[pve-devel] [PATCH ifupdown2 2/2] d/patches: translate altnames before accessing sysctls in address module

Christoph Heiss c.heiss at proxmox.com
Thu Jul 31 16:39:01 CEST 2025


Requires changes to both our altname support patch, as well as the IPv6
SLAAC support patch. The latter is applied after the altname support and
introduces more sysctl operations.

The changes are pretty straight-forward, basically replacing
`ifaceobj.name` access with the translated ifname.

Signed-off-by: Christoph Heiss <c.heiss at proxmox.com>
---

Notes:
    Stumbled upon this while doing some more testing and suddenly getting
    `setting_default_value is not defined` errors - which traced back to the
    SLAAC support, and prompted me to dig deeper.

 ...-add-transparent-support-interface-a.patch | 107 +++++++++++++++++-
 ...6-slaac-support-inet6-auto-accept_ra.patch |  53 +++++----
 2 files changed, 134 insertions(+), 26 deletions(-)

diff --git a/debian/patches/pve/0011-nlmanager-addons-add-transparent-support-interface-a.patch b/debian/patches/pve/0011-nlmanager-addons-add-transparent-support-interface-a.patch
index e99dc3a..fe2b197 100644
--- a/debian/patches/pve/0011-nlmanager-addons-add-transparent-support-interface-a.patch
+++ b/debian/patches/pve/0011-nlmanager-addons-add-transparent-support-interface-a.patch
@@ -1,4 +1,4 @@
-From acab81c40482f2c3cdff25c599fe690fc466b0be Mon Sep 17 00:00:00 2001
+From ca818a46bc5519adde981df317ac635e064eae45 Mon Sep 17 00:00:00 2001
 From: Christoph Heiss <c.heiss at proxmox.com>
 Date: Fri, 11 Jul 2025 17:45:47 +0200
 Subject: [PATCH] nlmanager, addons: add transparent support interface altnames
@@ -18,6 +18,7 @@ name(s) and add the appropriate translation there too.
 
 Signed-off-by: Christoph Heiss <c.heiss at proxmox.com>
 ---
+ ifupdown2/addons/address.py          |  27 +++----
  ifupdown2/addons/bond.py             |   9 ++-
  ifupdown2/addons/bridge.py           |  14 ----
  ifupdown2/addons/openvswitch.py      |   1 +
@@ -28,8 +29,110 @@ Signed-off-by: Christoph Heiss <c.heiss at proxmox.com>
  ifupdown2/lib/nlcache.py             | 102 +++++++++++++++++++++++++++
  ifupdown2/nlmanager/nlmanager.py     |  15 ++++
  ifupdown2/nlmanager/nlpacket.py      |  63 +++++++++++++++++
- 10 files changed, 246 insertions(+), 36 deletions(-)
+ 11 files changed, 260 insertions(+), 49 deletions(-)
 
+diff --git a/ifupdown2/addons/address.py b/ifupdown2/addons/address.py
+index 20f8866..c19b138 100644
+--- a/ifupdown2/addons/address.py
++++ b/ifupdown2/addons/address.py
+@@ -912,6 +912,7 @@ class address(AddonWithIpBlackList, moduleBase):
+         self.write_file("/proc/sys/net/%s/conf/%s/forwarding" % (family, ifname), "%s\n" % value)
+ 
+     def _sysctl_config(self, ifaceobj):
++        ifacename = self.cache.link_translate_altname(ifaceobj.name)
+         setting_default_value = False
+         mpls_enable = ifaceobj.get_attr_value_first('mpls-enable');
+         if not mpls_enable:
+@@ -923,17 +924,17 @@ class address(AddonWithIpBlackList, moduleBase):
+         if ifupdownflags.flags.PERFMODE:
+             running_mpls_enable = '0'
+         else:
+-            running_mpls_enable = str(self.cache.get_netconf_mpls_input(ifaceobj.name))
++            running_mpls_enable = str(self.cache.get_netconf_mpls_input(ifacename))
+ 
+         if mpls_enable != running_mpls_enable:
+             try:
+                 self.sysctl_set('net.mpls.conf.%s.input'
+-                                %('/'.join(ifaceobj.name.split("."))),
++                                %('/'.join(ifacename.split("."))),
+                                 mpls_enable)
+             except Exception as e:
+                 if not setting_default_value:
+                     ifaceobj.status = ifaceStatus.ERROR
+-                    self.logger.error('%s: %s' %(ifaceobj.name, str(e)))
++                    self.logger.error('%s: %s' %(ifacename, str(e)))
+ 
+         if (ifaceobj.link_kind & ifaceLinkKind.BRIDGE):
+             self._set_bridge_forwarding(ifaceobj)
+@@ -948,21 +949,21 @@ class address(AddonWithIpBlackList, moduleBase):
+         if ifupdownflags.flags.PERFMODE:
+             if ipforward:
+                 self.sysctl_set('net.ipv4.conf.%s.forwarding'
+-                                 %('/'.join(ifaceobj.name.split("."))),
++                                 %('/'.join(ifacename.split("."))),
+                                 utils.boolean_support_binary(ipforward))
+             if ip6forward:
+                 self.sysctl_set('net.ipv6.conf.%s.forwarding'
+-                                %('/'.join(ifaceobj.name.split("."))),
++                                %('/'.join(ifacename.split("."))),
+                                 utils.boolean_support_binary(ip6forward))
+             return
+         bridge_port = ifaceobj.link_privflags & ifaceLinkPrivFlags.BRIDGE_PORT
+         if bridge_port:
+             if ipforward:
+                 self.log_error('%s: \'ip-forward\' is not supported for '
+-                               'bridge port' %ifaceobj.name)
++                               'bridge port' %ifacename)
+             if ip6forward:
+                 self.log_error('%s: \'ip6-forward\' is not supported for '
+-                               'bridge port' %ifaceobj.name)
++                               'bridge port' %ifacename)
+             return
+         setting_default_value = False
+         if not ipforward:
+@@ -970,16 +971,16 @@ class address(AddonWithIpBlackList, moduleBase):
+             ipforward = self.ipforward
+         if ipforward:
+             ipforward = int(utils.get_boolean_from_string(ipforward))
+-            running_ipforward = self.cache.get_netconf_forwarding(socket.AF_INET, ifaceobj.name)
++            running_ipforward = self.cache.get_netconf_forwarding(socket.AF_INET, ifacename)
+             if ipforward != running_ipforward:
+                 try:
+                     self.sysctl_set('net.ipv4.conf.%s.forwarding'
+-                                    %('/'.join(ifaceobj.name.split("."))),
++                                    %('/'.join(ifacename.split("."))),
+                                     ipforward)
+                 except Exception as e:
+                     if not setting_default_value:
+                         ifaceobj.status = ifaceStatus.ERROR
+-                        self.logger.error('%s: %s' %(ifaceobj.name, str(e)))
++                        self.logger.error('%s: %s' %(ifacename, str(e)))
+ 
+         setting_default_value = False
+ 
+@@ -989,11 +990,11 @@ class address(AddonWithIpBlackList, moduleBase):
+ 
+         if ip6forward:
+             ip6forward = int(utils.get_boolean_from_string(ip6forward))
+-            running_ip6forward = self.cache.get_netconf_forwarding(socket.AF_INET6, ifaceobj.name)
++            running_ip6forward = self.cache.get_netconf_forwarding(socket.AF_INET6, ifacename)
+             if ip6forward != running_ip6forward:
+                 try:
+                     self.sysctl_set('net.ipv6.conf.%s.forwarding'
+-                                    %('/'.join(ifaceobj.name.split("."))),
++                                    %('/'.join(ifacename.split("."))),
+                                     ip6forward)
+                 except Exception as e:
+                     # There is chance of ipv6 being removed because of,
+@@ -1002,7 +1003,7 @@ class address(AddonWithIpBlackList, moduleBase):
+                     # ip6-forward
+                     if not setting_default_value:
+                        ifaceobj.status = ifaceStatus.ERROR
+-                       self.logger.error('%s: %s' %(ifaceobj.name, str(e)))
++                       self.logger.error('%s: %s' %(ifacename, str(e)))
+ 
+     def process_mtu(self, ifaceobj, ifaceobj_getfunc):
+ 
 diff --git a/ifupdown2/addons/bond.py b/ifupdown2/addons/bond.py
 index 2af5cf6..d5a7f3d 100644
 --- a/ifupdown2/addons/bond.py
diff --git a/debian/patches/upstream/0001-add-ipv6-slaac-support-inet6-auto-accept_ra.patch b/debian/patches/upstream/0001-add-ipv6-slaac-support-inet6-auto-accept_ra.patch
index 8a03cd8..4d5dbff 100644
--- a/debian/patches/upstream/0001-add-ipv6-slaac-support-inet6-auto-accept_ra.patch
+++ b/debian/patches/upstream/0001-add-ipv6-slaac-support-inet6-auto-accept_ra.patch
@@ -1,4 +1,4 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From 38dadc7048726671b8e1bf6c63a3313720afeaf9 Mon Sep 17 00:00:00 2001
 From: Alexandre Derumier <aderumier at odiso.com>
 Date: Tue, 9 May 2023 17:48:14 +0200
 Subject: [PATCH] add ipv6 slaac support (inet6 auto && accept_ra)
@@ -12,9 +12,10 @@ upstream pull request:
 https://github.com/CumulusNetworks/ifupdown2/pull/259
 Signed-off-by: Alexandre Derumier <aderumier at odiso.com>
 Signed-off-by: Thomas Lamprecht <t.lamprecht at proxmox.com>
+Signed-off-by: Christoph Heiss <c.heiss at proxmox.com>
 ---
  etc/network/ifupdown2/addons.conf       |   2 +
- ifupdown2/addons/address.py             | 107 +++++++++++++--
+ ifupdown2/addons/address.py             | 108 +++++++++++++--
  ifupdown2/addons/auto.py                | 168 ++++++++++++++++++++++++
  ifupdown2/addons/dhcp.py                |  18 +--
  ifupdown2/ifupdown/iface.py             |   4 +
@@ -22,7 +23,7 @@ Signed-off-by: Thomas Lamprecht <t.lamprecht at proxmox.com>
  ifupdown2/lib/nlcache.py                |  63 ++++++++-
  ifupdown2/man/interfaces.5.rst          |   9 ++
  ifupdown2/nlmanager/nlpacket.py         |  24 +++-
- 9 files changed, 371 insertions(+), 26 deletions(-)
+ 9 files changed, 372 insertions(+), 26 deletions(-)
  create mode 100644 ifupdown2/addons/auto.py
 
 diff --git a/etc/network/ifupdown2/addons.conf b/etc/network/ifupdown2/addons.conf
@@ -46,10 +47,10 @@ index a8f2317..5a3964d 100644
  down,address
  down,usercmds
 diff --git a/ifupdown2/addons/address.py b/ifupdown2/addons/address.py
-index 20f8866..a2918e9 100644
+index c19b138..3ab8309 100644
 --- a/ifupdown2/addons/address.py
 +++ b/ifupdown2/addons/address.py
-@@ -194,6 +194,18 @@ class address(AddonWithIpBlackList, moduleBase):
+@@ -193,6 +193,18 @@ class address(AddonWithIpBlackList, moduleBase):
                  "validvals": ['on', 'off', 'yes', 'no', '0', '1'],
                  "default": "no",
                  "aliases": ["disable-ip6"]
@@ -133,12 +134,14 @@ index 20f8866..a2918e9 100644
              if netconf_ipv4_forwarding:
                  self.sysctl_write_forwarding_value_to_proc(ifname, "ipv4", 0)
              if netconf_ipv6_forwarding:
-@@ -911,6 +945,43 @@ class address(AddonWithIpBlackList, moduleBase):
+@@ -911,6 +945,44 @@ class address(AddonWithIpBlackList, moduleBase):
      def sysctl_write_forwarding_value_to_proc(self, ifname, family, value):
          self.write_file("/proc/sys/net/%s/conf/%s/forwarding" % (family, ifname), "%s\n" % value)
  
 +    def _sysctl_slaac(self, ifaceobj):
++        ifacename = self.cache.link_translate_altname(ifaceobj.name)
 +        addr_method = ifaceobj.addr_method
++
 +        if addr_method not in ["auto"]:
 +
 +            try:
@@ -151,9 +154,9 @@ index 20f8866..a2918e9 100644
 +
 +                if running_accept_ra != accept_ra:
 +                    self.sysctl_set('net.ipv6.conf.%s.accept_ra'
-+                                    %('/'.join(ifaceobj.name.split("."))),
++                                    %('/'.join(ifacename.split("."))),
 +                                    accept_ra)
-+                    self.cache.update_link_inet6_accept_ra(ifaceobj.name, accept_ra)
++                    self.cache.update_link_inet6_accept_ra(ifacename, accept_ra)
 +
 +                running_autoconf = self.cache.get_link_inet6_autoconf(ifaceobj)
 +                if running_autoconf == '':
@@ -164,29 +167,28 @@ index 20f8866..a2918e9 100644
 +
 +                if running_autoconf != autoconf:
 +                    self.sysctl_set('net.ipv6.conf.%s.autoconf'
-+                                    %('/'.join(ifaceobj.name.split("."))),
++                                    %('/'.join(ifacename.split("."))),
 +                                    autoconf)
-+                    self.cache.update_link_inet6_autoconf(ifaceobj.name, autoconf)
++                    self.cache.update_link_inet6_autoconf(ifacename, autoconf)
 +
 +            except Exception as e:
-+                if not setting_default_value:
-+                    ifaceobj.status = ifaceStatus.ERROR
-+                    self.logger.error('%s: %s' %(ifaceobj.name, str(e)))
++                ifaceobj.status = ifaceStatus.ERROR
++                self.logger.error('%s: %s' %(ifacename, str(e)))
 +
 +
      def _sysctl_config(self, ifaceobj):
+         ifacename = self.cache.link_translate_altname(ifaceobj.name)
          setting_default_value = False
-         mpls_enable = ifaceobj.get_attr_value_first('mpls-enable');
-@@ -1004,6 +1075,8 @@ class address(AddonWithIpBlackList, moduleBase):
+@@ -1005,6 +1077,8 @@ class address(AddonWithIpBlackList, moduleBase):
                         ifaceobj.status = ifaceStatus.ERROR
-                        self.logger.error('%s: %s' %(ifaceobj.name, str(e)))
+                        self.logger.error('%s: %s' %(ifacename, str(e)))
  
