return 'simple';
}
+sub properties {
+ return {
+ dns => {
+ type => 'string',
+ description => "dns api server",
+ },
+ reversedns => {
+ type => 'string',
+ description => "reverse dns api server",
+ },
+ dnszone => {
+ type => 'string', format => 'dns-name',
+ description => "dns domain zone ex: mydomain.com",
+ }
+ };
+}
+
sub options {
return {
nodes => { optional => 1},
- mtu => { optional => 1 }
+ mtu => { optional => 1 },
+ dns => { optional => 1 },
+ reversedns => { optional => 1 },
+ dnszone => { optional => 1 },
+ ipam => { optional => 0 },
};
}
# Plugin implementation
sub generate_sdn_config {
- my ($class, $plugin_config, $zoneid, $vnetid, $vnet, $controller, $subnet_cfg, $interfaces_config, $config) = @_;
+ my ($class, $plugin_config, $zoneid, $vnetid, $vnet, $controller, $controller_cfg, $subnet_cfg, $interfaces_config, $config) = @_;
return $config if$config->{$vnetid}; # nothing to do
# vnet bridge
my @iface_config = ();
- my @subnets = PVE::Tools::split_list($vnet->{subnets}) if $vnet->{subnets};
- foreach my $subnet (@subnets) {
- next if !defined($subnet_cfg->{ids}->{$subnet});
- push @iface_config, "address $subnet_cfg->{ids}->{$subnet}->{gateway}" if $subnet_cfg->{ids}->{$subnet}->{gateway};
+ my $address = {};
+ my $subnets = PVE::Network::SDN::Vnets::get_subnets($vnetid, 1);
+
+ foreach my $subnetid (sort keys %{$subnets}) {
+ my $subnet = $subnets->{$subnetid};
+ my $cidr = $subnet->{cidr};
+ my $mask = $subnet->{mask};
+
+ my $gateway = $subnet->{gateway};
+ if ($gateway) {
+ push @iface_config, "address $gateway/$mask" if !defined($address->{$gateway});
+ $address->{$gateway} = 1;
+ }
+ #add route for /32 pointtopoint
+ push @iface_config, "up ip route add $cidr dev $vnetid" if $mask == 32;
+ if ($subnet->{snat}) {
+ #find outgoing interface
+ my ($outip, $outiface) = PVE::Network::SDN::Zones::Plugin::get_local_route_ip('8.8.8.8');
+ if ($outip && $outiface) {
+ #use snat, faster than masquerade
+ push @iface_config, "post-up iptables -t nat -A POSTROUTING -s '$cidr' -o $outiface -j SNAT --to-source $outip";
+ push @iface_config, "post-down iptables -t nat -D POSTROUTING -s '$cidr' -o $outiface -j SNAT --to-source $outip";
+ #add conntrack zone once on outgoing interface
+ push @iface_config, "post-up iptables -t raw -I PREROUTING -i fwbr+ -j CT --zone 1";
+ push @iface_config, "post-down iptables -t raw -D PREROUTING -i fwbr+ -j CT --zone 1";
+ }
+ }
}
push @iface_config, "hwaddress $mac" if $mac;
sub vnet_update_hook {
- my ($class, $vnet) = @_;
+ my ($class, $vnet_cfg, $vnetid, $zone_cfg) = @_;
+
+ my $vnet = $vnet_cfg->{ids}->{$vnetid};
+ my $tag = $vnet->{tag};
- raise_param_exc({ tag => "vlan tag is not allowed on simple bridge"}) if defined($vnet->{tag});
+ raise_param_exc({ tag => "vlan tag is not allowed on simple zone"}) if defined($tag);
if (!defined($vnet->{mac})) {
my $dc = PVE::Cluster::cfs_read_file('datacenter.cfg');
projects / pve-network.git / blobdiff