svn commit: r284365 - in stable/10: sbin/ifconfig share/man/man4 sys/conf sys/modules sys/modules/if_vxlan sys/net sys/sys

Sun Jun 14 03:14:49 UTC 2015

Author: bryanv
Date: Sun Jun 14 03:14:45 2015
New Revision: 284365
URL: https://svnweb.freebsd.org/changeset/base/284365

Log:
  MFC r273331, r273371, r275851:
  
   - Add vxlan interface
  
   - Use the size of the Ethernet address, not the entire header, when
     copying into forwarding entry.
  
   - Prefix all the vxlan ifconfig commands so they are unique

Added:
  stable/10/sbin/ifconfig/ifvxlan.c
     - copied, changed from r273331, head/sbin/ifconfig/ifvxlan.c
  stable/10/share/man/man4/vxlan.4
     - copied, changed from r273331, head/share/man/man4/vxlan.4
  stable/10/sys/modules/if_vxlan/
     - copied from r273331, head/sys/modules/if_vxlan/
  stable/10/sys/net/if_vxlan.c
     - copied, changed from r273331, head/sys/net/if_vxlan.c
  stable/10/sys/net/if_vxlan.h
     - copied unchanged from r273331, head/sys/net/if_vxlan.h
Modified:
  stable/10/sbin/ifconfig/Makefile
  stable/10/sbin/ifconfig/ifconfig.8
  stable/10/share/man/man4/Makefile
  stable/10/sys/conf/NOTES
  stable/10/sys/conf/files
  stable/10/sys/modules/Makefile
  stable/10/sys/sys/priv.h
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/sbin/ifconfig/Makefile
==============================================================================

--- stable/10/sbin/ifconfig/Makefile	Sun Jun 14 02:21:19 2015	(r284364)
+++ stable/10/sbin/ifconfig/Makefile	Sun Jun 14 03:14:45 2015	(r284365)
@@ -31,6 +31,7 @@ SRCS+=	ifmac.c			# MAC support
 SRCS+=	ifmedia.c		# SIOC[GS]IFMEDIA support
 SRCS+=	iffib.c			# non-default FIB support
 SRCS+=	ifvlan.c		# SIOC[GS]ETVLAN support
+SRCS+=	ifvxlan.c		# VXLAN support
 SRCS+=	ifgre.c			# GRE keys etc
 SRCS+=	ifgif.c			# GIF reversed header workaround
 

Modified: stable/10/sbin/ifconfig/ifconfig.8
==============================================================================
--- stable/10/sbin/ifconfig/ifconfig.8	Sun Jun 14 02:21:19 2015	(r284364)
+++ stable/10/sbin/ifconfig/ifconfig.8	Sun Jun 14 03:14:45 2015	(r284365)
@@ -2586,6 +2586,76 @@ argument is useless and hence deprecated
 .El
 .Pp
 The following parameters are used to configure
+.Xr vxlan 4
+interfaces.
+.Bl -tag -width indent
+.It Cm vxlanid Ar identifier
+This value is a 24-bit VXLAN Network Identifier (VNI) that identifies the
+virtual network segment membership of the interface.
+.It Cm vxlanlocal Ar address
+The source address used in the encapsulating IPv4/IPv6 header.
+The address should already be assigned to an existing interface.
+When the interface is configured in unicast mode, the listening socket
+is bound to this address.
+.It Cm vxlanremote Ar address
+The interface can be configured in a unicast, or point-to-point, mode
+to create a tunnel between two hosts.
+This is the IP address of the remote end of the tunnel.
+.It Cm vxlangroup Ar address
+The interface can be configured in a multicast mode
+to create a virtual network of hosts.
+This is the IP multicast group address the interface will join.
+.It Cm vxlanlocalport Ar port
+The port number the interface will listen on.
+The default port number is 4789.
+.It Cm vxlanremoteport Ar port
+The destination port number used in the encapsulating IPv4/IPv6 header.
+The remote host should be listening on this port.
+The default port number is 4789.
+Note some other implementations, such as Linux,
+do not default to the IANA assigned port,
+but instead listen on port 8472.
+.It Cm vxlanportrange Ar low high
+The range of source ports used in the encapsulating IPv4/IPv6 header.
+The port selected within the range is based on a hash of the inner frame.
+A range is useful to provide entropy within the outer IP header
+for more effective load balancing.
+The default range is between the
+.Xr sysctl 8
+variables
+.Va net.inet.ip.portrange.first
+and
+.Va net.inet.ip.portrange.last
+.It Cm vxlantimeout Ar timeout
+The maximum time, in seconds, before an entry in the forwarding table
+is pruned.
+The default is 1200 seconds (20 minutes).
+.It Cm vxlanmaxaddr Ar max
+The maximum number of entries in the forwarding table.
+The default is 2000.
+.It Cm vxlandev Ar dev
+When the interface is configured in multicast mode, the
+.Cm dev
+interface is used to transmit IP multicast packets.
+.It Cm vxlanttl Ar ttl
+The TTL used in the encapsulating IPv4/IPv6 header.
+The default is 64.
+.It Cm vxlanlearn
+The source IP address and inner source Ethernet MAC address of
+received packets are used to dynamically populate the forwarding table.
+When in multicast mode, an entry in the forwarding table allows the
+interface to send the frame directly to the remote host instead of
+broadcasting the frame to the multicast group.
+This is the default.
+.It Fl vxlanlearn
+The forwarding table is not populated by recevied packets.
+.It Cm vxlanflush
+Delete all dynamically-learned addresses from the forwarding table.
+.It Cm vxlanflushall
+Delete all addresses, including static addresses, from the forwarding table.
+.El
+.Pp
+The following parameters are used to configure
 .Xr carp 4
 protocol on an interface:
 .Bl -tag -width indent
@@ -2790,6 +2860,7 @@ tried to alter an interface's configurat
 .Xr pfsync 4 ,
 .Xr polling 4 ,
 .Xr vlan 4 ,
+.Xr vxlan 4 ,
 .Xr devd.conf 5 ,
 .\" .Xr eon 5 ,
 .Xr devd 8 ,

Copied and modified: stable/10/sbin/ifconfig/ifvxlan.c (from r273331, head/sbin/ifconfig/ifvxlan.c)
==============================================================================
--- head/sbin/ifconfig/ifvxlan.c	Mon Oct 20 14:42:42 2014	(r273331, copy source)
+++ stable/10/sbin/ifconfig/ifvxlan.c	Sun Jun 14 03:14:45 2015	(r284365)
@@ -595,36 +595,36 @@ setvxlan_flush(const char *val, int d, i
 
