diff --git a/debian/patches/pve/0001-don-t-remove-tap-veth-fwpr-interfaces-from-bridge-on.patch b/debian/patches/pve/0001-don-t-remove-tap-veth-fwpr-interfaces-from-bridge-on.patch index 8e0e7bf..869f0f3 100644 --- a/debian/patches/pve/0001-don-t-remove-tap-veth-fwpr-interfaces-from-bridge-on.patch +++ b/debian/patches/pve/0001-don-t-remove-tap-veth-fwpr-interfaces-from-bridge-on.patch @@ -1,30 +1,43 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From 874ba884a7ff8f0059e069aac2855c2ffd5cacd2 Mon Sep 17 00:00:00 2001 From: Alexandre Derumier Date: Wed, 16 May 2018 02:11:45 +0200 -Subject: [PATCH] don't remove (tap|veth|fwpr) interfaces from bridge on ifup - bridge +Subject: [PATCH 1/7] don't remove (tap|veth|fwpr) interfaces from bridge on + ifup bridge as proxmox don't defined them in /etc/network/interfaces Signed-off-by: Thomas Lamprecht Signed-off-by: Alexandre Derumier --- + debian/rules | 2 +- ifupdown2/addons/bridge.py | 4 ++++ - 1 file changed, 4 insertions(+) + 2 files changed, 5 insertions(+), 1 deletion(-) +diff --git a/debian/rules b/debian/rules +index 6274b3a..dfd460f 100755 +--- a/debian/rules ++++ b/debian/rules +@@ -1,6 +1,6 @@ + #!/usr/bin/make -f + +-#export DH_VERBOSE=1 ++export DH_VERBOSE=1 + export PYBUILD_NAME=ifupdown2 + export PYBUILD_INSTALL_ARGS=--install-lib=/usr/share/ --install-scripts=/usr/share/ + diff --git a/ifupdown2/addons/bridge.py b/ifupdown2/addons/bridge.py -index 3e5fd78..bd597d7 100644 +index 00b1eaa..35944ac 100644 --- a/ifupdown2/addons/bridge.py +++ b/ifupdown2/addons/bridge.py -@@ -79,6 +79,7 @@ class bridge(moduleBase): - 'bridge-ports-condone-regex' : - {'help' : 'bridge ports to ignore/condone when reloading config / removing interfaces', - 'required' : False, -+ 'default' : '^(tap|veth|fwpr)', - 'example' : [ 'bridge-ports-condone-regex ^[a-zA-Z0-9]+_v[0-9]{1,4}$']}, - 'bridge-stp' : - {'help': 'bridge-stp yes/no', -@@ -912,6 +913,9 @@ class bridge(moduleBase): +@@ -440,6 +440,7 @@ class bridge(Addon, moduleBase): + "bridge-ports-condone-regex": { + "help": "bridge ports to ignore/condone when reloading config / removing interfaces", + "required": False, ++ "default": "^(tap|veth|fwpr)", + "example": ["bridge-ports-condone-regex ^[a-zA-Z0-9]+_v[0-9]{1,4}$"] + }, + } +@@ -1006,6 +1007,9 @@ class bridge(Addon, moduleBase): # up a compiled regex to be used in a match later. This way we try to avoid # a race condition where an (possibly VM) interface is created after this # function has been called but before the bridgeports are validated. @@ -34,3 +47,6 @@ index 3e5fd78..bd597d7 100644 if bridge_port_condone_regex: if get_string: return bridge_port_condone_regex +-- +2.20.1 + diff --git a/debian/patches/pve/0002-add-dummy-mtu-bridgevlanport-modules.patch b/debian/patches/pve/0002-add-dummy-mtu-bridgevlanport-modules.patch index 2ba6810..c9e22d5 100644 --- a/debian/patches/pve/0002-add-dummy-mtu-bridgevlanport-modules.patch +++ b/debian/patches/pve/0002-add-dummy-mtu-bridgevlanport-modules.patch @@ -1,7 +1,7 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From a8368f92c36cd810933c3c5319c148976cc65a82 Mon Sep 17 00:00:00 2001 From: Alexandre Derumier Date: Fri, 15 Jun 2018 00:36:03 +0200 -Subject: [PATCH] add dummy mtu, bridgevlanport modules +Subject: [PATCH 2/7] add dummy mtu, bridgevlanport modules As pve-manager package still provide ifupdown custom bridgevlanport && mtu script, we can override them with ifupdown2 addon scripts, doing