From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [IPv6:2a01:7e0:0:424::9]) by lore.proxmox.com (Postfix) with ESMTPS id F120D1FF16F for ; Tue, 14 Oct 2025 15:01:42 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 854103476; Tue, 14 Oct 2025 15:02:01 +0200 (CEST) From: Christoph Heiss To: pve-devel@lists.proxmox.com Date: Tue, 14 Oct 2025 15:00:56 +0200 Message-ID: <20251014130148.1073922-1-c.heiss@proxmox.com> X-Mailer: git-send-email 2.51.0 MIME-Version: 1.0 X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2 X-Bm-Transport-Timestamp: 1760446880894 X-SPAM-LEVEL: Spam detection results: 0 AWL 0.038 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [vxlan.py, proxmox.com, iproute2.py] Subject: [pve-devel] [PATCH ifupdown2] d/patches: add patch for adding IPv6 vxlan-local-tunnelip X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Proxmox VE development discussion Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: pve-devel-bounces@lists.proxmox.com Sender: "pve-devel" Fixes #5398 [0]. This patch makes it possible to use an IPv6 address for the local VXLAN tunnel address, in addition to IPv4 addresses. With this change it's possible to use IPv6 as the underlay for a VXLAN based network without the need for IPv4. [0] https://bugzilla.proxmox.com/show_bug.cgi?id=5398 Upstream-Link: https://github.com/CumulusNetworks/ifupdown2/pull/315 Suggested-by: Stefan Hanreich Signed-off-by: Christoph Heiss --- Stefan suggested the inclusion of this patch, as it's been a fairly requested features. Marked it as RFC tho, as it is untested (Gabriel volunteered for this, as he has a setup for that) and upstream still doesn't seem to have decided if the attribute should be renamed to `vxlan-local-tunnelip6`. Pulling it in now would mean that we're "stuck" with that name, if we don't want to break users later on, if the attribute is really renamed - or we could also support both styles in that case. debian/patches/series | 1 + ...upport-for-IPv6-vxlan-local-tunnelip.patch | 134 ++++++++++++++++++ 2 files changed, 135 insertions(+) create mode 100644 debian/patches/upstream/0002-vxlan-Add-support-for-IPv6-vxlan-local-tunnelip.patch diff --git a/debian/patches/series b/debian/patches/series index 266f57d..d045d1f 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -13,4 +13,5 @@ pve/0012-addons-nlcache-set-interface-mtu-through-netlink-ins.patch pve/0013-addons-nlcache-set-interface-alias-through-netlink-i.patch upstream/0001-add-ipv6-slaac-support-inet6-auto-and-accept_ra.patch upstream/0001-use-raw-strings-for-regex-to-fix-backslash-interpret.patch +upstream/0002-vxlan-Add-support-for-IPv6-vxlan-local-tunnelip.patch pve/0014-nlmanager-read-ipv6-devconf-disable_ipv6-attribute-t.patch diff --git a/debian/patches/upstream/0002-vxlan-Add-support-for-IPv6-vxlan-local-tunnelip.patch b/debian/patches/upstream/0002-vxlan-Add-support-for-IPv6-vxlan-local-tunnelip.patch new file mode 100644 index 0000000..eec26f1 --- /dev/null +++ b/debian/patches/upstream/0002-vxlan-Add-support-for-IPv6-vxlan-local-tunnelip.patch @@ -0,0 +1,134 @@ +From d085fb18a45c7b5d69ffbfa54be91f31c2d396a8 Mon Sep 17 00:00:00 2001 +From: Christoph Heiss +Date: Thu, 17 Jul 2025 14:13:01 +0200 +Subject: [PATCH] vxlan: Add support for IPv6 vxlan-local-tunnelip + +This commit adds the option to pass an IPv6 address instead of an IPv4 address to use as +local tunnel IP address. With this change it's possible to use IPv6 as the underlay for +a VXLAN based network without the need for IPv4. + +Upstream-Link: https://github.com/CumulusNetworks/ifupdown2/pull/315 +Authored-by: Wido den Hollander + [ CH: rebased on our tree, added appropriate logging in iproute2 module ] +Signed-off-by: Christoph Heiss +--- + ifupdown2/addons/vxlan.py | 12 +++++++----- + ifupdown2/lib/iproute2.py | 26 +++++++++++++++++++------- + 2 files changed, 26 insertions(+), 12 deletions(-) + +diff --git a/ifupdown2/addons/vxlan.py b/ifupdown2/addons/vxlan.py +index cc8d3b3..250a462 100644 +--- a/ifupdown2/addons/vxlan.py ++++ b/ifupdown2/addons/vxlan.py +@@ -51,7 +51,7 @@ class vxlan(Vxlan, moduleBase): + }, + "vxlan-local-tunnelip": { + "help": "vxlan local tunnel ip", +- "validvals": [""], ++ "validvals": ["", ""], + "example": ["vxlan-local-tunnelip 172.16.20.103"] + }, + "vxlan-svcnodeip": { +@@ -547,7 +547,7 @@ class vxlan(Vxlan, moduleBase): + + if local: + try: +- local = ipnetwork.IPv4Address(local) ++ local = ipnetwork.IPAddress(local) + + if local.initialized_with_prefixlen: + self.logger.warning("%s: vxlan-local-tunnelip %s: netmask ignored" % (ifname, local)) +@@ -1173,7 +1173,8 @@ class vxlan(Vxlan, moduleBase): + vxlan_physdev, + user_request_vxlan_info_data.get(Link.IFLA_VXLAN_PORT), + vxlan_vnifilter, +- vxlan_ttl ++ vxlan_ttl, ++ local.version + ) + elif ifaceobj.link_privflags & ifaceLinkPrivFlags.L3VXI: + self.iproute2.link_add_l3vxi( +@@ -1183,7 +1184,8 @@ class vxlan(Vxlan, moduleBase): + group.ip if group else None, + vxlan_physdev, + user_request_vxlan_info_data.get(Link.IFLA_VXLAN_PORT), +- vxlan_ttl ++ vxlan_ttl, ++ local.version + ) + else: + try: +@@ -1235,7 +1237,7 @@ class vxlan(Vxlan, moduleBase): + if remoteips: + try: + for remoteip in remoteips: +- ipnetwork.IPv4Address(remoteip) ++ ipnetwork.IPAddress(remoteip) + except Exception as e: + self.log_error('%s: vxlan-remoteip: %s' % (ifaceobj.name, str(e))) + +diff --git a/ifupdown2/lib/iproute2.py b/ifupdown2/lib/iproute2.py +index bbbfb43..b8ab7a1 100644 +--- a/ifupdown2/lib/iproute2.py ++++ b/ifupdown2/lib/iproute2.py +@@ -280,17 +280,22 @@ class IPRoute2(Cache, Requirements): + + ### + +- def link_add_single_vxlan(self, link_exists, ifname, ip, group, physdev, port, vnifilter="off", ttl=None): +- self.logger.info("creating single vxlan device: %s" % ifname) ++ def link_add_single_vxlan(self, link_exists, ifname, ip, group, physdev, port, vnifilter="off", ttl=None, ipversion=4): ++ cmd = [] ++ ++ if ipversion == 6: ++ cmd.append("-6") + + if link_exists: ++ self.logger.info("updating single vxlan device: %s" % ifname) + # When updating an SVD we need to use `ip link set` and we have to + # drop the external keyword: + # $ ip link set dev vxlan0 type vxlan external local 27.0.0.242 dev ipmr-lo + # Error: vxlan: cannot change COLLECT_METADATA flag. +- cmd = ["link set dev %s type vxlan" % ifname] ++ cmd.append("link set dev %s type vxlan" % ifname) + else: +- cmd = ["link add dev %s type vxlan external" % ifname] ++ self.logger.info("creating single vxlan device: %s" % ifname) ++ cmd.append("link add dev %s type vxlan external" % ifname) + + # when changing local ip, if we specify vnifilter we get: + # Error: vxlan: cannot change flag. +@@ -316,20 +321,27 @@ class IPRoute2(Cache, Requirements): + self.__execute_or_batch(utils.ip_cmd, " ".join(cmd)) + self.__update_cache_after_link_creation(ifname, "vxlan") + +- def link_add_l3vxi(self, link_exists, ifname, ip, group, physdev, port, ttl=None): ++ def link_add_l3vxi(self, link_exists, ifname, ip, group, physdev, port, ttl=None, ipversion=4): + self.logger.info("creating l3vxi device: %s" % ifname) + ++ cmd = [] ++ ++ if ipversion == 6: ++ cmd.append("-6") ++ + if link_exists: ++ self.logger.info("updating l3vxi device: %s" % ifname) + # When updating an SVD we need to use `ip link set` and we have to + # drop the external keyword: + # $ ip link set dev vxlan0 type vxlan external local 27.0.0.242 dev ipmr-lo + # Error: vxlan: cannot change COLLECT_METADATA flag. +- cmd = ["link set dev %s type vxlan" % ifname] ++ cmd.append("link set dev %s type vxlan" % ifname) + else: +- cmd = ["link add dev %s type vxlan external vnifilter" % ifname] ++ self.logger.info("creating l3vxi device: %s" % ifname) + # when changing local ip, if we specify vnifilter we get: + # Error: vxlan: cannot change flag. + # So we are only setting this attribute on vxlan creation ++ cmd.append("link add dev %s type vxlan external vnifilter" % ifname) + + if ip: + cmd.append("local %s" % ip) +-- +2.49.0 + -- 2.51.0 _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel