You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

205 lines
6.2 KiB

5 years ago
#!/bin/sh
# $Id: rc.vdenetwork,v 1.7 2011/12/06 14:18:08 root Exp root $
# Qemu environment preparation script
# ---------------------------------------------------------------------------
#
# After running this startup script, run a QEMU virtual machine in this way:
#
# qemu-system-x86_64 \
# -net vde,sock=/var/run/kvm0.ctl,vlan=0 -net nic,vlan=0 \
# [qemu_option [qemu_option], ...]
#
# This will automatically connect the QEMU virtual machine to the VDE switch.
#
# ---------------------------------------------------------------------------
#
# Network type can be one of "route" "bridge" or "nat":
# - In "route" mode, the script will expect that the 'routed' daemon is running
# on the host (see /etc/rc.d/rc.inet2 to start 'routed'), and will not
# create iptables NAT rules.
# The virtual network will be routed on the LAN and will be accessible as a
# separate network segment (make sure the IP range defined below does not
# conflict with existing parts of your network!). The guests will use our
# private dnsmasq server to obtain IP addresses.
# - In "bridge" mode, the script will try to add the tap device to an existing
# network bridge, and will not create iptables NAT rules.
# The guests will be seen on the LAN as part of the network.
# - In "nat" mode, the script will create iptables NAT rules. These hide the
# virtual network behind an internal NAT router. The guests will have full
# network access, but will be accessible only from the host.
#
# ---------------------------------------------------------------------------
#NETWORKTYPE="route"
#NETWORKTYPE="bridge"
NETWORKTYPE="nat"
# Host interfaces that need to be NAT-ed (in case we're not bridging/routing):
# Add more interfaces space-separated, like "eth+ wlan+"
NAT_IFS="eth+"
# What is the bridge interface called if we are bridging?
BR_DEV=br0
# What is the name of the tun/tap device we will be using?
TAP_DEV=kvm0
start_tap() {
# Load tun module
/sbin/modprobe tun 2>/dev/null
# Wait for the module to be loaded
while ! /bin/lsmod |grep -q "^tun"; do echo Waiting for tun device;sleep 1; done
# Start tap switch
vde_switch --tap ${TAP_DEV} --daemon --group kvm \
--sock /var/run/${TAP_DEV}.ctl --pidfile /var/run/${TAP_DEV}_vde.pid \
--mod 775 --mgmtmode 770 --mgmt /var/run/${TAP_DEV}-manage
sleep 1
# Change pipe permission:
#chmod -R a+rwx /var/run/vde.ctl
} # End start_tap
stop_tap() {
# Bring tap interface down:
ifconfig ${TAP_DEV} down
# Kill VDE switch:
#pgrep -f vde_switch | xargs kill -TERM
kill -HUP $(cat /var/run/${TAP_DEV}_vde.pid)
# Remove the control socket:
#rmdir /var/run/vde.ctl
} # End stop_tap
start_localdhcp() {
# The IP configuration for the tap device that will be used for
# the virtual machine network:
TAP_IP=10.111.111.254
TAP_MASK=255.255.255.0
TAP_BCAST=$(/bin/ipmask ${TAP_MASK} ${TAP_IP} | cut -f 1 -d ' ')
# Definitions for the LAN segment the Qemu virtual machines will be in.
# These definitions will be fed to dnsmasq - this program will provide DNS
# and DHCP to the Qemu LAN.
# The VM_IPLOW and VM_IPHIGH addresses must agree with the definitions for
# the tap0 device above. These 'low' and 'high' values are the IP address
# range for the DHCP server to use.
VM_DOMAIN=qemu.lan
VM_IPLOW=10.111.111.128
VM_IPHIGH=10.111.111.199
VM_BCAST=${TAP_BCAST}
VM_MASK=${TAP_MASK}
# For additional options to dnsmasq - the commented example specifies that
# all DNS lookups for 'my.net' should go to 192.168.1.1;
# On the second line you find a configuration for supporting network boot:
#DNSMASQ_OPTIONS="--server /my.net/192.168.1.1 \
# --dhcp-boot=/pxelinux.0,\"192.168.1.1\",192.168.1.1"
DNSMASQ_OPTIONS=""
# Bring tap interface up
ifconfig ${TAP_DEV} ${TAP_IP} broadcast ${TAP_BCAST} netmask ${TAP_MASK}
# Start dnsmasq, the DNS/DHCP server
# for our Virtual Machines behind the tap0 interface.
# The '--conf-file' option prevents this instance from reading the default
# /etc/dnsmasq.conf settings. Also, binds to the tun interface, to keep it
# from interfering with other dnsmasq/named processes running on the host's
# primary interfaces.
/usr/sbin/dnsmasq \
--log-queries \
--user=daemon \
--dhcp-leasefile=/var/state/dhcp/qemu-dhcpd.leases \
--dhcp-range=${VM_IPLOW},${VM_IPHIGH},${VM_MASK},${VM_BCAST},8h \
--interface=${TAP_DEV} --except-interface=lo --bind-interfaces \
--pid-file=/var/run/${TAP_DEV}_dnsmasq.pid --conf-file \
--domain=${VM_DOMAIN} \
$DNSMASQ_OPTIONS
} # End start_localdhcp
stop_localdhcp() {
# Stop dnsmasq
#pgrep -f dnsmasq | xargs kill -TERM
kill -TERM $(cat /var/run/${TAP_DEV}_dnsmasq.pid) \
&& rm -f /var/run/${TAP_DEV}_dnsmasq.pid
} # End stop_localdhcp
start_route() {
# We need a private dnsmasq instance in a routed configuration:
start_localdhcp
} # End start_route
stop_route() {
# We need to stop our private dnsmasq instance in a routed configuration:
stop_localdhcp
} # End stop_route
start_nat() {
# Start IP Forwarding
echo "1" > /proc/sys/net/ipv4/ip_forward
for NIC in ${NAT_IFS}; do
iptables -t nat -A POSTROUTING -o ${NIC} -j MASQUERADE
done
# We need a private dnsmasq instance in a NAT configuration:
start_localdhcp
} # End start_nat
stop_nat() {
# We need to stop our private dnsmasq in a NAT configuration:
stop_localdhcp
# Delete the NAT rules
for NIC in ${NAT_IFS}; do
iptables -t nat -D POSTROUTING -o ${NIC} -j MASQUERADE
done
# Stop IP Forwarding
echo "0" > /proc/sys/net/ipv4/ip_forward
}
start_bridge() {
# Connect our tap device from the bridge:
/sbin/ifconfig $TAP_DEV down
/sbin/ifconfig $TAP_DEV 0.0.0.0 promisc up
/sbin/brctl addif $BR_DEV $TAP_DEV
}
stop_bridge() {
# Disconnect our tap device from the bridge:
/sbin/brctl delif $BR_DEV $TAP_DEV
}
# See how we were called.
case "$1" in
start)
echo -n "Starting VDE network for QEMU: "
start_tap
start_$NETWORKTYPE
echo
;;
stop)
echo -n "Stopping VDE network for QEMU: "
stop_$NETWORKTYPE
stop_tap
echo
;;
restart|reload)
$0 stop
sleep 1
$0 start
;;
*)
echo "Usage: $0 {start|stop|restart|reload}"
exit 1
esac