From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 8C5FF6A61D for ; Fri, 22 Jan 2021 23:16:19 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 810DD1FF31 for ; Fri, 22 Jan 2021 23:16:19 +0100 (CET) Received: from redisdead.crans.org (unknown [IPv6:2a0c:700:2::ff:fe01:2402]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS id E42E41FF19 for ; Fri, 22 Jan 2021 23:16:17 +0100 (CET) Received: from localhost.localdomain (lfbn-idf2-1-325-226.w82-123.abo.wanadoo.fr [82.123.45.226]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by redisdead.crans.org (Postfix) with ESMTPSA id 621F87C2 for ; Fri, 22 Jan 2021 23:16:11 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=crans.org; s=mail; t=1611353771; bh=rDR+dOYzV+YSpfwINL8e4PLgfMJVd4HQsOJlsXPGQog=; h=To:From:Subject:Date:From; b=hPqQhpqgDMNeFqDSLNxd9rwqXI3g+8Qi1+xYFkjz841p1+doYrrH+EvWc0a9em6ww bys9HzKe7xnrp6uaB1Cec1sDPPcXL6q3mbjB1i5wfx35oZmUPg79WKIQO+lU/DUFEr i10oU/QCwHqlN1MjiAy+F+T6DLen7YdxfWjP4NAbygVCBkRIH4k5pBhjJbPbYNT/Cy XvWSPTQ+i8rArWjq0kJU4LBVCHmt5NigNr1BEkUtH3iN3UQoOt2K6DNNot09+sIiHm HYHh6J9FSylwUawOPnx6PiAcK/aDCNiPAAxtRhRfFSlc+02YO6CHIhqrlbdzR4kRCs /MDs0O5V/kngEfRoYsKM8xQ6z+D9D9frhb3g+KiuPMOzpcRhy0f0KLPkSzYPuqab3f opHkALCWS4Vr88Y9oF6V5eVgs1KR9sngb+0/K3qSkFdBuvjia/RJHCr2PeafdqF+Uu yjW21+W/R3eM6puCMpFnBWPIimjyP2q0kZUU1BWGVnH+OU9TyCAvpLIqz4ocabL/RK x2wDT/Yni6nyaHtOF+AjOQk56GtGSyQ5jY0LUfKmmWBt3wnb+ylinGXrUavGQh2tIp uisZ80CKg/aZZaR7skfdxhRM4DG4fn70j+yxH5HQGgrthKwupMc9WbkGeCqZqrEOGY 36AHEL5rhUXj2yesT5iwTsqQ= To: pve-devel@lists.proxmox.com From: Tom Barthe Message-ID: Date: Fri, 22 Jan 2021 23:16:10 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.5.0 MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="cGDHyUJraxO4pseSQYb9DIkcuc9CcDNk0" X-SPAM-LEVEL: Spam detection results: 1 DKIM_SIGNED 0.1 Message has a DKIM or DK signature, not necessarily valid DKIM_VALID -0.1 Message has at least one valid DKIM or DK signature DKIM_VALID_AU -0.1 Message has a valid DKIM or DK signature from author's domain DKIM_VALID_EF -0.1 Message has a valid DKIM or DK signature from envelope-from domain RDNS_NONE 1.274 Delivered to internal network by a host with no rDNS SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [ozlabs.org, crans.org] X-Mailman-Approved-At: Mon, 25 Jan 2021 10:16:47 +0100 X-Content-Filtered-By: Mailman/MimeDel 2.1.29 Subject: [pve-devel] Isolated bridge port support X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 22 Jan 2021 22:16:19 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --cGDHyUJraxO4pseSQYb9DIkcuc9CcDNk0 Content-Type: multipart/mixed; boundary="1lHw0YL7Vyb7EN6yx7HJWaHV98HhJ1K0A"; protected-headers="v1" From: Tom Barthe To: pve-devel@lists.proxmox.com Message-ID: Subject: Isolated bridge port support --1lHw0YL7Vyb7EN6yx7HJWaHV98HhJ1K0A Content-Type: multipart/mixed; boundary="------------D226DCEB7AC2E89E42B57E04" Content-Language: en-US This is a multi-part message in MIME format. --------------D226DCEB7AC2E89E42B57E04 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: quoted-printable Hi! Since version 4.18 of the Linux kernel [1], bridges support the=20 BR_ISOLATED flag which allows to disable communications between ports=20 declared as private (similar to PVLANs). This feature is already supported by libvirt [2]. Would you be interested in adding support for this feature? If so, I have a short patch (probably not tested enough, but it could be = a good start nonetheless) to add support in the web manager, LXC and=20 QEMU (by adding a private=3D1 property in the net definition). Best regards, [1]:=20 https://patchwork.ozlabs.org/project/netdev/patch/20180524085648.5934-1-n= ikolay@cumulusnetworks.com/ [2]: https://www.redhat.com/archives/libvir-list/2020-February/msg00596.h= tml --=20 Tom Barthe --------------D226DCEB7AC2E89E42B57E04-- --1lHw0YL7Vyb7EN6yx7HJWaHV98HhJ1K0A-- --cGDHyUJraxO4pseSQYb9DIkcuc9CcDNk0 Content-Type: application/pgp-signature; name="OpenPGP_signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="OpenPGP_signature" -----BEGIN PGP SIGNATURE----- wnsEABYIACMWIQTHmXjXZfYmQT3QFDqACIK2bAwzJgUCYAtOqgUDAAAAAAAKCRCACIK2bAwzJlAd AP0auzA1FZKLMFSjtUJMu6OlzFnA4+qKZ0UhBuT646p6ugD+N+qYWz4YY0qI/cXQa7TaXzctK3Nb lkaeoUpkSfpy2gA= =Mtt6 -----END PGP SIGNATURE----- --cGDHyUJraxO4pseSQYb9DIkcuc9CcDNk0--