Page MenuHomeVyOS Platform
Create Task
Maniphest T1961

VXLAN - fails to commit due to non-existent variable, broken MTU
Closed, ResolvedPublicBUG
Actions

Description

In attempting to set up a simple VXLAN, any commit fails on this:

Traceback (most recent call last):
  File "/usr/libexec/vyos/conf_mode/interfaces-vxlan.py", line 222, in <module>
    apply(c)
  File "/usr/libexec/vyos/conf_mode/interfaces-vxlan.py", line 192, in apply
    v.set_arp_filter(bond['ip_disable_arp_filter'])
NameError: name 'bond' is not defined

Also, it's impossible to use a multicast VXLAN over wireguard:

VXLAN has a 50 byte overhead, underlaying device MTU is to small (1420)
# set interfaces vxlan vxlan146 mtu 1390

  Number 1390 is not in the range 1450-9000

  MTU must be between 1450 and 9000
  Value validation failed
  Set failed

Details

Difficulty level
Unknown (require assessment)
Version
1.3
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Bug (incorrect behavior)

Event Timeline

kroy created this task.Jan 12 2020, 8:43 PM
c-po added a subscriber: c-po.Jan 13 2020, 7:13 AM

Dou can try to play around withe the node.def and interfaces-vxlan.py file and lower the limits to see if it works at all.

Can‘t help you much right now besides this one small fix from above which I authored on my mobile.

Cheers from Langkawi!

kroy added a comment.Jan 13 2020, 7:44 PM

@c-po Thanks for the fix.

This PR addresses the MTU issue.

The code references this RFC as a warning:

WARNING: RFC7348 recommends VXLAN tunnels preserve a 1500 byte MTU

But in looking at that RFC, I couldn't actually find such a reference. Just that the MTU needs to fit from end-to-end.

I did confirm that removing the limit allows a tunnel to work fine with the simple config:

vxlan vxlan146 {
    group 239.0.3.232
    ip {
        enable-arp-accept
        enable-arp-announce
    }
    link wg3
    mtu 1370
    vni 146
}

So I picked an arbitrarily low MTU that would allow a tunnel within a tunnel (like PPPoE) to work.

kroy changed the task status from Open to Needs testing.Jan 13 2020, 7:45 PM
kroy claimed this task.
pasik added a subscriber: pasik.Jan 14 2020, 6:54 PM
kroy closed this task as Resolved.Mar 11 2020, 2:01 AM
kroy moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus board.
erkin set Issue type to Bug (incorrect behavior).Aug 31 2021, 5:53 PM
syncer edited projects, added VyOS 1.3 Equuleus (1.3.0); removed VyOS 1.3 Equuleus.Aug 30 2022, 2:03 PM
syncer moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.0) board.