid 42 vxlanlocal 192.168.10.95 vxlangroup 224.0.2.6 vxlandev em0 .Ed .Pp Once created, the Modified: stable/10/sys/conf/NOTES ============================================================================== --- stable/10/sys/conf/NOTES Sun Jun 14 02:21:19 2015 (r284364) +++ stable/10/sys/conf/NOTES Sun Jun 14 03:14:45 2015 (r284365) @@ -793,6 +793,10 @@ device ether # according to IEEE 802.1Q. device vlan +# The `vxlan' device implements the VXLAN encapsulation of Ethernet +# frames in UDP packets according to RFC7348. +device vxlan + # The `wlan' device provides generic code to support 802.11 # drivers, including host AP mode; it is MANDATORY for the wi, # and ath drivers and will eventually be required by all 802.11 drivers. Modified: stable/10/sys/conf/files ============================================================================== --- stable/10/sys/conf/files Sun Jun 14 02:21:19 2015 (r284364) +++ stable/10/sys/conf/files Sun Jun 14 03:14:45 2015 (r284365) @@ -3238,6 +3238,7 @@ net/if_stf.c optional stf inet inet6 net/if_tun.c optional tun net/if_tap.c optional tap net/if_vlan.c optional vlan +net/if_vxlan.c optional vxlan inet | vxlan inet6 net/mppcc.c optional netgraph_mppc_compression net/mppcd.c optional netgraph_mppc_compression net/netisr.c standard Modified: stable/10/sys/modules/Makefile ============================================================================== --- stable/10/sys/modules/Makefile Sun Jun 14 02:21:19 2015 (r284364) +++ stable/10/sys/modules/Makefile Sun Jun 14 03:14:45 2015 (r284365) @@ -150,6 +150,7 @@ SUBDIR= \ if_tap \ if_tun \ if_vlan \ + if_vxlan \ ${_igb} \ ${_iir} \ ${_imgact_binmisc} \ Copied and modified: stable/10/sys/net/if_vxlan.c (from r273331, head/sys/net/if_vxlan.c) ============================================================================== --- head/sys/net/if_vxlan.c Mon Oct 20 14:42:42 2014 (r273331, copy source) +++ stable/10/sys/net/if_vxlan.c Sun Jun 14 03:14:45 2015 (r284365) @@ -716,7 +716,7 @@ vxlan_ftable_entry_init(struct vxlan_sof fe->vxlfe_flags = flags; fe->vxlfe_expire = time_uptime + sc->vxl_ftable_timeout; - memcpy(fe->vxlfe_mac, mac, ETHER_HDR_LEN); + memcpy(fe->vxlfe_mac, mac, ETHER_ADDR_LEN); vxlan_sockaddr_copy(&fe->vxlfe_raddr, sa); } Copied: stable/10/sys/net/if_vxlan.h (from r273331, head/sys/net/if_vxlan.h) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ stable/10/sys/net/if_vxlan.h Sun Jun 14 03:14:45 2015 (r284365, copy of r273331, head/sys/net/if_vxlan.h) @@ -0,0 +1,148 @@ +/*- + * Copyright (c) 2014, Bryan Venteicher <bryanv@FreeBSD.org> + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice unmodified, this list of conditions, and the following + * disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#ifndef _NET_IF_VXLAN_H_ +#define _NET_IF_VXLAN_H_ + +#include <sys/types.h> +#include <sys/socket.h> +#include <net/ethernet.h> +#include <net/if.h> +#include <netinet/in.h> + +struct vxlan_header { + uint32_t vxlh_flags; + uint32_t vxlh_vni; +}; + +#define VXLAN_HDR_FLAGS_VALID_VNI 0x08000000 +#define VXLAN_HDR_VNI_SHIFT 8 + +#define VXLAN_VNI_MAX (1 << 24) +#define VXLAN_VNI_MASK (VXLAN_VNI_MAX - 1) + +/* + * The port assigned by IANA is 4789, but some early implementations + * (like Linux) use 8472 instead. If not specified, we default to + * the IANA port. + */ +#define VXLAN_PORT 4789 +#define