diff options
author | Christian Poessinger <christian@poessinger.com> | 2021-07-17 07:27:14 +0200 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2021-07-17 09:14:50 +0200 |
commit | 3c7f7fea1956ace7a5d2dd3da1768c9165fb74a6 (patch) | |
tree | 83798de7681030ec45eab8647f62ed0caf996f7c /src/conf_mode/interfaces-vxlan.py | |
parent | d108943a8e165cbb5d233f2e1edf14383a453aa8 (diff) | |
download | vyos-1x-3c7f7fea1956ace7a5d2dd3da1768c9165fb74a6.tar.gz vyos-1x-3c7f7fea1956ace7a5d2dd3da1768c9165fb74a6.zip |
vxlan: T3683: bugfix on MTU calculation for IPv6 underlay
(cherry picked from commit eb8cd3af91bac01a3f7f99b362c8105d69bb3c55)
Diffstat (limited to 'src/conf_mode/interfaces-vxlan.py')
-rwxr-xr-x | src/conf_mode/interfaces-vxlan.py | 21 |
1 files changed, 15 insertions, 6 deletions
diff --git a/src/conf_mode/interfaces-vxlan.py b/src/conf_mode/interfaces-vxlan.py index 9a6d72772..c035557f0 100755 --- a/src/conf_mode/interfaces-vxlan.py +++ b/src/conf_mode/interfaces-vxlan.py @@ -25,7 +25,9 @@ from vyos.configverify import verify_address from vyos.configverify import verify_bridge_delete from vyos.configverify import verify_mtu_ipv6 from vyos.configverify import verify_source_interface -from vyos.ifconfig import VXLANIf, Interface +from vyos.ifconfig import Interface +from vyos.ifconfig import VXLANIf +from vyos.template import is_ipv6 from vyos import ConfigError from vyos import airbag airbag.enable() @@ -65,12 +67,19 @@ def verify(vxlan): raise ConfigError('Must configure VNI for VXLAN') if 'source_interface' in vxlan: - # VXLAN adds a 50 byte overhead - we need to check the underlaying MTU - # if our configured MTU is at least 50 bytes less + # VXLAN adds at least an overhead of 50 byte - we need to check the + # underlaying device if our VXLAN package is not going to be fragmented! + vxlan_overhead = 50 + if 'source_address' in vxlan and is_ipv6(vxlan['source_address']): + # IPv6 adds an extra 20 bytes overhead because the IPv6 header is 20 + # bytes larger than the IPv4 header - assuming no extra options are + # in use. + vxlan_overhead += 20 + lower_mtu = Interface(vxlan['source_interface']).get_mtu() - if lower_mtu < (int(vxlan['mtu']) + 50): - raise ConfigError('VXLAN has a 50 byte overhead, underlaying device ' \ - f'MTU is to small ({lower_mtu} bytes)') + if lower_mtu < (int(vxlan['mtu']) + vxlan_overhead): + raise ConfigError(f'Underlaying device MTU is to small ({lower_mtu} '\ + f'bytes) for VXLAN overhead ({vxlan_overhead} bytes!)') verify_mtu_ipv6(vxlan) verify_address(vxlan) |