Created
October 7, 2024 15:19
-
-
Save qinqon/f433054affeeb08f3f49019d86df0fa3 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff --git a/pkg/network/setup/netpod/netpod.go b/pkg/network/setup/netpod/netpod.go | |
| index cd56083814..724ac4358c 100644 | |
| --- a/pkg/network/setup/netpod/netpod.go | |
| +++ b/pkg/network/setup/netpod/netpod.go | |
| @@ -20,12 +20,14 @@ | |
| package netpod | |
| import ( | |
| + "crypto/rand" | |
| "encoding/json" | |
| "fmt" | |
| "net" | |
| "os" | |
| "path/filepath" | |
| "strconv" | |
| + "strings" | |
| "syscall" | |
| "github.com/opencontainers/runc/libcontainer/configs" | |
| @@ -510,18 +512,20 @@ func (n NetPod) managedMacvtapSpec(podIfaceName string, vmiIfaceIndex int, iface | |
| } | |
| podIface := nmstate.Interface{ | |
| - Index: podStatusIface.Index, | |
| - Name: podIfaceAlternativeName, | |
| - State: nmstate.IfaceStateUp, | |
| - IPv4: nmstate.IP{Enabled: pointer.P(false)}, | |
| - IPv6: nmstate.IP{Enabled: pointer.P(false)}, | |
| - Metadata: &nmstate.IfaceMetadata{NetworkName: vmiNetworkName}, | |
| + Index: podStatusIface.Index, | |
| + Name: podIfaceAlternativeName, | |
| + MacAddress: generateMac(), | |
| + State: nmstate.IfaceStateUp, | |
| + IPv4: nmstate.IP{Enabled: pointer.P(false)}, | |
| + IPv6: nmstate.IP{Enabled: pointer.P(false)}, | |
| + Metadata: &nmstate.IfaceMetadata{NetworkName: vmiNetworkName}, | |
| } | |
| macvtapIface := nmstate.Interface{ | |
| - Name: link.GenerateTapDeviceName(podIfaceName), | |
| - TypeName: nmstate.TypeMacvtap, | |
| - State: nmstate.IfaceStateUp, | |
| + Name: link.GenerateTapDeviceName(podIfaceName), | |
| + TypeName: nmstate.TypeMacvtap, | |
| + MacAddress: podIface.MacAddress, | |
| + State: nmstate.IfaceStateUp, | |
| Macvtap: &nmstate.MacvtapDevice{ | |
| BaseIface: podIface.Name, | |
| Mode: "passthru", | |
| @@ -778,3 +782,19 @@ func readCharacterDevice(devicePath *safepath.Path) (uint64, error) { | |
| return stat.Rdev, nil | |
| } | |
| + | |
| +func generateMac() string { | |
| + buf := make([]byte, 6) | |
| + var mac net.HardwareAddr | |
| + | |
| + _, err := rand.Read(buf) | |
| + if err != nil { | |
| + } | |
| + | |
| + // Set the local bit | |
| + buf[0] |= 2 | |
| + | |
| + mac = append(mac, buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]) | |
| + | |
| + return strings.ToUpper(mac.String()) | |
| +} | |
| diff --git a/pkg/virt-launcher/virtwrap/converter/network.go b/pkg/virt-launcher/virtwrap/converter/network.go | |
| index 11eaecf7a5..8e8f0abfcc 100644 | |
| --- a/pkg/virt-launcher/virtwrap/converter/network.go | |
| +++ b/pkg/virt-launcher/virtwrap/converter/network.go | |
| @@ -81,6 +81,7 @@ func CreateDomainInterfaces(vmi *v1.VirtualMachineInstance, c *ConverterContext) | |
| // use "ethernet" interface type, since we're using pre-configured tap devices | |
| // https://libvirt.org/formatdomain.html#elementsNICSEthernet | |
| domainIface.Type = "ethernet" | |
| + domainIface.TrustGuestRxFilters = "yes" | |
| if iface.BootOrder != nil { | |
| domainIface.BootOrder = &api.BootOrder{Order: *iface.BootOrder} | |
| } else if !isS390X(vmi.Spec.Architecture) { |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment