From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 4E2D5A263 for ; Tue, 27 Jun 2023 12:56:58 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 2F45834A3A for ; Tue, 27 Jun 2023 12:56:58 +0200 (CEST) Received: from bastionodiso.odiso.net (bastionodiso.odiso.net [185.151.191.93]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS for ; Tue, 27 Jun 2023 12:56:56 +0200 (CEST) Received: from kvmformation3.odiso.net (formationkvm3.odiso.net [10.3.94.12]) by bastionodiso.odiso.net (Postfix) with ESMTP id 048817F8B; Tue, 27 Jun 2023 12:56:56 +0200 (CEST) Received: by kvmformation3.odiso.net (Postfix, from userid 0) id E9EA4342ED9; Tue, 27 Jun 2023 12:56:55 +0200 (CEST) From: Alexandre Derumier To: pve-devel@lists.proxmox.com Date: Tue, 27 Jun 2023 12:56:51 +0200 Message-Id: <20230627105651.1927274-1-aderumier@odiso.com> X-Mailer: git-send-email 2.39.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL 0.035 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy HEADER_FROM_DIFFERENT_DOMAINS 0.249 From and EnvelopeFrom 2nd level mail domains are different KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment KAM_LAZY_DOMAIN_SECURITY 1 Sending domain does not have any anti-forgery methods SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_NONE 0.001 SPF: sender does not publish an SPF Record T_SCC_BODY_TEXT_LINE -0.01 - URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [nlpacket.py, proxmox.com, nlcache.py, dhcp.py, auto.py, iface.py, address.py] Subject: [pve-devel] [PATCH ifupdown2] patch: fix ipv6 slaac on bridge X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Jun 2023 10:56:58 -0000 reported on the forum https://forum.proxmox.com/threads/hi-i-stumble-upon-ipv6-slaac-issue-after-updating-to-pve8-0-3.129553 the sysctl accept_ra|autoconf was not applied on bridge interfaces Signed-off-by: Alexandre Derumier --- ...6-slaac-support-inet6-auto-accept_ra.patch | 45 +++++++++++++------ 1 file changed, 32 insertions(+), 13 deletions(-) diff --git a/debian/patches/upstream/0001-add-ipv6-slaac-support-inet6-auto-accept_ra.patch b/debian/patches/upstream/0001-add-ipv6-slaac-support-inet6-auto-accept_ra.patch index 1e7e126..9e1bb13 100644 --- a/debian/patches/upstream/0001-add-ipv6-slaac-support-inet6-auto-accept_ra.patch +++ b/debian/patches/upstream/0001-add-ipv6-slaac-support-inet6-auto-accept_ra.patch @@ -1,4 +1,4 @@ -From ac2462f9426fcfcecf3e9d9647c5bb128b44a111 Mon Sep 17 00:00:00 2001 +From 76721af329cab107e339fef5bc783dacb32132dc Mon Sep 17 00:00:00 2001 From: Alexandre Derumier Date: Tue, 9 May 2023 17:48:14 +0200 Subject: [PATCH] add ipv6 slaac support (inet6 auto && accept_ra) @@ -13,7 +13,7 @@ https://github.com/CumulusNetworks/ifupdown2/pull/259 Signed-off-by: Alexandre Derumier --- etc/network/ifupdown2/addons.conf | 2 + - ifupdown2/addons/address.py | 104 +++++++++++++-- + ifupdown2/addons/address.py | 109 +++++++++++++-- ifupdown2/addons/auto.py | 168 ++++++++++++++++++++++++ ifupdown2/addons/dhcp.py | 18 +-- ifupdown2/ifupdown/iface.py | 4 + @@ -21,7 +21,7 @@ Signed-off-by: Alexandre Derumier ifupdown2/lib/nlcache.py | 63 ++++++++- ifupdown2/man/interfaces.5.rst | 9 ++ ifupdown2/nlmanager/nlpacket.py | 24 +++- - 9 files changed, 368 insertions(+), 26 deletions(-) + 9 files changed, 373 insertions(+), 26 deletions(-) create mode 100644 ifupdown2/addons/auto.py diff --git a/etc/network/ifupdown2/addons.conf b/etc/network/ifupdown2/addons.conf @@ -45,7 +45,7 @@ index 726d63a..67de25f 100644 down,address down,usercmds diff --git a/ifupdown2/addons/address.py