ia64/xen-unstable

view tools/examples/network @ 4958:cc1c80ec8139

bitkeeper revision 1.1432 (428a0372Dg_Q9mIOPOkDIc7D3T4aww)

Merge firebug.cl.cam.ac.uk:/auto/groups/xeno-xenod/BK/xen-unstable.bk
into firebug.cl.cam.ac.uk:/local/scratch/cl349/xen-unstable.bk
author cl349@firebug.cl.cam.ac.uk
date Tue May 17 14:45:06 2005 +0000 (2005-05-17)
parents 3b25e1de5efb 38ec1443b7da
children 4c47774b365e
line source
1 #!/bin/sh
2 #============================================================================
3 # Default Xen network start/stop script.
4 # Xend calls a network script when it starts.
5 # The script name to use is defined in /etc/xen/xend-config.sxp
6 # in the network-script field.
7 #
8 # This script creates a bridge (default xen-br0), adds a device
9 # (default eth0) to it, copies the IP addresses from the device
10 # to the bridge and adjusts the routes accordingly.
11 #
12 # If all goes well, this should ensure that networking stays up.
13 # However, some configurations are upset by this, especially
14 # NFS roots. If the bridged setup does not meet your needs,
15 # configure a different script, for example using routing instead.
16 #
17 # Usage:
18 #
19 # network (start|stop|status) {VAR=VAL}*
20 #
21 # Vars:
22 #
23 # bridge The bridge to use (default xen-br0).
24 # netdev The interface to add to the bridge (default eth0).
25 # antispoof Whether to use iptables to prevent spoofing (default yes).
26 #
27 # start:
28 # Creates the bridge and enslaves netdev to it.
29 # Copies the IP addresses from netdev to the bridge.
30 # Deletes the routes to netdev and adds them on bridge.
31 #
32 # stop:
33 # Removes netdev from the bridge.
34 # Deletes the routes to bridge and adds them to netdev.
35 #
36 # status:
37 # Print ifconfig for netdev and bridge.
38 # Print routes.
39 #
40 #============================================================================
42 # Exit if anything goes wrong.
43 set -e
45 # First arg is the operation.
46 OP=$1
47 shift
49 # Pull variables in args in to environment.
50 for arg ; do export "${arg}" ; done
52 bridge=${bridge:-xen-br0}
53 netdev=${netdev:-eth0}
54 antispoof=${antispoof:-yes}
56 echo "*network $OP bridge=$bridge netdev=$netdev antispoof=$antispoof" >&2
58 # Usage: transfer_addrs src dst
59 # Copy all IP addresses (including aliases) from device $src to device $dst.
60 transfer_addrs () {
61 local src=$1
62 local dst=$2
63 # Don't bother if $dst already has IP addresses.
64 if ip addr show dev ${dst} | egrep -q '^ *inet ' ; then
65 return
66 fi
67 # Address lines start with 'inet' and have the device in them.
68 # Replace 'inet' with 'ip addr add' and change the device name $src
69 # to 'dev $src'. Remove netmask as we'll add routes later.
70 ip addr show dev ${src} | egrep '^ *inet ' | sed -e "
71 s/inet/ip addr add/
72 s@\([0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+\)/[0-9]\+@\1@
73 s/${src}/dev ${dst}/
74 " | sh -e
75 }
77 # Usage: del_addrs src
78 del_addrs () {
79 local src=$1
80 ip addr show dev ${src} | egrep '^ *inet ' | sed -e "
81 s/inet/ip addr del/
82 s@\([0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+\)/[0-9]\+@\1@
83 s/${src}/dev ${src}/
84 " | sh -e
85 }
87 # Usage: transfer_routes src dst
88 # Get all IP routes to device $src, delete them, and
89 # add the same routes to device $dst.
90 # The original routes have to be deleted, otherwise adding them
91 # for $dst fails (duplicate routes).
92 transfer_routes () {
93 local src=$1
94 local dst=$2
95 # List all routes and grep the ones with $src in.
96 # Stick 'ip route del' on the front to delete.
97 # Change $src to $dst and use 'ip route add' to add.
98 ip route list | grep ${src} | sed -e "
99 h
100 s/^/ip route del /
101 P
102 g
103 s/${src}/${dst}/
104 s/^/ip route add /
105 P
106 d
107 " | sh -e
108 }
110 # Usage: create_bridge bridge
111 create_bridge () {
112 local bridge=$1
114 # Don't create the bridge if it already exists.
115 if ! brctl show | grep -q ${bridge} ; then
116 brctl addbr ${bridge}
117 brctl stp ${bridge} off
118 brctl setfd ${bridge} 0
119 fi
120 ifconfig ${bridge} up
121 }
123 # Usage: add_to_bridge bridge dev
124 add_to_bridge () {
125 local bridge=$1
126 local dev=$2
127 # Don't add $dev to $bridge if it's already on a bridge.
128 if ! brctl show | grep -q ${dev} ; then
129 brctl addif ${bridge} ${dev}
130 fi
131 }
133 # Usage: antispoofing dev bridge
134 # Set the default forwarding policy for $dev to drop.
135 # Allow forwarding to the bridge.
136 antispoofing () {
137 local dev=$1
138 local bridge=$2
140 iptables -P FORWARD DROP
141 iptables -A FORWARD -m physdev --physdev-in ${dev} -j ACCEPT
142 }
144 # Usage: show_status dev bridge
145 # Print ifconfig and routes.
146 show_status () {
147 local dev=$1
148 local bridge=$2
150 echo '============================================================'
151 ifconfig ${dev}
152 ifconfig ${bridge}
153 echo ' '
154 ip route list
155 echo ' '
156 route -n
157 echo '============================================================'
158 }
160 op_start () {
161 if [ "${bridge}" == "null" ] ; then
162 return
163 fi
165 create_bridge ${bridge}
167 if ifconfig 2>/dev/null | grep -q veth0 ; then
168 return
169 fi
171 if ifconfig veth0 2>/dev/null | grep -q veth0 ; then
172 # Propagate MAC address and ARP responsibilities to virtual interface.
173 mac=`ifconfig ${netdev} | grep HWadd | sed -e 's/.*\(..:..:..:..:..:..\).*/\1/'`
174 ifconfig veth0 down
175 ifconfig veth0 hw ether ${mac}
176 ifconfig veth0 arp up
177 transfer_addrs ${netdev} veth0
178 transfer_routes ${netdev} veth0
179 del_addrs ${netdev}
180 ifconfig ${netdev} -arp down
181 ifconfig ${netdev} hw ether fe:ff:ff:ff:ff:ff up
182 # Bring up second half of virtual device and attach it to the bridge.
183 ifconfig vif0.0 up
184 add_to_bridge ${bridge} vif0.0
185 else
186 transfer_addrs ${netdev} ${bridge}
187 transfer_routes ${netdev} ${bridge}
188 del_addrs ${netdev}
189 fi
191 # Attach the real interface to the bridge.
192 add_to_bridge ${bridge} ${netdev}
194 if [ ${antispoof} == 'yes' ] ; then
195 antispoofing ${netdev} ${bridge}
196 fi
197 }
199 op_stop () {
200 if [ "${bridge}" == "null" ] ; then
201 return
202 fi
204 return
206 brctl delif ${bridge} ${netdev}
208 if ifconfig veth0 2>/dev/null | grep -q veth0 ; then
209 brctl delif ${bridge} vif0.0
210 ifconfig vif0.0 down
211 mac=`ifconfig veth0 | grep HWadd | sed -e 's/.*\(..:..:..:..:..:..\).*/\1/'`
212 ifconfig ${netdev} down
213 ifconfig ${netdev} hw ether ${mac}
214 ifconfig ${netdev} arp up
215 transfer_addrs veth0 ${netdev}
216 transfer_routes veth0 ${netdev}
217 del_addrs veth0
218 ifconfig veth0 -arp down
219 ifconfig veth0 hw ether 00:00:00:00:00:00
220 else
221 transfer_addrs ${bridge} ${netdev}
222 transfer_routes ${bridge} ${netdev}
223 del_addrs ${bridge}
224 fi
225 }
227 case ${OP} in
228 start)
229 op_start
230 ;;
232 stop)
233 op_stop
234 ;;
236 status)
237 show_status ${netdev} ${bridge}
238 ;;
240 *)
241 echo 'Unknown command: ' ${OP} >&2
242 echo 'Valid commands are: start, stop, status' >&2
243 exit 1
244 esac