Revision 1bdc9427

b/common.sh
66 66 

  		





  67
  67
  
    
	# Enable proxy ARP


  		





  68
  68
  
    
	echo 1 > /proc/sys/net/ipv4/conf/$INTERFACE/proxy_arp


  		





  
  69
  
    

  		





  
  70
  
    
  # Send GARP from host to upstream router


  		





  
  71
  
    
  get_uplink $TABLE


  		





  
  72
  
    
  echo 1 > /proc/sys/net/ipv4/ip_nonlocal_bind


  		





  
  73
  
    
  hooks-log $0 "arping  -c3 -I $UPLINK -U $IP"


  		





  
  74
  
    
  arping  -c3 -I $UPLINK -U $IP


  		





  
  75
  
    
  echo 0 > /proc/sys/net/ipv4/ip_nonlocal_bind


  		





  
  76
  
    

  		





  69
  77
  
    
}


  		





  70
  78
  
    

  		





  71
  79
  
    
function routed_setup_ipv6 {


  		





  72
  80
  
    
	# Add a routing entry for the eui-64


  		





  73
  
  
    
	prefix=$NETWORK_SUBNET6


  		





  74
  
  
    
	uplink=$(ip -6 route list table $TABLE | grep "default via" | awk '{print $5}')


  		





  75
  
  
    
	eui64=$($MAC2EUI64 $MAC $prefix)


  		





  
  81
  
    
  get_uplink $TABLE "-6"


  		





  
  82
  
    
  get_eui64 $MAC $NETWORK_SUBNET6


  		





  76
  83
  
    

  		





  77
  
  
    
  if [ -z "$eui64" -o -z "$TABLE" -o -z "$INTERFACE" -o -z "$uplink" ]


  		





  
  84
  
    
  if [ -z "$EUI64" -o -z "$TABLE" -o -z "$INTERFACE" -o -z "$UPLINK" ]


  		





  78
  85
  
    
  then


  		





  79
  86
  
    
    return


  		





  80
  87
  
    
  fi


  		





  81
  88
  
    

  		





  82
  89
  
    
	ip -6 rule add dev $INTERFACE table $TABLE


  		





  83
  
  
    
	ip -6 ro replace $eui64/128 dev $INTERFACE table $TABLE


  		





  84
  
  
    
	ip -6 neigh add proxy $eui64 dev $uplink


  		





  
  90
  
    
	ip -6 ro replace $EUI64/128 dev $INTERFACE table $TABLE


  		





  
  91
  
    
	ip -6 neigh add proxy $EUI64 dev $UPLINK


  		





  85
  92
  
    

  		





  86
  93
  
    
	# disable proxy NDP since we're handling this on userspace


  		





  87
  94
  
    
	# this should be the default, but better safe than sorry


  		





  88
  95
  
    
	echo 0 > /proc/sys/net/ipv6/conf/$INTERFACE/proxy_ndp


  		





  
  96
  
    

  		





  
  97
  
    
  # Send Unsolicited Neighbor Advertisement


  		





  
  98
  
    
  hooks-log $0 "ndsend $EUI64 $UPLINK"


  		





  
  99
  
    
  ndsend $EUI64 $UPLINK


  		





  
  100
  
    

  		





  89
  101
  
    
}


  		





  90
  102
  
    

  		





  91
  103
  
    
# pick a firewall profile per NIC, based on tags (and apply it)


  		





  ......




  171
  183
  
    

  		





  172
  184
  
    
}


  		





  173
  185
  
    

  		





  
  186
  
    
function get_uplink {


  		





  
  187
  
    

  		





  
  188
  
    
  local table=$1


  		





  
  189
  
    
  local version=$2


  		





  
  190
  
    
  UPLINK=$(ip "$version" route list table "$table" | grep "default via" | awk '{print $5}')


  		





  
  191
  
    

  		





  
  192
  
    
}


  		





  
  193
  
    

  		





  
  194
  
    
# Because we do not have IPv6 value in our environment


  		





  
  195
  
    
# we caclulate it based on the NIC's MAC and the IPv6 subnet (if any)


  		





  
  196
  
    
# first argument MAC second IPv6 subnet


  		





  
  197
  
    
# Changes global value EUI64


  		





  
  198
  
    
get_eui64 () {


  		





  
  199
  
    

  		





  
  200
  
    
  local mac=$1


  		





  
  201
  
    
  local prefix=$2


  		





  
  202
  
    

  		





  
  203
  
    
  if [ -z "$prefix" ]; then


  		





  
  204
  
    
    EUI64=


  		





  
  205
  
    
  else


  		





