-
Notifications
You must be signed in to change notification settings - Fork 0
/
start.sh
executable file
·72 lines (58 loc) · 2.43 KB
/
start.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
#!/bin/sh
set -e
. "`dirname $0`"/settings
. "`dirname $0`"/tools
if namespace_exists router-pub || namespace_exists router-priv; then
echo "Westnetz2 already set up" >&2
exit 0
fi
# General network preferences
echo 0 > /proc/sys/net/ipv4/ip_forward
echo 0 > /proc/sys/net/ipv4/conf/default/accept_redirects
echo 1 > /proc/sys/net/ipv6/conf/default/disable_ipv6
echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6
# Turn of br_netfilter, bleh
modprobe bridge || true
echo 0 > /proc/sys/net/bridge/bridge-nf-call-arptables \
|| echo 0 > /sys/devices/virtual/net/br-int/bridge/nf_call_arptables
echo 0 > /proc/sys/net/bridge/bridge-nf-call-iptables \
|| echo 0 > /sys/devices/virtual/net/br-int/bridge/nf_call_iptables
echo 0 > /proc/sys/net/bridge/bridge-nf-call-ip6tables \
|| echo 0 > /sys/devices/virtual/net/br-int/bridge/nf_call_ip6tables
ip link set ${MAIN_DEVICE} up
ip link set ${UPLINK_DEVICE} up
# Create the router namespaces
ip netns add router-pub
ip netns add router-priv
# Place uplink vlan in router-pub
ip link add link ${UPLINK_DEVICE} ${RTR_PUBLIC_UPLINK} type vlan id ${UPLINK_VLAN}
ip link set ${RTR_PUBLIC_UPLINK} netns router-pub
# Interconnect router-pub to router-priv for public NAT-pool
if [ x"$NAT_EXTERNAL" != x"yes" ]; then
ip link add ${RTR_PUBLIC_CGN_DOWNLINK} netns router-pub type veth peer name ${RTR_PRIVATE_UPLINK} netns router-priv
else
ip link set ${NAT_DEVICE} up
ip link add link ${NAT_DEVICE} ${RTR_PUBLIC_CGN_DOWNLINK} netns router-pub type vlan id ${NAT_VLAN_PUB}
ip link add link ${NAT_DEVICE} ${RTR_PRIVATE_UPLINK} netns router-priv type vlan id ${NAT_VLAN_PRIV}
fi
# Create Bridge for customer traffic to/from routers
brctl addbr br-int
ip link add veth-pub type veth peer name ${RTR_PUBLIC_TRUNK} netns router-pub
brctl addif br-int veth-pub
ip link set veth-pub up
ip link add veth-priv type veth peer name ${RTR_PRIVATE_TRUNK} netns router-priv
brctl addif br-int veth-priv
ip link set veth-priv up
brctl addif br-int ${MAIN_DEVICE}
ip link set br-int up
# Turn off IGMP snooping on bridge
echo 0 > /sys/devices/virtual/net/br-int/bridge/multicast_snooping
if [ -x "/etc/westnetz.start.hook" ]; then
/etc/westnetz.start.hook
fi
# Setup the actual router configuration
echo "=== On public router ===" >&2
ip netns exec router-pub "`dirname $0`/scripts/router-public-start.sh"
echo "=== On private router ===" >&2
ip netns exec router-priv "`dirname $0`/scripts/router-private-start.sh"
`dirname $0`/scripts/setup-qos.sh