* [PATCH network] SNAT: handle interface lookup failures gracefully
@ 2026-04-20 14:35 Lukas Sichert
2026-06-01 12:47 ` superseded: " Lukas Sichert
0 siblings, 1 reply; 2+ messages in thread
From: Lukas Sichert @ 2026-04-20 14:35 UTC (permalink / raw)
To: pve-devel; +Cc: Lukas Sichert
When an IPv6 subnet is created in a Simple or EVPN zone, the setup code
runs `ip route get 2001:4860:4860::8888` to determine the outgoing
interface. If the host has no IPv6 address configured, this command
fails and aborts the loop that iterates over the plugin's subnets.
Since the error is only handled at a higher layer, any subnets that
would be processed later in the loop are skipped.
Wrap the function that performs the route lookup in an eval block. If
the lookup fails, write the error to the system log and continue
processing the remaining subnets in the loop.
Signed-off-by: Lukas Sichert <l.sichert@proxmox.com>
---
src/PVE/Network/SDN/Zones/EvpnPlugin.pm | 12 ++++++++++--
src/PVE/Network/SDN/Zones/SimplePlugin.pm | 12 ++++++++++--
2 files changed, 20 insertions(+), 4 deletions(-)
diff --git a/src/PVE/Network/SDN/Zones/EvpnPlugin.pm b/src/PVE/Network/SDN/Zones/EvpnPlugin.pm
index 8e7ddfd..a12922b 100644
--- a/src/PVE/Network/SDN/Zones/EvpnPlugin.pm
+++ b/src/PVE/Network/SDN/Zones/EvpnPlugin.pm
@@ -11,6 +11,7 @@ use PVE::INotify;
use PVE::Cluster;
use PVE::Tools;
use Net::IP;
+use PVE::SafeSyslog;
use PVE::Network::SDN::Controllers::EvpnPlugin;
@@ -252,8 +253,15 @@ sub generate_sdn_config {
if ($subnet->{snat}) {
#find outgoing interface
- my ($outip, $outiface) =
- PVE::Network::SDN::Zones::Plugin::get_local_route_ip($checkrouteip);
+ my ($outip, $outiface);
+ eval {
+ ($outip, $outiface) =
+ PVE::Network::SDN::Zones::Plugin::get_local_route_ip($checkrouteip);
+ };
+ if ($@) {
+ syslog("warn", "interface for SNAT could not be resolved: $@");
+ next;
+ }
if ($outip && $outiface && $is_evpn_gateway) {
#use snat, faster than masquerade
push @iface_config,
diff --git a/src/PVE/Network/SDN/Zones/SimplePlugin.pm b/src/PVE/Network/SDN/Zones/SimplePlugin.pm
index f5cd18e..8ae7630 100644
--- a/src/PVE/Network/SDN/Zones/SimplePlugin.pm
+++ b/src/PVE/Network/SDN/Zones/SimplePlugin.pm
@@ -7,6 +7,7 @@ use PVE::Network::SDN::Dhcp;
use PVE::Exception qw(raise raise_param_exc);
use PVE::Cluster;
use PVE::Tools;
+use PVE::SafeSyslog;
use base('PVE::Network::SDN::Zones::Plugin');
@@ -112,8 +113,15 @@ sub generate_sdn_config {
push @iface_config, "up ip route add $cidr dev $vnetid" if $mask == 32 && $ipversion == 4;
if ($subnet->{snat}) {
#find outgoing interface
- my ($outip, $outiface) =
- PVE::Network::SDN::Zones::Plugin::get_local_route_ip($checkrouteip);
+ my ($outip, $outiface);
+ eval {
+ ($outip, $outiface) =
+ PVE::Network::SDN::Zones::Plugin::get_local_route_ip($checkrouteip);
+ };
+ if ($@) {
+ syslog("warn", "interface for SNAT could not be resolved: $@");
+ next;
+ }
if ($outip && $outiface) {
#use snat, faster than masquerade
push @iface_config,
--
2.47.3
^ permalink raw reply related [flat|nested] 2+ messages in thread
end of thread, other threads:[~2026-06-01 12:47 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-04-20 14:35 [PATCH network] SNAT: handle interface lookup failures gracefully Lukas Sichert
2026-06-01 12:47 ` superseded: " Lukas Sichert
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.