* [pve-devel] [PATCH V2 qemu-server 0/3] add disable bridge learning feature
@ 2022-03-21 6:27 Alexandre Derumier
2022-03-21 6:27 ` [pve-devel] [PATCH V2 qemu-server 1/3] tap_plug: add support for bridge disable learning Alexandre Derumier
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Alexandre Derumier @ 2022-03-21 6:27 UTC (permalink / raw)
To: pve-devel
Allow to disable bridge learning
changelog v2:
- rebase with $opts->{learning}
Alexandre Derumier (3):
tap_plug: add support for bridge disable learning
vm_start/vm_resume : add_nets_bridge_fdb
migration : add del_nets_bridge_fdb
PVE/QemuMigrate.pm | 1 +
PVE/QemuServer.pm | 53 +++++++++++++++++++++++++--
test/MigrationTest/QemuMigrateMock.pm | 3 ++
vm-network-scripts/pve-bridge | 6 ++-
4 files changed, 59 insertions(+), 4 deletions(-)
--
2.30.2
^ permalink raw reply [flat|nested] 4+ messages in thread
* [pve-devel] [PATCH V2 qemu-server 1/3] tap_plug: add support for bridge disable learning
2022-03-21 6:27 [pve-devel] [PATCH V2 qemu-server 0/3] add disable bridge learning feature Alexandre Derumier
@ 2022-03-21 6:27 ` Alexandre Derumier
2022-03-21 6:27 ` [pve-devel] [PATCH V2 qemu-server 2/3] vm_start/vm_resume : add_nets_bridge_fdb Alexandre Derumier
2022-03-21 6:27 ` [pve-devel] [PATCH V2 qemu-server 3/3] migration : add del_nets_bridge_fdb Alexandre Derumier
2 siblings, 0 replies; 4+ messages in thread
From: Alexandre Derumier @ 2022-03-21 6:27 UTC (permalink / raw)
To: pve-devel
This disabling mac learning && unicast flood for the tap interface
for vmstart, we don't add mac directly to fdb.
We set it latter if it's a migration or a fresh start.
for nic hotplug, we directly add mac to fdb
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
---
PVE/QemuServer.pm | 8 +++++++-
vm-network-scripts/pve-bridge | 6 +++++-
2 files changed, 12 insertions(+), 2 deletions(-)
diff --git a/PVE/QemuServer.pm b/PVE/QemuServer.pm
index 6a9f6b3..a9a7836 100644
--- a/PVE/QemuServer.pm
+++ b/PVE/QemuServer.pm
@@ -5084,8 +5084,14 @@ sub vmconfig_update_net {
if ($have_sdn) {
PVE::Network::SDN::Zones::tap_plug($iface, $newnet->{bridge}, $newnet->{tag}, $newnet->{firewall}, $newnet->{trunks}, $newnet->{rate});
+ PVE::Network::SDN::Zones::add_bridge_fdb($iface, $newnet->{macaddr}, $newnet->{bridge}, $newnet->{firewall});
} else {
- PVE::Network::tap_plug($iface, $newnet->{bridge}, $newnet->{tag}, $newnet->{firewall}, $newnet->{trunks}, $newnet->{rate});
+ my $interfaces_config = PVE::INotify::read_file('interfaces');
+ my $bridge = $newnet->{bridge};
+ my $opts = {};
+ $opts->{learning} = 0 if $interfaces_config->{ifaces}->{$bridge} && $interfaces_config->{ifaces}->{$bridge}->{'bridge-disable-mac-learning'};
+ PVE::Network::tap_plug($iface, $newnet->{bridge}, $newnet->{tag}, $newnet->{firewall}, $newnet->{trunks}, $newnet->{rate}, $opts);
+ PVE::Network::add_bridge_fdb($iface, $newnet->{macaddr}, $newnet->{firewall}) if defined($opts->{learning}) && !$opts->{learning};
}
} elsif (safe_num_ne($oldnet->{rate}, $newnet->{rate})) {
# Rate can be applied on its own but any change above needs to
diff --git a/vm-network-scripts/pve-bridge b/vm-network-scripts/pve-bridge
index d37ce33..38cf2f6 100755
--- a/vm-network-scripts/pve-bridge
+++ b/vm-network-scripts/pve-bridge
