ia64/xen-unstable

view tools/examples/network-bridge @ 6946:e703abaf6e3d

Add behaviour to the remove methods to remove the transaction's path itself. This allows us to write Remove(path) to remove the specified path rather than having to slice the path ourselves.
author emellor@ewan
date Sun Sep 18 14:42:13 2005 +0100 (2005-09-18)
parents 3233e7ecfa9f
children 19572dec7d3c 55fc0ecc19c3
line source
1 #!/bin/sh -x
2 #============================================================================
3 # Default Xen network start/stop script.
4 # Xend calls a network script when it starts.
5 # The script name to use is defined in /etc/xen/xend-config.sxp
6 # in the network-script field.
7 #
8 # This script creates a bridge (default xen-br0), adds a device
9 # (default eth0) to it, copies the IP addresses from the device
10 # to the bridge and adjusts the routes accordingly.
11 #
12 # If all goes well, this should ensure that networking stays up.
13 # However, some configurations are upset by this, especially
14 # NFS roots. If the bridged setup does not meet your needs,
15 # configure a different script, for example using routing instead.
16 #
17 # Usage:
18 #
19 # network (start|stop|status) {VAR=VAL}*
20 #
21 # Vars:
22 #
23 # bridge The bridge to use (default xen-br0).
24 # netdev The interface to add to the bridge (default eth0).
25 # antispoof Whether to use iptables to prevent spoofing (default yes).
26 #
27 # start:
28 # Creates the bridge and enslaves netdev to it.
29 # Copies the IP addresses from netdev to the bridge.
30 # Deletes the routes to netdev and adds them on bridge.
31 #
32 # stop:
33 # Removes netdev from the bridge.
34 # Deletes the routes to bridge and adds them to netdev.
35 #
36 # status:
37 # Print ifconfig for netdev and bridge.
38 # Print routes.
39 #
40 #============================================================================
42 # Exit if anything goes wrong.
43 set -e
45 # First arg is the operation.
46 OP=$1
47 shift
49 # Pull variables in args in to environment.
50 for arg ; do export "${arg}" ; done
52 bridge=${bridge:-xen-br0}
53 netdev=${netdev:-eth0}
54 antispoof=${antispoof:-no}
56 echo "*network $OP bridge=$bridge netdev=$netdev antispoof=$antispoof" >&2
58 # Usage: transfer_addrs src dst
59 # Copy all IP addresses (including aliases) from device $src to device $dst.
60 transfer_addrs () {
61 local src=$1
62 local dst=$2
63 # Don't bother if $dst already has IP addresses.
64 if ip addr show dev ${dst} | egrep -q '^ *inet ' ; then
65 return
66 fi
67 # Address lines start with 'inet' and have the device in them.
68 # Replace 'inet' with 'ip addr add' and change the device name $src
69 # to 'dev $src'.
70 ip addr show dev ${src} | egrep '^ *inet ' | sed -e "
71 s/inet/ip addr add/
72 s@\([0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+/[0-9]\+\)@\1@
73 s/${src}/dev ${dst}/
74 " | sh -e
75 # Remove automatic routes on destionation device
76 ip route list | sed -ne "
77 /dev ${dst}\( \|$\)/ {
78 s/^/ip route del /
79 p
80 }" | sh -e
81 }
83 # Usage: del_addrs src
84 del_addrs () {
85 local src=$1
86 ip addr show dev ${src} | egrep '^ *inet ' | sed -e "
87 s/inet/ip addr del/
88 s@\([0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+\)/[0-9]\+@\1@
89 s/${src}/dev ${src}/
90 " | sh -e
91 }
93 # Usage: transfer_routes src dst
94 # Get all IP routes to device $src, delete them, and
95 # add the same routes to device $dst.
96 # The original routes have to be deleted, otherwise adding them
97 # for $dst fails (duplicate routes).
98 transfer_routes () {
99 local src=$1
100 local dst=$2
101 # List all routes and grep the ones with $src in.
102 # Stick 'ip route del' on the front to delete.
103 # Change $src to $dst and use 'ip route add' to add.
104 ip route list | sed -ne "
105 /dev ${src}\( \|$\)/ {
106 h
107 s/^/ip route del /
108 P
109 g
110 s/${src}/${dst}/
111 s/^/ip route add /
112 P
113 d
114 }" | sh -e
115 }
117 # Usage: create_bridge bridge
118 create_bridge () {
119 local bridge=$1
121 # Don't create the bridge if it already exists.
122 if ! brctl show | grep -q ${bridge} ; then
123 brctl addbr ${bridge}
124 brctl stp ${bridge} off
125 brctl setfd ${bridge} 0
126 fi
127 ifconfig ${bridge} up
128 }
130 # Usage: add_to_bridge bridge dev
131 add_to_bridge () {
132 local bridge=$1
133 local dev=$2
134 # Don't add $dev to $bridge if it's already on a bridge.
135 if ! brctl show | grep -q ${dev} ; then
136 brctl addif ${bridge} ${dev}
137 fi
138 }
140 # Usage: antispoofing dev bridge
141 # Set the default forwarding policy for $dev to drop.
142 # Allow forwarding to the bridge.
143 antispoofing () {
144 local dev=$1
145 local bridge=$2
147 iptables -P FORWARD DROP
148 iptables -A FORWARD -m physdev --physdev-in ${dev} -j ACCEPT
149 }
151 # Usage: show_status dev bridge
152 # Print ifconfig and routes.
153 show_status () {
154 local dev=$1
155 local bridge=$2
157 echo '============================================================'
158 ifconfig ${dev}
159 ifconfig ${bridge}
160 echo ' '
161 ip route list
162 echo ' '
163 route -n
164 echo '============================================================'
165 }
167 op_start () {
168 if [ "${bridge}" == "null" ] ; then
169 return
170 fi
172 create_bridge ${bridge}
174 if ifconfig 2>/dev/null | grep -q veth0 ; then
175 return
176 fi
178 if ifconfig veth0 2>/dev/null | grep -q veth0 ; then
179 mac=`ifconfig ${netdev} | grep HWadd | sed -e 's/.*\(..:..:..:..:..:..\).*/\1/'`
180 if ! ifdown ${netdev} ; then
181 # if ifup didn't work, see if we have an ip= on cmd line
182 if egrep 'ip=[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+:' /proc/cmdline ;
183 then
184 kip=`sed -e 's!.*ip=\([0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+\):.*!\1!' /proc/cmdline`
185 kmask=`sed -e 's!.*ip=[^:]*:[^:]*:[^:]*:\([^:]*\):.*!\1!' /proc/cmdline`
186 kgate=`sed -e 's!.*ip=[^:]*:[^:]*:\([^:]*\):.*!\1!' /proc/cmdline`
187 ifconfig ${netdev} 0.0.0.0 down
188 fi
189 fi
190 ip link set ${netdev} name p${netdev}
191 ip link set veth0 name ${netdev}
192 ifconfig p${netdev} 0.0.0.0 -arp down
193 ifconfig p${netdev} hw ether fe:ff:ff:ff:ff:ff
194 ifconfig ${netdev} hw ether ${mac}
195 add_to_bridge ${bridge} vif0.0
196 add_to_bridge ${bridge} p${netdev}
197 ip link set ${bridge} up
198 ip link set vif0.0 up
199 ip link set p${netdev} up
200 if ! ifup ${netdev} ; then
201 if [ ${kip} ] ; then
202 # use the addresses we grocked from /proc/cmdline
203 ifconfig ${netdev} ${kip}
204 [ ${kmask} ] && ifconfig ${netdev} netmask ${kmask}
205 ifconfig ${netdev} up
206 [ ${kgate} ] && ip route add default via ${kgate}
207 fi
208 fi
209 else
210 # old style without veth0
211 transfer_addrs ${netdev} ${bridge}
212 transfer_routes ${netdev} ${bridge}
213 fi
215 if [ ${antispoof} == 'yes' ] ; then
216 antispoofing ${netdev} ${bridge}
217 fi
218 }
220 op_stop () {
221 if [ "${bridge}" == "null" ] ; then
222 return
223 fi
225 if ifconfig peth0 2>/dev/null | grep -q peth0 ; then
227 ifconfig vif0.0 down
228 mac=`ifconfig eth0 | grep HWadd | \
229 sed -e 's/.*\(..:..:..:..:..:..\).*/\1/'`
230 ifconfig ${netdev} 0.0.0.0 down
231 ifconfig ${netdev} hw ether fe:ff:ff:ff:ff:ff
233 ifconfig p${netdev} down
234 ifconfig p${netdev} hw ether ${mac} arp
235 brctl delif ${bridge} p${netdev}
237 ip link set eth0 name veth0
238 ip link set peth0 name eth0
239 ifconfig ${bridge} down
240 brctl delbr ${bridge}
241 ifup eth0
243 else
244 transfer_routes ${bridge} ${netdev}
245 fi
246 }
248 case ${OP} in
249 start)
250 op_start
251 ;;
253 stop)
254 op_stop
255 ;;
257 status)
258 show_status ${netdev} ${bridge}
259 ;;
261 *)
262 echo 'Unknown command: ' ${OP} >&2
263 echo 'Valid commands are: start, stop, status' >&2
264 exit 1
265 esac