 +        self._sysctl_slaac(ifaceobj)
 +
      def process_mtu(self, ifaceobj, ifaceobj_getfunc):
  
          if ifaceobj.link_privflags & ifaceLinkPrivFlags.OPENVSWITCH:
-@@ -1041,7 +1114,7 @@ class address(AddonWithIpBlackList, moduleBase):
+@@ -1042,7 +1116,7 @@ class address(AddonWithIpBlackList, moduleBase):
              # no need to go further during perfmode (boot)
              return
  
@@ -195,7 +197,7 @@ index 20f8866..a2918e9 100644
              return
  
          if not user_configured_ipv6_addrgen:
-@@ -1268,7 +1341,7 @@ class address(AddonWithIpBlackList, moduleBase):
+@@ -1269,7 +1343,7 @@ class address(AddonWithIpBlackList, moduleBase):
              if not self.cache.link_exists(ifaceobj.name):
                  return
              addr_method = ifaceobj.addr_method
@@ -204,7 +206,7 @@ index 20f8866..a2918e9 100644
                  if ifaceobj.get_attr_value_first('address-purge')=='no':
                      addrlist = ifaceobj.get_attr_value('address')
                      for addr in addrlist or []:
-@@ -1381,6 +1454,22 @@ class address(AddonWithIpBlackList, moduleBase):
+@@ -1382,6 +1456,22 @@ class address(AddonWithIpBlackList, moduleBase):
              ifaceobjcurr.update_config_with_status('mpls-enable',
                                                     running_mpls_enable,
                                              mpls_enable != running_mpls_enable)
@@ -227,7 +229,7 @@ index 20f8866..a2918e9 100644
          return
  
      def query_check_ipv6_addrgen(self, ifaceobj, ifaceobjcurr):
-@@ -1451,7 +1540,7 @@ class address(AddonWithIpBlackList, moduleBase):
+@@ -1452,7 +1542,7 @@ class address(AddonWithIpBlackList, moduleBase):
  
      def _query_check_address(self, ifaceobj, ifaceobjcurr, ifaceobj_getfunc):
          """ ifquery-check: attribute: "address" """
@@ -475,7 +477,7 @@ index 55f93fa..bfdc349 100644
  
      def __init__(self, interfacesfile='/etc/network/interfaces',
 diff --git a/ifupdown2/lib/nlcache.py b/ifupdown2/lib/nlcache.py
-index bbd2a8b..8d67cba 100644
+index 891524e..e5a42ef 100644
 --- a/ifupdown2/lib/nlcache.py
 +++ b/ifupdown2/lib/nlcache.py
 @@ -152,7 +152,7 @@ class _NetlinkCache:
@@ -487,7 +489,7 @@ index bbd2a8b..8d67cba 100644
      )
  
      def __init__(self):
-@@ -1179,6 +1179,52 @@ class _NetlinkCache:
+@@ -1217,6 +1217,52 @@ class _NetlinkCache:
          except TypeError as e:
              return self.__handle_type_error(inspect.currentframe().f_code.co_name, ifname, str(e), return_value=0)
  
@@ -540,7 +542,7 @@ index bbd2a8b..8d67cba 100644
      #####################################################
      #####################################################
      #####################################################
-@@ -1745,6 +1791,21 @@ class _NetlinkCache:
+@@ -1833,6 +1879,21 @@ class _NetlinkCache:
          except (KeyError, AttributeError):
              return addresses
  
@@ -590,7 +592,7 @@ index 262d726..ca461ea 100644
          source /etc/network/interfaces.d/*
  
 diff --git a/ifupdown2/nlmanager/nlpacket.py b/ifupdown2/nlmanager/nlpacket.py
-index ed463c2..4d6a4c4 100644
+index efc4c4e..95d59dc 100644
 --- a/ifupdown2/nlmanager/nlpacket.py
 +++ b/ifupdown2/nlmanager/nlpacket.py
 @@ -1818,6 +1818,15 @@ class AttributeIFLA_AF_SPEC(Attribute):
@@ -632,3 +634,6 @@ index ed463c2..4d6a4c4 100644
                              inet6_attr[inet6_attr_type] = self.decode_one_byte_attribute(sub_attr_data)
  
                              # nlmanager doesn't support multiple kernel version
+-- 
+2.49.0
+
-- 
2.49.0





More information about the pve-devel mailing list