* [pve-devel] [PATCH pve-network 0/3] add dhcp support for evpn
@ 2023-12-18 13:04 Alexandre Derumier
2023-12-18 13:04 ` [pve-devel] [PATCH pve-network 1/3] dhcp: add vrf support Alexandre Derumier
` (3 more replies)
0 siblings, 4 replies; 7+ messages in thread
From: Alexandre Derumier @ 2023-12-18 13:04 UTC (permalink / raw)
To: pve-devel
Hi,
This patch serie add dhcp support for evpn.
Dnsmasq need to run in specific vrf for each evpn zone.
Dnsmasq is currently buggy with ipv6 && vrf (no crash but it's not listening), and need to be patched with:
https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=a889c554a7df71ff93a8299ef96037fbe05f2f55
I have tested it, just applying this patch on current debian source is enough to get is working.
Alexandre Derumier (3):
dhcp: add vrf support
dnsmasq service: run service in vrf
zones: evpn: add dhcp support
src/PVE/Network/SDN/Dhcp.pm | 3 ++-
src/PVE/Network/SDN/Dhcp/Dnsmasq.pm | 3 ++-
src/PVE/Network/SDN/Zones.pm | 10 ++++++++++
src/PVE/Network/SDN/Zones/EvpnPlugin.pm | 7 +++++++
src/PVE/Network/SDN/Zones/Plugin.pm | 6 ++++++
src/services/01-dnsmasq-vrf.conf | 4 ++++
src/services/Makefile | 1 +
7 files changed, 32 insertions(+), 2 deletions(-)
create mode 100644 src/services/01-dnsmasq-vrf.conf
--
2.39.2
^ permalink raw reply [flat|nested] 7+ messages in thread
* [pve-devel] [PATCH pve-network 1/3] dhcp: add vrf support
2023-12-18 13:04 [pve-devel] [PATCH pve-network 0/3] add dhcp support for evpn Alexandre Derumier
@ 2023-12-18 13:04 ` Alexandre Derumier
2023-12-18 17:10 ` Stefan Hanreich
2023-12-18 13:04 ` [pve-devel] [PATCH pve-network 2/3] dnsmasq service: run service in vrf Alexandre Derumier
` (2 subsequent siblings)
3 siblings, 1 reply; 7+ messages in thread
From: Alexandre Derumier @ 2023-12-18 13:04 UTC (permalink / raw)
To: pve-devel
launch dnsmasq in a vrf context with "ip vrf exec <vrfname> dnsmasq.."
use "default" vrf if plugin don't return a specific vrf
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
---
src/PVE/Network/SDN/Dhcp.pm | 3 ++-
src/PVE/Network/SDN/Dhcp/Dnsmasq.pm | 3 ++-
src/PVE/Network/SDN/Zones.pm | 10 ++++++++++
src/PVE/Network/SDN/Zones/EvpnPlugin.pm | 6 ++++++
src/PVE/Network/SDN/Zones/Plugin.pm | 6 ++++++
5 files changed, 26 insertions(+), 2 deletions(-)
diff --git a/src/PVE/Network/SDN/Dhcp.pm b/src/PVE/Network/SDN/Dhcp.pm
index 7876c08..7b5e31f 100644
--- a/src/PVE/Network/SDN/Dhcp.pm
+++ b/src/PVE/Network/SDN/Dhcp.pm
@@ -79,12 +79,13 @@ sub regenerate_config {
my $zone = $zone_cfg->{ids}->{$zoneid};
next if !$zone->{dhcp};
+ my $vrf = PVE::Network::SDN::Zones::get_vrf($zoneid);
my $dhcp_plugin_name = $zone->{dhcp};
my $dhcp_plugin = PVE::Network::SDN::Dhcp::Plugin->lookup($dhcp_plugin_name);
die "Could not find DHCP plugin: $dhcp_plugin_name" if !$dhcp_plugin;
- eval { $dhcp_plugin->before_configure($zoneid) };
+ eval { $dhcp_plugin->before_configure($zoneid, $vrf) };
