From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id D1CF778476 for ; Thu, 29 Apr 2021 23:01:01 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id C017B21B5F for ; Thu, 29 Apr 2021 23:00:31 +0200 (CEST) Received: from kvmformation3.odiso.net (globalOdiso.M6Lille.odiso.net [89.248.211.242]) by firstgate.proxmox.com (Proxmox) with ESMTP id 4593B21B54 for ; Thu, 29 Apr 2021 23:00:29 +0200 (CEST) Received: by kvmformation3.odiso.net (Postfix, from userid 0) id 9A15990CC2; Thu, 29 Apr 2021 23:00:25 +0200 (CEST) From: Alexandre Derumier To: pve-devel@lists.proxmox.com Date: Thu, 29 Apr 2021 23:00:17 +0200 Message-Id: <20210429210017.1935966-1-aderumier@odiso.com> X-Mailer: git-send-email 2.20.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 1 AWL -0.214 Adjusted score from AWL reputation of From: address HEADER_FROM_DIFFERENT_DOMAINS 0.25 From and EnvelopeFrom 2nd level mail domains are different KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment KAM_LAZY_DOMAIN_SECURITY 1 Sending domain does not have any anti-forgery methods KHOP_HELO_FCRDNS 0.399 Relay HELO differs from its IP's reverse DNS NO_DNS_FOR_FROM 0.379 Envelope sender has no MX or A DNS records PROLO_LEO1 0.1 Meta Catches all Leo drug variations so far SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_NONE 0.001 SPF: sender does not publish an SPF Record URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [qinqplugin.pm] Subject: [pve-devel] [PATCH pve-network] zone: qinq: add vnet without tag support X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Apr 2021 21:01:01 -0000 some user want to be able to define a vnet without vlan, so at qinq zone level, to be able to see traffic from others vnets of this qinq zone. Some example of usage is a inter-vnet firewall/gateway vm. Signed-off-by: Alexandre Derumier --- PVE/Network/SDN/Zones/QinQPlugin.pm | 97 +++++++++---------- .../zones/qinq/bridge/expected_sdn_interfaces | 53 +++++++--- .../bridge_notagvnet/expected_sdn_interfaces | 36 +++++++ test/zones/qinq/bridge_notagvnet/interfaces | 5 + test/zones/qinq/bridge_notagvnet/sdn_config | 14 +++ .../bridge_vlanaware/expected_sdn_interfaces | 24 ++++- .../expected_sdn_interfaces | 27 ++++++ .../bridge_vlanaware_notagvnet/interfaces | 7 ++ .../bridge_vlanaware_notagvnet/sdn_config | 11 +++ .../expected_sdn_interfaces | 12 ++- .../expected_sdn_interfaces | 12 ++- .../expected_sdn_interfaces | 23 ++++- .../expected_sdn_interfaces | 23 ++++- test/zones/qinq/ovs/expected_sdn_interfaces | 24 ++++- .../ovs_notagvnet/expected_sdn_interfaces | 37 +++++++ test/zones/qinq/ovs_notagvnet/interfaces | 9 ++ test/zones/qinq/ovs_notagvnet/sdn_config | 11 +++ .../ovs_vlanawarevnet/expected_sdn_interfaces | 12 ++- .../ovs_vlanprotocol/expected_sdn_interfaces | 12 ++- 19 files changed, 366 insertions(+), 83 deletions(-) create mode 100644 test/zones/qinq/bridge_notagvnet/expected_sdn_interfaces