nothing. @@ -19,10 +19,10 @@ Signed-off-by: Thomas Lamprecht create mode 100644 ifupdown2/addons/mtu.py diff --git a/etc/network/ifupdown2/addons.conf b/etc/network/ifupdown2/addons.conf -index dd3d223..73ef72d 100644 +index c43d377..e3639a7 100644 --- a/etc/network/ifupdown2/addons.conf +++ b/etc/network/ifupdown2/addons.conf -@@ -17,6 +17,8 @@ up,dhcp +@@ -19,6 +19,8 @@ up,dhcp up,address up,addressvirtual up,usercmds @@ -77,3 +77,6 @@ index 0000000..efdf569 +class mtu(moduleBase): + + _modinfo = {'mhelp' : 'dummy package to override proxmox script'} +-- +2.20.1 + diff --git a/debian/patches/pve/0004-allow-vlan-subinterface-in-a-vlan-aware-bridge.patch b/debian/patches/pve/0003-allow-vlan-subinterface-in-a-vlan-aware-bridge.patch similarity index 86% rename from debian/patches/pve/0004-allow-vlan-subinterface-in-a-vlan-aware-bridge.patch rename to debian/patches/pve/0003-allow-vlan-subinterface-in-a-vlan-aware-bridge.patch index 7b66c3c..d9f190e 100644 --- a/debian/patches/pve/0004-allow-vlan-subinterface-in-a-vlan-aware-bridge.patch +++ b/debian/patches/pve/0003-allow-vlan-subinterface-in-a-vlan-aware-bridge.patch @@ -1,7 +1,7 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From 8187e6e4a8cea198d86c4df8117335b7b93047d0 Mon Sep 17 00:00:00 2001 From: Alexandre Derumier Date: Mon, 1 Apr 2019 09:17:11 +0200 -Subject: [PATCH] allow vlan subinterface in a vlan-aware bridge +Subject: [PATCH 4/7] allow vlan subinterface in a vlan-aware bridge for stacked/qinq vlan, it's perfectly fine to have a vlan-aware bridge with a tagged interface port @@ -29,10 +29,10 @@ Signed-off-by: Thomas Lamprecht 1 file changed, 5 deletions(-) diff --git a/ifupdown2/addons/bridge.py b/ifupdown2/addons/bridge.py -index bd597d7..16862b7 100644 +index 35944ac..f353d6c 100644 --- a/ifupdown2/addons/bridge.py +++ b/ifupdown2/addons/bridge.py -@@ -790,11 +790,6 @@ class bridge(moduleBase): +@@ -890,11 +890,6 @@ class bridge(Addon, moduleBase): result = True for port_name in ports: port_obj_l = ifaceobj_getfunc(port_name) @@ -44,3 +44,6 @@ index bd597d7..16862b7 100644 if (port_obj_l and port_obj_l[0].get_attr_value('bridge-arp-nd-suppress') and self.arp_nd_suppress_only_on_vxlan and +-- +2.20.1 + diff --git a/debian/patches/pve/0003-debian-fixup-networking.service.patch b/debian/patches/pve/0003-debian-fixup-networking.service.patch deleted file mode 100644 index fd9c8ba..0000000 --- a/debian/patches/pve/0003-debian-fixup-networking.service.patch +++ /dev/null @@ -1,64 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Wolfgang Bumiller -Date: Tue, 3 Jul 2018 11:00:57 +0200 -Subject: [PATCH] debian: fixup networking.service - -Add missing ordering: - After=network-pre.target - See systemd.special(7)'s description of this target - After=systemd-sysctl.service - ifupdown does the same - we want net.*.conf.default.* - sysctl keys to apply to newly created interfaces - After=systemd-modules-load.service - ifupdown does the same, though this should be mostly - optional as modules should be autoloaded anyway - Before=network.target - This is required to prevent services which require - network to be started too early and listen on wrong - addresses (iow. only on loopback or ipv4-only). - Before=network-online.target - See systemd.special(7)'s description. We are the - provider of this target. - Before=shutdown.target - ifupdown does it this way, it also makes more sense - given the Conflict entry, compared to the previous - WantedBy entry in [Install] - -Changed install section: - WantedBy=multi-user.target - I wasn't sure about this. ifupdown does this. - basic.target didn't seem useful since we actually want: - WantedBy=network-online.target - We provide this, so we should be installed into it. - removed WantedBy=network.target - We strictly want to be ordered before this and instead - are required by multi-user.target already. - removed WantedBy=shutdown.target - I didn't see the point. - -Signed-off-by: Wolfgang Bumiller -Signed-off-by: Thomas Lamprecht ---- - debian/ifupdown2.networking.service | 5 +++-- - 1 file changed, 3 insertions(+), 2 deletions(-) - -diff --git a/debian/ifupdown2.networking.service b/debian/ifupdown2.networking.service -index 06e1545..b5c45f9 100644 ---- a/debian/ifupdown2.networking.service -+++ b/debian/ifupdown2.networking.service -@@ -2,7 +2,8 @@ - Description=ifupdown2 networking initialization - Documentation=man:interfaces(5) man:ifup(8) man:ifdown(8) - DefaultDependencies=no --Before=shutdown.target -+After=local-fs.target network-pre.target systemd-sysctl.service systemd-modules-load.service -+Before=network.target shutdown.target network-online.target - Conflicts=shutdown.target - - [Service] -@@ -15,4 +16,4 @@ ExecStop=/usr/share/ifupdown2/sbin/start-networking stop - ExecReload=/usr/share/ifupdown2/sbin/start-networking reload - - [Install] --WantedBy=basic.target network.target shutdown.target -+WantedBy=multi-user.target network-online.target diff --git a/debian/patches/pve/0005-don-t-remove-bridge-is-tap-veth-are-still-plugged.patch b/debian/patches/pve/0004-don-t-remove-bridge-is-tap-veth-are-still-plugged.patch similarity index 86% rename from debian/patches/pve/0005-don-t-remove-bridge-is-tap-veth-are-still-plugged.patch rename to debian/patches/pve/0004-don-t-remove-bridge-is-tap-veth-are-still-plugged.patch index 5c66cf6..5196004 100644 --- a/debian/patches/pve/0005-don-t-remove-bridge-is-tap-veth-are-still-plugged.patch +++ b/debian/patches/pve/0004-don-t-remove-bridge-is-tap-veth-are-still-plugged.patch @@ -1,7 +1,7 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From 3daa281c155da9da166627e35114283665f01669 Mon Sep 17 00:00:00 2001 From: Alexandre Derumier Date: Thu, 13 Jun 2019 14:34:59 +0200 -Subject: [PATCH] don't remove bridge is tap|veth are still plugged +Subject: [PATCH 5/7] don't remove bridge is tap|veth are still plugged Signed-off-by: Alexandre Derumier Signed-off-by: Thomas Lamprecht @@ -10,10 +10,10 @@ Signed-off-by: Thomas Lamprecht 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/ifupdown2/ifupdown/ifupdownmain.py b/ifupdown2/ifupdown/ifupdownmain.py -index f520994..9f7641a 100644 +index 01163e2..b4e1864 100644 --- a/ifupdown2/ifupdown/ifupdownmain.py +++ b/ifupdown2/ifupdown/ifupdownmain.py -@@ -2067,7 +2067,15 @@ class ifupdownMain(ifupdownBase): +@@ -2191,7 +2191,15 @@ class ifupdownMain: # append it to the down list newifaceobjlist = new_ifaceobjdict.get(ifname) if not newifaceobjlist: @@ -30,3 +30,6 @@ index f520994..9f7641a 100644 continue # If ifaceobj was present in the old interfaces file, # and does not have a config in the new interfaces file +-- +2.20.1 + diff --git a/debian/patches/pve/0007-ifreload-down-up-vxlan-interfaces-when-ifreload_down.patch b/debian/patches/pve/0005-ifreload-down-up-vxlan-interfaces-when-ifreload_down.patch similarity index 85% rename from debian/patches/pve/0007-ifreload-down-up-vxlan-interfaces-when-ifreload_down.patch