[systemd-devel] [PATCH 1/1] networkd: Introduce ipip tunnel
Susant Sahani
susant at redhat.com
Mon Apr 7 03:28:28 PDT 2014
On 04/07/2014 02:39 PM, Tom Gundersen wrote:
> On Mon, Apr 7, 2014 at 9:44 AM, Susant Sahani <susant at redhat.com> wrote:
>> This patch enables basic ipip tunnel support.
>> It works with kernel module ipip
>>
>> Example configuration
>>
>> file: ipip.netdev
>> [NetDev]
>> Name=ipip-tun
>> Kind=ipip
>>
>> [Tunnel]
>> Local=192.168.8.102
>> Remote=10.4.4.4
>> TTL=64
>> MTUBytes=1480
>>
>> file: ipip.network
>> [Match]
>> Name=eth0
>>
>> [Network]
>> Tunnel=ipip-tun
>> ---
>> Makefile.am | 7 +-
>> src/libsystemd-network/network-internal.c | 33 ++++++
>> src/libsystemd-network/network-internal.h | 3 +
>> src/libsystemd/sd-rtnl/rtnl-types.c | 4 +-
>> src/network/networkd-link.c | 25 ++++-
>> src/network/networkd-manager.c | 19 ++++
>> src/network/networkd-netdev-gperf.gperf | 4 +
>> src/network/networkd-netdev.c | 175 +++++++++++++++++++++++++++++-
>> src/network/networkd-network-gperf.gperf | 1 +
>> src/network/networkd-network.c | 37 +++++++
>> src/network/networkd.c | 6 +
>> src/network/networkd.h | 27 +++++
>> 12 files changed, 334 insertions(+), 7 deletions(-)
>>
>> diff --git a/Makefile.am b/Makefile.am
>> index c51f6ae..60c7016 100644
>> --- a/Makefile.am
>> +++ b/Makefile.am
>> @@ -4144,8 +4144,8 @@ systemd_networkd_SOURCES = \
>> src/network/networkd.c
>>
>> systemd_networkd_LDADD = \
>> - libsystemd-networkd-core.la
>> -
>> + libsystemd-networkd-core.la \
>> + -lkmod
>> noinst_LTLIBRARIES += \
>> libsystemd-networkd-core.la
>>
>> @@ -4189,7 +4189,8 @@ test_network_SOURCES = \
>> src/network/test-network.c
>>
>> test_network_LDADD = \
>> - libsystemd-networkd-core.la
>> + libsystemd-networkd-core.la \
>> + -lkmod
>>
>> tests += \
>> test-network
>> diff --git a/src/libsystemd-network/network-internal.c b/src/libsystemd-network/network-internal.c
>> index 3686267..5b41cdb 100644
>> --- a/src/libsystemd-network/network-internal.c
>> +++ b/src/libsystemd-network/network-internal.c
>> @@ -326,3 +326,36 @@ int net_parse_inaddr(const char *address, unsigned char *family, void *dst) {
>>
>> return 0;
>> }
>> +
>> +int load_module(struct kmod_ctx *ctx, const char *mod_name) {
>> + struct kmod_list *modlist = NULL, *l;
>> + int r;
>> +
>> + assert(ctx);
>> + assert(mod_name);
>> +
>> + r = kmod_module_new_from_lookup(ctx, mod_name, &modlist);
>> + if (r < 0)
>> + return r;
>> +
>> + if (!modlist) {
>> + log_error("Failed to find module '%s'", mod_name);
>> + return -ENOENT;
>> + }
>> +
>> + kmod_list_foreach(l, modlist) {
>> + struct kmod_module *mod = kmod_module_get_module(l);
>> +
>> + r = kmod_module_probe_insert_module(mod, 0, NULL, NULL, NULL, NULL);
>> + if (r >= 0)
>> + r = 0;
>> + else
>> + r = -1;
>> +
>> + kmod_module_unref(mod);
>> + }
>> +
>> + kmod_module_unref_list(modlist);
>> +
>> + return r;
>> +}
>> diff --git a/src/libsystemd-network/network-internal.h b/src/libsystemd-network/network-internal.h
>> index 65cd0d7..28f53b9 100644
>> --- a/src/libsystemd-network/network-internal.h
>> +++ b/src/libsystemd-network/network-internal.h
>> @@ -24,6 +24,7 @@
>> #include <netinet/ether.h>
>> #include <netinet/in.h>
>> #include <stdbool.h>
>> +#include <libkmod.h>
>>
>> #include "udev.h"
>> #include "condition-util.h"
>> @@ -65,3 +66,5 @@ int config_parse_ifalias(const char *unit, const char *filename, unsigned line,
