--- Begin Message ---
Add support for bridge ports isolation
https://github.com/torvalds/linux/commit/7d850abd5f4edb1b1ca4b4141a4453305736f564
This allow to drop traffic between all ports having isolation enabled
on the local bridge, but allow traffic with non isolated ports.
Here,we isolate
--- Begin Message ---
also move vlan-aware in advanced section
Signed-off-by: Alexandre Derumier
---
www/manager6/sdn/VnetEdit.js | 12
1 file changed, 12 insertions(+)
diff --git a/www/manager6/sdn/VnetEdit.js b/www/manager6/sdn/VnetEdit.js
index cdd83ed4..a00f83e6 100644
---
--- Begin Message ---
This patches series add support for sdn vnet bridge ports isolation
pve-network:
Alexandre Derumier (1):
vnets : add ports isolation
src/PVE/Network/SDN/VnetPlugin.pm | 5 +
src/PVE/Network/SDN/Zones/Plugin.pm | 1 +
2 files changed, 6 insertions(+)
pve-common:
--- Begin Message ---
This is allow to block traffic/isolation traffic between all ports
on the bridge with isolation (so between the vms), ans still allow
incoming traffic from uplink.
Signed-off-by: Alexandre Derumier
---
src/PVE/Network.pm | 14 --
1 file changed, 12
--- Begin Message ---
ifupdown2 only support ipv4 (could be fixed)
frr/evpn: don't support ipv6 at all
Signed-off-by: Alexandre Derumier
---
src/PVE/Network/SDN/Controllers/EvpnPlugin.pm | 2 +-
src/PVE/Network/SDN/Zones/VxlanPlugin.pm | 2 +-
2 files changed, 2 insertions(+), 2
--- Begin Message ---
Signed-off-by: Alexandre Derumier
---
src/PVE/Network/SDN/Controllers/IsisPlugin.pm| 3 ++-
src/test/zones/evpn/isis/expected_controller_config | 2 ++
src/test/zones/evpn/isis_loopback/expected_controller_config | 2 ++
3 files changed, 6
--- Begin Message ---
Need to be inserted after ip prefix-list and before route map
Signed-off-by: Alexandre Derumier
---
src/PVE/Network/SDN/Controllers/EvpnPlugin.pm | 15 +--
1 file changed, 9 insertions(+), 6 deletions(-)
diff --git
--- Begin Message ---
Signed-off-by: Alexandre Derumier
---
src/PVE/Network/SDN/Controllers/IsisPlugin.pm | 12 +++-
1 file changed, 11 insertions(+), 1 deletion(-)
diff --git a/src/PVE/Network/SDN/Controllers/IsisPlugin.pm
b/src/PVE/Network/SDN/Controllers/IsisPlugin.pm
index
--- Begin Message ---
for ipv4, we use the iface ipv4 router-id as router-id need to 32bit.
That's doesn't work for pure ipv6 underlay network.
since https://www.rfc-editor.org/rfc/rfc6286, we can use any 32bit id,
it's just need to be unique in the ASN.
Simply use the last 4 bytes of iface mac
--- Begin Message ---
for ipv4, we use the iface ipv4 router-id as router-id need to 32bit.
That's doesn't work for pure ipv6 underlay network.
since https://www.rfc-editor.org/rfc/rfc6286, we can use any 32bit id,
it's just need to be unique in the ASN.
Simply use the last 4 bytes of iface mac
--- Begin Message ---
Signed-off-by: Alexandre Derumier
---
src/PVE/Network/SDN/Controllers/EvpnPlugin.pm | 2 +-
src/test/zones/evpn/exitnode/expected_controller_config | 2 +-
.../evpn/exitnode_local_routing/expected_controller_config| 2 +-
--- Begin Message ---
Implement new cloudinit api from last qemu-server patch serie.
I don't have tuned it yet, the rstore is polling the api each second,
so extract the config from cloudinit drive each time.
I need to check how to load it once or when regenerated only.
need qemu-server patch
12 matches
Mail list logo