[pve-devel] small dhcp patch review
Alexandre DERUMIER
aderumier at odiso.com
Wed Sep 11 03:57:17 CEST 2013
Hi Dietmar,
I have tested your patches, seem to works great.
some notes:
1) we can use bridge without gateway defined. (this is my production setup, the only gateway is for the proxmox host admin ip)
sub get_dhcp_ifaces {
my ($ifaces) = @_;
my $dhcp_ifaces = {};
foreach my $iface (keys %$ifaces) {
next if $iface eq 'lo';
my $d = $ifaces->{$iface};
next if $d->{method} ne 'static';
next if !$d->{address};
next if !$d->{netmask};
next if !$d->{gateway}; #remove this
2) where to defined dhcp options ? (like gateway,..).
resources.cfg in ippool seem to be the right place.(I think you have suggested this too)
3) maybe send a warning or die if ip configured for the vm is not on the right bridge/ippool. (because it'll not get any ip from dhcp server)
Otherwise, things works fine
I was also thinking about something (not sure is a good idea):
As we could restrict user permission to use only some ippool,
maybe could we extend ipool concept to "virtual network" concept (ip range optionnal and also defined if nat|routed|bridge)
vnetwork: vnetwork_1
iprange 192.168.10.100-192.168.10.150
comment dhcp bridge
dhcp vmbr2
type bridge
vnetwork: vnetwork_2
iprange 192.168.2.100-192.168.2.150
comment dhcp routed bridge
dhcp vmbr3
type routed
vnetwork: vnetwork_3
iprange 192.168.3.100-192.168.3.150
comment dhcp nat bridge
dhcp vmbr4
type nat
vnetwork: vnetwork_4
comment simple bridge without dhcp
vmbr5
type bridge
then in vm config
instead
,bridge=vmbr2,ip=192.168.10.101
use
vnetwork=vnetwork_1,ip=192.168.10.101
So you can give to a customer an access only to a specific vnetwork, user just have to setup ip and don't need to care about bridge name,routed/bridge,vlan.
and of course we can keep old bridge option to not break current setups.
What do you think about this ?
More information about the pve-devel
mailing list