die "Could not run before_configure for DHCP server $zoneid $@\n" if $@;
for my $vnetid (sort keys %{$vnet_cfg->{ids}}) {
diff --git a/src/PVE/Network/SDN/Dhcp/Dnsmasq.pm b/src/PVE/Network/SDN/Dhcp/Dnsmasq.pm
index 2844943..755bc0b 100644
--- a/src/PVE/Network/SDN/Dhcp/Dnsmasq.pm
+++ b/src/PVE/Network/SDN/Dhcp/Dnsmasq.pm
@@ -164,7 +164,7 @@ sub configure_vnet {
}
sub before_configure {
- my ($class, $dhcpid) = @_;
+ my ($class, $dhcpid, $vrf) = @_;
my $dbus_config = <<DBUSCFG;
<!DOCTYPE busconfig PUBLIC
@@ -198,6 +198,7 @@ DBUSCFG
my $default_config = <<CFG;
CONFIG_DIR='$config_directory,\*.conf'
DNSMASQ_OPTS="--conf-file=/dev/null --enable-dbus=uk.org.thekelleys.dnsmasq.$dhcpid"
+VRF='$vrf'
CFG
PVE::Tools::file_set_contents(
diff --git a/src/PVE/Network/SDN/Zones.pm b/src/PVE/Network/SDN/Zones.pm
index 5bd3536..354cbe0 100644
--- a/src/PVE/Network/SDN/Zones.pm
+++ b/src/PVE/Network/SDN/Zones.pm
@@ -104,6 +104,16 @@ sub get_vnets {
return $vnets;
}
+sub get_vrf {
+ my ($zoneid) = @_;
+
+ my $zone_cfg = PVE::Network::SDN::Zones::config();
+ my $plugin_config = $zone_cfg->{ids}->{$zoneid};
+
+ my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($plugin_config->{type});
+ return $plugin->get_vrf($plugin_config, $zoneid);
+}
+
sub generate_etc_network_config {
my $cfg = PVE::Network::SDN::running_config();
diff --git a/src/PVE/Network/SDN/Zones/EvpnPlugin.pm b/src/PVE/Network/SDN/Zones/EvpnPlugin.pm
index 655a9f0..561d127 100644
--- a/src/PVE/Network/SDN/Zones/EvpnPlugin.pm
+++ b/src/PVE/Network/SDN/Zones/EvpnPlugin.pm
@@ -272,6 +272,12 @@ sub generate_sdn_config {
return $config;
}
+sub get_vrf {
+ my ($class, $plugin_config, $zoneid) = @_;
+
+ return "vrf_$zoneid";
+}
+
sub on_update_hook {
my ($class, $zoneid, $zone_cfg, $controller_cfg) = @_;
diff --git a/src/PVE/Network/SDN/Zones/Plugin.pm b/src/PVE/Network/SDN/Zones/Plugin.pm
index 69a6e5a..ee7bbb2 100644
--- a/src/PVE/Network/SDN/Zones/Plugin.pm
+++ b/src/PVE/Network/SDN/Zones/Plugin.pm
@@ -140,6 +140,12 @@ sub controller_reload {
die "please implement inside plugin";
}
+sub get_vrf {
+ my ($class, $plugin_config, $zoneid) = @_;
+
+ return 'default';
+}
+
sub on_delete_hook {
my ($class, $zoneid, $vnet_cfg) = @_;
--
2.39.2
^ permalink raw reply [flat|nested] 7+ messages in thread
* [pve-devel] [PATCH pve-network 2/3] dnsmasq service: run service in vrf
2023-12-18 13:04 [pve-devel] [PATCH pve-network 0/3] add dhcp support for evpn Alexandre Derumier
2023-12-18 13:04 ` [pve-devel] [PATCH pve-network 1/3] dhcp: add vrf support Alexandre Derumier
@ 2023-12-18 13:04 ` Alexandre Derumier
2023-12-18 13:04 ` [pve-devel] [PATCH pve-network 3/3] zones: evpn: add dhcp support Alexandre Derumier
2023-12-18 14:42 ` [pve-devel] [PATCH pve-network 0/3] add dhcp support for evpn Stefan Hanreich
3 siblings, 0 replies; 7+ messages in thread
From: Alexandre Derumier @ 2023-12-18 13:04 UTC (permalink / raw)
To: pve-devel
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
---
src/services/01-dnsmasq-vrf.conf | 4 ++++
src/services/Makefile | 1 +
2 files changed, 5 insertions(+)
create mode 100644 src/services/01-dnsmasq-vrf.conf
diff --git a/src/services/01-dnsmasq-vrf.conf b/src/services/01-dnsmasq-vrf.conf
new file mode 100644
index 0000000..1030df2
--- /dev/null
+++ b/src/services/01-dnsmasq-vrf.conf
@@ -0,0 +1,4 @@
+[Service]
+EnvironmentFile=/etc/default/dnsmasq.%i
+ExecStart=
+ExecStart=/bin/ip vrf exec ${VRF} /etc/init.d/dnsmasq systemd-exec "%i"
\ No newline at end of file
diff --git a/src/services/Makefile b/src/services/Makefile
index 818c106..7c45701 100644
--- a/src/services/Makefile
+++ b/src/services/Makefile
@@ -8,6 +8,7 @@ install:
install -d $(SERVICEDIR)
install -d $(SERVICEDIR)/dnsmasq@.service.d
install -t $(SERVICEDIR)/dnsmasq@.service.d -m 0644 00-dnsmasq-after-networking.conf
+ install -t $(SERVICEDIR)/dnsmasq@.service.d -m 0644 01-dnsmasq-vrf.conf
.PHONY: clean
clean:
--
2.39.2
^ permalink raw reply [flat|nested] 7+ messages in thread
* [pve-devel] [PATCH pve-network 3/3] zones: evpn: add dhcp support
2023-12-18 13:04 [pve-devel] [PATCH pve-network 0/3] add dhcp support for evpn Alexandre Derumier
2023-12-18 13:04 ` [pve-devel] [PATCH pve-network 1/3] dhcp: add vrf support Alexandre Derumier
2023-12-18 13:04 ` [pve-devel] [PATCH pve-network 2/3] dnsmasq service: run service in vrf Alexandre Derumier
@ 2023-12-18 13:04 ` Alexandre Derumier
2023-12-18 14:42 ` [pve-devel] [PATCH pve-network 0/3] add dhcp support for evpn Stefan Hanreich
3 siblings, 0 replies; 7+ messages in thread
From: Alexandre Derumier @ 2023-12-18 13:04 UTC (permalink / raw)
To: pve-devel
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
---
src/PVE/Network/SDN/Zones/EvpnPlugin.pm | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/PVE/Network/SDN/Zones/EvpnPlugin.pm b/src/PVE/Network/SDN/Zones/EvpnPlugin.pm
index 561d127..6c20b68 100644
--- a/src/PVE/Network/SDN/Zones/EvpnPlugin.pm
+++ b/src/PVE/Network/SDN/Zones/EvpnPlugin.pm
@@ -99,6 +99,7 @@ sub options {
reversedns => { optional => 1 },
dnszone => { optional => 1 },
ipam => { optional => 1 },
+ dhcp => { optional => 1 },
};
}
--
2.39.2
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [pve-devel] [PATCH pve-network 0/3] add dhcp support for evpn
2023-12-18 13:04 [pve-devel] [PATCH pve-network 0/3] add dhcp support for evpn Alexandre Derumier
` (2 preceding siblings ...)
2023-12-18 13:04 ` [pve-devel] [PATCH pve-network 3/3] zones: evpn: add dhcp support Alexandre Derumier
@ 2023-12-18 14:42 ` Stefan Hanreich
2023-12-18 17:05 ` Stefan Hanreich
3 siblings, 1 reply; 7+ messages in thread
From: Stefan Hanreich @ 2023-12-18 14:42 UTC (permalink / raw)
To: pve-devel
Looks good at first glance! I'll give it a test drive today. Are you
currently working on DHCP integration for other zones? Coincidentally, I
started working on VLAN/QinQ on friday. Just so we don't do duplicate work.
