PVE/Network/SDN/VxlanPlugin.pm

   1 package PVE::Network::SDN::VxlanPlugin;
   2
   3 use strict;
   4 use warnings;
   5 use PVE::Network::SDN::Plugin;
   6 use PVE::Tools;
   7
   8 use base('PVE::Network::SDN::Plugin');
   9
  10 PVE::JSONSchema::register_format('pve-sdn-vxlanrange', \&pve_verify_sdn_vxlanrange);
  11 sub pve_verify_sdn_vxlanrange {
  12    my ($vxlanstr) = @_;
  13
  14    PVE::Network::SDN::Plugin::parse_tag_number_or_range($vxlanstr, '16777216');
  15
  16    return $vxlanstr;
  17 }
  18
  19 sub type {
  20     return 'vxlan';
  21 }
  22
  23 sub properties {
  24     return {
  25         'vxlan-allowed' => {
  26             type => 'string', format => 'pve-sdn-vxlanrange',
  27             description => "Allowed vlan range",
  28         },
  29         'multicast-address' => {
  30             description => "Multicast address.",
  31             type => 'string',  #fixme: format
  32         },
  33         'unicast-address' => {
  34             description => "Unicast peers address ip list.",
  35             type => 'string',  #fixme: format
  36         },
  37     };
  38 }
  39
  40 sub options {
  41
  42     return {
  43         'uplink-id' => { optional => 0 },
  44         'multicast-address' => { optional => 1 },
  45         'unicast-address' => { optional => 1 },
  46         'vxlan-allowed' => { optional => 1 },
  47     };
  48 }
  49
  50 # Plugin implementation
  51 sub generate_sdn_config {
  52     my ($class, $plugin_config, $zoneid, $vnetid, $vnet, $uplinks) = @_;
  53
  54     my $tag = $vnet->{tag};
  55     my $alias = $vnet->{alias};
  56     my $multicastaddress = $plugin_config->{'multicast-address'};
  57     my @unicastaddress = split(',', $plugin_config->{'unicast-address'}) if $plugin_config->{'unicast-address'};
  58
  59     my $uplink = $plugin_config->{'uplink-id'};
  60     my $vxlanallowed = $plugin_config->{'vxlan-allowed'};
  61
  62     die "missing vxlan tag" if !$tag;
  63     my $iface = "uplink$uplink";
  64     my $ifaceip = "";
  65
  66     if($uplinks->{$uplink}->{name}) {
  67         $iface = $uplinks->{$uplink}->{name};
  68         $ifaceip = PVE::Network::SDN::Plugin::get_first_local_ipv4_from_interface($iface);
  69     }
  70
  71     my $mtu = 1450;
  72     $mtu = $uplinks->{$uplink}->{mtu} - 50 if $uplinks->{$uplink}->{mtu};
  73     $mtu = $vnet->{mtu} if $vnet->{mtu};
  74
  75     my $config = "\n";
  76     $config .= "auto vxlan$vnetid\n";
  77     $config .= "iface vxlan$vnetid inet manual\n";
  78     $config .= "       vxlan-id $tag\n";
  79
  80     if($multicastaddress) {
  81         $config .= "       vxlan-svcnodeip $multicastaddress\n";
  82         $config .= "       vxlan-physdev $iface\n";
  83     } elsif (@unicastaddress) {
  84
  85         foreach my $address (@unicastaddress) {
  86             next if $address eq $ifaceip;
  87             $config .= "       vxlan_remoteip $address\n";
  88         }
  89     } else {
  90         $config .= "       vxlan-local-tunnelip $ifaceip\n" if $ifaceip;
  91         $config .= "       bridge-learning off\n";
  92         $config .= "       bridge-arp-nd-suppress on\n";
  93         $config .= "       bridge-unicast-flood off\n";
  94         $config .= "       bridge-multicast-flood off\n";
  95     }
  96
  97     $config .= "       mtu $mtu\n" if $mtu;
  98     $config .= "\n";
  99     $config .= "auto $vnetid\n";
 100     $config .= "iface $vnetid inet manual\n";
 101     $config .= "       bridge_ports vxlan$vnetid\n";
 102     $config .= "       bridge_stp off\n";
 103     $config .= "       bridge_fd 0\n";
 104     $config .= "       mtu $mtu\n" if $mtu;
 105     $config .= "       alias $alias\n" if $alias;
 106
 107     return $config;
 108 }
 109
 110 sub on_delete_hook {
 111     my ($class, $transportid, $sdn_cfg) = @_;
 112
 113     # verify that no vnet are associated to this transport
 114     foreach my $id (keys %{$sdn_cfg->{ids}}) {
 115         my $sdn = $sdn_cfg->{ids}->{$id};
 116         die "transport $transportid is used by vnet $id"
 117             if ($sdn->{type} eq 'vnet' && defined($sdn->{transportzone}) && $sdn->{transportzone} eq $transportid);
 118     }
 119 }
 120
 121 sub on_update_hook {
 122     my ($class, $transportid, $sdn_cfg) = @_;
 123
 124     my $transport = $sdn_cfg->{ids}->{$transportid};
 125
 126     # verify that vxlan-allowed don't conflict with another vxlan-allowed transport
 127
 128     # verify that vxlan-allowed is matching currently vnet tag in this transport
 129     my $vxlanallowed = $transport->{'vxlan-allowed'};
 130     if ($vxlanallowed) {
 131         foreach my $id (keys %{$sdn_cfg->{ids}}) {
 132             my $sdn = $sdn_cfg->{ids}->{$id};
 133             if ($sdn->{type} eq 'vnet' && defined($sdn->{tag})) {
 134                 if(defined($sdn->{transportzone}) && $sdn->{transportzone} eq $transportid) {
 135                     my $tag = $sdn->{tag};
 136                     eval {
 137                         PVE::Network::SDN::Plugin::parse_tag_number_or_range($vxlanallowed, '16777216', $tag);
 138                     };
 139                     if($@) {
 140                         die "vnet $id - vlan $tag is not allowed in transport $transportid";
 141                     }
 142                 }
 143             }
 144         }
 145     }
 146 }
 147
 148 1;
 149
 150