Skip to content

Commit

Permalink
feat: allow user to provide vxlan port to clab tools (#1613)
Browse files Browse the repository at this point in the history
* feat: allow user to provide vxlan port to clab tools

* changed default vxlan port to 14789 and added doc

---------

Co-authored-by: Roman Dodin <[email protected]>
  • Loading branch information
carlmontanari and hellt authored Sep 28, 2023
1 parent bd259b6 commit 3f82778
Show file tree
Hide file tree
Showing 3 changed files with 31 additions and 22 deletions.
7 changes: 1 addition & 6 deletions clab/vxlan.go
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,6 @@ func AddVxLanInterface(vxlan VxLAN) (err error) {
var parentIf netlink.Link
var vxlanIf netlink.Link
log.Infof("Adding VxLAN link %s to remote address %s via %s with VNI %v", vxlan.Name, vxlan.Remote, vxlan.ParentIf, vxlan.ID)
UDPPort := 4789

// before creating vxlan interface, check if it doesn't exist already
if vxlanIf, err = netlink.LinkByName(vxlan.Name); err != nil {
Expand All @@ -44,10 +43,6 @@ func AddVxLanInterface(vxlan VxLAN) (err error) {
return fmt.Errorf("failed to get VxLAN parent interface %s: %v", vxlan.ParentIf, err)
}

if vxlan.UDPPort != 0 {
UDPPort = vxlan.UDPPort
}

vxlanconf := netlink.Vxlan{
LinkAttrs: netlink.LinkAttrs{
Name: vxlan.Name,
Expand All @@ -56,7 +51,7 @@ func AddVxLanInterface(vxlan VxLAN) (err error) {
VxlanId: vxlan.ID,
VtepDevIndex: parentIf.Attrs().Index,
Group: vxlan.Remote,
Port: UDPPort,
Port: vxlan.UDPPort,
Learning: true,
L2miss: true,
L3miss: true,
Expand Down
15 changes: 9 additions & 6 deletions cmd/vxlan.go
Original file line number Diff line number Diff line change
Expand Up @@ -16,12 +16,13 @@ import (
)

var (
vxlanRemote string
cntLink string
parentDev string
vxlanMTU int
vxlanID int
delPrefix string
vxlanRemote string
cntLink string
parentDev string
vxlanMTU int
vxlanID int
delPrefix string
vxlanUDPPort int
)

func init() {
Expand All @@ -36,6 +37,7 @@ func init() {
vxlanCreateCmd.Flags().StringVarP(&cntLink, "link", "l", "",
"link to which 'attach' vxlan tunnel with tc redirect")
vxlanCreateCmd.Flags().IntVarP(&vxlanMTU, "mtu", "m", 1554, "VxLAN MTU")
vxlanCreateCmd.Flags().IntVarP(&vxlanUDPPort, "port", "p", 14789, "VxLAN Destination UDP Port")

_ = vxlanCreateCmd.MarkFlagRequired("remote")
_ = vxlanCreateCmd.MarkFlagRequired("id")
Expand Down Expand Up @@ -80,6 +82,7 @@ var vxlanCreateCmd = &cobra.Command{
ParentIf: parentDev,
Remote: net.ParseIP(vxlanRemote),
MTU: vxlanMTU,
UDPPort: vxlanUDPPort,
}

if err := clab.AddVxLanInterface(vxlanCfg); err != nil {
Expand Down
31 changes: 21 additions & 10 deletions docs/cmd/tools/vxlan/create.md
Original file line number Diff line number Diff line change
@@ -1,39 +1,48 @@
# vxlan create

### Description
## Description

The `create` sub-command under the `tools vxlan` command creates a VxLAN interface and sets `tc` rules to redirect traffic to/from a specified interface available in root namespace of a container host.

This combination of a VxLAN interface and `tc` rules make possible to transparently connect lab nodes running on different VMs/hosts.

VxLAN interface name will be a catenation of a prefix `vx-` and the interface name that is used to redirect traffic. If the existing interface is named `srl_e1-1`, then VxLAN interface created for this interface will be named `vx-srl_e1-1`.

### Usage
## Usage

`containerlab tools vxlan create [local-flags]`

### Flags
## Flags

### remote

#### remote
VxLAN tunnels set up with this command are unidirectional in nature. To set the remote endpoint address the `--remote` flag should be used.

#### id
### port

Port number that the VxLAN tunnel will use is set with `--port | -p` flag. Defaults to `14789`[^1].

### id

VNI that the VxLAN tunnel will use is set with `--id | -i` flag. Defaults to `10`.

#### link
### link

As mentioned above, the tunnels are set up with a goal to transparently connect containers deployed on different hosts.

To indicate which interface will be "piped" to a VxLAN tunnel the `--link | -l` flag should be used.

#### dev
### dev

With `--dev` flag users can set the linux device that should be used in setting up the tunnel.

Normally this flag can be omitted, since containerlab will take the device name which is used to reach the remote address as seen by the kernel routing table.

#### mtu
### mtu

With `--mtu | -m` flag it is possible to set VxLAN MTU. Max MTU is automatically set, so this flag is only needed when MTU lower than max is needed to be provisioned.

### Examples
## Examples

```bash
# create vxlan tunnel and redirect traffic to/from existing interface srl_e1-1 to it
Expand All @@ -55,4 +64,6 @@ INFO[0000] configuring ingress mirroring with tc in the direction of srl_e1-1 ->
❯ ip l show vx-srl_e1-1
619: vx-srl_e1-1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1400 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/ether 7a:6e:ba:82:a4:6f brd ff:ff:ff:ff:ff:ff
```
```

[^1]: The reason we don't use default `4789` port number is because it is often blocked/filtered in (cloud) environments and we want to make sure that the VxLAN tunnels have higher chances to be established.

0 comments on commit 3f82778

Please sign in to comment.