[PATCH iproute2-next] ip: add OVPN device mode support
From: Marco Baffo <hidden>
Date: 2026-07-03 11:20:43
Subsystem:
the rest · Maintainer:
Linus Torvalds
Allow selecting point-to-point or multi-peer mode when creating an OVPN device. Signed-off-by: Marco Baffo <redacted> --- ip/Makefile | 2 +- ip/iplink.c | 2 +- ip/iplink_ovpn.c | 87 +++++++++++++++++++++++++++++++++++++++++++ man/man8/ip-link.8.in | 24 ++++++++++++ 4 files changed, 113 insertions(+), 2 deletions(-) create mode 100644 ip/iplink_ovpn.c
diff --git a/ip/Makefile b/ip/Makefile
index 3535ba78..978f6841 100644
--- a/ip/Makefile
+++ b/ip/Makefile@@ -13,7 +13,7 @@ IPOBJ=ip.o ipaddress.o ipaddrlabel.o iproute.o iprule.o ipnetns.o \ ipvrf.o iplink_xstats.o ipseg6.o iplink_netdevsim.o iplink_rmnet.o \ ipnexthop.o ipmptcp.o iplink_bareudp.o iplink_wwan.o ipioam6.o \ iplink_amt.o iplink_batadv.o iplink_gtp.o iplink_virt_wifi.o \ - iplink_netkit.o ipstats.o + iplink_netkit.o ipstats.o iplink_ovpn.o RTMONOBJ=rtmon.o
diff --git a/ip/iplink.c b/ip/iplink.c
index 3f0b46c9..c6aee8b6 100644
--- a/ip/iplink.c
+++ b/ip/iplink.c@@ -42,7 +42,7 @@ void iplink_types_usage(void) " ifb | ip6erspan | ip6gre | ip6gretap | ip6tnl |\n" " ipip | ipoib | ipvlan | ipvtap |\n" " macsec | macvlan | macvtap | netdevsim |\n" - " netkit | nlmon | pfcp | rmnet | sit | team | team_slave |\n" + " netkit | nlmon | ovpn | pfcp | rmnet | sit | team | team_slave |\n" " vcan | veth | vlan | vrf | vti | vxcan | vxlan | wwan |\n" " xfrm | virt_wifi }\n"); }
diff --git a/ip/iplink_ovpn.c b/ip/iplink_ovpn.c
new file mode 100644
index 00000000..08e59526
--- /dev/null
+++ b/ip/iplink_ovpn.c@@ -0,0 +1,87 @@ +/* SPDX-License-Identifier: GPL-2.0-or-later */ +/* + * iplink_ovpn.c OpenVPN DCO device support + * + * Author: Marco Baffo <marco@mandelbit.com> + * + */ + +#include <stdio.h> +#include <string.h> +#include <linux/if_link.h> + +#include "utils.h" +#include "ip_common.h" + +static void print_explain(FILE *f) +{ + fprintf(f, + "Usage: ... ovpn [ mode { p2p | mp } ]\n" + "\n" + "MODE := p2p | mp\n" + "(p2p is the default if mode is not specified)\n"); +} + +static int ovpn_parse_opt(struct link_util *lu, int argc, char **argv, + struct nlmsghdr *n) +{ + while (argc > 0) { + if (matches(*argv, "mode") == 0) { + __u8 mode; + + NEXT_ARG(); + if (strcmp(*argv, "p2p") == 0) + mode = OVPN_MODE_P2P; + else if (strcmp(*argv, "mp") == 0) + mode = OVPN_MODE_MP; + else { + fprintf(stderr, + "Error: argument of \"mode\" must be either \"p2p\" or \"mp\"\n"); + return -1; + } + addattr8(n, 1024, IFLA_OVPN_MODE, mode); + } else if (matches(*argv, "help") == 0) { + print_explain(stderr); + return -1; + } else { + fprintf(stderr, "ovpn: unknown option \"%s\"?\n", *argv); + print_explain(stderr); + return -1; + } + argc--; + argv++; + } + + return 0; +} + +static void ovpn_print_opt(struct link_util *lu, FILE *f, struct rtattr *tb[]) +{ + __u8 value; + + if (!tb || !tb[IFLA_OVPN_MODE] || + RTA_PAYLOAD(tb[IFLA_OVPN_MODE]) < sizeof(value)) + return; + + value = rta_getattr_u8(tb[IFLA_OVPN_MODE]); + + const char *mode = + value == OVPN_MODE_P2P ? "p2p" : + value == OVPN_MODE_MP ? "mp" : "unknown"; + + print_string(PRINT_ANY, "mode", "mode %s ", mode); +} + +static void ovpn_print_help(struct link_util *lu, int argc, char **argv, + FILE *f) +{ + print_explain(f); +} + +struct link_util ovpn_link_util = { + .id = "ovpn", + .maxattr = IFLA_OVPN_MAX, + .parse_opt = ovpn_parse_opt, + .print_opt = ovpn_print_opt, + .print_help = ovpn_print_help, +};
diff --git a/man/man8/ip-link.8.in b/man/man8/ip-link.8.in
index fc7f0248..d54d2fbc 100644
--- a/man/man8/ip-link.8.in
+++ b/man/man8/ip-link.8.in@@ -287,6 +287,7 @@ ip-link \- network device configuration .BR netdevsim " |" .BR netkit " |" .BR nlmon " |" +.BR ovpn " |" .BR pfcp " |" .BR rmnet " |" .BR sit " |"
@@ -430,6 +431,9 @@ Link types: .BR nlmon - Netlink monitoring device .sp +.BR ovpn +- OpenVPN Data Channel Offload device +.sp .BR pfcp - Packet Forwarding Control Protocol device .sp
@@ -1349,6 +1353,26 @@ the following additional arguments are supported: .BI mode " MODE " - specifies the mode (datagram or connected) to use. +.TP +OVPN Type Support +For a link of type +.I OVPN +the following additional arguments are supported: + +.BI "ip link add " DEVICE +.BR "type ovpn " [ " mode " "{ " p2p " | " mp " }" " ]" + +.in +8 +.sp +.BR mode " { " p2p " | " mp " }" +- selects the OpenVPN device mode. The default, +.BR p2p , +creates a point-to-point device for a single peer. The +.B mp +mode creates a multi-peer device. + +.in -8 + .TP ERSPAN Type Support For a link of type
--
2.43.0