gre: Temporary workarounds for GRE on Xen.

Two issues exist that prevent GRE tunnels from working properly on
Xen: iptables rules and brcompatd.  The first issue is that GRE
traffic is not permitted by the default iptables rules.  The second
is that brcompatd removes ports from the configuration that it
believes do not exist, which causes GRE ports to be deleted before
they are created.

This commit avoids these issues though not in the most optimal way.
Better fixes will be forthcoming in the near future.

diff --git a/vswitchd/ovs-brcompatd.c b/vswitchd/ovs-brcompatd.c
index 99d08c5bd4337e4540bc26c60f5a287dc5fe3abf..7944b8b01d1626d2e1a319ca97b2433072926296 100644 (file)
--- a/vswitchd/ovs-brcompatd.c
+++ b/vswitchd/ovs-brcompatd.c
@@ -1103,13 +1103,13 @@ main(int argc, char *argv[])
          *   2) We periodically check all ports associated with bridges
          *      to see if they no longer exist.
          */
-        if (prune_timeout) {
+        /*if (prune_timeout) {
             rtnl_recv_update();
             prune_ports();
 
             nl_sock_wait(rtnl_sock, POLLIN);
             poll_timer_wait(prune_timeout);
-        }
+        }*/
 
         nl_sock_wait(brc_sock, POLLIN);
         unixctl_server_wait(unixctl);

diff --git a/xenserver/etc_init.d_vswitch b/xenserver/etc_init.d_vswitch
index 7299430b8db900f130fb9859202c85271ecdfba5..1b250dd84ef8cbba6f3ec75a711410d415c95539 100755 (executable)
--- a/xenserver/etc_init.d_vswitch
+++ b/xenserver/etc_init.d_vswitch
@@ -261,6 +261,9 @@ function start {
     # ovs-vswitchd needs a few per bridge
     ulimit -n 4096
 
+    # Allow GRE traffic.
+    iptables -I INPUT -p gre -j ACCEPT
+
     if [ ! -e "$VSWITCHD_CONF" ]; then
         warning "$VSWITCHD_CONF does not exist"
         action "Creating empty $VSWITCHD_CONF" touch "$VSWITCHD_CONF"