ia64/xen-unstable

view tools/examples/network-bridge @ 11100:905ff6e616cc

[HVM] Add stubs to Linux for the new hvm_op hypercall.
Signed-off-by: Steven Smith <ssmith@xensource.com>
author kfraser@localhost.localdomain
date Mon Aug 14 11:33:50 2006 +0100 (2006-08-14)
parents 45f504d6b548
children b071319927b6
line source
1 #!/bin/sh
2 #============================================================================
3 # Default Xen network start/stop script.
4 # Xend calls a network script when it starts.
5 # The script name to use is defined in /etc/xen/xend-config.sxp
6 # in the network-script field.
7 #
8 # This script creates a bridge (default xenbr${vifnum}), adds a device
9 # (default eth${vifnum}) to it, copies the IP addresses from the device
10 # to the bridge and adjusts the routes accordingly.
11 #
12 # If all goes well, this should ensure that networking stays up.
13 # However, some configurations are upset by this, especially
14 # NFS roots. If the bridged setup does not meet your needs,
15 # configure a different script, for example using routing instead.
16 #
17 # Usage:
18 #
19 # network-bridge (start|stop|status) {VAR=VAL}*
20 #
21 # Vars:
22 #
23 # vifnum Virtual device number to use (default 0). Numbers >=8
24 # require the netback driver to have nloopbacks set to a
25 # higher value than its default of 8.
26 # bridge The bridge to use (default xenbr${vifnum}).
27 # netdev The interface to add to the bridge (default eth${vifnum}).
28 # antispoof Whether to use iptables to prevent spoofing (default no).
29 #
30 # Internal Vars:
31 # pdev="p${netdev}"
32 # vdev="veth${vifnum}"
33 # vif0="vif0.${vifnum}"
34 #
35 # start:
36 # Creates the bridge
37 # Copies the IP and MAC addresses from netdev to vdev
38 # Renames netdev to be pdev
39 # Renames vdev to be netdev
40 # Enslaves pdev, vdev to bridge
41 #
42 # stop:
43 # Removes netdev from the bridge
44 # Transfers addresses, routes from netdev to pdev
45 # Renames netdev to vdev
46 # Renames pdev to netdev
47 # Deletes bridge
48 #
49 # status:
50 # Print addresses, interfaces, routes
51 #
52 #============================================================================
55 dir=$(dirname "$0")
56 . "$dir/xen-script-common.sh"
57 . "$dir/xen-network-common.sh"
59 findCommand "$@"
60 evalVariables "$@"
62 vifnum=${vifnum:-$(ip route list | awk '/^default / { print $NF }' | sed 's/^[^0-9]*//')}
63 vifnum=${vifnum:-0}
64 bridge=${bridge:-xenbr${vifnum}}
65 netdev=${netdev:-eth${vifnum}}
66 antispoof=${antispoof:-no}
68 pdev="p${netdev}"
69 vdev="veth${vifnum}"
70 vif0="vif0.${vifnum}"
72 get_ip_info() {
73 addr_pfx=`ip addr show dev $1 | egrep '^ *inet' | sed -e 's/ *inet //' -e 's/ .*//'`
74 gateway=`ip route show dev $1 | fgrep default | sed 's/default via //'`
75 }
77 do_ifup() {
78 if ! ifup $1 ; then
79 if [ ${addr_pfx} ] ; then
80 # use the info from get_ip_info()
81 ip addr flush $1
82 ip addr add ${addr_pfx} dev $1
83 ip link set dev $1 up
84 [ ${gateway} ] && ip route add default via ${gateway}
85 fi
86 fi
87 }
89 # Usage: transfer_addrs src dst
90 # Copy all IP addresses (including aliases) from device $src to device $dst.
91 transfer_addrs () {
92 local src=$1
93 local dst=$2
94 # Don't bother if $dst already has IP addresses.
95 if ip addr show dev ${dst} | egrep -q '^ *inet ' ; then
96 return
97 fi
98 # Address lines start with 'inet' and have the device in them.
99 # Replace 'inet' with 'ip addr add' and change the device name $src
100 # to 'dev $src'.
101 ip addr show dev ${src} | egrep '^ *inet ' | sed -e "
102 s/inet/ip addr add/
103 s@\([0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+/[0-9]\+\)@\1@
104 s/${src}/dev ${dst}/
105 " | sh -e
106 # Remove automatic routes on destination device
107 ip route list | sed -ne "
108 /dev ${dst}\( \|$\)/ {
109 s/^/ip route del /
110 p
111 }" | sh -e
112 }
114 # Usage: transfer_routes src dst
115 # Get all IP routes to device $src, delete them, and
116 # add the same routes to device $dst.
117 # The original routes have to be deleted, otherwise adding them
118 # for $dst fails (duplicate routes).
119 transfer_routes () {
120 local src=$1
121 local dst=$2
122 # List all routes and grep the ones with $src in.
123 # Stick 'ip route del' on the front to delete.
124 # Change $src to $dst and use 'ip route add' to add.
125 ip route list | sed -ne "
126 /dev ${src}\( \|$\)/ {
127 h
128 s/^/ip route del /
129 P
130 g
131 s/${src}/${dst}/
132 s/^/ip route add /
133 P
134 d
135 }" | sh -e
136 }
139 ##
140 # link_exists interface
141 #
142 # Returns 0 if the interface named exists (whether up or down), 1 otherwise.
143 #
144 link_exists()
145 {
146 if ip link show "$1" >/dev/null 2>/dev/null
147 then
148 return 0
149 else
150 return 1
151 fi
152 }
154 # Set the default forwarding policy for $dev to drop.
155 # Allow forwarding to the bridge.
156 antispoofing () {
157 iptables -P FORWARD DROP
158 iptables -F FORWARD
159 iptables -A FORWARD -m physdev --physdev-in ${pdev} -j ACCEPT
160 iptables -A FORWARD -m physdev --physdev-in ${vif0} -j ACCEPT
161 }
163 # Usage: show_status dev bridge
164 # Print ifconfig and routes.
165 show_status () {
166 local dev=$1
167 local bridge=$2
169 echo '============================================================'
170 ip addr show ${dev}
171 ip addr show ${bridge}
172 echo ' '
173 brctl show ${bridge}
174 echo ' '
175 ip route list
176 echo ' '
177 route -n
178 echo '============================================================'
179 }
181 op_start () {
182 if [ "${bridge}" = "null" ] ; then
183 return
184 fi
186 if ! link_exists "$vdev"; then
187 if link_exists "$pdev"; then
188 # The device is already up.
189 return
190 else
191 echo "
192 Link $vdev is missing.
193 This may be because you have reached the limit of the number of interfaces
194 that the loopback driver supports. If the loopback driver is a module, you
195 may raise this limit by passing it as a parameter (nloopbacks=<N>); if the
196 driver is compiled statically into the kernel, then you may set the parameter
197 using loopback.nloopbacks=<N> on the domain 0 kernel command line.
198 " >&2
199 exit 1
200 fi
201 fi
203 create_bridge ${bridge}
205 if link_exists "$vdev"; then
206 mac=`ip link show ${netdev} | grep 'link\/ether' | sed -e 's/.*ether \(..:..:..:..:..:..\).*/\1/'`
207 preiftransfer ${netdev}
208 transfer_addrs ${netdev} ${vdev}
209 if ! ifdown ${netdev}; then
210 # If ifdown fails, remember the IP details.
211 get_ip_info ${netdev}
212 ip link set ${netdev} down
213 ip addr flush ${netdev}
214 fi
215 ip link set ${netdev} name ${pdev}
216 ip link set ${vdev} name ${netdev}
218 setup_bridge_port ${pdev}
219 setup_bridge_port ${vif0}
220 ip link set ${netdev} addr ${mac} arp on
222 ip link set ${bridge} up
223 add_to_bridge ${bridge} ${vif0}
224 add_to_bridge2 ${bridge} ${pdev}
225 do_ifup ${netdev}
226 else
227 # old style without ${vdev}
228 transfer_addrs ${netdev} ${bridge}
229 transfer_routes ${netdev} ${bridge}
230 fi
232 if [ ${antispoof} = 'yes' ] ; then
233 antispoofing
234 fi
235 }
237 op_stop () {
238 if [ "${bridge}" = "null" ]; then
239 return
240 fi
241 if ! link_exists "$bridge"; then
242 return
243 fi
245 if link_exists "$pdev"; then
246 ip link set dev ${vif0} down
247 mac=`ip link show ${netdev} | grep 'link\/ether' | sed -e 's/.*ether \(..:..:..:..:..:..\).*/\1/'`
248 transfer_addrs ${netdev} ${pdev}
249 if ! ifdown ${netdev}; then
250 get_ip_info ${netdev}
251 fi
252 ip link set ${netdev} down arp off
253 ip link set ${netdev} addr fe:ff:ff:ff:ff:ff
254 ip link set ${pdev} down
255 ip addr flush ${netdev}
256 ip link set ${pdev} addr ${mac} arp on
258 brctl delif ${bridge} ${pdev}
259 brctl delif ${bridge} ${vif0}
260 ip link set ${bridge} down
262 ip link set ${netdev} name ${vdev}
263 ip link set ${pdev} name ${netdev}
264 do_ifup ${netdev}
265 else
266 transfer_routes ${bridge} ${netdev}
267 ip link set ${bridge} down
268 fi
269 brctl delbr ${bridge}
270 }
272 # adds $dev to $bridge but waits for $dev to be in running state first
273 add_to_bridge2() {
274 local bridge=$1
275 local dev=$2
276 local maxtries=10
278 echo -n "Waiting for ${dev} to negotiate link."
279 ip link set ${dev} up
280 for i in `seq ${maxtries}` ; do
281 if ifconfig ${dev} | grep -q RUNNING ; then
282 break
283 else
284 echo -n '.'
285 sleep 1
286 fi
287 done
289 if [ ${i} -eq ${maxtries} ] ; then echo '(link isnt in running state)' ; fi
291 add_to_bridge ${bridge} ${dev}
292 }
294 case "$command" in
295 start)
296 op_start
297 ;;
299 stop)
300 op_stop
301 ;;
303 status)
304 show_status ${netdev} ${bridge}
305 ;;
307 *)
308 echo "Unknown command: $command" >&2
309 echo 'Valid commands are: start, stop, status' >&2
310 exit 1
311 esac