From mboxrd@z Thu Jan 1 00:00:00 1970 Received: by passt.top (Postfix, from userid 1000) id 014545A0281; Mon, 22 May 2023 19:46:07 +0200 (CEST) From: Stefano Brivio To: passt-dev@passt.top Subject: [PATCH v3 00/10] Optionally copy all routes and addresses for pasta, allow gateway-less routes Date: Mon, 22 May 2023 19:45:57 +0200 Message-Id: <20230522174607.2824220-1-sbrivio@redhat.com> X-Mailer: git-send-email 2.39.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Message-ID-Hash: 2RVWPRPWDRHAPISFFHPAZZEURMNE3S3A X-Message-ID-Hash: 2RVWPRPWDRHAPISFFHPAZZEURMNE3S3A X-MailFrom: sbrivio@passt.top X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Callum Parsey , me@yawnt.com, David Gibson , lemmi@nerd2nerd.org, Andrea Arcangeli X-Mailman-Version: 3.3.8 Precedence: list List-Id: Development discussion and patches for passt Archived-At: Archived-At: List-Archive: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: This series, along with pseudo-related fixes, enables: - optional copy of all routes from selected interface in outer namespace, to fix the issue reported by Callum at: https://github.com/containers/podman/issues/18539 - optional copy of all addresses, mostly for consistency. It doesn't, however, enable assignment of multiple addresses in the sense requested at: https://bugs.passt.top/show_bug.cgi?id=47 because the addresses still need to be present on the host, and the "outer" address isn't selected depending on the address used inside the container - operation without a gateway address. This is related to: https://bugs.passt.top/show_bug.cgi?id=49 but Wireguard endpoints established outside the container can't be used yet as outbound interface (without the workaround reported there) for a number of reasons I'm still investigating. In any case, the correct route is now configured in the container, even without a default gateway on the corresponding host route, so we're a bit closer to support that configuration out of the box. v3: - in 5/10 and 9/10: mark the new --no-copy-routes and --no-copy-addrs options as deprecated to address David's concern. They are hopefully not useful and we can drop those, but they're nice to have around at the moment in case to debug issues that might be related to this series v2: - in 3/10, repeat the netlink request once for each RTM_NEWROUTE we're going to send as part of the request: routes might depend on each other, and this is a somewhat rudimentary, but seemingly robust approach to insert all the routes we can insert, without explicitly calculating dependencies - Cc: Andrea, reporter for the issue fixed in 4/10 Stefano Brivio (10): netlink: Fix comment about response buffer size for nl_req() pasta: Improve error handling on failure to join network namespace netlink: Add functionality to copy routes from outer namespace conf: --config-net option is for pasta mode only conf, pasta: With --config-net, copy all routes by default Revert "conf: Adjust netmask on mismatch between IPv4 address/netmask and gateway" conf: Don't exit if sourced default route has no gateway netlink: Add functionality to copy addresses from outer namespace conf, pasta: With --config-net, copy all addresses by default passt.h: Fix description of pasta_ifi in struct ctx conf.c | 85 +++++++++++++++++++++------------- netlink.c | 135 +++++++++++++++++++++++++++++++++++++++++------------- netlink.h | 13 ++++-- passt.1 | 35 +++++++++++++- passt.h | 8 +++- pasta.c | 26 +++++++---- 6 files changed, 221 insertions(+), 81 deletions(-) -- 2.39.2