diff options
author | Susant Sahani <susant@redhat.com> | 2014-05-12 10:48:24 +0530 |
---|---|---|
committer | Tom Gundersen <teg@jklm.no> | 2014-05-12 17:37:12 +0200 |
commit | 7951dea20911969287878e6897b3eca348721ade (patch) | |
tree | 420a101f2a4e3912b9d078bcf16bf06e8ff94742 /src | |
parent | 1727a595225132eb73ec134b6979d9c713b42e8c (diff) |
networkd: introduce ipip tunnel
This patch enables basic ipip tunnel support.
It works with kernel module ipip
example conf:
file: ipip.netdev
[NetDev]
Name=ipip-tun
Kind=ipip
MTUBytes=1480
[Tunnel]
Local=192.168.223.238
Remote=192.169.224.239
TTL=64
file: ipip.network
[Match]
Name=em1
[Network]
Tunnel=ipip-tun
[tomegun:
- drop unused variable
- take ref when enslaving]
Diffstat (limited to 'src')
-rw-r--r-- | src/libsystemd-network/network-internal.c | 33 | ||||
-rw-r--r-- | src/libsystemd-network/network-internal.h | 3 | ||||
-rw-r--r-- | src/libsystemd/sd-rtnl/rtnl-types.c | 4 | ||||
-rw-r--r-- | src/network/networkd-link.c | 26 | ||||
-rw-r--r-- | src/network/networkd-manager.c | 16 | ||||
-rw-r--r-- | src/network/networkd-netdev-gperf.gperf | 5 | ||||
-rw-r--r-- | src/network/networkd-netdev.c | 53 | ||||
-rw-r--r-- | src/network/networkd-network-gperf.gperf | 1 | ||||
-rw-r--r-- | src/network/networkd-network.c | 39 | ||||
-rw-r--r-- | src/network/networkd-tunnel.c | 192 | ||||
-rw-r--r-- | src/network/networkd.c | 6 | ||||
-rw-r--r-- | src/network/networkd.h | 35 |
12 files changed, 408 insertions, 5 deletions
diff --git a/src/libsystemd-network/network-internal.c b/src/libsystemd-network/network-internal.c index 52e614c4ea..cf577e54a4 100644 --- a/src/libsystemd-network/network-internal.c +++ b/src/libsystemd-network/network-internal.c @@ -326,3 +326,36 @@ int net_parse_inaddr(const char *address, unsigned char *family, void *dst) { return 0; } + +int load_module(struct kmod_ctx *ctx, const char *mod_name) { + struct kmod_list *modlist = NULL, *l; + int r; + + assert(ctx); + assert(mod_name); + + r = kmod_module_new_from_lookup(ctx, mod_name, &modlist); + if (r < 0) + return r; + + if (!modlist) { + log_error("Failed to find module '%s'", mod_name); + return -ENOENT; + } + + kmod_list_foreach(l, modlist) { + struct kmod_module *mod = kmod_module_get_module(l); + + r = kmod_module_probe_insert_module(mod, 0, NULL, NULL, NULL, NULL); + if (r == 0) + log_info("Inserted module '%s'", kmod_module_get_name(mod)); + else { + log_error("Failed to insert '%s': %s", kmod_module_get_name(mod), + strerror(-r)); + } + } + + kmod_module_unref_list(modlist); + + return r; +} diff --git a/src/libsystemd-network/network-internal.h b/src/libsystemd-network/network-internal.h index 836472a776..1c77d33274 100644 --- a/src/libsystemd-network/network-internal.h +++ b/src/libsystemd-network/network-internal.h @@ -24,6 +24,7 @@ #include <netinet/ether.h> #include <netinet/in.h> #include <stdbool.h> +#include <libkmod.h> #include "udev.h" #include "condition-util.h" @@ -65,3 +66,5 @@ int config_parse_ifalias(const char *unit, const char *filename, unsigned line, int net_parse_inaddr(const char *address, unsigned char *family, void *dst); int net_get_unique_predictable_data(struct udev_device *device, uint8_t