[pve-devel] [PATCH] add vlan aware bridge ifupdown script

Alexandre Derumier aderumier at odiso.com
Fri Jul 24 11:24:44 CEST 2015 

This add support to enable vlan aware bridge,
and management interfaces

example: 1 bridge and 1 administration port on vlan 100

auto vmbr0
iface vmbr0 inet manual
        bridge_ports eth0
        bridge_stp off
        bridge_fd 0
        bridge_vlan_aware yes
	bridge_vids 10-15

auto vmbr0.100
iface vmbr0.100 inet static
        address X.X.X.X
        netmask 255.255.255.0
        gateway X.X.X.X

bridge_vids is optional, and allow on the specified vlans.(current take 1 value or range, need to be improve with list)
If not specified, the allowed vlan are 2-4094.
vlan 1 is the default pvid. (all untagged traffic is going to this vlan).

Signed-off-by: Alexandre Derumier <aderumier at odiso.com>
---
 Makefile         |  4 +++-
 debian/conffiles |  2 ++
 vmbrvlan         | 38 ++++++++++++++++++++++++++++++++++++++
 3 files changed, 43 insertions(+), 1 deletion(-)
 create mode 100755 vmbrvlan

diff --git a/Makefile b/Makefile
index a09393c..6100f05 100644
--- a/Makefile
+++ b/Makefile
@@ -80,7 +80,7 @@ aplupload:
 	scp aplinfo/aplinfo.dat aplinfo.dat.gz aplinfo/aplinfo.dat.asc download1.proxmox.com:/home/ftp/appliances/
 
 .PHONY: install
-install: country.dat vznet.conf vzdump.conf vzdump-hook-script.pl pve-apt.conf pve-repo-ca-certificates.crt mtu
+install: country.dat vznet.conf vzdump.conf vzdump-hook-script.pl pve-apt.conf pve-repo-ca-certificates.crt mtu bridgevlan vmbrvlan
 	install -d -m 0700 -o www-data -g www-data ${DESTDIR}/var/log/pveproxy
 	install -D -m 0644 debian/pve.logrotate ${DESTDIR}/etc/logrotate.d/pve
 	install -d ${DESTDIR}/usr/share/${PACKAGE}
@@ -97,6 +97,8 @@ install: country.dat vznet.conf vzdump.conf vzdump-hook-script.pl pve-apt.conf p
 	install -D -m 0644 vzdump.conf ${DESTDIR}/etc/vzdump.conf
 	install -D -m 0755 vznet.conf ${DESTDIR}/etc/vz/vznet.conf
 	install -D -m 0755 mtu ${DESTDIR}/etc/network/if-up.d/mtu
+	install -D -m 0755 bridgevlan ${DESTDIR}/etc/network/if-up.d/bridgevlan
+	install -D -m 0755 vmbrvlan ${DESTDIR}/etc/network/if-pre-up.d/vmbrvlan
 	install -m 0644 vzdump-hook-script.pl ${DOCDIR}/examples/vzdump-hook-script.pl
 	install -m 0644 spice-example-sh ${DOCDIR}/examples/spice-example-sh
 	install -m 0644 copyright ${DOCDIR}
diff --git a/debian/conffiles b/debian/conffiles
index 895abdf..2916cac 100644
--- a/debian/conffiles
+++ b/debian/conffiles
@@ -11,3 +11,5 @@
 /etc/apt/pve-repo-ca-certificates.crt
 /etc/apt/sources.list.d/pve-enterprise.list
 /etc/network/if-up.d/mtu
+/etc/network/if-up.d/bridgevlan
+/etc/network/if-pre-up.d/vmbrvlan
diff --git a/vmbrvlan b/vmbrvlan
new file mode 100755
index 0000000..ee570f0
--- /dev/null
+++ b/vmbrvlan
@@ -0,0 +1,38 @@
+#!/bin/sh
+
+# Most of this stuff is to enable vlans
+
+case "$IFACE" in
+  # Ignore any alias (#272891) which uses <interface>:<alabel>
+  *:*)
+    exit 0
+  ;;
+  vmbr*.*)
+    vconfig set_name_type DEV_PLUS_VID_NO_PAD
+    VLANID=`echo $IFACE|sed "s/vmbr[0-9][0-9]*\.0*//g"`
+    IF_VLAN_RAW_DEVICE=`echo $IFACE|sed "s/\(vmbr[0-9][0-9]*\)\..*/\1/"`
+    bridge vlan add dev $IF_VLAN_RAW_DEVICE vid $VLANID self
+  ;;
+  *)
+    exit 0
+  ;;
+esac
+
+if [ -n "$IF_VLAN_RAW_DEVICE" ]; then
+    if [ ! -x /sbin/vconfig ]; then
+        exit 0
+    fi
+    if ! ip link show dev "$IF_VLAN_RAW_DEVICE" > /dev/null; then
+        echo "$IF_VLAN_RAW_DEVICE does not exist, unable to create $IFACE"
+        exit 1
+    fi
+    if [ ! -e "/sys/class/net/$IFACE" ]; then
+        ip link set up dev $IF_VLAN_RAW_DEVICE
+        vconfig add $IF_VLAN_RAW_DEVICE $VLANID
+    fi
+fi
+
+# This is not vlan specific, and should actually go somewhere else.
+if [ -n "$IF_HW_MAC_ADDRESS" ]; then
+    ip link set $IFACE address $IF_HW_MAC_ADDRESS
+fi
-- 
2.1.4

More information about the pve-devel mailing list