You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
205 lines
6.2 KiB
205 lines
6.2 KiB
5 years ago
|
#!/bin/sh
|
||
|
|
# $Id: rc.vdenetwork,v 1.7 2011/12/06 14:18:08 root Exp root $
|
||
|
|
# Qemu environment preparation script
|
||
|
|
|
||
|
|
# ---------------------------------------------------------------------------
|
||
|
|
#
|
||
|
|
# After running this startup script, run a QEMU virtual machine in this way:
|
||
|
|
#
|
||
|
|
# qemu-system-x86_64 \
|
||
|
|
# -net vde,sock=/var/run/kvm0.ctl,vlan=0 -net nic,vlan=0 \
|
||
|
|
# [qemu_option [qemu_option], ...]
|
||
|
|
#
|
||
|
|
# This will automatically connect the QEMU virtual machine to the VDE switch.
|
||
|
|
#
|
||
|
|
# ---------------------------------------------------------------------------
|
||
|
|
#
|
||
|
|
# Network type can be one of "route" "bridge" or "nat":
|
||
|
|
# - In "route" mode, the script will expect that the 'routed' daemon is running
|
||
|
|
# on the host (see /etc/rc.d/rc.inet2 to start 'routed'), and will not
|
||
|
|
# create iptables NAT rules.
|
||
|
|
# The virtual network will be routed on the LAN and will be accessible as a
|
||
|
|
# separate network segment (make sure the IP range defined below does not
|
||
|
|
# conflict with existing parts of your network!). The guests will use our
|
||
|
|
# private dnsmasq server to obtain IP addresses.
|
||
|
|
# - In "bridge" mode, the script will try to add the tap device to an existing
|
||
|
|
# network bridge, and will not create iptables NAT rules.
|
||
|
|
# The guests will be seen on the LAN as part of the network.
|
||
|
|
# - In "nat" mode, the script will create iptables NAT rules. These hide the
|
||
|
|
# virtual network behind an internal NAT router. The guests will have full
|
||
|
|
# network access, but will be accessible only from the host.
|
||
|
|
#
|
||
|
|
# ---------------------------------------------------------------------------
|
||
|
|
|
||
|
|
#NETWORKTYPE="route"
|
||
|
|
#NETWORKTYPE="bridge"
|
||
|
|
NETWORKTYPE="nat"
|
||
|
|
|
||
|
|
# Host interfaces that need to be NAT-ed (in case we're not bridging/routing):
|
||
|
|
# Add more interfaces space-separated, like "eth+ wlan+"
|
||
|
|
NAT_IFS="eth+"
|
||
|
|
|
||
|
|
# What is the bridge interface called if we are bridging?
|
||
|
|
BR_DEV=br0
|
||
|
|
|
||
|
|
# What is the name of the tun/tap device we will be using?
|
||
|
|
TAP_DEV=kvm0
|
||
|
|
|
||
|
|
start_tap() {
|
||
|
|
# Load tun module
|
||
|
|
/sbin/modprobe tun 2>/dev/null
|
||
|
|
# Wait for the module to be loaded
|
||
|
|
while ! /bin/lsmod |grep -q "^tun"; do echo Waiting for tun device;sleep 1; done
|
||
|
|
|
||
|
|
# Start tap switch
|
||
|
|
vde_switch --tap ${TAP_DEV} --daemon --group kvm \
|
||
|
|
--sock /var/run/${TAP_DEV}.ctl --pidfile /var/run/${TAP_DEV}_vde.pid \
|
||
|
|
--mod 775 --mgmtmode 770 --mgmt /var/run/${TAP_DEV}-manage
|
||
|
|
|
||
|
|
sleep 1
|
||
|
|
|
||
|
|
# Change pipe permission:
|
||
|
|
#chmod -R a+rwx /var/run/vde.ctl
|
||
|
|
} # End start_tap
|
||
|
|
|
||
|
|
stop_tap() {
|
||
|
|
# Bring tap interface down:
|
||
|
|
ifconfig ${TAP_DEV} down
|
||
|
|
|
||
|
|
# Kill VDE switch:
|
||
|
|
#pgrep -f vde_switch | xargs kill -TERM
|
||
|
|
kill -HUP $(cat /var/run/${TAP_DEV}_vde.pid)
|
||
|
|
|
||
|
|
# Remove the control socket:
|
||
|
|
#rmdir /var/run/vde.ctl
|
||
|
|
} # End stop_tap
|
||
|
|
|
||
|
|
start_localdhcp() {
|
||
|
|
# The IP configuration for the tap device that will be used for
|
||
|
|
# the virtual machine network:
|
||
|
|
|
||
|
|
TAP_IP=10.111.111.254
|
||
|
|
TAP_MASK=255.255.255.0
|
||
|
|
TAP_BCAST=$(/bin/ipmask ${TAP_MASK} ${TAP_IP} | cut -f 1 -d ' ')
