-ROUTER=dev88
-MAC_MASK=ff:ff:ff:0:0:0
-
-PUBLIC_VLAN=eth0.201
+# Generic case
+# iface where all tap will be bridged
PUBLIC_BRIDGE=
-PRIVATE_VLAN=eth0.2990
+
+# GRNET specific configuration
+# one vlan for IP less/proxy ARP routing of public IPs
+PUBLIC_VLAN_ID=201
+# one vlan for private lans
+PRIVATE_VLAN_ID=2990
PRIVATE_BRIDGE=br2990
+
+# in case of private lans mac prefix is used for isolation
+MAC_MASK=ff:ff:ff:0:0:0
+
+# whether ganeti nodes will do masquerading for private networks
+ENABLE_MASQ=false
--- /dev/null
+#!/bin/bash
+# This script run in master-node after cluster init
+# Propably should run after master failover
+
+source /etc/default/snf-network
+
+source $CONF
+source $INFRA
+
+MASTERNODE=$(hostname)
+
+CLUSTERINFRA=$SHAREDDIR/infra/cluster
+
+#build subdirs in shared dir
+snf-network-enable
+
+
+cp $INFRA $CLUSTERINFRA
+
+if $ENABLE_MASQ; then
+ PUBLIC_IFACE=$(ip route | grep default | awk '{print $5}')
+ PUBLIC_MAC=$(ip link show $PUBLIC_IFACE | grep link/ether | awk '{print $2}')
+
+ echo ROUTER=$MASTERNODE >> $CLUSTERINFRA
+ echo ROUTER_MAC=$PUBLIC_MAC >> $CLUSTERINFRA
+fi
+
+snf-network-build-node-infra
+
+snf-network-configure-interfaces
+++ /dev/null
-#!/bin/bash
-
-source /etc/default/snf-network
-
-source $CONF
-
-GROUP=$GANETI_GROUP_NAME
-ACTION=$GANETI_GROUP_NETWORK_ACTION
-NETWORK=$GANETI_GROUP_NETWORK_NAME
-MODE=$GANETI_GROUP_NETWORK_MODE
-LINK=$GANETI_GROUP_NETWORK_LINK
-
-HOSTNAME=$(hostname)
-
-NETFILE=$SHAREDDIR/networks/$NETWORK
-GROUPMAPFILE=$SHAREDDIR/mappings/$NETWORK-$GROUP
-NODEMAPFILE=$SHAREDDIR/mappings/$NETWORK-$HOSTNAME
-NODEINFRAFILE=$SHAREDDIR/infra/$HOSTNAME
-
-RT_TABLES=/etc/iproute2/rt_tables
-
-source $NODEINFRAFILE
-source $NETFILE
-
-if [ -z "$ACTION" ]; then
- exit 0
-fi
-
-
-if [ "$ACTION" == "add" ]; then
- if [ "$MODE" == "routed" ]; then
- VLAN=$LINK
- TABLE=rt_$NETWORK
- if [ "$TYPE" == "public" ]; then
- ARP_IP=$(ipcalc $SUBNET | grep HostMax | awk '{print $2}')
-
- ip link set $VLAN up
-
- echo 1 > "/proc/sys/net/ipv4/conf/$VLAN/proxy_arp"
-
- ID=$(wc -l < $RT_TABLES)
- echo $((ID+1)) $TABLE >> $RT_TABLES
-
- ip rule add iif $VLAN table $TABLE
-
- ip route add $SUBNET dev $VLAN table main
-
- ip route add $SUBNET dev $VLAN table $TABLE
- ip route add default via $GATEWAY dev $VLAN table $TABLE
-
- echo 1 > /proc/sys/net/ipv4/conf/all/forwarding
-
- arptables -A OUTPUT -o $VLAN --opcode request -j mangle --mangle-ip-s $ARP_IP
