zones: simple: fix ip-forward && ipv6 snat

[pve-network.git] / PVE / Network / SDN / Zones / QinQPlugin.pm

diff --git a/PVE/Network/SDN/Zones/QinQPlugin.pm b/PVE/Network/SDN/Zones/QinQPlugin.pm
index 73c2e843f41324772713ace03ace8217d6a78c48..9064adb7c9b894e7fdec39c952e020e28bd73516 100644 (file)
--- a/PVE/Network/SDN/Zones/QinQPlugin.pm
+++ b/PVE/Network/SDN/Zones/QinQPlugin.pm
@@ -3,6 +3,7 @@ package PVE::Network::SDN::Zones::QinQPlugin;
 use strict;
 use warnings;
 use PVE::Network::SDN::Zones::Plugin;
+use PVE::Exception qw(raise raise_param_exc);
 
 use base('PVE::Network::SDN::Zones::Plugin');
 
@@ -39,12 +40,16 @@ sub options {
        'bridge' => { optional => 0 },
        'mtu' => { optional => 1 },
        'vlan-protocol' => { optional => 1 },
+       dns => { optional => 1 },
+       reversedns => { optional => 1 },
+       dnszone => { optional => 1 },
+       ipam => { optional => 0 },
     };
 }
 
 # Plugin implementation
 sub generate_sdn_config {
-    my ($class, $plugin_config, $zoneid, $vnetid, $vnet, $controller, $interfaces_config, $config) = @_;
+    my ($class, $plugin_config, $zoneid, $vnetid, $vnet, $controller, $controller_cfg, $subnet_cfg, $interfaces_config, $config) = @_;
 
     my $stag = $plugin_config->{tag};
     my $mtu = $plugin_config->{mtu};
@@ -52,10 +57,11 @@ sub generate_sdn_config {
     my $vlanprotocol = $plugin_config->{'vlan-protocol'};
     my $ctag = $vnet->{tag};
     my $alias = $vnet->{alias};
-    die "can't find bridge $bridge" if !-d "/sys/class/net/$bridge";
 
-    my $vlan_aware = PVE::Tools::file_read_firstline("/sys/class/net/$bridge/bridge/vlan_filtering");
-    my $is_ovs = 1 if !-d "/sys/class/net/$bridge/brif";
+    PVE::Network::SDN::Zones::Plugin::find_bridge($bridge);
+
+    my $vlan_aware = PVE::Network::SDN::Zones::Plugin::is_vlanaware($bridge);
+    my $is_ovs = PVE::Network::SDN::Zones::Plugin::is_ovs($bridge);
 
     my @iface_config = ();
     my $vnet_bridge_ports = "";
@@ -79,7 +85,7 @@ sub generate_sdn_config {
        #redefine main ovs bridge, ifupdown2 will merge ovs_ports
        @iface_config = ();
        push @iface_config, "ovs_ports $svlan_iface";
-       push(@{$config->{$bridge}}, @iface_config); 
+       push(@{$config->{$bridge}}, @iface_config);
 
        #zone vlan aware bridge
        @iface_config = ();
@@ -121,11 +127,7 @@ sub generate_sdn_config {
 
        #eth--->eth.x(svlan)--->eth.x.y(cvlan)---->vnet
 
-       my @bridge_ifaces = ();
-       my $dir = "/sys/class/net/$bridge/brif";
-       PVE::Tools::dir_glob_foreach($dir, '(((eth|bond)\d+|en[^.]+)(\.\d+)?)', sub {
-           push @bridge_ifaces, $_[0];
-       });
+       my @bridge_ifaces = PVE::Network::SDN::Zones::Plugin::get_bridge_ifaces($bridge);
 
        foreach my $bridge_iface (@bridge_ifaces) {
 
@@ -166,22 +168,66 @@ sub generate_sdn_config {
 }
 
 sub status {
-    my ($class, $plugin_config, $zone, $id, $vnet, $err_config, $status, $vnet_status, $zone_status) = @_;
+    my ($class, $plugin_config, $zone, $vnetid, $vnet, $status) = @_;
 
     my $bridge = $plugin_config->{bridge};
-    $vnet_status->{$id}->{zone} = $zone;
-    $zone_status->{$zone}->{status} = 'available' if !defined($zone_status->{$zone}->{status});
-
-    if($err_config) {
-       $vnet_status->{$id}->{status} = 'pending';
-       $vnet_status->{$id}->{statusmsg} = $err_config;
-       $zone_status->{$zone}->{status} = 'pending';
-    } elsif ($status->{$bridge}->{status} && $status->{$bridge}->{status} eq 'pass') {
-       $vnet_status->{$id}->{status} = 'available';
+    my $err_msg = [];
+
+    if (!-d "/sys/class/net/$bridge") {
+        push @$err_msg, "missing $bridge";
+        return $err_msg;
+    }
+
+    my $vlan_aware = PVE::Network::SDN::Zones::Plugin::is_vlanaware($bridge);
+    my $is_ovs = PVE::Network::SDN::Zones::Plugin::is_ovs($bridge);
+
+    my $tag = $vnet->{tag};
+    my $vnet_uplink = "ln_".$vnetid;
+    my $vnet_uplinkpeer = "pr_".$vnetid;
+
+    # ifaces to check
+    my $ifaces = [ $vnetid, $bridge ];
+    if($is_ovs) {
+       my $svlan_iface = "sv_".$zone;
+       my $zonebridge = "z_$zone";
+       push @$ifaces, $svlan_iface;
+       push @$ifaces, $zonebridge;
+    } elsif ($vlan_aware) {
+       my $zonebridge = "z_$zone";
+       push @$ifaces, $zonebridge;
     } else {
-       $vnet_status->{$id}->{status} = 'error';
-       $vnet_status->{$id}->{statusmsg} = 'missing bridge';
-       $zone_status->{$zone}->{status} = 'error';
+       my $svlan_iface = "sv_$vnetid";
+       my $cvlan_iface = "cv_$vnetid";
+       push @$ifaces, $svlan_iface;
+       push @$ifaces, $cvlan_iface;
+    }
+
+    foreach my $iface (@{$ifaces}) {
+       if (!$status->{$iface}->{status}) {
+           push @$err_msg, "missing $iface";
+        } elsif ($status->{$iface}->{status} ne 'pass') {
+           push @$err_msg, "error $iface";
+       }
+    }
+    return $err_msg;
+}
+
+sub vnet_update_hook {
+    my ($class, $vnet_cfg, $vnetid, $zone_cfg) = @_;
+
+    my $vnet = $vnet_cfg->{ids}->{$vnetid};
+    my $tag = $vnet->{tag};
+
+    raise_param_exc({ tag => "missing vlan tag"}) if !defined($vnet->{tag});
+    raise_param_exc({ tag => "vlan tag max value is 4096"}) if $vnet->{tag} > 4096;
+
+    # verify that tag is not already defined in another vnet on same zone
+    foreach my $id (keys %{$vnet_cfg->{ids}}) {
+       next if $id eq $vnetid;
+       my $othervnet = $vnet_cfg->{ids}->{$id};
+       my $other_tag = $othervnet->{tag};
+       next if $vnet->{zone} ne $othervnet->{zone};
+        raise_param_exc({ tag => "tag $tag already exist in vnet $id"}) if $other_tag && $tag eq $other_tag;
     }
 }