Hi all, I have a hook script, /etc/libvirt/hooks/network, that doesn't seem to be called when I attach an interface with type 'ethernet' with this xml snippet: <interface type='ethernet'> <model type="virtio"/> <source> <ip address="10.100.0.1" prefix="24" peer="10.100.0.10"/> </source> </interface> https://www.libvirt.org/hooks.html#intro says "A network is started or stopped or an interface is plugged/unplugged to/from the network (since 1.2.2)". While I don't have a network defined in xml, I'd expect this to work just as well for 'ethernet' type interfaces. Am I wrong?

On Tue, Apr 9, 2019 at 5:10 PM Michal Privoznik <mprivozn(a)redhat.com&gt; wrote: > > On 4/9/19 4:38 PM, Ruben Kerkhof wrote: >> Hi all, >> >> I have a hook script, /etc/libvirt/hooks/network, that doesn't seem to >> be called when I attach an interface with type 'ethernet' with this >> xml snippet: >> >> <interface type='ethernet'> >> <model type="virtio"/> >> <source> >> <ip address="10.100.0.1" prefix="24" peer="10.100.0.10"/> >> </source> >> </interface> >> >> https://www.libvirt.org/hooks.html#intro says >> "A network is started or stopped or an interface is plugged/unplugged >> to/from the network (since 1.2.2)". >> >> While I don't have a network defined in xml, I'd expect this to work >> just as well for 'ethernet' type interfaces. Am I wrong? > > > Hotplugging an 'ethernet' type of interface doesn't really relate to any > libvirt network. Hence libvirt doesn't call 'network' hook script. If > you'd continue reading you'll see what is the 'network' hook fed with > (on stdin): info on domain in question AND network where the event > ocurred. But there is no network, is it? No not in the libvirt sense there isn't, you're right. > > But maybe you can work around this by waiting for > DEVICE_ADDED/DEVICE_REMOVED events? What is it that you're trying to solve? I'd like to enable proxy_arp on the interface among other things. I can easily do this from the same script that adds the interface though, so I have a workaround, but a hook that triggers on all interface events felt cleaner.

On Wed, Apr 10, 2019 at 1:44 PM Laine Stump <laine(a)redhat.com&gt; wrote: > > On 4/9/19 11:35 AM, Ruben Kerkhof wrote: > > On Tue, Apr 9, 2019 at 5:10 PM Michal Privoznik <mprivozn(a)redhat.com&gt; wrote: > >> > >> On 4/9/19 4:38 PM, Ruben Kerkhof wrote: > >>> Hi all, > >>> > >>> I have a hook script, /etc/libvirt/hooks/network, that doesn't seem to > >>> be called when I attach an interface with type 'ethernet' with this > >>> xml snippet: > >>> > >>> <interface type='ethernet'> > >>> <model type="virtio"/> > >>> <source> > >>> <ip address="10.100.0.1" prefix="24" peer="10.100.0.10"/> > >>> </source> > >>> </interface> > >>> > >>> https://www.libvirt.org/hooks.html#intro says > >>> "A network is started or stopped or an interface is plugged/unplugged > >>> to/from the network (since 1.2.2)". > >>> > >>> While I don't have a network defined in xml, I'd expect this to work > >>> just as well for 'ethernet' type interfaces. Am I wrong? > >> > >> > >> Hotplugging an 'ethernet' type of interface doesn't really relate to any > >> libvirt network. Hence libvirt doesn't call 'network' hook script. If > >> you'd continue reading you'll see what is the 'network' hook fed with > >> (on stdin): info on domain in question AND network where the event > >> ocurred. But there is no network, is it? > > > > No not in the libvirt sense there isn't, you're right. > >> > >> But maybe you can work around this by waiting for > >> DEVICE_ADDED/DEVICE_REMOVED events? What is it that you're trying to solve? > > > > I'd like to enable proxy_arp on the interface among other things. > > I can easily do this from the same script that adds the interface > > though, so I have a workaround, but a hook that triggers on all > > interface events felt cleaner. > > Also keep in mind that the hook scripts aren't an officially supported > part of the API, and are thus liable to change without warning. As an > example, danpb has proposed changing the network hook: > > https://www.redhat.com/archives/libvir-list/2019-March/msg01280.html > > Once this goes in, any network hook script that uses the plugged and > unplugged hooks will no longer work; you would instead need to use the > port-created and port-deleted hooks. That's good to know, thank you Laine. In that case perhaps adding this functionality to libvirt itself would make more sense? Some background, I'm implementing https://vincent.bernat.ch/en/blog/2018-l3-routing-hypervisor, so announcing /32 host routes to our vms with BGP. Our existing vms use /24 network addressing, and to keep that working, I need to set proxy_arp on the interface.