 static struct cmd vxlan_cmds[] = {
 
-	DEF_CLONE_CMD_ARG("vni",		setvxlan_vni),
-	DEF_CLONE_CMD_ARG("local",		setvxlan_local),
-	DEF_CLONE_CMD_ARG("remote",		setvxlan_remote),
-	DEF_CLONE_CMD_ARG("group",		setvxlan_group),
-	DEF_CLONE_CMD_ARG("localport",		setvxlan_local_port),
-	DEF_CLONE_CMD_ARG("remoteport",		setvxlan_remote_port),
-	DEF_CLONE_CMD_ARG2("portrange",		setvxlan_port_range),
-	DEF_CLONE_CMD_ARG("timeout",		setvxlan_timeout),
-	DEF_CLONE_CMD_ARG("maxaddr",		setvxlan_maxaddr),
+	DEF_CLONE_CMD_ARG("vxlanid",		setvxlan_vni),
+	DEF_CLONE_CMD_ARG("vxlanlocal",		setvxlan_local),
+	DEF_CLONE_CMD_ARG("vxlanremote",	setvxlan_remote),
+	DEF_CLONE_CMD_ARG("vxlangroup",		setvxlan_group),
+	DEF_CLONE_CMD_ARG("vxlanlocalport",	setvxlan_local_port),
+	DEF_CLONE_CMD_ARG("vxlanremoteport",	setvxlan_remote_port),
+	DEF_CLONE_CMD_ARG2("vxlanportrange",	setvxlan_port_range),
+	DEF_CLONE_CMD_ARG("vxlantimeout",	setvxlan_timeout),
+	DEF_CLONE_CMD_ARG("vxlanmaxaddr",	setvxlan_maxaddr),
 	DEF_CLONE_CMD_ARG("vxlandev",		setvxlan_dev),
-	DEF_CLONE_CMD_ARG("ttl",		setvxlan_ttl),
-	DEF_CLONE_CMD("learn", 1,		setvxlan_learn),
-	DEF_CLONE_CMD("-learn", 0,		setvxlan_learn),
-
-	DEF_CMD_ARG("vni",			setvxlan_vni),
-	DEF_CMD_ARG("local",			setvxlan_local),
-	DEF_CMD_ARG("remote",			setvxlan_remote),
-	DEF_CMD_ARG("group",			setvxlan_group),
-	DEF_CMD_ARG("localport",		setvxlan_local_port),
-	DEF_CMD_ARG("remoteport",		setvxlan_remote_port),
-	DEF_CMD_ARG2("portrange",		setvxlan_port_range),
-	DEF_CMD_ARG("timeout",			setvxlan_timeout),
-	DEF_CMD_ARG("maxaddr",			setvxlan_maxaddr),
+	DEF_CLONE_CMD_ARG("vxlanttl",		setvxlan_ttl),
+	DEF_CLONE_CMD("vxlanlearn", 1,		setvxlan_learn),
+	DEF_CLONE_CMD("-vxlanlearn", 0,		setvxlan_learn),
+
+	DEF_CMD_ARG("vxlanvni",			setvxlan_vni),
+	DEF_CMD_ARG("vxlanlocal",		setvxlan_local),
+	DEF_CMD_ARG("vxlanremote",		setvxlan_remote),
+	DEF_CMD_ARG("vxlangroup",		setvxlan_group),
+	DEF_CMD_ARG("vxlanlocalport",		setvxlan_local_port),
+	DEF_CMD_ARG("vxlanremoteport",		setvxlan_remote_port),
+	DEF_CMD_ARG2("vxlanportrange",		setvxlan_port_range),
+	DEF_CMD_ARG("vxlantimeout",		setvxlan_timeout),
+	DEF_CMD_ARG("vxlanmaxaddr",		setvxlan_maxaddr),
 	DEF_CMD_ARG("vxlandev",			setvxlan_dev),
-	DEF_CMD_ARG("ttl",			setvxlan_ttl),
-	DEF_CMD("learn", 1,			setvxlan_learn),
-	DEF_CMD("-learn", 0,			setvxlan_learn),
+	DEF_CMD_ARG("vxlanttl",			setvxlan_ttl),
+	DEF_CMD("vxlanlearn", 1,		setvxlan_learn),
+	DEF_CMD("-vxlanlearn", 0,		setvxlan_learn),
 
-	DEF_CMD("flush", 0,			setvxlan_flush),
-	DEF_CMD("flushall", 1,			setvxlan_flush),
+	DEF_CMD("vxlanflush", 0,		setvxlan_flush),
+	DEF_CMD("vxlanflushall", 1,		setvxlan_flush),
 };
 
 static struct afswtch af_vxlan = {

Modified: stable/10/share/man/man4/Makefile
==============================================================================
--- stable/10/share/man/man4/Makefile	Sun Jun 14 02:21:19 2015	(r284364)
+++ stable/10/share/man/man4/Makefile	Sun Jun 14 03:14:45 2015	(r284365)
@@ -518,6 +518,7 @@ MAN=	aac.4 \
 	${_virtio_scsi.4} \
 	vkbd.4 \
 	vlan.4 \
+	vxlan.4 \
 	${_vmx.4} \
 	vpo.4 \
 	vr.4 \
@@ -688,6 +689,7 @@ MLINKS+=tx.4 if_tx.4
 MLINKS+=txp.4 if_txp.4
 MLINKS+=vge.4 if_vge.4
 MLINKS+=vlan.4 if_vlan.4
+MLINKS+=vxlan.4 if_vxlan.4
 MLINKS+=${_vmx.4} ${_if_vmx.4}
 MLINKS+=vpo.4 imm.4
 MLINKS+=vr.4 if_vr.4

