[lxc-devel] [PATCH] Set high byte of mac addresses for host veth devices to 0xfe
Serge Hallyn
serge.hallyn at canonical.com
Tue Jan 3 14:40:41 UTC 2012
Hi - thanks for the update. Assuming the only thing you changed was
catching the errno (there's no changelog but I assume so and don't
want to take another close look),
Acked-by: Serge Hallyn <serge.hallyn at canonical.com>
Let's apply and finally close this mysterious and aggravating (for some)
chapter! :)
thanks,
-serge
Quoting Christian Seiler (christian at iwakd.de):
> Hi again,
>
> > Sorry I didn't reply earlier.
> >
> >> Thanks, sorry for the trouble. Looks good, with one exception - if
> >> ioctl failed, then you may end up returning the wrong errno (from the
> >> close syscall). With that fixed, please do apply.
> >
> > Oh, yes, nice catch. I've attached a fixed patch.
>
> I shouldn't be fixing patches so late at night, I only caught the first
> instance of this. Now I've attached a version which really fixes the
> problem. (Hopefully.)
>
> Sorry about the confusion.
>
> Christian
> From 83f4ee619ed322be2845fd8ae988730cae2f36b5 Mon Sep 17 00:00:00 2001
> From: Christian Seiler <christian at iwakd.de>
> Date: Tue, 15 Nov 2011 18:53:53 +0100
> Subject: [PATCH] Set high byte of mac addresses for host veth devices to 0xfe
>
> When used in conjunction with a bridge, veth devices with random addresses
> may change the mac address of the bridge itself if the mac address of the
> interface newly added is numerically lower than the previous mac address
> of the bridge. This is documented kernel behavior. To avoid changing the
> host's mac address back and forth when starting and/or stopping containers,
> this patch ensures that the high byte of the mac address of the veth
> interface visible from the host side is set to 0xfe.
>
> A similar logic has previously also been implemented by the libvirt
> developers for libvirt.
>
> Fixes SF bug #3411497
> See also: <http://thread.gmane.org/gmane.linux.kernel.containers.lxc.general/2709>
> ---
> src/lxc/conf.c | 43 +++++++++++++++++++++++++++++++++++++++++++
> 1 files changed, 43 insertions(+), 0 deletions(-)
>
> diff --git a/src/lxc/conf.c b/src/lxc/conf.c
> index 613e476..517edec 100644
> --- a/src/lxc/conf.c
> +++ b/src/lxc/conf.c
> @@ -1402,6 +1402,39 @@ static int setup_network(struct lxc_list *network)
> return 0;
> }
>
> +static int setup_private_host_hw_addr(char *veth1)
> +{
> + struct ifreq ifr;
> + int err;
> + int saved_errno;
> + int sockfd;
> +
> + sockfd = socket(AF_INET, SOCK_DGRAM, 0);
> + if (sockfd < 0)
> + return -errno;
> +
> + snprintf((char *)ifr.ifr_name, IFNAMSIZ, "%s", veth1);
> + err = ioctl(sockfd, SIOCGIFHWADDR, &ifr);
> + if (err < 0) {
> + saved_errno = errno;
> + close(sockfd);
> + return -saved_errno;
> + }
> +
> + ifr.ifr_hwaddr.sa_data[0] = 0xfe;
> + err = ioctl(sockfd, SIOCSIFHWADDR, &ifr);
> + saved_errno = errno;
> + close(sockfd);
> + if (err < 0)
> + return -saved_errno;
> +
> + DEBUG("mac address of host interface '%s' changed to private %02x:%02x:%02x:%02x:%02x:%02x",
> + veth1, ifr.ifr_hwaddr.sa_data[0] & 0xff, ifr.ifr_hwaddr.sa_data[1] & 0xff, ifr.ifr_hwaddr.sa_data[2] & 0xff,
> + ifr.ifr_hwaddr.sa_data[3] & 0xff, ifr.ifr_hwaddr.sa_data[4] & 0xff, ifr.ifr_hwaddr.sa_data[5] & 0xff);
> +
> + return 0;
> +}
> +
> struct lxc_conf *lxc_conf_init(void)
> {
> struct lxc_conf *new;
> @@ -1455,6 +1488,16 @@ static int instanciate_veth(struct lxc_handler *handler, struct lxc_netdev *netd
> strerror(-err));
> return -1;
> }
> +
> + /* changing the high byte of the mac address to 0xfe, the bridge interface
> + * will always keep the host's mac address and not take the mac address
> + * of a container */
> + err = setup_private_host_hw_addr(veth1);
> + if (err) {
> + ERROR("failed to change mac address of host interface '%s' : %s",
> + veth1, strerror(-err));
> + goto out_delete;
> + }
>
> if (netdev->mtu) {
> err = lxc_netdev_set_mtu(veth1, atoi(netdev->mtu));
> --
> 1.7.2.5
>
More information about the lxc-devel
mailing list