don't set proxy_arp and forwarding on lxc veths

[pve-container.git] / src / lxcnetaddbr

#!/usr/bin/perl

use strict;
use warnings;

use PVE::LXC;
use PVE::Tools qw(run_command);
use PVE::Network;
use PVE::ProcFSTools;

die "got unexpected argument count\n" if scalar(@ARGV) != 5;

my ($vmid, $arg2, $arg3, $type, $iface) = @ARGV;

die "got unexpected argument ($arg2 != net)\n" if $arg2 ne 'net';
die "got unexpected argument ($arg3 != up)\n" if $arg3 ne 'up';

die "got unexpected argument ($type != veth)\n" if $type ne 'veth';
    
die "got unexpected environment" if $vmid ne $ENV{LXC_NAME};

die "missing vmid parameter\n" if !$vmid;
die "missing iface parameter\n" if !$iface;

my $conf = PVE::LXC::load_config($vmid);

my $netconf;
if ($iface =~ m/^veth(\d+)i(\d+)$/) {
    die "got unexpected interface name '$iface'\n" if $1 ne $vmid;
    $netconf = $conf->{"net$2"};
}

die "unable to find network definition for interface '$iface'\n"
    if !defined($netconf);

my $net = PVE::LXC::parse_lxc_network($netconf);
    
my $tag = $net->{tag};
my $firewall = $net->{firewall};
my $bridge = $net->{bridge};

die "missing bridge configuration" if !$bridge;

if (-d "/sys/class/net/$iface") {

    my $bridgemtu = PVE::Tools::file_read_firstline("/sys/class/net/$bridge/mtu");
    die "bridge '$bridge' does not exist\n" if !$bridgemtu;
    #avoid insecure dependency;
    ($bridgemtu) = $bridgemtu =~ /(\d+)/;

    PVE::Tools::run_command("/sbin/ip link set dev $iface up mtu $bridgemtu");
    PVE::Tools::run_command("/sbin/ip addr add 0.0.0.0/0 dev $iface");
    PVE::Network::tap_plug($iface, $bridge, $tag, $firewall);
}

exit 0;