b/ifupdown2/addons/address.py -index e71a26f..11e4512 100644 +index e71a26f..473a089 100644 --- a/ifupdown2/addons/address.py +++ b/ifupdown2/addons/address.py @@ -188,6 +188,19 @@ class address(AddonWithIpBlackList, moduleBase): @@ -59,7 +59,7 @@ index e71a26f..11e4512 100644 + 'example': ['accept-ra 1'] + }, + 'autoconf': { -+ 'help': 'enable ipv6 slaac autoconfiguratoin', ++ 'help': 'enable ipv6 slaac autoconfiguration', + 'validvals': ['0', '1'], + 'default': '0', + 'example': ['autoconf 1'] @@ -133,10 +133,11 @@ index e71a26f..11e4512 100644 if netconf_ipv4_forwarding: self.sysctl_write_forwarding_value_to_proc(ifname, "ipv4", 0) if netconf_ipv6_forwarding: -@@ -979,6 +1014,41 @@ class address(AddonWithIpBlackList, moduleBase): - ifaceobj.status = ifaceStatus.ERROR - self.logger.error('%s: %s' %(ifaceobj.name, str(e))) +@@ -886,6 +921,43 @@ class address(AddonWithIpBlackList, moduleBase): + def sysctl_write_forwarding_value_to_proc(self, ifname, family, value): + self.write_file("/proc/sys/net/%s/conf/%s/forwarding" % (family, ifname), "%s\n" % value) ++ def _sysctl_slaac(self, ifaceobj): + addr_method = ifaceobj.addr_method + if addr_method not in ["auto"]: + @@ -171,11 +172,29 @@ index e71a26f..11e4512 100644 + if not setting_default_value: + ifaceobj.status = ifaceStatus.ERROR + self.logger.error('%s: %s' %(ifaceobj.name, str(e))) ++ ++ + def _sysctl_config(self, ifaceobj): + setting_default_value = False + mpls_enable = ifaceobj.get_attr_value_first('mpls-enable'); +@@ -912,6 +984,7 @@ class address(AddonWithIpBlackList, moduleBase): + + if (ifaceobj.link_kind & ifaceLinkKind.BRIDGE): + self._set_bridge_forwarding(ifaceobj) ++ self._sysctl_slaac(ifaceobj) + return + if not self.syntax_check_sysctls(ifaceobj): + return +@@ -979,6 +1052,8 @@ class address(AddonWithIpBlackList, moduleBase): + ifaceobj.status = ifaceStatus.ERROR + self.logger.error('%s: %s' %(ifaceobj.name, str(e))) + ++ self._sysctl_slaac(ifaceobj) + def process_mtu(self, ifaceobj, ifaceobj_getfunc): if ifaceobj.link_privflags & ifaceLinkPrivFlags.OPENVSWITCH: -@@ -1016,7 +1086,7 @@ class address(AddonWithIpBlackList, moduleBase): +@@ -1016,7 +1091,7 @@ class address(AddonWithIpBlackList, moduleBase): # no need to go further during perfmode (boot) return @@ -184,7 +203,7 @@ index e71a26f..11e4512 100644 return if not user_configured_ipv6_addrgen: -@@ -1213,7 +1283,7 @@ class address(AddonWithIpBlackList, moduleBase): +@@ -1213,7 +1288,7 @@ class address(AddonWithIpBlackList, moduleBase): if not self.cache.link_exists(ifaceobj.name): return addr_method = ifaceobj.addr_method @@ -193,7 +212,7 @@ index e71a26f..11e4512 100644 if ifaceobj.get_attr_value_first('address-purge')=='no': addrlist = ifaceobj.get_attr_value('address') for addr in addrlist or []: -@@ -1326,6 +1396,22 @@ class address(AddonWithIpBlackList, moduleBase): +@@ -1326,6 +1401,22 @@ class address(AddonWithIpBlackList, moduleBase): ifaceobjcurr.update_config_with_status('mpls-enable', running_mpls_enable, mpls_enable != running_mpls_enable) @@ -216,7 +235,7 @@ index e71a26f..11e4512 100644 return def query_check_ipv6_addrgen(self, ifaceobj, ifaceobjcurr): -@@ -1380,7 +1466,7 @@ class address(AddonWithIpBlackList, moduleBase): +@@ -1380,7 +1471,7 @@ class address(AddonWithIpBlackList, moduleBase): def _query_check_address(self, ifaceobj, ifaceobjcurr, ifaceobj_getfunc): """ ifquery-check: attribute: "address" """ @@ -622,5 +641,5 @@ index 8972c76..0090529 100644 # nlmanager doesn't support multiple kernel version -- -2.30.2 +2.39.2 -- 2.39.2