fix # 4764: datacenter config: default MAC prefix to official Proxmox OUI

Proxmox Server Solutions GmbH got the OUI BC-24-11 assigned for a MA-L
(large) address block that provides 24 bits (16 777 216) of space
available for guests.

Use this as new default, effectively disallowing a fully random MAC,
and extend the descriptions with some background.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>

diff --git a/src/PVE/DataCenterConfig.pm b/src/PVE/DataCenterConfig.pm
index 2d28c8540b1e7ff8849c476a3d1e982ba1bed20d..e3c8817b3fa1ccb74ce22d532a67a8fbca4e5597 100644 (file)
--- a/src/PVE/DataCenterConfig.pm
+++ b/src/PVE/DataCenterConfig.pm
@@ -402,7 +402,27 @@ my $datacenter_schema = {
            optional => 1,
            type => 'string',
            format => 'mac-prefix',
-           description => 'Prefix for autogenerated MAC addresses.',
+           default => 'BC:24:11',
+           description => "Prefix for the auto-generated MAC addresses of virtual guests. The"
+               ." default 'BC:24:11' is the OUI assigned by the IEEE to Proxmox Server Solutions"
+               ." GmbH for a 24-bit large MAC block. You're allowed to use this in local networks,"
+               ." i.e., those not directly reachable by the public (e.g., in a LAN or behind NAT)."
+               ,
+           verbose_description => "Prefix for the auto-generated MAC addresses of virtual guests."
+               ." The default `BC:24:11` is the Organizationally Unique Identifier (OUI) assigned"
+               ." by the IEEE to Proxmox Server Solutions GmbH for a MAC Address Block Large (MA-L)."
+               ." You're allowed to use this in local networks, i.e., those not directly reachable"
+               ." by the public (e.g., in a LAN or NAT/Masquerading).\n"
+               ." \nNote that when you run multiple cluster that (partially) share the networks of"
+               ." their virtual guests, it's highly recommended that you extend the default MAC"
+               ." prefix, or generate a custom (valid) one, to reduce the chance of MAC collisions."
+               ." For example, add a separate extra hexadecimal to the Proxmox OUI for each cluster,"
+               ." like `BC:24:11:0` for the first, `BC:24:11:1` for the second, and so on.\n"
+               ." Alternatively, you can also separate the networks of the guests logically, e.g.,"
+               ." by using VLANs.\n\nFor publicly accessible guests it's recommended that you get"
+               ." your own https://standards.ieee.org/products-programs/regauth/[OUI from the IEEE]"
+               ." registered or coordinate with your, or your hosting providers, network admins."
+               ,
        },
        notify => {
            optional => 1,
@@ -473,6 +493,11 @@ sub parse_datacenter_config {
 
     $res->{description} = $comment;
 
+    # it could be better to track that this is the default, and not explicitly set, but having
+    # no MAC prefix is really not ideal, and overriding that here centrally catches all call sites
+    $res->{mac_prefix} = $datacenter_schema->{properties}->{mac_prefix}->{default}
+       if !defined($res->{mac_prefix});
+
     if (my $crs = $res->{crs}) {
        $res->{crs} = parse_property_string($crs_format, $crs);
     }