|
||
|
|
|
||
|
|
# Definitions for the LAN segment the Qemu virtual machines will be in.
|
||
|
|
# These definitions will be fed to dnsmasq - this program will provide DNS
|
||
|
|
# and DHCP to the Qemu LAN.
|
||
|
|
|
||
|
|
# The VM_IPLOW and VM_IPHIGH addresses must agree with the definitions for
|
||
|
|
# the tap0 device above. These 'low' and 'high' values are the IP address
|
||
|
|
# range for the DHCP server to use.
|
||
|
|
|
||
|
|
VM_DOMAIN=qemu.lan
|
||
|
|
VM_IPLOW=10.111.111.128
|
||
|
|
VM_IPHIGH=10.111.111.199
|
||
|
|
VM_BCAST=${TAP_BCAST}
|
||
|
|
VM_MASK=${TAP_MASK}
|
||
|
|
|
||
|
|
# For additional options to dnsmasq - the commented example specifies that
|
||
|
|
# all DNS lookups for 'my.net' should go to 192.168.1.1;
|
||
|
|
# On the second line you find a configuration for supporting network boot:
|
||
|
|
#DNSMASQ_OPTIONS="--server /my.net/192.168.1.1 \
|
||
|
|
# --dhcp-boot=/pxelinux.0,\"192.168.1.1\",192.168.1.1"
|
||
|
|
DNSMASQ_OPTIONS=""
|
||
|
|
|
||
|
|
# Bring tap interface up
|
||
|
|
ifconfig ${TAP_DEV} ${TAP_IP} broadcast ${TAP_BCAST} netmask ${TAP_MASK}
|
||
|
|
|
||
|
|
# Start dnsmasq, the DNS/DHCP server
|
||
|
|
# for our Virtual Machines behind the tap0 interface.
|
||
|
|
# The '--conf-file' option prevents this instance from reading the default
|
||
|
|
# /etc/dnsmasq.conf settings. Also, binds to the tun interface, to keep it
|
||
|
|
# from interfering with other dnsmasq/named processes running on the host's
|
||
|
|
# primary interfaces.
|
||
|
|
/usr/sbin/dnsmasq \
|
||
|
|
--log-queries \
|
||
|
|
--user=daemon \
|
||
|
|
--dhcp-leasefile=/var/state/dhcp/qemu-dhcpd.leases \
|
||
|
|
--dhcp-range=${VM_IPLOW},${VM_IPHIGH},${VM_MASK},${VM_BCAST},8h \
|
||
|
|
--interface=${TAP_DEV} --except-interface=lo --bind-interfaces \
|
||
|
|
--pid-file=/var/run/${TAP_DEV}_dnsmasq.pid --conf-file \
|
||
|
|
--domain=${VM_DOMAIN} \
|
||
|
|
$DNSMASQ_OPTIONS
|
||
|
|
|
||
|
|
} # End start_localdhcp
|
||
|
|
|
||
|
|
stop_localdhcp() {
|
||
|
|
# Stop dnsmasq
|
||
|
|
#pgrep -f dnsmasq | xargs kill -TERM
|
||
|
|
kill -TERM $(cat /var/run/${TAP_DEV}_dnsmasq.pid) \
|
||
|
|
&& rm -f /var/run/${TAP_DEV}_dnsmasq.pid
|
||
|
|
} # End stop_localdhcp
|
||
|
|
|
||
|
|
start_route() {
|
||
|
|
# We need a private dnsmasq instance in a routed configuration:
|
||
|
|
start_localdhcp
|
||
|
|
} # End start_route
|
||
|
|
|
||
|
|
stop_route() {
|
||
|
|
# We need to stop our private dnsmasq instance in a routed configuration:
|
||
|
|
stop_localdhcp
|
||
|
|
} # End stop_route
|
||
|
|
|
||
|
|
start_nat() {
|
||
|
|
# Start IP Forwarding
|
||
|
|
echo "1" > /proc/sys/net/ipv4/ip_forward
|
||
|
|
for NIC in ${NAT_IFS}; do
|
||
|
|
iptables -t nat -A POSTROUTING -o ${NIC} -j MASQUERADE
|
||
|
|
done
|
||
|
|
|
||
|
|
# We need a private dnsmasq instance in a NAT configuration:
|
||
|
|
start_localdhcp
|
||
|
|
|
||
|
|
} # End start_nat
|
||
|
|
|
||
|
|
stop_nat() {
|
||
|
|
# We need to stop our private dnsmasq in a NAT configuration:
|
||
|
|
stop_localdhcp
|
||
|
|
|
||
|
|
# Delete the NAT rules
|
||
|
|
for NIC in ${NAT_IFS}; do
|
||
|
|
iptables -t nat -D POSTROUTING -o ${NIC} -j MASQUERADE
|
||
|
|
done
|
||
|
|
# Stop IP Forwarding
|
||
|
|
echo "0" > /proc/sys/net/ipv4/ip_forward
|
||
|
|
}
|
||
|
|
|
||
|
|
start_bridge() {
|
||
|
|
# Connect our tap device from the bridge:
|
||
|
|
/sbin/ifconfig $TAP_DEV down
|
||
|
|
/sbin/ifconfig $TAP_DEV 0.0.0.0 promisc up
|
||
|
|
/sbin/brctl addif $BR_DEV $TAP_DEV
|
||
|
|
}
|
||
|
|
|
||
|
|
stop_bridge() {
|
||
|
|
# Disconnect our tap device from the bridge:
|
||
|
|
/sbin/brctl delif $BR_DEV $TAP_DEV
|
||
|
|
}
|
||
|
|
|
||
|
|
# See how we were called.
|
||
|
|
|
||
|
|
case "$1" in
|
||
|
|
start)
|
||
|
|
echo -n "Starting VDE network for QEMU: "
|
||
|
|
|
||
|
|
start_tap
|
||
|
|
start_$NETWORKTYPE
|
||
|
|
echo
|
||
|
|
;;
|
||
|
|
stop)
|
||
|
|
echo -n "Stopping VDE network for QEMU: "
|
||
|
|
stop_$NETWORKTYPE
|
||
|
|
stop_tap
|
||
|
|
echo
|
||
|
|
;;
|
||
|
|
restart|reload)
|
||
|
|
$0 stop
|
||
|
|
sleep 1
|
||
|
|
$0 start
|
||
|
|
;;
|
||
|
|
*)
|
||
|
|
echo "Usage: $0 {start|stop|restart|reload}"
|
||
|
|
exit 1
|
||
|
|
esac
|