Maniphest T1961

VXLAN - fails to commit due to non-existent variable, broken MTU
Closed, ResolvedPublicBUG
Actions

Assigned To

Authored By

	kroy
	Jan 12 2020, 8:43 PM

Description

In attempting to set up a simple VXLAN, any commit fails on this:

Traceback (most recent call last):
  File "/usr/libexec/vyos/conf_mode/interfaces-vxlan.py", line 222, in <module>
    apply(c)
  File "/usr/libexec/vyos/conf_mode/interfaces-vxlan.py", line 192, in apply
    v.set_arp_filter(bond['ip_disable_arp_filter'])
NameError: name 'bond' is not defined

Also, it's impossible to use a multicast VXLAN over wireguard:

VXLAN has a 50 byte overhead, underlaying device MTU is to small (1420)

# set interfaces vxlan vxlan146 mtu 1390

  Number 1390 is not in the range 1450-9000

  MTU must be between 1450 and 9000
  Value validation failed
  Set failed

Details

Version: 1.3
Is it a breaking change?: Unspecified (possibly destroys the router)
Issue type: Bug (incorrect behavior)

Related Objects

Mentioned In: rVYOSONEX91de4ec9d95a: Merge pull request #204 from kroy-the-rabbit/vxlan-fix
rVYOSONEX4fa271c1d9e5: vxlan: T1961: bugfix for copy and paste error

Event Timeline

kroy created this task.Jan 12 2020, 8:43 PM

Restricted Repository Identity mentioned this in rVYOSONEX4fa271c1d9e5: vxlan: T1961: bugfix for copy and paste error.Jan 13 2020, 7:09 AM

Dou can try to play around withe the node.def and interfaces-vxlan.py file and lower the limits to see if it works at all.

Can‘t help you much right now besides this one small fix from above which I authored on my mobile.

Cheers from Langkawi!

@c-po Thanks for the fix.

This PR addresses the MTU issue.

The code references this RFC as a warning:

WARNING: RFC7348 recommends VXLAN tunnels preserve a 1500 byte MTU

But in looking at that RFC, I couldn't actually find such a reference. Just that the MTU needs to fit from end-to-end.

I did confirm that removing the limit allows a tunnel to work fine with the simple config:

vxlan vxlan146 {
    group 239.0.3.232
    ip {
        enable-arp-accept
        enable-arp-announce
    }
    link wg3
    mtu 1370
    vni 146
}

So I picked an arbitrarily low MTU that would allow a tunnel within a tunnel (like PPPoE) to work.

kroy changed the task status from Open to Needs testing.Jan 13 2020, 7:45 PM

kroy claimed this task.

Restricted Repository Identity mentioned this in rVYOSONEX91de4ec9d95a: Merge pull request #204 from kroy-the-rabbit/vxlan-fix.Jan 13 2020, 7:48 PM

pasik subscribed.Jan 14 2020, 6:54 PM

kroy closed this task as Resolved.Mar 11 2020, 2:01 AM

kroy moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus board.

erkin set Issue type to Bug (incorrect behavior).Aug 31 2021, 5:53 PM

syncer edited projects, added VyOS 1.3 Equuleus (1.3.0); removed VyOS 1.3 Equuleus.Aug 30 2022, 2:03 PM

syncer moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.0) board.

VXLAN - fails to commit due to non-existent variable, broken MTUClosed, ResolvedPublicBUGActions

Description

Details

Related Objects

Event Timeline

VXLAN - fails to commit due to non-existent variable, broken MTU
Closed, ResolvedPublicBUG
Actions