Copied and modified: stable/10/share/man/man4/vxlan.4 (from r273331, head/share/man/man4/vxlan.4)
==============================================================================
--- head/share/man/man4/vxlan.4	Mon Oct 20 14:42:42 2014	(r273331, copy source)
+++ stable/10/share/man/man4/vxlan.4	Sun Jun 14 03:14:45 2015	(r284365)
@@ -24,7 +24,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd October 20, 2014
+.Dd December 16, 2014
 .Dt VXLAN 4
 .Os
 .Sh NAME
@@ -140,7 +140,7 @@ or VNI.
 .Pp
 When configured with the
 .Xr ifconfig 8
-.Cm learn
+.Cm vxlanlearn
 parameter, the interface dynamically creates forwarding table entries
 from received packets.
 An entry in the forwarding table maps the inner source MAC address
@@ -153,16 +153,16 @@ Otherwise, when configured in multicast 
 the interface must flood the frame to all hosts in the group.
 The maximum number of entries in the table is configurable with the
 .Xr ifconfig 8
-.Cm maxaddr
+.Cm vxlanmaxaddr
 command.
 Stale entries in the table periodically pruned.
 The timeout is configurable with the
 .Xr ifconfig 8
-.Cm timeout
+.Cm vxlantimeout
 command.
 The table may be viewed with the
 .Xr sysctl 8
-.Cm net.link.vlxan.N.ftable.dump
+.Cm net.link.vxlan.N.ftable.dump
 command.
 .Sh MTU
 Since the
@@ -187,13 +187,13 @@ Create a
 .Nm
 interface in unicast mode
 with the
-.Cm local
+.Cm vxlanlocal
 tunnel address of 192.168.100.1,
 and the
-.Cm remote
+.Cm vxlanremote
 tunnel address of 192.168.100.2.
 .Bd -literal -offset indent
-ifconfig vxlan create vni 108 local 192.168.100.1 remote 192.168.100.2
+ifconfig vxlan create vxlanid 108 vxlanlocal 192.168.100.1 vxlanremote 192.168.100.2
 .Ed
 .Pp
 Create a
@@ -207,7 +207,7 @@ and the
 address of 224.0.2.6.
 The em0 interface will be used to transmit multicast packets.
 .Bd -literal -offset indent
-ifconfig vxlan create vni 42 local 192.168.10.95 group 224.0.2.6 vxlandev em0
+ifconfig vxlan create vxlanid 42 vxlanlocal 192.168.10.95 vxlangroup 224.0.2.6 vxlandev em0
 .Ed
 .Pp
 Once created, the

Modified: stable/10/sys/conf/NOTES
==============================================================================
--- stable/10/sys/conf/NOTES	Sun Jun 14 02:21:19 2015	(r284364)
+++ stable/10/sys/conf/NOTES	Sun Jun 14 03:14:45 2015	(r284365)
@@ -793,6 +793,10 @@ device		ether
 #  according to IEEE 802.1Q.
 device		vlan
 
+# The `vxlan' device implements the VXLAN encapsulation of Ethernet
+# frames in UDP packets according to RFC7348.
+device		vxlan
+
 #  The `wlan' device provides generic code to support 802.11
 #  drivers, including host AP mode; it is MANDATORY for the wi,
 #  and ath drivers and will eventually be required by all 802.11 drivers.

Modified: stable/10/sys/conf/files
==============================================================================
--- stable/10/sys/conf/files	Sun Jun 14 02:21:19 2015	(r284364)
+++ stable/10/sys/conf/files	Sun Jun 14 03:14:45 2015	(r284365)
@@ -3238,6 +3238,7 @@ net/if_stf.c			optional stf inet inet6
 net/if_tun.c			optional tun
 net/if_tap.c			optional tap
 net/if_vlan.c			optional vlan
+net/if_vxlan.c			optional vxlan inet | vxlan inet6
 net/mppcc.c			optional netgraph_mppc_compression
 net/mppcd.c			optional netgraph_mppc_compression
 net/netisr.c			standard

Modified: stable/10/sys/modules/Makefile
==============================================================================
--- stable/10/sys/modules/Makefile	Sun Jun 14 02:21:19 2015	(r284364)
+++ stable/10/sys/modules/Makefile	Sun Jun 14 03:14:45 2015	(r284365)
@@ -150,6 +150,7 @@ SUBDIR=	\
 	if_tap \
 	if_tun \
 	if_vlan \
+	if_vxlan \
 	${_igb} \
 	${_iir} \
 	${_imgact_binmisc} \

