From fe94aa316dbbdf640889d2edf5204502d92de924 Mon Sep 17 00:00:00 2001 From: Yu Watanabe Date: Mon, 16 Jun 2025 16:47:49 +0900 Subject: [PATCH] network/tunnel: make sit and ipip tunnel support Mode= setting Closing #37377. --- man/systemd.netdev.xml | 22 ++++++++++++++++++++++ src/network/netdev/tunnel.c | 22 ++++++++++++++++++++++ src/network/netdev/tunnel.h | 2 ++ 3 files changed, 46 insertions(+) diff --git a/man/systemd.netdev.xml b/man/systemd.netdev.xml index a3f62e157c8..65812aca51f 100644 --- a/man/systemd.netdev.xml +++ b/man/systemd.netdev.xml @@ -1671,6 +1671,28 @@ Ports=eth2 + + ipip + ipip + IPv4 over IPv4 (default) + + + any + both IPv4 and IPv6 over IPv4 + + + sit + ipip + IPv4 over IPv4 + + + ip6ip + IPv6 over IPv4 (default) + + + any + both IPv4 and IPv6 over IPv4 + ip6tnl ipip6 diff --git a/src/network/netdev/tunnel.c b/src/network/netdev/tunnel.c index aaad0f32c16..29f353d8490 100644 --- a/src/network/netdev/tunnel.c +++ b/src/network/netdev/tunnel.c @@ -27,12 +27,16 @@ static const uint8_t tunnel_mode_to_proto[_TUNNEL_MODE_MAX] = { [TUNNEL_MODE_ANY] = 0, + [TUNNEL_MODE_IPIP] = IPPROTO_IPIP, + [TUNNEL_MODE_IP6IP] = IPPROTO_IPV6, [TUNNEL_MODE_IPIP6] = IPPROTO_IPIP, [TUNNEL_MODE_IP6IP6] = IPPROTO_IPV6, }; static const char* const tunnel_mode_table[_TUNNEL_MODE_MAX] = { [TUNNEL_MODE_ANY] = "any", + [TUNNEL_MODE_IPIP] = "ipip", + [TUNNEL_MODE_IP6IP] = "ip6ip", [TUNNEL_MODE_IPIP6] = "ipip6", [TUNNEL_MODE_IP6IP6] = "ip6ip6", }; @@ -201,6 +205,12 @@ static int netdev_ipip_sit_fill_message_create(NetDev *netdev, Link *link, sd_ne Tunnel *t = ASSERT_PTR(netdev)->kind == NETDEV_KIND_IPIP ? IPIP(netdev) : SIT(netdev); int r; + if (t->mode >= 0) { + r = sd_netlink_message_append_u8(m, IFLA_IPTUN_PROTO, tunnel_mode_to_proto[t->mode]); + if (r < 0) + return r; + } + if (t->external) { r = sd_netlink_message_append_flag(m, IFLA_IPTUN_COLLECT_METADATA); if (r < 0) @@ -697,6 +707,18 @@ static int netdev_tunnel_verify(NetDev *netdev, const char *filename) { if (t->mode >= 0) switch (netdev->kind) { + case NETDEV_KIND_IPIP: + if (!IN_SET(t->mode, TUNNEL_MODE_ANY, TUNNEL_MODE_IPIP)) + return log_netdev_warning_errno(netdev, SYNTHETIC_ERRNO(EINVAL), + "Specified unsupported tunnel mode %s, ignoring.", + tunnel_mode_to_string(t->mode)); + break; + case NETDEV_KIND_SIT: + if (!IN_SET(t->mode, TUNNEL_MODE_ANY, TUNNEL_MODE_IPIP, TUNNEL_MODE_IP6IP)) + return log_netdev_warning_errno(netdev, SYNTHETIC_ERRNO(EINVAL), + "Specified unsupported tunnel mode %s, ignoring.", + tunnel_mode_to_string(t->mode)); + break; case NETDEV_KIND_IP6TNL: if (!IN_SET(t->mode, TUNNEL_MODE_ANY, TUNNEL_MODE_IPIP6, TUNNEL_MODE_IP6IP6)) return log_netdev_warning_errno(netdev, SYNTHETIC_ERRNO(EINVAL), diff --git a/src/network/netdev/tunnel.h b/src/network/netdev/tunnel.h index 5c96161b24c..0f3af1efde1 100644 --- a/src/network/netdev/tunnel.h +++ b/src/network/netdev/tunnel.h @@ -9,6 +9,8 @@ /* For IFLA_IPTUN_PROTO attribute */ typedef enum TunnelMode { TUNNEL_MODE_ANY, /* 0, "any" */ + TUNNEL_MODE_IPIP, /* IPPROTO_IPIP, "ipip", for ipip and sit */ + TUNNEL_MODE_IP6IP, /* IPPROTO_IPV6, "ip6ip", for sit */ TUNNEL_MODE_IPIP6, /* IPPROTO_IPIP, "ipip6", for ip6tnl */ TUNNEL_MODE_IP6IP6, /* IPPROTO_IPV6, "ip6ip6", for ip6tnl */ _TUNNEL_MODE_MAX, -- 2.47.3