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [pve-devel] [PATCH pve-network 0/3] add dhcp support for evpn
2023-12-18 14:42 ` [pve-devel] [PATCH pve-network 0/3] add dhcp support for evpn Stefan Hanreich
@ 2023-12-18 17:05 ` Stefan Hanreich
0 siblings, 0 replies; 7+ messages in thread
From: Stefan Hanreich @ 2023-12-18 17:05 UTC (permalink / raw)
To: pve-devel
Looking good on second glance as well ;)
Worked flawlessly on my test cluster - consider this:
Tested-By: Stefan Hanreich <s.hanreich@proxmox.com>
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [pve-devel] [PATCH pve-network 1/3] dhcp: add vrf support
2023-12-18 13:04 ` [pve-devel] [PATCH pve-network 1/3] dhcp: add vrf support Alexandre Derumier
@ 2023-12-18 17:10 ` Stefan Hanreich
0 siblings, 0 replies; 7+ messages in thread
From: Stefan Hanreich @ 2023-12-18 17:10 UTC (permalink / raw)
To: pve-devel
On 12/18/23 14:04, Alexandre Derumier wrote:
> launch dnsmasq in a vrf context with "ip vrf exec <vrfname> dnsmasq.."
>
> use "default" vrf if plugin don't return a specific vrf
>
> Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
> ---
> src/PVE/Network/SDN/Dhcp.pm | 3 ++-
> src/PVE/Network/SDN/Dhcp/Dnsmasq.pm | 3 ++-
> src/PVE/Network/SDN/Zones.pm | 10 ++++++++++
> src/PVE/Network/SDN/Zones/EvpnPlugin.pm | 6 ++++++
> src/PVE/Network/SDN/Zones/Plugin.pm | 6 ++++++
> 5 files changed, 26 insertions(+), 2 deletions(-)
>
> diff --git a/src/PVE/Network/SDN/Dhcp.pm b/src/PVE/Network/SDN/Dhcp.pm
> index 7876c08..7b5e31f 100644
> --- a/src/PVE/Network/SDN/Dhcp.pm
> +++ b/src/PVE/Network/SDN/Dhcp.pm
> @@ -79,12 +79,13 @@ sub regenerate_config {
> my $zone = $zone_cfg->{ids}->{$zoneid};
> next if !$zone->{dhcp};
>
> + my $vrf = PVE::Network::SDN::Zones::get_vrf($zoneid);
> my $dhcp_plugin_name = $zone->{dhcp};
> my $dhcp_plugin = PVE::Network::SDN::Dhcp::Plugin->lookup($dhcp_plugin_name);
>
> die "Could not find DHCP plugin: $dhcp_plugin_name" if !$dhcp_plugin;
>
> - eval { $dhcp_plugin->before_configure($zoneid) };
> + eval { $dhcp_plugin->before_configure($zoneid, $vrf) };
In my MTU series I already additionally pass in the zone config to the
DHCP plugin, since I did a similar thing (creating a getter) for MTU -
maybe we can unify this approach and call
PVE::Network::SDN::Zones::get_xy() inside the DHCP plugins or outside as
well?
I think I prefer calling it inside the DHCP plugin, since we then only
need to add one parameter instead of adding one for every additional
thing we might want to pass to the dhcp plugin.
See https://lists.proxmox.com/pipermail/pve-devel/2023-December/061111.html
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2023-12-18 17:10 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-12-18 13:04 [pve-devel] [PATCH pve-network 0/3] add dhcp support for evpn Alexandre Derumier
2023-12-18 13:04 ` [pve-devel] [PATCH pve-network 1/3] dhcp: add vrf support Alexandre Derumier
2023-12-18 17:10 ` Stefan Hanreich
2023-12-18 13:04 ` [pve-devel] [PATCH pve-network 2/3] dnsmasq service: run service in vrf Alexandre Derumier
2023-12-18 13:04 ` [pve-devel] [PATCH pve-network 3/3] zones: evpn: add dhcp support Alexandre Derumier
2023-12-18 14:42 ` [pve-devel] [PATCH pve-network 0/3] add dhcp support for evpn Stefan Hanreich
2023-12-18 17:05 ` Stefan Hanreich
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox