Re: [pve-devel] [RFC cluster/manager/network 0/6] Add support for DHCP servers to SDN

[Stefan Hanreich <s.hanreich@proxmox.com>]

On 9/13/23 14:50, DERUMIER, Alexandre wrote:
> Le mercredi 13 septembre 2023 à 13:50 +0200, Stefan Hanreich a écrit :
>>
>>
>> That way we could also easily add a IP configuration section to the
>> VM
> 
> 
> I really don't known if it's the best/easiest way to have ip both in
> ipam && vm config.
> 
> I have sent ipam vm|ct 1 or 2 year ago, and their are a lot of corner
> cases (snapshots / backup restore  with an ip different than ipam for
> example).
> 
> 
> But it's avoid to call ipam at vm_start. (and could be used for
> firewall to auto generate ip filtering)
> 

Maybe setting it there could just be an interface for setting it in the 
IPAM manually?

But yes, the snapshots / backup cases certainly requires some thought.

Another thing I was thinking about: When we create a mapping on start / 
stop we will also have to consider DHCP lease time and cannot 
immediately re-use the IP (which is actually quite likely if IPAM always 
just returns the next IP in the list). We will have to take into account 
the DHCP lease time in our pve IPAM implementation and reserve the IP 
accordingly.

For dnsmasq, the dhcp hookscripts might come in handy in that case so we 
know the exact expiration time.

As Thomas already mentioned, time drift in VMs (e.g. after hibernation) 
can also cause real issues here..

We would also need some kind of mechanism for cleaning expired entries 
automatically, otherwise local pve IPAM becomes cluttered.

As far as I can tell, Kea + NetBox integration already supports DHCP 
reservations, so we should be fine on that front.