[pve-devel] [PATCH container] add support for network trunks

Wolfgang Bumiller w.bumiller at proxmox.com
Mon Jan 18 09:29:53 CET 2016 

Like in qemu:

allow only 802.1Q packets with vlanid 2,3,4 :
netx: .....,trunks=2,3,4

allow only 802.1Q packets with vlanid 2,3,4 and tag non-802.1Q packets to vlanid 5 :
netx: tag=5,trunks=2,3,4

tag non-802.1Q packets to vlanid 5
netx: tag=5
---
 src/PVE/LXC.pm  | 13 ++++++++++---
 src/lxcnetaddbr |  3 ++-
 2 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
index f964aca..035b3ab 100644
--- a/src/PVE/LXC.pm
+++ b/src/PVE/LXC.pm
@@ -336,7 +336,14 @@ my $netconf_desc = {
 	format_description => 'VlanNo',
 	minimum => '2',
 	maximum => '4094',
-	description => "VLAN tag foro this interface.",
+	description => "VLAN tag for this interface.",
+	optional => 1,
+    },
+    trunks => {
+	type => 'string',
+	pattern => qr/\d+(?:;\d+)*/,
+	format_description => 'vlanid[;vlanid...]',
+	description => "VLAN ids to pass through the interface",
 	optional => 1,
     },
 };
@@ -1531,7 +1538,7 @@ sub update_net {
 		    write_config($vmid, $conf);
 		}
 
-		PVE::Network::tap_plug($veth, $newnet->{bridge}, $newnet->{tag}, $newnet->{firewall});
+		PVE::Network::tap_plug($veth, $newnet->{bridge}, $newnet->{tag}, $newnet->{firewall}, $newnet->{trunks});
 		foreach (qw(bridge tag firewall)) {
 		    $oldnet->{$_} = $newnet->{$_} if $newnet->{$_};
 		}
@@ -1553,7 +1560,7 @@ sub hotplug_net {
     my $eth = $newnet->{name};
 
     PVE::Network::veth_create($veth, $vethpeer, $newnet->{bridge}, $newnet->{hwaddr});
-    PVE::Network::tap_plug($veth, $newnet->{bridge}, $newnet->{tag}, $newnet->{firewall});
+    PVE::Network::tap_plug($veth, $newnet->{bridge}, $newnet->{tag}, $newnet->{firewall}, $newnet->{trunks});
 
     # attach peer in container
     my $cmd = ['lxc-device', '-n', $vmid, 'add', $vethpeer, "$eth" ];
diff --git a/src/lxcnetaddbr b/src/lxcnetaddbr
index 44ba24a..254ea6c 100755
--- a/src/lxcnetaddbr
+++ b/src/lxcnetaddbr
@@ -40,6 +40,7 @@ my $net = PVE::LXC::parse_lxc_network($netconf);
 my $tag = $net->{tag};
 my $firewall = $net->{firewall};
 my $bridge = $net->{bridge};
+my $trunks = $net->{trunks};
 
 die "missing bridge configuration" if !$bridge;
 
@@ -52,7 +53,7 @@ if (-d "/sys/class/net/$iface") {
 
     PVE::Tools::run_command("/sbin/ip link set dev $iface up mtu $bridgemtu");
     PVE::Tools::run_command("/sbin/ip addr add 0.0.0.0/0 dev $iface");
-    PVE::Network::tap_plug($iface, $bridge, $tag, $firewall);
+    PVE::Network::tap_plug($iface, $bridge, $tag, $firewall, $trunks);
 }
 
 exit 0;
-- 
2.1.4

More information about the pve-devel mailing list