[pve-devel] [PATCH] add vlan aware bridge ifupdown script

Alexandre DERUMIER aderumier at odiso.com
Fri Jul 24 14:10:27 CEST 2015 

>>On the vmbr interfaces we separate vlans with a 'v' (ie vmbr0v5 would
>>be vmbr0's vlan 5), or is a change to dotted notation required for this?
>>We use the dots only on physical interfaces.

It's not a new bridge, it's a self tagged interface inside the bridge.



>> + VLANID=`echo $IFACE|sed "s/vmbr[0-9][0-9]*\.0*//g"` 

>>>Why the /0*/? 
>>Btw. sed without -r does have a 1-or-more match, too, you just have to 
>>escape it: /[0-9]\+/. (Though I very much recommend using the -r switch 
>>for simplicity (and because regex(7) calls basic ones "obsolete" ;-) )). 
>>(And an ^ at the beginning might be good here?) 
>>
>>Personally I'd recommend bash over dash since it supports REs and more 
>>substitutions without having to fork out to an echo+sed pipe. 
>>
>> + IF_VLAN_RAW_DEVICE=`echo $IFACE|sed "s/\(vmbr[0-9][0-9]*\)\..*/\1/"` 
>>Maybe ${IFACE%%.*} is sufficient here? (both dash and bash compatible) 

I have simply copy/paste current code from /etc/network/if-pre-up.d/vlan
So, it should work with bash and dash ?





----- Mail original -----
De: "Wolfgang Bumiller" <w.bumiller at proxmox.com>
À: "aderumier" <aderumier at odiso.com>
Cc: "pve-devel" <pve-devel at pve.proxmox.com>
Envoyé: Vendredi 24 Juillet 2015 12:12:39
Objet: Re: [pve-devel] [PATCH] add vlan aware bridge ifupdown script

A couple of questions: 

> + vmbr*.*) 

On the vmbr interfaces we separate vlans with a 'v' (ie vmbr0v5 would 
be vmbr0's vlan 5), or is a change to dotted notation required for this? 
We use the dots only on physical interfaces. 

> + VLANID=`echo $IFACE|sed "s/vmbr[0-9][0-9]*\.0*//g"` 

Why the /0*/? 
Btw. sed without -r does have a 1-or-more match, too, you just have to 
escape it: /[0-9]\+/. (Though I very much recommend using the -r switch 
for simplicity (and because regex(7) calls basic ones "obsolete" ;-) )). 
(And an ^ at the beginning might be good here?) 

Personally I'd recommend bash over dash since it supports REs and more 
substitutions without having to fork out to an echo+sed pipe. 

> + IF_VLAN_RAW_DEVICE=`echo $IFACE|sed "s/\(vmbr[0-9][0-9]*\)\..*/\1/"` 
Maybe ${IFACE%%.*} is sufficient here? (both dash and bash compatible) 

On Fri, Jul 24, 2015 at 11:24:44AM +0200, Alexandre Derumier wrote: 
> This add support to enable vlan aware bridge, 
> and management interfaces 
> 
> example: 1 bridge and 1 administration port on vlan 100 
> 
> auto vmbr0 
> iface vmbr0 inet manual 
> bridge_ports eth0 
> bridge_stp off 
> bridge_fd 0 
> bridge_vlan_aware yes 
> bridge_vids 10-15 
> 
> auto vmbr0.100 
> iface vmbr0.100 inet static 
> address X.X.X.X 
> netmask 255.255.255.0 
> gateway X.X.X.X 
> 
> bridge_vids is optional, and allow on the specified vlans.(current take 1 value or range, need to be improve with list) 
> If not specified, the allowed vlan are 2-4094. 
> vlan 1 is the default pvid. (all untagged traffic is going to this vlan). 
> 
> Signed-off-by: Alexandre Derumier <aderumier at odiso.com> 
> --- 
> Makefile | 4 +++- 
> debian/conffiles | 2 ++ 
> vmbrvlan | 38 ++++++++++++++++++++++++++++++++++++++ 
> 3 files changed, 43 insertions(+), 1 deletion(-) 
> create mode 100755 vmbrvlan 
> 
> diff --git a/Makefile b/Makefile 
> index a09393c..6100f05 100644 
> --- a/Makefile 
> +++ b/Makefile 
> @@ -80,7 +80,7 @@ aplupload: 
> scp aplinfo/aplinfo.dat aplinfo.dat.gz aplinfo/aplinfo.dat.asc download1.proxmox.com:/home/ftp/appliances/ 
> 
> .PHONY: install 
> -install: country.dat vznet.conf vzdump.conf vzdump-hook-script.pl pve-apt.conf pve-repo-ca-certificates.crt mtu 
> +install: country.dat vznet.conf vzdump.conf vzdump-hook-script.pl pve-apt.conf pve-repo-ca-certificates.crt mtu bridgevlan vmbrvlan 
> install -d -m 0700 -o www-data -g www-data ${DESTDIR}/var/log/pveproxy 
> install -D -m 0644 debian/pve.logrotate ${DESTDIR}/etc/logrotate.d/pve 
> install -d ${DESTDIR}/usr/share/${PACKAGE} 
> @@ -97,6 +97,8 @@ install: country.dat vznet.conf vzdump.conf vzdump-hook-script.pl pve-apt.conf p 
> install -D -m 0644 vzdump.conf ${DESTDIR}/etc/vzdump.conf 
> install -D -m 0755 vznet.conf ${DESTDIR}/etc/vz/vznet.conf 
> install -D -m 0755 mtu ${DESTDIR}/etc/network/if-up.d/mtu 
> + install -D -m 0755 bridgevlan ${DESTDIR}/etc/network/if-up.d/bridgevlan 
> + install -D -m 0755 vmbrvlan ${DESTDIR}/etc/network/if-pre-up.d/vmbrvlan 
> install -m 0644 vzdump-hook-script.pl ${DOCDIR}/examples/vzdump-hook-script.pl 
> install -m 0644 spice-example-sh ${DOCDIR}/examples/spice-example-sh 
> install -m 0644 copyright ${DOCDIR} 
> diff --git a/debian/conffiles b/debian/conffiles 
> index 895abdf..2916cac 100644 
> --- a/debian/conffiles 
> +++ b/debian/conffiles 
> @@ -11,3 +11,5 @@ 
> /etc/apt/pve-repo-ca-certificates.crt 
> /etc/apt/sources.list.d/pve-enterprise.list 
> /etc/network/if-up.d/mtu 
> +/etc/network/if-up.d/bridgevlan 
> +/etc/network/if-pre-up.d/vmbrvlan 
> diff --git a/vmbrvlan b/vmbrvlan 
> new file mode 100755 
> index 0000000..ee570f0 
> --- /dev/null 
> +++ b/vmbrvlan 
> @@ -0,0 +1,38 @@ 
> +#!/bin/sh 
> + 
> +# Most of this stuff is to enable vlans 
> + 
> +case "$IFACE" in 
> + # Ignore any alias (#272891) which uses <interface>:<alabel> 
> + *:*) 
> + exit 0 
> + ;; 
> + vmbr*.*) 
> + vconfig set_name_type DEV_PLUS_VID_NO_PAD 
> + VLANID=`echo $IFACE|sed "s/vmbr[0-9][0-9]*\.0*//g"` 
> + IF_VLAN_RAW_DEVICE=`echo $IFACE|sed "s/\(vmbr[0-9][0-9]*\)\..*/\1/"` 
> + bridge vlan add dev $IF_VLAN_RAW_DEVICE vid $VLANID self 
> + ;; 
> + *) 
> + exit 0 
> + ;; 
> +esac 
> + 
> +if [ -n "$IF_VLAN_RAW_DEVICE" ]; then 
> + if [ ! -x /sbin/vconfig ]; then 
> + exit 0 
> + fi 
> + if ! ip link show dev "$IF_VLAN_RAW_DEVICE" > /dev/null; then 
> + echo "$IF_VLAN_RAW_DEVICE does not exist, unable to create $IFACE" 
> + exit 1 
> + fi 
> + if [ ! -e "/sys/class/net/$IFACE" ]; then 
> + ip link set up dev $IF_VLAN_RAW_DEVICE 
> + vconfig add $IF_VLAN_RAW_DEVICE $VLANID 
> + fi 
> +fi 
> + 
> +# This is not vlan specific, and should actually go somewhere else. 
> +if [ -n "$IF_HW_MAC_ADDRESS" ]; then 
> + ip link set $IFACE address $IF_HW_MAC_ADDRESS 
> +fi 
> -- 
> 2.1.4 
> 
> _______________________________________________ 
> pve-devel mailing list 
> pve-devel at pve.proxmox.com 
> http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel 
>

More information about the pve-devel mailing list