svc/tripe-ifup.in: Don't set remote IPv6 address until interface is up.

[tripe] / svc / tripe-ifup.in

diff --git a/svc/tripe-ifup.in b/svc/tripe-ifup.in
index 059c250b14f9a4f93c69a4a2e643992122c97dbb..80a315b753b3d7842d75c768c267252b3206b295 100644 (file)
--- a/svc/tripe-ifup.in
+++ b/svc/tripe-ifup.in
@@ -24,6 +24,18 @@ export PATH TRIPEDIR
 ## Determine whether we have IPv6 support.
 if [ -d /proc/sys/net/ipv6 ]; then have6=t; else have6=nil; fi
 
+###--------------------------------------------------------------------------
+### Error handling.
+
+win=t
+try () {
+  if "$@"; then :; else
+    rc=$?
+    tripectl warn tripe-ifup command-failed rc=$rc "$*"
+    win=nil
+  fi
+}
+
 ###--------------------------------------------------------------------------
 ### Collect arguments.
 
@@ -46,14 +58,14 @@ esac
 
 case "${P_IFNAME+set}" in
   set)
-    ip link set "$ifname" name "$P_IFNAME"
+    try ip link set "$ifname" name "$P_IFNAME"
     ifname=$P_IFNAME
     $tripectl setifname "$peer" "$ifname"
     ;;
 esac
 
 ###--------------------------------------------------------------------------
-### Configure the point-to-point link.
+### Configure the link.
 
 ## Split local addresses into v4 and v6 lists.
 unset l4addr l6addr
@@ -80,13 +92,13 @@ haveaddr4=nil
 set -- $l4addr
 case $#,${r4addr+set} in
   [1-9]*,set)
-    ip addr add "$1" peer "$r4addr" dev "$ifname"
+    try ip addr add "$1" peer "$r4addr" dev "$ifname"
     haveaddr4=t
     shift
     ;;
 esac
 for a in "$@"; do
-  ip addr add "$a/32" dev "$ifname"
+  try ip addr add "$a" dev "$ifname"
   haveaddr4=t
 done
 
@@ -96,13 +108,17 @@ haveaddr6=nil
 set -- $l6addr
 case $have6,$# in
   t,[1-9]*)
+
+    ## If we're configured to set IPv6 addresses then we should ensure that
+    ## they're going to work, even if the default setting for new interfaces
+    ## is to disable IPv6.
+    try sysctl -q net.ipv6.conf."$ifname".disable_ipv6=0
+
+    ## Now add the source and destination addresses.
     for a in "$@"; do
-      ip addr add "$a/128" dev "$ifname"
+      try ip addr add "$a" dev "$ifname"
       haveaddr6=t
     done
-    case ${r6addr+set} in
-      set) ip route add $r6addr/128 proto static dev "$ifname" ;;
-    esac
     ;;
 esac
 
@@ -118,10 +134,22 @@ case $haveaddr4,$haveaddr6 in
        mtu=$P_MTU;;
       *)
        pathmtu=$(pathmtu "$addr")
-       mtu=$(expr "$pathmtu" - 33 - $A_CIPHER_BLKSZ - $A_MAC_TAGSZ)
+       mtu=$(expr "$pathmtu" - 29 - $A_BULK_OVERHEAD)
        ;;
     esac
-    ip link set dev "$ifname" up mtu "$mtu"
+    try ip link set dev "$ifname" up mtu "$mtu"
+    ;;
+esac
+
+###--------------------------------------------------------------------------
+### Set the peer IPv6 address if any.
+
+## IPv6 point-to-point links seem broken in Linux.  Attach the local and
+## remote addresses by hand.
+set -- $l6addr
+case $have6,$#,${r6addr+set} in
+  t,[1-9]*,set)
+    try ip route add $r6addr proto static dev "$ifname"
     ;;
 esac
 
@@ -142,7 +170,7 @@ set -- $route4
 case $haveaddr4,$# in
   t,[1-9]*)
     for p in "$@"; do
-      ip route add $p proto static via "$r4addr"
+      try ip route add $p proto static via "$r4addr"
     done
     ;;
 esac
@@ -152,7 +180,7 @@ set -- $route6
 case $haveaddr6,$# in
   t,[1-9]*)
     for p in "$@"; do
-      ip route add $p proto static via "$r6addr"
+      try ip route add $p proto static via "${r6addr%/*}"
     done
     ;;
 esac
@@ -169,6 +197,9 @@ esac
 ###--------------------------------------------------------------------------
 ### Issue a notification that we've won.
 
-$tripectl notify tripe-ifup configured "$peer"
+case $win in
+  t) $tripectl notify tripe-ifup configured "$peer" ;;
+  nil) $tripectl notify tripe-ifup configured "$peer" failed ;;
+esac
 
 ###----- That's all, folks --------------------------------------------------