diff --git a/src/PVE/INotify.pm b/src/PVE/INotify.pm index dbc9868..186df62 100644 --- a/src/PVE/INotify.pm +++ b/src/PVE/INotify.pm @@ -873,10 +873,29 @@ sub __read_etc_network_interfaces { $id = $options_alternatives->{$id} if $options_alternatives->{$id}; + my $simple_options = { + 'ovs_type' => 1, + 'ovs_options' => 1, + 'ovs_bridge' => 1, + 'ovs_bonds' => 1, + 'ovs_ports' => 1, + 'bridge_fd' => 1, + 'bridge_vids' => 1, + 'bridge-access' => 1, + 'bridge-learning' => 1, + 'bridge-arp-nd-suppress' => 1, + 'bridge-unicast-flood' => 1, + 'bridge-multicast-flood' => 1, + 'bond_miimon' => 1, + 'bond_xmit_hash_policy' => 1, + 'vxlan-id' => 1, + 'vxlan-svcnodeip' => 1, + 'vxlan-physdev' => 1, + 'vxlan-local-tunnelip' => 1 }; + if (($id eq 'address') || ($id eq 'netmask') || ($id eq 'broadcast') || ($id eq 'gateway')) { $f->{$id} = $value; - } elsif ($id eq 'ovs_type' || $id eq 'ovs_options'|| $id eq 'ovs_bridge' || - $id eq 'ovs_bonds' || $id eq 'ovs_ports') { + } elsif ($simple_options->{$id}) { $d->{$id} = $value; } elsif ($id eq 'slaves' || $id eq 'bridge_ports') { my $devs = {}; @@ -896,14 +915,8 @@ sub __read_etc_network_interfaces { } else { $d->{$id} = 'off'; } - } elsif ($id eq 'bridge_fd' || $id eq 'bridge_vids') { - $d->{$id} = $value; } elsif ($id eq 'bridge_vlan_aware') { $d->{$id} = 1; - } elsif ($id eq 'bond_miimon') { - $d->{$id} = $value; - } elsif ($id eq 'bond_xmit_hash_policy') { - $d->{$id} = $value; } elsif ($id eq 'bond_mode') { # always use names foreach my $bm (keys %$bond_modes) { @@ -914,9 +927,6 @@ sub __read_etc_network_interfaces { } } $d->{$id} = $value; - } elsif ($id eq 'vxlan-id' || $id eq 'vxlan-svcnodeip' || - $id eq 'vxlan-physdev' || $id eq 'vxlan-local-tunnelip') { - $d->{$id} = $value; } elsif ($id eq 'vxlan-remoteip') { push @{$d->{$id}}, $value; } else { @@ -1138,7 +1148,6 @@ sub __interface_to_string { } $done->{'vxlan-remoteip'} = 1; } - } elsif ($d->{type} eq 'OVSBridge') { $raw .= "\tovs_type $d->{type}\n"; @@ -1197,7 +1206,7 @@ sub __interface_to_string { if ($first_block) { # print other settings - foreach my $k (keys %$d) { + foreach my $k (sort keys %$d) { next if $done->{$k}; next if !$d->{$k}; $raw .= "\t$k $d->{$k}\n"; @@ -1334,6 +1343,35 @@ sub __write_etc_network_interfaces { } } + # check bridgeport option + my $bridgeports = {}; + my $bridges = {}; + foreach my $iface (keys %$ifaces) { + my $d = $ifaces->{$iface}; + if ($d->{type} eq 'bridge') { + foreach my $p (split (/\s+/, $d->{bridge_ports})) { + my $n = $ifaces->{$p}; + die "bridge '$iface' - unable to find bridge port '$p'\n" + if !$n; + $bridgeports->{$p} = $iface; + } + $bridges->{$iface} = $d; + } + } + + foreach my $iface (keys %$ifaces) { + my $d = $ifaces->{$iface}; + + foreach my $k (qw(bridge-learning bridge-arp-nd-suppress bridge-unicast-flood bridge-multicast-flood bridge-access)) { + die "iface $iface : bridgeports options can be used only if interface is in a bridge\n" + if $d->{$k} && !$bridgeports->{$iface}; + } + + if ($d->{'bridge-access'} && !$bridges->{$bridgeports->{$iface}}->{bridge_vlan_aware}) { + die "iface $iface : bridge-access option can be only used if interface is in a vlan aware bridge\n"; + } + } + my $raw = <<'NETWORKDOC'; # network interface settings; autogenerated # Please do NOT modify this file directly, unless you know what diff --git a/test/etc_network_interfaces/t.create_network.pl b/test/etc_network_interfaces/t.create_network.pl index edc15fd..3503797 100644 --- a/test/etc_network_interfaces/t.create_network.pl +++ b/test/etc_network_interfaces/t.create_network.pl @@ -24,6 +24,40 @@ $config->{ifaces}->{eth1} = { autostart => 1 }; +$config->{ifaces}->{vmbr1} = { + type => 'bridge', + method => 'manual', + families => ['inet'], + bridge_stp => off, + bridge_fd => 0, + bridge_ports => vxlan1, + bridge_vlan_aware => yes, + autostart => 1 +}; + + +$config->{ifaces}->{vmbr2} = { + type => 'bridge', + method => 'manual', + families => ['inet'], + bridge_stp => off, + bridge_fd => 0, + bridge_ports => vxlan2, + autostart => 1 +}; + +$config->{ifaces}->{vmbr3} = { + type => 'bridge', + method => 'manual', + families => ['inet'], + bridge_stp => off, + bridge_fd => 0, + bridge_ports => vxlan3, + bridge_vlan_aware => yes, + bridge_vids => '2-10', + autostart => 1 +}; + $config->{ifaces}->{vxlan1} = { type => 'vxlan', method => 'manual', @@ -40,6 +74,10 @@ $config->{ifaces}->{vxlan2} = { families => ['inet'], 'vxlan-id' => 2, 'vxlan-local-tunnelip' => $ip, + 'bridge-learning' => 'off', + 'bridge-arp-nd-suppress' => 'on', + 'bridge-unicast-flood' => 'off', + 'bridge-multicast-flood' => 'off', autostart => 1 }; @@ -49,6 +87,7 @@ $config->{ifaces}->{vxlan3} = { families => ['inet'], 'vxlan-id' => 3, 'vxlan-remoteip' => [$remoteip1, $remoteip2], + 'bridge-access' => 3, autostart => 1 }; @@ -73,6 +112,28 @@ iface vmbr0 inet static bridge-stp off bridge-fd 0 +auto vmbr1 +iface vmbr1 inet manual + bridge-ports vxlan1 + bridge-stp off + bridge-fd 0 + bridge-vlan-aware yes + bridge-vids 2-4094 + +auto vmbr2 +iface vmbr2 inet manual + bridge-ports vxlan2 + bridge-stp off + bridge-fd 0 + +auto vmbr3 +iface vmbr3 inet manual + bridge-ports vxlan3 + bridge-stp off + bridge-fd 0 + bridge-vlan-aware yes + bridge-vids 2-10 + auto vxlan1 iface vxlan1 inet manual vxlan-id 1 @@ -83,12 +144,17 @@ auto vxlan2 iface vxlan2 inet manual vxlan-id 2 vxlan-local-tunnelip $ip + bridge-arp-nd-suppress on + bridge-learning off + bridge-multicast-flood off + bridge-unicast-flood off auto vxlan3 iface vxlan3 inet manual vxlan-id 3 vxlan-remoteip $remoteip1 vxlan-remoteip $remoteip2 + bridge-access 3 CHECK