create mode 100644 test/zones/qinq/bridge_notagvnet/interfaces create mode 100644 test/zones/qinq/bridge_notagvnet/sdn_config create mode 100644 test/zones/qinq/bridge_vlanaware_notagvnet/expected_sdn_interfaces create mode 100644 test/zones/qinq/bridge_vlanaware_notagvnet/interfaces create mode 100644 test/zones/qinq/bridge_vlanaware_notagvnet/sdn_config create mode 100644 test/zones/qinq/ovs_notagvnet/expected_sdn_interfaces create mode 100644 test/zones/qinq/ovs_notagvnet/interfaces create mode 100644 test/zones/qinq/ovs_notagvnet/sdn_config diff --git a/PVE/Network/SDN/Zones/QinQPlugin.pm b/PVE/Network/SDN/Zones/QinQPlugin.pm index c5016f5..8282e35 100644 --- a/PVE/Network/SDN/Zones/QinQPlugin.pm +++ b/PVE/Network/SDN/Zones/QinQPlugin.pm @@ -65,6 +65,16 @@ sub generate_sdn_config { my @iface_config = (); my $vnet_bridge_ports = ""; + my $zone_bridge_ports = ""; + my $zone_notag_uplink = "ln_".$zoneid; + my $zone_notag_uplinkpeer = "pr_".$zoneid; + my $zone = "z_$zoneid"; + + if($ctag) { + $vnet_bridge_ports = "$zone.$ctag"; + } else { + $vnet_bridge_ports = $zone_notag_uplinkpeer; + } if($is_ovs) { @@ -72,7 +82,6 @@ sub generate_sdn_config { $vlanprotocol = "802.1q" if !$vlanprotocol; my $svlan_iface = "sv_".$zoneid; - my $zone = "z_$zoneid"; #ovs dot1q-tunnel port @iface_config = (); @@ -87,45 +96,23 @@ sub generate_sdn_config { my @ovs_ports = split / / , @{$config->{$bridge}}[0]; @{$config->{$bridge}}[0] .= " $svlan_iface" if !grep( $_ eq $svlan_iface, @ovs_ports ); - #zone vlan aware bridge - @iface_config = (); - push @iface_config, "mtu $mtu" if $mtu; - push @iface_config, "bridge-stp off"; - push @iface_config, "bridge-ports $svlan_iface"; - push @iface_config, "bridge-fd 0"; - push @iface_config, "bridge-vlan-aware yes"; - push @iface_config, "bridge-vids 2-4094"; - push(@{$config->{$zone}}, @iface_config) if !$config->{$zone}; - - $vnet_bridge_ports = "$zone.$ctag"; + $zone_bridge_ports = $svlan_iface; } elsif ($vlan_aware) { #vlanawarebrige-(tag)----->vlanwarebridge-(tag)----->vnet - my $zone = "z_$zoneid"; - if($vlanprotocol) { @iface_config = (); push @iface_config, "bridge-vlan-protocol $vlanprotocol"; push(@{$config->{$bridge}}, @iface_config) if !$config->{$bridge}; } - #zone vlan bridge - @iface_config = (); - push @iface_config, "mtu $mtu" if $mtu; - push @iface_config, "bridge-stp off"; - push @iface_config, "bridge-ports $bridge.$stag"; - push @iface_config, "bridge-fd 0"; - push @iface_config, "bridge-vlan-aware yes"; - push @iface_config, "bridge-vids 2-4094"; - push(@{$config->{$zone}}, @iface_config) if !$config->{$zone}; - - $vnet_bridge_ports = "$zone.$ctag"; + $zone_bridge_ports = "$bridge.$stag"; } else { - #eth--->eth.x(svlan)--->eth.x.y(cvlan)---->vnet + #eth--->eth.x(svlan)----->vlanwarebridge-(tag)----->vnet---->vnet my @bridge_ifaces = PVE::Network::SDN::Zones::Plugin::get_bridge_ifaces($bridge); @@ -133,7 +120,6 @@ sub generate_sdn_config { # use named vlan interface to avoid too long names my $svlan_iface = "sv_$zoneid"; - my $cvlan_iface = "cv_$vnetid"; #svlan @iface_config = (); @@ -142,16 +128,32 @@ sub generate_sdn_config { push @iface_config, "vlan-protocol $vlanprotocol" if $vlanprotocol; push(@{$config->{$svlan_iface}}, @iface_config) if !$config->{$svlan_iface}; - #cvlan - @iface_config = (); - push @iface_config, "vlan-raw-device $svlan_iface"; - push @iface_config, "vlan-id $ctag"; - push(@{$config->{$cvlan_iface}}, @iface_config) if !$config->{$cvlan_iface}; - - $vnet_bridge_ports .= " $cvlan_iface"; + $zone_bridge_ports = $svlan_iface; + last; } } + #veth peer for notag vnet + @iface_config = (); + push @iface_config, "link-type veth"; + push @iface_config, "veth-peer-name $zone_notag_uplinkpeer"; + push(@{$config->{$zone_notag_uplink}}, @iface_config) if !$config->{$zone_notag_uplink}; + + @iface_config = (); + push @iface_config, "link-type veth"; + push @iface_config, "veth-peer-name $zone_notag_uplink"; + push(@{$config->{$zone_notag_uplinkpeer}}, @iface_config) if !$config->{$zone_notag_uplinkpeer}; + + #zone vlan aware bridge + @iface_config = (); + push @iface_config, "mtu $mtu" if $mtu; + push @iface_config, "bridge-stp off"; + push @iface_config, "bridge-ports $zone_bridge_ports $zone_notag_uplink"; + push @iface_config, "bridge-fd 0"; + push @iface_config, "bridge-vlan-aware yes"; + push @iface_config, "bridge-vids 2-4094"; + push(@{$config->{$zone}}, @iface_config) if !$config->{$zone}; + #vnet bridge @iface_config = (); push @iface_config, "bridge_ports $vnet_bridge_ports"; @@ -179,27 +181,24 @@ sub status { } my $vlan_aware = PVE::Network::SDN::Zones::Plugin::is_vlanaware($bridge); - my $is_ovs = PVE::Network::SDN::Zones::Plugin::is_ovs($bridge); my $tag = $vnet->{tag}; my $vnet_uplink = "ln_".$vnetid; my $vnet_uplinkpeer = "pr_".$vnetid; + my $zone_notag_uplink = "ln_".$zone; + my $zone_notag_uplinkpeer = "pr_".$zone; + my $zonebridge = "z_$zone"; # ifaces to check my $ifaces = [ $vnetid, $bridge ]; - if($is_ovs) { - my $svlan_iface = "sv_".$zone; - my $zonebridge = "z_$zone"; - push @$ifaces, $svlan_iface; - push @$ifaces, $zonebridge; - } elsif ($vlan_aware) { - my $zonebridge = "z_$zone"; - push @$ifaces, $zonebridge; - } else { - my $svlan_iface = "sv_$vnetid"; - my $cvlan_iface = "cv_$vnetid"; + + push @$ifaces, $zonebridge; + push @$ifaces, $zone_notag_uplink; + push @$ifaces, $zone_notag_uplinkpeer; + + if (!$vlan_aware) { + my $svlan_iface = "sv_$zone"; push @$ifaces, $svlan_iface; - push @$ifaces, $cvlan_iface; } foreach my $iface (@{$ifaces}) { @@ -218,8 +217,7 @@ sub vnet_update_hook { my $vnet = $vnet_cfg->{ids}->{$vnetid}; my $tag = $vnet->{tag}; - raise_param_exc({ tag => "missing vlan tag"}) if !defined($vnet->{tag}); - raise_param_exc({ tag => "vlan tag max value is 4096"}) if $vnet->{tag} > 4096; + raise_param_exc({ tag => "vlan tag max value is 4096"}) if $tag && $tag > 4096; # verify that tag is not already defined in another vnet on same zone foreach my $id (keys %{$vnet_cfg->{ids}}) { @@ -228,6 +226,7 @@ sub vnet_update_hook { my $other_tag = $othervnet->{tag}; next if $vnet->{zone} ne $othervnet->{zone}; raise_param_exc({ tag => "tag $tag already exist in vnet $id"}) if $other_tag && $tag eq $other_tag; + raise_param_exc({ tag => "vnet $id without tag already exist in this zone"}) if !$other_tag && !$tag; } } diff --git a/test/zones/qinq/bridge/expected_sdn_interfaces b/test/zones/qinq/bridge/expected_sdn_interfaces index 91ef667..58a0e23 100644 --- a/test/zones/qinq/bridge/expected_sdn_interfaces +++ b/test/zones/qinq/bridge/expected_sdn_interfaces @@ -1,38 +1,43 @@ #version:1 -auto cv_myvnet -iface cv_myvnet - vlan-raw-device sv_myzone - vlan-id 100 +auto ln_myzone +iface ln_myzone + link-type veth + veth-peer-name pr_myzone -auto cv_myvnet2 -iface cv_myvnet2 - vlan-raw-device sv_myzone - vlan-id 101 - -auto cv_myvnet3 -iface cv_myvnet3 - vlan-raw-device sv_myzone2 - vlan-id 100 +auto ln_myzone2 +iface ln_myzone2 + link-type veth + veth-peer-name pr_myzone2 auto myvnet iface myvnet - bridge_ports cv_myvnet + bridge_ports z_myzone.100 bridge_stp off bridge_fd 0 auto myvnet2 iface myvnet2 - bridge_ports cv_myvnet2 + bridge_ports z_myzone.101 bridge_stp off bridge_fd 0 auto myvnet3 iface myvnet3 - bridge_ports cv_myvnet3 + bridge_ports z_myzone2.100 bridge_stp off bridge_fd 0 +auto pr_myzone +iface pr_myzone + link-type veth + veth-peer-name ln_myzone + +auto pr_myzone2 +iface pr_myzone2 + link-type veth + veth-peer-name ln_myzone2 + auto sv_myzone iface sv_myzone vlan-raw-device eth0 @@ -42,3 +47,19 @@ auto sv_myzone2 iface sv_myzone2 vlan-raw-device eth0 vlan-id 20 + +auto z_myzone +iface z_myzone + bridge-stp off + bridge-ports sv_myzone ln_myzone + bridge-fd 0 + bridge-vlan-aware yes + bridge-vids 2-4094 + +auto z_myzone2 +iface z_myzone2 + bridge-stp off + bridge-ports sv_myzone2 ln_myzone2 + bridge-fd 0 + bridge-vlan-aware yes + bridge-vids 2-4094 diff --git a/test/zones/qinq/bridge_notagvnet/expected_sdn_interfaces b/test/zones/qinq/bridge_notagvnet/expected_sdn_interfaces new file mode 100644 index 0000000..cfa43a2 --- /dev/null +++ b/test/zones/qinq/bridge_notagvnet/expected_sdn_interfaces @@ -0,0 +1,36 @@ +#version:1 + +auto ln_myzone +iface ln_myzone + link-type veth + veth-peer-name pr_myzone + +auto myvnet +iface myvnet + bridge_ports z_myzone.100 + bridge_stp off + bridge_fd 0 + +auto myvnet2 +iface myvnet2 + bridge_ports pr_myzone + bridge_stp off + bridge_fd 0 + +auto pr_myzone +iface pr_myzone + link-type veth + veth-peer-name ln_myzone + +auto sv_myzone +iface sv_myzone + vlan-raw-device eth0 + vlan-id 10 + +auto z_myzone +iface z_myzone + bridge-stp off + bridge-ports sv_myzone ln_myzone + bridge-fd 0 + bridge-vlan-aware yes + bridge-vids 2-4094 diff --git a/test/zones/qinq/bridge_notagvnet/interfaces b/test/zones/qinq/bridge_notagvnet/interfaces new file mode 100644 index 0000000..68b6a88 --- /dev/null +++ b/test/zones/qinq/bridge_notagvnet/interfaces @@ -0,0 +1,5 @@ +auto vmbr0 +iface vmbr0 inet manual + bridge-ports eth0 + bridge-stp off + bridge-fd 0 diff --git a/test/zones/qinq/bridge_notagvnet/sdn_config b/test/zones/qinq/bridge_notagvnet/sdn_config new file mode 100644 index 0000000..1b1938a --- /dev/null +++ b/test/zones/qinq/bridge_notagvnet/sdn_config @@ -0,0 +1,14 @@ +{ + version => 1, + vnets => { + ids => { + myvnet => { tag => 100, type => "vnet", zone => "myzone" }, + myvnet2 => { type => "vnet", zone => "myzone" }, + }, + }, + zones => { + ids => { + myzone => { bridge => "vmbr0", tag => 10, ipam => "pve", type => "qinq" }, + }, + }, +} diff --git a/test/zones/qinq/bridge_vlanaware/expected_sdn_interfaces b/test/zones/qinq/bridge_vlanaware/expected_sdn_interfaces index 7eefce1..c325dec 100644 --- a/test/zones/qinq/bridge_vlanaware/expected_sdn_interfaces +++ b/test/zones/qinq/bridge_vlanaware/expected_sdn_interfaces @@ -1,5 +1,15 @@ #version:1 +auto ln_myzone +iface ln_myzone + link-type veth + veth-peer-name pr_myzone + +auto ln_myzone2 +iface ln_myzone2 + link-type veth + veth-peer-name pr_myzone2 + auto myvnet iface myvnet bridge_ports z_myzone.100 @@ -18,10 +28,20 @@ iface myvnet3 bridge_stp off bridge_fd 0 +auto pr_myzone +iface pr_myzone + link-type veth + veth-peer-name ln_myzone + +auto pr_myzone2 +iface pr_myzone2 + link-type veth + veth-peer-name ln_myzone2 + auto z_myzone iface z_myzone bridge-stp off - bridge-ports vmbr0.10 + bridge-ports vmbr0.10 ln_myzone bridge-fd 0 bridge-vlan-aware yes bridge-vids 2-4094 @@ -29,7 +49,7 @@ iface z_myzone auto z_myzone2 iface z_myzone2 bridge-stp off - bridge-ports vmbr0.20 + bridge-ports vmbr0.20 ln_myzone2 bridge-fd 0 bridge-vlan-aware yes bridge-vids 2-4094 diff --git a/test/zones/qinq/bridge_vlanaware_notagvnet/expected_sdn_interfaces b/test/zones/qinq/bridge_vlanaware_notagvnet/expected_sdn_interfaces new file mode 100644 index 0000000..cd87a3a --- /dev/null +++ b/test/zones/qinq/bridge_vlanaware_notagvnet/expected_sdn_interfaces @@ -0,0 +1,27 @@ +#version:1 + +auto ln_myzone +iface ln_myzone + link-type veth + veth-peer-name pr_myzone + +auto myvnet +iface myvnet + bridge_ports pr_myzone + bridge_stp off + bridge_fd 0 + bridge-vlan-aware yes + bridge-vids 2-4094 + +auto pr_myzone +iface pr_myzone + link-type veth + veth-peer-name ln_myzone + +auto z_myzone +iface z_myzone + bridge-stp off + bridge-ports vmbr0.10 ln_myzone + bridge-fd 0 + bridge-vlan-aware yes + bridge-vids 2-4094 diff --git a/test/zones/qinq/bridge_vlanaware_notagvnet/interfaces b/test/zones/qinq/bridge_vlanaware_notagvnet/interfaces new file mode 100644 index 0000000..cfdfafe --- /dev/null +++ b/test/zones/qinq/bridge_vlanaware_notagvnet/interfaces @@ -0,0 +1,7 @@ +auto vmbr0 +iface vmbr0 inet manual + bridge-ports eth0 + bridge-stp off + bridge-fd 0 + bridge-vids 2-4094 + bridge-vlan-aware 1 diff --git a/test/zones/qinq/bridge_vlanaware_notagvnet/sdn_config b/test/zones/qinq/bridge_vlanaware_notagvnet/sdn_config new file mode 100644 index 0000000..2382f4d --- /dev/null +++ b/test/zones/qinq/bridge_vlanaware_notagvnet/sdn_config @@ -0,0 +1,11 @@ +{ + version => 1, + vnets => { + ids => { + myvnet => { type => "vnet", vlanaware => "1", zone => "myzone" }, + }, + }, + zones => { + ids => { myzone => { bridge => "vmbr0", tag => 10, ipam => "pve", type => "qinq" } }, + }, +} diff --git a/test/zones/qinq/bridge_vlanaware_vlanawarevnet/expected_sdn_interfaces b/test/zones/qinq/bridge_vlanaware_vlanawarevnet/expected_sdn_interfaces index 373eff2..28d215b 100644 --- a/test/zones/qinq/bridge_vlanaware_vlanawarevnet/expected_sdn_interfaces +++ b/test/zones/qinq/bridge_vlanaware_vlanawarevnet/expected_sdn_interfaces @@ -1,5 +1,10 @@ #version:1 +auto ln_myzone +iface ln_myzone + link-type veth + veth-peer-name pr_myzone + auto myvnet iface myvnet bridge_ports z_myzone.100 @@ -8,10 +13,15 @@ iface myvnet bridge-vlan-aware yes bridge-vids 2-4094 +auto pr_myzone +iface pr_myzone + link-type veth + veth-peer-name ln_myzone + auto z_myzone iface z_myzone bridge-stp off - bridge-ports vmbr0.10 + bridge-ports vmbr0.10 ln_myzone bridge-fd 0 bridge-vlan-aware yes bridge-vids 2-4094 diff --git a/test/zones/qinq/bridge_vlanaware_vlanprotocol/expected_sdn_interfaces b/test/zones/qinq/bridge_vlanaware_vlanprotocol/expected_sdn_interfaces index 6bf2b12..0bc301b 100644 --- a/test/zones/qinq/bridge_vlanaware_vlanprotocol/expected_sdn_interfaces +++ b/test/zones/qinq/bridge_vlanaware_vlanprotocol/expected_sdn_interfaces @@ -1,11 +1,21 @@ #version:1 +auto ln_myzone +iface ln_myzone + link-type veth + veth-peer-name pr_myzone + auto myvnet iface myvnet bridge_ports z_myzone.100 bridge_stp off bridge_fd 0 +auto pr_myzone +iface pr_myzone + link-type veth + veth-peer-name ln_myzone + auto vmbr0 iface vmbr0 bridge-vlan-protocol 802.1ad @@ -13,7 +23,7 @@ iface vmbr0 auto z_myzone iface z_myzone bridge-stp off - bridge-ports vmbr0.10 + bridge-ports vmbr0.10 ln_myzone bridge-fd 0 bridge-vlan-aware yes bridge-vids 2-4094 diff --git a/test/zones/qinq/bridge_vlanawarevnet/expected_sdn_interfaces b/test/zones/qinq/bridge_vlanawarevnet/expected_sdn_interfaces index 59265fd..bde23d9 100644 --- a/test/zones/qinq/bridge_vlanawarevnet/expected_sdn_interfaces +++ b/test/zones/qinq/bridge_vlanawarevnet/expected_sdn_interfaces @@ -1,19 +1,32 @@ #version:1 -auto cv_myvnet -iface cv_myvnet - vlan-raw-device sv_myzone - vlan-id 100 +auto ln_myzone +iface ln_myzone + link-type veth + veth-peer-name pr_myzone auto myvnet iface myvnet - bridge_ports cv_myvnet + bridge_ports z_myzone.100 bridge_stp off bridge_fd 0 bridge-vlan-aware yes bridge-vids 2-4094 +auto pr_myzone +iface pr_myzone + link-type veth + veth-peer-name ln_myzone + auto sv_myzone iface sv_myzone vlan-raw-device eth0 vlan-id 10 + +auto z_myzone +iface z_myzone + bridge-stp off + bridge-ports sv_myzone ln_myzone + bridge-fd 0 + bridge-vlan-aware yes + bridge-vids 2-4094 diff --git a/test/zones/qinq/bridge_vlanprotocol/expected_sdn_interfaces b/test/zones/qinq/bridge_vlanprotocol/expected_sdn_interfaces index 528ceaa..6b59164 100644 --- a/test/zones/qinq/bridge_vlanprotocol/expected_sdn_interfaces +++ b/test/zones/qinq/bridge_vlanprotocol/expected_sdn_interfaces @@ -1,18 +1,31 @@ #version:1 -auto cv_myvnet -iface cv_myvnet - vlan-raw-device sv_myzone - vlan-id 100 +auto ln_myzone +iface ln_myzone + link-type veth + veth-peer-name pr_myzone auto myvnet iface myvnet - bridge_ports cv_myvnet + bridge_ports z_myzone.100 bridge_stp off bridge_fd 0 +auto pr_myzone +iface pr_myzone + link-type veth + veth-peer-name ln_myzone + auto sv_myzone iface sv_myzone vlan-raw-device eth0 vlan-id 10 vlan-protocol 802.1ad + +auto z_myzone +iface z_myzone + bridge-stp off + bridge-ports sv_myzone ln_myzone + bridge-fd 0 + bridge-vlan-aware yes + bridge-vids 2-4094 diff --git a/test/zones/qinq/ovs/expected_sdn_interfaces b/test/zones/qinq/ovs/expected_sdn_interfaces index 068ae7d..d25b2a8 100644 --- a/test/zones/qinq/ovs/expected_sdn_interfaces +++ b/test/zones/qinq/ovs/expected_sdn_interfaces @@ -1,5 +1,15 @@ #version:1 +auto ln_myzone +iface ln_myzone + link-type veth + veth-peer-name pr_myzone + +auto ln_myzone2 +iface ln_myzone2 + link-type veth + veth-peer-name pr_myzone2 + auto myvnet iface myvnet bridge_ports z_myzone.100 @@ -18,6 +28,16 @@ iface myvnet3 bridge_stp off bridge_fd 0 +auto pr_myzone +iface pr_myzone + link-type veth + veth-peer-name ln_myzone + +auto pr_myzone2 +iface pr_myzone2 + link-type veth + veth-peer-name ln_myzone2 + auto sv_myzone iface sv_myzone ovs_type OVSIntPort @@ -37,7 +57,7 @@ iface vmbr0 auto z_myzone iface z_myzone bridge-stp off - bridge-ports sv_myzone + bridge-ports sv_myzone ln_myzone bridge-fd 0 bridge-vlan-aware yes bridge-vids 2-4094 @@ -45,7 +65,7 @@ iface z_myzone auto z_myzone2 iface z_myzone2 bridge-stp off - bridge-ports sv_myzone2 + bridge-ports sv_myzone2 ln_myzone2 bridge-fd 0 bridge-vlan-aware yes bridge-vids 2-4094 diff --git a/test/zones/qinq/ovs_notagvnet/expected_sdn_interfaces b/test/zones/qinq/ovs_notagvnet/expected_sdn_interfaces new file mode 100644 index 0000000..5f47b28 --- /dev/null +++ b/test/zones/qinq/ovs_notagvnet/expected_sdn_interfaces @@ -0,0 +1,37 @@ +#version:1 + +auto ln_myzone +iface ln_myzone + link-type veth + veth-peer-name pr_myzone + +auto myvnet +iface myvnet + bridge_ports pr_myzone + bridge_stp off + bridge_fd 0 + bridge-vlan-aware yes + bridge-vids 2-4094 + +auto pr_myzone +iface pr_myzone + link-type veth + veth-peer-name ln_myzone + +auto sv_myzone +iface sv_myzone + ovs_type OVSIntPort + ovs_bridge vmbr0 + ovs_options vlan_mode=dot1q-tunnel tag=10 other_config:qinq-ethtype=802.1q + +auto vmbr0 +iface vmbr0 + ovs_ports sv_myzone + +auto z_myzone +iface z_myzone + bridge-stp off + bridge-ports sv_myzone ln_myzone + bridge-fd 0 + bridge-vlan-aware yes + bridge-vids 2-4094 diff --git a/test/zones/qinq/ovs_notagvnet/interfaces b/test/zones/qinq/ovs_notagvnet/interfaces new file mode 100644 index 0000000..14d2f1e --- /dev/null +++ b/test/zones/qinq/ovs_notagvnet/interfaces @@ -0,0 +1,9 @@ +auto eth0 +iface eth0 inet manual + ovs_type OVSPort + ovs_bridge vmbr0 + +auto vmbr0 +iface vmbr0 inet manual + ovs_type OVSBridge + ovs_ports eth0 diff --git a/test/zones/qinq/ovs_notagvnet/sdn_config b/test/zones/qinq/ovs_notagvnet/sdn_config new file mode 100644 index 0000000..2382f4d --- /dev/null +++ b/test/zones/qinq/ovs_notagvnet/sdn_config @@ -0,0 +1,11 @@ +{ + version => 1, + vnets => { + ids => { + myvnet => { type => "vnet", vlanaware => "1", zone => "myzone" }, + }, + }, + zones => { + ids => { myzone => { bridge => "vmbr0", tag => 10, ipam => "pve", type => "qinq" } }, + }, +} diff --git a/test/zones/qinq/ovs_vlanawarevnet/expected_sdn_interfaces b/test/zones/qinq/ovs_vlanawarevnet/expected_sdn_interfaces index cf87ad1..d69d38c 100644 --- a/test/zones/qinq/ovs_vlanawarevnet/expected_sdn_interfaces +++ b/test/zones/qinq/ovs_vlanawarevnet/expected_sdn_interfaces @@ -1,5 +1,10 @@ #version:1 +auto ln_myzone +iface ln_myzone + link-type veth + veth-peer-name pr_myzone + auto myvnet iface myvnet bridge_ports z_myzone.100 @@ -8,6 +13,11 @@ iface myvnet bridge-vlan-aware yes bridge-vids 2-4094 +auto pr_myzone +iface pr_myzone + link-type veth + veth-peer-name ln_myzone + auto sv_myzone iface sv_myzone ovs_type OVSIntPort @@ -21,7 +31,7 @@ iface vmbr0 auto z_myzone iface z_myzone bridge-stp off - bridge-ports sv_myzone + bridge-ports sv_myzone ln_myzone bridge-fd 0 bridge-vlan-aware yes bridge-vids 2-4094 diff --git a/test/zones/qinq/ovs_vlanprotocol/expected_sdn_interfaces b/test/zones/qinq/ovs_vlanprotocol/expected_sdn_interfaces index 10b59f8..aeefec9 100644 --- a/test/zones/qinq/ovs_vlanprotocol/expected_sdn_interfaces +++ b/test/zones/qinq/ovs_vlanprotocol/expected_sdn_interfaces @@ -1,11 +1,21 @@ #version:1 +auto ln_myzone +iface ln_myzone + link-type veth + veth-peer-name pr_myzone + auto myvnet iface myvnet bridge_ports z_myzone.100 bridge_stp off bridge_fd 0 +auto pr_myzone +iface pr_myzone + link-type veth + veth-peer-name ln_myzone + auto sv_myzone iface sv_myzone ovs_type OVSIntPort @@ -19,7 +29,7 @@ iface vmbr0 auto z_myzone iface z_myzone bridge-stp off - bridge-ports sv_myzone + bridge-ports sv_myzone ln_myzone bridge-fd 0 bridge-vlan-aware yes bridge-vids 2-4094 -- 2.20.1