gluon-client-bridge: use a veth pair instead of macvlan to connect local-node to br-client
macvlan interfaces never directly exchange traffic with the underlying interface, but only with other hosts behind the interface. In consequence, router advertisements from the uradvd running on br-client could never reach local-node, preventing it from getting an IPv6 address without RAs from an external radvd. Fix this be replacing the macvlan interface with a veth pair (with the peer interface in br-client). As a side effect, this saves about 5KB of flash, as the veth module is simpler than macvlan.
This commit is contained in:
		
							parent
							
								
									249ff34079
								
							
						
					
					
						commit
						f238b01173
					
				| @ -12,7 +12,7 @@ define Package/gluon-client-bridge | |||||||
|   SECTION:=gluon |   SECTION:=gluon | ||||||
|   CATEGORY:=Gluon |   CATEGORY:=Gluon | ||||||
|   TITLE:=Provides a bridge and a wireless interface for clients to connect to |   TITLE:=Provides a bridge and a wireless interface for clients to connect to | ||||||
|   DEPENDS:=+gluon-core +kmod-macvlan |   DEPENDS:=+gluon-core +kmod-veth | ||||||
| endef | endef | ||||||
| 
 | 
 | ||||||
| define Build/Prepare | define Build/Prepare | ||||||
|  | |||||||
| @ -23,6 +23,9 @@ if sysconfig.lan_ifname and not ifname and not uci:get_bool('network', 'mesh_lan | |||||||
| 	end | 	end | ||||||
| end | end | ||||||
| 
 | 
 | ||||||
|  | util.add_to_set(interfaces, 'local-port') | ||||||
|  | 
 | ||||||
|  | 
 | ||||||
| uci:delete('network', 'client') | uci:delete('network', 'client') | ||||||
| uci:section('network', 'interface', 'client', { | uci:section('network', 'interface', 'client', { | ||||||
| 	type = 'bridge', | 	type = 'bridge', | ||||||
|  | |||||||
| @ -8,10 +8,11 @@ local uci = require('simple-uci').cursor() | |||||||
| 
 | 
 | ||||||
| uci:delete('network', 'local_node_dev') | uci:delete('network', 'local_node_dev') | ||||||
| uci:section('network', 'device', 'local_node_dev', { | uci:section('network', 'device', 'local_node_dev', { | ||||||
|  | 	type = 'veth', | ||||||
| 	name = 'local-node', | 	name = 'local-node', | ||||||
| 	ifname = 'br-client', |  | ||||||
| 	type = 'macvlan', |  | ||||||
| 	macaddr = site.next_node.mac, | 	macaddr = site.next_node.mac, | ||||||
|  | 	peer_name = 'local-port', | ||||||
|  | 	peer_macaddr = sysconfig.primary_mac, | ||||||
| }) | }) | ||||||
| 
 | 
 | ||||||
| 
 | 
 | ||||||
|  | |||||||
| @ -1,2 +1,7 @@ | |||||||
| rule 'IN_ONLY --logical-in br-client -i ! bat0 -j DROP' | rule 'IN_ONLY --logical-in br-client -i bat0 -j RETURN' | ||||||
| rule 'OUT_ONLY --logical-out br-client -o ! bat0 -j DROP' | rule 'IN_ONLY --logical-in br-client -i local-port -j RETURN' | ||||||
|  | rule 'IN_ONLY --logical-in br-client -j DROP' | ||||||
|  | 
 | ||||||
|  | rule 'OUT_ONLY --logical-out br-client -o bat0 -j RETURN' | ||||||
|  | rule 'OUT_ONLY --logical-out br-client -o local-port -j RETURN' | ||||||
|  | rule 'OUT_ONLY --logical-out br-client -j DROP' | ||||||
|  | |||||||
		Loading…
	
		Reference in New Issue
	
	Block a user