* [pve-devel] [PATCH pve-network 0/2] allow ip|ip6-forward option on bridge
@ 2024-02-22 14:28 Alexandre Derumier
2024-02-22 14:28 ` [pve-devel] [PATCH pve-network 1/2] patches: update slaac patch Alexandre Derumier
2024-02-22 14:28 ` [pve-devel] [PATCH pve-network 2/2] patches: allow ip|ip6-forward option on bridge Alexandre Derumier
0 siblings, 2 replies; 5+ messages in thread
From: Alexandre Derumier @ 2024-02-22 14:28 UTC (permalink / raw)
To: pve-devel
Currently, it's not working only for bridge, because we have a return
after bridge default forwarding setup.
Alexandre Derumier (2):
patches: update slaac patch
patches: allow ip|ip6-forward option on bridge
debian/patches/series | 1 +
...6-slaac-support-inet6-auto-accept_ra.patch | 32 +++++++------------
...dress-allow-ip-ip6-forward-on-bridge.patch | 32 +++++++++++++++++++
3 files changed, 45 insertions(+), 20 deletions(-)
create mode 100644 debian/patches/upstream/0001-address-allow-ip-ip6-forward-on-bridge.patch
--
2.39.2
^ permalink raw reply [flat|nested] 5+ messages in thread
* [pve-devel] [PATCH pve-network 1/2] patches: update slaac patch
2024-02-22 14:28 [pve-devel] [PATCH pve-network 0/2] allow ip|ip6-forward option on bridge Alexandre Derumier
@ 2024-02-22 14:28 ` Alexandre Derumier
2024-11-15 15:03 ` Stefan Hanreich
2024-11-15 15:10 ` [pve-devel] applied: " Thomas Lamprecht
2024-02-22 14:28 ` [pve-devel] [PATCH pve-network 2/2] patches: allow ip|ip6-forward option on bridge Alexandre Derumier
1 sibling, 2 replies; 5+ messages in thread
From: Alexandre Derumier @ 2024-02-22 14:28 UTC (permalink / raw)
To: pve-devel
remove self._sysctl_slaac call for bridge, or it'll be called twice
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
---
...6-slaac-support-inet6-auto-accept_ra.patch | 32 +++++++------------
1 file changed, 12 insertions(+), 20 deletions(-)
diff --git a/debian/patches/upstream/0001-add-ipv6-slaac-support-inet6-auto-accept_ra.patch b/debian/patches/upstream/0001-add-ipv6-slaac-support-inet6-auto-accept_ra.patch
index 9e1bb13..a8d6106 100644
--- a/debian/patches/upstream/0001-add-ipv6-slaac-support-inet6-auto-accept_ra.patch
+++ b/debian/patches/upstream/0001-add-ipv6-slaac-support-inet6-auto-accept_ra.patch
@@ -1,7 +1,7 @@
-From 76721af329cab107e339fef5bc783dacb32132dc Mon Sep 17 00:00:00 2001
+From fd844b0557337e714a7e11ed6c39bc8164709a46 Mon Sep 17 00:00:00 2001
From: Alexandre Derumier <aderumier@odiso.com>
Date: Tue, 9 May 2023 17:48:14 +0200
-Subject: [PATCH] add ipv6 slaac support (inet6 auto && accept_ra)
+Subject: add ipv6 slaac support (inet6 auto && accept_ra)
This should fix a lot of users request in the forum,
and also fix upgrade from ifupdown1 to ifupdown2 if user have "inet6 auto" in configuration.
@@ -13,7 +13,7 @@ https://github.com/CumulusNetworks/ifupdown2/pull/259
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
---
etc/network/ifupdown2/addons.conf | 2 +
- ifupdown2/addons/address.py | 109 +++++++++++++--
+ ifupdown2/addons/address.py | 108 +++++++++++++--
ifupdown2/addons/auto.py | 168 ++++++++++++++++++++++++
ifupdown2/addons/dhcp.py | 18 +--
ifupdown2/ifupdown/iface.py | 4 +
@@ -21,11 +21,11 @@ Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
ifupdown2/lib/nlcache.py | 63 ++++++++-
ifupdown2/man/interfaces.5.rst | 9 ++
ifupdown2/nlmanager/nlpacket.py | 24 +++-
- 9 files changed, 373 insertions(+), 26 deletions(-)
+ 9 files changed, 372 insertions(+), 26 deletions(-)
create mode 100644 ifupdown2/addons/auto.py
diff --git a/etc/network/ifupdown2/addons.conf b/etc/network/ifupdown2/addons.conf
-index 726d63a..67de25f 100644
+index a8f2317..5a3964d 100644
--- a/etc/network/ifupdown2/addons.conf
+++ b/etc/network/ifupdown2/addons.conf
@@ -15,6 +15,7 @@ pre-up,mstpctl
@@ -36,7 +36,7 @@ index 726d63a..67de25f 100644
pre-up,address
up,dhcp
up,address
-@@ -28,6 +29,7 @@ pre-down,usercmds
+@@ -30,6 +31,7 @@ pre-down,usercmds
pre-down,vxrd
pre-down,dhcp
down,ppp
@@ -45,7 +45,7 @@ index 726d63a..67de25f 100644
down,address
down,usercmds
diff --git a/ifupdown2/addons/address.py b/ifupdown2/addons/address.py
-index e71a26f..473a089 100644
+index e71a26f..bb5589e 100644
--- a/ifupdown2/addons/address.py
+++ b/ifupdown2/addons/address.py
@@ -188,6 +188,19 @@ class address(AddonWithIpBlackList, moduleBase):
@@ -177,15 +177,7 @@ index e71a26f..473a089 100644
def _sysctl_config(self, ifaceobj):
setting_default_value = False
mpls_enable = ifaceobj.get_attr_value_first('mpls-enable');
-@@ -912,6 +984,7 @@ class address(AddonWithIpBlackList, moduleBase):
-
- if (ifaceobj.link_kind & ifaceLinkKind.BRIDGE):
- self._set_bridge_forwarding(ifaceobj)
-+ self._sysctl_slaac(ifaceobj)
- return
- if not self.syntax_check_sysctls(ifaceobj):
- return
-@@ -979,6 +1052,8 @@ class address(AddonWithIpBlackList, moduleBase):
+@@ -979,6 +1051,8 @@ class address(AddonWithIpBlackList, moduleBase):
ifaceobj.status = ifaceStatus.ERROR
self.logger.error('%s: %s' %(ifaceobj.name, str(e)))
@@ -194,7 +186,7 @@ index e71a26f..473a089 100644
def process_mtu(self, ifaceobj, ifaceobj_getfunc):
if ifaceobj.link_privflags & ifaceLinkPrivFlags.OPENVSWITCH:
-@@ -1016,7 +1091,7 @@ class address(AddonWithIpBlackList, moduleBase):
+@@ -1016,7 +1090,7 @@ class address(AddonWithIpBlackList, moduleBase):
# no need to go further during perfmode (boot)
return
@@ -203,7 +195,7 @@ index e71a26f..473a089 100644
return
if not user_configured_ipv6_addrgen:
-@@ -1213,7 +1288,7 @@ class address(AddonWithIpBlackList, moduleBase):
+@@ -1213,7 +1287,7 @@ class address(AddonWithIpBlackList, moduleBase):
if not self.cache.link_exists(ifaceobj.name):
return
addr_method = ifaceobj.addr_method
@@ -212,7 +204,7 @@ index e71a26f..473a089 100644
if ifaceobj.get_attr_value_first('address-purge')=='no':
addrlist = ifaceobj.get_attr_value('address')
for addr in addrlist or []:
-@@ -1326,6 +1401,22 @@ class address(AddonWithIpBlackList, moduleBase):
+@@ -1326,6 +1400,22 @@ class address(AddonWithIpBlackList, moduleBase):
ifaceobjcurr.update_config_with_status('mpls-enable',
running_mpls_enable,
mpls_enable != running_mpls_enable)
@@ -235,7 +227,7 @@ index e71a26f..473a089 100644
return
def query_check_ipv6_addrgen(self, ifaceobj, ifaceobjcurr):
-@@ -1380,7 +1471,7 @@ class address(AddonWithIpBlackList, moduleBase):
+@@ -1380,7 +1470,7 @@ class address(AddonWithIpBlackList, moduleBase):
def _query_check_address(self, ifaceobj, ifaceobjcurr, ifaceobj_getfunc):
""" ifquery-check: attribute: "address" """
--
2.39.2
^ permalink raw reply [flat|nested] 5+ messages in thread
* [pve-devel] [PATCH pve-network 2/2] patches: allow ip|ip6-forward option on bridge
2024-02-22 14:28 [pve-devel] [PATCH pve-network 0/2] allow ip|ip6-forward option on bridge Alexandre Derumier
2024-02-22 14:28 ` [pve-devel] [PATCH pve-network 1/2] patches: update slaac patch Alexandre Derumier
@ 2024-02-22 14:28 ` Alexandre Derumier
1 sibling, 0 replies; 5+ messages in thread
From: Alexandre Derumier @ 2024-02-22 14:28 UTC (permalink / raw)
To: pve-devel
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
---
debian/patches/series | 1 +
...dress-allow-ip-ip6-forward-on-bridge.patch | 32 +++++++++++++++++++
2 files changed, 33 insertions(+)
create mode 100644 debian/patches/upstream/0001-address-allow-ip-ip6-forward-on-bridge.patch
diff --git a/debian/patches/series b/debian/patches/series
index 557aa7f..3b80321 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -7,6 +7,7 @@ pve/0006-openvswitch-ovs-ports-condone-regex-exclude-tap-veth.patch
pve/0007-allow-vlan-tag-inside-vxlan-tunnel.patch
pve/0008-lacp-bond-remove-bond-min-links-0-warning.patch
pve/0009-gvgeb-fix-python-interpreter-shebang.patch
+upstream/0001-address-allow-ip-ip6-forward-on-bridge.patch
upstream/0001-add-ipv6-slaac-support-inet6-auto-accept_ra.patch
upstream/0001-addons-ethtool-add-rx-vlan-filter.patch
upstream/0001-scheduler-import-traceback.patch
diff --git a/debian/patches/upstream/0001-address-allow-ip-ip6-forward-on-bridge.patch b/debian/patches/upstream/0001-address-allow-ip-ip6-forward-on-bridge.patch
new file mode 100644
index 0000000..b61d891
--- /dev/null
+++ b/debian/patches/upstream/0001-address-allow-ip-ip6-forward-on-bridge.patch
@@ -0,0 +1,32 @@
+From cd21f46308052ae092d1036886cde2c3177e3642 Mon Sep 17 00:00:00 2001
+From: Alexandre Derumier <aderumier@gmail.com>
+Date: Thu, 22 Feb 2024 13:11:02 +0100
+Subject: [PATCH 2/2] address: allow ip|ip6-forward on bridge
+
+Currently, a bridge always have forward enabled if an ip exist,
+or disabled if not ip is present.
+
+we can't use ip-forward on|off to override it because of this return.
+
+Signed-off-by: Alexandre Derumier <aderumier@gmail.com>
+Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
+---
+ ifupdown2/addons/address.py | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/ifupdown2/addons/address.py b/ifupdown2/addons/address.py
+index bb5589e..7310646 100644
+--- a/ifupdown2/addons/address.py
++++ b/ifupdown2/addons/address.py
+@@ -984,7 +984,7 @@ class address(AddonWithIpBlackList, moduleBase):
+
+ if (ifaceobj.link_kind & ifaceLinkKind.BRIDGE):
+ self._set_bridge_forwarding(ifaceobj)
+- return
++
+ if not self.syntax_check_sysctls(ifaceobj):
+ return
+ if not self.syntax_check_l3_svi_ip_forward(ifaceobj):
+--
+2.39.2
+
--
2.39.2
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [pve-devel] [PATCH pve-network 1/2] patches: update slaac patch
2024-02-22 14:28 ` [pve-devel] [PATCH pve-network 1/2] patches: update slaac patch Alexandre Derumier
@ 2024-11-15 15:03 ` Stefan Hanreich
2024-11-15 15:10 ` [pve-devel] applied: " Thomas Lamprecht
1 sibling, 0 replies; 5+ messages in thread
From: Stefan Hanreich @ 2024-11-15 15:03 UTC (permalink / raw)
To: Proxmox VE development discussion, Alexandre Derumier
Gave this patch a quick spin, worked on my machine.
Tested-by: Stefan Hanreich <s.hanreich@proxmox.com>
The other patch is only required for DHCP so let's leave it for now (and
doesn't apply on current master, but that's trivial..).
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
^ permalink raw reply [flat|nested] 5+ messages in thread
* [pve-devel] applied: [PATCH pve-network 1/2] patches: update slaac patch
2024-02-22 14:28 ` [pve-devel] [PATCH pve-network 1/2] patches: update slaac patch Alexandre Derumier
2024-11-15 15:03 ` Stefan Hanreich
@ 2024-11-15 15:10 ` Thomas Lamprecht
1 sibling, 0 replies; 5+ messages in thread
From: Thomas Lamprecht @ 2024-11-15 15:10 UTC (permalink / raw)
To: Proxmox VE development discussion, Alexandre Derumier
Am 22.02.24 um 15:28 schrieb Alexandre Derumier:
> remove self._sysctl_slaac call for bridge, or it'll be called twice
>
> Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
> ---
> ...6-slaac-support-inet6-auto-accept_ra.patch | 32 +++++++------------
> 1 file changed, 12 insertions(+), 20 deletions(-)
>
>
applied this one, thanks! But sadly I overlooked adding Stefan's T-b, thanks
nonetheless!
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2024-11-15 15:11 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-02-22 14:28 [pve-devel] [PATCH pve-network 0/2] allow ip|ip6-forward option on bridge Alexandre Derumier
2024-02-22 14:28 ` [pve-devel] [PATCH pve-network 1/2] patches: update slaac patch Alexandre Derumier
2024-11-15 15:03 ` Stefan Hanreich
2024-11-15 15:10 ` [pve-devel] applied: " Thomas Lamprecht
2024-02-22 14:28 ` [pve-devel] [PATCH pve-network 2/2] patches: allow ip|ip6-forward option on bridge Alexandre Derumier
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal