Xen project Mailing List

[PATCH] network -> network-bridge rename WAS: Re: [Xen-devel] RE: help with bugs

To: Ian Pratt <m+Ian.Pratt@xxxxxxxxxxxx>

From: Nivedita Singhvi <niv@xxxxxxxxxx>

Date: Thu, 04 Aug 2005 17:07:45 -0700

Cc: xen-devel@xxxxxxxxxxxxxxxxxxx, Sean Dague <sean@xxxxxxxxx>

Delivery-date: Fri, 05 Aug 2005 00:06:14 +0000

List-id: Xen developer discussion <xen-devel.lists.xensource.com>

Ian Pratt wrote:

BTW: I'd like to see a few changes in the way this stuff works anyhow.

Firstly, rename network to network-bridge.

Ian, I had started something along these lines. Just for grins, resubmitting a freshly regenerated patch that just does above.

Next, I'd make it such that it's possible to have multiple
network-script lines, each with parameters e.g. something like:

I started this - but it became less than desirable to stick all of this into xend. That is, what I was thinking was - we simply point the tools to a configuration file that's a top level script, and hide all of the meat of the work inside those scripts. If we change the syntax, we wouldn't require a change to the tools, would be one advantage.

(network-script ( network-bridge ( bridge xen-br0 ) ( netdev eth0 ) ) )
(network-script ( network-bridge ( bridge xen-br1 ) ( netdev eth1 ) ) )

[having multiple interfaces should result in multiple vif0.x and vethX
devices]

And then the vif-script along with default parameters e.g.

( vif-script ( vif-bridge ( bridge xen-br0 ) ( antispoof no ) ) )

Do others agree?
Could someone work up a patch?

Or we could do the above.. Signed-off-by: Nivedita Singhvi (niv@xxxxxxxxxx)

diff -urN xen-unstable-0804/tools/examples/network xen-p1-0804/tools/examples/network --- xen-unstable-0804/tools/examples/network 2005-08-03 20:53:24.000000000 -0700 +++ xen-p1-0804/tools/examples/network 1969-12-31 16:00:00.000000000 -0800 @@ -1,246 +0,0 @@ -#!/bin/sh -#============================================================================ -# Default Xen network start/stop script. -# Xend calls a network script when it starts. -# The script name to use is defined in /etc/xen/xend-config.sxp -# in the network-script field. -# -# This script creates a bridge (default xen-br0), adds a device -# (default eth0) to it, copies the IP addresses from the device -# to the bridge and adjusts the routes accordingly. -# -# If all goes well, this should ensure that networking stays up. -# However, some configurations are upset by this, especially -# NFS roots. If the bridged setup does not meet your needs, -# configure a different script, for example using routing instead. -# -# Usage: -# -# network (start|stop|status) {VAR=VAL}* -# -# Vars: -# -# bridge The bridge to use (default xen-br0). -# netdev The interface to add to the bridge (default eth0). -# antispoof Whether to use iptables to prevent spoofing (default yes). -# -# start: -# Creates the bridge and enslaves netdev to it. -# Copies the IP addresses from netdev to the bridge. -# Deletes the routes to netdev and adds them on bridge. -# -# stop: -# Removes netdev from the bridge. -# Deletes the routes to bridge and adds them to netdev. -# -# status: -# Print ifconfig for netdev and bridge. -# Print routes. -# -#============================================================================ - -# Exit if anything goes wrong. -set -e - -# First arg is the operation. -OP=$1 -shift - -# Pull variables in args in to environment. -for arg ; do export "${arg}" ; done - -bridge=${bridge:-xen-br0} -netdev=${netdev:-eth0} -antispoof=${antispoof:-yes} - -echo "*network $OP bridge=$bridge netdev=$netdev antispoof=$antispoof" >&2 - -# Usage: transfer_addrs src dst -# Copy all IP addresses (including aliases) from device $src to device $dst. -transfer_addrs () { - local src=$1 - local dst=$2 - # Don't bother if $dst already has IP addresses. - if ip addr show dev ${dst} | egrep -q '^ *inet ' ; then - return - fi - # Address lines start with 'inet' and have the device in them. - # Replace 'inet' with 'ip addr add' and change the device name $src - # to 'dev $src'. - ip addr show dev ${src} | egrep '^ *inet ' | sed -e " -s/inet/ip addr add/ -s@$[0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+/[0-9]\+$@\1@ -s/${src}/dev ${dst}/ -" | sh -e - # Remove automatic routes on destionation device - ip route list | sed -ne " -/dev ${dst}$ \|$$/ { - s/^/ip route del / - p -}" | sh -e -} - -# Usage: del_addrs src -del_addrs () { - local src=$1 - ip addr show dev ${src} | egrep '^ *inet ' | sed -e " -s/inet/ip addr del/ -s@$[0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+$/[0-9]\+@\1@ -s/${src}/dev ${src}/ -" | sh -e -} - -# Usage: transfer_routes src dst -# Get all IP routes to device $src, delete them, and -# add the same routes to device $dst. -# The original routes have to be deleted, otherwise adding them -# for $dst fails (duplicate routes). -transfer_routes () { - local src=$1 - local dst=$2 - # List all routes and grep the ones with $src in. - # Stick 'ip route del' on the front to delete. - # Change $src to $dst and use 'ip route add' to add. - ip route list | sed -ne " -/dev ${src}$ \|$$/ { - h - s/^/ip route del / - P - g - s/${src}/${dst}/ - s/^/ip route add / - P - d -}" | sh -e -} - -# Usage: create_bridge bridge -create_bridge () { - local bridge=$1 - - # Don't create the bridge if it already exists. - if ! brctl show | grep -q ${bridge} ; then - brctl addbr ${bridge} - brctl stp ${bridge} off - brctl setfd ${bridge} 0 - fi - ifconfig ${bridge} up -} - -# Usage: add_to_bridge bridge dev -add_to_bridge () { - local bridge=$1 - local dev=$2 - # Don't add $dev to $bridge if it's already on a bridge. - if ! brctl show | grep -q ${dev} ; then - brctl addif ${bridge} ${dev} - fi -} - -# Usage: antispoofing dev bridge -# Set the default forwarding policy for $dev to drop. -# Allow forwarding to the bridge. -antispoofing () { - local dev=$1 - local bridge=$2 - - iptables -P FORWARD DROP - iptables -A FORWARD -m physdev --physdev-in ${dev} -j ACCEPT -} - -# Usage: show_status dev bridge -# Print ifconfig and routes. -show_status () { - local dev=$1 - local bridge=$2 - - echo '============================================================' - ifconfig ${dev} - ifconfig ${bridge} - echo ' ' - ip route list - echo ' ' - route -n - echo '============================================================' -} - -op_start () { - if [ "${bridge}" == "null" ] ; then - return - fi - - create_bridge ${bridge} - - if ifconfig 2>/dev/null | grep -q veth0 ; then - return - fi - - if ifconfig veth0 2>/dev/null | grep -q veth0 ; then - # Propagate MAC address and ARP responsibilities to virtual interface. - mac=`ifconfig ${netdev} | grep HWadd | sed -e 's/.