VXLAN_LEGACY_PORT 8472 + +struct ifvxlanparam { + uint64_t vxlp_with; + +#define VXLAN_PARAM_WITH_VNI 0x0001 +#define VXLAN_PARAM_WITH_LOCAL_ADDR4 0x0002 +#define VXLAN_PARAM_WITH_LOCAL_ADDR6 0x0004 +#define VXLAN_PARAM_WITH_REMOTE_ADDR4 0x0008 +#define VXLAN_PARAM_WITH_REMOTE_ADDR6 0x0010 +#define VXLAN_PARAM_WITH_LOCAL_PORT 0x0020 +#define VXLAN_PARAM_WITH_REMOTE_PORT 0x0040 +#define VXLAN_PARAM_WITH_PORT_RANGE 0x0080 +#define VXLAN_PARAM_WITH_FTABLE_TIMEOUT 0x0100 +#define VXLAN_PARAM_WITH_FTABLE_MAX 0x0200 +#define VXLAN_PARAM_WITH_MULTICAST_IF 0x0400 +#define VXLAN_PARAM_WITH_TTL 0x0800 +#define VXLAN_PARAM_WITH_LEARN 0x1000 + + uint32_t vxlp_vni; + struct in_addr vxlp_local_in4; + struct in6_addr vxlp_local_in6; + struct in_addr vxlp_remote_in4; + struct in6_addr vxlp_remote_in6; + uint16_t vxlp_local_port; + uint16_t vxlp_remote_port; + uint16_t vxlp_min_port; + uint16_t vxlp_max_port; + char vxlp_mc_ifname[IFNAMSIZ]; + uint32_t vxlp_ftable_timeout; + uint32_t vxlp_ftable_max; + uint8_t vxlp_ttl; + uint8_t vxlp_learn; +}; + +union vxlan_sockaddr { + struct sockaddr sa; + struct sockaddr_in in4; + struct sockaddr_in6 in6; +}; + +#define VXLAN_SOCKADDR_IS_IPV4(_vxsin) ((_vxsin)->sa.sa_family == AF_INET) +#define VXLAN_SOCKADDR_IS_IPV6(_vxsin) ((_vxsin)->sa.sa_family == AF_INET6) +#define VXLAN_SOCKADDR_IS_IPV46(_vxsin) \ + (VXLAN_SOCKADDR_IS_IPV4(_vxsin) || VXLAN_SOCKADDR_IS_IPV6(_vxsin)) + +#define VXLAN_CMD_GET_CONFIG 0 +#define VXLAN_CMD_SET_VNI 1 +#define VXLAN_CMD_SET_LOCAL_ADDR 2 +#define VXLAN_CMD_SET_REMOTE_ADDR 4 +#define VXLAN_CMD_SET_LOCAL_PORT 5 +#define VXLAN_CMD_SET_REMOTE_PORT 6 +#define VXLAN_CMD_SET_PORT_RANGE 7 +#define VXLAN_CMD_SET_FTABLE_TIMEOUT 8 +#define VXLAN_CMD_SET_FTABLE_MAX 9 +#define VXLAN_CMD_SET_MULTICAST_IF 10 +#define VXLAN_CMD_SET_TTL 11 +#define VXLAN_CMD_SET_LEARN 12 +#define VXLAN_CMD_FTABLE_ENTRY_ADD 13 +#define VXLAN_CMD_FTABLE_ENTRY_REM 14 +#define VXLAN_CMD_FLUSH 15 + +struct ifvxlancfg { + uint32_t vxlc_vni; + union vxlan_sockaddr vxlc_local_sa; + union vxlan_sockaddr vxlc_remote_sa; + uint32_t vxlc_mc_ifindex; + uint32_t vxlc_ftable_cnt; + uint32_t vxlc_ftable_max; + uint32_t vxlc_ftable_timeout; + uint16_t vxlc_port_min; + uint16_t vxlc_port_max; + uint8_t vxlc_learn; + uint8_t vxlc_ttl; +}; + +struct ifvxlancmd { + uint32_t vxlcmd_flags; +#define VXLAN_CMD_FLAG_FLUSH_ALL 0x0001 +#define VXLAN_CMD_FLAG_LEARN 0x0002 + + uint32_t vxlcmd_vni; + uint32_t vxlcmd_ftable_timeout; + uint32_t vxlcmd_ftable_max; + uint16_t vxlcmd_port; + uint16_t vxlcmd_port_min; + uint16_t vxlcmd_port_max; + uint8_t vxlcmd_mac[ETHER_ADDR_LEN]; + uint8_t vxlcmd_ttl; + union vxlan_sockaddr vxlcmd_sa; + char vxlcmd_ifname[IFNAMSIZ]; +}; + +#endif /* _NET_IF_VXLAN_H_ */ Modified: stable/10/sys/sys/priv.h ============================================================================== --- stable/10/sys/sys/priv.h Sun Jun 14 02:21:19 2015 (r284364) +++ stable/10/sys/sys/priv.h Sun Jun 14 03:14:45 2015 (r284365) @@ -340,6 +340,7 @@ #define PRIV_NET_SETIFVNET 417 /* Move interface to vnet. */ #define PRIV_NET_SETIFDESCR 418 /* Set interface description. */ #define PRIV_NET_SETIFFIB 419 /* Set interface fib. */ +#define PRIV_NET_VXLAN 420 /* Administer vxlan. */ /* * 802.11-related privileges.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201506140314.t5E3EjFb089270>