>> int net_parse_inaddr(const char *address, unsigned char *family, void *dst);
>>
>> int net_get_unique_predictable_data(struct udev_device *device, uint8_t result[8]);
>> +
>> +int load_module(struct kmod_ctx *ctx, const char *mod_name);
>> diff --git a/src/libsystemd/sd-rtnl/rtnl-types.c b/src/libsystemd/sd-rtnl/rtnl-types.c
>> index 44ac5ec..96467a3 100644
>> --- a/src/libsystemd/sd-rtnl/rtnl-types.c
>> +++ b/src/libsystemd/sd-rtnl/rtnl-types.c
>> @@ -104,8 +104,8 @@ static const NLType rtnl_link_info_data_bond_types[IFLA_BOND_MAX + 1] = {
>>
>> static const NLType rtnl_link_info_data_iptun_types[IFLA_IPTUN_MAX + 1] = {
>> [IFLA_IPTUN_LINK] = { .type = NLA_U32 },
>> - [IFLA_IPTUN_LOCAL] = { .type = NLA_U32 },
>> - [IFLA_IPTUN_REMOTE] = { .type = NLA_U32 },
>> + [IFLA_IPTUN_LOCAL] = { .type = NLA_IN_ADDR },
>> + [IFLA_IPTUN_REMOTE] = { .type = NLA_IN_ADDR },
>> [IFLA_IPTUN_TTL] = { .type = NLA_U8 },
>> [IFLA_IPTUN_TOS] = { .type = NLA_U8 },
>> [IFLA_IPTUN_PMTUDISC] = { .type = NLA_U8 },
>> diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c
>> index 63d253d..848eddd 100644
>> --- a/src/network/networkd-link.c
>> +++ b/src/network/networkd-link.c
>> @@ -1207,7 +1207,9 @@ static int link_enter_enslave(Link *link) {
>>
>> link_save(link);
>>
>> - if (!link->network->bridge && !link->network->bond &&
>> + if (!link->network->bridge &&
>> + !link->network->bond &&
>> + !link->network->tunnel &&
>> hashmap_isempty(link->network->vlans) &&
>> hashmap_isempty(link->network->macvlans))
>> return link_enslaved(link);
>> @@ -1254,6 +1256,27 @@ static int link_enter_enslave(Link *link) {
>> link->enslaving ++;
>> }
>>
>> + if (link->network->tunnel) {
>> + log_struct_link(LOG_DEBUG, link,
>> + "MESSAGE=%s: enslaving by '%s'",
>> + link->ifname, link->network->tunnel->name,
>> + NETDEV(link->network->tunnel),
>> + NULL);
>> +
>> + r = netdev_enslave(link->network->tunnel, link, &enslave_handler);
>> + if (r < 0) {
>> + log_struct_link(LOG_WARNING, link,
>> + "MESSAGE=%s: could not enslave by '%s': %s",
>> + link->ifname, link->network->tunnel->name, strerror(-r),
>> + NETDEV(link->network->tunnel),
>> + NULL);
>> + link_enter_failed(link);
>> + return r;
>> + }
>> +
>> + link->enslaving ++;
>> + }
>> +
>> HASHMAP_FOREACH(vlan, link->network->vlans, i) {
>> log_struct_link(LOG_DEBUG, link,
>> "MESSAGE=%s: enslaving by '%s'",
>> diff --git a/src/network/networkd-manager.c b/src/network/networkd-manager.c
>> index d903d0d..7b47380 100644
>> --- a/src/network/networkd-manager.c
>> +++ b/src/network/networkd-manager.c
>> @@ -20,6 +20,7 @@
>> ***/
>>
>> #include <resolv.h>
>> +#include <libkmod.h>
>>
>> #include "path-util.h"
>> #include "networkd.h"
>> @@ -158,6 +159,8 @@ void manager_free(Manager *m) {
>>
>> sd_rtnl_unref(m->rtnl);
>>
>> + kmod_unref(m->kmod_ctx);
>> +
>> free(m);
>> }
>>
>> @@ -467,3 +470,19 @@ int manager_update_resolv_conf(Manager *m) {
>>
>> return 0;
>> }
>> +
>> +int manager_init_kmod_ctx(Manager *m) {
>> + struct kmod_ctx *ctx;
>> +
>> + assert(m);
>> +
>> + ctx = kmod_new(NULL, NULL);
>> + if (!ctx) {
>> + kmod_unref(ctx);
> If ctx == NULL, then it is not necessary to unref it. Also, not sure
> it is necessary to use a temporary ctx variable rather than assigning
> directly to m->kmod_ctx. Worst case, that will be set to NULL (which
> it already is).
