On Wed, Feb 09, 2011 at 04:53:32AM -0500, Laine Stump wrote:
This fixes https://bugzilla.redhat.com/show_bug.cgi?id=609463
The problem was that, since a bridge always acquires the MAC address of the connected interface with the numerically lowest MAC, as guests are started and stopped, it was possible for the MAC address to change over time, and this change in the network was being detected by Windows 7 (it sees the MAC of the default route change), so on each reboot it would bring up a dialog box asking about this "new network".
The solution is to create a dummy tap interface with a MAC guaranteed to be lower than any guest interface's MAC, and attach that tap to the bridge as soon as it's created. Since all guest MAC addresses start with 0xFE, we can just generate a MAC with the standard "0x52, 0x54, 0" prefix, and it's guaranteed to always win (physical interfaces are never connected to these bridges, so we don't need to worry about competing numerically with them).
Note that the dummy tap is never set to IFF_UP state - that's not necessary in order for the bridge to take its MAC, and not setting it to UP eliminates the clutter of having an (eg) "virbr0-mac" displayed in the output of the ifconfig command.
Problem that needs a solution: -----------------------------
I chose to not auto-generate the MAC address in the network XML parser, as there are likely to be consumers of that API that don't need or want to have a MAC address associated with the bridge.
Instead, in bridge_driver.c when the network is being brought up, if there is no MAC, I generate one then. One down side of this is that the MAC is written to the *statedir* xml file (in /var/lib/libvirt/networks) but no to the *config* xml (in /etc/libvirt/qemu/networks). That means that if libvirtd is restarted while the network is down, the next time it's started it will have a different MAC.
It looks like the only place the *config* xml is written is in networkDefine or networkCreate, but that's inadequate for this case, as anyone upgrading their libvirt will want this change to take effect for all their already-defined networks.
DV suggested that we could add a flag to the parser telling it whether or not to auto-generate a MAC when one wasn't specified. That would require (at least) adding a new arg to:
virNetworkDefParseFile virNetworkDefParse virNetworkDefParseNode virNetworkDefParseXML
and adding this arg would be embedding details of the XML attributes into the C API arglist, which doesn't seem very clean - this could set a very bad precedent that would lead to argument clutter (one of the things that using XML helps to prevent). Also, it would be one more arg to be potentially set incorrectly by some new user of the parser.
Any advice on the cleanest way to solve this problem? --- src/conf/network_conf.c | 21 ++++++++++++++++++- src/conf/network_conf.h | 3 ++ src/libvirt_private.syms | 1 + src/network/bridge_driver.c | 47 +++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 71 insertions(+), 1 deletions(-)
diff --git a/src/conf/network_conf.c b/src/conf/network_conf.c index 28a3ee8..592e38c 100644 --- a/src/conf/network_conf.c +++ b/src/conf/network_conf.c @@ -628,6 +628,19 @@ virNetworkDefParseXML(xmlXPathContextPtr ctxt) if (virXPathULong("string(./bridge[1]/@delay)", ctxt, &def->delay) < 0) def->delay = 0;
+ tmp = virXPathString("string(./bridge[1]/@mac)", ctxt); + if (tmp) { + if (virParseMacAddr(tmp, def->mac) < 0) { + virNetworkReportError(VIR_ERR_XML_ERROR, + _("Invalid bridge mac address '%s' in network '%s'"), + tmp, def->name); + VIR_FREE(tmp); + goto error; + } + VIR_FREE(tmp); + def->mac_specified = true; + }
I'd be inclined to say that the MAC address should be in the standard XML format we use elsewhere, eg a subelement <mac address='ab:bb:cc:dd:ee:ff'/>
diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c index 08aaa36..1952dfd 100644 --- a/src/network/bridge_driver.c +++ b/src/network/bridge_driver.c @@ -1566,6 +1566,7 @@ networkStartNetworkDaemon(struct network_driver *driver, bool v4present = false, v6present = false; virErrorPtr save_err = NULL; virNetworkIpDefPtr ipdef; + char *macTapIfName;
if (virNetworkObjIsActive(network)) { networkReportError(VIR_ERR_OPERATION_INVALID, @@ -1585,6 +1586,27 @@ networkStartNetworkDaemon(struct network_driver *driver, return -1; }
+ virAsprintf(&macTapIfName, "%s-mac", network->def->bridge);
Not sure about the name suffix here, how about '-gw' or '-nic' ?
+ if (!macTapIfName) { + virReportOOMError(); + goto err0; + } + if (!network->def->mac_specified) { + virGenerateMacAddr((unsigned char[]){ 0x52, 0x54, 0 }, + network->def->mac); + network->def->mac_specified = true; + }
As you mentioned above I think this is the wrong place to be generating this because to properly solve the bug above we want the MAC to be stable forever & we require that libvirtd can be restarted without loosing data. I think we should do the auto-generation in the 'Define' and 'Create' methods just afer we've parsed the initial XML. We can also auto-generate in the method which loads configs off disk as a safety net for upgrades. To make this persistent though, we should write a %post script for the libvirt RPM that fixes up any existing deployed networks in /etc/libvirt Regards, Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|