Merge pull request #1283 from Luap99/fixes

Some minor changes, and small follow up to the mtu PR
2026-02-05 15:45:47 +01:00 · 2025-07-21 13:24:36 +00:00
parent cd3822e91d 2fee8443a5
commit aa410854ee
3 changed files with 28 additions and 40 deletions
--- a/src/network/bridge.rs
+++ b/src/network/bridge.rs
@@ -661,13 +661,14 @@ fn create_interfaces(
                let mut mtu = data.mtu;
                if mtu == 0 {
                    // if we have a default route, use its mtu as default
-                    if let Ok(iface_name) = get_default_route_interface(host) {
-                        match core_utils::get_mtu_from_iface(host, &iface_name) {
+                    if let Ok(link) = get_default_route_interface(host) {
+                        match core_utils::get_mtu_from_iface_attributes(&link.attributes) {
                            Ok(iface_mtu) => {
+                                debug!("Using mtu {iface_mtu} from default route interface for the network");
                                mtu = iface_mtu;
                            },
-                            Err(e) => debug!(
-                                "failed to get mtu for default interface {iface_name}: {e}, using kernel default",
+                            Err(e) => log::warn!(
+                                "failed to get mtu for default interface {}: {e}, using kernel default", link.header.index
                            ),
                        }
                    }
@@ -703,6 +704,7 @@ fn create_interfaces(
                for nla in link.attributes.into_iter() {
                    if let LinkAttribute::Address(addr) = nla {
                        mac = Some(addr);
+                        break;
                    }
                }
                if mac.is_none() {
@@ -818,7 +820,7 @@ fn create_veth_pair<'fd>(
    }

    if let BridgeMode::Managed = data.mode {
-        exec_netns!(hostns_fd, netns_fd, res, {
+        exec_netns!(hostns_fd, netns_fd, {
            disable_ipv6_autoconf(&data.container_interface_name)?;
            if data.ipam.ipv6_enabled {
                //  Disable dad inside the container too
@@ -838,9 +840,7 @@ fn create_veth_pair<'fd>(
            let rp_filter = format!("net/ipv4/conf/{}/rp_filter", &data.container_interface_name);
            sysctl::apply_sysctl_value(rp_filter, "2")?;
            Ok::<(), NetavarkError>(())
-        });
-        // check the result and return error
-        res?;
+        })?;

        if data.ipam.ipv6_enabled {
            let host_veth = host.get_link(netlink::LinkID::ID(host_link))?;
@@ -850,6 +850,7 @@ fn create_veth_pair<'fd>(
                    //  Disable dad inside on the host too
                    let disable_dad_in_container = format!("net/ipv6/conf/{name}/accept_dad");
                    sysctl::apply_sysctl_value(disable_dad_in_container, "0")?;
+                    break;
                }
            }
        }
--- a/src/network/core_utils.rs
+++ b/src/network/core_utils.rs
@@ -2,7 +2,7 @@ use crate::error::{ErrorWrap, NetavarkError, NetavarkResult};
 use crate::network::{constants, internal_types, types};
 use crate::wrap;
 use ipnet::IpNet;
-use netlink_packet_route::link::{IpVlanMode, MacVlanMode};
+use netlink_packet_route::link::{IpVlanMode, LinkMessage, MacVlanMode};
 use nix::sched;
 use sha2::{Digest, Sha512};
 use std::collections::HashMap;
@@ -263,11 +263,12 @@ pub fn join_netns<Fd: AsFd>(fd: Fd) -> NetavarkResult<()> {
 /// executed in the ns.
 #[macro_export]
 macro_rules! exec_netns {
-    ($host:expr, $netns:expr, $result:ident, $exec:expr) => {
+    ($host:expr, $netns:expr, $exec:expr) => {{
        join_netns($netns)?;
-        let $result = $exec;
+        let result = $exec;
        join_netns($host)?;
-    };
+        result
+    }};
 }

 pub struct NamespaceOptions {
@@ -284,14 +285,12 @@ pub fn open_netlink_sockets(
    let hostns = open_netlink_socket("/proc/self/ns/net").wrap("open host netns")?;

    let host_socket = netlink::Socket::new().wrap("host netlink socket")?;
-    exec_netns!(
+    let netns_sock = exec_netns!(
        hostns.as_fd(),
        netns.as_fd(),
-        res,
        netlink::Socket::new().wrap("netns netlink socket")
-    );
+    )?;