result[8]); + +int load_module(struct kmod_ctx *ctx, const char *mod_name); diff --git a/src/libsystemd/sd-rtnl/rtnl-types.c b/src/libsystemd/sd-rtnl/rtnl-types.c index 44ac5ec389..96467a32a6 100644 --- a/src/libsystemd/sd-rtnl/rtnl-types.c +++ b/src/libsystemd/sd-rtnl/rtnl-types.c @@ -104,8 +104,8 @@ static const NLType rtnl_link_info_data_bond_types[IFLA_BOND_MAX + 1] = { static const NLType rtnl_link_info_data_iptun_types[IFLA_IPTUN_MAX + 1] = { [IFLA_IPTUN_LINK] = { .type = NLA_U32 }, - [IFLA_IPTUN_LOCAL] = { .type = NLA_U32 }, - [IFLA_IPTUN_REMOTE] = { .type = NLA_U32 }, + [IFLA_IPTUN_LOCAL] = { .type = NLA_IN_ADDR }, + [IFLA_IPTUN_REMOTE] = { .type = NLA_IN_ADDR }, [IFLA_IPTUN_TTL] = { .type = NLA_U8 }, [IFLA_IPTUN_TOS] = { .type = NLA_U8 }, [IFLA_IPTUN_PMTUDISC] = { .type = NLA_U8 }, diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c index d07cc30951..77c505fc78 100644 --- a/src/network/networkd-link.c +++ b/src/network/networkd-link.c @@ -1466,7 +1466,9 @@ static int link_enter_enslave(Link *link) { link_save(link); - if (!link->network->bridge && !link->network->bond && + if (!link->network->bridge && + !link->network->bond && + !link->network->tunnel && hashmap_isempty(link->network->vlans) && hashmap_isempty(link->network->macvlans)) return link_enslaved(link); @@ -1515,6 +1517,28 @@ static int link_enter_enslave(Link *link) { link->enslaving ++; } + if (link->network->tunnel) { + log_struct_link(LOG_DEBUG, link, + "MESSAGE=%s: enslaving by '%s'", + link->ifname, link->network->tunnel->name, + NETDEV(link->network->tunnel), + NULL); + + r = netdev_enslave(link->network->tunnel, link, &enslave_handler); + if (r < 0) { + log_struct_link(LOG_WARNING, link, + "MESSAGE=%s: could not enslave by '%s': %s", + link->ifname, link->network->tunnel->name, strerror(-r), + NETDEV(link->network->tunnel), + NULL); + link_enter_failed(link); + return r; + } + + link_ref(link); + link->enslaving ++; + } + HASHMAP_FOREACH(vlan, link->network->vlans, i) { log_struct_link(LOG_DEBUG, link, "MESSAGE=%s: enslaving by '%s'", diff --git a/src/network/networkd-manager.c b/src/network/networkd-manager.c index 8bdc60f19c..cfa3a9900a 100644 --- a/src/network/networkd-manager.c +++ b/src/network/networkd-manager.c @@ -21,6 +21,7 @@ #include <resolv.h> #include <linux/if.h> +#include <libkmod.h> #include "path-util.h" #include "networkd.h" @@ -551,3 +552,18 @@ finish: return r; } + +int manager_init_kmod_ctx(Manager *m) { + struct kmod_ctx *ctx; + + assert(m); + + ctx = kmod_new(NULL, NULL); + if (!ctx) { + return -ENOMEM; + } + + m->kmod_ctx = ctx; + + return 0; +} diff --git a/src/network/networkd-netdev-gperf.gperf b/src/network/networkd-netdev-gperf.gperf index ea7ba5734b..7e6b8853d5 100644 --- a/src/network/networkd-netdev-gperf.gperf +++ b/src/network/networkd-netdev-gperf.gperf @@ -22,5 +22,10 @@ Match.Architecture, config_parse_net_condition, CONDITION_ARCHITECT NetDev.Description, config_parse_string, 0, offsetof(NetDev, description) NetDev.Name, config_parse_ifname, 0, offsetof(NetDev, name) NetDev.Kind, config_parse_netdev_kind, 0, offsetof(NetDev, kind) +NetDev.MTUBytes, config_parse_iec_size, 0, offsetof(NetDev, mtu) VLAN.Id, config_parse_uint64, 