- fi
- fi
-
-
-
- if [ "$MODE" == "bridged" ]; then
- BRIDGE=$LINK
- if [ ! -z "$GATEWAY" ]; then
- if [ "$TYPE" == "private" ]; then
- if [ "$HOSTNAME" == "$ROUTER" ]; then
- NETMASK=$(ipcalc $SUBNET | grep Netmask | awk '{print $4}')
- ip addr add $GATEWAY/$NETMASK dev $BRIDGE
- iptables -t nat -A POSTROUTING -s $SUBNET \! -d 192.168.0.0/16 -j MASQUERADE
- fi
- fi
- fi
- fi
-
- ln -sf $GROUPMAPFILE $NODEMAPFILE
-
-elif [ "$ACTION" == "remove" ]; then
- if [ ! -e "$NODEMAPFILE" ]; then
- exit 0;
- fi
-
- source $NODEMAPFILE
-
- if [ "$MODE" == "routed" ]; then
- VLAN=$LINK
- TABLE=rt_$NETWORK
- if [ "$TYPE" == "public" ]; then
- ARP_IP=$(ipcalc $SUBNET | grep HostMax | awk '{print $2}')
-
- arptables -D OUTPUT -o $VLAN --opcode request -j mangle --mangle-ip-s $ARP_IP
-
- ip route del default via $GATEWAY dev $VLAN table $TABLE
- ip route del $SUBNET dev $VLAN table $TABLE
-
- ip route del $SUBNET dev $VLAN table main
-
- ip rule del iif $VLAN table $TABLE
-
- sed -i 's/.*'"$TABLE"'$//' $RT_TABLES
- fi
- fi
-
-
-
- if [ "$MODE" == "bridged" ]; then
- BRIDGE=$LINK
- if [ ! -z "$GATEWAY" ]; then
- if [ "$TYPE" == "private" ]; then
- if [ "$HOSTNAME" == "$ROUTER" ]; then
- NETMASK=$(ipcalc $SUBNET | grep Netmask | awk '{print $4}')
- ip addr del $GATEWAY/$NETMASK dev $BRIDGE
- iptables -t nat -D POSTROUTING -s $SUBNET \! -d 192.168.0.0/16 -j MASQUERADE
- fi
- fi
- fi
- fi
-
- rm $NODEMAPFILE
-
-fi
+++ /dev/null
-#!/bin/bash
-
-source /etc/default/snf-network
-
-source $CONF
-
-GROUP=$GANETI_GROUP_NAME
-ACTION=$GANETI_GROUP_NETWORK_ACTION
-NETWORK=$GANETI_GROUP_NETWORK_NAME
-MODE=$GANETI_GROUP_NETWORK_MODE
-LINK=$GANETI_GROUP_NETWORK_LINK
-
-GROUPMAPFILE=$SHAREDDIR/mappings/$NETWORK-$GROUP
-
-
-if [ -z "$ACTION" ]; then
- exit 0
-fi
-
-if [ "$ACTION" == "add" ]; then
- cat > $GROUPMAPFILE <<EOF
-MODE=$MODE
-LINK=$LINK
-EOF
-fi
--- /dev/null
+#!/bin/bash
+
+source /etc/default/snf-network
+
+source $CONF
+
+GROUP=$GANETI_GROUP_NAME
+NETWORK=$GANETI_GROUP_NETWORK_NAME
+MODE=$GANETI_GROUP_NETWORK_MODE
+LINK=$GANETI_GROUP_NETWORK_LINK
+
+HOSTNAME=$(hostname)
+
+NETFILE=$SHAREDDIR/networks/$NETWORK
+NODEMAPFILE=$SHAREDDIR/mappings/$NETWORK-$HOSTNAME
+NODEINFRAFILE=$SHAREDDIR/infra/$HOSTNAME
+
+RT_TABLES=/etc/iproute2/rt_tables
+
+cat > $NODEMAPFILE <<EOF
+MODE=$MODE
+LINK=$LINK
+EOF
+
+
+source $NODEINFRAFILE
+source $NETFILE
+
+if [ "$MODE" == "routed" ]; then
+ VLAN=$LINK
+ TABLE=rt_$NETWORK
+ if [ "$TYPE" == "public" ]; then
+ ARP_IP=$(ipcalc $SUBNET | grep HostMax | awk '{print $2}')
+
+ ip link set $VLAN up
+
+ echo 1 > "/proc/sys/net/ipv4/conf/$VLAN/proxy_arp"
+
+ ID=$(wc -l < $RT_TABLES)
+ echo $((ID+1)) $TABLE >> $RT_TABLES
+
+ ip rule add iif $VLAN table $TABLE
+
+ ip route add $SUBNET dev $VLAN table main
+
+ ip route add $SUBNET dev $VLAN table $TABLE
+ ip route add default via $GATEWAY dev $VLAN table $TABLE
+
+ echo 1 > /proc/sys/net/ipv4/conf/all/forwarding
+
+ arptables -A OUTPUT -o $VLAN --opcode request -j mangle --mangle-ip-s $ARP_IP
+ fi
+fi
+
+
+
+if [ "$MODE" == "bridged" ]; then
+ BRIDGE=$LINK
+ if [ ! -z "$GATEWAY" -a $ENABLE_MASQ ]; then
+ if [ "$TYPE" == "private" ]; then
+ if [ "$HOSTNAME" == "$ROUTER" ]; then
+ NETMASK=$(ipcalc $SUBNET | grep Netmask | awk '{print $4}')
+ ip addr add $GATEWAY/$NETMASK dev $BRIDGE
+ iptables -t nat -A POSTROUTING -s $SUBNET \! -d 192.168.0.0/16 -j MASQUERADE
+ fi
+ fi
+ fi
+fi
+
--- /dev/null
+#!/bin/bash
+
+source /etc/default/snf-network
+
+source $CONF
+
+NETWORK=$GANETI_GROUP_NETWORK_NAME
+MODE=$GANETI_GROUP_NETWORK_MODE
+LINK=$GANETI_GROUP_NETWORK_LINK
+
+HOSTNAME=$(hostname)
+
+NETFILE=$SHAREDDIR/networks/$NETWORK
+NODEMAPFILE=$SHAREDDIR/mappings/$NETWORK-$HOSTNAME
+NODEINFRAFILE=$SHAREDDIR/infra/$HOSTNAME
+CLUSTERINFRAFILE=$SHAREDDIR/infra/cluster
+
+RT_TABLES=/etc/iproute2/rt_tables
+
+source $NODEINFRAFILE
+source $CLUSTERINFRAFILE
+source $NETFILE
+source $NODEMAPFILE
+
+if [ "$MODE" == "routed" ]; then
+ VLAN=$LINK
+ TABLE=rt_$NETWORK
+ if [ "$TYPE" == "public" ]; then
+ ARP_IP=$(ipcalc $SUBNET | grep HostMax | awk '{print $2}')
+
+ arptables -D OUTPUT -o $VLAN --opcode request -j mangle --mangle-ip-s $ARP_IP
+
+ ip route del default via $GATEWAY dev $VLAN table $TABLE
+ ip route del $SUBNET dev $VLAN table $TABLE
+
+ ip route del $SUBNET dev $VLAN table main
+
+ ip rule del iif $VLAN table $TABLE
+
+ sed -i 's/.*'"$TABLE"'$//' $RT_TABLES
+ fi
+fi
+
+
+
+if [ "$MODE" == "bridged" ]; then
+ BRIDGE=$LINK
+ if [ ! -z "$GATEWAY" -a $ENABLE_MASQ]; then
+ if [ "$TYPE" == "private" ]; then
+ if [ "$HOSTNAME" == "$ROUTER" ]; then
+ NETMASK=$(ipcalc $SUBNET | grep Netmask | awk '{print $4}')
+ ip addr del $GATEWAY/$NETMASK dev $BRIDGE
+ iptables -t nat -D POSTROUTING -s $SUBNET \! -d 192.168.0.0/16 -j MASQUERADE
+ fi
+ fi
+ fi
+fi
+
