<div dir="auto"><div><br><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">пт, 12 апр. 2019 г., 12:10 Ruben Kerkhof <<a href="mailto:ruben@rubenkerkhof.com">ruben@rubenkerkhof.com</a>>:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">On Thu, Apr 11, 2019 at 10:43 PM Vasiliy Tolstov <<a href="mailto:v.tolstov@selfip.ru" target="_blank" rel="noreferrer">v.tolstov@selfip.ru</a>> wrote:<br> <br> Hi Vasiliy,<br> <br> ><br> > ср, 10 апр. 2019 г. в 19:46, Ruben Kerkhof <<a href="mailto:ruben@rubenkerkhof.com" target="_blank" rel="noreferrer">ruben@rubenkerkhof.com</a>>:<br> > ><br> > > On Wed, Apr 10, 2019 at 1:44 PM Laine Stump <<a href="mailto:laine@redhat.com" target="_blank" rel="noreferrer">laine@redhat.com</a>> wrote:<br> > > ><br> > > > On 4/9/19 11:35 AM, Ruben Kerkhof wrote:<br> > > > > On Tue, Apr 9, 2019 at 5:10 PM Michal Privoznik <<a href="mailto:mprivozn@redhat.com" target="_blank" rel="noreferrer">mprivozn@redhat.com</a>> wrote:<br> > > > >><br> > > > >> On 4/9/19 4:38 PM, Ruben Kerkhof wrote:<br> > > > >>> Hi all,<br> > > > >>><br> > > > >>> I have a hook script, /etc/libvirt/hooks/network, that doesn't seem to<br> > > > >>> be called when I attach an interface with type 'ethernet' with this<br> > > > >>> xml snippet:<br> > > > >>><br> > > > >>> <interface type='ethernet'><br> > > > >>> <model type="virtio"/><br> > > > >>> <source><br> > > > >>> <ip address="10.100.0.1" prefix="24" peer="10.100.0.10"/><br> > > > >>> </source><br> > > > >>> </interface><br> > > > >>><br> > > > >>> <a href="https://www.libvirt.org/hooks.html#intro" rel="noreferrer noreferrer" target="_blank">https://www.libvirt.org/hooks.html#intro</a> says<br> > > > >>> "A network is started or stopped or an interface is plugged/unplugged<br> > > > >>> to/from the network (since 1.2.2)".<br> > > > >>><br> > > > >>> While I don't have a network defined in xml, I'd expect this to work<br> > > > >>> just as well for 'ethernet' type interfaces. Am I wrong?<br> > > > >><br> > > > >><br> > > > >> Hotplugging an 'ethernet' type of interface doesn't really relate to any<br> > > > >> libvirt network. Hence libvirt doesn't call 'network' hook script. If<br> > > > >> you'd continue reading you'll see what is the 'network' hook fed with<br> > > > >> (on stdin): info on domain in question AND network where the event<br> > > > >> ocurred. But there is no network, is it?<br> > > > ><br> > > > > No not in the libvirt sense there isn't, you're right.<br> > > > >><br> > > > >> But maybe you can work around this by waiting for<br> > > > >> DEVICE_ADDED/DEVICE_REMOVED events? What is it that you're trying to solve?<br> > > > ><br> > > > > I'd like to enable proxy_arp on the interface among other things.<br> > > > > I can easily do this from the same script that adds the interface<br> > > > > though, so I have a workaround, but a hook that triggers on all<br> > > > > interface events felt cleaner.<br> > > ><br> > > > Also keep in mind that the hook scripts aren't an officially supported<br> > > > part of the API, and are thus liable to change without warning. As an<br> > > > example, danpb has proposed changing the network hook:<br> > > ><br> > > > <a href="https://www.redhat.com/archives/libvir-list/2019-March/msg01280.html" rel="noreferrer noreferrer" target="_blank">https://www.redhat.com/archives/libvir-list/2019-March/msg01280.html</a><br> > > ><br> > > > Once this goes in, any network hook script that uses the plugged and<br> > > > unplugged hooks will no longer work; you would instead need to use the<br> > > > port-created and port-deleted hooks.<br> > ><br> > > That's good to know, thank you Laine.<br> > ><br> > > In that case perhaps adding this functionality to libvirt itself would<br> > > make more sense?<br> > ><br> > > Some background, I'm implementing<br> > > <a href="https://vincent.bernat.ch/en/blog/2018-l3-routing-hypervisor" rel="noreferrer noreferrer" target="_blank">https://vincent.bernat.ch/en/blog/2018-l3-routing-hypervisor</a>, so<br> > > announcing /32 host routes to our vms with BGP.<br> > > Our existing vms use /24 network addressing, and to keep that working,<br> > > I need to set proxy_arp on the interface.<br> > ><br> > I done something like this in some Russian Cloud hosting provider, but<br> > we use OSPF to redistribute routes in DC, and sync their via bgp<br> > between dc.<br> <br> Thanks, it's good to know that more people do this and I'm on the right path :)<br> <br> > I don't recommend hooks, write small netlink based program that<br> > listens events about interface up, check it names and set proxy arp<br> > for it.<br> > This is not blocking and easy to modify/test/write. Or set proxy_arp<br> > globally (but this is not recommended)<br> <br> That's a good tip, thanks.<br> I do want to set proxy_arp before the interface is admin up and<br> passing traffic, is that possible with netlink?<br> <br> Writing an udev rule might work as well now that I think of it.<br> <br> But seeing that multiple people have implemented this in their own<br> way, wouldn't it make more sense to add support for this to libvirt?<br> Something like <interface type='ethernet' proxy_arp='on' /><br> ><br></blockquote></div></div><div dir="auto"><br></div><div dir="auto"><br></div><div dir="auto">This is not one option that can be setted, so i think this is not generic variant.</div><div dir="auto">And yes,if this is only one option,udev is sufficiently.</div><div dir="auto"><br></div><div dir="auto"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"> > --<br> > Vasiliy Tolstov,<br> > e-mail: <a href="mailto:v.tolstov@selfip.ru" target="_blank" rel="noreferrer">v.tolstov@selfip.ru</a><br> <br> Kind regards,<br> <br> Ruben<br> </blockquote></div></div></div>