From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <pve-devel-bounces@lists.proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
	by lore.proxmox.com (Postfix) with ESMTPS id E4BCA1FF16F
	for <inbox@lore.proxmox.com>; Tue,  5 Aug 2025 10:33:38 +0200 (CEST)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
	by firstgate.proxmox.com (Proxmox) with ESMTP id 331339311;
	Tue,  5 Aug 2025 10:35:07 +0200 (CEST)
From: Stefan Hanreich <s.hanreich@proxmox.com>
To: pve-devel@lists.proxmox.com
Date: Tue,  5 Aug 2025 10:35:01 +0200
Message-ID: <20250805083504.55378-2-s.hanreich@proxmox.com>
X-Mailer: git-send-email 2.47.2
In-Reply-To: <20250805083504.55378-1-s.hanreich@proxmox.com>
References: <20250805083504.55378-1-s.hanreich@proxmox.com>
MIME-Version: 1.0
X-SPAM-LEVEL: Spam detection results:  0
 AWL -0.192 Adjusted score from AWL reputation of From: address
 BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
 DMARC_MISSING             0.1 Missing DMARC policy
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 KAM_LAZY_DOMAIN_SECURITY 1 Sending domain does not have any anti-forgery
 methods
 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to
 Validity was blocked. See
 https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more
 information.
 RCVD_IN_VALIDITY_RPBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to
 Validity was blocked. See
 https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more
 information.
 RCVD_IN_VALIDITY_SAFE_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to
 Validity was blocked. See
 https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more
 information.
 RDNS_NONE 0.793 Delivered to internal network by a host with no rDNS
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_NONE                0.001 SPF: sender does not publish an SPF Record
 URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See
 http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more
 information. [network.pm]
Subject: [pve-devel] [PATCH pve-manager v2 1/1] network: improve reloading
 logic
X-BeenThere: pve-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pve-devel/>
List-Post: <mailto:pve-devel@lists.proxmox.com>
List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=subscribe>
Reply-To: Proxmox VE development discussion <pve-devel@lists.proxmox.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: pve-devel-bounces@lists.proxmox.com
Sender: "pve-devel" <pve-devel-bounces@lists.proxmox.com>

The old behavior was *always* reloading the network configuration,
which worked as long as FRR was not pre-installed, but the change in
db03d261 coupled with the fact that we now ship with FRR caused FRR to
be enabled on applying the network configuration via the Web UI.

The stop gap fix in e1b9466d solved this behavior, but had the issue
that we need to possibly regenerate the FRR configuration if the host
configuration changes, since some controllers generate their
configuration based on the host network configuration.

pve-network now always sends the regenerate-frr parameter, so we can
discern whether a request came from SDN or is a manual request that is
requesting a specific behavior. With this information the reloading
logic can be improved as follows:

* Honor the parameter if it is set
* reload only if there are any FRR entities in the SDN configuration

This should handle all cases that we need to consider:

* Do not overwrite existing FRR configurations, unless we need to
  generate our own FRR configuration.

* Do not trigger a FRR enable when reloading the host configuration,
  even though there is no FRR configuration.

* Overwrite the FRR configuration with an empty configuration if all
  SDN entities using FRR got deleted.

* Regenerate the FRR configuration when the host network configuration
  changes, since this might affect the generated FRR configuration.

Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
---
 PVE/API2/Network.pm | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/PVE/API2/Network.pm b/PVE/API2/Network.pm
index b423e19b5..7fb7667ee 100644
--- a/PVE/API2/Network.pm
+++ b/PVE/API2/Network.pm
@@ -932,7 +932,14 @@ __PACKAGE__->register_method({
             };
             PVE::Tools::run_command(['ifreload', '-a'], errfunc => $err);
 
-            if ($have_sdn && $regenerate_frr) {
+            if (defined($regenerate_frr)) {
+                # SDN (or a manual invocation) is requesting a
+                # specific behavior, so we abide by the parameter set.
+                PVE::Network::SDN::generate_frr_config(1) if $regenerate_frr;
+            } elsif (PVE::Network::SDN::running_config_has_frr()) {
+                # Reload is coming from the Web UI (or a manual
+                # invocation requesting no specific behavior), so we
+                # reload if there are FRR entities in the SDN config.
                 PVE::Network::SDN::generate_frr_config(1);
             }
         };
-- 
2.47.2


_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel