parallelvirtualcluster
/
pvc
1
0
Fork 0
Code Issues 11 Pull Requests Projects Releases 111 Wiki Activity

Disable tx offloading on bridge interfaces 

Reference: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717215#68

Without this, DHCP fails when traversing only the local bridge, for
Debian Jessie or earlier (and possibly other OSes as well), due to the
missing UDP checksums. This disables the offload and hence reenables
the checksums even on the software-only bridge.

Also rearranged the steps and added comments arround this section to
better clarify what each command is doing.
This commit is contained in:
Joshua Boniface 2019-06-24 16:35:52 -04:00
parent b52cf01ecc
commit 85a5a8a0c9
1 changed files with 42 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
node-daemon/pvcd/VXNetworkInstance.py
View File

@ -420,6 +420,8 @@ add rule inet filter forward ip6 saddr {netaddr6} counter jump {vxlannic}-out
prefix='VNI {}'.format(self.vni),
state='o'
)
# Create vLAN interface
common.run_os_command(
'ip link add link {} name {} type vlan id {}'.format(
self.vni_dev,
@ -427,18 +429,14 @@ add rule inet filter forward ip6 saddr {netaddr6} counter jump {vxlannic}-out
self.vni
)
)
# Create bridge interface
common.run_os_command(
'brctl addbr {}'.format(
self.bridge_nic
)
)
common.run_os_command(
'brctl addif {} {}'.format(
self.bridge_nic,
self.vlan_nic
)
)
# Set MTU of vLAN and bridge NICs
vx_mtu = self.vni_mtu
common.run_os_command(
'ip link set {} mtu {} up'.format(
@ -452,13 +450,29 @@ add rule inet filter forward ip6 saddr {netaddr6} counter jump {vxlannic}-out
vx_mtu
)
)
# Disable tx checksum offload on bridge interface (breaks DHCP on Debian < 9)
common.run_os_command(
'ethtool -K {} tx off'.format(
self.bridge_nic
)
)
# Disable IPv6 DAD on bridge interface
common.run_os_command(
# Disable IPv6 DAD on bridge NICs
'sysctl net.ipv6.conf.{}.accept_dad=0'.format(
self.bridge_nic
)
)
# Add vLAN interface to bridge interface
common.run_os_command(
'brctl addif {} {}'.format(
self.bridge_nic,
self.vlan_nic
)
)
# Create managed network configuration
def createNetworkManaged(self):
self.logger.out(
@ -468,6 +482,8 @@ add rule inet filter forward ip6 saddr {netaddr6} counter jump {vxlannic}-out
prefix='VNI {}'.format(self.vni),
state='o'
)
# Create VXLAN interface
common.run_os_command(
'ip link add {} type vxlan id {} dstport 4789 dev {}'.format(
self.vxlan_nic,
@ -475,18 +491,14 @@ add rule inet filter forward ip6 saddr {netaddr6} counter jump {vxlannic}-out
self.vni_dev
)
)
# Create bridge interface
common.run_os_command(
'brctl addbr {}'.format(
self.bridge_nic
)
)
common.run_os_command(
'brctl addif {} {}'.format(
self.bridge_nic,
self.vxlan_nic
)
)
# Set MTU of VXLAN and bridge NICs
vx_mtu = self.vni_mtu - 50
common.run_os_command(
'ip link set {} mtu {} up'.format(
@ -500,13 +512,29 @@ add rule inet filter forward ip6 saddr {netaddr6} counter jump {vxlannic}-out
vx_mtu
)
)
# Disable tx checksum offload on bridge interface (breaks DHCP on Debian < 9)
common.run_os_command(
'ethtool -K {} tx off'.format(
self.bridge_nic
)
)
# Disable IPv6 DAD on bridge interface
common.run_os_command(
# Disable IPv6 DAD on bridge NICs
'sysctl net.ipv6.conf.{}.accept_dad=0'.format(
self.bridge_nic
)
)
# Add VXLAN interface to bridge interface
common.run_os_command(
'brctl addif {} {}'.format(
self.bridge_nic,
self.vxlan_nic
)
)
def createFirewall(self):
if self.nettype == 'managed':
# For future use