diff options
| author | Yu Watanabe <watanabe.yu+github@gmail.com> | 2019-03-31 22:12:34 +0900 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-03-31 22:12:34 +0900 |
| commit | b07b19dff8d4e11de66354334a0a574af7d08f49 (patch) | |
| tree | 0146a4c7b19fd576ee3e0b6eed750084768720f8 | |
| parent | d923021aebc6aa0d5f550f69a27f431d128180ba (diff) | |
| parent | 6730a1f343ef0cbba766037490731e573f09ccc3 (diff) | |
| download | systemd-b07b19dff8d4e11de66354334a0a574af7d08f49.tar.gz | |
Merge pull request #12147 from yuwata/network-gre-key-12144
network: make GRE and GRETAP support Key= or friends
| -rw-r--r-- | man/systemd.netdev.xml | 14 | ||||
| -rw-r--r-- | src/network/netdev/netdev-gperf.gperf | 2 | ||||
| -rw-r--r-- | src/network/netdev/netdev.c | 3 | ||||
| -rw-r--r-- | src/network/netdev/tunnel.c | 108 | ||||
| -rw-r--r-- | src/network/netdev/tunnel.h | 2 | ||||
| -rw-r--r-- | src/network/networkd-network.c | 3 | ||||
| -rw-r--r-- | test/test-network/conf/25-erspan-tunnel-local-any.netdev | 1 | ||||
| -rw-r--r-- | test/test-network/conf/25-erspan-tunnel.netdev | 1 | ||||
| -rw-r--r-- | test/test-network/conf/erspan.network | 6 | ||||
| -rwxr-xr-x | test/test-network/systemd-networkd-tests.py | 5 |
10 files changed, 72 insertions, 73 deletions
diff --git a/man/systemd.netdev.xml b/man/systemd.netdev.xml index fd8031a5fd..8ccc7c1a5a 100644 --- a/man/systemd.netdev.xml +++ b/man/systemd.netdev.xml @@ -957,22 +957,24 @@ It is used as mark-configured SAD/SPD entry as part of the lookup key (both in data and control path) in ip xfrm (framework used to implement IPsec protocol). See <ulink url="http://man7.org/linux/man-pages/man8/ip-xfrm.8.html"> - ip-xfrm — transform configuration</ulink> for details. It is only used for VTI/VTI6 - tunnels.</para> + ip-xfrm — transform configuration</ulink> for details. It is only used for VTI/VTI6, + GRE, GRETAP, and ERSPAN tunnels.</para> </listitem> </varlistentry> <varlistentry> <term><varname>InputKey=</varname></term> <listitem> <para>The <varname>InputKey=</varname> parameter specifies the key to use for input. - The format is same as <varname>Key=</varname>. It is only used for VTI/VTI6 tunnels.</para> + The format is same as <varname>Key=</varname>. It is only used for VTI/VTI6, GRE, GRETAP, + and ERSPAN tunnels.</para> </listitem> </varlistentry> <varlistentry> <term><varname>OutputKey=</varname></term> <listitem> <para>The <varname>OutputKey=</varname> parameter specifies the key to use for output. - The format is same as <varname>Key=</varname>. It is only used for VTI/VTI6 tunnels.</para> + The format is same as <varname>Key=</varname>. It is only used for VTI/VTI6, GRE, GRETAP, + and ERSPAN tunnels.</para> </listitem> </varlistentry> <varlistentry> @@ -1048,8 +1050,8 @@ <varlistentry> <term><varname>SerializeTunneledPackets=</varname></term> <listitem> - <para>Takes a boolean. If set to yes, then packets are serialized. Only applies for ERSPAN tunnel. - When unset, the kernel's default will be used. + <para>Takes a boolean. If set to yes, then packets are serialized. Only applies for GRE, + GRETAP, and ERSPAN tunnels. When unset, the kernel's default will be used. </para> </listitem> </varlistentry> diff --git a/src/network/netdev/netdev-gperf.gperf b/src/network/netdev/netdev-gperf.gperf index 96632da0b6..1677e937b6 100644 --- a/src/network/netdev/netdev-gperf.gperf +++ b/src/network/netdev/netdev-gperf.gperf @@ -73,7 +73,7 @@ Tunnel.FOUSourcePort, config_parse_ip_port, 0, Tunnel.Encapsulation, config_parse_fou_encap_type, 0, offsetof(Tunnel, fou_encap_type) Tunnel.IPv6RapidDeploymentPrefix, config_parse_6rd_prefix, 0, 0 Tunnel.ERSPANIndex, config_parse_uint32, 0, offsetof(Tunnel, erspan_index) -Tunnel.SerializeTunneledPackets, config_parse_tristate, 0, offsetof(Tunnel, erspan_sequence) +Tunnel.SerializeTunneledPackets, config_parse_tristate, 0, offsetof(Tunnel, gre_erspan_sequence) Tunnel.ISATAP, config_parse_tristate, 0, offsetof(Tunnel, isatap) FooOverUDP.Protocol, config_parse_uint8, 0, offsetof(FouTunnel, fou_protocol) FooOverUDP.Encapsulation, config_parse_fou_encap_type, 0, offsetof(FouTunnel, fou_encap_type) diff --git a/src/network/netdev/netdev.c b/src/network/netdev/netdev.c index 5cdd09d775..f6d3ef8153 100644 --- a/src/network/netdev/netdev.c +++ b/src/network/netdev/netdev.c @@ -779,6 +779,9 @@ int netdev_load_one(Manager *manager, const char *filename) { case NETDEV_KIND_IP6TNL: independent = IP6TNL(netdev)->independent; break; + case NETDEV_KIND_ERSPAN: + independent = ERSPAN(netdev)->independent; + break; default: break; } diff --git a/src/network/netdev/tunnel.c b/src/network/netdev/tunnel.c index 55d6f7a32c..8599020d22 100644 --- a/src/network/netdev/tunnel.c +++ b/src/network/netdev/tunnel.c @@ -114,20 +114,33 @@ static int netdev_ipip_sit_fill_message_create(NetDev *netdev, Link *link, sd_ne return r; } -static int netdev_gre_fill_message_create(NetDev *netdev, Link *link, sd_netlink_message *m) { +static int netdev_gre_erspan_fill_message_create(NetDev *netdev, Link *link, sd_netlink_message *m) { + uint32_t ikey = 0; + uint32_t okey = 0; + uint16_t iflags = 0; + uint16_t oflags = 0; Tunnel *t; int r; assert(netdev); + assert(m); - if (netdev->kind == NETDEV_KIND_GRE) + switch (netdev->kind) { + case NETDEV_KIND_GRE: t = GRE(netdev); - else + break; + case NETDEV_KIND_ERSPAN: + t = ERSPAN(netdev); + break; + case NETDEV_KIND_GRETAP: t = GRETAP(netdev); + break; + default: + assert_not_reached("invalid netdev kind"); + } assert(t); assert(t->family == AF_INET); - assert(m); if (link) { r = sd_netlink_message_append_u32(m, IFLA_GRE_LINK, link->ifindex); @@ -135,13 +148,19 @@ static int netdev_gre_fill_message_create(NetDev *netdev, Link *link, sd_netlink return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_LINK attribute: %m"); } + if (netdev->kind == NETDEV_KIND_ERSPAN) { + r = sd_netlink_message_append_u32(m, IFLA_GRE_ERSPAN_INDEX, t->erspan_index); + if (r < 0) + return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_ERSPAN_INDEX attribute: %m"); + } + r = sd_netlink_message_append_in_addr(m, IFLA_GRE_LOCAL, &t->local.in); if (r < 0) return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_LOCAL attribute: %m"); r = sd_netlink_message_append_in_addr(m, IFLA_GRE_REMOTE, &t->remote.in); if (r < 0) - log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_REMOTE attribute: %m"); + return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_REMOTE attribute: %m"); r = sd_netlink_message_append_u8(m, IFLA_GRE_TTL, t->ttl); if (r < 0) @@ -149,35 +168,12 @@ static int netdev_gre_fill_message_create(NetDev *netdev, Link *link, sd_netlink r = sd_netlink_message_append_u8(m, IFLA_GRE_TOS, t->tos); if (r < 0) - log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_TOS attribute: %m"); + return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_TOS attribute: %m"); r = sd_netlink_message_append_u8(m, IFLA_GRE_PMTUDISC, t->pmtudisc); if (r < 0) return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_PMTUDISC attribute: %m"); - return r; -} - -static int netdev_erspan_fill_message_create(NetDev *netdev, Link *link, sd_netlink_message *m) { - uint32_t ikey = 0; - uint32_t okey = 0; - uint16_t iflags = 0; - uint16_t oflags = 0; - Tunnel *t; - int r; - - assert(netdev); - - t = ERSPAN(netdev); - - assert(t); - assert(t->family == AF_INET); - assert(m); - - r = sd_netlink_message_append_u32(m, IFLA_GRE_ERSPAN_INDEX, t->erspan_index); - if (r < 0) - return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_ERSPAN_INDEX attribute: %m"); - if (t->key != 0) { ikey = okey = htobe32(t->key); iflags |= GRE_KEY; @@ -194,10 +190,10 @@ static int netdev_erspan_fill_message_create(NetDev *netdev, Link *link, sd_netl oflags |= GRE_KEY; } - if (t->erspan_sequence > 0) { + if (t->gre_erspan_sequence > 0) { iflags |= GRE_SEQ; oflags |= GRE_SEQ; - } else if (t->erspan_sequence == 0) { + } else if (t->gre_erspan_sequence == 0) { iflags &= ~GRE_SEQ; oflags &= ~GRE_SEQ; } @@ -218,14 +214,6 @@ static int netdev_erspan_fill_message_create(NetDev *netdev, Link *link, sd_netl if (r < 0) return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_OFLAGS, attribute: %m"); - r = sd_netlink_message_append_in_addr(m, IFLA_GRE_LOCAL, &t->local.in); - if (r < 0) - return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_LOCAL attribute: %m"); - - r = sd_netlink_message_append_in_addr(m, IFLA_GRE_REMOTE, &t->remote.in); - if (r < 0) - log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_REMOTE attribute: %m"); - return r; } @@ -716,19 +704,29 @@ static void vti_init(NetDev *n) { t->pmtudisc = true; } -static void gre_init(NetDev *n) { +static void gre_erspan_init(NetDev *n) { Tunnel *t; assert(n); - if (n->kind == NETDEV_KIND_GRE) + switch (n->kind) { + case NETDEV_KIND_GRE: t = GRE(n); - else + break; + case NETDEV_KIND_ERSPAN: + t = ERSPAN(n); + break; + case NETDEV_KIND_GRETAP: t = GRETAP(n); + break; + default: + assert_not_reached("invalid netdev kind"); + } assert(t); t->pmtudisc = true; + t->gre_erspan_sequence = -1; } static void ip6gre_init(NetDev *n) { @@ -746,18 +744,6 @@ static void ip6gre_init(NetDev *n) { t->ttl = DEFAULT_TNL_HOP_LIMIT; } -static void erspan_init(NetDev *n) { - Tunnel *t; - - assert(n); - - t = ERSPAN(n); - - assert(t); - - t->erspan_sequence = -1; -} - static void ip6tnl_init(NetDev *n) { Tunnel *t = IP6TNL(n); @@ -809,18 +795,18 @@ const NetDevVTable vti6_vtable = { const NetDevVTable gre_vtable = { .object_size = sizeof(Tunnel), - .init = gre_init, + .init = gre_erspan_init, .sections = "Match\0NetDev\0Tunnel\0", - .fill_message_create = netdev_gre_fill_message_create, + .fill_message_create = netdev_gre_erspan_fill_message_create, .create_type = NETDEV_CREATE_STACKED, .config_verify = netdev_tunnel_verify, }; const NetDevVTable gretap_vtable = { .object_size = sizeof(Tunnel), - .init = gre_init, + .init = gre_erspan_init, .sections = "Match\0NetDev\0Tunnel\0", - .fill_message_create = netdev_gre_fill_message_create, + .fill_message_create = netdev_gre_erspan_fill_message_create, .create_type = NETDEV_CREATE_STACKED, .config_verify = netdev_tunnel_verify, }; @@ -854,9 +840,9 @@ const NetDevVTable ip6tnl_vtable = { const NetDevVTable erspan_vtable = { .object_size = sizeof(Tunnel), - .init = erspan_init, + .init = gre_erspan_init, .sections = "Match\0NetDev\0Tunnel\0", - .fill_message_create = netdev_erspan_fill_message_create, - .create_type = NETDEV_CREATE_INDEPENDENT, + .fill_message_create = netdev_gre_erspan_fill_message_create, + .create_type = NETDEV_CREATE_STACKED, .config_verify = netdev_tunnel_verify, }; diff --git a/src/network/netdev/tunnel.h b/src/network/netdev/tunnel.h index 8f511dd1f6..3637e4f377 100644 --- a/src/network/netdev/tunnel.h +++ b/src/network/netdev/tunnel.h @@ -29,7 +29,7 @@ typedef struct Tunnel { int family; int ipv6_flowlabel; int allow_localremote; - int erspan_sequence; + int gre_erspan_sequence; int isatap; unsigned ttl; diff --git a/src/network/networkd-network.c b/src/network/networkd-network.c index c6c3480cd1..836776ae84 100644 --- a/src/network/networkd-network.c +++ b/src/network/networkd-network.c @@ -104,7 +104,8 @@ static int network_resolve_netdev_one(Network *network, const char *name, NetDev NETDEV_KIND_IP6GRETAP, NETDEV_KIND_VTI, NETDEV_KIND_VTI6, - NETDEV_KIND_IP6TNL))) + NETDEV_KIND_IP6TNL, + NETDEV_KIND_ERSPAN))) return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "%s: NetDev %s is not a %s, ignoring assignment", network->filename, name, kind_string); diff --git a/test/test-network/conf/25-erspan-tunnel-local-any.netdev b/test/test-network/conf/25-erspan-tunnel-local-any.netdev index cd7df3ada1..e9eb1c1cfc 100644 --- a/test/test-network/conf/25-erspan-tunnel-local-any.netdev +++ b/test/test-network/conf/25-erspan-tunnel-local-any.netdev @@ -3,7 +3,6 @@ Name=erspan98 Kind=erspan [Tunnel] -Independent=true ERSPANIndex=124 Local = any Remote = 172.16.1.100 diff --git a/test/test-network/conf/25-erspan-tunnel.netdev b/test/test-network/conf/25-erspan-tunnel.netdev index 60da0e9dad..86935e998c 100644 --- a/test/test-network/conf/25-erspan-tunnel.netdev +++ b/test/test-network/conf/25-erspan-tunnel.netdev @@ -3,7 +3,6 @@ Name=erspan99 Kind=erspan [Tunnel] -Independent=true ERSPANIndex=123 Local = 172.16.1.200 Remote = 172.16.1.100 diff --git a/test/test-network/conf/erspan.network b/test/test-network/conf/erspan.network new file mode 100644 index 0000000000..49364c506c --- /dev/null +++ b/test/test-network/conf/erspan.network @@ -0,0 +1,6 @@ +[Match] +Name=dummy98 + +[Network] +Tunnel=erspan99 +Tunnel=erspan98 diff --git a/test/test-network/systemd-networkd-tests.py b/test/test-network/systemd-networkd-tests.py index 9ff7e37a3e..4e4858507f 100755 --- a/test/test-network/systemd-networkd-tests.py +++ b/test/test-network/systemd-networkd-tests.py @@ -296,6 +296,7 @@ class NetworkdNetDevTests(unittest.TestCase, Utilities): '25-wireguard-private-key.txt', '25-wireguard.netdev', '6rd.network', + 'erspan.network', 'gre.network', 'gretap.network', 'gretun.network', @@ -735,9 +736,11 @@ class NetworkdNetDevTests(unittest.TestCase, Utilities): @expectedFailureIfERSPANModuleIsNotAvailable() def test_erspan_tunnel(self): - self.copy_unit_to_networkd_unit_path('25-erspan-tunnel.netdev', '25-erspan-tunnel-local-any.netdev') + self.copy_unit_to_networkd_unit_path('12-dummy.netdev', 'erspan.network', + '25-erspan-tunnel.netdev', '25-erspan-tunnel-local-any.netdev') self.start_networkd() + self.assertTrue(self.link_exits('dummy98')) self.assertTrue(self.link_exits('erspan99')) self.assertTrue(self.link_exits('erspan98')) |