[PATCH network v2] snat: handle interface lookup failures gracefully

[Lukas Sichert <l.sichert@proxmox.com>]

'When an IPv6 subnet is created in a Simple or EVPN zone, the setup code
runs 'ip route get 2001:4860:4860::8888' to determine the outgoing
interface. If the host has no IPv6 address configured, this command
fails and aborts the loop that iterates over the plugin's subnets. This
means that the current and subsequent bridges required for the VNETs are
not instantiated, even though they still appear in the GUI. Starting a
VM connected to such a VNET then fails with: 'TASK ERROR: bridge
'<vnet>' does not exist'.

Wrap the function that performs the route lookup in an eval block. If
the lookup fails, use 'log_warn' to write the error to the system log
and to the GUI and continue processing the remaining subnets in the
loop.

Signed-off-by: Lukas Sichert <l.sichert@proxmox.com>
---

Notes:
    changes from v1 to v2:
    -use log_warn instead of syslog to display the warning in the GUI as
    well
    -change the commit subject to better fit proxmox style

 src/PVE/Network/SDN/Zones/EvpnPlugin.pm   | 13 +++++++++++--
 src/PVE/Network/SDN/Zones/SimplePlugin.pm | 13 +++++++++++--
 2 files changed, 22 insertions(+), 4 deletions(-)

diff --git a/src/PVE/Network/SDN/Zones/EvpnPlugin.pm b/src/PVE/Network/SDN/Zones/EvpnPlugin.pm
index dfbd7e9..0e79707 100644
--- a/src/PVE/Network/SDN/Zones/EvpnPlugin.pm
+++ b/src/PVE/Network/SDN/Zones/EvpnPlugin.pm
@@ -11,6 +11,7 @@ use PVE::INotify;
 use PVE::Cluster;
 use PVE::Tools;
 use Net::IP;
+use PVE::RESTEnvironment qw(log_warn);
 
 use PVE::Network::SDN::Controllers::EvpnPlugin;
 
@@ -269,8 +270,16 @@ sub generate_sdn_config {
         if ($subnet->{snat}) {
 
             #find outgoing interface
-            my ($outip, $outiface) =
-                PVE::Network::SDN::Zones::Plugin::get_local_route_ip($checkrouteip);
+            my ($outip, $outiface);
+            eval {
+                ($outip, $outiface) =
+                    PVE::Network::SDN::Zones::Plugin::get_local_route_ip($checkrouteip);
+            };
+            if ($@) {
+                my $msg = "interface for SNAT could not be resolved: $@";
+                log_warn($msg);
+                next;
+            }
             if ($outip && $outiface && $is_evpn_gateway) {
                 #use snat, faster than masquerade
                 push @iface_config,
diff --git a/src/PVE/Network/SDN/Zones/SimplePlugin.pm b/src/PVE/Network/SDN/Zones/SimplePlugin.pm
index f5cd18e..347eee9 100644
--- a/src/PVE/Network/SDN/Zones/SimplePlugin.pm
+++ b/src/PVE/Network/SDN/Zones/SimplePlugin.pm
@@ -7,6 +7,7 @@ use PVE::Network::SDN::Dhcp;
 use PVE::Exception qw(raise raise_param_exc);
 use PVE::Cluster;
 use PVE::Tools;
+use PVE::RESTEnvironment qw(log_warn);
 
 use base('PVE::Network::SDN::Zones::Plugin');
 
@@ -112,8 +113,16 @@ sub generate_sdn_config {
         push @iface_config, "up ip route add $cidr dev $vnetid" if $mask == 32 && $ipversion == 4;
         if ($subnet->{snat}) {
             #find outgoing interface
-            my ($outip, $outiface) =
-                PVE::Network::SDN::Zones::Plugin::get_local_route_ip($checkrouteip);
+            my ($outip, $outiface);
+            eval {
+                ($outip, $outiface) =
+                    PVE::Network::SDN::Zones::Plugin::get_local_route_ip($checkrouteip);
+            };
+            if ($@) {
+                my $msg = "interface for SNAT could not be resolved: $@";
+                log_warn($msg);
+                next;
+            }
             if ($outip && $outiface) {
                 #use snat, faster than masquerade
                 push @iface_config,
-- 
2.47.3