0, offsetof(NetDev, vlanid) MACVLAN.Mode, config_parse_macvlan_mode, 0, offsetof(NetDev, macvlan_mode) +Tunnel.Local, config_parse_tunnel_address, 0, offsetof(NetDev, tunnel_local) +Tunnel.Remote, config_parse_tunnel_address, 0, offsetof(NetDev, tunnel_remote) +Tunnel.TOS, config_parse_unsigned, 0, offsetof(NetDev, tunnel_tos) +Tunnel.TTL, config_parse_unsigned, 0, offsetof(NetDev, tunnel_ttl) diff --git a/src/network/networkd-netdev.c b/src/network/networkd-netdev.c index f742e391ce..62e1a3e26d 100644 --- a/src/network/networkd-netdev.c +++ b/src/network/networkd-netdev.c @@ -33,6 +33,9 @@ static const char* const netdev_kind_table[_NETDEV_KIND_MAX] = { [NETDEV_KIND_BOND] = "bond", [NETDEV_KIND_VLAN] = "vlan", [NETDEV_KIND_MACVLAN] = "macvlan", + [NETDEV_KIND_IPIP] = "ipip", + [NETDEV_KIND_GRE] = "gre", + [NETDEV_KIND_SIT] = "sit", }; DEFINE_STRING_TABLE_LOOKUP(netdev_kind, NetDevKind); @@ -228,6 +231,34 @@ static int netdev_create_handler(sd_rtnl *rtnl, sd_rtnl_message *m, void *userda return 1; } +int config_parse_tunnel_address(const char *unit, + const char *filename, + unsigned line, + const char *section, + unsigned section_line, + const char *lvalue, + int ltype, + const char *rvalue, + void *data, + void *userdata) { + NetDev *n = data; + unsigned char family = AF_INET; + int r; + + assert(filename); + assert(lvalue); + assert(rvalue); + assert(data); + + r = net_parse_inaddr(rvalue, &family, n); + if (r < 0) { + log_syntax(unit, LOG_ERR, filename, line, EINVAL, + "Tunnel address is invalid, ignoring assignment: %s", rvalue); + return 0; + } + return 0; +} + static int netdev_create(NetDev *netdev, Link *link, sd_rtnl_message_handler_t callback) { _cleanup_rtnl_message_unref_ sd_rtnl_message *req = NULL; const char *kind; @@ -266,6 +297,16 @@ static int netdev_create(NetDev *netdev, Link *link, sd_rtnl_message_handler_t c return r; } + if(netdev->mtu) { + r = sd_rtnl_message_append_u32(req, IFLA_MTU, netdev->mtu); + if (r < 0) { + log_error_netdev(netdev, + "Could not append IFLA_MTU attribute: %s", + strerror(-r)); + return r; + } + } + r = sd_rtnl_message_open_container(req, IFLA_LINKINFO); if (r < 0) { log_error_netdev(netdev, @@ -347,6 +388,11 @@ int netdev_enslave(NetDev *netdev, Link *link, sd_rtnl_message_handler_t callbac if (netdev->kind == NETDEV_KIND_VLAN || netdev->kind == NETDEV_KIND_MACVLAN) return netdev_create(netdev, link, callback); + if(netdev->kind == NETDEV_KIND_IPIP || + netdev->kind == NETDEV_KIND_GRE || + netdev->kind == NETDEV_KIND_SIT) + return netdev_create_tunnel(link, netdev_create_handler); + if (netdev->state == NETDEV_STATE_READY) { r = netdev_enslave_ready(netdev, link, callback); if (r < 0) @@ -496,7 +542,7 @@ static int netdev_load_one(Manager *manager, const char *filename) { netdev->macvlan_mode = _NETDEV_MACVLAN_MODE_INVALID; netdev->vlanid = VLANID_MAX + 1; - r = config_parse(NULL, filename, file, "Match\0NetDev\0VLAN\0MACVLAN\0", + r = config_parse(NULL, filename, file, "Match\0NetDev\0VLAN\0MACVLAN\0Tunnel\0", config_item_perf_lookup, (void*) network_netdev_gperf_lookup, false, false, netdev); if (r < 0) { @@ -549,7 +595,10 @@ static int netdev_load_one(Manager *manager, const char *filename) { LIST_HEAD_INIT(netdev->callbacks); if (netdev->kind != NETDEV_KIND_VLAN && - netdev->kind != NETDEV_KIND_MACVLAN) { + netdev->kind != NETDEV_KIND_MACVLAN && + netdev->kind != NETDEV_KIND_IPIP && + netdev->kind != NETDEV_KIND_GRE && + netdev->kind != NETDEV_KIND_SIT) { r = netdev_create(netdev, NULL, NULL); if (r < 0) return r; diff --git a/src/network/networkd-network-gperf.gperf b/src/network/networkd-network-gperf.gperf index bfe44e0041..4bb84259cd 100644 --- a/src/network/networkd-network-gperf.gperf +++ b/src/network/networkd-network-gperf.gperf @@ -34,6 +34,7 @@ Network.IPv4LL, config_parse_bool, 0, Network.Address, config_parse_address, 0, 0 Network.Gateway, config_parse_gateway, 0, 0 Network.DNS, config_parse_dns, 0, offsetof(Network, dns) +Network.Tunnel, config_parse_tunnel, 0, offsetof(Network, tunnel) Address.Address, config_parse_address, 0, 0 Address.Broadcast, config_parse_broadcast, 0, 0 Address.Label, config_parse_label, 0, 0 diff --git a/src/network/networkd-network.c b/src/network/networkd-network.c index 5d7ce1ced2..d6b06e8a97 100644 --- a/src/network/networkd-network.c +++ b/src/network/networkd-network.c @@ -331,3 +331,42 @@ int config_parse_netdev(const char *unit, return 0; } + +int config_parse_tunnel(const char *unit, + const char *filename, + unsigned line, + const char *section, + unsigned section_line, + const char *lvalue, + int ltype, + const char *rvalue, + void *data, + void *userdata) { + Network *network = userdata; + NetDev *netdev; + int r; + + assert(filename); + assert(lvalue); + assert(rvalue); + assert(data); + + r = netdev_get(network->manager, rvalue, &netdev); + if (r < 0) { + log_syntax(unit, LOG_ERR, filename, line, EINVAL, + "Tunnel is invalid, ignoring assignment: %s", rvalue); + return 0; + } + + if (netdev->kind != NETDEV_KIND_IPIP && + netdev->kind != NETDEV_KIND_SIT && + netdev->kind != NETDEV_KIND_GRE) { + log_syntax(unit, LOG_ERR, filename, line, EINVAL, + "NetDev is not a tunnel, ignoring assignment: %s", rvalue); + return 0; + } + + network->tunnel = netdev; + + return 0; +} diff --git a/src/network/networkd-tunnel.c b/src/network/networkd-tunnel.c new file mode 100644 index 0000000000..49a4975522 --- /dev/null +++ b/src/network/networkd-tunnel.c @@ -0,0 +1,192 @@ +/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/ + +/*** + This file is part of systemd. + + Copyright 2014 Susant Sahani <susant@redhat.com> + + systemd is free software; you can redistribute it and/or modify it + under the terms of the GNU Lesser General Public License as published by + the Free Software Foundation; either version 2.1 of the License, or + (at your option) any later version. + + systemd is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public License + along with systemd; If not, see <http://www.gnu.org/licenses/>. +***/ + +#include <netinet/ether.h> +#include <arpa/inet.h> +#include <net/if.h> +#include <linux/ip.h> +#include <linux/if_tunnel.h> +#include <libkmod.h> + +#include "sd-rtnl.h" +#include "networkd.h" +#include "network-internal.h" +#include "util.h" + + +static int netdev_fill_ipip_rtnl_message(Link *link, sd_rtnl_message *m) { + NetDev *netdev; + int r; + + assert(link); + assert(link->network); + assert(link->network->tunnel); + assert(m); + + netdev = link->network->tunnel; + + r = sd_rtnl_message_append_string(m, IFLA_IFNAME, netdev->name); + if (r < 0) { + log_error_netdev(netdev, + "Could not append IFLA_IFNAME, attribute: %s", + strerror(-r)); + return r; + } + + if(netdev->mtu) { + r = sd_rtnl_message_append_u32(m, IFLA_MTU, netdev->mtu); + if (r < 0) { + log_error_netdev(netdev, + "Could not append IFLA_MTU attribute: %s", + strerror(-r)); + return r; + } + } + + r = sd_rtnl_message_open_container(m, IFLA_LINKINFO); + if (r < 0) { + log_error_netdev(netdev, + "Could not append IFLA_LINKINFO attribute: %s", + strerror(-r)); + return r; + } + + r = sd_rtnl_message_open_container_union(m, IFLA_INFO_DATA, + netdev_kind_to_string(netdev->kind)); + if (r < 0) { + log_error_netdev(netdev, + "Could not append IFLA_INFO_DATA attribute: %s", + strerror(-r)); + return r; + } + + r = sd_rtnl_message_append_u32(m, IFLA_IPTUN_LINK, link->ifindex); + if (r < 0) { + log_error_netdev(netdev, + "Could not append IFLA_IPTUN_LINK attribute: %s", + strerror(-r)); + return r; + } + + r = sd_rtnl_message_append_in_addr(m, IFLA_IPTUN_LOCAL, &netdev->tunnel_local); + if (r < 0) { + log_error_netdev(netdev, + "Could not append IFLA_IPTUN_LOCAL attribute: %s", + strerror(-r)); + return r; + } + + r = sd_rtnl_message_append_in_addr(m, IFLA_IPTUN_REMOTE, &netdev->tunnel_remote); + if (r < 0) { + log_error_netdev(netdev, + "Could not append IFLA_IPTUN_REMOTE attribute: %s", + strerror(-r)); + return r; + } + + r = sd_rtnl_message_close_container(m); + if (r < 0) { + log_error_netdev(netdev, + "Could not append IFLA_INFO_DATA attribute: %s", + strerror(-r)); + return r; + } + + r = sd_rtnl_message_close_container(m); + if (r < 0) { + log_error_netdev(netdev, + "Could not append IFLA_LINKINFO attribute: %s", + strerror(-r)); + return r; + } + + return r; +} + +int netdev_create_tunnel(Link *link, sd_rtnl_message_handler_t callback) { + _cleanup_rtnl_message_unref_ sd_rtnl_message *m = NULL; + NetDev *netdev; + int r; + + assert(link); + assert(link->network); + assert(link->network->tunnel); + + netdev = link->network->tunnel; + + assert(netdev); + assert(netdev->name); + assert(netdev->manager); + assert(netdev->manager->rtnl); + assert(netdev->manager->kmod_ctx); + + /* Load kernel module first */ + switch(netdev->kind) { + case NETDEV_KIND_IPIP: + case NETDEV_KIND_GRE: + case NETDEV_KIND_SIT: + r = load_module(netdev->manager->kmod_ctx, + netdev_kind_to_string(netdev->kind)); + if (r < 0) { + log_error_netdev(netdev, + "Could not load Kernel module: %s . Ignoring", + netdev_kind_to_string(netdev->kind)); + return r; + } + break; + default: + return -ENOTSUP; + } + + r = sd_rtnl_message_new_link(netdev->manager->rtnl, &m, RTM_NEWLINK, 0); + if (r < 0) { + log_error_netdev(netdev, + "Could not allocate RTM_NEWLINK message: %s", + strerror(-r)); + return r; + } + + switch(netdev->kind) { + case NETDEV_KIND_IPIP: + r = netdev_fill_ipip_rtnl_message(link, m); + if(r < 0) + return r; + break; + case NETDEV_KIND_GRE: + case NETDEV_KIND_SIT: + default: + return -ENOTSUP; + } + + r = sd_rtnl_call_async(netdev->manager->rtnl, m, callback, netdev, 