Seem that my previous patch was forgot in the 2.0 https://github.com/CumulusNetworks/ifupdown2/pull/101
Without this, user with routed setup with sysctl fordwarding enable, is removed when interface is up User have reported the bug here: https://forum.proxmox.com/threads/no-internet-on-all-vms-after-update.64404/#post-296540 Signed-off-by: Alexandre Derumier <aderum...@odiso.com> --- .../extra/0002-fix-default-forwarding.patch | 100 ++++++++++++++++++ debian/patches/series | 1 + 2 files changed, 101 insertions(+) create mode 100644 debian/patches/extra/0002-fix-default-forwarding.patch diff --git a/debian/patches/extra/0002-fix-default-forwarding.patch b/debian/patches/extra/0002-fix-default-forwarding.patch new file mode 100644 index 0000000..c1a72a3 --- /dev/null +++ b/debian/patches/extra/0002-fix-default-forwarding.patch @@ -0,0 +1,100 @@ +From 85a93e870777f774e5901bd4443ddff2e8eaa444 Mon Sep 17 00:00:00 2001 +From: Alexandre Derumier <aderum...@odiso.com> +Date: Mon, 24 Feb 2020 15:18:56 +0100 +Subject: [PATCH] fix default forwarding + +Signed-off-by: Alexandre Derumier <aderum...@odiso.com> +--- + ifupdown2/addons/address.py | 70 +++++++++++++++++++++---------------- + 1 file changed, 40 insertions(+), 30 deletions(-) + +diff --git a/ifupdown2/addons/address.py b/ifupdown2/addons/address.py +index 83974d7..b9a16ee 100644 +--- a/ifupdown2/addons/address.py ++++ b/ifupdown2/addons/address.py +@@ -821,42 +821,52 @@ class address(Addon, moduleBase): + 'bridge port' %ifaceobj.name) + return + setting_default_value = False ++ ++ + if not ipforward: + setting_default_value = True +- ipforward = (self.ipforward or +- self.get_mod_subattr('ip-forward', 'default')) +- ipforward = int(utils.get_boolean_from_string(ipforward)) +- running_ipforward = self.cache.get_netconf_forwarding(socket.AF_INET, ifaceobj.name) +- if ipforward != running_ipforward: +- try: +- self.sysctl_set('net.ipv4.conf.%s.forwarding' +- %('/'.join(ifaceobj.name.split("."))), +- ipforward) +- except Exception as e: +- if not setting_default_value: +- ifaceobj.status = ifaceStatus.ERROR +- self.logger.error('%s: %s' %(ifaceobj.name, str(e))) ++ ipforward = self.ipforward ++ ++ if ipforward: ++ ++ ipforward = int(utils.get_boolean_from_string(ipforward)) ++ running_ipforward = self.cache.get_netconf_forwarding(socket.AF_INET, ifaceobj.name) ++ ++ if ipforward != running_ipforward: ++ try: ++ self.sysctl_set('net.ipv4.conf.%s.forwarding' ++ %('/'.join(ifaceobj.name.split("."))), ++ ipforward) ++ except Exception as e: ++ if not setting_default_value: ++ ifaceobj.status = ifaceStatus.ERROR ++ self.logger.error('%s: %s' %(ifaceobj.name, str(e))) + + setting_default_value = False ++ ++ + if not ip6forward: + setting_default_value = True +- ip6forward = (self.ip6forward or +- self.get_mod_subattr('ip6-forward', 'default')) +- ip6forward = int(utils.get_boolean_from_string(ip6forward)) +- running_ip6forward = self.cache.get_netconf_forwarding(socket.AF_INET6, ifaceobj.name) +- if ip6forward != running_ip6forward: +- try: +- self.sysctl_set('net.ipv6.conf.%s.forwarding' +- %('/'.join(ifaceobj.name.split("."))), +- ip6forward) +- except Exception as e: +- # There is chance of ipv6 being removed because of, +- # for example, setting mtu < 1280 +- # In such cases, log error only if user has configured +- # ip6-forward +- if not setting_default_value: +- ifaceobj.status = ifaceStatus.ERROR +- self.logger.error('%s: %s' %(ifaceobj.name, str(e))) ++ ip6forward = self.ip6forward ++ ++ if ip6forward: ++ ++ ip6forward = int(utils.get_boolean_from_string(ip6forward)) ++ running_ip6forward = self.cache.get_netconf_forwarding(socket.AF_INET6, ifaceobj.name) ++ ++ if ip6forward != running_ip6forward: ++ try: ++ self.sysctl_set('net.ipv6.conf.%s.forwarding' ++ %('/'.join(ifaceobj.name.split("."))), ++ ip6forward) ++ except Exception as e: ++ # There is chance of ipv6 being removed because of, ++ # for example, setting mtu < 1280 ++ # In such cases, log error only if user has configured ++ # ip6-forward ++ if not setting_default_value: ++ ifaceobj.status = ifaceStatus.ERROR ++ self.logger.error('%s: %s' %(ifaceobj.name, str(e))) + + def process_mtu(self, ifaceobj, ifaceobj_getfunc): + mtu_str = ifaceobj.get_attr_value_first('mtu') +-- +2.20.1 + diff --git a/debian/patches/series b/debian/patches/series index 6f81e1f..8595980 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1,4 +1,5 @@ extra/0001-argv-move-nldebug-option-to-common_argparse-to-avoid.patch +extra/0002-fix-default-forwarding.patch pve/0001-don-t-remove-tap-veth-fwpr-interfaces-from-bridge-on.patch pve/0002-add-dummy-mtu-bridgevlanport-modules.patch pve/0003-allow-vlan-subinterface-in-a-vlan-aware-bridge.patch -- 2.20.1 _______________________________________________ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