@@ -47,8 +47,12 @@ if ($have_sdn) {
PVE::Network::SDN::Zones::tap_create($iface, $net->{bridge});
PVE::Network::SDN::Zones::tap_plug($iface, $net->{bridge}, $net->{tag}, $net->{firewall}, $net->{trunks}, $net->{rate});
} else {
+ my $interfaces_config = PVE::INotify::read_file('interfaces');
+ my $bridge = $net->{bridge};
+ my $opts = {};
+ $opts->{learning} = 0 if $interfaces_config->{ifaces}->{$bridge} && $interfaces_config->{ifaces}->{$bridge}->{'bridge-disable-mac-learning'};
PVE::Network::tap_create($iface, $net->{bridge});
- PVE::Network::tap_plug($iface, $net->{bridge}, $net->{tag}, $net->{firewall}, $net->{trunks}, $net->{rate});
+ PVE::Network::tap_plug($iface, $net->{bridge}, $net->{tag}, $net->{firewall}, $net->{trunks}, $net->{rate}, $opts);
}
exit 0;
--
2.30.2
^ permalink raw reply [flat|nested] 4+ messages in thread
* [pve-devel] [PATCH V2 qemu-server 2/3] vm_start/vm_resume : add_nets_bridge_fdb
2022-03-21 6:27 [pve-devel] [PATCH V2 qemu-server 0/3] add disable bridge learning feature Alexandre Derumier
2022-03-21 6:27 ` [pve-devel] [PATCH V2 qemu-server 1/3] tap_plug: add support for bridge disable learning Alexandre Derumier
@ 2022-03-21 6:27 ` Alexandre Derumier
2022-03-21 6:27 ` [pve-devel] [PATCH V2 qemu-server 3/3] migration : add del_nets_bridge_fdb Alexandre Derumier
2 siblings, 0 replies; 4+ messages in thread
From: Alexandre Derumier @ 2022-03-21 6:27 UTC (permalink / raw)
To: pve-devel
on vm start (no live migration), we can simply add mac address in fdb.
In case of a live migration, we add the mac address just before the resume.
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
---
PVE/QemuServer.pm | 25 +++++++++++++++++++++++--
1 file changed, 23 insertions(+), 2 deletions(-)
diff --git a/PVE/QemuServer.pm b/PVE/QemuServer.pm
index a9a7836..8803f54 100644
--- a/PVE/QemuServer.pm
+++ b/PVE/QemuServer.pm
@@ -5734,6 +5734,7 @@ sub vm_start_nolock {
my $nicconf = parse_net($conf->{$opt});
qemu_set_link_status($vmid, $opt, 0) if $nicconf->{link_down};
}
+ add_nets_bridge_fdb($conf, $vmid);
}
mon_cmd($vmid, 'qom-set',
@@ -6092,6 +6093,7 @@ sub vm_resume {
my $res = mon_cmd($vmid, 'query-status');
my $resume_cmd = 'cont';
my $reset = 0;
+ my $conf = PVE::QemuConfig->load_config($vmid);
if ($res->{status}) {
return if $res->{status} eq 'running'; # job done, go home
@@ -6101,8 +6103,6 @@ sub vm_resume {
if (!$nocheck) {
- my $conf = PVE::QemuConfig->load_config($vmid);
-
PVE::QemuConfig->check_lock($conf)
if !($skiplock || PVE::QemuConfig->has_lock($conf, 'backup'));
}
@@ -6112,6 +6112,9 @@ sub vm_resume {
# request before the backup finishes for example
mon_cmd($vmid, "system_reset");
}
+
+ add_nets_bridge_fdb($conf, $vmid) if $resume_cmd eq 'cont';
+
mon_cmd($vmid, $resume_cmd);
});
}
@@ -8124,4 +8127,22 @@ sub check_volume_storage_type {
return 1;
}
+sub add_nets_bridge_fdb {
+ my ($conf, $vmid) = @_;
+
+ foreach my $opt (keys %$conf) {
+ if ($opt =~ m/^net(\d+)$/) {
+ my $net = parse_net($conf->{$opt});
+ next if !$net;
+ next if !$net->{macaddr};
+
+ my $iface = "tap${vmid}i$1";
+ if ($have_sdn) {
+ PVE::Network::SDN::Zones::add_bridge_fdb($iface, $net->{macaddr}, $net->{bridge}, $net->{firewall});
+ } else {
+ PVE::Network::add_bridge_fdb($iface, $net->{macaddr}, $net->{firewall});
