gluon-client-bridge: use a veth pair instead of macvlan to connect local-node to br-client

macvlan interfaces never directly exchange traffic with the underlying interface, but only with other hosts behind the interface. In consequence, router advertisements from the uradvd running on br-client could never reach local-node, preventing it from getting an IPv6 address without RAs from an external radvd. Fix this be replacing the macvlan interface with a veth pair (with the peer interface in br-client). As a side effect, this saves about 5KB of flash, as the veth module is simpler than macvlan.

gluon-client-bridge: use a veth pair instead of macvlan to connect local-node to br-client
f238b011 · Matthias Schiffer · 249ff340 · f238b011 · f238b011 · f238b011
Unverified Commit f238b011 authored 8 years ago by Matthias Schiffer
--- a/package/gluon-client-bridge/Makefile
+++ b/package/gluon-client-bridge/Makefile
@@ -12,7 +12,7 @@ define Package/gluon-client-bridge
  SECTION:=gluon
  CATEGORY:=Gluon
  TITLE:=Provides a bridge and a wireless interface for clients to connect to
-  DEPENDS:=+gluon-core +kmod-macvlan
+  DEPENDS:=+gluon-core +kmod-veth
 endef

 define Build/Prepare

--- a/package/gluon-client-bridge/luasrc/lib/gluon/upgrade/300-gluon-client-bridge-network
+++ b/package/gluon-client-bridge/luasrc/lib/gluon/upgrade/300-gluon-client-bridge-network
@@ -23,6 +23,9 @@ if sysconfig.lan_ifname and not ifname and not uci:get_bool('network', 'mesh_lan
 	end
 end

+util.add_to_set(interfaces, 'local-port')
+
+
 uci:delete('network', 'client')
 uci:section('network', 'interface', 'client', {
 	type = 'bridge',

--- a/package/gluon-client-bridge/luasrc/lib/gluon/upgrade/310-gluon-client-bridge-local-node
+++ b/package/gluon-client-bridge/luasrc/lib/gluon/upgrade/310-gluon-client-bridge-local-node
@@ -8,10 +8,11 @@ local uci = require('simple-uci').cursor()

 uci:delete('network', 'local_node_dev')
 uci:section('network', 'device', 'local_node_dev', {
+	type = 'veth',
 	name = 'local-node',
-	ifname = 'br-client',
-	type = 'macvlan',
 	macaddr = site.next_node.mac,
+	peer_name = 'local-port',
+	peer_macaddr = sysconfig.primary_mac,
 })



--- a/package/gluon-ebtables/files/lib/gluon/ebtables/101-dir-rules
+++ b/package/gluon-ebtables/files/lib/gluon/ebtables/101-dir-rules
-rule 'IN_ONLY --logical-in br-client -i ! bat0 -j DROP'
-rule 'OUT_ONLY --logical-out br-client -o ! bat0 -j DROP'
+rule 'IN_ONLY --logical-in br-client -i bat0 -j RETURN'
+rule 'IN_ONLY --logical-in br-client -i local-port -j RETURN'
+rule 'IN_ONLY --logical-in br-client -j DROP'
+
+rule 'OUT_ONLY --logical-out br-client -o bat0 -j RETURN'
+rule 'OUT_ONLY --logical-out br-client -o local-port -j RETURN'
+rule 'OUT_ONLY --logical-out br-client -j DROP'