nils/gluon
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

gluon-client-bridge: use a veth pair instead of macvlan to connect local-node to br-client

Browse Source 
macvlan interfaces never directly exchange traffic with the underlying
interface, but only with other hosts behind the interface. In consequence,
router advertisements from the uradvd running on br-client could never
reach local-node, preventing it from getting an IPv6 address without RAs
from an external radvd. Fix this be replacing the macvlan interface with
a veth pair (with the peer interface in br-client).

As a side effect, this saves about 5KB of flash, as the veth module is
simpler than macvlan.
This commit is contained in:
Matthias Schiffer 2017-02-10 09:44:23 +01:00
parent 249ff34079
commit f238b01173
No known key found for this signature in database
GPG Key ID: 16EF3F64CB201D9C
4 changed files with 14 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
package/gluon-client-bridge/Makefile
View File

@ -12,7 +12,7 @@ define Package/gluon-client-bridge
SECTION:=gluon SECTION:=gluon
CATEGORY:=Gluon CATEGORY:=Gluon
TITLE:=Provides a bridge and a wireless interface for clients to connect to TITLE:=Provides a bridge and a wireless interface for clients to connect to
DEPENDS:=+gluon-core +kmod-macvlan DEPENDS:=+gluon-core +kmod-veth
endef endef
define Build/Prepare define Build/Prepare

3
package/gluon-client-bridge/luasrc/lib/gluon/upgrade/300-gluon-client-bridge-network
View File

@ -23,6 +23,9 @@ if sysconfig.lan_ifname and not ifname and not uci:get_bool('network', 'mesh_lan
end end
end end
util.add_to_set(interfaces, 'local-port')
uci:delete('network', 'client') uci:delete('network', 'client')
uci:section('network', 'interface', 'client', { uci:section('network', 'interface', 'client', {
type = 'bridge', type = 'bridge',

5
package/gluon-client-bridge/luasrc/lib/gluon/upgrade/310-gluon-client-bridge-local-node
View File

@ -8,10 +8,11 @@ local uci = require('simple-uci').cursor()
uci:delete('network', 'local_node_dev') uci:delete('network', 'local_node_dev')
uci:section('network', 'device', 'local_node_dev', { uci:section('network', 'device', 'local_node_dev', {
type = 'veth',
name = 'local-node', name = 'local-node',
ifname = 'br-client',
type = 'macvlan',
macaddr = site.next_node.mac, macaddr = site.next_node.mac,
peer_name = 'local-port',
peer_macaddr = sysconfig.primary_mac,
}) })

9
package/gluon-ebtables/files/lib/gluon/ebtables/101-dir-rules
View File

@ -1,2 +1,7 @@
rule 'IN_ONLY --logical-in br-client -i ! bat0 -j DROP' rule 'IN_ONLY --logical-in br-client -i bat0 -j RETURN'
rule 'OUT_ONLY --logical-out br-client -o ! bat0 -j DROP' rule 'IN_ONLY --logical-in br-client -i local-port -j RETURN'
rule 'IN_ONLY --logical-in br-client -j DROP'
rule 'OUT_ONLY --logical-out br-client -o bat0 -j RETURN'
rule 'OUT_ONLY --logical-out br-client -o local-port -j RETURN'
rule 'OUT_ONLY --logical-out br-client -j DROP'