4:10 a.m.
On Thu, Apr 11, 2019 at 10:43 PM Vasiliy Tolstov <v.tolstov(a)selfip.ru> wrote:
Hi Vasiliy,
ср, 10 апр. 2019 г. в 19:46, Ruben Kerkhof <ruben(a)rubenkerkhof.com>:
>
> On Wed, Apr 10, 2019 at 1:44 PM Laine Stump <laine(a)redhat.com> wrote:
> >
> > On 4/9/19 11:35 AM, Ruben Kerkhof wrote:
> > > On Tue, Apr 9, 2019 at 5:10 PM Michal Privoznik
<mprivozn(a)redhat.com> wrote:
> > >>
> > >> On 4/9/19 4:38 PM, Ruben Kerkhof wrote:
> > >>> Hi all,
> > >>>
> > >>> I have a hook script, /etc/libvirt/hooks/network, that doesn't
seem to
> > >>> be called when I attach an interface with type 'ethernet'
with this
> > >>> xml snippet:
> > >>>
> > >>> <interface type='ethernet'>
> > >>> <model type="virtio"/>
> > >>> <source>
> > >>> <ip address="10.100.0.1"
prefix="24" peer="10.100.0.10"/>
> > >>> </source>
> > >>> </interface>
> > >>>
> > >>> https://www.libvirt.org/hooks.html#intro says
> > >>> "A network is started or stopped or an interface is
plugged/unplugged
> > >>> to/from the network (since 1.2.2)".
> > >>>
> > >>> While I don't have a network defined in xml, I'd expect
this to work
> > >>> just as well for 'ethernet' type interfaces. Am I wrong?
> > >>
> > >>
> > >> Hotplugging an 'ethernet' type of interface doesn't really
relate to any
> > >> libvirt network. Hence libvirt doesn't call 'network' hook
script. If
> > >> you'd continue reading you'll see what is the
'network' hook fed with
> > >> (on stdin): info on domain in question AND network where the event
> > >> ocurred. But there is no network, is it?
> > >
> > > No not in the libvirt sense there isn't, you're right.
> > >>
> > >> But maybe you can work around this by waiting for
> > >> DEVICE_ADDED/DEVICE_REMOVED events? What is it that you're trying
to solve?
> > >
> > > I'd like to enable proxy_arp on the interface among other things.
> > > I can easily do this from the same script that adds the interface
> > > though, so I have a workaround, but a hook that triggers on all
> > > interface events felt cleaner.
> >
> > Also keep in mind that the hook scripts aren't an officially supported
> > part of the API, and are thus liable to change without warning. As an
> > example, danpb has proposed changing the network hook:
> >
> > https://www.redhat.com/archives/libvir-list/2019-March/msg01280.html
> >
> > Once this goes in, any network hook script that uses the plugged and
> > unplugged hooks will no longer work; you would instead need to use the
> > port-created and port-deleted hooks.
>
> That's good to know, thank you Laine.
>
> In that case perhaps adding this functionality to libvirt itself would
> make more sense?
>
> Some background, I'm implementing
> https://vincent.bernat.ch/en/blog/2018-l3-routing-hypervisor, so
> announcing /32 host routes to our vms with BGP.
> Our existing vms use /24 network addressing, and to keep that working,
> I need to set proxy_arp on the interface.
>
I done something like this in some Russian Cloud hosting provider, but
we use OSPF to redistribute routes in DC, and sync their via bgp
between dc.
Thanks, it's good to know that more people do this and I'm on the right path :)
I don't recommend hooks, write small netlink based program that
listens events about interface up, check it names and set proxy arp
for it.
This is not blocking and easy to modify/test/write. Or set proxy_arp
globally (but this is not recommended)
That's a good tip, thanks.
I do want to set proxy_arp before the interface is admin up and
passing traffic, is that possible with netlink?
Writing an udev rule might work as well now that I think of it.
But seeing that multiple people have implemented this in their own
way, wouldn't it make more sense to add support for this to libvirt?
Something like <interface type='ethernet' proxy_arp='on' />
--
Vasiliy Tolstov,
e-mail: v.tolstov(a)selfip.ru
Kind regards,
Ruben