* [pve-devel] [PATCH pve-manager] disable systemd link macpolicy
@ 2023-09-17 13:44 Alexandre Derumier
2023-11-15 10:36 ` [pve-devel] applied: " Thomas Lamprecht
0 siblings, 1 reply; 2+ messages in thread
From: Alexandre Derumier @ 2023-09-17 13:44 UTC (permalink / raw)
To: pve-devel
since debian11, systemd is changing behaviour of macadress
of bridge, but also bond, where the mac is generated randomly
instead inherit from the first slave.
We already fix that with ifupdown2, but they are still another problem:
If a bridge don't have any slaves, systemd is keeping bridge offline.
https://www.justinsteven.com/posts/2023/03/26/virtualbox-bridge-ports-none-no-carrier-debian-11/
That mean that a dhcp daemon like kea can't bind on a standalone bridge (used for s-nat for example), until a
tap interface is started.
This patch disable systemd mac policy (this don't break already fixed ifupdown2 mac),
funny but centos && fedora also disable it
https://fedoraproject.org/wiki/Changes/MAC_Address_Policy_none
https://gitlab.com/redhat/centos-stream/rpms/systemd/-/blob/c8953519504bf2e694bfbc2b02a456c1056f252e/0028-udev-net-setup-link-change-the-default-MACAddressPol.patch#L43
before this patch
------------------
~ ip a sh dev vmbr1
vmbr1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 10
after this patch
----------------
~ ip a sh dev vmbr1
vmbr1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
---
configs/Makefile | 2 +-
configs/link-macpolicy.conf | 6 ++++++
2 files changed, 7 insertions(+), 1 deletion(-)
create mode 100644 configs/link-macpolicy.conf
diff --git a/configs/Makefile b/configs/Makefile
index fd446b5b..8ed3a581 100644
--- a/configs/Makefile
+++ b/configs/Makefile
@@ -13,6 +13,6 @@ install: country.dat vzdump.conf pve-sources.list pve-initramfs.conf pve-blackli
install -D -m 0644 vzdump.conf $(DESTDIR)/etc/vzdump.conf
install -D -m 0644 pve-initramfs.conf $(DESTDIR)/etc/initramfs-tools/conf.d/pve-initramfs.conf
install -D -m 0644 country.dat $(DESTDIR)/usr/share/$(PACKAGE)/country.dat
-
+ install -D -m 0644 link-macpolicy.conf $(DESTDIR)/etc/systemd/network/99-default.link.d/link-macpolicy.conf
clean:
rm -f country.dat
diff --git a/configs/link-macpolicy.conf b/configs/link-macpolicy.conf
new file mode 100644
index 00000000..47ebc927
--- /dev/null
+++ b/configs/link-macpolicy.conf
@@ -0,0 +1,6 @@
+[Match]
+OriginalName=*
+
+[Link]
+MACAddressPolicy=none
+
--
2.39.2
^ permalink raw reply [flat|nested] 2+ messages in thread
* [pve-devel] applied: [PATCH pve-manager] disable systemd link macpolicy
2023-09-17 13:44 [pve-devel] [PATCH pve-manager] disable systemd link macpolicy Alexandre Derumier
@ 2023-11-15 10:36 ` Thomas Lamprecht
0 siblings, 0 replies; 2+ messages in thread
From: Thomas Lamprecht @ 2023-11-15 10:36 UTC (permalink / raw)
To: Proxmox VE development discussion, Alexandre Derumier
Am 17/09/2023 um 15:44 schrieb Alexandre Derumier:
> since debian11, systemd is changing behaviour of macadress
> of bridge, but also bond, where the mac is generated randomly
> instead inherit from the first slave.
>
> We already fix that with ifupdown2, but they are still another problem:
>
> If a bridge don't have any slaves, systemd is keeping bridge offline.
>
> https://www.justinsteven.com/posts/2023/03/26/virtualbox-bridge-ports-none-no-carrier-debian-11/
>
> That mean that a dhcp daemon like kea can't bind on a standalone bridge (used for s-nat for example), until a
> tap interface is started.
>
> This patch disable systemd mac policy (this don't break already fixed ifupdown2 mac),
>
> funny but centos && fedora also disable it
>
> https://fedoraproject.org/wiki/Changes/MAC_Address_Policy_none
>
> https://gitlab.com/redhat/centos-stream/rpms/systemd/-/blob/c8953519504bf2e694bfbc2b02a456c1056f252e/0028-udev-net-setup-link-change-the-default-MACAddressPol.patch#L43
>
> before this patch
> ------------------
> ~ ip a sh dev vmbr1
> vmbr1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 10
>
> after this patch
> ----------------
> ~ ip a sh dev vmbr1
> vmbr1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
> ---
> configs/Makefile | 2 +-
> configs/link-macpolicy.conf | 6 ++++++
> 2 files changed, 7 insertions(+), 1 deletion(-)
> create mode 100644 configs/link-macpolicy.conf
>
>
applied, thanks!
But i now install the config as `/usr/lib/systemd/network/98-proxmox-ve-default.link`,
because the ones from /etc/ belong to the user, not the distro, and the having a .d
file can have some slightly odd/unexpected effects if the user overrides parts of
the (systemd) defaults.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2023-11-15 10:36 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-09-17 13:44 [pve-devel] [PATCH pve-manager] disable systemd link macpolicy Alexandre Derumier
2023-11-15 10:36 ` [pve-devel] applied: " Thomas Lamprecht
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox