From: Stefan Hanreich <s.hanreich@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] [PATCH qemu-server v3 1/1] net: automatically set host_mtu to bridge mtu for virtio netdevs
Date: Thu, 17 Jul 2025 19:50:10 +0200 [thread overview]
Message-ID: <20250717175012.606372-2-s.hanreich@proxmox.com> (raw)
In-Reply-To: <20250717175012.606372-1-s.hanreich@proxmox.com>
When creating a new network device from the UI and leaving the MTU
field empty, it defaults to 1500. This is inconvenient in cases where
the MTU of the bridge is not 1500 and lead to some confusion of users
[1]. Containers already inherit the bridge MTU when the field is left
empty, so align the behavior of VMs to be more in line with the more
convenient behavior of containers.
The common case where this was encountered was with creating network
devices on SDN VXLAN vnets. There the default MTU for bridges is 1450,
since VXLAN adds some overhead and we automatically subtract that
overhead from the default bridge MTU (1500) if no MTU is explicitly
set in the zone configuration. Before that users always had to
explicitly set the MTU to 1450 or 1 for every network device created,
which is error-prone.
[1] https://forum.proxmox.com/threads/bug-vxlan-and-mtu.161412
Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
---
src/PVE/QemuServer.pm | 30 ++++++++++++++------------
src/PVE/QemuServer/Network.pm | 3 ++-
src/test/cfg2cmd/netdev_vxlan.conf | 7 ++++++
src/test/cfg2cmd/netdev_vxlan.conf.cmd | 28 ++++++++++++++++++++++++
src/test/run_config2command_tests.pl | 6 ++++++
5 files changed, 59 insertions(+), 15 deletions(-)
create mode 100644 src/test/cfg2cmd/netdev_vxlan.conf
create mode 100644 src/test/cfg2cmd/netdev_vxlan.conf.cmd
diff --git a/src/PVE/QemuServer.pm b/src/PVE/QemuServer.pm
index ec554c4a..d7398648 100644
--- a/src/PVE/QemuServer.pm
+++ b/src/PVE/QemuServer.pm
@@ -1452,21 +1452,23 @@ sub print_netdevice_full {
$tmpstr .= ",bootindex=$net->{bootindex}" if $net->{bootindex};
- if (my $mtu = $net->{mtu}) {
- if ($net->{model} eq 'virtio' && $net->{bridge}) {
- my $bridge_mtu = PVE::Network::read_bridge_mtu($net->{bridge});
- if ($mtu == 1) {
- $mtu = $bridge_mtu;
- } elsif ($mtu < 576) {
- die "netdev $netid: MTU '$mtu' is smaller than the IP minimum MTU '576'\n";
- } elsif ($mtu > $bridge_mtu) {
- die "netdev $netid: MTU '$mtu' is bigger than the bridge MTU '$bridge_mtu'\n";
- }
- $tmpstr .= ",host_mtu=$mtu";
- } else {
- warn
- "WARN: netdev $netid: ignoring MTU '$mtu', not using VirtIO or no bridge configured.\n";
+ my $mtu = $net->{mtu};
+
+ if ($net->{model} eq 'virtio' && $net->{bridge}) {
+ my $bridge_mtu = PVE::Network::read_bridge_mtu($net->{bridge});
+
+ if (!defined($mtu) || $mtu == 1) {
+ $mtu = $bridge_mtu;
+ } elsif ($mtu < 576) {
+ die "netdev $netid: MTU '$mtu' is smaller than the IP minimum MTU '576'\n";
+ } elsif ($mtu > $bridge_mtu) {
+ die "netdev $netid: MTU '$mtu' is bigger than the bridge MTU '$bridge_mtu'\n";
}
+
+ $tmpstr .= ",host_mtu=$mtu" if $mtu != 1500;
+ } elsif (defined($mtu)) {
+ warn
+ "WARN: netdev $netid: ignoring MTU '$mtu', not using VirtIO or no bridge configured.\n";
}
if ($use_old_bios_files) {
diff --git a/src/PVE/QemuServer/Network.pm b/src/PVE/QemuServer/Network.pm
index 9ca31435..56df83fb 100644
--- a/src/PVE/QemuServer/Network.pm
+++ b/src/PVE/QemuServer/Network.pm
@@ -110,7 +110,8 @@ my $net_fmt = {
type => 'integer',
minimum => 1,
maximum => 65520,
- description => "Force MTU, for VirtIO only. Set to '1' to use the bridge MTU",
+ description =>
+ "Force MTU of network device (VirtIO only). Setting to '1' or empty will use the bridge MTU",
optional => 1,
},
};
diff --git a/src/test/cfg2cmd/netdev_vxlan.conf b/src/test/cfg2cmd/netdev_vxlan.conf
new file mode 100644
index 00000000..af9e31c7
--- /dev/null
+++ b/src/test/cfg2cmd/netdev_vxlan.conf
@@ -0,0 +1,7 @@
+# TEST: Test inheriting the MTU from a bridge with MTU != 1500
+bootdisk: scsi0
+cores: 3
+memory: 768
+name: netdev
+net0: virtio=A2:C0:43:77:08:A0,bridge=vxlan_bridge
+ostype: l26
diff --git a/src/test/cfg2cmd/netdev_vxlan.conf.cmd b/src/test/cfg2cmd/netdev_vxlan.conf.cmd
new file mode 100644
index 00000000..a2f3579d
--- /dev/null
+++ b/src/test/cfg2cmd/netdev_vxlan.conf.cmd
@@ -0,0 +1,28 @@
+/usr/bin/kvm \
+ -id 8006 \
+ -name 'netdev,debug-threads=on' \
+ -no-shutdown \
+ -chardev 'socket,id=qmp,path=/var/run/qemu-server/8006.qmp,server=on,wait=off' \
+ -mon 'chardev=qmp,mode=control' \
+ -chardev 'socket,id=qmp-event,path=/var/run/qmeventd.sock,reconnect-ms=5000' \
+ -mon 'chardev=qmp-event,mode=control' \
+ -pidfile /var/run/qemu-server/8006.pid \
+ -daemonize \
+ -smp '3,sockets=1,cores=3,maxcpus=3' \
+ -nodefaults \
+ -boot 'menu=on,strict=on,reboot-timeout=1000,splash=/usr/share/qemu-server/bootsplash.jpg' \
+ -vnc 'unix:/var/run/qemu-server/8006.vnc,password=on' \
+ -cpu kvm64,enforce,+kvm_pv_eoi,+kvm_pv_unhalt,+lahf_lm,+sep \
+ -m 768 \
+ -global 'PIIX4_PM.disable_s3=1' \
+ -global 'PIIX4_PM.disable_s4=1' \
+ -device 'pci-bridge,id=pci.1,chassis_nr=1,bus=pci.0,addr=0x1e' \
+ -device 'pci-bridge,id=pci.2,chassis_nr=2,bus=pci.0,addr=0x1f' \
+ -device 'piix3-usb-uhci,id=uhci,bus=pci.0,addr=0x1.0x2' \
+ -device 'usb-tablet,id=tablet,bus=uhci.0,port=1' \
+ -device 'VGA,id=vga,bus=pci.0,addr=0x2' \
+ -device 'virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x3,free-page-reporting=on' \
+ -iscsi 'initiator-name=iqn.1993-08.org.debian:01:aabbccddeeff' \
+ -netdev 'type=tap,id=net0,ifname=tap8006i0,script=/usr/libexec/qemu-server/pve-bridge,downscript=/usr/libexec/qemu-server/pve-bridgedown,vhost=on' \
+ -device 'virtio-net-pci,mac=A2:C0:43:77:08:A0,netdev=net0,bus=pci.0,addr=0x12,id=net0,rx_queue_size=1024,tx_queue_size=256,bootindex=300,host_mtu=1450' \
+ -machine 'type=pc+pve0'
diff --git a/src/test/run_config2command_tests.pl b/src/test/run_config2command_tests.pl
index 16a56987..ab781e00 100755
--- a/src/test/run_config2command_tests.pl
+++ b/src/test/run_config2command_tests.pl
@@ -439,6 +439,12 @@ my $pve_common_network;
$pve_common_network = Test::MockModule->new('PVE::Network');
$pve_common_network->mock(
read_bridge_mtu => sub {
+ my ($bridge_name) = @_;
+
+ if ($bridge_name eq 'vxlan_bridge') {
+ return 1450;
+ }
+
return 1500;
},
);
--
2.39.5
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
next prev parent reply other threads:[~2025-07-17 17:49 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-07-17 17:50 [pve-devel] [PATCH docs/manager/qemu-server v3 0/3] Make VirtIO network devices inherit MTU from bridge by default Stefan Hanreich
2025-07-17 17:50 ` Stefan Hanreich [this message]
2025-07-17 18:39 ` [pve-devel] [PATCH qemu-server v3 1/1] net: automatically set host_mtu to bridge mtu for virtio netdevs Thomas Lamprecht
2025-07-17 17:50 ` [pve-devel] [PATCH pve-manager v3 1/1] qemu: network: adjust MTU emptyText to match new default behavior Stefan Hanreich
2025-07-17 18:39 ` Thomas Lamprecht
2025-07-17 17:50 ` [pve-devel] [PATCH pve-docs v3 1/1] qm: document new default behavior for mtu setting Stefan Hanreich
2025-07-17 18:39 ` Thomas Lamprecht
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250717175012.606372-2-s.hanreich@proxmox.com \
--to=s.hanreich@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox