X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~mdw/git/tripe/blobdiff_plain/9cda68ab3974b1f2c08a5896929890bf4a973e9a..HEAD:/svc/tripe-ifup.in diff --git a/svc/tripe-ifup.in b/svc/tripe-ifup.in index 059c250b..63b5b2d6 100644 --- a/svc/tripe-ifup.in +++ b/svc/tripe-ifup.in @@ -24,6 +24,18 @@ export PATH TRIPEDIR ## Determine whether we have IPv6 support. if [ -d /proc/sys/net/ipv6 ]; then have6=t; else have6=nil; fi +###-------------------------------------------------------------------------- +### Error handling. + +win=t +try () { + if "$@"; then :; else + rc=$? + tripectl warn tripe-ifup command-failed rc=$rc "$*" + win=nil + fi +} + ###-------------------------------------------------------------------------- ### Collect arguments. @@ -34,11 +46,16 @@ fi peer=$1 ifname=$2 family=$3; shift 3 ## Parse the address family. +case "$family" in + INET) ipsz=20 ;; + INET6) ipsz=40 ;; + *) echo >&2 "$0: unknown address family $family"; exit 1 ;; +esac case "$family,$#" in - INET,1) addr=$1 port=4070 ;; - INET,2) addr=$1 port=$2 ;; - INET,*) echo >&2 "$0: bad INET address"; exit 1 ;; - *) echo >&2 "$0: unknown address family $family"; exit 1 ;; + INET,1 | INET6,1) addr=$1 port=4070 ;; + INET,2 | INET6,2) addr=$1 port=$2 ;; + INET,* | INET6,*) echo >&2 "$0: bad $family address"; exit 1 ;; + *) echo >&2 "$0: unknown address family $family"; exit 1 ;; esac ###-------------------------------------------------------------------------- @@ -46,14 +63,14 @@ esac case "${P_IFNAME+set}" in set) - ip link set "$ifname" name "$P_IFNAME" + try ip link set "$ifname" name "$P_IFNAME" ifname=$P_IFNAME $tripectl setifname "$peer" "$ifname" ;; esac ###-------------------------------------------------------------------------- -### Configure the point-to-point link. +### Configure the link. ## Split local addresses into v4 and v6 lists. unset l4addr l6addr @@ -80,13 +97,13 @@ haveaddr4=nil set -- $l4addr case $#,${r4addr+set} in [1-9]*,set) - ip addr add "$1" peer "$r4addr" dev "$ifname" + try ip addr add "$1" peer "$r4addr" dev "$ifname" haveaddr4=t shift ;; esac for a in "$@"; do - ip addr add "$a/32" dev "$ifname" + try ip addr add "$a" dev "$ifname" haveaddr4=t done @@ -96,13 +113,17 @@ haveaddr6=nil set -- $l6addr case $have6,$# in t,[1-9]*) + + ## If we're configured to set IPv6 addresses then we should ensure that + ## they're going to work, even if the default setting for new interfaces + ## is to disable IPv6. + try sysctl -q net.ipv6.conf."$ifname".disable_ipv6=0 + + ## Now add the source and destination addresses. for a in "$@"; do - ip addr add "$a/128" dev "$ifname" + try ip addr add "$a" dev "$ifname" haveaddr6=t done - case ${r6addr+set} in - set) ip route add $r6addr/128 proto static dev "$ifname" ;; - esac ;; esac @@ -118,10 +139,22 @@ case $haveaddr4,$haveaddr6 in mtu=$P_MTU;; *) pathmtu=$(pathmtu "$addr") - mtu=$(expr "$pathmtu" - 33 - $A_CIPHER_BLKSZ - $A_MAC_TAGSZ) + mtu=$(( $pathmtu - $ipsz - 9 - $A_BULK_OVERHEAD )) ;; esac - ip link set dev "$ifname" up mtu "$mtu" + try ip link set dev "$ifname" up mtu "$mtu" + ;; +esac + +###-------------------------------------------------------------------------- +### Set the peer IPv6 address if any. + +## IPv6 point-to-point links seem broken in Linux. Attach the local and +## remote addresses by hand. +set -- $l6addr +case $have6,$#,${r6addr+set} in + t,[1-9]*,set) + try ip route add $r6addr proto static dev "$ifname" ;; esac @@ -142,7 +175,7 @@ set -- $route4 case $haveaddr4,$# in t,[1-9]*) for p in "$@"; do - ip route add $p proto static via "$r4addr" + try ip route add $p proto static via "$r4addr" done ;; esac @@ -152,7 +185,7 @@ set -- $route6 case $haveaddr6,$# in t,[1-9]*) for p in "$@"; do - ip route add $p proto static via "$r6addr" + try ip route add $p proto static via "${r6addr%/*}" done ;; esac @@ -169,6 +202,9 @@ esac ###-------------------------------------------------------------------------- ### Issue a notification that we've won. -$tripectl notify tripe-ifup configured "$peer" +case $win in + t) $tripectl notify tripe-ifup configured "$peer" ;; + nil) $tripectl notify tripe-ifup configured "$peer" failed ;; +esac ###----- That's all, folks --------------------------------------------------