History | View | Annotate | Download (9.3 kB)
Minor changes related to logging
Signed-off-by: Dimitris Aragiorgis <dimara@grnet.gr>
Some minor fixes..
- Use NETWORK_SUBNET6 since this is exported by Ganeti and not just SUBNET6- All logging in helper function- Do not send GARP or delete neighbor proxy if desired vars are not set
Introduce get_info helper method
It gets the exported environment and calculates all needed vars fora specific interface. Use this function early in scripts and assoon as you extract each interface info in hooks.
Make get_info caclulate ebtables chain names
Use env var for logging script
Use arpsend instead of arping
arpsend comes along with ndsend with vzctl package.We send only one packet in order not to delay ifup script.
Small changes in if* scripts
Factor out common funtions from dnshook
Do not add ebtables rule for dhcp response
nfdhpcd opens a socket and binds it with tap interface. So dhcpresponse will NOT go though the bridge and ebtables rule isnot needed.
Fix typo in ebtables
If interface has an IP we used to add a rule that does not allowpackets coming from TAP to have a different IP. There was a typoin if statement and the rule did never apply.
Still, we do NOT want this rule so we fix typo and comment the...
Create ebtables chains with RETURN policy
This fixes inter-node private networks in case of multicast packets.Multicast packets are forwarded to all interfaces bridgedon the bridge. Lets assume the following:
prv0 bridge with tap0, tap1, and eth1.From tap0 comes a multicast packet....
Fix ebtables
1) Add ebtables in INPUT/OUTPUT chains too This is needed because multicast packets (e.g. with dst address 01:00:83:xx:xx:xx) do NOT go through forward chain
2) In case of nfdhpcd allow DHCP replies only with src address the MAC address of incoming device (e.g. prv0)...
Move fix-net logic from hooks to if-up
In target node we used to run arping and ndsend. Move thesecommands to if-up script.
Introduce helper function to get eui64 and uplink.
return in case expected env vars are not set
In case of IPv6 only setup, IP environment variable should not beset. Still if we have a routed setup routed_setup_ipv4() gets invoked.
This means that the following command will be invoked:
ip route replace proto static dev tap3 table public...
Support firewalls based on NINC index, uuid, names
Serialize the excecution of ebtables processes
ebtables cannot handle multiple userspace ebtables processes runningconcurrently. This could lead to failures while setting up or cleaningup ebtables for VM networks.
ebtables latest release (included in Debian Wheezy) supports ebtables...
Add vif-custom script and split kvm-vif-bridge
Put functions in /usr/lib/snf-network/common.sh