+ }
+ }
+ }
+}
1;
--
2.30.2
^ permalink raw reply [flat|nested] 4+ messages in thread
* [pve-devel] [PATCH V2 qemu-server 3/3] migration : add del_nets_bridge_fdb
2022-03-21 6:27 [pve-devel] [PATCH V2 qemu-server 0/3] add disable bridge learning feature Alexandre Derumier
2022-03-21 6:27 ` [pve-devel] [PATCH V2 qemu-server 1/3] tap_plug: add support for bridge disable learning Alexandre Derumier
2022-03-21 6:27 ` [pve-devel] [PATCH V2 qemu-server 2/3] vm_start/vm_resume : add_nets_bridge_fdb Alexandre Derumier
@ 2022-03-21 6:27 ` Alexandre Derumier
2 siblings, 0 replies; 4+ messages in thread
From: Alexandre Derumier @ 2022-03-21 6:27 UTC (permalink / raw)
To: pve-devel
at the end of a live migration, we need to remove old mac entries
on source host (vm is not yet stopped), before resume vm on target host
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
---
PVE/QemuMigrate.pm | 1 +
PVE/QemuServer.pm | 20 ++++++++++++++++++++
test/MigrationTest/QemuMigrateMock.pm | 3 +++
3 files changed, 24 insertions(+)
diff --git a/PVE/QemuMigrate.pm b/PVE/QemuMigrate.pm
index 104e62c..c96474e 100644
--- a/PVE/QemuMigrate.pm
+++ b/PVE/QemuMigrate.pm
@@ -1130,6 +1130,7 @@ sub phase3_cleanup {
# transfer replication state before move config
$self->transfer_replication_state() if $self->{is_replicated};
+ PVE::QemuServer::del_nets_bridge_fdb($conf, $vmid);
PVE::QemuConfig->move_config_to_node($vmid, $self->{node});
$self->switch_replication_job_target() if $self->{is_replicated};
diff --git a/PVE/QemuServer.pm b/PVE/QemuServer.pm
index 8803f54..aa10de7 100644
--- a/PVE/QemuServer.pm
+++ b/PVE/QemuServer.pm
@@ -8145,4 +8145,24 @@ sub add_nets_bridge_fdb {
}
}
}
+
+sub del_nets_bridge_fdb {
+ my ($conf, $vmid) = @_;
+
+ foreach my $opt (keys %$conf) {
+ if ($opt =~ m/^net(\d+)$/) {
+ my $net = parse_net($conf->{$opt});
+ next if !$net;
+ next if !$net->{macaddr};
+
+ my $iface = "tap${vmid}i$1";
+ if ($have_sdn) {
+ PVE::Network::SDN::Zones::del_bridge_fdb($iface, $net->{macaddr}, $net->{bridge}, $net->{firewall});
+ } else {
+ PVE::Network::del_bridge_fdb($iface, $net->{macaddr}, $net->{firewall});
+ }
+ }
+ }
+}
+
1;
diff --git a/test/MigrationTest/QemuMigrateMock.pm b/test/MigrationTest/QemuMigrateMock.pm
index f2c0281..f00b974 100644
--- a/test/MigrationTest/QemuMigrateMock.pm
+++ b/test/MigrationTest/QemuMigrateMock.pm
@@ -158,6 +158,9 @@ $MigrationTest::Shared::qemu_server_module->mock(
$vm_stop_executed = 1;
delete $expected_calls->{'vm_stop'};
},
+ del_nets_bridge_fdb => sub {
+ return;
+ },
);
my $qemu_server_cpuconfig_module = Test::MockModule->new("PVE::QemuServer::CPUConfig");
--
2.30.2
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2022-03-21 6:28 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-03-21 6:27 [pve-devel] [PATCH V2 qemu-server 0/3] add disable bridge learning feature Alexandre Derumier
2022-03-21 6:27 ` [pve-devel] [PATCH V2 qemu-server 1/3] tap_plug: add support for bridge disable learning Alexandre Derumier
2022-03-21 6:27 ` [pve-devel] [PATCH V2 qemu-server 2/3] vm_start/vm_resume : add_nets_bridge_fdb Alexandre Derumier
2022-03-21 6:27 ` [pve-devel] [PATCH V2 qemu-server 3/3] migration : add del_nets_bridge_fdb Alexandre Derumier
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.