Ian Pratt wrote:
BTW: I'd like to see a few changes in the way this stuff works anyhow.
Firstly, rename network to network-bridge.
Ian, I had started something along these lines. Just for grins,
resubmitting a freshly regenerated patch that just does above.
Next, I'd make it such that it's possible to have multiple
network-script lines, each with parameters e.g. something like:
I started this - but it became less than desirable to stick
all of this into xend. That is, what I was thinking was - we
simply point the tools to a configuration file that's a top
level script, and hide all of the meat of the work inside those
scripts. If we change the syntax, we wouldn't require a change
to the tools, would be one advantage.
(network-script ( network-bridge ( bridge xen-br0 ) ( netdev eth0 ) ) )
(network-script ( network-bridge ( bridge xen-br1 ) ( netdev eth1 ) ) )
[having multiple interfaces should result in multiple vif0.x and vethX
devices]
And then the vif-script along with default parameters e.g.
( vif-script ( vif-bridge ( bridge xen-br0 ) ( antispoof no ) ) )
Do others agree?
Could someone work up a patch?
Or we could do the above..
Signed-off-by: Nivedita Singhvi (niv@xxxxxxxxxx)
diff -urN xen-unstable-0804/tools/examples/network
xen-p1-0804/tools/examples/network
--- xen-unstable-0804/tools/examples/network 2005-08-03 20:53:24.000000000
-0700
+++ xen-p1-0804/tools/examples/network 1969-12-31 16:00:00.000000000 -0800
@@ -1,246 +0,0 @@
-#!/bin/sh
-#============================================================================
-# Default Xen network start/stop script.
-# Xend calls a network script when it starts.
-# The script name to use is defined in /etc/xen/xend-config.sxp
-# in the network-script field.
-#
-# This script creates a bridge (default xen-br0), adds a device
-# (default eth0) to it, copies the IP addresses from the device
-# to the bridge and adjusts the routes accordingly.
-#
-# If all goes well, this should ensure that networking stays up.
-# However, some configurations are upset by this, especially
-# NFS roots. If the bridged setup does not meet your needs,
-# configure a different script, for example using routing instead.
-#
-# Usage:
-#
-# network (start|stop|status) {VAR=VAL}*
-#
-# Vars:
-#
-# bridge The bridge to use (default xen-br0).
-# netdev The interface to add to the bridge (default eth0).
-# antispoof Whether to use iptables to prevent spoofing (default yes).
-#
-# start:
-# Creates the bridge and enslaves netdev to it.
-# Copies the IP addresses from netdev to the bridge.
-# Deletes the routes to netdev and adds them on bridge.
-#
-# stop:
-# Removes netdev from the bridge.
-# Deletes the routes to bridge and adds them to netdev.
-#
-# status:
-# Print ifconfig for netdev and bridge.
-# Print routes.
-#
-#============================================================================
-
-# Exit if anything goes wrong.
-set -e
-
-# First arg is the operation.
-OP=$1
-shift
-
-# Pull variables in args in to environment.
-for arg ; do export "${arg}" ; done
-
-bridge=${bridge:-xen-br0}
-netdev=${netdev:-eth0}
-antispoof=${antispoof:-yes}
-
-echo "*network $OP bridge=$bridge netdev=$netdev antispoof=$antispoof" >&2
-
-# Usage: transfer_addrs src dst
-# Copy all IP addresses (including aliases) from device $src to device $dst.
-transfer_addrs () {
- local src=$1
- local dst=$2
- # Don't bother if $dst already has IP addresses.
- if ip addr show dev ${dst} | egrep -q '^ *inet ' ; then
- return
- fi
- # Address lines start with 'inet' and have the device in them.
- # Replace 'inet' with 'ip addr add' and change the device name $src
- # to 'dev $src'.
- ip addr show dev ${src} | egrep '^ *inet ' | sed -e "
-s/inet/ip addr add/
-s@\([0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+/[0-9]\+\)@\1@
-s/${src}/dev ${dst}/
-" | sh -e
- # Remove automatic routes on destionation device
- ip route list | sed -ne "
-/dev ${dst}\( \|$\)/ {
- s/^/ip route del /
- p
-}" | sh -e
-}
-
-# Usage: del_addrs src
-del_addrs () {
- local src=$1
- ip addr show dev ${src} | egrep '^ *inet ' | sed -e "
-s/inet/ip addr del/
-s@\([0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+\)/[0-9]\+@\1@
-s/${src}/dev ${src}/
-" | sh -e
-}
-
-# Usage: transfer_routes src dst
-# Get all IP routes to device $src, delete them, and
-# add the same routes to device $dst.
-# The original routes have to be deleted, otherwise adding them
-# for $dst fails (duplicate routes).
-transfer_routes () {
- local src=$1
- local dst=$2
- # List all routes and grep the ones with $src in.
- # Stick 'ip route del' on the front to delete.
- # Change $src to $dst and use 'ip route add' to add.
- ip route list | sed -ne "
-/dev ${src}\( \|$\)/ {
- h
- s/^/ip route del /
- P
- g
- s/${src}/${dst}/
- s/^/ip route add /
- P
- d
-}" | sh -e
-}
-
-# Usage: create_bridge bridge
-create_bridge () {
- local bridge=$1
-
- # Don't create the bridge if it already exists.
- if ! brctl show | grep -q ${bridge} ; then
- brctl addbr ${bridge}
- brctl stp ${bridge} off
- brctl setfd ${bridge} 0
- fi
- ifconfig ${bridge} up
-}
-
-# Usage: add_to_bridge bridge dev
-add_to_bridge () {
- local bridge=$1
- local dev=$2
- # Don't add $dev to $bridge if it's already on a bridge.
- if ! brctl show | grep -q ${dev} ; then
- brctl addif ${bridge} ${dev}
- fi
-}
-
-# Usage: antispoofing dev bridge
-# Set the default forwarding policy for $dev to drop.
-# Allow forwarding to the bridge.
-antispoofing () {
- local dev=$1
- local bridge=$2
-
- iptables -P FORWARD DROP
- iptables -A FORWARD -m physdev --physdev-in ${dev} -j ACCEPT
-}
-
-# Usage: show_status dev bridge
-# Print ifconfig and routes.
-show_status () {
- local dev=$1
- local bridge=$2
-
- echo '============================================================'
- ifconfig ${dev}
- ifconfig ${bridge}
- echo ' '
- ip route list
- echo ' '
- route -n
- echo '============================================================'
-}
-
-op_start () {
- if [ "${bridge}" == "null" ] ; then
- return
- fi
-
- create_bridge ${bridge}
-
- if ifconfig 2>/dev/null | grep -q veth0 ; then
- return
- fi
-
- if ifconfig veth0 2>/dev/null | grep -q veth0 ; then
- # Propagate MAC address and ARP responsibilities to virtual interface.
- mac=`ifconfig ${netdev} | grep HWadd | sed -e
's/.*\(..:..:..:..:..:..\).*/\1/'`
- ifconfig veth0 down
- ifconfig veth0 hw ether ${mac}
- ifconfig veth0 arp up
- transfer_addrs ${netdev} veth0
- transfer_routes ${netdev} veth0
- del_addrs ${netdev}
- ifconfig ${netdev} -arp down
- ifconfig ${netdev} hw ether fe:ff:ff:ff:ff:ff up
- # Bring up second half of virtual device and attach it to the bridge.
- ifconfig vif0.0 up
- add_to_bridge ${bridge} vif0.0
- else
- transfer_addrs ${netdev} ${bridge}
- transfer_routes ${netdev} ${bridge}
- fi
-
- # Attach the real interface to the bridge.
- add_to_bridge ${bridge} ${netdev}
-
- if [ ${antispoof} == 'yes' ] ; then
- antispoofing ${netdev} ${bridge}
- fi
-}
-
-op_stop () {
- if [ "${bridge}" == "null" ] ; then
- return
- fi
-
- brctl delif ${bridge} ${netdev}
-
- if ifconfig veth0 2>/dev/null | grep -q veth0 ; then
- brctl delif ${bridge} vif0.0
- ifconfig vif0.0 down
- mac=`ifconfig veth0 | grep HWadd | sed -e
's/.*\(..:..:..:..:..:..\).*/\1/'`
- ifconfig ${netdev} down
- ifconfig ${netdev} hw ether ${mac}
- ifconfig ${netdev} arp up
- transfer_addrs veth0 ${netdev}
- transfer_routes veth0 ${netdev}
- del_addrs veth0
- ifconfig veth0 -arp down
- ifconfig veth0 hw ether 00:00:00:00:00:00
- else
- transfer_routes ${bridge} ${netdev}
- fi
-}
-
-case ${OP} in
- start)
- op_start
- ;;
-
- stop)
- op_stop
- ;;
-
- status)
- show_status ${netdev} ${bridge}
- ;;
-
- *)
- echo 'Unknown command: ' ${OP} >&2
- echo 'Valid commands are: start, stop, status' >&2
- exit 1
-esac
diff -urN xen-unstable-0804/tools/examples/network-bridge
xen-p1-0804/tools/examples/network-bridge
--- xen-unstable-0804/tools/examples/network-bridge 1969-12-31
16:00:00.000000000 -0800
+++ xen-p1-0804/tools/examples/network-bridge 2005-08-03 20:53:24.000000000
-0700
@@ -0,0 +1,246 @@
+#!/bin/sh
+#============================================================================
+# Default Xen network start/stop script.
+# Xend calls a network script when it starts.
+# The script name to use is defined in /etc/xen/xend-config.sxp
+# in the network-script field.
+#
+# This script creates a bridge (default xen-br0), adds a device
+# (default eth0) to it, copies the IP addresses from the device
+# to the bridge and adjusts the routes accordingly.
+#
+# If all goes well, this should ensure that networking stays up.
+# However, some configurations are upset by this, especially
+# NFS roots. If the bridged setup does not meet your needs,
+# configure a different script, for example using routing instead.
+#
+# Usage:
+#
+# network (start|stop|status) {VAR=VAL}*
+#
+# Vars:
+#
+# bridge The bridge to use (default xen-br0).
+# netdev The interface to add to the bridge (default eth0).
+# antispoof Whether to use iptables to prevent spoofing (default yes).
+#
+# start:
+# Creates the bridge and enslaves netdev to it.
+# Copies the IP addresses from netdev to the bridge.
+# Deletes the routes to netdev and adds them on bridge.
+#
+# stop:
+# Removes netdev from the bridge.
+# Deletes the routes to bridge and adds them to netdev.
+#
+# status:
+# Print ifconfig for netdev and bridge.
+# Print routes.
+#
+#============================================================================
+
+# Exit if anything goes wrong.
+set -e
+
+# First arg is the operation.
+OP=$1
+shift
+
+# Pull variables in args in to environment.
+for arg ; do export "${arg}" ; done
+
+bridge=${bridge:-xen-br0}
+netdev=${netdev:-eth0}
+antispoof=${antispoof:-yes}
+
+echo "*network $OP bridge=$bridge netdev=$netdev antispoof=$antispoof" >&2
+
+# Usage: transfer_addrs src dst
+# Copy all IP addresses (including aliases) from device $src to device $dst.
+transfer_addrs () {
+ local src=$1
+ local dst=$2
+ # Don't bother if $dst already has IP addresses.
+ if ip addr show dev ${dst} | egrep -q '^ *inet ' ; then
+ return
+ fi
+ # Address lines start with 'inet' and have the device in them.
