X-Git-Url: https://git.proxmox.com/?p=pve-common.git;a=blobdiff_plain;f=src%2FPVE%2FNetwork.pm;h=627e7647050c3b97ad3c444c98941437a770c848;hp=1c037702d3b62ffd3189a8a3e150f79319c2feee;hb=eead1ccaa509e8559e466ca5926c6625f27bff35;hpb=beb9820ffb8fe3154573c88d3066be6ab4d5c0a3 diff --git a/src/PVE/Network.pm b/src/PVE/Network.pm index 1c03770..627e764 100644 --- a/src/PVE/Network.pm +++ b/src/PVE/Network.pm @@ -7,12 +7,15 @@ use PVE::ProcFSTools; use PVE::INotify; use File::Basename; use IO::Socket::IP; +use Socket qw(NI_NUMERICHOST NI_NUMERICSERV); use POSIX qw(ECONNREFUSED); use Net::IP; # host network related utility functions +our $PHYSICAL_NIC_RE = qr/(?:eth\d+|en[^:.]+|ib\d+)/; + our $ipv4_reverse_mask = [ '0.0.0.0', '128.0.0.0', @@ -166,8 +169,9 @@ my $cond_create_bridge = sub { my ($bridge) = @_; if (! -d "/sys/class/net/$bridge") { - system("/sbin/brctl addbr $bridge") == 0 || - die "can't add bridge '$bridge'\n"; + system("/sbin/brctl addbr $bridge") == 0 || + die "can't add bridge '$bridge'\n"; + disable_ipv6($bridge); } }; @@ -245,7 +249,7 @@ sub tap_create { eval { disable_ipv6($iface); - PVE::Tools::run_command("/sbin/ifconfig $iface 0.0.0.0 promisc up mtu $bridgemtu"); + PVE::Tools::run_command(['/sbin/ip', 'link', 'set', $iface, 'up', 'promisc', 'on', 'mtu', $bridgemtu]); }; die "interface activation failed\n" if $@; } @@ -277,7 +281,7 @@ sub veth_delete { if (-d "/sys/class/net/$veth") { run_command("/sbin/ip link delete dev $veth", outfunc => sub {}, errfunc => sub {}); } - + eval { tap_unplug($veth) }; } my $create_firewall_bridge_linux = sub { @@ -287,7 +291,6 @@ my $create_firewall_bridge_linux = sub { my ($fwbr, $vethfw, $vethfwpeer) = &$compute_fwbr_names($vmid, $devid); &$cond_create_bridge($fwbr); - disable_ipv6($fwbr); &$activate_interface($fwbr); copy_bridge_config($bridge, $fwbr); @@ -308,7 +311,6 @@ my $create_firewall_bridge_ovs = sub { my $bridgemtu = &$read_bridge_mtu($bridge); &$cond_create_bridge($fwbr); - disable_ipv6($fwbr); &$activate_interface($fwbr); &$bridge_add_interface($fwbr, $iface); @@ -317,7 +319,7 @@ my $create_firewall_bridge_ovs = sub { &$activate_interface($ovsintport); # set the same mtu for ovs int port - PVE::Tools::run_command("/sbin/ifconfig $ovsintport mtu $bridgemtu"); + PVE::Tools::run_command(['/sbin/ip', 'link', 'set', $ovsintport, 'mtu', $bridgemtu]); &$bridge_add_interface($fwbr, $ovsintport); }; @@ -429,10 +431,10 @@ sub activate_bridge_vlan_slave { if (! -d "/sys/class/net/$ifacevlan") { system("/sbin/ip link add link $iface name $ifacevlan type vlan id $tag") == 0 || die "can't add vlan tag $tag to interface $iface\n"; - } - # remove ipv6 link-local address before activation - disable_ipv6($ifacevlan); + # remove ipv6 link-local address before activation + disable_ipv6($ifacevlan); + } # be sure to have the $ifacevlan up &$activate_interface($ifacevlan); @@ -576,6 +578,37 @@ sub get_local_ip_from_cidr { return $IPs; } +sub addr_to_ip { + my ($addr) = @_; + my ($err, $host, $port) = Socket::getnameinfo($addr, NI_NUMERICHOST | NI_NUMERICSERV); + die "failed to get numerical host address: $err\n" if $err; + return ($host, $port) if wantarray; + return $host; +} + +sub get_ip_from_hostname { + my ($hostname, $noerr) = @_; + + my ($family, $ip); + + eval { + my @res = PVE::Tools::getaddrinfo_all($hostname); + $family = $res[0]->{family}; + $ip = addr_to_ip($res[0]->{addr}) + }; + if ($@) { + die "hostname lookup '$hostname' failed - $@" if !$noerr; + return undef; + } + + if ($ip =~ m/^127\.|^::1$/) { + die "hostname lookup '$hostname' failed - got local IP address '$ip'\n" if !$noerr; + return undef; + } + + return wantarray ? ($ip, $family) : $ip; +} + sub lock_network { my ($code, @param) = @_; my $res = lock_file('/var/lock/pve-network.lck', 10, $code, @param);