[pve-devel] [PATCH] add bridge_vlan option to brige in /etc/network/interface v2

Alexandre Derumier aderumier at odiso.com
Thu Jan 2 16:02:41 CET 2014 

This allow to define a management vlan on the bridge

example : tagging vlan94 for vmbr0

auto vmbr0
iface vmbr0 inet static
        address X.X.X.X
        netmask 255.255.255.0
        bridge_ports bond0
        bridge_stp off
        bridge_fd 0
        bridge_vlan 94

Signed-off-by: Alexandre Derumier <aderumier at odiso.com>
---
 Makefile         |    3 ++-
 bridgevlan       |   49 +++++++++++++++++++++++++++++++++++++++++++++++++
 debian/conffiles |    1 +
 3 files changed, 52 insertions(+), 1 deletion(-)
 create mode 100755 bridgevlan

diff --git a/Makefile b/Makefile
index 9c8bf64..0005e5e 100644
--- a/Makefile
+++ b/Makefile
@@ -79,7 +79,7 @@ aplupload:
 	scp aplinfo/aplinfo.dat aplinfo.dat.gz aplinfo/aplinfo.dat.asc download1.proxmox.com:/home/ftp/appliances/
 
 .PHONY: install
-install: country.dat vznet.conf vzdump.conf vzdump-hook-script.pl pve-apt.conf pve-repo-ca-certificates.crt mtu
+install: country.dat vznet.conf vzdump.conf vzdump-hook-script.pl pve-apt.conf pve-repo-ca-certificates.crt mtu bridgevlan
 	install -d -m 0700 -o www-data -g www-data ${DESTDIR}/var/log/pveproxy
 	install -D -m 0644 debian/pve.logrotate ${DESTDIR}/etc/logrotate.d/pve
 	install -d ${DESTDIR}/usr/share/${PACKAGE}
@@ -96,6 +96,7 @@ install: country.dat vznet.conf vzdump.conf vzdump-hook-script.pl pve-apt.conf p
 	install -D -m 0644 vzdump.conf ${DESTDIR}/etc/vzdump.conf
 	install -D -m 0755 vznet.conf ${DESTDIR}/etc/vz/vznet.conf
 	install -D -m 0755 mtu ${DESTDIR}/etc/network/if-up.d/mtu
+	install -D -m 0755 bridgevlan ${DESTDIR}/etc/network/if-up.d/bridgevlan
 	install -m 0644 vzdump-hook-script.pl ${DOCDIR}/examples/vzdump-hook-script.pl
 	install -m 0644 copyright ${DOCDIR}
 	install -m 0644 debian/changelog.Debian ${DOCDIR}
diff --git a/bridgevlan b/bridgevlan
new file mode 100755
index 0000000..be2cf70
--- /dev/null
+++ b/bridgevlan
@@ -0,0 +1,49 @@
+#!/bin/sh
+
+if [ ! -x /sbin/bridge ] && [ ! -f /sys/class/net/$IFACE/bridge/vlan_filtering ]
+then
+  exit 0
+fi
+
+. /lib/bridge-utils/bridge-utils.sh
+
+case "$IF_BRIDGE_PORTS" in
+    "")
+	exit 0
+	;;
+    none)
+	INTERFACES=""
+	;;
+    *)
+	INTERFACES="$IF_BRIDGE_PORTS"
+	;;
+esac
+
+all_interfaces= &&
+unset all_interfaces &&
+bridge_parse_ports $INTERFACES | while read i
+do
+  for port in $i
+  do
+    if [ "$MODE" = "start" ] && [ -d /sys/class/net/$IFACE/brif/$port ]; then
+      #we allow vlan to pass through attached interface
+      if [ -n "$IF_BRIDGE_VLAN" ]
+      then
+	if [[ $port =~ ^(eth|bond|wlan)[0-9]{1,2}$ ]]; then
+             bridge vlan add dev $port vid $IF_BRIDGE_VLAN
+        fi
+      fi
+    fi
+  done
+done
+
+# We setup the administration vlan on the bridge
+if [ "$MODE" = "start" ] ; then
+
+  if [ -n "$IF_BRIDGE_VLAN" ]
+  then
+    echo 1 > /sys/class/net/$IFACE/bridge/vlan_filtering
+    bridge vlan add dev $IFACE vid $IF_BRIDGE_VLAN pvid untagged self 
+  fi
+
+fi
diff --git a/debian/conffiles b/debian/conffiles
index 43953c3..9ec26b0 100644
--- a/debian/conffiles
+++ b/debian/conffiles
@@ -13,3 +13,4 @@
 /etc/apt/pve-repo-ca-certificates.crt
 /etc/apt/sources.list.d/pve-enterprise.list
 /etc/network/if-up.d/mtu
+/etc/network/if-up.d/bridgevlan
-- 
1.7.10.4

More information about the pve-devel mailing list