* [PATCH network v2] snat: handle interface lookup failures gracefully
@ 2026-06-01 12:42 Lukas Sichert
0 siblings, 0 replies; only message in thread
From: Lukas Sichert @ 2026-06-01 12:42 UTC (permalink / raw)
To: pve-devel; +Cc: Lukas Sichert
'When an IPv6 subnet is created in a Simple or EVPN zone, the setup code
runs 'ip route get 2001:4860:4860::8888' to determine the outgoing
interface. If the host has no IPv6 address configured, this command
fails and aborts the loop that iterates over the plugin's subnets. This
means that the current and subsequent bridges required for the VNETs are
not instantiated, even though they still appear in the GUI. Starting a
VM connected to such a VNET then fails with: 'TASK ERROR: bridge
'<vnet>' does not exist'.
Wrap the function that performs the route lookup in an eval block. If
the lookup fails, use 'log_warn' to write the error to the system log
and to the GUI and continue processing the remaining subnets in the
loop.
Signed-off-by: Lukas Sichert <l.sichert@proxmox.com>
---
Notes:
changes from v1 to v2:
-use log_warn instead of syslog to display the warning in the GUI as
well
-change the commit subject to better fit proxmox style
src/PVE/Network/SDN/Zones/EvpnPlugin.pm | 13 +++++++++++--
src/PVE/Network/SDN/Zones/SimplePlugin.pm | 13 +++++++++++--
2 files changed, 22 insertions(+), 4 deletions(-)
diff --git a/src/PVE/Network/SDN/Zones/EvpnPlugin.pm b/src/PVE/Network/SDN/Zones/EvpnPlugin.pm
index dfbd7e9..0e79707 100644
--- a/src/PVE/Network/SDN/Zones/EvpnPlugin.pm
+++ b/src/PVE/Network/SDN/Zones/EvpnPlugin.pm
@@ -11,6 +11,7 @@ use PVE::INotify;
use PVE::Cluster;
use PVE::Tools;
use Net::IP;
+use PVE::RESTEnvironment qw(log_warn);
use PVE::Network::SDN::Controllers::EvpnPlugin;
@@ -269,8 +270,16 @@ sub generate_sdn_config {
if ($subnet->{snat}) {
#find outgoing interface
- my ($outip, $outiface) =
- PVE::Network::SDN::Zones::Plugin::get_local_route_ip($checkrouteip);
+ my ($outip, $outiface);
+ eval {
+ ($outip, $outiface) =
+ PVE::Network::SDN::Zones::Plugin::get_local_route_ip($checkrouteip);
+ };
+ if ($@) {
+ my $msg = "interface for SNAT could not be resolved: $@";
+ log_warn($msg);
+ next;
+ }
if ($outip && $outiface && $is_evpn_gateway) {
#use snat, faster than masquerade
push @iface_config,
diff --git a/src/PVE/Network/SDN/Zones/SimplePlugin.pm b/src/PVE/Network/SDN/Zones/SimplePlugin.pm
index f5cd18e..347eee9 100644
--- a/src/PVE/Network/SDN/Zones/SimplePlugin.pm
+++ b/src/PVE/Network/SDN/Zones/SimplePlugin.pm
@@ -7,6 +7,7 @@ use PVE::Network::SDN::Dhcp;
use PVE::Exception qw(raise raise_param_exc);
use PVE::Cluster;
use PVE::Tools;
+use PVE::RESTEnvironment qw(log_warn);
use base('PVE::Network::SDN::Zones::Plugin');
@@ -112,8 +113,16 @@ sub generate_sdn_config {
push @iface_config, "up ip route add $cidr dev $vnetid" if $mask == 32 && $ipversion == 4;
if ($subnet->{snat}) {
#find outgoing interface
- my ($outip, $outiface) =
- PVE::Network::SDN::Zones::Plugin::get_local_route_ip($checkrouteip);
+ my ($outip, $outiface);
+ eval {
+ ($outip, $outiface) =
+ PVE::Network::SDN::Zones::Plugin::get_local_route_ip($checkrouteip);
+ };
+ if ($@) {
+ my $msg = "interface for SNAT could not be resolved: $@";
+ log_warn($msg);
+ next;
+ }
if ($outip && $outiface) {
#use snat, faster than masquerade
push @iface_config,
--
2.47.3
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2026-06-01 12:43 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-06-01 12:42 [PATCH network v2] snat: handle interface lookup failures gracefully Lukas Sichert
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox