ia64/xen-unstable

view tools/examples/network-bridge @ 10098:48c0f5489d44

Remove Emacs variables settings from tail of our Linux files.
Signed-off-by: Keir Fraser <keir@xensource.com>
author kaf24@firebug.cl.cam.ac.uk
date Thu May 18 11:39:03 2006 +0100 (2006-05-18)
parents 062d109ce872
children 08353fdf4031
line source
1 #!/bin/sh
2 #============================================================================
3 # Default Xen network start/stop script.
4 # Xend calls a network script when it starts.
5 # The script name to use is defined in /etc/xen/xend-config.sxp
6 # in the network-script field.
7 #
8 # This script creates a bridge (default xenbr${vifnum}), adds a device
9 # (default eth${vifnum}) to it, copies the IP addresses from the device
10 # to the bridge and adjusts the routes accordingly.
11 #
12 # If all goes well, this should ensure that networking stays up.
13 # However, some configurations are upset by this, especially
14 # NFS roots. If the bridged setup does not meet your needs,
15 # configure a different script, for example using routing instead.
16 #
17 # Usage:
18 #
19 # network-bridge (start|stop|status) {VAR=VAL}*
20 #
21 # Vars:
22 #
23 # vifnum Virtual device number to use (default 0). Numbers >=8
24 # require the netback driver to have nloopbacks set to a
25 # higher value than its default of 8.
26 # bridge The bridge to use (default xenbr${vifnum}).
27 # netdev The interface to add to the bridge (default eth${vifnum}).
28 # antispoof Whether to use iptables to prevent spoofing (default no).
29 #
30 # Internal Vars:
31 # pdev="p${netdev}"
32 # vdev="veth${vifnum}"
33 # vif0="vif0.${vifnum}"
34 #
35 # start:
36 # Creates the bridge
37 # Copies the IP and MAC addresses from netdev to vdev
38 # Renames netdev to be pdev
39 # Renames vdev to be netdev
40 # Enslaves pdev, vdev to bridge
41 #
42 # stop:
43 # Removes netdev from the bridge
44 # Transfers addresses, routes from netdev to pdev
45 # Renames netdev to vdev
46 # Renames pdev to netdev
47 # Deletes bridge
48 #
49 # status:
50 # Print addresses, interfaces, routes
51 #
52 #============================================================================
55 dir=$(dirname "$0")
56 . "$dir/xen-script-common.sh"
57 . "$dir/xen-network-common.sh"
59 findCommand "$@"
60 evalVariables "$@"
62 vifnum=${vifnum:-$(ip route list | awk '/^default / { sub(/^(eth|xenbr)/,"",$NF); print $NF }')}
63 bridge=${bridge:-xenbr${vifnum}}
64 netdev=${netdev:-eth${vifnum}}
65 antispoof=${antispoof:-no}
67 pdev="p${netdev}"
68 vdev="veth${vifnum}"
69 vif0="vif0.${vifnum}"
71 get_ip_info() {
72 addr_pfx=`ip addr show dev $1 | egrep '^ *inet' | sed -e 's/ *inet //' -e 's/ .*//'`
73 gateway=`ip route show dev $1 | fgrep default | sed 's/default via //'`
74 }
76 do_ifup() {
77 if ! ifup $1 ; then
78 if [ ${addr_pfx} ] ; then
79 # use the info from get_ip_info()
80 ip addr flush $1
81 ip addr add ${addr_pfx} dev $1
82 ip link set dev $1 up
83 [ ${gateway} ] && ip route add default via ${gateway}
84 fi
85 fi
86 }
88 # Usage: transfer_addrs src dst
89 # Copy all IP addresses (including aliases) from device $src to device $dst.
90 transfer_addrs () {
91 local src=$1
92 local dst=$2
93 # Don't bother if $dst already has IP addresses.
94 if ip addr show dev ${dst} | egrep -q '^ *inet ' ; then
95 return
96 fi
97 # Address lines start with 'inet' and have the device in them.
98 # Replace 'inet' with 'ip addr add' and change the device name $src
99 # to 'dev $src'.
100 ip addr show dev ${src} | egrep '^ *inet ' | sed -e "
101 s/inet/ip addr add/
102 s@\([0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+/[0-9]\+\)@\1@
103 s/${src}/dev ${dst}/
104 " | sh -e
105 # Remove automatic routes on destination device
106 ip route list | sed -ne "
107 /dev ${dst}\( \|$\)/ {
108 s/^/ip route del /
109 p
110 }" | sh -e
111 }
113 # Usage: transfer_routes src dst
114 # Get all IP routes to device $src, delete them, and
115 # add the same routes to device $dst.
116 # The original routes have to be deleted, otherwise adding them
117 # for $dst fails (duplicate routes).
118 transfer_routes () {
119 local src=$1
120 local dst=$2
121 # List all routes and grep the ones with $src in.
122 # Stick 'ip route del' on the front to delete.
123 # Change $src to $dst and use 'ip route add' to add.
124 ip route list | sed -ne "
125 /dev ${src}\( \|$\)/ {
126 h
127 s/^/ip route del /
128 P
129 g
130 s/${src}/${dst}/
131 s/^/ip route add /
132 P
133 d
134 }" | sh -e
135 }
138 ##
139 # link_exists interface
140 #
141 # Returns 0 if the interface named exists (whether up or down), 1 otherwise.
142 #
143 link_exists()
144 {
145 if ip link show "$1" >/dev/null 2>/dev/null
146 then
147 return 0
148 else
149 return 1
150 fi
151 }
154 # Usage: create_bridge bridge
155 create_bridge () {
156 local bridge=$1
158 # Don't create the bridge if it already exists.
159 if ! brctl show | grep -q ${bridge} ; then
160 brctl addbr ${bridge}
161 brctl stp ${bridge} off
162 brctl setfd ${bridge} 0
163 fi
164 ip link set ${bridge} up
165 }
167 # Usage: add_to_bridge bridge dev
168 add_to_bridge () {
169 local bridge=$1
170 local dev=$2
171 # Don't add $dev to $bridge if it's already on a bridge.
172 if ! brctl show | grep -q ${dev} ; then
173 brctl addif ${bridge} ${dev}
174 fi
175 }
177 # Set the default forwarding policy for $dev to drop.
178 # Allow forwarding to the bridge.
179 antispoofing () {
180 iptables -P FORWARD DROP
181 iptables -F FORWARD
182 iptables -A FORWARD -m physdev --physdev-in ${pdev} -j ACCEPT
183 iptables -A FORWARD -m physdev --physdev-in ${vif0} -j ACCEPT
184 }
186 # Usage: show_status dev bridge
187 # Print ifconfig and routes.
188 show_status () {
189 local dev=$1
190 local bridge=$2
192 echo '============================================================'
193 ip addr show ${dev}
194 ip addr show ${bridge}
195 echo ' '
196 brctl show ${bridge}
197 echo ' '
198 ip route list
199 echo ' '
200 route -n
201 echo '============================================================'
202 }
204 op_start () {
205 if [ "${bridge}" = "null" ] ; then
206 return
207 fi
209 if ! link_exists "$vdev"; then
210 if link_exists "$pdev"; then
211 # The device is already up.
212 return
213 else
214 echo "
215 Link $vdev is missing.
216 This may be because you have reached the limit of the number of interfaces
217 that the loopback driver supports. If the loopback driver is a module, you
218 may raise this limit by passing it as a parameter (nloopbacks=<N>); if the
219 driver is compiled statically into the kernel, then you may set the parameter
220 using loopback.nloopbacks=<N> on the domain 0 kernel command line.
221 " >&2
222 exit 1
223 fi
224 fi
226 create_bridge ${bridge}
228 if link_exists "$vdev"; then
229 mac=`ip link show ${netdev} | grep 'link\/ether' | sed -e 's/.*ether \(..:..:..:..:..:..\).*/\1/'`
230 preiftransfer ${netdev}
231 transfer_addrs ${netdev} ${vdev}
232 if ! ifdown ${netdev}; then
233 # If ifdown fails, remember the IP details.
234 get_ip_info ${netdev}
235 ip link set ${netdev} down
236 ip addr flush ${netdev}
237 fi
238 ip link set ${netdev} name ${pdev}
239 ip link set ${vdev} name ${netdev}
240 ip link set ${pdev} down arp off
241 ip link set ${pdev} addr fe:ff:ff:ff:ff:ff
242 ip addr flush ${pdev}
243 ip link set ${netdev} addr ${mac} arp on
244 add_to_bridge ${bridge} ${vif0}
245 ip link set ${bridge} up
246 ip link set ${vif0} up
247 ip link set ${pdev} up
248 add_to_bridge2 ${bridge} ${pdev}
249 do_ifup ${netdev}
250 else
251 # old style without ${vdev}
252 transfer_addrs ${netdev} ${bridge}
253 transfer_routes ${netdev} ${bridge}
254 fi
256 if [ ${antispoof} = 'yes' ] ; then
257 antispoofing
258 fi
259 }
261 op_stop () {
262 if [ "${bridge}" = "null" ]; then
263 return
264 fi
265 if ! link_exists "$bridge"; then
266 return
267 fi
269 if link_exists "$pdev"; then
270 ip link set dev ${vif0} down
271 mac=`ip link show ${netdev} | grep 'link\/ether' | sed -e 's/.*ether \(..:..:..:..:..:..\).*/\1/'`
272 transfer_addrs ${netdev} ${pdev}
273 if ! ifdown ${netdev}; then
274 get_ip_info ${netdev}
275 fi
276 ip link set ${netdev} down arp off
277 ip link set ${netdev} addr fe:ff:ff:ff:ff:ff
278 ip link set ${pdev} down
279 ip addr flush ${netdev}
280 ip link set ${pdev} addr ${mac} arp on
282 brctl delif ${bridge} ${pdev}
283 brctl delif ${bridge} ${vif0}
284 ip link set ${bridge} down
286 ip link set ${netdev} name ${vdev}
287 ip link set ${pdev} name ${netdev}
288 do_ifup ${netdev}
289 else
290 transfer_routes ${bridge} ${netdev}
291 ip link set ${bridge} down
292 fi
293 brctl delbr ${bridge}
294 }
296 # adds $dev to $bridge but waits for $dev to be in running state first
297 add_to_bridge2() {
298 local bridge=$1
299 local dev=$2
300 local maxtries=10
302 echo -n "Waiting for ${dev} to negotiate link."
303 for i in `seq ${maxtries}` ; do
304 if ifconfig ${dev} | grep -q RUNNING ; then
305 break
306 else
307 echo -n '.'
308 sleep 1
309 fi
310 done
312 if [ ${i} -eq ${maxtries} ] ; then echo '(link isnt in running state)' ; fi
314 add_to_bridge ${bridge} ${dev}
315 }
317 case "$command" in
318 start)
319 op_start
320 ;;
322 stop)
323 op_stop
324 ;;
326 status)
327 show_status ${netdev} ${bridge}
328 ;;
330 *)
331 echo "Unknown command: $command" >&2
332 echo 'Valid commands are: start, stop, status' >&2
333 exit 1
334 esac