>
>> + return -ENOMEM;
>> + }
>> +
>> + m->kmod_ctx = ctx;
>> +
>> + return 0;
>> +}
>> diff --git a/src/network/networkd-netdev-gperf.gperf b/src/network/networkd-netdev-gperf.gperf
>> index ea7ba57..fad828f 100644
>> --- a/src/network/networkd-netdev-gperf.gperf
>> +++ b/src/network/networkd-netdev-gperf.gperf
>> @@ -24,3 +24,7 @@ NetDev.Name, config_parse_ifname, 0,
>> NetDev.Kind, config_parse_netdev_kind, 0, offsetof(NetDev, kind)
>> VLAN.Id, config_parse_uint64, 0, offsetof(NetDev, vlanid)
>> MACVLAN.Mode, config_parse_macvlan_mode, 0, offsetof(NetDev, macvlan_mode)
>> +Tunnel.TTL, config_parse_int, 0, offsetof(NetDev, tunnel_ttl)
>> +Tunnel.MTUBytes, config_parse_int, 0, offsetof(NetDev, tunnel_mtu)
>> +Tunnel.Local, config_parse_tunnel_address, 0, offsetof(NetDev, tunnel_local)
>> +Tunnel.Remote, config_parse_tunnel_address, 0, offsetof(NetDev, tunnel_remote)
>> diff --git a/src/network/networkd-netdev.c b/src/network/networkd-netdev.c
>> index 92548d9..020c828 100644
>> --- a/src/network/networkd-netdev.c
>> +++ b/src/network/networkd-netdev.c
>> @@ -18,6 +18,12 @@
>> You should have received a copy of the GNU Lesser General Public License
>> along with systemd; If not, see <http://www.gnu.org/licenses/>.
>> ***/
>> +#include <netinet/ether.h>
>> +#include <arpa/inet.h>
>> +#include <net/if.h>
>> +#include <linux/ip.h>
>> +#include <linux/if_tunnel.h>
>> +#include <libkmod.h>
>>
>> #include "networkd.h"
>> #include "network-internal.h"
>> @@ -33,6 +39,9 @@ static const char* const netdev_kind_table[_NETDEV_KIND_MAX] = {
>> [NETDEV_KIND_BOND] = "bond",
>> [NETDEV_KIND_VLAN] = "vlan",
>> [NETDEV_KIND_MACVLAN] = "macvlan",
>> + [NETDEV_KIND_IPIP] = "ipip",
>> + [NETDEV_KIND_GRE] = "gre",
>> + [NETDEV_KIND_SIT] = "sit",
>> };
>>
>> DEFINE_STRING_TABLE_LOOKUP(netdev_kind, NetDevKind);
>> @@ -242,6 +251,165 @@ static int netdev_create_handler(sd_rtnl *rtnl, sd_rtnl_message *m, void *userda
>> return 1;
>> }
>>
>> +int config_parse_tunnel_address(const char *unit,
>> + const char *filename,
>> + unsigned line,
>> + const char *section,
>> + unsigned section_line,
>> + const char *lvalue,
>> + int ltype,
>> + const char *rvalue,
>> + void *data,
>> + void *userdata) {
>> + NetDev *n = userdata;
> Pass in the address structure directly, then you don't need to match
> on the local variable below, and you also don't have to hardcode
> anything to do with netdev :)
I dont see a example how it can be done ?
>
>> + unsigned char family = AF_INET;
>> + int r;
>> +
>> + assert(filename);
>> + assert(lvalue);
>> + assert(rvalue);
>> + assert(data);
>> +
>> + if(streq(lvalue, "Local"))
>> + r = net_parse_inaddr(rvalue, &family, &n->tunnel_local.s_addr);
> This should probably get the in_addr structure directly, rather than
> its s_addr field (check the types).
Done !