rename to debian/patches/pve/0005-ifreload-down-up-vxlan-interfaces-when-ifreload_down.patch index a45c218..c9964af 100644 --- a/debian/patches/pve/0007-ifreload-down-up-vxlan-interfaces-when-ifreload_down.patch +++ b/debian/patches/pve/0005-ifreload-down-up-vxlan-interfaces-when-ifreload_down.patch @@ -1,7 +1,7 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From 2c38d0a157c8946f35a7da1c7c05484d33e6986f Mon Sep 17 00:00:00 2001 From: Alexandre Derumier Date: Wed, 5 Jun 2019 14:47:05 +0200 -Subject: [PATCH] ifreload: down/up vxlan interfaces when +Subject: [PATCH 6/7] ifreload: down/up vxlan interfaces when ifreload_down_changed=0 almost all attributes of vxlan interfaces can't be updated @@ -17,10 +17,10 @@ Signed-off-by: Thomas Lamprecht 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ifupdown2/ifupdown/ifupdownmain.py b/ifupdown2/ifupdown/ifupdownmain.py -index 9f7641a..8bb9f47 100644 +index b4e1864..9313573 100644 --- a/ifupdown2/ifupdown/ifupdownmain.py +++ b/ifupdown2/ifupdown/ifupdownmain.py -@@ -2107,7 +2107,7 @@ class ifupdownMain(ifupdownBase): +@@ -2274,7 +2274,7 @@ class ifupdownMain: % (newifaceobjlist[objidx].name, ifaceLinkKind.to_str(lastifaceobjlist[0].link_kind))) ifacedownlist.append(newifaceobjlist[objidx].name) @@ -29,3 +29,6 @@ index 9f7641a..8bb9f47 100644 continue if len(newifaceobjlist) != len(lastifaceobjlist): ifacedownlist.append(ifname) +-- +2.20.1 + diff --git a/debian/patches/pve/0006-add-uplink-id-option.patch b/debian/patches/pve/0006-add-uplink-id-option.patch deleted file mode 100644 index 07bb49d..0000000 --- a/debian/patches/pve/0006-add-uplink-id-option.patch +++ /dev/null @@ -1,27 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Alexandre Derumier -Date: Thu, 13 Jun 2019 14:40:17 +0200 -Subject: [PATCH] add uplink-id option - -Signed-off-by: Alexandre Derumier -Signed-off-by: Thomas Lamprecht ---- - ifupdown2/addons/address.py | 5 +++++ - 1 file changed, 5 insertions(+) - -diff --git a/ifupdown2/addons/address.py b/ifupdown2/addons/address.py -index f576dc0..ce56ae6 100644 ---- a/ifupdown2/addons/address.py -+++ b/ifupdown2/addons/address.py -@@ -111,6 +111,11 @@ class address(moduleBase): - 'validvals': ['yes', 'no'], - 'default' : 'no', - 'example' : ['mpls-enable yes']}, -+ 'uplink-id' : -+ { 'help': 'uplink-id', -+ 'validrange' : ['1', '4096'], -+ 'example' : ['uplink-id 1']}, -+ - 'ipv6-addrgen': { - 'help': 'enable disable ipv6 link addrgenmode', - 'validvals': ['on', 'off'], diff --git a/debian/patches/pve/0008-config-tuning.patch b/debian/patches/pve/0006-config-tuning.patch similarity index 82% rename from debian/patches/pve/0008-config-tuning.patch rename to debian/patches/pve/0006-config-tuning.patch index 9967a94..d35436c 100644 --- a/debian/patches/pve/0008-config-tuning.patch +++ b/debian/patches/pve/0006-config-tuning.patch @@ -1,7 +1,7 @@ -From 0863f43ed0621cf9cff0955c738d5e795daf76f5 Mon Sep 17 00:00:00 2001 +From bae3a66ddfad4c0fcd86deeeac10b93b587ae199 Mon Sep 17 00:00:00 2001 From: Alexandre Derumier Date: Mon, 31 Dec 2018 10:49:48 +0100 -Subject: [PATCH] config tuning +Subject: [PATCH 7/7] config tuning multiple_vlan_aware_bridge_support=1 @@ -12,10 +12,10 @@ Signed-off-by: Alexandre Derumier 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/network/ifupdown2/ifupdown2.conf b/etc/network/ifupdown2/ifupdown2.conf -index e05c35f..47898b2 100644 +index ecdd94f..57ba598 100644 --- a/etc/network/ifupdown2/ifupdown2.conf +++ b/etc/network/ifupdown2/ifupdown2.conf -@@ -42,7 +42,7 @@ addon_python_modules_support=1 +@@ -45,7 +45,7 @@ addon_python_modules_support=1 # By default ifupdown2 only supports a single vlan filtering bridge # on the system. Set this flag to 1 to support multiple vlan # filtering bridges diff --git a/debian/patches/pve/0009-add-arp-accept-option.patch b/debian/patches/pve/0009-add-arp-accept-option.patch deleted file mode 100644 index dd27ffb..0000000 --- a/debian/patches/pve/0009-add-arp-accept-option.patch +++ /dev/null @@ -1,55 +0,0 @@ -From 45db39f606e09486889128b93f1942639620d2aa Mon Sep 17 00:00:00 2001 -From: Alexandre Derumier -Date: Tue, 3 Sep 2019 09:43:38 +0200 -Subject: [PATCH] add arp-accept option. - -Currently, the only way to enable arp-accept is to enable -a policy with l3_intf_arp_accept. - -But this enable arp-accept for all bridges. - -This option allow to define it for specific bridge. - -This is needed with bgp-evpn and vm migration -https://github.com/FRRouting/frr/issues/4904 ---- - ifupdown2/addons/address.py | 9 ++++++++- - 1 file changed, 8 insertions(+), 1 deletion(-) - -diff --git a/ifupdown2/addons/address.py b/ifupdown2/addons/address.py -index f576dc0..762c58c 100644 ---- a/ifupdown2/addons/address.py -+++ b/ifupdown2/addons/address.py -@@ -96,6 +96,11 @@ class address(moduleBase): - 'dual connected VxLANs', - 'validvals' : ['', ], - 'example' : ['clagd-vxlan-anycast-ip 36.0.0.11']}, -+ 'arp-accept' : -+ { 'help': 'Allow gratuitous arp to update arp table', -+ 'validvals': ['on', 'off', 'yes', 'no', '0', '1'], -+ 'default' : 'off', -+ 'example' : ['arp-accept on']}, - 'ip-forward' : - { 'help': 'ip forwarding flag', - 'validvals': ['on', 'off', 'yes', 'no', '0', '1'], -@@ -272,6 +277,8 @@ class address(moduleBase): - def _process_bridge(self, ifaceobj, up): - hwaddress = self._get_hwaddress(ifaceobj) - addrs = ifaceobj.get_attr_value_first('address') -+ arp_accept = ifaceobj.get_attr_value_first('arp-accept') -+ arp_accept = utils.boolean_support_binary(arp_accept) - is_vlan_dev_on_vlan_aware_bridge = False - is_bridge = self.ipcmd.is_bridge(ifaceobj.name) - if not is_bridge: -@@ -290,7 +297,7 @@ class address(moduleBase): - self.write_file('/proc/sys/net/ipv4/conf/%s' % ifaceobj.name + - '/arp_accept', '0') - else: -- self.write_file('/proc/sys/net/ipv4/conf/%s/arp_accept' % ifaceobj.name, '0') -+ self.write_file('/proc/sys/net/ipv4/conf/%s/arp_accept' % ifaceobj.name, arp_accept) - if hwaddress and is_vlan_dev_on_vlan_aware_bridge: - if up: - self.ipcmd.bridge_fdb_add(bridgename, hwaddress, vlan) --- -2.20.1 - diff --git a/debian/patches/series b/debian/patches/series index a66998f..145484c 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1,9 +1,6 @@ pve/0001-don-t-remove-tap-veth-fwpr-interfaces-from-bridge-on.patch pve/0002-add-dummy-mtu-bridgevlanport-modules.patch -pve/0003-debian-fixup-networking.service.patch -pve/0004-allow-vlan-subinterface-in-a-vlan-aware-bridge.patch -pve/0005-don-t-remove-bridge-is-tap-veth-are-still-plugged.patch -pve/0006-add-uplink-id-option.patch -pve/0007-ifreload-down-up-vxlan-interfaces-when-ifreload_down.patch -pve/0008-config-tuning.patch -pve/0009-add-arp-accept-option.patch +pve/0003-allow-vlan-subinterface-in-a-vlan-aware-bridge.patch +pve/0004-don-t-remove-bridge-is-tap-veth-are-still-plugged.patch +pve/0005-ifreload-down-up-vxlan-interfaces-when-ifreload_down.patch +pve/0006-config-tuning.patch