]>
Commit | Line | Data |
---|---|---|
b9436cda DM |
1 | package PVE::Network; |
2 | ||
3 | use strict; | |
74d1b045 | 4 | use PVE::Tools qw(run_command); |
b9436cda DM |
5 | use PVE::ProcFSTools; |
6 | use PVE::INotify; | |
7 | use File::Basename; | |
8 | ||
9 | # host network related utility functions | |
10 | ||
74d1b045 DM |
11 | sub setup_tc_rate_limit { |
12 | my ($iface, $rate, $burst, $debug) = @_; | |
13 | ||
14 | system("/sbin/tc qdisc del dev $iface ingres >/dev/null 2>&1"); | |
15 | system("/sbin/tc qdisc del dev $iface root >/dev/null 2>&1"); | |
16 | ||
17 | run_command("/sbin/tc qdisc add dev $iface handle ffff: ingress"); | |
18 | ||
fb572a93 DM |
19 | # virtio uses large packets 64K, so we need to set mtu to that |
20 | # value - else filter drops those packets and rate limit does not work. | |
ca402c95 DM |
21 | run_command("/sbin/tc filter add dev $iface parent ffff: " . |
22 | "protocol ip prio 50 u32 match ip src 0.0.0.0/0 " . | |
23 | "police rate ${rate}bps burst ${burst}b " . | |
fb572a93 | 24 | "mtu 64kb drop flowid :1"); |
74d1b045 DM |
25 | |
26 | # tbf does not work for unknown reason | |
27 | #$TC qdisc add dev $DEV root tbf rate $RATE latency 100ms burst $BURST | |
28 | # so we use htb instead | |
29 | run_command("/sbin/tc qdisc add dev $iface root handle 1: htb default 1"); | |
30 | run_command("/sbin/tc class add dev $iface parent 1: classid 1:1 " . | |
31 | "htb rate ${rate}bps burst ${burst}b"); | |
32 | ||
33 | if ($debug) { | |
34 | print "DEBUG tc settings\n"; | |
35 | system("/sbin/tc qdisc ls dev $iface"); | |
36 | system("/sbin/tc class ls dev $iface"); | |
37 | system("/sbin/tc filter ls dev $iface parent ffff:"); | |
38 | } | |
39 | } | |
40 | ||
41 | ||
b9436cda DM |
42 | sub copy_bridge_config { |
43 | my ($br0, $br1) = @_; | |
44 | ||
45 | return if $br0 eq $br1; | |
46 | ||
47 | my $br_configs = [ 'ageing_time', 'stp_state', 'priority', 'forward_delay', | |
48 | 'hello_time', 'max_age']; | |
49 | ||
50 | foreach my $sysname (@$br_configs) { | |
51 | eval { | |
52 | my $v0 = PVE::Tools::file_read_firstline("/sys/class/net/$br0/bridge/$sysname"); | |
53 | my $v1 = PVE::Tools::file_read_firstline("/sys/class/net/$br1/bridge/$sysname"); | |
54 | if ($v0 ne $v1) { | |
55 | system("echo \"$v0\" > /sys/class/net/$br1/bridge/$sysname") == 0 || | |
56 | warn "unable to set bridge config '$sysname'\n"; | |
57 | } | |
58 | }; | |
59 | warn $@ if $@; | |
60 | } | |
61 | } | |
62 | ||
63 | sub activate_bridge_vlan { | |
64 | my ($bridge, $tag_param) = @_; | |
65 | ||
66 | die "bridge '$bridge' is not active\n" if ! -d "/sys/class/net/$bridge"; | |
67 | ||
68 | return $bridge if !defined($tag_param); # no vlan, simply return | |
69 | ||
70 | my $tag = int($tag_param); | |
71 | ||
72 | die "got strange vlan tag '$tag_param'\n" if $tag < 1 || $tag > 4094; | |
73 | ||
74 | my $bridgevlan = "${bridge}v$tag"; | |
fa49ab1a | 75 | my $iface = $bridge; |
b9436cda | 76 | my $ifacevlan = "${iface}.$tag"; |
fa49ab1a | 77 | my $vlanflags = "reorder_hdr on gvrp on"; |
b9436cda DM |
78 | |
79 | # create vlan on $iface is not already exist | |
80 | if (! -d "/sys/class/net/$ifacevlan") { | |
fa49ab1a SP |
81 | system("/sbin/ip link add link $iface name $ifacevlan type vlan id $tag $vlanflags") == 0 || |
82 | die "can't add vlan tag $tag to interface $iface\n"; | |
b9436cda DM |
83 | } |
84 | ||
85 | # be sure to have the $ifacevlan up | |
86 | system("/sbin/ip link set $ifacevlan up") == 0 || | |
87 | die "can't up interface $ifacevlan\n"; | |
88 | ||
89 | # test if $vlaniface is already enslaved in another bridge | |
90 | my $path= "/sys/class/net/$ifacevlan/brport/bridge"; | |
91 | if (-l $path) { | |
92 | my $tbridge = basename(readlink($path)); | |
93 | if ($tbridge eq $bridgevlan) { | |
94 | # already member of bridge - assume setup is already done | |
95 | return $bridgevlan; | |
96 | } else { | |
97 | die "interface $ifacevlan already exist in bridge $tbridge\n"; | |
98 | } | |
99 | } | |
100 | ||
101 | # add bridgevlan if it doesn't already exist | |
102 | if (! -d "/sys/class/net/$bridgevlan") { | |
103 | system("/usr/sbin/brctl addbr $bridgevlan") == 0 || | |
104 | die "can't add bridge $bridgevlan\n"; | |
105 | } | |
106 | ||
107 | #fixme: set other bridge flags | |
108 | ||
109 | # be sure to have the bridge up | |
110 | system("/sbin/ip link set $bridgevlan up") == 0 || | |
111 | die "can't up bridge $bridgevlan\n"; | |
112 | ||
113 | # add $ifacevlan to the bridge | |
114 | system("/usr/sbin/brctl addif $bridgevlan $ifacevlan") == 0 || | |
115 | die "can't add interface $ifacevlan to bridge $bridgevlan\n"; | |
116 | ||
117 | return $bridgevlan; | |
118 | } | |
119 | ||
120 | 1; |