]>
git.proxmox.com Git - pve-common.git/blob - data/PVE/Network.pm
5 use PVE
:: Tools
qw(run_command) ;
10 # host network related utility functions
12 sub setup_tc_rate_limit
{
13 my ( $iface, $rate, $burst, $debug ) = @_ ;
15 system ( "/sbin/tc class del dev $iface parent 1: classid 1:1 >/dev/null 2>&1" );
16 system ( "/sbin/tc filter del dev $iface parent ffff: protocol ip prio 50 estimator 1sec 8sec >/dev/null 2>&1" );
17 system ( "/sbin/tc qdisc del dev $iface ingress >/dev/null 2>&1" );
18 system ( "/sbin/tc qdisc del dev $iface root >/dev/null 2>&1" );
22 run_command
( "/sbin/tc qdisc add dev $iface handle ffff: ingress" );
24 # this does not work wit virtio - don't know why (setting "mtu 64kb" does not help)
25 #run_command("/sbin/tc filter add dev $iface parent ffff: protocol ip prio 50 u32 match ip src 0.0.0.0/0 police rate ${rate}bps burst ${burst}b drop flowid :1");
26 # so we use avrate instead
27 run_command
( "/sbin/tc filter add dev $iface parent ffff: " .
28 "protocol ip prio 50 estimator 1sec 8sec " .
29 "u32 match ip src 0.0.0.0/0 police avrate ${rate}bps drop flowid :1" );
31 # tbf does not work for unknown reason
32 #$TC qdisc add dev $DEV root tbf rate $RATE latency 100ms burst $BURST
33 # so we use htb instead
34 run_command
( "/sbin/tc qdisc add dev $iface root handle 1: htb default 1" );
35 run_command
( "/sbin/tc class add dev $iface parent 1: classid 1:1 " .
36 "htb rate ${rate}bps burst ${burst}b" );
39 print "DEBUG tc settings \n " ;
40 system ( "/sbin/tc qdisc ls dev $iface " );
41 system ( "/sbin/tc class ls dev $iface " );
42 system ( "/sbin/tc filter ls dev $iface parent ffff:" );
47 my ( $iface, $rate ) = @_ ;
50 $rate = int ( $rate*1024*1024 );
51 my $burst = 1024 * 1024 ;
53 setup_tc_rate_limit
( $iface, $rate, $burst, $debug );
57 my ( $iface, $bridge ) = @_ ;
59 die "unable to get bridge setting \n " if ! $bridge ;
61 my $bridgemtu = PVE
:: Tools
:: file_read_firstline
( "/sys/class/net/ $bridge/mtu " );
62 die "bridge ' $bridge ' does not exist \n " if ! $bridgemtu ;
65 PVE
:: Tools
:: run_command
( "/sbin/ifconfig $iface 0.0.0.0 promisc up mtu $bridgemtu " );
67 die "interface activation failed \n " if $@ ;
71 my ( $iface, $bridge, $tag ) = @_ ;
73 #cleanup old port config from any openvswitch bridge
74 eval { run_command
( "/usr/bin/ovs-vsctl del-port $iface " , outfunc
=> sub {}, errfunc
=> sub {}) };
76 if (- d
"/sys/class/net/ $bridge/bridge " ) {
77 my $newbridge = activate_bridge_vlan
( $bridge, $tag );
78 copy_bridge_config
( $bridge, $newbridge ) if $bridge ne $newbridge ;
80 system ( "/sbin/brctl addif $newbridge $iface " ) == 0 ||
81 die "can't add interface to bridge \n " ;
83 my $cmd = "/usr/bin/ovs-vsctl add-port $bridge $iface " ;
84 $cmd .= " tag= $tag " if $tag ;
86 die "can't add interface to bridge \n " ;
91 my ( $iface, $bridge, $tag ) = @_ ;
93 if (- d
"/sys/class/net/ $bridge/bridge " ) {
94 $bridge .= "v $tag " if $tag ;
96 system ( "/sbin/brctl delif $bridge $iface " ) == 0 ||
97 die "can't del interface from bridge \n " ;
99 system ( "/usr/bin/ovs-vsctl del-port $iface " ) == 0 ||
100 die "can't del interface from bridge \n " ;
104 sub copy_bridge_config
{
105 my ( $br0, $br1 ) = @_ ;
107 return if $br0 eq $br1 ;
109 my $br_configs = [ 'ageing_time' , 'stp_state' , 'priority' , 'forward_delay' ,
110 'hello_time' , 'max_age' , 'multicast_snooping' , 'multicast_querier' ];
112 foreach my $sysname ( @$br_configs ) {
114 my $v0 = PVE
:: Tools
:: file_read_firstline
( "/sys/class/net/ $br0/bridge/$sysname " );
115 my $v1 = PVE
:: Tools
:: file_read_firstline
( "/sys/class/net/ $br1/bridge/$sysname " );
117 write_proc_entry
( "/sys/class/net/ $br1/bridge/$sysname " , $v0 );
124 sub activate_bridge_vlan
{
125 my ( $bridge, $tag_param ) = @_ ;
127 die "bridge ' $bridge ' is not active \n " if ! - d
"/sys/class/net/ $bridge " ;
129 return $bridge if ! defined ( $tag_param ); # no vlan, simply return
131 my $tag = int ( $tag_param );
133 die "got strange vlan tag ' $tag_param ' \n " if $tag < 1 || $tag > 4094 ;
135 my $bridgevlan = "${bridge}v $tag " ;
137 my $dir = "/sys/class/net/ $bridge/brif " ;
139 #check if we have an only one ethX or bondX interface in the bridge
142 PVE
:: Tools
:: dir_glob_foreach
( $dir, '((eth|bond)\d+)' , sub {
145 die "more then one physical interfaces on bridge ' $bridge ' \n " if $iface ;
150 die "no physical interface on bridge ' $bridge ' \n " if ! $iface ;
152 my $ifacevlan = "${iface}. $tag " ;
154 # create vlan on $iface is not already exist
155 if (! - d
"/sys/class/net/ $ifacevlan " ) {
156 system ( "/sbin/vconfig add $iface $tag " ) == 0 ||
157 die "can't add vlan tag $tag to interface $iface\n " ;
160 # be sure to have the $ifacevlan up
161 system ( "/sbin/ip link set $ifacevlan up" ) == 0 ||
162 die "can't up interface $ifacevlan\n " ;
164 # test if $vlaniface is already enslaved in another bridge
165 my $path = "/sys/class/net/ $ifacevlan/brport/bridge " ;
167 my $tbridge = basename
( readlink ( $path ));
168 if ( $tbridge eq $bridgevlan ) {
169 # already member of bridge - assume setup is already done
172 die "interface $ifacevlan already exist in bridge $tbridge\n " ;
176 # add bridgevlan if it doesn't already exist
177 if (! - d
"/sys/class/net/ $bridgevlan " ) {
178 system ( "/sbin/brctl addbr $bridgevlan " ) == 0 ||
179 die "can't add bridge $bridgevlan\n " ;
182 #fixme: set other bridge flags
184 # be sure to have the bridge up
185 system ( "/sbin/ip link set $bridgevlan up" ) == 0 ||
186 die "can't up bridge $bridgevlan\n " ;
188 # add $ifacevlan to the bridge
189 system ( "/sbin/brctl addif $bridgevlan $ifacevlan " ) == 0 ||
190 die "can't add interface $ifacevlan to bridge $bridgevlan\n " ;