summaryrefslogtreecommitdiff
path: root/src/conf_mode
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2021-07-17 07:27:14 +0200
committerChristian Poessinger <christian@poessinger.com>2021-07-17 07:30:54 +0200
commiteb8cd3af91bac01a3f7f99b362c8105d69bb3c55 (patch)
tree0e8d6041edbd6b0ea32a97b00df2ff98080de100 /src/conf_mode
parent227391443df088f186f1719ae470ebb35d2ff706 (diff)
downloadvyos-1x-eb8cd3af91bac01a3f7f99b362c8105d69bb3c55.tar.gz
vyos-1x-eb8cd3af91bac01a3f7f99b362c8105d69bb3c55.zip
vxlan: T3683: bugfix on MTU calculation for IPv6 underlay
Diffstat (limited to 'src/conf_mode')
-rwxr-xr-xsrc/conf_mode/interfaces-vxlan.py21
1 files changed, 15 insertions, 6 deletions
diff --git a/src/conf_mode/interfaces-vxlan.py b/src/conf_mode/interfaces-vxlan.py
index 8e6247a30..804f2d14f 100755
--- a/src/conf_mode/interfaces-vxlan.py
+++ b/src/conf_mode/interfaces-vxlan.py
@@ -25,7 +25,9 @@ from vyos.configverify import verify_address
from vyos.configverify import verify_bridge_delete
from vyos.configverify import verify_mtu_ipv6
from vyos.configverify import verify_source_interface
-from vyos.ifconfig import VXLANIf, Interface
+from vyos.ifconfig import Interface
+from vyos.ifconfig import VXLANIf
+from vyos.template import is_ipv6
from vyos import ConfigError
from vyos import airbag
airbag.enable()
@@ -65,12 +67,19 @@ def verify(vxlan):
raise ConfigError('Must configure VNI for VXLAN')
if 'source_interface' in vxlan:
- # VXLAN adds a 50 byte overhead - we need to check the underlaying MTU
- # if our configured MTU is at least 50 bytes less
+ # VXLAN adds at least an overhead of 50 byte - we need to check the
+ # underlaying device if our VXLAN package is not going to be fragmented!
+ vxlan_overhead = 50
+ if 'source_address' in vxlan and is_ipv6(vxlan['source_address']):
+ # IPv6 adds an extra 20 bytes overhead because the IPv6 header is 20
+ # bytes larger than the IPv4 header - assuming no extra options are
+ # in use.
+ vxlan_overhead += 20
+
lower_mtu = Interface(vxlan['source_interface']).get_mtu()
- if lower_mtu < (int(vxlan['mtu']) + 50):
- raise ConfigError('VXLAN has a 50 byte overhead, underlaying device ' \
- f'MTU is to small ({lower_mtu} bytes)')
+ if lower_mtu < (int(vxlan['mtu']) + vxlan_overhead):
+ raise ConfigError(f'Underlaying device MTU is to small ({lower_mtu} '\
+ f'bytes) for VXLAN overhead ({vxlan_overhead} bytes!)')
verify_mtu_ipv6(vxlan)
verify_address(vxlan)