From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: passt.top; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: passt.top; dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=ShYfBnqC; dkim-atps=neutral Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by passt.top (Postfix) with ESMTP id AC2BE5A004E for ; Wed, 27 Nov 2024 13:37:30 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1732711049; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=woq72gPdZxDwaSku435rNGeq+elfp6w1PbUe7Rv2ZH8=; b=ShYfBnqCbKsvR8iRxkYm2pb0MXLW00cVhEF8Q9yrn60qrRy0XMRQRWL5X/w9dh80SWVWJM 6sxxCYNZE0UCk7qJykxtrySqSD6Jsh+9A3dkaAtwTImgaqTpODIA47wFabSK7nmPP4y44A /l2C8hRYpZ/SknysadATOh0sF8seIXg= Received: from mail-wm1-f70.google.com (mail-wm1-f70.google.com [209.85.128.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-321-8nP9O5FxM8K5ZI2XILMkeQ-1; Wed, 27 Nov 2024 07:37:28 -0500 X-MC-Unique: 8nP9O5FxM8K5ZI2XILMkeQ-1 X-Mimecast-MFC-AGG-ID: 8nP9O5FxM8K5ZI2XILMkeQ Received: by mail-wm1-f70.google.com with SMTP id 5b1f17b1804b1-434a195814fso20366115e9.3 for ; Wed, 27 Nov 2024 04:37:28 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1732711047; x=1733315847; h=content-transfer-encoding:in-reply-to:from:content-language :references:cc:to:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=woq72gPdZxDwaSku435rNGeq+elfp6w1PbUe7Rv2ZH8=; b=Ga88LzbdaO6PGOKUoWa2ft93+vANfB6RmuKdh/s3EpWwGy7NHp85Qc4S2geyBD/kgj IFNBndHr5lHSXSdypGxQoNjAdNScEo6hVqhZeBEUGmv3+Xri4D4e/LxtHX9hZMJ4ISZN JzUY6dmFgrkftaUhyeLDQ8xgk2JGY7wuQR2QKAWmIxHYuZnhSSejsaLLhAnPK3Gcf2JI VypY4c6y/yH+8mubKU8EQ0lbWmVBg2OY3WSty+15k8fJAMs9kXiOWSltoY8hhZmIglJ5 leBKZbty41vJmoRKIDML8Pc6Dx+0YoO7iDt8mmkC5XkbSMxWvvzJXGRWrVwMXVUtyNE3 O6ug== X-Forwarded-Encrypted: i=1; AJvYcCUizQlPJMonV9RVDnI+e8TJogjrkEimZzG08UrsVZOeUh6CQFjhMejl8q26M8gW0vAmk/8YNMiXREs=@passt.top X-Gm-Message-State: AOJu0YzVXhUULJaY1S6yfu1AM9PRbYiLey3KBeQZqRn+YEdxciXf5Hgo b5TolBuPJyStqkJcCsHh3heSrV9GXnDqDOOAHQrgC+zu/kohGTMzX+mHKcF0oKA8zK2+ua2fNod qljR7iAXBE3/FDLX5JKjL5eY70VYtPTWHVOK78drN8mh5vSa6iw== X-Gm-Gg: ASbGncvuuPPC+v4r7XKdViGrzIkZ/SY6csotVzvBBgPW0dvUjwfrugg56ned4vmiZA1 zDikuiaGYKFtYSSyByxOvqEQB25g2zsMVttxeNKKgJAk3zly+8Q33rQuL5phr84aa1Zk/eRsYaO oxUN6WLQ3dvBYkLO9QnAUdVgR1/Ms8xxOTXKTbK7t6pfTBvhD2Uzzo0Sr11u0BAqDunmtB5NG0L T53avIYkPTvycNzxD9IDZynhaHT2Ypy6JC3h1tOFiqLgYTFxWihHHI= X-Received: by 2002:a05:600c:4586:b0:434:a10f:9b with SMTP id 5b1f17b1804b1-434a9dc5069mr26935155e9.14.1732711047305; Wed, 27 Nov 2024 04:37:27 -0800 (PST) X-Google-Smtp-Source: AGHT+IEelYO5RoZgN7RoyPPT27WsB6vfXcQ1sH/utgJe6lRYTAjfqeNu0T81iGbxTB8JWKBRJnxrew== X-Received: by 2002:a05:600c:4586:b0:434:a10f:9b with SMTP id 5b1f17b1804b1-434a9dc5069mr26934905e9.14.1732711046894; Wed, 27 Nov 2024 04:37:26 -0800 (PST) Received: from [192.168.188.25] ([80.243.52.135]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-434aa7cd653sm19622915e9.25.2024.11.27.04.37.26 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 27 Nov 2024 04:37:26 -0800 (PST) Message-ID: <293d884b-1a82-41f4-aa21-b9cbe28b3fd4@redhat.com> Date: Wed, 27 Nov 2024 13:37:25 +0100 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH v4] treewide: Introduce 'local mode' for disconnected setups To: Stefano Brivio , passt-dev@passt.top References: <20241127042725.3133538-1-sbrivio@redhat.com> From: Paul Holzinger In-Reply-To: <20241127042725.3133538-1-sbrivio@redhat.com> X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: f_mHHtqV6PPMblT3RRvFNUDIwhN5iGYDYATRiqZGX_Y_1732711047 X-Mimecast-Originator: redhat.com Content-Language: en-US Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Message-ID-Hash: JF4YL7RRIYETS4JUKEM2ZNBFRFNCYQUI X-Message-ID-Hash: JF4YL7RRIYETS4JUKEM2ZNBFRFNCYQUI X-MailFrom: pholzing@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: David Gibson X-Mailman-Version: 3.3.8 Precedence: list List-Id: Development discussion and patches for passt Archived-At: Archived-At: List-Archive: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: On 27/11/2024 05:27, Stefano Brivio wrote: > There are setups where no host interface is available or configured > at all, intentionally or not, temporarily or not, but users expect > (Podman) containers to run in any case as they did with slirp4netns, > and we're now getting reports that we broke such setups at a rather > alarming rate. > > To this end, if we don't find any usable host interface, instead of > exiting: > > - for IPv4, use 169.254.2.1 as guest/container address and 169.254.2.2 > as default gateway > > - for IPv6, don't assign any address (forcibly disable DHCPv6), and > use the *first* link-local address we observe to represent the > guest/container. Advertise fe80::1 as default gateway > > - use 'tap0' as default interface name for pasta > > Change ifi4 and ifi6 in struct ctx to int and accept a special -1 > value meaning that no host interface was selected, but the IP family > is enabled. The fact that the kernel uses unsigned int values for > those is not an issue as 1. one can't create so many interfaces > anyway and 2. we otherwise handle those values transparently. > > Fix a botched conditional in conf_print() to actually skip printing > DHCPv6 information if DHCPv6 is disabled (and skip printing NDP > information if NDP is disabled). > > Link: https://github.com/containers/podman/issues/24614 > Signed-off-by: Stefano Brivio Just for completeness sake, I know it is already applied. so it doesn't matter. Tested-by: Paul Holzinger > --- > v4: In conf(), leave the > (*c->ip4.ifname_out && !c->ifi4) || (*c->ip6.ifname_out && !c->ifi6) > case alone: there, the user gave outbound interfaces explicitly > but we couldn't use them > > v3: Coverity reports that, in conf(), we might supply a negative > c->ifi4 to if_indextoname() after checking that (!*c->pasta_ifn). > > That's a false positive, because if c->ifi4 is -1, we already set > c->pasta_ifn to "tap0", so we won't call if_indextoname() at all, > but, to make my life simpler, add a redundant check on c->ifi4 > and c->ifi6 before calling if_indextoname() on them. > > v2: > - drop fixed link-local address for IPv6 > - change addresses to be reminiscent of libslirp's default choices > - add man page changes and commit message > - fix several things around, from testing (checked with several > --map-guest-addr and --map-host-loopback combinations etc.) > > conf.c | 97 ++++++++++++++++++++++++++++++++++++++++++++------------- > passt.1 | 33 +++++++++++++++++--- > passt.h | 8 ++--- > pasta.c | 7 +++-- > tap.c | 3 ++ > 5 files changed, 116 insertions(+), 32 deletions(-) > -- Paul Holzinger