From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <pve-devel-bounces@lists.proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
	by lore.proxmox.com (Postfix) with ESMTPS id 47E5F1FF183
	for <inbox@lore.proxmox.com>; Wed, 16 Jul 2025 18:38:16 +0200 (CEST)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
	by firstgate.proxmox.com (Proxmox) with ESMTP id 2D81F17C49;
	Wed, 16 Jul 2025 18:39:16 +0200 (CEST)
From: Stefan Hanreich <s.hanreich@proxmox.com>
To: pve-devel@lists.proxmox.com
Date: Wed, 16 Jul 2025 18:39:02 +0200
Message-Id: <20250716163911.406995-1-s.hanreich@proxmox.com>
X-Mailer: git-send-email 2.39.5
MIME-Version: 1.0
X-SPAM-LEVEL: Spam detection results:  0
 AWL -0.218 Adjusted score from AWL reputation of From: address
 BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
 DMARC_MISSING             0.1 Missing DMARC policy
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 KAM_LAZY_DOMAIN_SECURITY 1 Sending domain does not have any anti-forgery
 methods
 RDNS_NONE 0.793 Delivered to internal network by a host with no rDNS
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_NONE                0.001 SPF: sender does not publish an SPF Record
Subject: [pve-devel] [RFC
 common/docs/firewall/manager/network/proxmox{-ve-rs,
 -firewall} v3 0/9] NIC renaming mitigations
X-BeenThere: pve-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pve-devel/>
List-Post: <mailto:pve-devel@lists.proxmox.com>
List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=subscribe>
Reply-To: Proxmox VE development discussion <pve-devel@lists.proxmox.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: pve-devel-bounces@lists.proxmox.com
Sender: "pve-devel" <pve-devel-bounces@lists.proxmox.com>

This patch series contains the following features:
* transparent altname support for {pve, proxmox}-firewall and pve-network
* proxmox-network-interface-pinning tool for pinning NIC names

Both are improvements aimed at mitigating the fallout caused from changing
network interface names.

For more information on the pinning tool, see the respective commit that
explains the usage - a short tl;dr:

* Pin network interfaces via proxmox-network-interface-pinning generate
* reboot to apply the changes to the network configuration

I also introduce two new one-shot services, that are executed on boot, for
applying pending network configuration changes.

Changes from RFC v2:
* add documentation patch

Changes from RFC:
* renamed pin -> generate
* removed unpinning feature (will be implemented in a follow-up)
* configuration now gets generated into pending files, instead of directly
rewriting configuration
* created SDN and FW pendants to pvenetcommit for auto-comitting changes on
reboot

pve-common:

Stefan Hanreich (2):
  network: add ip link and altname helpers
  network: add nic prefix to physical nic regex

 src/PVE/Network.pm | 47 +++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 46 insertions(+), 1 deletion(-)


proxmox-ve-rs:

Stefan Hanreich (1):
  config: ip link struct

 proxmox-ve-config/src/host/mod.rs     |  1 +
 proxmox-ve-config/src/host/network.rs | 35 +++++++++++++++++++++++++++
 2 files changed, 36 insertions(+)
 create mode 100644 proxmox-ve-config/src/host/network.rs


proxmox-firewall:

Stefan Hanreich (1):
  firewall: add altname support for firewall rules

 proxmox-firewall/src/config.rs              | 29 +++++++++++++++++++++
 proxmox-firewall/src/rule.rs                |  6 ++++-
 proxmox-firewall/tests/integration_tests.rs |  7 +++++
 3 files changed, 41 insertions(+), 1 deletion(-)


pve-firewall:

Stefan Hanreich (1):
  firewall: add altname support

 src/PVE/Firewall.pm | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)


pve-network:

Stefan Hanreich (1):
  controllers: isis: add altname support

 src/PVE/Network/SDN/Controllers/IsisPlugin.pm | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)


pve-manager:

Stefan Hanreich (2):
  cli: add proxmox-network-interface-pinning tool
  services: add pvesdncommit and pvefirewallcommit

 PVE/CLI/Makefile                             |   1 +
 PVE/CLI/proxmox_network_interface_pinning.pm | 396 +++++++++++++++++++
 bin/Makefile                                 |  21 +-
 bin/proxmox-network-interface-pinning        |   8 +
 bin/pvefirewallcommit                        |  14 +
 bin/pvesdncommit                             |  14 +
 debian/postinst                              |   2 +-
 services/Makefile                            |   4 +-
 services/pvefirewallcommit.service           |  13 +
 services/pvesdncommit.service                |  13 +
 10 files changed, 483 insertions(+), 3 deletions(-)
 create mode 100644 PVE/CLI/proxmox_network_interface_pinning.pm
 create mode 100644 bin/proxmox-network-interface-pinning
 create mode 100644 bin/pvefirewallcommit
 create mode 100644 bin/pvesdncommit
 create mode 100644 services/pvefirewallcommit.service
 create mode 100644 services/pvesdncommit.service


pve-docs:

Stefan Hanreich (1):
  network: add documentation for proxmox-network-interface-pinning

 pve-network.adoc | 42 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 42 insertions(+)


Summary over all repositories:
  19 files changed, 657 insertions(+), 8 deletions(-)

-- 
Generated by git-murpp 0.8.0

_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel