From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 53DCC8E6DB for ; Sat, 12 Nov 2022 17:32:34 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 358BACCBB for ; Sat, 12 Nov 2022 17:32:34 +0100 (CET) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS for ; Sat, 12 Nov 2022 17:32:32 +0100 (CET) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 31C3F43B43; Sat, 12 Nov 2022 17:32:32 +0100 (CET) Message-ID: Date: Sat, 12 Nov 2022 17:32:31 +0100 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:107.0) Gecko/20100101 Thunderbird/107.0 Content-Language: en-GB To: Proxmox VE development discussion , Alexandre Derumier References: <20220824162644.1632804-1-aderumier@odiso.com> <20220824162644.1632804-5-aderumier@odiso.com> From: Thomas Lamprecht In-Reply-To: <20220824162644.1632804-5-aderumier@odiso.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-SPAM-LEVEL: Spam detection results: 0 AWL -0.032 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment NICE_REPLY_A -0.001 Looks like a legit reply (A) SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: Re: [pve-devel] [PATCH V3 qemu-server 2/3] vm_start/vm_resume : add_nets_bridge_fdb X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 12 Nov 2022 16:32:34 -0000 Am 24/08/2022 um 18:26 schrieb Alexandre Derumier: > on vm start (no live migration), we can simply add mac address in fdb. > In case of a live migration, we add the mac address just before the resume. > > Signed-off-by: Alexandre Derumier > --- > PVE/QemuServer.pm | 25 +++++++++++++++++++++++-- > 1 file changed, 23 insertions(+), 2 deletions(-) > > diff --git a/PVE/QemuServer.pm b/PVE/QemuServer.pm > index 0114d06..6d71006 100644 > --- a/PVE/QemuServer.pm > +++ b/PVE/QemuServer.pm > @@ -5797,6 +5797,7 @@ sub vm_start_nolock { > my $nicconf = parse_net($conf->{$opt}); > qemu_set_link_status($vmid, $opt, 0) if $nicconf->{link_down}; > } > + add_nets_bridge_fdb($conf, $vmid); > } > > mon_cmd($vmid, 'qom-set', > @@ -6155,6 +6156,7 @@ sub vm_resume { > my $res = mon_cmd($vmid, 'query-status'); > my $resume_cmd = 'cont'; > my $reset = 0; > + my $conf = PVE::QemuConfig->load_config($vmid); > > if ($res->{status}) { > return if $res->{status} eq 'running'; # job done, go home > @@ -6164,8 +6166,6 @@ sub vm_resume { > > if (!$nocheck) { > > - my $conf = PVE::QemuConfig->load_config($vmid); > - > PVE::QemuConfig->check_lock($conf) > if !($skiplock || PVE::QemuConfig->has_lock($conf, 'backup')); > } > @@ -6175,6 +6175,9 @@ sub vm_resume { > # request before the backup finishes for example > mon_cmd($vmid, "system_reset"); > } > + > + add_nets_bridge_fdb($conf, $vmid) if $resume_cmd eq 'cont'; > + > mon_cmd($vmid, $resume_cmd); > }); > } > @@ -8237,4 +8240,22 @@ sub check_volume_storage_type { > return 1; > } > > +sub add_nets_bridge_fdb { > + my ($conf, $vmid) = @_; > + > + foreach my $opt (keys %$conf) { > + if ($opt =~ m/^net(\d+)$/) { > + my $net = parse_net($conf->{$opt}); > + next if !$net; > + next if !$net->{macaddr}; note that parse_net *always* checks for a $net->{macaddr} itself and auto_generates one if not present: https://git.proxmox.com/?p=qemu-server.git;a=blob;f=PVE/QemuServer.pm;h=2376bf46439e300ec5e0191f3bd9552510e91467;hb=HEAD#l1943 So this will never call next and register potentially a random mac address that then isn't used by the VM. I think it could be better to change this method to not get the full config but the already parsed network entry, as then we can better ensure that the MAC address is actually the one we'll use. We'd then need to keep track of such auto-generated ones so that we got that available when we actually need to add the entry, or read that out again from the QEMU command line opts (or maybe its available via QMP?) > + > + my $iface = "tap${vmid}i$1"; > + if ($have_sdn) { > + PVE::Network::SDN::Zones::add_bridge_fdb($iface, $net->{macaddr}, $net->{bridge}, $net->{firewall}); > + } else { > + PVE::Network::add_bridge_fdb($iface, $net->{macaddr}, $net->{firewall}); > + } > + } > + } > +} > 1;