[libvirt] [PATCH] v2:Support for adding a static route to a bridge

Gene Czarcinski gene at czarc.net
Fri Mar 15 19:48:44 UTC 2013 

On 03/15/2013 02:10 PM, Gene Czarcinski wrote:
> This patch adds support for adding a static route for
> a network.  The "via" specifies the gateway's IP
> address.  Both IPv4 and IPv6 static routes are
> supported although it is expected that this
> functionality will have more use with IPv6.
>
> Extensive tests are done to validate that the input
> definitions are correct.  For example, for a static
> route ip definition, the address must be for a network
> and not a host.  Additional checks are added to ensure
> that the specified gateway has a network defined on
> this bridge.
>
> Whan a static route is added to a bridge, there is a slight
> possibility that the gateway address will be incorrect.  If
> this is handled as an error, that bridge becomes unusable and
> can only be recovered by rebooting.  If the error is
> ignored, then that network can be destroyed and the network
> definition file edited to correct the problem.  Unfortunately,
> the error message only appears in syslog.  However, with
> the checks performed when the network definition file is parsed,
> it is unlikely that this condition will ever occur.
>
> The command used is of the following form:
>
> ip route add <address>/<prefix> via <gateway> dev <virbr-bridge> \
> proto static metric 1
When you examine that part of the patch in virNetworkIPdefParseXML() in 
network_conf.c, you will nitice that I have added a large number of 
tests/check that the data entered is valid.  These checks and the 
associated error messages are intended for the situation where you are 
using virsh net-edit.  As such, I believe these are quite good with 
respect to providing some guidance to the user.

Unfortuately, these same parse function is used by libvert without virsh 
and, when that occurs and the network definition (xml) file is found to 
be flawed, libvert will ignore that network definition. Better 
diagnostics and recovery is needed here but (currently) it is not clear 
how to provide it.

It would be nice if there was some way to "force" virsh net-edit to edit 
the xml file regardless of errors which could then be corrected as if a 
good file was being edited and bad configuration was entered. [any 
suggestions welcome]

Gene

More information about the libvir-list mailing list