Re: [Xen-devel] [patch] xen bridged network setup fixes

On Fri, May 12, 2006 at 12:24:18PM +0200, Gerd Hoffmann wrote:

>   Hi,
> 
> The attached patch fixes the setup of the bridge ports and the bridge
> itself.  Changes:
> 
>   * move some functions to xen-network-common.sh, so both vif-bridge
>     and network-bridge can use them.
>   * add a new function to configure bridge ports and use it.
>   * make sure arp requests, ipv6 autoconfiguration and ipv6 router
>     solicitations are disabled for the bridge ports and also for the
>     bridge itself.
> 
> cheers,
> 
>   Gerd


Could you please make this patch against xen-unstable, not against your
installed machine?  Also, we need a Signed-off-by: line before we can accept
it.

Thanks,

Ewan.

> 
> -- 
> Gerd Hoffmann <kraxel@xxxxxxx>
> Erst mal heiraten, ein, zwei Kinder, und wenn alles läuft
> geh' ich nach drei Jahren mit der Familie an die Börse.
> http://www.suse.de/~kraxel/julika-dora.jpeg

> --- /etc/xen/scripts/vif-bridge.ipv6  2006-05-11 17:23:16.000000000 +0200
> +++ /etc/xen/scripts/vif-bridge       2006-05-12 09:12:12.000000000 +0200
> @@ -48,16 +48,8 @@
>  
>  case "$command" in
>      online)
> -        if brctl show | grep -q "$vif"
> -        then
> -          log debug "$vif already attached to a bridge"
> -          exit 0
> -        fi
> -
> -        brctl addif "$bridge" "$vif" ||
> -          fatal "brctl addif $bridge $vif failed"
> -
> -        ifconfig "$vif" up || fatal "ifconfig $vif up failed"
> +     setup_bridge_port "$vif"
> +     add_to_bridge "$bridge" "$vif"
>          ;;
>  
>      offline)
> --- /etc/xen/scripts/network-bridge.ipv6      2006-05-11 17:23:30.000000000 
> +0200
> +++ /etc/xen/scripts/network-bridge   2006-05-12 10:27:04.000000000 +0200
> @@ -137,29 +137,6 @@
>  }
>  
>  
> -# Usage: create_bridge bridge
> -create_bridge () {
> -    local bridge=$1
> -
> -    # Don't create the bridge if it already exists.
> -    if [ ! -e "/sys/class/net/${bridge}/bridge" ]; then
> -     brctl addbr ${bridge}
> -     brctl stp ${bridge} off
> -     brctl setfd ${bridge} 0
> -    fi
> -    ip link set ${bridge} up
> -}
> -
> -# Usage: add_to_bridge bridge dev
> -add_to_bridge () {
> -    local bridge=$1
> -    local dev=$2
> -    # Don't add $dev to $bridge if it's already on a bridge.
> -    if [ ! -e "/sys/class/net/${bridge}/brif/${dev}" ]; then
> -     brctl addif ${bridge} ${dev}
> -    fi
> -}
> -
>  # Set the default forwarding policy for $dev to drop.
>  # Allow forwarding to the bridge.
>  antispoofing () {
> @@ -220,15 +197,14 @@
>       ifdown ${netdev}
>       ip link set ${netdev} name ${pdev}
>       ip link set ${vdev} name ${netdev}
> -     ip link set ${pdev} down arp off
> -     ip link set ${pdev} addr fe:ff:ff:ff:ff:ff
> -     ip addr flush ${pdev}
> +
> +     setup_bridge_port ${pdev}
> +     setup_bridge_port ${vif0}
>       ip link set ${netdev} addr ${mac} arp on
> -     add_to_bridge ${bridge} ${vif0}
>       ip link set ${bridge} up
> -     ip link set ${vif0} up
> -     ip link set ${pdev} up
> +     add_to_bridge ${bridge} ${vif0}
>       add_to_bridge2 ${bridge} ${pdev}
> +
>          ip link set ${netdev} up
>       ifup ${hwddev}
>      else
> @@ -286,6 +262,7 @@
>      local maxtries=10
>  
>      echo -n "Waiting for ${dev} to negotiate link."
> +    ip link set ${dev} up
>      for i in `seq ${maxtries}` ; do
>       if ifconfig ${dev} | grep -q RUNNING ; then
>           break
> --- /etc/xen/scripts/xen-network-common.sh.ipv6       2006-05-12 
> 08:58:19.000000000 +0200
> +++ /etc/xen/scripts/xen-network-common.sh    2006-05-12 10:41:47.000000000 
> +0200
> @@ -67,3 +67,57 @@
>  {
>    first_file -x /etc/init.d/{dhcp3-server,dhcp,dhcpd}
>  }
> +
> +# configure interfaces which act as pure bridge ports:
> +#  - make quiet: no arp, no ipv6 autoconf
> +#  - set mac address to fe:ff:ff:ff:ff:ff
> +setup_bridge_port() {
> +    local dev="$1"
> +
> +    # take interface down ...
> +    ip link set ${dev} up    # creates ipv6 conf dir
> +    ip link set ${dev} down
> +
> +    # ... and configure
> +    if test -f /proc/sys/net/ipv6/conf/${dev}/autoconf; then
> +     echo 0 > /proc/sys/net/ipv6/conf/${dev}/autoconf
> +     echo 0 > /proc/sys/net/ipv6/conf/${dev}/router_solicitations
> +    fi
> +    ip link set ${dev} arp off
> +    ip link set ${dev} addr fe:ff:ff:ff:ff:ff
> +    ip addr flush ${dev}
> +}
> +
> +# Usage: create_bridge bridge
> +create_bridge () {
> +    local bridge=$1
> +
> +    # Don't create the bridge if it already exists.
> +    if [ ! -e "/sys/class/net/${bridge}/bridge" ]; then
> +     brctl addbr ${bridge}
> +     brctl stp ${bridge} off
> +     brctl setfd ${bridge} 0
> +        ip link set ${bridge} arp off
> +     ip link set ${bridge} up        # creates ipv6 conf dir
> +     if test -f /proc/sys/net/ipv6/conf/${bridge}/autoconf; then
> +         echo 0 > /proc/sys/net/ipv6/conf/${bridge}/autoconf
> +         echo 0 > /proc/sys/net/ipv6/conf/${bridge}/router_solicitations
> +     fi
> +    else
> +     ip link set ${bridge} up
> +    fi
> +}
> +
> +# Usage: add_to_bridge bridge dev
> +add_to_bridge () {
> +    local bridge=$1
> +    local dev=$2
> +
> +    # Don't add $dev to $bridge if it's already on a bridge.
> +    if [ -e "/sys/class/net/${bridge}/brif/${dev}" ]; then
> +     return
> +    fi
> +    brctl addif ${bridge} ${dev}
> +    ip link set ${dev} up
> +}
> +

> _______________________________________________
> Xen-devel mailing list
> Xen-devel@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-devel


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
WARNING - OLD ARCHIVES

xen-devel

Re: [Xen-devel] [patch] xen bridged network setup fixes
