From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id 2C9E01FF13E for ; Fri, 09 Jan 2026 19:05:30 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 018BA1E2F5; Fri, 9 Jan 2026 19:05:24 +0100 (CET) To: pve-devel@lists.proxmox.com Date: Fri, 9 Jan 2026 13:10:49 +0100 In-Reply-To: <20260109121049.70740-1-klein@aetherus.de> References: <20260109121049.70740-1-klein@aetherus.de> X-Mailman-Approved-At: Fri, 09 Jan 2026 19:05:22 +0100 MIME-Version: 1.0 Message-ID: List-Id: Proxmox VE development discussion List-Post: From: Maurice Klein via pve-devel Precedence: list Cc: Maurice Klein X-Mailman-Version: 2.1.29 X-BeenThere: pve-devel@lists.proxmox.com List-Subscribe: , List-Unsubscribe: , List-Archive: Reply-To: Proxmox VE development discussion List-Help: Subject: [pve-devel] [PATCH container 1/1] Signed-off-by: Maurice Klein Content-Type: multipart/mixed; boundary="===============5869467539575504351==" Errors-To: pve-devel-bounces@lists.proxmox.com Sender: "pve-devel" --===============5869467539575504351== Content-Type: message/rfc822 Content-Disposition: inline Return-Path: X-Original-To: pve-devel@lists.proxmox.com Delivered-To: pve-devel@lists.proxmox.com Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 5B14CDC86F for ; Fri, 9 Jan 2026 13:21:54 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 3244314D62 for ; Fri, 9 Jan 2026 13:21:54 +0100 (CET) Received: from plesk01.aetherus.io (plesk01.aetherus.io [195.5.114.20]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS for ; Fri, 9 Jan 2026 13:21:53 +0100 (CET) Received: from localhost.localdomain (unknown [195.5.114.21]) by plesk01.aetherus.io (Postfix) with ESMTPSA id 8B09E30184D; Fri, 9 Jan 2026 13:12:01 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=aetherus.de; s=default; t=1767960721; bh=MsQ7b20TWoy3UtsdS4SdJ+2TRNCi40d8Bf9/aCUmddA=; h=From:To:Subject; b=EzuiT23IN8iuFr15FYnIZ8biXjThjXS5W/Ju6UhlqL5/+O4S6iGDq0nB3mO9Jr1nc 8EzI2F1TKBrRwv2jnQkqBJE0M6pcOUObsZbx9Jk/yp6Jx3KTM7c7WBbUfPab+ppAuA /JNbjHwN83EOX1RYcslvZ2r/N5Ga7dVH6lcfj+CLkjU7RzEG/DFvoETHshoF9tldoP udcdjWpedR01NKpQTaTaBUDdrpe0weMoLfAZjYclBcfUV7C3Idt5/PwFb3nrbU4To/ M2ONIk+wmAyJuB9CpM9u0DM78DIbRzfWskuf34/MHwTJ0ryGBIUIPj4NYQCgpAnyMv D0trFbJq3wxDw== Authentication-Results: plesk01; spf=pass (sender IP is 195.5.114.21) smtp.mailfrom=klein@aetherus.de smtp.helo=localhost.localdomain Received-SPF: pass (plesk01: connection is authenticated) From: Maurice Klein To: pve-devel@lists.proxmox.com Subject: [PATCH container 1/1] Signed-off-by: Maurice Klein Date: Fri, 9 Jan 2026 13:10:49 +0100 Message-Id: <20260109121049.70740-2-klein@aetherus.de> X-Mailer: git-send-email 2.39.5 (Apple Git-154) In-Reply-To: <20260109121049.70740-1-klein@aetherus.de> References: <20260109121049.70740-1-klein@aetherus.de> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-PPP-Message-ID: <176796072173.4188471.15894558454292422515@plesk01.aetherus.io> X-PPP-Vhost: aetherus.de X-SPAM-LEVEL: Spam detection results: 0 BAYES_00 -1.9 Bayes spam probability is 0 to 1% DKIM_SIGNED 0.1 Message has a DKIM or DK signature, not necessarily valid DKIM_VALID -0.1 Message has at least one valid DKIM or DK signature DKIM_VALID_AU -0.1 Message has a valid DKIM or DK signature from author's domain DKIM_VALID_EF -0.1 Message has a valid DKIM or DK signature from envelope-from domain DMARC_PASS -0.1 DMARC pass policy SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record X-Mailman-Approved-At: Fri, 09 Jan 2026 19:05:22 +0100 qemu-server: add routed tap and helper scripts --- src/PVE/QemuServer.pm | 9 +++++- src/PVE/QemuServer/Network.pm | 19 +++++++++++ src/usr/pve-tap | 59 +++++++++++++++++++++++++++++++++++ src/usr/pve-tap-hotplug | 3 ++ src/usr/pve-tapdown | 16 ++++++++++ 5 files changed, 105 insertions(+), 1 deletion(-) create mode 100755 src/usr/pve-tap create mode 100755 