summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndreas Rammhold <andreas@rammhold.de>2016-06-13 01:05:49 +0200
committerAndreas Rammhold <andreas@rammhold.de>2016-06-16 00:25:06 +0200
commit6cb955c6a18d7e122ca24ca4873343ca41feeb50 (patch)
tree243885d9635f7d1ced41310932d84a4831a076f8
parent20897a0d6ea12bbc08f70146cc7ad4540b65a0fa (diff)
networkd: vrf: add support for enslaving devices to VRFs
-rw-r--r--man/systemd.network.xml17
-rw-r--r--src/network/networkd-link.c23
-rw-r--r--src/network/networkd-netdev-vrf.c2
-rw-r--r--src/network/networkd-netdev.c4
-rw-r--r--src/network/networkd-network-gperf.gperf1
-rw-r--r--src/network/networkd-network.c6
-rw-r--r--src/network/networkd-network.h1
7 files changed, 49 insertions, 5 deletions
diff --git a/man/systemd.network.xml b/man/systemd.network.xml
index ea98c821fa..edf227c134 100644
--- a/man/systemd.network.xml
+++ b/man/systemd.network.xml
@@ -579,6 +579,12 @@
</listitem>
</varlistentry>
<varlistentry>
+ <term><varname>VRF=</varname></term>
+ <listitem>
+ <para>The name of the VRF to add the link to.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
<term><varname>VLAN=</varname></term>
<listitem>
<para>The name of a VLAN to create on the link. This
@@ -1279,6 +1285,17 @@ DHCP=yes
</programlisting>
</example>
+ <example>
+ <title>/etc/systemd/network/25-vrf.network</title>
+ <para>Add the bond1 interface to the VRF master interface vrf-test. This will redirect routes generated on this interface to be within the routing table defined during VRF creation. Traffic won't be redirected towards the VRFs routing table unless specific ip-rules are added.</para>
+ <programlisting>[Match]
+Name=bond1
+
+[Network]
+VRF=vrf-test
+</programlisting>
+ </example>
+
</refsect1>
<refsect1>
diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c
index 044f934e5f..1842685180 100644
--- a/src/network/networkd-link.c
+++ b/src/network/networkd-link.c
@@ -1600,7 +1600,7 @@ static int link_up(Link *link) {
return log_link_error_errno(link, r, "Could not allocate RTM_SETLINK message: %m");
/* set it free if not enslaved with networkd */
- if (!link->network->bridge && !link->network->bond) {
+ if (!link->network->bridge && !link->network->bond && !link->network->vrf) {
r = sd_netlink_message_append_u32(req, IFLA_MASTER, 0);
if (r < 0)
return log_link_error_errno(link, r, "Could not append IFLA_MASTER attribute: %m");
@@ -2055,6 +2055,7 @@ static int link_enter_join_netdev(Link *link) {
if (!link->network->bridge &&
!link->network->bond &&
+ !link->network->vrf &&
hashmap_isempty(link->network->stacked_netdevs))
return link_joined(link);
@@ -2101,6 +2102,26 @@ static int link_enter_join_netdev(Link *link) {
link->enslaving++;
}
+ if (link->network->vrf) {
+ log_struct(LOG_DEBUG,
+ LOG_LINK_INTERFACE(link),
+ LOG_NETDEV_INTERFACE(link->network->vrf),
+ LOG_LINK_MESSAGE(link, "Enslaving by '%s'", link->network->vrf->ifname),
+ NULL);
+ r = netdev_join(link->network->vrf, link, netdev_join_handler);
+ if (r < 0) {
+ log_struct_errno(LOG_WARNING, r,
+ LOG_LINK_INTERFACE(link),
+ LOG_NETDEV_INTERFACE(link->network->vrf),
+ LOG_LINK_MESSAGE(link, "Could not join netdev '%s': %m", link->network->vrf->ifname),
+ NULL);
+ link_enter_failed(link);
+ return r;
+ }
+
+ link->enslaving++;
+ }
+
HASHMAP_FOREACH(netdev, link->network->stacked_netdevs, i) {
log_struct(LOG_DEBUG,
diff --git a/src/network/networkd-netdev-vrf.c b/src/network/networkd-netdev-vrf.c
index 8bbb0aecb1..89bd142e8c 100644
--- a/src/network/networkd-netdev-vrf.c
+++ b/src/network/networkd-netdev-vrf.c
@@ -44,7 +44,7 @@ static int netdev_vrf_fill_message_create(NetDev *netdev, Link *link, sd_netlink
const NetDevVTable vrf_vtable = {
.object_size = sizeof(Vrf),
- .sections = "Match\0NetDev\0VRF\0",
+ .sections = "NetDev\0VRF\0",
.fill_message_create = netdev_vrf_fill_message_create,
.create_type = NETDEV_CREATE_MASTER,
};
diff --git a/src/network/networkd-netdev.c b/src/network/networkd-netdev.c
index b55d76a53c..b192884fd9 100644
--- a/src/network/networkd-netdev.c
+++ b/src/network/networkd-netdev.c
@@ -202,7 +202,7 @@ static int netdev_enslave_ready(NetDev *netdev, Link* link, sd_netlink_message_h
assert(netdev->state == NETDEV_STATE_READY);
assert(netdev->manager);
assert(netdev->manager->rtnl);
- assert(IN_SET(netdev->kind, NETDEV_KIND_BRIDGE, NETDEV_KIND_BOND));
+ assert(IN_SET(netdev->kind, NETDEV_KIND_BRIDGE, NETDEV_KIND_BOND, NETDEV_KIND_VRF));
assert(link);
assert(callback);
@@ -285,7 +285,7 @@ int netdev_enslave(NetDev *netdev, Link *link, sd_netlink_message_handler_t call
assert(netdev);
assert(netdev->manager);
assert(netdev->manager->rtnl);
- assert(IN_SET(netdev->kind, NETDEV_KIND_BRIDGE, NETDEV_KIND_BOND));
+ assert(IN_SET(netdev->kind, NETDEV_KIND_BRIDGE, NETDEV_KIND_BOND, NETDEV_KIND_VRF));
if (netdev->state == NETDEV_STATE_READY) {
r = netdev_enslave_ready(netdev, link, callback);
diff --git a/src/network/networkd-network-gperf.gperf b/src/network/networkd-network-gperf.gperf
index 0b0aa58f67..affc0d00e9 100644
--- a/src/network/networkd-network-gperf.gperf
+++ b/src/network/networkd-network-gperf.gperf
@@ -37,6 +37,7 @@ Network.MACVTAP, config_parse_netdev,
Network.IPVLAN, config_parse_netdev, 0, 0
Network.VXLAN, config_parse_netdev, 0, 0
Network.Tunnel, config_parse_tunnel, 0, 0
+Network.VRF, config_parse_netdev, 0, 0
Network.DHCP, config_parse_dhcp, 0, offsetof(Network, dhcp)
Network.DHCPServer, config_parse_bool, 0, offsetof(Network, dhcp_server)
Network.LinkLocalAddressing, config_parse_address_family_boolean, 0, offsetof(Network, link_local)
diff --git a/src/network/networkd-network.c b/src/network/networkd-network.c
index 84bdf75b38..2b764d4f24 100644
--- a/src/network/networkd-network.c
+++ b/src/network/networkd-network.c
@@ -244,8 +244,8 @@ void network_free(Network *network) {
strv_free(network->bind_carrier);
netdev_unref(network->bridge);
-
netdev_unref(network->bond);
+ netdev_unref(network->vrf);
HASHMAP_FOREACH(netdev, network->stacked_netdevs, i) {
hashmap_remove(network->stacked_netdevs, netdev->ifname);
@@ -471,6 +471,10 @@ int config_parse_netdev(const char *unit,
network->bond = netdev;
break;
+ case NETDEV_KIND_VRF:
+ network->vrf = netdev;
+
+ break;
case NETDEV_KIND_VLAN:
case NETDEV_KIND_MACVLAN:
case NETDEV_KIND_MACVTAP:
diff --git a/src/network/networkd-network.h b/src/network/networkd-network.h
index 38688cc400..08ee939faa 100644
--- a/src/network/networkd-network.h
+++ b/src/network/networkd-network.h
@@ -104,6 +104,7 @@ struct Network {
NetDev *bridge;
NetDev *bond;
+ NetDev *vrf;
Hashmap *stacked_netdevs;
/* DHCP Client Support */