+rm $NODEMAPFILE
NODE=$GANETI_NODE_NAME
-GROUP=$GANETI_GROUP_NAME
-
-GROUPINFRA=$SHAREDDIR/infra/$GROUP
HOSTNAME=$(hostname)
exit 0
fi
-snf-network-enable
-
-cd $SHAREDDIR/infra
-unconfigure-interfaces
+snf-network-build-node-infra
-ln -sf $GROUP $NODE
+snf-network-configure-interfaces
-configure-interfaces
#accept dhcp responses from host (nfdhcpd)
ebtables -A $TO -p ipv4 --ip-protocol=udp --ip-destination-port=68 -j ACCEPT
if [ "$TYPE" == "private" ]; then
- if [ ! -z "$GATEWAY" ]; then
+ if [ ! -z "$GATEWAY" -a $ENABLE_MASQ ]; then
# allow packets from/to router (for masquerading
ebtables -A $TO -s $ROUTER_MAC -j ACCEPT
ebtables -A INPUT -i $TAP -j $FROM
source $NODEINFRAFILE
fi
+CLUSTERINFRAFILE=$SHAREDDIR/infra/cluster
+
+if [ -e "$CLUSTERINFRAFILE" ]; then
+ source $CLUSTERINFRAFILE
+fi
NETFILE=$SHAREDDIR/networks/$NETWORK
+
if [ -e "$NETFILE" ]; then
source $NETFILE
fi
+++ /dev/null
-#!/bin/bash
-
-function get_value {
-
- eval def=\$$1
- read -p "$1? [$def/none] " x
- if [ "$x" == "none" ]; then
- eval $1="";
- elif [ -n "$x" ]; then
- eval $1="$x";
- fi
-
-}
-
-
-DEFAULT=/etc/default/snf-network
-
-source $DEFAULT
-source $CONF
-source $INFRA
-
-NODEGROUP=$1
-
-
-if [ $# -ne 2 ]; then
- echo Usage: snf-network-add-group group_name
- exit 1
-fi
-
-FILE=$SHAREDDIR/infra/$NODEGROUP
-
-snf-network-enable
-
-source $INFRA
-echo Group: $NODEGROUP
-get_value ROUTER
-get_value PUBLIC_INTERFACE
-get_value PUBLIC_BRIDGE
-get_value PUBLIC_VLAN
-get_value PRIVATE_VLAN
-get_value PRIVATE_BRIDGE
-cat > $FILE <<EOF
-ROUTER=$ROUTER
-MAC_MASK=$MAC_MASK
-PUBLIC_INTERFACE=$PUBLIC_INTERFACE
-PUBLIC_BRIDGE=$PUBLIC_BRIDGE
-PUBLIC_VLAN=$PUBLIC_VLAN
-PRIVATE_VLAN=$PRIVATE_VLAN
-PRIVATE_BRIDGE=$PRIVATE_BRIDGE
-EOF
+++ /dev/null
-#!/bin/bash
-
-function get_value {
-
- eval def=\$$1
- read -p "$1? [$def/none] " x
- if [ "$x" == "none" ]; then
- eval $1="";
- elif [ -n "$x" ]; then
- eval $1="$x";
- fi
-
-}
-
-
-DEFAULT=/etc/default/snf-network
-
-source $DEFAULT
-source $CONF
-source $INFRA
-source $CLUSTER
-
-if [ ! -e "$SHAREDDIR/infra/" ]; then
- exit 1
-fi
-
-cd $SHAREDDIR/infra/
-
-
-for nodegroup in $NODEGROUPS; do
- source $INFRA
- echo Group: $nodegroup
- get_value ROUTER
- get_value MAC_MASK
- get_value PUBLIC_INTERFACE
- get_value PUBLIC_BRIDGE
- get_value PUBLIC_VLAN
- get_value PRIVATE_VLAN
- get_value PRIVATE_BRIDGE
- cat > $nodegroup <<EOF
-ROUTER=$ROUTER
-MAC_MASK=$MAC_MASK
-PUBLIC_INTERFACE=$PUBLIC_INTERFACE
-PUBLIC_BRIDGE=$PUBLIC_BRIDGE
-PUBLIC_VLAN=$PUBLIC_VLAN
-PRIVATE_VLAN=$PRIVATE_VLAN
-PRIVATE_BRIDGE=$PRIVATE_BRIDGE
-EOF
-done
-
-
-for node in $NODES; do
- echo Node: $node
- NODEGROUP=default
- get_value NODEGROUP
- ln -sf $NODEGROUP $node
-done
--- /dev/null
+#!/bin/bash
+
+DEFAULT=/etc/default/snf-network
+
+source $DEFAULT
+source $CONF
+source $INFRA
+
+HOSTNAME=$(hostname)
+
+HOSTINFRA=$SHAREDDIR/infra/$HOSTNAME
+CLUSTERINFRA=$SHAREDDIR/infra/cluster
+
+PUBLIC_IFACE=$(ip route | grep default | awk '{print $5}')
+PUBLIC_MAC=$(ip link show $PUBLIC_IFACE | grep link/ether | awk '{print $2}')
+
+echo PUBLIC_IFACE=$PUBLIC_IFACE > $HOSTINFRA
+echo PUBLIC_MAC=$PUBLIC_MAC >> $HOSTINFRA
+
+source $CLUSTERINFRA
+
+if [ -n "$PUBLIC_VLAN_ID" ]; then
+ PUBLIC_VLAN=$PUBLIC_IFACE.$PUBLIC_VLAN_ID
+ echo PUBLIC_VLAN=$PUBLIC_VLAN >> $HOSTINFRA
+fi
+
+if [ -n "$PRIVATE_VLAN_ID" ]; then
+ PRIVATE_VLAN=$PUBLIC_IFACE.$PRIVATE_VLAN_ID
+ echo PRIVATE_VLAN=$PRIVATE_VLAN >> $HOSTINFRA
+fi
+
INTERFACES=$SHAREDDIR/interfaces/$HOSTNAME
HOSTINFRA=$SHAREDDIR/infra/$HOSTNAME
+CLUSTERINFRA=$SHAREDDIR/infra/cluster
if [ -e "$HOSTINFRA" ]; then
source $HOSTINFRA
fi
-if [ -e /proc/sys/net/ipv4/conf/$PUBLIC_BRIDGE -o \
- -e /proc/sys/net/ipv4/conf/$PUBLIC_VLAN -o \
- -e /proc/sys/net/ipv4/conf/$PRIVATE_VLAN -o \
- -e /proc/sys/net/ipv4/conf/$PRIVATE_BRIDGE ]; then
+source $CLUSTERINFRA
+
+if [ -n "$PUBLIC_BRIDGE" -a -e /proc/sys/net/ipv4/conf/$PUBLIC_BRIDGE ]; then
+ echo Interfaces already exist! Please check:
+ echo $PUBLIC_BRIDGE for bridging TAPs with public IPs
+ exit 1
+elif [ -n "$PUBLIC_VLAN" -a -e /proc/sys/net/ipv4/conf/$PUBLIC_VLAN -o \
+ -n "$PRIVATE_BRIDGE" -a -e /proc/sys/net/ipv4/conf/$PRIVATE_BRIDGE -o \
+ -n "$PRIVATE_VLAN" -a -e /proc/sys/net/ipv4/conf/$PRIVATE_VLAN ]; then
echo Interfaces already exist! Please check:
echo $PUBLIC_BRIDGE for bridging TAPs with public IPs
echo $PUBLIC_VLAN for routing TAPs with public IPs
fi
-PUBLIC_INTERFACE=$(ip route | grep default | awk '{print $5}')
-PUBLIC_MAC=$(ip link show $PUBLIC_INTERFACE | grep link/ether | awk '{print $2}')
-
-if [ -n "$PUBLIC_BRIDGE" -a -n "$PUBLIC_INTERFACE" ]; then
+if [ -n "$PUBLIC_BRIDGE" -a -n "$PUBLIC_IFACE" ]; then
cat > $INTERFACES<<EOF
auto $PUBLIC_BRIDGE
iface $PUBLIC_BRIDGE inet manual
- bridge_ports $PUBLIC_INTERFACE
+ bridge_ports $PUBLIC_IFACE
bridge_stp off
bridge_fd 2
post-up ip link set $PUBLIC_BRIDGE address $PUBLIC_MAC
else
if [ -n "$PUBLIC_VLAN" ]; then
+ echo PUBLIC_VLAN=$PUBLIC_VLAN >> $HOSTINFRA
cat >> $INTERFACES<<EOF
auto $PUBLIC_VLAN
iface $PUBLIC_VLAN inet manual
EOF
+ fi
if [ -n "$PRIVATE_VLAN" -a -n "$PRIVATE_BRIDGE" ]; then
+ echo PRIVATE_VLAN=$PRIVATE_VLAN >> $HOSTINFRA
cat >> $INTERFACES<<EOF
auto $PRIVATE_VLAN
iface $PRIVATE_VLAN inet manual
mkdir $SHAREDDIR/mappings
fi
-if [ -z "$(grep nfdhcpd.ferm /etc/ferm/ferm.conf)" ]; then
- echo @include 'nfdhcpd.ferm'; >> /etc/ferm/ferm.conf
- /etc/init.d/ferm restart
-fi
-
+++ /dev/null
-#!/bin/bash
-
-if [ $# -ne 1 ]; then
- echo "Usage: $0 interface"
- exit 1
-fi
-
-IFACE=$1
-
-MAC=$(ip link show $IFACE | grep link/ether | awk '{print $2}')
-
-echo $MAC
+++ /dev/null
-#!/bin/bash
-
-if [ $# -ne 1 ]; then
- echo "Usage: $0 <target_node>"
- exit 1
-fi
-
-TARGET=$1
-
-ping -c1 $TARGET > /dev/null
-
-MAC=$(arp -a | grep "$TARGET" | awk '{print $4}')
-
-echo $MAC
+++ /dev/null
-#!/bin/bash
-
-PUBLIC=$(ip route | grep default | awk '{print $5}')
-
-echo $PUBLIC
source $CONF
-if [ $# -ne 1 ]; then
- echo Usage: $0 add/remove
- exit 1
-fi
-
-
-ACTION=$1
NETWORKS="$(ls $SHAREDDIR/networks/)"
HOSTNAME=$(hostname)
-if [ "$ACTION" == "add" ]; then
- snf-network-configure-interfaces
-fi
+INTERFACES=$SHAREDDIR/interfaces/$HOSTNAME
-for NETWORK in $NETWORKS; do
+ifup -i $INTERFACES -a
-NETFILE=$SHAREDDIR/networks/$NETWORK
-NODEMAPFILE=$SHAREDDIR/mappings/$NETWORK-$HOSTNAME
-NODEINFRAFILE=$SHAREDDIR/infra/$HOSTNAME
-
-RT_TABLES=/etc/iproute2/rt_tables
+for NETWORK in $NETWORKS; do
-source $NODEINFRAFILE
-source $NETFILE
-source $NODEMAPFILE
+ NETFILE=$SHAREDDIR/networks/$NETWORK
+ NODEMAPFILE=$SHAREDDIR/mappings/$NETWORK-$HOSTNAME
+ NODEINFRAFILE=$SHAREDDIR/infra/$HOSTNAME
+ CLUSTERINFRAFILE=$SHAREDDIR/infra/cluster
+ RT_TABLES=/etc/iproute2/rt_tables
+ source $NODEINFRAFILE
+ source $CLUSTERINFRAFILE
+ source $NETFILE
-if [ "$ACTION" == "add" ]; then
if [ "$MODE" == "routed" ]; then
VLAN=$LINK
TABLE=rt_$NETWORK
if [ "$MODE" == "bridged" ]; then
BRIDGE=$LINK
- if [ ! -z "$GATEWAY" ]; then
+ if [ ! -z "$GATEWAY" -a $ENABLE_MASQ ]; then
if [ "$TYPE" == "private" ]; then
if [ "$HOSTNAME" == "$ROUTER" ]; then
NETMASK=$(ipcalc $SUBNET | grep Netmask | awk '{print $4}')
fi
fi
fi
-
-elif [ "$ACTION" == "remove" ]; then
- if [ ! -e "$NODEMAPFILE" ]; then
- exit 0;
- fi
-
- source $NODEMAPFILE
-
- if [ "$MODE" == "routed" ]; then
- VLAN=$LINK
- TABLE=rt_$NETWORK
- if [ "$TYPE" == "public" ]; then
- ARP_IP=$(ipcalc $SUBNET | grep HostMax | awk '{print $2}')
-
- arptables -D OUTPUT -o $VLAN --opcode request -j mangle --mangle-ip-s $ARP_IP
-
- ip route del default via $GATEWAY dev $VLAN table $TABLE
- ip route del $SUBNET dev $VLAN table $TABLE
-
- ip route del $SUBNET dev $VLAN table main
-
- ip rule del iif $VLAN table $TABLE
-
- sed -i 's/.*'"$TABLE"'$//' $RT_TABLES
- fi
- fi
-
-
-
- if [ "$MODE" == "bridged" ]; then
- BRIDGE=$LINK
- if [ ! -z "$GATEWAY" ]; then
- if [ "$TYPE" == "private" ]; then
- if [ "$HOSTNAME" == "$ROUTER" ]; then
- NETMASK=$(ipcalc $SUBNET | grep Netmask | awk '{print $4}')
- ip addr del $GATEWAY/$NETMASK dev $BRIDGE
- iptables -t nat -D POSTROUTING -s $SUBNET \! -d 192.168.0.0/16 -j MASQUERADE
- fi
- fi
- fi
- fi
-
-
-fi
done
-
-if [ "$ACTION" == "remove" ]; then
- snf-network-unconfigure-interfaces
-fi
--- /dev/null
+#!/bin/bash
+
+source /etc/default/snf-network
+
+source $CONF
+
+NETWORKS="$(ls $SHAREDDIR/networks/)"
+
+HOSTNAME=$(hostname)
+
+for NETWORK in $NETWORKS; do
+
+ NETFILE=$SHAREDDIR/networks/$NETWORK
+ NODEMAPFILE=$SHAREDDIR/mappings/$NETWORK-$HOSTNAME
+ NODEINFRAFILE=$SHAREDDIR/infra/$HOSTNAME
+
+ RT_TABLES=/etc/iproute2/rt_tables
+
+ source $NODEINFRAFILE
+ source $NETFILE
+ source $NODEMAPFILE
+
+
+ if [ "$MODE" == "routed" ]; then
+ VLAN=$LINK
+ TABLE=rt_$NETWORK
+ if [ "$TYPE" == "public" ]; then
+ ARP_IP=$(ipcalc $SUBNET | grep HostMax | awk '{print $2}')
+
+ arptables -D OUTPUT -o $VLAN --opcode request -j mangle --mangle-ip-s $ARP_IP
+
+ ip route del default via $GATEWAY dev $VLAN table $TABLE
+ ip route del $SUBNET dev $VLAN table $TABLE
+
+ ip route del $SUBNET dev $VLAN table main
+
+ ip rule del iif $VLAN table $TABLE
+
+ sed -i 's/.*'"$TABLE"'$//' $RT_TABLES
+ fi
+ fi
+
+
+
+ if [ "$MODE" == "bridged" ]; then
+ BRIDGE=$LINK
+ if [ ! -z "$GATEWAY" -a $ENABLE_MASQ ]; then
+ if [ "$TYPE" == "private" ]; then
+ if [ "$HOSTNAME" == "$ROUTER" ]; then
+ NETMASK=$(ipcalc $SUBNET | grep Netmask | awk '{print $4}')
+ ip addr del $GATEWAY/$NETMASK dev $BRIDGE
+ iptables -t nat -D POSTROUTING -s $SUBNET \! -d 192.168.0.0/16 -j MASQUERADE
+ fi
+ fi
+ fi
+ fi
+
+done
+
+INTERFACES=$SHAREDDIR/interfaces/$HOSTNAME
+
+ifdown -i $INTERFACES -a --force
+
projects / snf-network / commitdiff