Copied and modified: stable/10/sys/net/if_vxlan.c (from r273331, head/sys/net/if_vxlan.c)
==============================================================================
--- head/sys/net/if_vxlan.c	Mon Oct 20 14:42:42 2014	(r273331, copy source)
+++ stable/10/sys/net/if_vxlan.c	Sun Jun 14 03:14:45 2015	(r284365)
@@ -716,7 +716,7 @@ vxlan_ftable_entry_init(struct vxlan_sof
 
 	fe->vxlfe_flags = flags;
 	fe->vxlfe_expire = time_uptime + sc->vxl_ftable_timeout;
-	memcpy(fe->vxlfe_mac, mac, ETHER_HDR_LEN);
+	memcpy(fe->vxlfe_mac, mac, ETHER_ADDR_LEN);
 	vxlan_sockaddr_copy(&fe->vxlfe_raddr, sa);
 }
 

Copied: stable/10/sys/net/if_vxlan.h (from r273331, head/sys/net/if_vxlan.h)
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ stable/10/sys/net/if_vxlan.h	Sun Jun 14 03:14:45 2015	(r284365, copy of r273331, head/sys/net/if_vxlan.h)
@@ -0,0 +1,148 @@
+/*-
+ * Copyright (c) 2014, Bryan Venteicher <bryanv at FreeBSD.org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice unmodified, this list of conditions, and the following
+ *    disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * $FreeBSD$
+ */
+
+#ifndef _NET_IF_VXLAN_H_
+#define _NET_IF_VXLAN_H_
+
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <net/ethernet.h>
+#include <net/if.h>
+#include <netinet/in.h>
+
+struct vxlan_header {
+	uint32_t	vxlh_flags;
+	uint32_t	vxlh_vni;
+};
+
+#define VXLAN_HDR_FLAGS_VALID_VNI	0x08000000
+#define VXLAN_HDR_VNI_SHIFT		8
+
+#define VXLAN_VNI_MAX	(1 << 24)
+#define VXLAN_VNI_MASK	(VXLAN_VNI_MAX - 1)
+
+/*
+ * The port assigned by IANA is 4789, but some early implementations
+ * (like Linux) use 8472 instead. If not specified, we default to
+ * the IANA port.
+ */
+#define VXLAN_PORT		4789
+#define VXLAN_LEGACY_PORT	8472
+
+struct ifvxlanparam {
+	uint64_t		vxlp_with;
+
+#define VXLAN_PARAM_WITH_VNI		0x0001
+#define VXLAN_PARAM_WITH_LOCAL_ADDR4	0x0002
+#define VXLAN_PARAM_WITH_LOCAL_ADDR6	0x0004
+#define VXLAN_PARAM_WITH_REMOTE_ADDR4	0x0008
+#define VXLAN_PARAM_WITH_REMOTE_ADDR6	0x0010
+#define VXLAN_PARAM_WITH_LOCAL_PORT	0x0020
+#define VXLAN_PARAM_WITH_REMOTE_PORT	0x0040
+#define VXLAN_PARAM_WITH_PORT_RANGE	0x0080
+#define VXLAN_PARAM_WITH_FTABLE_TIMEOUT	0x0100
+#define VXLAN_PARAM_WITH_FTABLE_MAX	0x0200
+#define VXLAN_PARAM_WITH_MULTICAST_IF	0x0400
+#define VXLAN_PARAM_WITH_TTL		0x0800
+#define VXLAN_PARAM_WITH_LEARN		0x1000
+
+	uint32_t		vxlp_vni;
+	struct in_addr		vxlp_local_in4;
+	struct in6_addr		vxlp_local_in6;
+	struct in_addr		vxlp_remote_in4;
+	struct in6_addr		vxlp_remote_in6;
+	uint16_t		vxlp_local_port;
+	uint16_t		vxlp_remote_port;
+	uint16_t		vxlp_min_port;
+	uint16_t		vxlp_max_port;
+	char			vxlp_mc_ifname[IFNAMSIZ];
+	uint32_t		vxlp_ftable_timeout;
+	uint32_t		vxlp_ftable_max;
+	uint8_t			vxlp_ttl;
+	uint8_t			vxlp_learn;
+};
+
+union vxlan_sockaddr {
+	struct sockaddr		sa;
+	struct sockaddr_in	in4;
+	struct sockaddr_in6	in6;
+};
+
+#define VXLAN_SOCKADDR_IS_IPV4(_vxsin)	((_vxsin)->sa.sa_family == AF_INET)
+#define VXLAN_SOCKADDR_IS_IPV6(_vxsin)	((_vxsin)->sa.sa_family == AF_INET6)
+#define VXLAN_SOCKADDR_IS_IPV46(_vxsin) \
+    (VXLAN_SOCKADDR_IS_IPV4(_vxsin) || VXLAN_SOCKADDR_IS_IPV6(_vxsin))
+
+#define VXLAN_CMD_GET_CONFIG		0
+#define VXLAN_CMD_SET_VNI		1
+#define VXLAN_CMD_SET_LOCAL_ADDR	2
+#define VXLAN_CMD_SET_REMOTE_ADDR	4
+#define VXLAN_CMD_SET_LOCAL_PORT	5
+#define VXLAN_CMD_SET_REMOTE_PORT	6
+#define VXLAN_CMD_SET_PORT_RANGE	7
+#define VXLAN_CMD_SET_FTABLE_TIMEOUT	8
+#define VXLAN_CMD_SET_FTABLE_MAX	9
+#define VXLAN_CMD_SET_MULTICAST_IF	10
+#define VXLAN_CMD_SET_TTL		11
+#define VXLAN_CMD_SET_LEARN		12
+#define VXLAN_CMD_FTABLE_ENTRY_ADD	13
+#define VXLAN_CMD_FTABLE_ENTRY_REM	14
+#define VXLAN_CMD_FLUSH			15
+
+struct ifvxlancfg {
+	uint32_t		vxlc_vni;
+	union vxlan_sockaddr	vxlc_local_sa;
+	union vxlan_sockaddr	vxlc_remote_sa;
+	uint32_t		vxlc_mc_ifindex;
+	uint32_t		vxlc_ftable_cnt;
+	uint32_t		vxlc_ftable_max;
+	uint32_t		vxlc_ftable_timeout;
+	uint16_t		vxlc_port_min;
+	uint16_t		vxlc_port_max;
+	uint8_t			vxlc_learn;
+	uint8_t			vxlc_ttl;
+};
+
+struct ifvxlancmd {
+	uint32_t		vxlcmd_flags;
+#define VXLAN_CMD_FLAG_FLUSH_ALL	0x0001
+#define VXLAN_CMD_FLAG_LEARN		0x0002
+
+	uint32_t		vxlcmd_vni;
+	uint32_t		vxlcmd_ftable_timeout;
+	uint32_t		vxlcmd_ftable_max;
+	uint16_t		vxlcmd_port;
+	uint16_t		vxlcmd_port_min;
+	uint16_t		vxlcmd_port_max;
+	uint8_t			vxlcmd_mac[ETHER_ADDR_LEN];
+	uint8_t			vxlcmd_ttl;
+	union vxlan_sockaddr	vxlcmd_sa;
+	char			vxlcmd_ifname[IFNAMSIZ];
+};
+
+#endif /* _NET_IF_VXLAN_H_ */

Modified: stable/10/sys/sys/priv.h
==============================================================================
--- stable/10/sys/sys/priv.h	Sun Jun 14 02:21:19 2015	(r284364)
+++ stable/10/sys/sys/priv.h	Sun Jun 14 03:14:45 2015	(r284365)
@@ -340,6 +340,7 @@
 #define	PRIV_NET_SETIFVNET	417	/* Move interface to vnet. */
 #define	PRIV_NET_SETIFDESCR	418	/* Set interface description. */
 #define	PRIV_NET_SETIFFIB	419	/* Set interface fib. */
+#define	PRIV_NET_VXLAN		420	/* Administer vxlan. */
 
 /*
  * 802.11-related privileges.
