root / hooks / network-connect-post.d / snf-network @ a9872828
History | View | Annotate | Download (2 kB)
1 |
#!/bin/bash |
---|---|
2 |
|
3 |
source /etc/default/snf-network |
4 |
|
5 |
source $CONF |
6 |
|
7 |
GROUP=$GANETI_GROUP_NAME |
8 |
NETWORK=$GANETI_GROUP_NETWORK_NAME |
9 |
MODE=$GANETI_GROUP_NETWORK_MODE |
10 |
LINK=$GANETI_GROUP_NETWORK_LINK |
11 |
|
12 |
HOSTNAME=$(hostname) |
13 |
|
14 |
NETFILE=$SHAREDDIR/networks/$NETWORK |
15 |
NODEMAPFILE=$SHAREDDIR/mappings/$NETWORK-$HOSTNAME |
16 |
NODEINFRAFILE=$SHAREDDIR/infra/$HOSTNAME |
17 |
|
18 |
RT_TABLES=/etc/iproute2/rt_tables |
19 |
|
20 |
|
21 |
if [ -e $NODEMAPFILE ]; then |
22 |
exit 0 |
23 |
fi |
24 |
|
25 |
|
26 |
cat > $NODEMAPFILE <<EOF |
27 |
MODE=$MODE |
28 |
LINK=$LINK |
29 |
EOF |
30 |
|
31 |
|
32 |
source $NODEINFRAFILE |
33 |
source $NETFILE |
34 |
|
35 |
if [ "$MODE" == "routed" ]; then |
36 |
TABLE=rt_$NETWORK |
37 |
if [ "$TYPE" == "public" ]; then |
38 |
VLAN=$PUBLIC_VLAN |
39 |
ARP_IP=$(ipcalc $SUBNET | grep HostMax | awk '{print $2}') |
40 |
|
41 |
ip link set $VLAN up |
42 |
|
43 |
echo 1 > "/proc/sys/net/ipv4/conf/$VLAN/proxy_arp" |
44 |
|
45 |
ID=$(wc -l < $RT_TABLES) |
46 |
echo $((ID+1)) $TABLE >> $RT_TABLES |
47 |
|
48 |
if [ -n "$SUBNET" ]; then |
49 |
ip rule add iif $VLAN table $TABLE |
50 |
|
51 |
ip route add $SUBNET dev $VLAN table main |
52 |
|
53 |
ip route add $SUBNET dev $VLAN table $TABLE |
54 |
if [ -n "$GATEWAY" ]; then |
55 |
ip route add default via $GATEWAY dev $VLAN table $TABLE |
56 |
fi |
57 |
echo 1 > /proc/sys/net/ipv4/conf/all/forwarding |
58 |
|
59 |
arptables -A OUTPUT -o $VLAN --opcode request -j mangle --mangle-ip-s $ARP_IP |
60 |
fi |
61 |
|
62 |
if [ -n "$SUBNET6" ]; then |
63 |
ip -6 rule add iif $VLAN table $TABLE |
64 |
ip -6 route add $SUBNET6 dev $VLAN table main |
65 |
ip -6 route add $SUBNET6 dev $VLAN table $TABLE |
66 |
if [ -n "$GATEWAY6" ]; then |
67 |
ip -6 route add default via $GATEWAY6 dev $VLAN table $TABLE |
68 |
fi |
69 |
echo 1 > /proc/sys/net/ipv6/conf/all/forwarding |
70 |
echo 1 > /proc/sys/net/ipv6/conf/$VLAN/proxy_ndp |
71 |
fi |
72 |
fi |
73 |
fi |
74 |
|
75 |
|
76 |
|
77 |
if [ "$MODE" == "bridged" ]; then |
78 |
BRIDGE=$LINK |
79 |
if [ ! -z "$GATEWAY" -a $ENABLE_MASQ ]; then |
80 |
if [ "$TYPE" == "private" ]; then |
81 |
if [ "$HOSTNAME" == "$ROUTER" ]; then |
82 |
NETMASK=$(ipcalc $SUBNET | grep Netmask | awk '{print $4}') |
83 |
ip addr add $GATEWAY/$NETMASK dev $BRIDGE |
84 |
iptables -t nat -A POSTROUTING -s $SUBNET \! -d 192.168.0.0/16 -j MASQUERADE |
85 |
fi |
86 |
fi |
87 |
fi |
88 |
fi |
89 |
|