set -e
+## Import compile-time configuration.
: ${bindir=@bindir@}
: ${tripectl=$bindir/tripectl}
PATH=/usr/bin:/usr/sbin:/bin:/sbin:$bindir
export PATH TRIPEDIR
+## Determine whether we have IPv6 support.
+if [ -d /proc/sys/net/ipv6 ]; then have6=t; else have6=nil; fi
+
+###--------------------------------------------------------------------------
+### Error handling.
+
+win=t
+try () {
+ if "$@"; then :; else
+ rc=$?
+ tripectl warn tripe-ifup command-failed rc=$rc "$*"
+ win=nil
+ fi
+}
+
###--------------------------------------------------------------------------
### Collect arguments.
case "${P_IFNAME+set}" in
set)
- ip link set "$ifname" name "$P_IFNAME"
+ try ip link set "$ifname" name "$P_IFNAME"
ifname=$P_IFNAME
$tripectl setifname "$peer" "$ifname"
;;
esac
###--------------------------------------------------------------------------
-### Configure the point-to-point link.
+### Configure the link.
+
+## Split local addresses into v4 and v6 lists.
+unset l4addr l6addr
+for a in $P_LADDR; do
+ case "$a" in
+ *:*) l6addr=${l6addr+$l6addr }$a ;;
+ *) l4addr=${l4addr+$l4addr }$a ;;
+ esac
+done
+
+## Determine the remote v4 and v6 addresses. We only allow one remote
+## address for each: others can be added as routes.
+unset r4addr r6addr
+for a in $P_RADDR; do
+ case "$a" in
+ *:*) r6addr=$a ;;
+ *) r4addr=$a ;;
+ esac
+done
+
+## Configure the first v4 address as point-to-point; add the others as plain
+## addresses.
+haveaddr4=nil
+set -- $l4addr
+case $#,${r4addr+set} in
+ [1-9]*,set)
+ try ip addr add "$1" peer "$r4addr" dev "$ifname"
+ haveaddr4=t
+ shift
+ ;;
+esac
+for a in "$@"; do
+ try ip addr add "$a" dev "$ifname"
+ haveaddr4=t
+done
+
+## IPv6 point-to-point links seem broken in Linux. Attach the local and
+## remote addresses by hand.
+haveaddr6=nil
+set -- $l6addr
+case $have6,$# in
+ t,[1-9]*)
+
+ ## If we're configured to set IPv6 addresses then we should ensure that
+ ## they're going to work, even if the default setting for new interfaces
+ ## is to disable IPv6.
+ try sysctl -q net.ipv6.conf."$ifname".disable_ipv6=0
+
+ ## Now add the source and destination addresses.
+ for a in "$@"; do
+ try ip addr add "$a" dev "$ifname"
+ haveaddr6=t
+ done
+ case ${r6addr+set} in
+ set) try ip route add $r6addr proto static dev "$ifname" ;;
+ esac
+ ;;
+esac
+
+###--------------------------------------------------------------------------
+### Bring the interface up.
-ifup=no
-case "${P_LADDR+set},${P_RADDR+set}" in
- set,set)
+case $haveaddr4,$haveaddr6 in
+ nil,nil)
+ ;;
+ *)
case "${P_MTU+set}" in
- set) mtu=$P_MTU;;
+ set)
+ mtu=$P_MTU;;
*)
pathmtu=$(pathmtu "$addr")
- mtu=$(expr "$pathmtu" - 33 - $A_CIPHER_BLKSZ - $A_MAC_TAGSZ)
+ mtu=$(expr "$pathmtu" - 29 - $A_BULK_OVERHEAD)
;;
esac
- ifconfig "$ifname" "$P_LADDR" pointopoint "$P_RADDR" up mtu "$mtu"
- ifup=yes
+ try ip link set dev "$ifname" up mtu "$mtu"
;;
esac
###--------------------------------------------------------------------------
### Set up routing.
-case "$ifup,${P_NETS+set}" in
- yes,set)
- for net in $P_NETS; do
- route add -net $net gw "$P_RADDR" dev "$ifname" metric 2
+## Split the routes into v4 and v6 lists.
+unset route4 route6
+for p in $P_NETS; do
+ case "$p" in
+ *:*) route6=${route6+$route6 }$p ;;
+ *) route4=${route4+$route4 }$p ;;
+ esac
+done
+
+## Add the v4 routes.
+set -- $route4
+case $haveaddr4,$# in
+ t,[1-9]*)
+ for p in "$@"; do
+ try ip route add $p proto static via "$r4addr"
+ done
+ ;;
+esac
+
+## Add the v6 routes.
+set -- $route6
+case $haveaddr6,$# in
+ t,[1-9]*)
+ for p in "$@"; do
+ try ip route add $p proto static via "${r6addr%/*}"
done
;;
esac
###--------------------------------------------------------------------------
### Issue a notification that we've won.
-$tripectl notify tripe-ifup configured "$peer"
+case $win in
+ t) $tripectl notify tripe-ifup configured "$peer" ;;
+ nil) $tripectl notify tripe-ifup configured "$peer" failed ;;
+esac
###----- That's all, folks --------------------------------------------------