From: Filip Schauer <f.schauer@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] [PATCH lxc] patch dhclient-script to set RFC3442 classless routes
Date: Wed, 3 Dec 2025 17:03:18 +0100 [thread overview]
Message-ID: <20251203160326.118051-1-f.schauer@proxmox.com> (raw)
Embed the rfc3442-classless-routes hook from isc-dhcp-client into the
LXC dhclient-script. This is needed by application containers with
host-managed DHCP network interfaces, that receive routes via DHCP
option 121 (RFC3442).
Previously these classless routes were ignored.
This was originally reported in the Proxmox forum [0].
[0] https://forum.proxmox.com/threads/no-default-gateway-on-oci-container-with-dhcp.176696/
Signed-off-by: Filip Schauer <f.schauer@proxmox.com>
---
...3-PVE-apply-rfc3442-classless-routes.patch | 106 ++++++++++++++++++
debian/patches/series | 1 +
2 files changed, 107 insertions(+)
create mode 100644 debian/patches/pve/0003-PVE-apply-rfc3442-classless-routes.patch
diff --git a/debian/patches/pve/0003-PVE-apply-rfc3442-classless-routes.patch b/debian/patches/pve/0003-PVE-apply-rfc3442-classless-routes.patch
new file mode 100644
index 0000000..26ab883
--- /dev/null
+++ b/debian/patches/pve/0003-PVE-apply-rfc3442-classless-routes.patch
@@ -0,0 +1,106 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Filip Schauer <f.schauer@proxmox.com>
+Date: Wed, 3 Dec 2025 15:03:50 +0100
+Subject: [PATCH] dhclient-script: set RFC3442 classless routes
+
+Due to the removal of hooks in the LXC fork of dhclient-script, the
+rfc3442-classless-routes hook did not run. As a result, classless static
+routes received from the DHCP server were ignored.
+
+This commit restores support for RFC3442 classless routes by embedding
+the code from /etc/dhcp/dhclient-exit-hooks.d/rfc3442-classless-routes
+from the isc-dhcp-client package.
+
+Signed-off-by: Filip Schauer <f.schauer@proxmox.com>
+---
+ hooks/dhclient-script | 67 +++++++++++++++++++++++++++++++++++++++++++
+ 1 file changed, 67 insertions(+)
+
+diff --git a/hooks/dhclient-script b/hooks/dhclient-script
+index 9c9b40e69..c87792707 100755
+--- a/hooks/dhclient-script
++++ b/hooks/dhclient-script
+@@ -133,6 +133,71 @@ set_hostname() {
+ fi
+ }
+
++# Code adapted from isc-dhcp-client rfc3442-classless-routes hook
++set_rfc3442_classless_routes() {
++ set -- $new_rfc3442_classless_static_routes
++
++ while [ $# -gt 0 ]; do
++ net_length=$1
++ via_arg=''
++
++ case $net_length in
++ 32|31|30|29|28|27|26|25)
++ if [ $# -lt 9 ]; then
++ return 1
++ fi
++ net_address="${2}.${3}.${4}.${5}"
++ gateway="${6}.${7}.${8}.${9}"
++ shift 9
++ ;;
++ 24|23|22|21|20|19|18|17)
++ if [ $# -lt 8 ]; then
++ return 1
++ fi
++ net_address="${2}.${3}.${4}.0"
++ gateway="${5}.${6}.${7}.${8}"
++ shift 8
++ ;;
++ 16|15|14|13|12|11|10|9)
++ if [ $# -lt 7 ]; then
++ return 1
++ fi
++ net_address="${2}.${3}.0.0"
++ gateway="${4}.${5}.${6}.${7}"
++ shift 7
++ ;;
++ 8|7|6|5|4|3|2|1)
++ if [ $# -lt 6 ]; then
++ return 1
++ fi
++ net_address="${2}.0.0.0"
++ gateway="${3}.${4}.${5}.${6}"
++ shift 6
++ ;;
++ 0) # default route
++ if [ $# -lt 5 ]; then
++ return 1
++ fi
++ net_address="0.0.0.0"
++ gateway="${2}.${3}.${4}.${5}"
++ shift 5
++ ;;
++ *) # error
++ return 1
++ ;;
++ esac
++
++ # take care of link-local routes
++ if [ "${gateway}" != '0.0.0.0' ]; then
++ via_arg="via ${gateway}"
++ fi
++
++ # set route (ip detects host routes automatically)
++ ${ip} -4 route add "${net_address}/${net_length}" \
++ ${via_arg} dev "${interface}" >/dev/null 2>&1
++ done
++}
++
+ # Execute the operation
+ case "$reason" in
+
+@@ -207,6 +272,8 @@ case "$reason" in
+ if_metric=$((if_metric+1))
+ fi
+ done
++ else
++ set_rfc3442_classless_routes
+ fi
+ fi
+
+--
+2.47.3
+
diff --git a/debian/patches/series b/debian/patches/series
index 8d5d62a..47c3558 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -6,3 +6,4 @@ conf-env-split-bpo/0002-api_extensions-add-environment_runtime_hooks-extensi.pat
conf-env-split-bpo/0003-doc-add-lxc.environment.-runtime-hooks.patch
pve/0001-PVE-Config-deny-rw-mounting-of-sys-and-proc.patch
pve/0002-PVE-Config-attach-always-use-getent.patch
+pve/0003-PVE-apply-rfc3442-classless-routes.patch
--
2.47.3
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
reply other threads:[~2025-12-03 16:03 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251203160326.118051-1-f.schauer@proxmox.com \
--to=f.schauer@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox