[pve-devel] [PATCH pve-network 0/4] add disable bridge learning feature

[pve-devel] [PATCH pve-network 0/4] add disable bridge learning feature

[Alexandre Derumier]

following pve-common 
https://lists.proxmox.com/pipermail/pve-devel/2021-September/050090.html

Alexandre Derumier (4):
  vnets: fix get_vnet
  zones : tap_plug: add support for disable bridge learning
  zones: add add_bridge_fdb
  zones: add del_bridge_fdb

 PVE/Network/SDN/Vnets.pm            |  8 ++++----
 PVE/Network/SDN/Zones.pm            | 32 ++++++++++++++++++++++++++++-
 PVE/Network/SDN/Zones/Plugin.pm     |  2 +-
 PVE/Network/SDN/Zones/QinQPlugin.pm |  1 +
 PVE/Network/SDN/Zones/VlanPlugin.pm |  5 +++++
 5 files changed, 42 insertions(+), 6 deletions(-)

-- 
2.30.2

[pve-devel] [PATCH pve-network 1/4] vnets: fix get_vnet

[Alexandre Derumier]

Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
---
 PVE/Network/SDN/Vnets.pm | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/PVE/Network/SDN/Vnets.pm b/PVE/Network/SDN/Vnets.pm
index 86967a3..f6d7ab0 100644
--- a/PVE/Network/SDN/Vnets.pm
+++ b/PVE/Network/SDN/Vnets.pm
@@ -54,15 +54,15 @@ sub get_vnet {
 
     return if !$vnetid;
 
-    my $cfg = {};
+    my $scfg = {};
     if($running) {
 	my $cfg = PVE::Network::SDN::running_config();
-	$cfg = $cfg->{vnets};
+	$scfg = $cfg->{vnets};
     } else {
-	$cfg = PVE::Network::SDN::Vnets::config();
+	$scfg = PVE::Network::SDN::Vnets::config();
     }
 
-    my $vnet = PVE::Network::SDN::Vnets::sdn_vnets_config($cfg, $vnetid, 1);
+    my $vnet = PVE::Network::SDN::Vnets::sdn_vnets_config($scfg, $vnetid, 1);
 
     return $vnet;
 }
-- 
2.30.2

[pve-devel] [PATCH pve-network 2/4] zones : tap_plug: add support for disable bridge learning

[Alexandre Derumier]

Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
---
 PVE/Network/SDN/Zones.pm            | 4 +++-
 PVE/Network/SDN/Zones/Plugin.pm     | 2 +-
 PVE/Network/SDN/Zones/QinQPlugin.pm | 1 +
 PVE/Network/SDN/Zones/VlanPlugin.pm | 5 +++++
 4 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/PVE/Network/SDN/Zones.pm b/PVE/Network/SDN/Zones.pm
index a4d81e3..c59a724 100644
--- a/PVE/Network/SDN/Zones.pm
+++ b/PVE/Network/SDN/Zones.pm
@@ -307,7 +307,9 @@ sub tap_plug {
 
     my $vnet = PVE::Network::SDN::Vnets::get_vnet($bridge, 1);
     if (!$vnet) { # fallback for classic bridge
-	PVE::Network::tap_plug($iface, $bridge, $tag, $firewall, $trunks, $rate);
+	my $interfaces_config = PVE::INotify::read_file('interfaces');
+	my $disablelearning = 1 if $interfaces_config->{ifaces}->{$bridge} && $interfaces_config->{ifaces}->{$bridge}->{'bridge-disable-mac-learning'};
+	PVE::Network::tap_plug($iface, $bridge, $tag, $firewall, $trunks, $rate, $disablelearning);
 	return;
     }
 
diff --git a/PVE/Network/SDN/Zones/Plugin.pm b/PVE/Network/SDN/Zones/Plugin.pm
index ed14a50..1f5b5c2 100644
--- a/PVE/Network/SDN/Zones/Plugin.pm
+++ b/PVE/Network/SDN/Zones/Plugin.pm
@@ -227,7 +227,7 @@ sub tap_plug {
     my $vlan_aware = PVE::Tools::file_read_firstline("/sys/class/net/$vnetid/bridge/vlan_filtering");
     die "vm vlans are not allowed on vnet $vnetid" if !$vlan_aware && ($tag || $trunks);
 
-    PVE::Network::tap_plug($iface, $vnetid, $tag, $firewall, $trunks, $rate);
+    PVE::Network::tap_plug($iface, $vnetid, $tag, $firewall, $trunks, $rate, $plugin_config->{'bridge-disable-mac-learning'});
 }
 
 #helper
diff --git a/PVE/Network/SDN/Zones/QinQPlugin.pm b/PVE/Network/SDN/Zones/QinQPlugin.pm
index 7b75476..f4d12bc 100644
--- a/PVE/Network/SDN/Zones/QinQPlugin.pm
+++ b/PVE/Network/SDN/Zones/QinQPlugin.pm
@@ -39,6 +39,7 @@ sub options {
 	nodes => { optional => 1},
 	'tag' => { optional => 0 },
 	'bridge' => { optional => 0 },
+        'bridge-disable-mac-learning' => { optional => 1 },
 	'mtu' => { optional => 1 },
 	'vlan-protocol' => { optional => 1 },
 	dns => { optional => 1 },
diff --git a/PVE/Network/SDN/Zones/VlanPlugin.pm b/PVE/Network/SDN/Zones/VlanPlugin.pm
index fbfbdcc..0bb6b8a 100644
--- a/PVE/Network/SDN/Zones/VlanPlugin.pm
+++ b/PVE/Network/SDN/Zones/VlanPlugin.pm
@@ -25,6 +25,10 @@ sub properties {
 	'bridge' => {
 	    type => 'string',
 	},
+	'bridge-disable-mac-learning' => {
+	    type => 'boolean',
+            description => "Disable auto mac learning.",
+	}
     };
 }
 
@@ -33,6 +37,7 @@ sub options {
     return {
 	nodes => { optional => 1},
 	'bridge' => { optional => 0 },
+	'bridge-disable-mac-learning' => { optional => 1 },
 	mtu => { optional => 1 },
 	dns => { optional => 1 },
 	reversedns => { optional => 1 },
-- 
2.30.2

[pve-devel] [PATCH pve-network 3/4] zones: add add_bridge_fdb

[Alexandre Derumier]

Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
---
 PVE/Network/SDN/Zones.pm | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/PVE/Network/SDN/Zones.pm b/PVE/Network/SDN/Zones.pm
index c59a724..011446f 100644
--- a/PVE/Network/SDN/Zones.pm
+++ b/PVE/Network/SDN/Zones.pm
@@ -323,5 +323,19 @@ sub tap_plug {
     $plugin->tap_plug($plugin_config, $vnet, $tag, $iface, $bridge, $firewall, $trunks, $rate);
 }
 
+sub add_bridge_fdb {
+    my ($iface, $macaddr, $bridge, $firewall) = @_;
+
+    my $vnet = PVE::Network::SDN::Vnets::get_vnet($bridge, 1);
+    if (!$vnet) { # fallback for classic bridge
+	PVE::Network::add_bridge_fdb($iface, $macaddr, $firewall);
+	return;
+    }
+
+    my $plugin_config = get_plugin_config($vnet);
+    my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($plugin_config->{type});
+    PVE::Network::add_bridge_fdb($iface, $macaddr, $firewall) if $plugin_config->{'bridge-disable-mac-learning'};
+}
+
 1;
 
-- 
2.30.2

[pve-devel] [PATCH pve-network 4/4] zones: add del_bridge_fdb

[Alexandre Derumier]

Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
---
 PVE/Network/SDN/Zones.pm | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/PVE/Network/SDN/Zones.pm b/PVE/Network/SDN/Zones.pm
index 011446f..39988b6 100644
--- a/PVE/Network/SDN/Zones.pm
+++ b/PVE/Network/SDN/Zones.pm
@@ -337,5 +337,19 @@ sub add_bridge_fdb {
     PVE::Network::add_bridge_fdb($iface, $macaddr, $firewall) if $plugin_config->{'bridge-disable-mac-learning'};
 }
 
+sub del_bridge_fdb {
+    my ($iface, $macaddr, $bridge, $firewall) = @_;
+
+    my $vnet = PVE::Network::SDN::Vnets::get_vnet($bridge, 1);
+    if (!$vnet) { # fallback for classic bridge
+	PVE::Network::del_bridge_fdb($iface, $macaddr, $firewall);
+	return;
+    }
+
+    my $plugin_config = get_plugin_config($vnet);
+    my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($plugin_config->{type});
+    PVE::Network::del_bridge_fdb($iface, $macaddr, $firewall) if $plugin_config->{'bridge-disable-mac-learning'};
+}
+
 1;
 
-- 
2.30.2

[pve-devel] applied-series: [PATCH pve-network 0/4] add disable bridge learning feature

[Thomas Lamprecht]

On 24.09.21 10:50, Alexandre Derumier wrote:
> following pve-common 
> https://lists.proxmox.com/pipermail/pve-devel/2021-September/050090.html
> 
> Alexandre Derumier (4):
>   vnets: fix get_vnet
>   zones : tap_plug: add support for disable bridge learning
>   zones: add add_bridge_fdb
>   zones: add del_bridge_fdb
> 
>  PVE/Network/SDN/Vnets.pm            |  8 ++++----
>  PVE/Network/SDN/Zones.pm            | 32 ++++++++++++++++++++++++++++-
>  PVE/Network/SDN/Zones/Plugin.pm     |  2 +-
>  PVE/Network/SDN/Zones/QinQPlugin.pm |  1 +
>  PVE/Network/SDN/Zones/VlanPlugin.pm |  5 +++++
>  5 files changed, 42 insertions(+), 6 deletions(-)
> 

applied series, thanks!

It's to long ago (sorry) but the related container/qemu-server patches require
a pve-common change that's not yet applied or?