mirror of
https://github.com/apache/cloudstack.git
synced 2025-10-26 08:42:29 +01:00
d3e95b98fc
* vxlan: Code indentation and styling fixes This script was using TAB instead of 4 spaces and had many blank lines containing whitespace. This commit also fixes some Bash styling, but it does not touch the functionality of the script. Signed-off-by: Wido den Hollander <wido@widodh.nl> * vxlan: Improve Bash if-statement logic Bash suggest using double brackets instead of single brackets in if-statement test logic Signed-off-by: Wido den Hollander <wido@widodh.nl> * vxlan: Disable IPv6 on bridge and VXLAN devices They are only transport devices and should not be interacting in the IPv6 traffic. If IPv6 is enabled Instances can connect to the Hypervisor over Link-Local IPv6 which is a potential security issue. By disabling IPv6 on the Bridge and VXLAN device they still forward Layer 2 packets as intended, but they do not respond on anything. IPv4 and IPv6 traffic towards the Instances is untouched and works as before. Signed-off-by: Wido den Hollander <wido@widodh.nl> * vxlan: Refactor modifyvxlan.sh for KVM by using only iproute2 This commit refactors the modifyvxlan.sh script by using only iproute2, the 'ip' command for all functions. brctl is deprecated and most bridge functionality can be performed with the 'ip' command. This commit also fixes various Bash coding fixes and removes a lot of exit status checking which was redundant. In addition it add IPv6 underlay for VXLAN transport. If the caller (KVM Agent) adds the '-6' flag it will generate IPv6 multicast groups and routes which will transport the VXLAN encapsulated packaes over IPv6 multicast groups. Signed-off-by: Wido den Hollander <wido@widodh.nl>