feat: add support for untagged frames

Should cover egress & ingress. Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-12-09 01:01:15 +01:00 · 2024-12-09 01:01:15 +01:00 · 3d951666ea
commit 3d951666ea
parent 9490822c1a
4 changed files with 33 additions and 8 deletions
--- a/modules/bridge/default.nix
+++ b/modules/bridge/default.nix
@ -9,8 +9,7 @@
 { lib, pkgs, config, ...}:
 let
-  inherit (lib) mkOption types;
+  inherit (lib) mkOption types mkEnableOption;
  inherit (pkgs.liminix.services) oneshot;
  inherit (pkgs) liminix;
 in
 {
@ -35,6 +34,20 @@ in
        default = null;
        description = "reuse mac address from an existing interface service";
      };
      untagged = {
        enable = mkEnableOption "untagged frames on port VID";
        pvid = mkOption {
          type = types.nullOr types.int;
          default = null;
          description = "Port VLAN ID for egress untagged frames";
        };
        default-pvid = mkOption {
          type = types.int;
          default = 0;
          description = "Default PVID for ingress untagged frames, defaults to 0, which disable untagged frames for ingress";
        };
      };
    };
    members = config.system.callService ./members.nix {
      primary = mkOption {
--- a/modules/bridge/primary.nix
+++ b/modules/bridge/primary.nix
@ -3,17 +3,22 @@
 , ifwait
 , lib
 }:
-{ ifname, macAddressFromInterface ? null } :
+{ ifname, macAddressFromInterface ? null, untagged } :
 let
-  inherit (liminix.services) bundle oneshot;
+  inherit (liminix.services) oneshot;
-  inherit (lib) mkOption types optional;
+  inherit (lib) optional optionalString;
  # This enables vlan_filtering if we do make use of it.
  extra = if untagged.enable then " vlan_filtering 1 vlan_default_pvid ${untagged.default-pvid}" else "";
 in oneshot rec {
  name = "${ifname}.link";
  up = ''
    ${if macAddressFromInterface == null then
-      "ip link add name ${ifname} type bridge"
+      "ip link add name ${ifname} type bridge${extra}"
      else
-      "ip link add name ${ifname} address $(output ${macAddressFromInterface} ether) type bridge"}
+      "ip link add name ${ifname} address $(output ${macAddressFromInterface} ether) type bridge${extra}"}
      ${optionalString untagged.enable 
        "bridge vlan add vid ${toString untagged.pvid} dev ${ifname} pvid untagged self"}
      (in_outputs ${name}
        echo ${ifname} > ifname
--- a/modules/vlan/default.nix
+++ b/modules/vlan/default.nix
@ -33,6 +33,11 @@ in
      description = "VLAN identifier (VID) in range 1-4094";
      type = types.str;
    };
    untagged.egress = mkOption {
      description = "Whether packets from this interface will go out *untagged*";
      type = types.bool;
      default = false;
    };
  };
  config.kernel.config = {
    VLAN_8021Q = "y";
--- a/modules/vlan/service.nix
+++ b/modules/vlan/service.nix
@ -2,13 +2,15 @@
  liminix
 , lib
 }:
-{ ifname, primary, vid } :
+{ ifname, primary, vid, untagged } :
 let
  inherit (lib) optionalString;
  inherit (liminix.services) oneshot;
 in oneshot rec {
  name = "${ifname}.link";
  up = ''
    ip link add link $(output ${primary} ifname) name ${ifname} type vlan id ${vid}
    ${optionalString untagged.egress "bridge vlan add dev ${ifname} vid ${toString untagged.vid} pvid untagged master"}
    ${liminix.networking.ifup name ifname}
    (in_outputs ${name}
     echo ${ifname} > ifname