*$..:..:..:..:..:..$.*/\1/'` - ifconfig veth0 down - ifconfig veth0 hw ether ${mac} - ifconfig veth0 arp up - transfer_addrs ${netdev} veth0 - transfer_routes ${netdev} veth0 - del_addrs ${netdev} - ifconfig ${netdev} -arp down - ifconfig ${netdev} hw ether fe:ff:ff:ff:ff:ff up - # Bring up second half of virtual device and attach it to the bridge. - ifconfig vif0.0 up - add_to_bridge ${bridge} vif0.0 - else - transfer_addrs ${netdev} ${bridge} - transfer_routes ${netdev} ${bridge} - fi - - # Attach the real interface to the bridge. - add_to_bridge ${bridge} ${netdev} - - if [ ${antispoof} == 'yes' ] ; then - antispoofing ${netdev} ${bridge} - fi -} - -op_stop () { - if [ "${bridge}" == "null" ] ; then - return - fi - - brctl delif ${bridge} ${netdev} - - if ifconfig veth0 2>/dev/null | grep -q veth0 ; then - brctl delif ${bridge} vif0.0 - ifconfig vif0.0 down - mac=`ifconfig veth0 | grep HWadd | sed -e 's/.*$..:..:..:..:..:..$.*/\1/'` - ifconfig ${netdev} down - ifconfig ${netdev} hw ether ${mac} - ifconfig ${netdev} arp up - transfer_addrs veth0 ${netdev} - transfer_routes veth0 ${netdev} - del_addrs veth0 - ifconfig veth0 -arp down - ifconfig veth0 hw ether 00:00:00:00:00:00 - else - transfer_routes ${bridge} ${netdev} - fi -} - -case ${OP} in - start) - op_start - ;; - - stop) - op_stop - ;; - - status) - show_status ${netdev} ${bridge} - ;; - - *) - echo 'Unknown command: ' ${OP} >&2 - echo 'Valid commands are: start, stop, status' >&2 - exit 1 -esac diff -urN xen-unstable-0804/tools/examples/network-bridge xen-p1-0804/tools/examples/network-bridge --- xen-unstable-0804/tools/examples/network-bridge 1969-12-31 16:00:00.000000000 -0800 +++ xen-p1-0804/tools/examples/network-bridge 2005-08-03 20:53:24.000000000 -0700 @@ -0,0 +1,246 @@ +#!/bin/sh +#============================================================================ +# Default Xen network start/stop script. +# Xend calls a network script when it starts. +# The script name to use is defined in /etc/xen/xend-config.sxp +# in the network-script field. +# +# This script creates a bridge (default xen-br0), adds a device +# (default eth0) to it, copies the IP addresses from the device +# to the bridge and adjusts the routes accordingly. +# +# If all goes well, this should ensure that networking stays up. +# However, some configurations are upset by this, especially +# NFS roots. If the bridged setup does not meet your needs, +# configure a different script, for example using routing instead. +# +# Usage: +# +# network (start|stop|status) {VAR=VAL}* +# +# Vars: +# +# bridge The bridge to use (default xen-br0). +# netdev The interface to add to the bridge (default eth0). +# antispoof Whether to use iptables to prevent spoofing (default yes). +# +# start: +# Creates the bridge and enslaves netdev to it. +# Copies the IP addresses from netdev to the bridge. +# Deletes the routes to netdev and adds them on bridge. +# +# stop: +# Removes netdev from the bridge. +# Deletes the routes to bridge and adds them to netdev. +# +# status: +# Print ifconfig for netdev and bridge. +# Print routes. +# +#============================================================================ + +# Exit if anything goes wrong. +set -e + +# First arg is the operation. +OP=$1 +shift + +# Pull variables in args in to environment. +for arg ; do export "${arg}" ; done + +bridge=${bridge:-xen-br0} +netdev=${netdev:-eth0} +antispoof=${antispoof:-yes} + +echo "*network $OP bridge=$bridge netdev=$netdev antispoof=$antispoof" >&2 + +# Usage: transfer_addrs src dst +# Copy all IP addresses (including aliases) from device $src to device $dst. +transfer_addrs () { + local src=$1 + local dst=$2 + # Don't bother if $dst already has IP addresses. + if ip addr show dev ${dst} | egrep -q '^ *inet ' ; then + return + fi + # Address lines start with 'inet' and have the device in them. + # Replace 'inet' with 'ip addr add' and change the device name $src + # to 'dev $src'. + ip addr show dev ${src} | egrep '^ *inet ' | sed -e " +s/inet/ip addr add/ +s@$[0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+/[0-9]\+$@\1@ +s/${src}/dev ${dst}/ +" | sh -e + # Remove automatic routes on destionation device + ip route list | sed -ne " +/dev ${dst}$ \|$$/ { + s/^/ip route del / + p +}" | sh -e +} + +# Usage: del_addrs src +del_addrs () { + local src=$1 + ip addr show dev ${src} | egrep '^ *inet ' | sed -e " +s/inet/ip addr del/ +s@$[0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+$/[0-9]\+@\1@ +s/${src}/dev ${src}/ +" | sh -e +} + +# Usage: transfer_routes src dst +# Get all IP routes to device $src, delete them, and +# add the same routes to device $dst. +# The original routes have to be deleted, otherwise adding them +# for $dst fails (duplicate routes). +transfer_routes () { + local src=$1 + local dst=$2 + # List all routes and grep the ones with $src in. + # Stick 'ip route del' on the front to delete. + # Change $src to $dst and use 'ip route add' to add. + ip route list | sed -ne " +/dev ${src}$ \|$$/ { + h + s/^/ip route del / + P + g + s/${src}/${dst}/ + s/^/ip route add / + P + d +}" | sh -e +} + +# Usage: create_bridge bridge +create_bridge () { + local bridge=$1 + + # Don't create the bridge if it already exists. + if ! brctl show | grep -q ${bridge} ; then + brctl addbr ${bridge} + brctl stp ${bridge} off + brctl setfd ${bridge} 0 + fi + ifconfig ${bridge} up +} + +# Usage: add_to_bridge bridge dev +add_to_bridge () { + local bridge=$1 + local dev=$2 + # Don't add $dev to $bridge if it's already on a bridge. + if ! brctl show | grep -q ${dev} ; then + brctl addif ${bridge} ${dev} + fi +} + +# Usage: antispoofing dev bridge +# Set the default forwarding policy for $dev to drop. +# Allow forwarding to the bridge. +antispoofing () { + local dev=$1 + local bridge=$2 + + iptables -P FORWARD DROP + iptables -A FORWARD -m physdev --physdev-in ${dev} -j ACCEPT +} + +# Usage: show_status dev bridge +# Print ifconfig and routes. +show_status () { + local dev=$1 + local bridge=$2 + + echo '============================================================' + ifconfig ${dev} + ifconfig ${bridge} + echo ' ' + ip route list + echo ' ' + route -n + echo '============================================================' +} + +op_start () { + if [ "${bridge}" == "null" ] ; then + return + fi + + create_bridge ${bridge} + + if ifconfig 2>/dev/null | grep -q veth0 ; then + return + fi + + if ifconfig veth0 2>/dev/null | grep -q veth0 ; then + # Propagate MAC address and ARP responsibilities to virtual interface. + mac=`ifconfig ${netdev} | grep HWadd | sed -e 's/.*$..:..:..:..:..:..$.*/\1/'` + ifconfig veth0 down + ifconfig veth0 hw ether ${mac} + ifconfig veth0 arp up + transfer_addrs ${netdev} veth0 + transfer_routes ${netdev} veth0 + del_addrs ${netdev} + ifconfig ${netdev} -arp down + ifconfig ${netdev} hw ether fe:ff:ff:ff:ff:ff up + # Bring up second half of virtual device and attach it to the bridge. + ifconfig vif0.0 up + add_to_bridge ${bridge} vif0.0 + else + transfer_addrs ${netdev} ${bridge} + transfer_routes ${netdev} ${bridge} + fi + + # Attach the real interface to the bridge. + add_to_bridge ${bridge} ${netdev} + + if [ ${antispoof} == 'yes' ] ; then + antispoofing ${netdev} ${bridge} + fi +} + +op_stop () { + if [ "${bridge}" == "null" ] ; then + return + fi + + brctl delif ${bridge} ${netdev} + + if ifconfig veth0 2>/dev/null | grep -q veth0 ; then + brctl delif ${bridge} vif0.0 + ifconfig vif0.0 down + mac=`ifconfig veth0 | grep HWadd | sed -e 's/.*$..:..:..:..:..:..$.*/\1/'` + ifconfig ${netdev} down + ifconfig ${netdev} hw ether ${mac} + ifconfig ${netdev} arp up + transfer_addrs veth0 ${netdev} + transfer_routes veth0 ${netdev} + del_addrs veth0 + ifconfig veth0 -arp down + ifconfig veth0 hw ether 00:00:00:00:00:00 + else + transfer_routes ${bridge} ${netdev} + fi +} + +case ${OP} in + start) + op_start + ;; + + stop) + op_stop + ;; + + status) + show_status ${netdev} ${bridge} + ;; + + *) + echo 'Unknown command: ' ${OP} >&2 + echo 'Valid commands are: start, stop, status' >&2 + exit 1 +esac diff -urN xen-unstable-0804/tools/examples/README xen-p1-0804/tools/examples/README --- xen-unstable-0804/tools/examples/README 2005-08-03 20:53:24.000000000 -0700 +++ xen-p1-0804/tools/examples/README 2005-08-04 16:27:37.939395892 -0700 @@ -9,8 +9,18 @@ send it (preferably with a little summary to go in this file) to <xen-devel@xxxxxxxxxxxxxxxxxxxxx> so we can add it to this directory. -network - default network setup script called by xend at startup. -vif-bridge - default virtual network interface setup script. +Network setup scripts called by xend on startup: +------------------------------------------------ +network-bridge - for bridging case +network-route - for routing +network-nat - for routing with NAT + +Vif setup script called by xen on startup: +------------------------------------------ +vif-bridge - for bridging case +vif-route - for routing +vif-nat - for routing with NAT + xend-config.sxp - default xend configuration file. xmexample1 - example configuration script for 'xm create'. xmexample2 - a more complex configuration script for 'xm create'. diff -urN xen-unstable-0804/tools/examples/xend-config.sxp xen-p1-0804/tools/examples/xend-config.sxp --- xen-unstable-0804/tools/examples/xend-config.sxp 2005-08-03 20:53:24.000000000 -0700 +++ xen-p1-0804/tools/examples/xend-config.sxp 2005-08-04 16:41:08.504696262 -0700 @@ -26,9 +26,15 @@ # The default script used to control virtual interfaces. #(vif-script vif-route) +## Use the following if VIF traffic is routed/NAT. +# The script used to start/stop networking for xend. +#(network-script network-nat) +# The default script used to control virtual interfaces. +#(vif-script vif-nat) + ## Use the following if VIF traffic is bridged. # The script used to start/stop networking for xend. -(network-script network) +(network-script network-bridge) # The default bridge that virtual interfaces should be connected to. (vif-bridge xen-br0) # The default script used to control virtual interfaces.

_______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.