0, NULL); + if (r < 0) { + log_error_netdev(netdev, + "Could not send rtnetlink message: %s", strerror(-r)); + return r; + } + + log_debug_netdev(netdev, "Creating tunnel netdev: %s", + netdev_kind_to_string(netdev->kind)); + + netdev->state = NETDEV_STATE_CREATING; + + return 0; +} diff --git a/src/network/networkd.c b/src/network/networkd.c index 6b3bf12a4c..39e1b2af02 100644 --- a/src/network/networkd.c +++ b/src/network/networkd.c @@ -87,6 +87,12 @@ int main(int argc, char *argv[]) { goto out; } + r = manager_init_kmod_ctx(m); + if (r < 0) { + log_error("Could not init kmod context: %s", strerror(-r)); + goto out; + } + r = manager_rtnl_enumerate_links(m); if (r < 0) { log_error("Could not enumerate links: %s", strerror(-r)); diff --git a/src/network/networkd.h b/src/network/networkd.h index ec2e111a7b..e32cf5d9b2 100644 --- a/src/network/networkd.h +++ b/src/network/networkd.h @@ -68,6 +68,9 @@ typedef enum NetDevKind { NETDEV_KIND_BOND, NETDEV_KIND_VLAN, NETDEV_KIND_MACVLAN, + NETDEV_KIND_IPIP, + NETDEV_KIND_GRE, + NETDEV_KIND_SIT, _NETDEV_KIND_MAX, _NETDEV_KIND_INVALID = -1 } NetDevKind; @@ -95,6 +98,7 @@ struct NetDev { char *description; char *name; + size_t mtu; NetDevKind kind; uint64_t vlanid; @@ -103,6 +107,11 @@ struct NetDev { int ifindex; NetDevState state; + unsigned tunnel_ttl; + unsigned tunnel_tos; + struct in_addr tunnel_local; + struct in_addr tunnel_remote; + LIST_HEAD(netdev_enslave_callback, callbacks); }; @@ -124,6 +133,7 @@ struct Network { char *description; NetDev *bridge; NetDev *bond; + NetDev *tunnel; Hashmap *vlans; Hashmap *macvlans; bool dhcp; @@ -246,6 +256,7 @@ struct Manager { LIST_HEAD(Network, networks); usec_t network_dirs_ts_usec; + struct kmod_ctx *kmod_ctx; }; extern const char* const network_dirs[]; @@ -266,6 +277,7 @@ int manager_bus_listen(Manager *m); int manager_update_resolv_conf(Manager *m); int manager_save(Manager *m); +int manager_init_kmod_ctx(Manager *m); DEFINE_TRIVIAL_CLEANUP_FUNC(Manager*, manager_free); #define _cleanup_manager_free_ _cleanup_(manager_freep) @@ -284,6 +296,7 @@ DEFINE_TRIVIAL_CLEANUP_FUNC(NetDev*, netdev_unref); int netdev_get(Manager *manager, const char *name, NetDev **ret); int netdev_set_ifindex(NetDev *netdev, sd_rtnl_message *newlink); int netdev_enslave(NetDev *netdev, Link *link, sd_rtnl_message_handler_t cb); +int netdev_create_tunnel(Link *link, sd_rtnl_message_handler_t callback); const char *netdev_kind_to_string(NetDevKind d) _const_; NetDevKind netdev_kind_from_string(const char *d) _pure_; @@ -316,6 +329,28 @@ int config_parse_netdev(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); +int config_parse_tunnel(const char *unit, + const char *filename, + unsigned line, + const char *section, + unsigned section_line, + const char *lvalue, + int ltype, + const char *rvalue, + void *data, + void *userdata); + +int config_parse_tunnel_address(const char *unit, + const char *filename, + unsigned line, + const char *section, + unsigned section_line, + const char *lvalue, + int ltype, + const char *rvalue, + void *data, + void *userdata); + /* gperf */ const struct ConfigPerfItem* network_network_gperf_lookup(const char *key, unsigned length); |