On Thu, Apr 11, 2019 at 10:43 PM Vasiliy Tolstov <v.tolstov(a)selfip.ru&gt; wrote: Hi Vasiliy, > > ср, 10 апр. 2019 г. в 19:46, Ruben Kerkhof <ruben(a)rubenkerkhof.com&gt;: > > > > On Wed, Apr 10, 2019 at 1:44 PM Laine Stump <laine(a)redhat.com&gt; wrote: > > > > > > On 4/9/19 11:35 AM, Ruben Kerkhof wrote: > > > > On Tue, Apr 9, 2019 at 5:10 PM Michal Privoznik < mprivozn(a)redhat.com&gt; wrote: > > > >> > > > >> On 4/9/19 4:38 PM, Ruben Kerkhof wrote: > > > >>> Hi all, > > > >>> > > > >>> I have a hook script, /etc/libvirt/hooks/network, that doesn't seem to > > > >>> be called when I attach an interface with type 'ethernet' with this > > > >>> xml snippet: > > > >>> > > > >>> <interface type='ethernet'> > > > >>> <model type="virtio"/> > > > >>> <source> > > > >>> <ip address="10.100.0.1" prefix="24" peer="10.100.0.10"/> > > > >>> </source> > > > >>> </interface> > > > >>> > > > >>> https://www.libvirt.org/hooks.html#intro says > > > >>> "A network is started or stopped or an interface is plugged/unplugged > > > >>> to/from the network (since 1.2.2)". > > > >>> > > > >>> While I don't have a network defined in xml, I'd expect this to work > > > >>> just as well for 'ethernet' type interfaces. Am I wrong? > > > >> > > > >> > > > >> Hotplugging an 'ethernet' type of interface doesn't really relate to any > > > >> libvirt network. Hence libvirt doesn't call 'network' hook script. If > > > >> you'd continue reading you'll see what is the 'network' hook fed with > > > >> (on stdin): info on domain in question AND network where the event > > > >> ocurred. But there is no network, is it? > > > > > > > > No not in the libvirt sense there isn't, you're right. > > > >> > > > >> But maybe you can work around this by waiting for > > > >> DEVICE_ADDED/DEVICE_REMOVED events? What is it that you're trying to solve? > > > > > > > > I'd like to enable proxy_arp on the interface among other things. > > > > I can easily do this from the same script that adds the interface > > > > though, so I have a workaround, but a hook that triggers on all > > > > interface events felt cleaner. > > > > > > Also keep in mind that the hook scripts aren't an officially supported > > > part of the API, and are thus liable to change without warning. As an > > > example, danpb has proposed changing the network hook: > > > > > > https://www.redhat.com/archives/libvir-list/2019-March/msg01280.html > > > > > > Once this goes in, any network hook script that uses the plugged and > > > unplugged hooks will no longer work; you would instead need to use the > > > port-created and port-deleted hooks. > > > > That's good to know, thank you Laine. > > > > In that case perhaps adding this functionality to libvirt itself would > > make more sense? > > > > Some background, I'm implementing > > https://vincent.bernat.ch/en/blog/2018-l3-routing-hypervisor, so > > announcing /32 host routes to our vms with BGP. > > Our existing vms use /24 network addressing, and to keep that working, > > I need to set proxy_arp on the interface. > > > I done something like this in some Russian Cloud hosting provider, but > we use OSPF to redistribute routes in DC, and sync their via bgp > between dc. Thanks, it's good to know that more people do this and I'm on the right path :) > I don't recommend hooks, write small netlink based program that > listens events about interface up, check it names and set proxy arp > for it. > This is not blocking and easy to modify/test/write. Or set proxy_arp > globally (but this is not recommended) That's a good tip, thanks. I do want to set proxy_arp before the interface is admin up and passing traffic, is that possible with netlink? Writing an udev rule might work as well now that I think of it. But seeing that multiple people have implemented this in their own way, wouldn't it make more sense to add support for this to libvirt? Something like <interface type='ethernet' proxy_arp='on' /> >

-- > Vasiliy Tolstov, > e-mail: v.tolstov(a)selfip.ru Kind regards, Ruben