+ # Replace 'inet' with 'ip addr add' and change the device name $src
+ # to 'dev $src'.
+ ip addr show dev ${src} | egrep '^ *inet ' | sed -e "
+s/inet/ip addr add/
+s@\([0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+/[0-9]\+\)@\1@
+s/${src}/dev ${dst}/
+" | sh -e
+ # Remove automatic routes on destionation device
+ ip route list | sed -ne "
+/dev ${dst}\( \|$\)/ {
+ s/^/ip route del /
+ p
+}" | sh -e
+}
+
+# Usage: del_addrs src
+del_addrs () {
+ local src=$1
+ ip addr show dev ${src} | egrep '^ *inet ' | sed -e "
+s/inet/ip addr del/
+s@\([0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+\)/[0-9]\+@\1@
+s/${src}/dev ${src}/
+" | sh -e
+}
+
+# Usage: transfer_routes src dst
+# Get all IP routes to device $src, delete them, and
+# add the same routes to device $dst.
+# The original routes have to be deleted, otherwise adding them
+# for $dst fails (duplicate routes).
+transfer_routes () {
+ local src=$1
+ local dst=$2
+ # List all routes and grep the ones with $src in.
+ # Stick 'ip route del' on the front to delete.
+ # Change $src to $dst and use 'ip route add' to add.
+ ip route list | sed -ne "
+/dev ${src}\( \|$\)/ {
+ h
+ s/^/ip route del /
+ P
+ g
+ s/${src}/${dst}/
+ s/^/ip route add /
+ P
+ d
+}" | sh -e
+}
+
+# Usage: create_bridge bridge
+create_bridge () {
+ local bridge=$1
+
+ # Don't create the bridge if it already exists.
+ if ! brctl show | grep -q ${bridge} ; then
+ brctl addbr ${bridge}
+ brctl stp ${bridge} off
+ brctl setfd ${bridge} 0
+ fi
+ ifconfig ${bridge} up
+}
+
+# Usage: add_to_bridge bridge dev
+add_to_bridge () {
+ local bridge=$1
+ local dev=$2
+ # Don't add $dev to $bridge if it's already on a bridge.
+ if ! brctl show | grep -q ${dev} ; then
+ brctl addif ${bridge} ${dev}
+ fi
+}
+
+# Usage: antispoofing dev bridge
+# Set the default forwarding policy for $dev to drop.
+# Allow forwarding to the bridge.
+antispoofing () {
+ local dev=$1
+ local bridge=$2
+
+ iptables -P FORWARD DROP
+ iptables -A FORWARD -m physdev --physdev-in ${dev} -j ACCEPT
+}
+
+# Usage: show_status dev bridge
+# Print ifconfig and routes.
+show_status () {
+ local dev=$1
+ local bridge=$2
+
+ echo '============================================================'
+ ifconfig ${dev}
+ ifconfig ${bridge}
+ echo ' '
+ ip route list
+ echo ' '
+ route -n
+ echo '============================================================'
+}
+
+op_start () {
+ if [ "${bridge}" == "null" ] ; then
+ return
+ fi
+
+ create_bridge ${bridge}
+
+ if ifconfig 2>/dev/null | grep -q veth0 ; then
+ return
+ fi
+
+ if ifconfig veth0 2>/dev/null | grep -q veth0 ; then
+ # Propagate MAC address and ARP responsibilities to virtual interface.
+ mac=`ifconfig ${netdev} | grep HWadd | sed -e
's/.*\(..:..:..:..:..:..\).*/\1/'`
+ ifconfig veth0 down
+ ifconfig veth0 hw ether ${mac}
+ ifconfig veth0 arp up
+ transfer_addrs ${netdev} veth0
+ transfer_routes ${netdev} veth0
+ del_addrs ${netdev}
+ ifconfig ${netdev} -arp down
+ ifconfig ${netdev} hw ether fe:ff:ff:ff:ff:ff up
+ # Bring up second half of virtual device and attach it to the bridge.
+ ifconfig vif0.0 up
+ add_to_bridge ${bridge} vif0.0
+ else
+ transfer_addrs ${netdev} ${bridge}
+ transfer_routes ${netdev} ${bridge}
+ fi
+
+ # Attach the real interface to the bridge.
+ add_to_bridge ${bridge} ${netdev}
+
+ if [ ${antispoof} == 'yes' ] ; then
+ antispoofing ${netdev} ${bridge}
+ fi
+}
+
+op_stop () {
+ if [ "${bridge}" == "null" ] ; then
+ return
+ fi
+
+ brctl delif ${bridge} ${netdev}
+
+ if ifconfig veth0 2>/dev/null | grep -q veth0 ; then
+ brctl delif ${bridge} vif0.0
+ ifconfig vif0.0 down
+ mac=`ifconfig veth0 | grep HWadd | sed -e
's/.*\(..:..:..:..:..:..\).*/\1/'`
+ ifconfig ${netdev} down
+ ifconfig ${netdev} hw ether ${mac}
+ ifconfig ${netdev} arp up
+ transfer_addrs veth0 ${netdev}
+ transfer_routes veth0 ${netdev}
+ del_addrs veth0
+ ifconfig veth0 -arp down
+ ifconfig veth0 hw ether 00:00:00:00:00:00
+ else
+ transfer_routes ${bridge} ${netdev}
+ fi
+}
+
+case ${OP} in
+ start)
+ op_start
+ ;;
+
+ stop)
+ op_stop
+ ;;
+
+ status)
+ show_status ${netdev} ${bridge}
+ ;;
+
+ *)
+ echo 'Unknown command: ' ${OP} >&2
+ echo 'Valid commands are: start, stop, status' >&2
+ exit 1
+esac
diff -urN xen-unstable-0804/tools/examples/README
xen-p1-0804/tools/examples/README
--- xen-unstable-0804/tools/examples/README 2005-08-03 20:53:24.000000000
-0700
+++ xen-p1-0804/tools/examples/README 2005-08-04 16:27:37.939395892 -0700
@@ -9,8 +9,18 @@
send it (preferably with a little summary to go in this file) to
<xen-devel@xxxxxxxxxxxxxxxxxxxxx> so we can add it to this directory.
-network - default network setup script called by xend at startup.
-vif-bridge - default virtual network interface setup script.
+Network setup scripts called by xend on startup:
+------------------------------------------------
+network-bridge - for bridging case
+network-route - for routing
+network-nat - for routing with NAT
+
+Vif setup script called by xen on startup:
+------------------------------------------
+vif-bridge - for bridging case
+vif-route - for routing
+vif-nat - for routing with NAT
+
xend-config.sxp - default xend configuration file.
xmexample1 - example configuration script for 'xm create'.
xmexample2 - a more complex configuration script for 'xm create'.
diff -urN xen-unstable-0804/tools/examples/xend-config.sxp
xen-p1-0804/tools/examples/xend-config.sxp
--- xen-unstable-0804/tools/examples/xend-config.sxp 2005-08-03
20:53:24.000000000 -0700
+++ xen-p1-0804/tools/examples/xend-config.sxp 2005-08-04 16:41:08.504696262
-0700
@@ -26,9 +26,15 @@
# The default script used to control virtual interfaces.
#(vif-script vif-route)
+## Use the following if VIF traffic is routed/NAT.
+# The script used to start/stop networking for xend.
+#(network-script network-nat)
+# The default script used to control virtual interfaces.
+#(vif-script vif-nat)
+
## Use the following if VIF traffic is bridged.
# The script used to start/stop networking for xend.
-(network-script network)
+(network-script network-bridge)
# The default bridge that virtual interfaces should be connected to.
(vif-bridge xen-br0)
# The default script used to control virtual interfaces.
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
|
Home