>
>> + else
>> + r = net_parse_inaddr(rvalue, &family, &n->tunnel_remote.s_addr);
>> +
>> + if (r < 0) {
>> + log_syntax(unit, LOG_ERR, filename, line, EINVAL,
>> + "Tunnel address is invalid, ignoring assignment: %s", rvalue);
>> + return 0;
>> + }
>> +
>> + return 0;
>> +}
>> +
>> +int netdev_create_tunnel(Link *link) {
>> + _cleanup_rtnl_message_unref_ sd_rtnl_message *m = NULL;
>> + NetDev *netdev;
>> + int r;
>> +
>> + assert(link);
>> + assert(link->network);
>> + assert(link->network->tunnel);
>> +
>> + netdev = link->network->tunnel;
>> +
>> + assert(netdev);
>> + assert(netdev->name);
>> + assert(netdev->manager);
>> + assert(netdev->manager->rtnl);
>> + assert(netdev->manager->kmod_ctx);
>> +
>> + if(netdev->kind == NETDEV_KIND_IPIP ||
>> + netdev->kind == NETDEV_KIND_GRE ||
>> + netdev->kind == NETDEV_KIND_SIT) {
>> + r = load_module(netdev->manager->kmod_ctx, netdev_kind_to_string(netdev->kind));
>> + if (r < 0) {
>> + log_error_netdev(netdev, "Could not load Kernel module . Ignoring");
>> + return 0;
>> + }
>> + }
>> +
>> + r = sd_rtnl_message_new_link(netdev->manager->rtnl, &m, RTM_NEWLINK, 0);
>> + if (r < 0) {
>> + log_error_netdev(netdev,
>> + "Could not allocate RTM_NEWLINK message: %s",
>> + strerror(-r));
>> + return r;
>> + }
>> +
>> + r = sd_rtnl_message_append_string(m, IFLA_IFNAME, netdev->name);
>> + if (r < 0) {
>> + log_error_netdev(netdev,
>> + "Could not append IFLA_IFNAME, attribute: %s",
>> + strerror(-r));
>> + return r;
>> + }
>> +
>> + if(netdev->tunnel_mtu) {
>> + r = sd_rtnl_message_append_u32(m, IFLA_MTU, netdev->tunnel_mtu);
>> + if (r < 0) {
>> + log_error_netdev(netdev,
>> + "Could not append IFLA_MTU attribute: %s",
>> + strerror(-r));
>> + return r;
>> + }
>> + }
>> +
>> + r = sd_rtnl_message_open_container(m, IFLA_LINKINFO);
>> + if (r < 0) {
>> + log_error_netdev(netdev,
>> + "Could not append IFLA_LINKINFO attribute: %s",
>> + strerror(-r));
>> + return r;
>> + }
>> +
>> + r = sd_rtnl_message_open_container_union(m, IFLA_INFO_DATA,
>> + netdev_kind_to_string(netdev->kind));
>> + if (r < 0) {
>> + log_error_netdev(netdev,
>> + "Could not append IFLA_INFO_DATA attribute: %s",
>> + strerror(-r));
>> + return r;
>> + }
>> +
>> + r = sd_rtnl_message_append_u32(m, IFLA_IPTUN_LINK, link->ifindex);
>> + if (r < 0) {
>> + log_error_netdev(netdev,
>> + "Could not append IFLA_IPTUN_LINK attribute: %s",
>> + strerror(-r));
>> + return r;
>> + }
>> +
>> + r= sd_rtnl_message_append_in_addr(m, IFLA_IPTUN_LOCAL, (const struct in_addr *)
> If you need to cast something is almost certainly wrong :) Simply pass
> in the address structure rather than s_addr (as above), and it will
> work without casting (the effect is obviously the same, but better to
> take advantage of the type-checking if we can).
>
>> + &netdev->tunnel_local.s_addr);
>> + if (r < 0) {
>> + log_error_netdev(netdev,
>> + "Could not append IFLA_IPTUN_LOCAL attribute: %s",
>> + strerror(-r));
>> + return r;
>> + }
>> +
>> + r= sd_rtnl_message_append_in_addr(m, IFLA_IPTUN_REMOTE, (const struct in_addr *)
>> + &netdev->tunnel_remote.s_addr);
> As above.
Done !
> +}
> diff --git a/src/network/networkd.c b/src/network/networkd.c
> index f0e6ad5..96c2217 100644
> --- a/src/network/networkd.c
> +++ b/src/network/networkd.c
> @@ -87,6 +87,12 @@ int main(int argc, char *argv[]) {
> goto out;
> }
>
> + r = manager_init_kmod_ctx(m);
> Maybe just do
>
> manager->kmod_ctx = kmod_ctx_new(NULL, NULL);
> if (!manager->kmod_ctx) {
> r = -ENOMEM;
> etc...
> }
>
> and drop the wrapping function (see above).
Any specific reason to drop it and do directly ?
>> --
>> 1.9.0
>>
>
> Otherwise looks good!
>
> Cheers,
>
> Tom
>
Thanks,
Susant
More information about the systemd-devel
mailing list