  
  206
  
    
    EUI64=$($MAC2EUI64 $mac $prefix)


  		





  
  207
  
    
  fi


  		





  
  208
  
    

  		





  
  209
  
    
}


  		












  

    
      b/dnshook
    
  






  13
  13
  
    
MAC2EUI64="/usr/bin/mac2eui64"


  		





  14
  14
  
    

  		





  15
  15
  
    
source /etc/default/snf-network


  		





  
  16
  
    
source /usr/lib/snf-network/common.sh


  		





  16
  17
  
    

  		





  17
  18
  
    
if [ -z "$SERVER" -o -z "$FZONE" -o ! -e "$KEYFILE" ]; then


  		





  18
  19
  
    
  exit 0


  		





  ......




  211
  212
  
    
}


  		





  212
  213
  
    

  		





  213
  214
  
    

  		





  214
  
  
    
# Because we do not have IPv6 value in our environment


  		





  215
  
  
    
# we caclulate it based on the NIC's MAC and the IPv6 subnet (if any)


  		





  216
  
  
    
# first argument MAC second IPv6 subnet


  		





  217
  
  
    
# Changes global value EUI64


  		





  218
  
  
    
get_eui64 () {


  		





  219
  
  
    

  		





  220
  
  
    
  local mac=$1


  		





  221
  
  
    
  local prefix=$2


  		





  222
  
  
    

  		





  223
  
  
    
  if [ -z "$prefix" ]; then


  		





  224
  
  
    
    EUI64=


  		





  225
  
  
    
  else


  		





  226
  
  
    
    EUI64=$($MAC2EUI64 $MAC $SUBNET6)


  		





  227
  
  
    
  fi


  		





  228
  
  
    

  		





  229
  
  
    
}


  		





  230
  
  
    

  		





  231
  
  
    

  		





  232
  215
  
    
# Main starts here


  		





  233
  216
  
    

  		





  234
  217
  
    

  		












  

    
      b/fix-net
    
  






  28
  28
  
    
  for tag in $TAGS; do


  		





  29
  29
  
    
    case $tag in


  		





  30
  30
  
    
    $IP_LESS_ROUTED_TAG)


  		





  31
  
  
    
      uplink=$(ip route list table $LINK | grep "default via" | awk '{print $5}')


  		





  32
  
  
    
      uplink6=$(ip -6 route list table $LINK | grep "default via" | awk '{print $5}')


  		





  33
  
  
    
      eui64=$($MAC2EUI64 $MAC $SUBNET6 2>/dev/null)


  		





  34
  31
  
    
      if [ "$GANETI_INSTANCE_OLD_PRIMARY" == "$host.$domain" ]; then


  		





  35
  32
  
    
        # This runs on the source node


  		





  36
  
  
    
        hooks-log $0 "ip -6 neigh del proxy $eui64 dev $uplink6"


  		





  37
  
  
    
        ip -6 neigh del proxy $eui64 dev $uplink6 >/dev/null 2>&1


  		





  
  33
  
    
        get_uplink $LINK "-6"


  		





  
  34
  
    
        get_eui64 $MAC $SUBNET6


  		





  
  35
  
    
        hooks-log $0 "ip -6 neigh del proxy $EUI64 dev $UPLINK"


  		





  
  36
  
    
        ip -6 neigh del proxy $EUI64 dev $UPLINK >/dev/null 2>&1


  		





  38
  37
  
    
      elif [ "$GANETI_INSTANCE_NEW_PRIMARY" == "$host.$domain" ]; then


  		





  39
  
  
    
        # This runs on the target node


  		





  40
  
  
    
        # Send GARP from host to upstream router to speed up mac change for the VMs IP


  		





  41
  
  
    
        hooks-log $0 "arping  -c3 -I $uplink -U $IP"


  		





  42
  
  
    
        echo 1 > /proc/sys/net/ipv4/ip_nonlocal_bind


  		





  43
  
  
    
        arping  -c3 -I $uplink -U $IP


  		





  44
  
  
    
        echo 0 > /proc/sys/net/ipv4/ip_nonlocal_bind


  		





  45
  
  
    
        # Send Unsolicited Neighbor Advertisement to speed up nd change for the VMs IP


  		





  46
  
  
    
        hooks-log $0 "ndsend $eui64 $uplink6"


  		





  47
  
  
    
        ndsend $eui64 $uplink6


  		





  
  38
  
    
        hooks-log $0 "Do nothing in new primary. All done by if-up script"


  		





  48
  39
  
    
      fi


  		





  49
  40
  
    
    ;;


  		





  50
  41
  
    
    esac


  		












Also available in:
  Unified diff