src/usr/pve-tap-hotplug create mode 100755 src/usr/pve-tapdown diff --git a/src/PVE/QemuServer.pm b/src/PVE/QemuServer.pm index 69991843..2c0b784e 100644 --- a/src/PVE/QemuServer.pm +++ b/src/PVE/QemuServer.pm @@ -1443,8 +1443,15 @@ sub print_netdev_full { my $netdev = ""; my $script = $hotplug ? "pve-bridge-hotplug" : "pve-bridge"; + if ($net->{taprouted}) { + $script = $hotplug ? "pve-tap" : "pve-tap-hotplug"; + } + - if ($net->{bridge}) { + if ($net->{taprouted}) { + $netdev= "type=tap,id=$netid,ifname=${ifname},script=/usr/libexec/qemu-server/$script" + . ",downscript=/usr/libexec/qemu-server/pve-tapdown$vhostparam"; + } elsif ($net->{bridge}) { $netdev = "type=tap,id=$netid,ifname=${ifname},script=/usr/libexec/qemu-server/$script" . ",downscript=/usr/libexec/qemu-server/pve-bridgedown$vhostparam"; } else { diff --git a/src/PVE/QemuServer/Network.pm b/src/PVE/QemuServer/Network.pm index eb8222e8..c11f002c 100644 --- a/src/PVE/QemuServer/Network.pm +++ b/src/PVE/QemuServer/Network.pm @@ -116,6 +116,25 @@ my $net_fmt = { "Force MTU of network device (VirtIO only). Setting to '1' or empty will use the bridge MTU", optional => 1, }, + taprouted => { + type => 'boolean', + description => "routed network, just make tap interface and execute routing script", + optional => 1, + }, + hostip => { + type => 'string', + format => 'ipv4', + format_description => 'IPv4Format', + description => 'IPv4 address for the host.', + optional => 1, + }, + guestip => { + type => 'string', + format => 'ipv4', + format_description => 'GuestIPv4', + description => 'IPv4 address for the guest.', + optional => 1, + }, }; our $netdesc = { diff --git a/src/usr/pve-tap b/src/usr/pve-tap new file mode 100755 index 00000000..10623c17 --- /dev/null +++ b/src/usr/pve-tap @@ -0,0 +1,59 @@ +#!/usr/bin/perl + +use strict; +use warnings; + +use PVE::Tools qw(run_command); +use PVE::Firewall; + +use PVE::QemuServer::Network; + +my $iface = shift; + +my $hotplug = 0; +if ($iface eq '--hotplug') { + $hotplug = 1; + $iface = shift; +} + +die "no interface specified\n" if !$iface; + +die "got strange interface name '$iface'\n" + if $iface !~ m/^tap(\d+)i(\d+)$/; + +my $vmid = $1; +my $netid = "net$2"; + +my $migratedfrom = $hotplug ? undef : $ENV{PVE_MIGRATED_FROM}; + +my $conf = PVE::QemuConfig->load_config($vmid, $migratedfrom); + +my $netconf = $conf->{$netid}; + +$netconf = $conf->{pending}->{$netid} if !$migratedfrom && defined($conf->{pending}->{$netid}); + +die "unable to get network config '$netid'\n" + if !defined($netconf); + +my $net = PVE::QemuServer::Network::parse_net($netconf); +die "unable to parse network config '$netid'\n" if !$net; + + +# Bring up the tap interface +run_command(['ip', 'link', 'set', $iface, 'up']); +#set host ip if specified +if (defined($net->{hostip})) { + run_command(['ip', 'addr', 'add', $net->{hostip}, 'dev', $iface]); +} + +#set route to guest if specified +if (defined($net->{guestip})) { +run_command(['ip', 'route', 'add', $net->{guestip}, 'dev', $iface]); +} + + + + + + +exit 0; diff --git a/src/usr/pve-tap-hotplug b/src/usr/pve-tap-hotplug new file mode 100755 index 00000000..6fcdcd2a --- /dev/null +++ b/src/usr/pve-tap-hotplug @@ -0,0 +1,3 @@ +#!/bin/sh + +exec /usr/libexec/qemu-server/pve-tap --hotplug "$@" diff --git a/src/usr/pve-tapdown b/src/usr/pve-tapdown new file mode 100755 index 00000000..e867b640 --- /dev/null +++ b/src/usr/pve-tapdown @@ -0,0 +1,16 @@ +#!/usr/bin/perl + +use strict; +use warnings; +use PVE::Network; + +my $iface = shift; + +die "no interface specified\n" if !$iface; + +die "got strange interface name '$iface'\n" + if $iface !~ m/^tap(\d+)i(\d+)$/; + +PVE::Network::tap_unplug($iface); + +exit 0; -- 2.39.5 (Apple Git-154) --===============5869467539575504351== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel --===============5869467539575504351==--