vm-network-scripts/pve-bridge

   1 #!/usr/bin/perl
   2
   3 use strict;
   4 use warnings;
   5
   6 use PVE::QemuServer;
   7 use PVE::Tools qw(run_command);
   8 use PVE::Network;
   9 use PVE::Firewall;
  10
  11 my $have_sdn;
  12 eval {
  13     require PVE::Network::SDN::Zones;
  14     require PVE::Network::SDN::Vnets;
  15     $have_sdn = 1;
  16 };
  17
  18 my $iface = shift;
  19
  20 my $hotplug = 0;
  21 if ($iface eq '--hotplug') {
  22     $hotplug = 1;
  23     $iface = shift;
  24 }
  25
  26 die "no interface specified\n" if !$iface;
  27
  28 die "got strange interface name '$iface'\n"
  29     if $iface !~ m/^tap(\d+)i(\d+)$/;
  30
  31 my $vmid = $1;
  32 my $netid = "net$2";
  33
  34 my $migratedfrom = $hotplug ? undef : $ENV{PVE_MIGRATED_FROM};
  35
  36 my $conf = PVE::QemuConfig->load_config($vmid, $migratedfrom);
  37
  38 my $netconf = $conf->{$netid};
  39
  40 $netconf = $conf->{pending}->{$netid} if !$migratedfrom && defined($conf->{pending}->{$netid});
  41
  42 die "unable to get network config '$netid'\n"
  43     if !defined($netconf);
  44
  45 my $net = PVE::QemuServer::parse_net($netconf);
  46 die "unable to parse network config '$netid'\n" if !$net;
  47
  48 # The nftable-based implementation from the newer proxmox-firewall does not requires FW bridges
  49 my $create_firewall_bridges = $net->{firewall} && !PVE::Firewall::is_nftables();
  50
  51 if ($have_sdn) {
  52     PVE::Network::SDN::Vnets::add_dhcp_mapping($net->{bridge}, $net->{macaddr}, $vmid, $conf->{name});
  53     PVE::Network::SDN::Zones::tap_create($iface, $net->{bridge});
  54     PVE::Network::SDN::Zones::tap_plug($iface, $net->{bridge}, $net->{tag}, $create_firewall_bridges, $net->{trunks}, $net->{rate});
  55 } else {
  56     PVE::Network::tap_create($iface, $net->{bridge});
  57     PVE::Network::tap_plug($iface, $net->{bridge}, $net->{tag}, $create_firewall_bridges, $net->{trunks}, $net->{rate});
  58 }
  59
  60 exit 0;