-
Notifications
You must be signed in to change notification settings - Fork 325
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
gluon-mesh-batman-adv-brmldproxy: add package
Now that we have general support for routable IPv6 multicast address in Gluon master thanks to the newer Linux (bridge) and batman-adv versions it becomes more interesting to also support layer 3 IPv6 multicast routers. So far this was also not possible with the default settings in Gluon due to filtering MLD into the mesh. This now adds support for brmldproxy, a daemon which proxies MLD reports between bridge ports. For the Gluon scenario this package adds brmldproxy proxying configuration for the mesh side bat0 bridge port. The configuration is tuned in a way to enable the usage of layer 3 IPv6 multicast routers for routable IPv6 multicast address ranges. But with a lot smaller MLD overhead compared to the filter_membership_reports=false site.conf option. If a node has no multicast listener for a routable IPv6 multicast address then this node will emit no MLD report into the mesh. Furthermore, if a node has multiple multicast listening hosts for routable IPv6 multicast addresses then the node will act in deputy and respond with combined, aggregated MLD reports on behalf. This package is currently incompatible with a filter_membership_reports=true site.conf option. Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
- Loading branch information
Showing
7 changed files
with
129 additions
and
3 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
gluon-mesh-batman-adv-brmldproxy | ||
================================ | ||
|
||
The *gluon-mesh-batman-adv-brmldproxy* package adds configuration | ||
to enable `brmldproxy`_ in Gluon with batman-adv. | ||
|
||
The configuration is tuned in a way to enable the usage of | ||
layer 3 IPv6 multicast routers for routable IPv6 multicast | ||
address ranges. But with a lot smaller MLD overhead | ||
compared to the `filter_membership_reports=false` | ||
:ref:`site.conf <user-site-mesh>` option. | ||
|
||
If a node has no multicast listener for a routable IPv6 | ||
multicast address then this node will emit no MLD report | ||
into the mesh. Furthermore, if a node has multiple multicast | ||
listening hosts for routable IPv6 multicast addresses then the | ||
node will act in deputy and respond with combined, aggregated | ||
MLD reports on behalf. | ||
|
||
This package is currently incompatible with a | ||
`filter_membership_reports=false` | ||
:ref:`site.conf <user-site-mesh>` option. | ||
|
||
---- | ||
|
||
Notable layer 3 IPv6 multicast router implementations: | ||
|
||
* pim6sd: https://github.com/troglobit/pim6sd | ||
* HowTo at DN42: https://dn42.dev/howto/IPv6-Multicast | ||
* lcroute: https://codeberg.org/librecast/lcroute | ||
|
||
.. _brmldproxy: https://github.com/T-X/brmldproxy |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
include $(TOPDIR)/rules.mk | ||
|
||
PKG_NAME:=gluon-mesh-batman-adv-brmldproxy | ||
|
||
include ../gluon.mk | ||
|
||
define Package/gluon-mesh-batman-adv-brmldproxy | ||
TITLE:=Bridge MLD Proxy for Gluon | ||
DEPENDS:=+brmldproxy gluon-mesh-batman-adv | ||
endef | ||
|
||
define Package/gluon-mesh-batman-adv-brmldproxy/description | ||
Gluon community wifi mesh firmware framework: Configuration to | ||
enable brmldproxy in Gluon with batman-adv. | ||
|
||
The configuration is tuned in a way to enable the usage of | ||
layer 3 IPv6 multicast routers for routable IPv6 multicast | ||
address ranges. But with a lot smaller MLD overhead | ||
compared to the filter_membership_reports=false site.conf option. | ||
|
||
If a node has no multicast listener for a routable IPv6 | ||
multicast address then this node will emit no MLD report | ||
into the mesh. Furthermore, if a node has multiple multicast | ||
listening hosts for routable IPv6 multicast addresses then the | ||
node will act in deputy and respond with combined, aggregated | ||
MLD reports on behalf. | ||
|
||
This package is currently incompatible with a | ||
filter_membership_reports=true site.conf option. | ||
endef | ||
|
||
define Package/gluon-mesh-batman-adv-brmldproxy/conffiles | ||
/etc/config/brmldproxy | ||
endef | ||
|
||
$(eval $(call BuildPackageGluon,gluon-mesh-batman-adv-brmldproxy)) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
need_value(in_site({'mesh', 'filter_membership_reports'}), true, false) |
9 changes: 9 additions & 0 deletions
9
package/gluon-mesh-batman-adv-brmldproxy/files/etc/config/brmldproxy
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
config brmldproxy 'client' | ||
option disabled '0' | ||
option bridge 'client' | ||
option family 'ipv6' | ||
list proxiedport 'bat0' | ||
list excludedport 'local-port' | ||
list excludefilter 'ff05::2:1001' | ||
list excludefilter 'ff02::/ff0f::' | ||
list excludefilter 'ff00::/ff0e::' |
34 changes: 34 additions & 0 deletions
34
package/gluon-mesh-batman-adv-brmldproxy/luasrc/lib/gluon/upgrade/400-brmldproxy-firewall
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
#!/usr/bin/lua | ||
|
||
local uci = require('simple-uci').cursor() | ||
|
||
-- Allow incoming MLD on brmldp0/1/... devices | ||
uci:section('firewall', 'rule', 'brmldproxy_mld_in', { | ||
name = 'brmldproxy_mld_in', | ||
device = 'brmldp+', | ||
direction = 'in', | ||
src = '*', | ||
src_ip = 'fe80::/10', | ||
target = 'ACCEPT', | ||
family = 'ipv6', | ||
proto = 'icmp', | ||
icmp_type = { '130/0', '131/0', '132/0', '143/0', }, | ||
}) | ||
|
||
-- Fix default mark of MLDv2 reports (bug in the Linux IPv6 stack) | ||
-- See: https://marc.info/?l=netfilter&m=168959399302909 | ||
-- Subject: skb->mark not cleared for MLDv2 Reports? (skb->mark == 212 / 0xd4) | ||
uci:section('firewall', 'rule', 'brmldproxy_mldv2_mark_fixup', { | ||
name = 'brmldproxy_mldv2_mark_fixup', | ||
device = 'brmldp+', | ||
direction = 'out', | ||
dest = '*', | ||
src_ip = 'fe80::/10', | ||
target = 'MARK', | ||
set_mark = '0x0', | ||
family = 'ipv6', | ||
proto = 'icmp', | ||
icmp_type = { '143/0', }, | ||
}) | ||
|
||
uci:save('firewall') |