-    let netns_sock = res?;
    Ok((
        NamespaceOptions {
            file: hostns,
@@ -399,7 +398,8 @@ pub fn is_using_systemd() -> bool {
    Path::new("/run/systemd/system").exists()
 }

-pub fn get_default_route_interface(host: &mut netlink::Socket) -> NetavarkResult<String> {
+/// Returns the *first* interface with a default route or an error if no default route interface exists.
+pub fn get_default_route_interface(host: &mut netlink::Socket) -> NetavarkResult<LinkMessage> {
    let routes = host.dump_routes().wrap("dump routes")?;

    for route in routes {
@@ -417,30 +417,20 @@ pub fn get_default_route_interface(host: &mut netlink::Socket) -> NetavarkResult
        // if there is no dest we have a default route
        // return the output interface for this route
        if !dest && out_if > 0 {
-            let link = host.get_link(netlink::LinkID::ID(out_if))?;
-            let name = link.attributes.iter().find_map(|nla| {
-                if let LinkAttribute::IfName(name) = nla {
-                    Some(name)
-                } else {
-                    None
-                }
-            });
-            if let Some(name) = name {
-                return Ok(name.to_owned());
-            }
+            return host.get_link(netlink::LinkID::ID(out_if));
        }
    }
    Err(NetavarkError::msg("failed to get default route interface"))
 }

-pub fn get_mtu_from_iface(host: &mut netlink::Socket, iface_name: &str) -> NetavarkResult<u32> {
-    let link = host.get_link(netlink::LinkID::Name(iface_name.to_string()))?;
-    for nla in link.attributes.iter() {
+pub fn get_mtu_from_iface_attributes(attributes: &[LinkAttribute]) -> NetavarkResult<u32> {
+    for nla in attributes.iter() {
        if let LinkAttribute::Mtu(mtu) = nla {
            return Ok(*mtu);
        }
    }
-    // It is possible that the interface has no MTU set, in this case the kernel will use the default.
-    // We return 0 to signal this, which netavark uses to mean "kernel default".
-    Ok(0)
+    // It should be impossible that the interface has no MTU set, so return an error in such case.
+    Err(NetavarkError::msg(
+        "no MTU attribute in netlink message, possible kernel issue",
+    ))
 }
--- a/src/network/vlan.rs
+++ b/src/network/vlan.rs
@@ -243,13 +243,11 @@ fn setup(
    netns_fd: BorrowedFd<'_>,
    kind_data: &KindData,
 ) -> NetavarkResult<String> {
-    let primary_ifname = match data.host_interface_name.as_ref() {
+    let link = match data.host_interface_name.as_ref() {
        "" => get_default_route_interface(host)?,
-        host_name => host_name.to_string(),
+        host_name => host.get_link(netlink::LinkID::Name(host_name.to_string()))?,
    };

-    let link = host.get_link(netlink::LinkID::Name(primary_ifname))?;
-
    let opts = match kind_data {
        KindData::IpVlan { mode } => {
            let mut opts = CreateLinkOptions::new(if_name.to_string(), InfoKind::IpVlan);
@@ -331,8 +329,7 @@ fn setup(
        }
    }

-    exec_netns!(hostns_fd, netns_fd, res, { disable_ipv6_autoconf(if_name) });
-    res?; // return autoconf sysctl error
+    exec_netns!(hostns_fd, netns_fd, { disable_ipv6_autoconf(if_name) })?;

    let dev = netns
        .get_link(netlink::LinkID::Name(if_name.to_string()))