From mboxrd@z Thu Jan  1 00:00:00 1970
Authentication-Results: passt.top; dmarc=pass (p=quarantine dis=none) header.from=redhat.com
Authentication-Results: passt.top;
	dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=UdNcnwT3;
	dkim-atps=neutral
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124])
	by passt.top (Postfix) with ESMTPS id 4CC365A0262
	for <passt-dev@passt.top>; Sat, 20 Jun 2026 00:10:31 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1781907030;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=kDCUfs7a10axKJXIjQQvxpdLhv8JaKcjBl6RVGNhPSY=;
	b=UdNcnwT39PRInUN6MuWP1c71p/QFvHfZogdFQD7qIgOZX+Q3dTMs5RTemc2XNSJMccb5xh
	ToxmtBIJzSQ0YQZWCuH1dGy1i5VVNJnlUGUPuZ4mDj3QTt4ZlYf60oxwcZUpBojmaVBki+
	QJDk3jZYI59NZWeai5d5aSU3FKAAuj0=
Received: from mail-wm1-f72.google.com (mail-wm1-f72.google.com
 [209.85.128.72]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-43-fQa-83yNMK-bqv-kqld7vw-1; Fri, 19 Jun 2026 18:10:28 -0400
X-MC-Unique: fQa-83yNMK-bqv-kqld7vw-1
X-Mimecast-MFC-AGG-ID: fQa-83yNMK-bqv-kqld7vw_1781907027
Received: by mail-wm1-f72.google.com with SMTP id 5b1f17b1804b1-49245e10b73so3830785e9.3
        for <passt-dev@passt.top>; Fri, 19 Jun 2026 15:10:28 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1781907027; x=1782511827;
        h=date:content-transfer-encoding:mime-version:organization:references
         :in-reply-to:message-id:subject:cc:to:from:x-gm-gg
         :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=kDCUfs7a10axKJXIjQQvxpdLhv8JaKcjBl6RVGNhPSY=;
        b=qZt4Rd2gII1n6f7CsO7cspyJh66yuLVMfvBh/udp1ZgFKCJKre609qxV/3zfMvxOTt
         FIlvmSXUaMMiFybwk0qOhEjZjEyoCU55YW/8UPERlbPlfPdqqQrodbr1hpgY/mfZMfIs
         XCWdcqfgLzJ/jfbiASZphD4yeAqoHaiFFFJZxla5fgKB5fFPyRDsAvuz5z0hPq4a7xFp
         Sf/lsG5A8k/eesf3adiR7oNFuMScAs9Mrd4G4nCZnsRNFmSnuI/SIsUVDv225huolg/p
         DmZ5zC8k2LH/+jztiUAAUXAv/whFhcMbWiIgPTBZMqGePbRQqj0SilD0uMGLNRF3j0a0
         3MIw==
X-Forwarded-Encrypted: i=1; AFNElJ+a4jThz4x7dvNJVdcsgzfRHepbUkApy4D6FQFxElfRHSUoDL+knWFb2xwmKUMTQkbzAZyV07ikSMg=@passt.top
X-Gm-Message-State: AOJu0YzE1ENX7T1EcAfRueBlHMmuULcEg7bjapxrJAoUqNg4BVcG+td9
	DEZhlgZOZ+8wP7sqnfwnzANasAXOMrrMoJn86C0IMrq0NnK+oujNrQ8dp19ZxwqNRT9ypRt8mxs
	YpU9OP6xzGnGB+v/B9yTT1h+QKpUD/k0FEMgHZQPKmNy+GeDQXlDXsw==
X-Gm-Gg: AfdE7ckcCzC9yQlJ9haH5hdn2w6COLHaUzJE3GYO9rgPHihZaSrs0JVSv7X1bysE/hS
	7JOFRTYIJxIR+UHiyIL6Bm9QB7viKG0SejyaEV1xgV3+r/kZ2+oseCbBrBWQMZuEbXhIB1ef/TG
	cMylCnQ27K2S94byzSuttKswzVfMxE3xC4+UsGGSsGGnv5UcJa6wEJY+Me8AF4MyAaOj33LHaEA
	/CpAl0y0msXyt2hCgVUAuI5g3mtVG0hWYuUu913dDkeE+TRqcrqKE2FuQMSVgOiGZ1jXChMC709
	ASU4hKaC8g0KonVQAr6MqFGh2yz2D4ATUY9K98aU6u48egG9hift78TttTS0wdOXDyquBqjZxMU
	sHJ3r6q+FdR9le19vyx64cA==
X-Received: by 2002:a05:600c:1d0d:b0:489:5022:39a4 with SMTP id 5b1f17b1804b1-4924233a8acmr61598925e9.9.1781907027185;
        Fri, 19 Jun 2026 15:10:27 -0700 (PDT)
X-Received: by 2002:a05:600c:1d0d:b0:489:5022:39a4 with SMTP id 5b1f17b1804b1-4924233a8acmr61598535e9.9.1781907026638;
        Fri, 19 Jun 2026 15:10:26 -0700 (PDT)
Received: from maya.myfinge.rs (ifcgrfdd.trafficplex.cloud. [2a10:fc81:a806:d6a9::1])
        by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-466648c5397sm2454385f8f.13.2026.06.19.15.10.25
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 19 Jun 2026 15:10:25 -0700 (PDT)
From: Stefano Brivio <sbrivio@redhat.com>
To: Jon Maloy <jmaloy@redhat.com>
Subject: Re: [PATCH v7 05/13] conf: Allow multiple -a/--address options per
 address family
Message-ID: <20260620001024.792957cf@elisabeth>
In-Reply-To: <20260413005319.3295910-6-jmaloy@redhat.com>
References: <20260413005319.3295910-1-jmaloy@redhat.com>
	<20260413005319.3295910-6-jmaloy@redhat.com>
Organization: Red Hat
X-Mailer: Claws Mail 4.2.0 (GTK 3.24.49; x86_64-pc-linux-gnu)
MIME-Version: 1.0
Date: Sat, 20 Jun 2026 00:10:25 +0200 (CEST)
X-Mimecast-Spam-Score: 0
X-Mimecast-MFC-PROC-ID: 9ZwSIS6_k4QcDG8wQFt8zWVwTWTXeaXGhA-fpsvRHEk_1781907027
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Message-ID-Hash: DL5W56MKPGUHDZGGPXW4ZCMISAQWNVRH
X-Message-ID-Hash: DL5W56MKPGUHDZGGPXW4ZCMISAQWNVRH
X-MailFrom: sbrivio@redhat.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: david@gibson.dropbear.id.au, passt-dev@passt.top
X-Mailman-Version: 3.3.8
Precedence: list
List-Id: Development discussion and patches for passt <passt-dev.passt.top>
Archived-At: <https://archives.passt.top/passt-dev/20260620001024.792957cf@elisabeth/>
Archived-At: <https://passt.top/hyperkitty/list/passt-dev@passt.top/message/DL5W56MKPGUHDZGGPXW4ZCMISAQWNVRH/>
List-Archive: <https://archives.passt.top/passt-dev/>
List-Archive: <https://passt.top/hyperkitty/list/passt-dev@passt.top/>
List-Help: <mailto:passt-dev-request@passt.top?subject=help>
List-Owner: <mailto:passt-dev-owner@passt.top>
List-Post: <mailto:passt-dev@passt.top>
List-Subscribe: <mailto:passt-dev-join@passt.top>
List-Unsubscribe: <mailto:passt-dev-leave@passt.top>

On Sun, 12 Apr 2026 20:53:11 -0400
Jon Maloy <jmaloy@redhat.com> wrote:

> Allow specifying multiple addresses per family with -a/--address.
> The first address of each family is used for DHCP/DHCPv6 assignment.
> 
> Signed-off-by: Jon Maloy <jmaloy@redhat.com>

I guess it would be finally time to triumphally mention:

Link: https://bugs.passt.top/show_bug.cgi?id=47

...and Cc: its reporter on this one. :)

> ---
> v2: - Adapted to previous code changes
> v3: - Adapted to single-array strategy
>     - Changes according to feedback from S. Brivio and D. Gibson.
> v4: - Stripped down and adapted after feedback from David G.
> v6: - Adapted to previous changes in series
>     - Removed the "one address" limitation for -n option
> v7: - Updated man page.
> ---
>  conf.c  |  7 ++++---
>  fwd.c   |  4 +---
>  passt.1 |  7 +++----
>  pasta.c | 14 ++++++++------
>  4 files changed, 16 insertions(+), 16 deletions(-)
> 
> diff --git a/conf.c b/conf.c
> index 591f561..8b4a7a0 100644
> --- a/conf.c
> +++ b/conf.c
> @@ -939,9 +939,11 @@ static void usage(const char *name, FILE *f, int status)
>  		"    default: 65520: maximum 802.3 MTU minus 802.3 header\n"
>  		"                    length, rounded to 32 bits (IPv4 words)\n"
>  		"  -a, --address ADDR	Assign IPv4 or IPv6 address ADDR[/PREFIXLEN]\n"
> -		"    can be specified zero to two times (for IPv4 and IPv6)\n"
> +		"    can be specified up to a maximum of %d times\n"
>  		"    default: use addresses from interface with default route\n"
> -		"  -n, --netmask MASK	Assign IPv4 MASK, dot-decimal or bits\n"
> +		"  -n, --netmask MASK	Assign IPv4 MASK, dot-decimal or bits\n",
> +		MAX_GUEST_ADDRS);
> +	FPRINTF(f,
>  		"    default: netmask from matching address on the host\n"
>  		"  -M, --mac-addr ADDR	Use source MAC address ADDR\n"
>  		"    default: 9a:55:9a:55:9a:55 (locally administered)\n"
> @@ -1898,7 +1900,6 @@ void conf(struct ctx *c, int argc, char **argv)
>  			    IN6_IS_ADDR_V4COMPAT(&addr.a6))
>  				die("Invalid address: %s", optarg);
>  
> -			/* Legacy behaviour: replace existing address if any */
>  			fwd_set_addr(c, &addr, CONF_ADDR_USER, prefix_len);
>  			if (inany_v4(&addr))
>  				c->ip4.no_copy_addrs = true;
> diff --git a/fwd.c b/fwd.c
> index e676c18..d3f576a 100644
> --- a/fwd.c
> +++ b/fwd.c
> @@ -250,14 +250,12 @@ void fwd_neigh_table_init(const struct ctx *c)
>  }
>  
>  /**
> - * fwd_set_addr() - Add or update an address in the unified address array
> + * fwd_set_addr() - Update address entry, adding one if needed
>   * @c:		Execution context
>   * @addr:	Address to add (IPv4-mapped or IPv6)
>   * @flags:	CONF_ADDR_* flags for this address
>   * @prefix_len:	Prefix length in IPv6 or IPv4 format
>   *
> - * Find the first existing entry of the same address family and
> - * overwrite it, or create a new one if none exists
>   */
>  void fwd_set_addr(struct ctx *c, const union inany_addr *addr,
>  		  uint8_t flags, int prefix_len)
> diff --git a/passt.1 b/passt.1
> index 13e8df9..12ec857 100644
> --- a/passt.1
> +++ b/passt.1
> @@ -164,16 +164,13 @@ An optional /\fIprefix_len\fR (0-32 for IPv4, 0-128 for IPv6) can be
>  appended in CIDR notation (e.g. 192.0.2.1/24). This is an alternative to
>  using the \fB-n\fR, \fB--netmask\fR option. Mixing CIDR notation with
>  \fB-n\fR results in an error.
> -If a prefix length is assigned to an IPv6 address using this method, it will
> -in the current code version be overridden by the default value of 64.
> -This option can be specified zero (for defaults) to two times (once for IPv4,
> -once for IPv6).
>  By default, assigned IPv4 and IPv6 addresses are taken from the host interfaces
>  with the first default route, if any, for the corresponding IP version. If no
>  default routes are available and there is any interface with any route for a
>  given IP version, the first of these interfaces will be chosen instead. If no
>  such interface exists for a given IP version, the link-local address 169.254.2.1
>  is assigned for IPv4, and no additional address will be assigned for IPv6.
> +This option can be given multiple times, indicating multiple different addresses.
>  
>  .TP
>  .BR \-n ", " \-\-netmask " " \fImask
> @@ -181,6 +178,8 @@ Assign IPv4 netmask \fImask\fR, expressed as dot-decimal or number of bits, via
>  DHCP (option 1). Alternatively, the prefix length can be specified using CIDR
>  notation with the \fB-a\fR, \fB--address\fR option (e.g. \fB-a\fR 192.0.2.1/24).
>  Mixing \fB-n\fR with CIDR notation results in an error.
> +When indicated, this option sets the prefix length of the first configured
> +IPv4 address only.
>  If no address is indicated, the netmask associated with the adopted host address,
>  if any, is used. If an address is indicated, but without a prefix length, the
>  netmask is determined based on the corresponding network class. In all other
> diff --git a/pasta.c b/pasta.c
> index c51e4cd..b3936f5 100644
> --- a/pasta.c
> +++ b/pasta.c
> @@ -343,14 +343,15 @@ void pasta_ns_conf(struct ctx *c)
>  
>  		if (c->ifi4) {
>  			if (c->ip4.no_copy_addrs) {
> -				a = fwd_get_addr(c, AF_INET, 0, 0);
> -				if (a) {
> +				for_each_addr(a, c->addrs, c->addr_count, AF_INET) {
>  					plen = inany_prefix_len(&a->addr,
>  								a->prefix_len);
>  					rc = nl_addr_set(nl_sock_ns,
>  							 c->pasta_ifi, AF_INET,
>  							 inany_v4(&a->addr),
>  							 plen);
> +					if (rc < 0)
> +						break;
>  				}
>  			} else {
>  				rc = nl_addr_dup(nl_sock, c->ifi4,
> @@ -404,13 +405,14 @@ ipv4_done:
>  					  0, IFF_NOARP);
>  
>  			if (c->ip6.no_copy_addrs) {
> -				a = fwd_get_addr(c, AF_INET6, 0, 0);
> -				if (a)
> +				for_each_addr(a, c->addrs, c->addr_count, AF_INET6) {
>  					rc = nl_addr_set(nl_sock_ns,
>  							 c->pasta_ifi,
> -							 AF_INET6,
> -							 &a->addr.a6,
> +							 AF_INET6, &a->addr.a6,
>  							 a->prefix_len);
> +					if (rc < 0)
> +						break;
> +				}
>  			} else {
>  				rc = nl_addr_dup(nl_sock, c->ifi6,
>  						 nl_sock_ns, c->pasta_ifi,

-- 
Stefano