From: Alexandre Derumier <aderumier@odiso.com>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] [PATCH pve-manager] disable systemd link macpolicy
Date: Sun, 17 Sep 2023 15:44:44 +0200 [thread overview]
Message-ID: <20230917134444.3998037-1-aderumier@odiso.com> (raw)
since debian11, systemd is changing behaviour of macadress
of bridge, but also bond, where the mac is generated randomly
instead inherit from the first slave.
We already fix that with ifupdown2, but they are still another problem:
If a bridge don't have any slaves, systemd is keeping bridge offline.
https://www.justinsteven.com/posts/2023/03/26/virtualbox-bridge-ports-none-no-carrier-debian-11/
That mean that a dhcp daemon like kea can't bind on a standalone bridge (used for s-nat for example), until a
tap interface is started.
This patch disable systemd mac policy (this don't break already fixed ifupdown2 mac),
funny but centos && fedora also disable it
https://fedoraproject.org/wiki/Changes/MAC_Address_Policy_none
https://gitlab.com/redhat/centos-stream/rpms/systemd/-/blob/c8953519504bf2e694bfbc2b02a456c1056f252e/0028-udev-net-setup-link-change-the-default-MACAddressPol.patch#L43
before this patch
------------------
~ ip a sh dev vmbr1
vmbr1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 10
after this patch
----------------
~ ip a sh dev vmbr1
vmbr1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
---
configs/Makefile | 2 +-
configs/link-macpolicy.conf | 6 ++++++
2 files changed, 7 insertions(+), 1 deletion(-)
create mode 100644 configs/link-macpolicy.conf
diff --git a/configs/Makefile b/configs/Makefile
index fd446b5b..8ed3a581 100644
--- a/configs/Makefile
+++ b/configs/Makefile
@@ -13,6 +13,6 @@ install: country.dat vzdump.conf pve-sources.list pve-initramfs.conf pve-blackli
install -D -m 0644 vzdump.conf $(DESTDIR)/etc/vzdump.conf
install -D -m 0644 pve-initramfs.conf $(DESTDIR)/etc/initramfs-tools/conf.d/pve-initramfs.conf
install -D -m 0644 country.dat $(DESTDIR)/usr/share/$(PACKAGE)/country.dat
-
+ install -D -m 0644 link-macpolicy.conf $(DESTDIR)/etc/systemd/network/99-default.link.d/link-macpolicy.conf
clean:
rm -f country.dat
diff --git a/configs/link-macpolicy.conf b/configs/link-macpolicy.conf
new file mode 100644
index 00000000..47ebc927
--- /dev/null
+++ b/configs/link-macpolicy.conf
@@ -0,0 +1,6 @@
+[Match]
+OriginalName=*
+
+[Link]
+MACAddressPolicy=none
+
--
2.39.2
next reply other threads:[~2023-09-17 13:44 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-09-17 13:44 Alexandre Derumier [this message]
2023-11-15 10:36 ` [pve-devel] applied: " Thomas Lamprecht
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230917134444.3998037-1-aderumier@odiso.com \
--to=aderumier@odiso.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox