On Fri, Feb 17, 2012 at 10:55 AM, Laine Stump <laine(a)laine.org
<mailto:laine@laine.org>> wrote:
On 02/16/2012 06:49 PM, Ansis Atteka wrote:
> Currently libvirt sets the attached-mac to altered MAC address
that has
> first byte set to FE. This patch will change that behavior by
using the
> original (unaltered) MAC address from the domain XML
configuration file.
Maybe I didn't read thoroughly enough, but I don't see where it
changes
the behavior - in the cases where previously the first byte was set to
0xFE, now you send discourage=true, and in the cases where it didn't,
now you send discourage=false.
"discourage" means whether bridge should be discouraged to use the
newly added
TAP device's MAC address. Libvirt does that by setting the first MAC
address byte
high enough.
And here is how this patch works:
1. Now in virNetDevTapCreateInBridgePort() function we always pass
exactly the same MAC address that was defined in XML.
2. If "discourage" flag was set to true, then we create a copy of MAC
address and set its first byte to 0xFE
3. virNetDevSetMAC() function would use the MAC address that was
product of #2
4. while virNetDevOpenvswitchAddPort() function would use the
original MAC address that was passed in #1 (this code did not need
to be changed so most likely that was the reason why you did not
notice behavior changes)
Right. That's what I missed - all I saw was every occurrence of creating
a temporary mac address with 0xFE in the first byte replaced with adding
"discourage=true" to the args. I didn't notice that
virNetDevOpenvswitchAddPort() takes the macaddr (while
virNetDevBridgeAddPort() doesn't).
But that means that the tap device has been created with an
0xFE-initiated MAC address, and then you attach to the bridge using the
unmodified address. Is the issue that the mac address used during the
attach needs to match the MAC address that will be in the traffic? Do
connections to an openvswitch bridge have an implied MAC filter on them,
such that only that MAC address gets through?
(Also, the only time discourage is false is for libvirt's virtual
network bridges. I'm wondering if they could also use the modified MAC
address for the tap devices - if that was the case we could just always
create the temporary MAC address in virNetDevTapCreateInBridgePort()
(and always set the tap device's mac to that).)
Let's let this sit over the weekend and see if anyone else has a
brilliant idea/insight.
Is this a precursor to something else? Does openvswitch maybe not need
this extremely high MAC address?
> ---
> src/network/bridge_driver.c | 2 +-
> src/qemu/qemu_command.c | 5 +----
> src/uml/uml_conf.c | 5 +----
> src/util/virnetdevtap.c | 11 ++++++++++-
> src/util/virnetdevtap.h | 1 +
> 5 files changed, 14 insertions(+), 10 deletions(-)
>
> diff --git a/src/network/bridge_driver.c
b/src/network/bridge_driver.c
> index 8575d3e..3e1e031 100644
> --- a/src/network/bridge_driver.c
> +++ b/src/network/bridge_driver.c
> @@ -1766,7 +1766,7 @@ networkStartNetworkVirtual(struct
network_driver *driver,
> }
> if (virNetDevTapCreateInBridgePort(network->def->bridge,
> &macTapIfName,
network->def->mac,
> - 0, false, NULL,
NULL) < 0) {
> + false, 0, false,
NULL, NULL) < 0) {
> VIR_FREE(macTapIfName);
> goto err0;
> }
> diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
> index 5a34504..671054c 100644
> --- a/src/qemu/qemu_command.c
> +++ b/src/qemu/qemu_command.c
> @@ -180,7 +180,6 @@ qemuNetworkIfaceConnect(virDomainDefPtr def,
> int tapfd = -1;
> int vnet_hdr = 0;
> bool template_ifname = false;
> - unsigned char tapmac[VIR_MAC_BUFLEN];
> int actualType = virDomainNetGetActualType(net);
>
> if (actualType == VIR_DOMAIN_NET_TYPE_NETWORK) {
> @@ -244,9 +243,7 @@ qemuNetworkIfaceConnect(virDomainDefPtr def,
> net->model && STREQ(net->model, "virtio"))
> vnet_hdr = 1;
>
> - memcpy(tapmac, net->mac, VIR_MAC_BUFLEN);
> - tapmac[0] = 0xFE; /* Discourage bridge from using TAP dev
MAC */
> - err = virNetDevTapCreateInBridgePort(brname, &net->ifname,
tapmac,
> + err = virNetDevTapCreateInBridgePort(brname, &net->ifname,
net->mac, true,
> vnet_hdr, true, &tapfd,
>
virDomainNetGetActualVirtPortProfile(net));
> virDomainAuditNetDevice(def, net, "/dev/net/tun", tapfd >=
0);
> diff --git a/src/uml/uml_conf.c b/src/uml/uml_conf.c
> index dbbbfda..c7b29a0 100644
> --- a/src/uml/uml_conf.c
> +++ b/src/uml/uml_conf.c
> @@ -127,7 +127,6 @@ umlConnectTapDevice(virConnectPtr conn,
> const char *bridge)
> {
> bool template_ifname = false;
> - unsigned char tapmac[VIR_MAC_BUFLEN];
>
> if (!net->ifname ||
> STRPREFIX(net->ifname, VIR_NET_GENERATED_PREFIX) ||
> @@ -139,9 +138,7 @@ umlConnectTapDevice(virConnectPtr conn,
> template_ifname = true;
> }
>
> - memcpy(tapmac, net->mac, VIR_MAC_BUFLEN);
> - tapmac[0] = 0xFE; /* Discourage bridge from using TAP dev
MAC */
> - if (virNetDevTapCreateInBridgePort(bridge, &net->ifname,
tapmac,
> + if (virNetDevTapCreateInBridgePort(bridge, &net->ifname,
net->mac, true,
> 0, true, NULL,
>
virDomainNetGetActualVirtPortProfile(net)) < 0) {
> if (template_ifname)
> diff --git a/src/util/virnetdevtap.c b/src/util/virnetdevtap.c
> index 0fce08d..868ba57 100644
> --- a/src/util/virnetdevtap.c
> +++ b/src/util/virnetdevtap.c
> @@ -22,6 +22,7 @@
>
> #include <config.h>
>
> +#include "virmacaddr.h"
> #include "virnetdevtap.h"
> #include "virnetdev.h"
> #include "virnetdevbridge.h"
> @@ -248,6 +249,7 @@ int virNetDevTapDelete(const char *ifname
ATTRIBUTE_UNUSED)
> * @brname: the bridge name
> * @ifname: the interface name (or name template)
> * @macaddr: desired MAC address (VIR_MAC_BUFLEN long)
> + * @discourage: whether bridge should be discouraged from using
macaddr
> * @vnet_hdr: whether to try enabling IFF_VNET_HDR
> * @tapfd: file descriptor return value for the new tap device
> * @virtPortProfile: bridge/port specific configuration
> @@ -265,11 +267,14 @@ int virNetDevTapDelete(const char *ifname
ATTRIBUTE_UNUSED)
> int virNetDevTapCreateInBridgePort(const char *brname,
> char **ifname,
> const unsigned char *macaddr,
> + bool discourage,
> int vnet_hdr,
> bool up,
> int *tapfd,
> virNetDevVPortProfilePtr
virtPortProfile)
> {
> + unsigned char tapmac[VIR_MAC_BUFLEN];
> +
> if (virNetDevTapCreate(ifname, vnet_hdr, tapfd) < 0)
> return -1;
>
> @@ -279,7 +284,11 @@ int virNetDevTapCreateInBridgePort(const
char *brname,
> * seeing the kernel allocate random MAC for the TAP
> * device before we set our static MAC.
> */
> - if (virNetDevSetMAC(*ifname, macaddr) < 0)
> + memcpy(tapmac, macaddr, VIR_MAC_BUFLEN);
> + if (discourage)
> + tapmac[0] = 0xFE; /* Discourage bridge from using TAP
dev MAC */
> +
> + if (virNetDevSetMAC(*ifname, tapmac) < 0)
> goto error;
>
> /* We need to set the interface MTU before adding it
> diff --git a/src/util/virnetdevtap.h b/src/util/virnetdevtap.h
> index 918f3dc..fc50e22 100644
> --- a/src/util/virnetdevtap.h
> +++ b/src/util/virnetdevtap.h
> @@ -37,6 +37,7 @@ int virNetDevTapDelete(const char *ifname)
> int virNetDevTapCreateInBridgePort(const char *brname,
> char **ifname,
> const unsigned char *macaddr,
> + bool discourage,
> int vnet_hdr,
> bool up,
> int *tapfd,
--
libvir-list mailing list
libvir-list(a)redhat.com <mailto:libvir-list@redhat.com>
https://www.redhat.com/mailman/listinfo/libvir-list