From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <root@kvmformation3.odiso.net>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 by lists.proxmox.com (Postfix) with ESMTPS id AA2418C63
 for <pve-devel@lists.proxmox.com>; Fri,  1 Sep 2023 11:13:18 +0200 (CEST)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
 by firstgate.proxmox.com (Proxmox) with ESMTP id 84D4E136D8
 for <pve-devel@lists.proxmox.com>; Fri,  1 Sep 2023 11:12:48 +0200 (CEST)
Received: from bastionodiso.odiso.net (bastionodiso.odiso.net
 [IPv6:2a0a:1580:2000::2d])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
 (No client certificate requested)
 by firstgate.proxmox.com (Proxmox) with ESMTPS
 for <pve-devel@lists.proxmox.com>; Fri,  1 Sep 2023 11:12:46 +0200 (CEST)
Received: from kvmformation3.odiso.net (formationkvm3.odiso.net [10.3.94.12])
 by bastionodiso.odiso.net (Postfix) with ESMTP id CF0258084;
 Fri,  1 Sep 2023 11:12:32 +0200 (CEST)
Received: by kvmformation3.odiso.net (Postfix, from userid 0)
 id B86C0251F4F; Fri,  1 Sep 2023 11:12:32 +0200 (CEST)
From: Alexandre Derumier <aderumier@odiso.com>
To: pve-devel@lists.proxmox.com
Date: Fri,  1 Sep 2023 11:12:31 +0200
Message-Id: <20230901091231.155229-1-aderumier@odiso.com>
X-Mailer: git-send-email 2.39.2
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-SPAM-LEVEL: Spam detection results:  0
 AWL 0.016 Adjusted score from AWL reputation of From: address
 BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
 DMARC_MISSING             0.1 Missing DMARC policy
 HEADER_FROM_DIFFERENT_DOMAINS 0.25 From and EnvelopeFrom 2nd level mail
 domains are different
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 KAM_LAZY_DOMAIN_SECURITY 1 Sending domain does not have any anti-forgery
 methods
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_NONE                0.001 SPF: sender does not publish an SPF Record
 URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See
 http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more
 information. [bond.py]
Subject: [pve-devel] [PATCH ifupdown2] patch: fix bond mac address at boot.
X-BeenThere: pve-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pve-devel/>
List-Post: <mailto:pve-devel@lists.proxmox.com>
List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=subscribe>
X-List-Received-Date: Fri, 01 Sep 2023 09:13:18 -0000

since systemd v241, like for bridge, the bond mac is setup
randomly at boot, instead inherit from first slave.

Then, on next ifreload, ifupdown2 was already fixing it,
but with an down/up of the bond (with potentials impact on the network).

This patch have been sent upstream:
https://github.com/CumulusNetworks/ifupdown2/pull/270

This patch is applying fine too for ifupdown2 for proxmox7

---
 debian/patches/series                         |  1 +
 .../patches/upstream/0001-fix-bond-mac.patch  | 28 +++++++++++++++++++
 2 files changed, 29 insertions(+)
 create mode 100644 debian/patches/upstream/0001-fix-bond-mac.patch

diff --git a/debian/patches/series b/debian/patches/series
index 1ff8dd4..cff704f 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -10,3 +10,4 @@ pve/0009-gvgeb-fix-python-interpreter-shebang.patch
 upstream/0001-add-ipv6-slaac-support-inet6-auto-accept_ra.patch
 upstream/0001-addons-ethtool-add-rx-vlan-filter.patch
 upstream/0001-scheduler-import-traceback.patch
+upstream/0001-fix-bond-mac.patch
\ No newline at end of file
diff --git a/debian/patches/upstream/0001-fix-bond-mac.patch b/debian/patches/upstream/0001-fix-bond-mac.patch
new file mode 100644
index 0000000..79688ac
--- /dev/null
+++ b/debian/patches/upstream/0001-fix-bond-mac.patch
@@ -0,0 +1,28 @@
+From 062c3a6707b22cf7494bbf0ccb8ea6559dc334df Mon Sep 17 00:00:00 2001
+From: Alexandre Derumier <alexandre.derumier@groupe-cyllene.com>
+Date: Fri, 1 Sep 2023 09:43:05 +0200
+Subject: [PATCH] bond: fix mac-address on create with first slave mac
+
+since systemd v241, bond (like bridge), are create with a random mac
+instead their first slave.
+
+We already fixing it for bond on reload, but not at create
+
+Than mean that on first reload, we'll always ifdown/ifup interface and change mac.
+---
+ ifupdown2/addons/bond.py | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/ifupdown2/addons/bond.py b/ifupdown2/addons/bond.py
+index 74d2cab5..5e77e1b0 100644
+--- a/ifupdown2/addons/bond.py
++++ b/ifupdown2/addons/bond.py
+@@ -884,7 +884,7 @@ def _up(self, ifaceobj, ifaceobj_getfunc=None):
+                 ifaceobj_getfunc,
+             )
+ 
+-            if not self.bond_mac_mgmt or not link_exists or ifaceobj.get_attr_value_first("hwaddress"):
++            if not self.bond_mac_mgmt or ifaceobj.get_attr_value_first("hwaddress"):
+                 return
+ 
+             # check if the bond mac address is correctly inherited from it's
-- 
2.39.2