From: Filip Schauer <f.schauer@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] [PATCH lxc] patch dhclient-script to set RFC3442 classless routes
Date: Wed, 3 Dec 2025 17:03:18 +0100 [thread overview]
Message-ID: <20251203160326.118051-1-f.schauer@proxmox.com> (raw)
Embed the rfc3442-classless-routes hook from isc-dhcp-client into the
LXC dhclient-script. This is needed by application containers with
host-managed DHCP network interfaces, that receive routes via DHCP
option 121 (RFC3442).
Previously these classless routes were ignored.
This was originally reported in the Proxmox forum [0].
[0] https://forum.proxmox.com/threads/no-default-gateway-on-oci-container-with-dhcp.176696/
Signed-off-by: Filip Schauer <f.schauer@proxmox.com>
---
...3-PVE-apply-rfc3442-classless-routes.patch | 106 ++++++++++++++++++
debian/patches/series | 1 +
2 files changed, 107 insertions(+)
create mode 100644 debian/patches/pve/0003-PVE-apply-rfc3442-classless-routes.patch
diff --git a/debian/patches/pve/0003-PVE-apply-rfc3442-classless-routes.patch b/debian/patches/pve/0003-PVE-apply-rfc3442-classless-routes.patch
new file mode 100644
index 0000000..26ab883
--- /dev/null
+++ b/debian/patches/pve/0003-PVE-apply-rfc3442-classless-routes.patch
@@ -0,0 +1,106 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Filip Schauer <f.schauer@proxmox.com>
+Date: Wed, 3 Dec 2025 15:03:50 +0100
+Subject: [PATCH] dhclient-script: set RFC3442 classless routes
+
+Due to the removal of hooks in the LXC fork of dhclient-script, the
+rfc3442-classless-routes hook did not run. As a result, classless static
+routes received from the DHCP server were ignored.
+
+This commit restores support for RFC3442 classless routes by embedding
+the code from /etc/dhcp/dhclient-exit-hooks.d/rfc3442-classless-routes
+from the isc-dhcp-client package.
+
+Signed-off-by: Filip Schauer <f.schauer@proxmox.com>
+---
+ hooks/dhclient-script | 67 +++++++++++++++++++++++++++++++++++++++++++
+ 1 file changed, 67 insertions(+)
+
+diff --git a/hooks/dhclient-script b/hooks/dhclient-script
+index 9c9b40e69..c87792707 100755
+--- a/hooks/dhclient-script
++++ b/hooks/dhclient-script
+@@ -133,6 +133,71 @@ set_hostname() {
+ fi
+ }
+
++# Code adapted from isc-dhcp-client rfc3442-classless-routes hook
++set_rfc3442_classless_routes() {
++ set -- $new_rfc3442_classless_static_routes
++
++ while [ $# -gt 0 ]; do
++ net_length=$1
++ via_arg=''
++
++ case $net_length in
++ 32|31|30|29|28|27|26|25)
++ if [ $# -lt 9 ]; then
++ return 1
++ fi
++ net_address="${2}.${3}.${4}.${5}"
++ gateway="${6}.${7}.${8}.${9}"
++ shift 9
++ ;;
++ 24|23|22|21|20|19|18|17)
++ if [ $# -lt 8 ]; then
++ return 1
++ fi
++ net_address="${2}.${3}.${4}.0"
++ gateway="${5}.${6}.${7}.${8}"
++ shift 8
++ ;;
++ 16|15|14|13|12|11|10|9)
++ if [ $# -lt 7 ]; then
++ return 1
++ fi
++ net_address="${2}.${3}.0.0"
++ gateway="${4}.${5}.${6}.${7}"
++ shift 7
++ ;;
++ 8|7|6|5|4|3|2|1)
++ if [ $# -lt 6 ]; then
++ return 1
++ fi
++ net_address="${2}.0.0.0"
++ gateway="${3}.${4}.${5}.${6}"
++ shift 6
++ ;;
++ 0) # default route
++ if [ $# -lt 5 ]; then
++ return 1
++ fi
++ net_address="0.0.0.0"
++ gateway="${2}.${3}.${4}.${5}"
++ shift 5
++ ;;
++ *) # error
++ return 1
++ ;;
++ esac
++
++ # take care of link-local routes
++ if [ "${gateway}" != '0.0.0.0' ]; then
++ via_arg="via ${gateway}"
++ fi
++
++ # set route (ip detects host routes automatically)
++ ${ip} -4 route add "${net_address}/${net_length}" \
++ ${via_arg} dev "${interface}" >/dev/null 2>&1
++ done
++}
++
+ # Execute the operation
+ case "$reason" in
+
+@@ -207,6 +272,8 @@ case "$reason" in
+ if_metric=$((if_metric+1))
+ fi
+ done
++ else
++ set_rfc3442_classless_routes
+ fi
+ fi
+
+--
+2.47.3
+
diff --git a/debian/patches/series b/debian/patches/series
index 8d5d62a..47c3558 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -6,3 +6,4 @@ conf-env-split-bpo/0002-api_extensions-add-environment_runtime_hooks-extensi.pat
conf-env-split-bpo/0003-doc-add-lxc.environment.-runtime-hooks.patch
pve/0001-PVE-Config-deny-rw-mounting-of-sys-and-proc.patch
pve/0002-PVE-Config-attach-always-use-getent.patch
+pve/0003-PVE-apply-rfc3442-classless-routes.patch
--
2.47.3
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
reply other threads:[~2025-12-03 16:03 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251203160326.118051-1-f.schauer@proxmox.com \
--to=f.schauer@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.