ether file should have 1 line by mac address with ip4+ip6
ip6 address should be in braced [ip6]
for now: don't update ip6 through bus as it seem to be incorrect
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
we don't want dynamic lease, simply define each subnet as a static range.
dhcp-range defined on a subnet is only used by ipam plugin.
This will also allow to use dhcp subnet without need to define a range.
Can be usefull for external ipam like phpipam, where you can't define ranges.
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
This helper can be used to create DHCP entries for a specific zone. It
is used by the API to create DHCP leases for VMs/CTs.
Co-Authored-By: Alexandre Derumier <aderumier@odiso.com>
Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
The plugin creates a dnsmasq@<zone> service that spawns a dnsmasq
instance that handles dhcp for that zone.
The configuration files for a dnsmasq instance lie within
/etc/dnsmasq.d/<zone>
The plugin generates the following configuration files:
* 00-default.conf
Contains the default global configuration for dnsmasq. Disables DNS,
enables some specific options for Windows, does some
security-related configuration and makes dnsmasq bind only to the
interfaces it is responsible for
* 10-<subnet>.conf
Contains the default settings for a subnet. Sets dhcp options for
DNS and gateway.
* 10-<subnet>.ranges.conf
Contains the configuration of DHCP ranges for a subnet.
* ethers
Contains the MAC address to IP mappings for a zone.
Every subnet gets assigned a tag in the dnsmasq configuration that is
equal to the subnet_id. This can be used to override / set additional
configuration options on a per-subnet basis.
Additionally it creates the file /etc/default/dnsmasq.<zone> that
provides default options for the dnsmasq service.
Leases are stored in /var/lib/misc/dnsmasq.<zone>.
Co-Authored-By: Alexandre Derumier <aderumier@odiso.com>
Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
This abstract class provides several hooks that should be called
during the config generation process, they expose the functionality
for the different configuration tasks required from the DHCP plugins.
add_ip_mapping
Adds a mapping from MAC address to an IP for a given DHCP server. The
DHCP server will then always assign the given IP address to the MAC.
del_ip_mapping
Deletes all mappings for a given MAC address for a given DHCP server.
before_regenerate
Should be called before the plugin does any configuration tasks. The
main usage for this hook is tearing down old instances.
after_regenerate
Should be called after the plugin has finished generating any
configuration. The main usage for this hook is to perform cleanup and
restart / reload services.
before_configure
Should be called before creating the configuration for a specific DHCP
instance, as defined in the dhcp.cfg. This can be used for performing
instance-specific setup.
after_configure
Should be called after the configuration for a specific DHCP instance,
as defined in the dhcp.cfg. This will mainly be used for enabling and
restarting / reloading a specific instance of a DHCP server.
configure_subnet
This function configures the settings for a specific subnet (that can
contain multiple DHCP ranges). This sets global settings for a
specific subnet such as DNS server or gateway.
configure_range
This configures a DHCP range that is available for a given Subnet.
Co-Authored-By: Alexandre Derumier <aderumier@odiso.com>
Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
Those methods are used by the DHCP plugins to attain the next free
IP address for a given DHCP range, as well as delete all entries with
a certain MAC address.
Co-Authored-By: Alexandre Derumier <aderumier@odiso.com>
Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
Adds a new file priv/macs.db for caching the queries to IPAM.
Additionally adds and imeplements methods to the IPAM plugins that
are required for the DHCP functionality.
Co-Authored-By: Alexandre Derumier <aderumier@odiso.com>
Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
Add the option to retrieve the running configuration instead of only
the pending configuration via the config methods. Refactor methods
using the running config to utilize the new parameter.
Add helper methods and return additional attributes from the getter
functions that are needed by the dhcp plugins.
Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
Signed-off-by: Stefan Lendl <s.lendl@proxmox.com>
[ TL: avoid one-word subject & make build-dir glob more specific ]
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
We want to be able to override it for some specific plugins.
Can be used by an sdn controller (like ovn for example), where
mac need to be registered manually.
- use new /sdn/zones/zone/<vnet> path for vnet && subnets permissions
- fix some permissions on /sdn/zones && /sdn
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
they access pmxcfs directly and so cannot really work, this needs to
be mocked some day (soon!), but as stop-gap just skip the tests if a
sbuild lock is present
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
When warning or error from ifreload are logged they are received in
1 line in result of pvesh.
So, the UPID might not always start at the beginning, which was
assumed by the old code, failing parsing it, throwing a warning like:
> Use of uninitialized value $upid in pattern match (m//) at /usr/share/perl5/PVE/Tools.pm line 1106.
> Use of uninitialized value $upid in concatenation (.) or string at /usr/share/perl5/PVE/Tools.pm line 1120.
Drop the start anchor of the regex.
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
The tagged bridge interface need to also have to correct
vlan-protocol
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
We don't want to routes subnets between different zones when same
exit node is used.
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
vrf and router bgp vrf need to be ordered by vrf name
ip protocol need to be at the end
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Some users requested it as their physical network equipments don't
use standard vxlan port
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Currently, if a node is primary exit-node for 1 vrf, and secondary
exit-node for another vrf,
The deny route-map is filtering routes imports for both vrf.
This patch adds filtering only for the vrf's where the node is
secondary.
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
