[pve-devel] [PATCH 2/2] new linux bridge network model implementation

Alexandre Derumier aderumier at odiso.com
Fri Apr 25 08:08:19 CEST 2014


each tap interface has his own bridge, connected through veth pair to main bridge
vlans are managed at veth level.
veth is also use to manage bridge management interfaces

example
-------
pm0.94----pm0-----pm0.peer----->vmbr0<-----veth100i0--------veth100i0p.94 (taggig vlan94)--------->fwbr100i0<-----------tap100i0
bond0-------------------------->     <-----veth110i0--------veth110i0p.94 (taggig vlan94)--------->fwbr110i0<-----------tap110i0
                                     <-----veth200i0--------veth200i0p   (no vlan)---------------->fwbr200i0<-----------tap200i0

Signed-off-by: Alexandre Derumier <aderumier at odiso.com>
---
 data/PVE/Network.pm |   73 +++++++++++++++++++++++++++++++++++++++++++++++----
 1 file changed, 68 insertions(+), 5 deletions(-)

diff --git a/data/PVE/Network.pm b/data/PVE/Network.pm
index 0f8ed2f..bbf22f3 100644
--- a/data/PVE/Network.pm
+++ b/data/PVE/Network.pm
@@ -75,16 +75,80 @@ sub tap_plug {
     die "wrong interface name $iface" if !$iface_suffix;
 
     my $ovsintport = "ovsint$iface_suffix";
+    my $bridgetap = "fwbr$iface_suffix";
+    my $vethfw = "veth$iface_suffix";
+    my $vethfwpeer = $vethfw."p";
 
     #cleanup old port config from any openvswitch bridge
     eval {run_command("/usr/bin/ovs-vsctl del-port $ovsintport", outfunc => sub {}, errfunc => sub {}) };
 
+    #cleanup old vethfw interface
+    eval {run_command("/sbin/ip link delete dev $vethfw", outfunc => sub {}, errfunc => sub {}) };
+
+    #cleanup old vethfw
+
     if (-d "/sys/class/net/$bridge/bridge") {
-	my $newbridge = activate_bridge_vlan($bridge, $tag);
-	copy_bridge_config($bridge, $newbridge) if $bridge ne $newbridge;
+#	my $newbridge = activate_bridge_vlan($bridge, $tag);
+#	copy_bridge_config($bridge, $newbridge) if $bridge ne $newbridge;
+
+	my $bridgemtu = PVE::Tools::file_read_firstline("/sys/class/net/$bridge/mtu");
+	die "bridge '$bridge' does not exist\n" if !$bridgemtu;
+        #avoid insecure dependency;
+	$bridgemtu = int($bridgemtu);
+
+        # add bridgetap if it doesn't already exist
+
+        if (! -d "/sys/class/net/$bridgetap") {
+        system("/sbin/brctl addbr $bridgetap") == 0 ||
+            die "can't add bridge $bridgetap\n";
+        }
+
+        # be sure to have the bridgetap up
+        system("/sbin/ip link set $bridgetap up") == 0 ||
+            die "can't up bridge $bridgetap\n";
+
+	copy_bridge_config($bridge, $bridgetap);
+
+	# create veth pair
+        if (! -d "/sys/class/net/$vethfw") {
+
+	    system("/sbin/ip link add name $vethfw type veth peer name $vethfwpeer mtu $bridgemtu") == 0 ||
+		die "can't create interface $vethfw\n";
+	}
+
+	#up vethpair
+        system("/sbin/ip link set up dev $vethfw") == 0 ||
+            die "can't up veth $vethfw\n";
 
-	system("/sbin/brctl addif $newbridge $iface") == 0 ||
-	    die "can't add interface to bridge\n";
+        system("/sbin/ip link set up dev $vethfwpeer") == 0 ||
+            die "can't up veth $vethfw\n";
+
+
+	if($tag){
+
+	    if (! -d "/sys/class/net/$vethfwpeer.$tag") {
+		system("/sbin/ip link add link $vethfwpeer name $vethfwpeer.$tag type vlan id $tag") == 0 ||
+		    die "can't create interface vlan $vethfwpeer.$tag\n";
+	    }
+
+	    $vethfwpeer .= ".$tag";
+
+	    system("/sbin/ip link set up dev $vethfwpeer") == 0 ||
+		die "can't up veth $vethfwpeer\n";
+
+	}
+
+        # add veth to main bridge
+        system("/sbin/brctl addif $bridge $vethfw") == 0 ||
+            die "can't add interface $vethfw to bridge $bridge\n";
+
+        # add vethpeer to bridgetap
+        system("/sbin/brctl addif $bridgetap $vethfwpeer") == 0 ||
+            die "can't add interface $vethfwpeer to bridge $bridgetap\n";
+
+	# add tap to bridgetap
+	system("/sbin/brctl addif $bridgetap $iface") == 0 ||
+	    die "can't add interface $iface to bridge $bridgetap\n";
     } else {
 
 	my $bridge_hash = {};
@@ -93,7 +157,6 @@ sub tap_plug {
 
 	die "$bridge is not an linux bridge or openvswitch switch" if !$bridge_hash->{$bridge};
 
-	my $bridgetap = "fwbr$iface_suffix";
 	my $cmd = "/usr/bin/ovs-vsctl add-port $bridge $ovsintport";
 	$cmd .= " tag=$tag" if $tag;
 	$cmd .= " -- set Interface $ovsintport type=internal";
-- 
1.7.10.4



More information about the pve-devel mailing list