* [PATCH]Change default network schema in network-bridge
@ 2009-06-23 5:07 Zhigang Wang
2009-06-23 9:01 ` Daniel P. Berrange
0 siblings, 1 reply; 5+ messages in thread
From: Zhigang Wang @ 2009-06-23 5:07 UTC (permalink / raw)
To: xen-devel, berrange
[-- Attachment #1: Type: text/plain, Size: 930 bytes --]
hi,
the default network-bridge renames network interfaces and often confuse people.
this patch changes the network-bridge schema to:
# start:
# Creates the bridge
# Copies the IP and MAC addresses from netdev to bridge
# Enslaves netdev to bridge
#
# stop:
# Removes netdev from the bridge
# Transfers addresses, routes from bridge to netdev
# Deletes bridge
No rename will be performed. Eg.
# brctl show
bridge name bridge id STP enabled interfaces
xenbr0 8000.000e0cd85dfe no eth0
IP/route will be transfered to xenbr0 at start.
I also add a extra script network-bridges to perform on all ethernet cards.
and network-dummy if user doesn't want to xend to manage dom0 networking.
This patch obsolete my last patch, titled: [PATCH]Fix network-bridge ifup problem.
CC to Daniel for comments.
Signed-off-by: Zhigang Wang <zhigang.x.wang@oracle.com>
thanks,
zhigang
[-- Attachment #2: xen-change-network-bridge-schema.patch --]
[-- Type: text/x-patch, Size: 8104 bytes --]
diff -Nurp xen-unstable.orig/tools/hotplug/Linux/Makefile xen-unstable/tools/hotplug/Linux/Makefile
--- xen-unstable.orig/tools/hotplug/Linux/Makefile 2009-06-23 11:34:24.000000000 +0800
+++ xen-unstable/tools/hotplug/Linux/Makefile 2009-06-23 11:48:09.000000000 +0800
@@ -8,6 +8,7 @@ XENDOMAINS_SYSCONFIG = init.d/sysconfig.
# Xen script dir and scripts to go there.
XEN_SCRIPTS = network-bridge vif-bridge
+XEN_SCRIPTS += network-bridges network-dummy
XEN_SCRIPTS += network-route vif-route
XEN_SCRIPTS += network-nat vif-nat
XEN_SCRIPTS += block
diff -Nurp xen-unstable.orig/tools/hotplug/Linux/network-bridge xen-unstable/tools/hotplug/Linux/network-bridge
--- xen-unstable.orig/tools/hotplug/Linux/network-bridge 2009-06-23 11:34:25.000000000 +0800
+++ xen-unstable/tools/hotplug/Linux/network-bridge 2009-06-23 11:48:26.000000000 +0800
@@ -5,7 +5,7 @@
# The script name to use is defined in /etc/xen/xend-config.sxp
# in the network-script field.
#
-# This script creates a bridge (default ${netdev}), adds a device
+# This script creates a bridge (default xenbr0), adds a device
# (defaults to the device on the default gateway route) to it, copies
# the IP addresses from the device to the bridge and adjusts the routes
# accordingly.
@@ -21,27 +21,19 @@
#
# Vars:
#
-# bridge The bridge to use (default ${netdev}).
-# netdev The interface to add to the bridge (default gateway device).
+# bridge The bridge to use (default xenbr0).
+# netdev The interface to add to the bridge (default gateway device or eth0).
# antispoof Whether to use iptables to prevent spoofing (default no).
#
-# Internal Vars:
-# pdev="p${netdev}"
-# tdev=tmpbridge
-#
# start:
-# Creates the bridge as tdev
-# Copies the IP and MAC addresses from pdev to bridge
-# Renames netdev to be pdev
-# Renames tdev to bridge
-# Enslaves pdev to bridge
+# Creates the bridge
+# Copies the IP and MAC addresses from netdev to bridge
+# Enslaves netdev to bridge
#
# stop:
-# Removes pdev from the bridge
-# Transfers addresses, routes from bridge to pdev
-# Renames bridge to tdev
-# Renames pdev to netdev
-# Deletes tdev
+# Removes netdev from the bridge
+# Transfers addresses, routes from bridge to netdev
+# Deletes bridge
#
# status:
# Print addresses, interfaces, routes
@@ -56,6 +48,9 @@ dir=$(dirname "$0")
findCommand "$@"
evalVariables "$@"
+bridge=${bridge:-xenbr0}
+antispoof=${antispoof:-no}
+
is_network_root () {
local rootfs=$(awk '{ if ($1 !~ /^[ \t]*#/ && $2 == "/") { print $3; }}' /etc/mtab)
local rootopts=$(awk '{ if ($1 !~ /^[ \t]*#/ && $2 == "/") { print $4; }}' /etc/mtab)
@@ -83,23 +78,6 @@ find_alt_device () {
echo "$ifs"
}
-netdev=${netdev:-$(ip route list 0.0.0.0/0 | \
- sed 's/.*dev \([a-z]\+[0-9]\+\).*$/\1/')}
-if is_network_root ; then
- altdevs=$(find_alt_device $netdev)
- for netdev in $altdevs; do break; done
- if [ -z "$netdev" ]; then
- [ -x /usr/bin/logger ] && /usr/bin/logger "network-bridge: bridging not supported on network root; not starting"
- exit
- fi
-fi
-netdev=${netdev:-eth0}
-bridge=${bridge:-${netdev}}
-antispoof=${antispoof:-no}
-
-pdev="p${netdev}"
-tdev=tmpbridge
-
get_ip_info() {
addr_pfx=`ip addr show dev $1 | egrep '^ *inet' | sed -e 's/ *inet //' -e 's/ .*//'`
gateway=`ip route show dev $1 | fgrep default | sed 's/default via //'`
@@ -111,9 +89,9 @@ do_ifup() {
# use the info from get_ip_info()
ip addr flush $1
ip addr add ${addr_pfx} dev $1
- ip link set dev $1 up
- [ -n "$gateway" ] && ip route add default via ${gateway}
fi
+ ip link set dev $1 up
+ [ -n "$gateway" ] && ip route add default via ${gateway}
fi
}
@@ -188,17 +166,15 @@ link_exists()
antispoofing () {
iptables -P FORWARD DROP
iptables -F FORWARD
- iptables -A FORWARD -m physdev --physdev-in ${pdev} -j ACCEPT
+ iptables -A FORWARD -m physdev --physdev-in ${netdev} -j ACCEPT
}
-# Usage: show_status dev bridge
-# Print ifconfig and routes.
-show_status () {
- local dev=$1
- local bridge=$2
-
+op_status () {
+ netdev=${netdev:-$(brctl show | awk /$bridge/'{print $4}')}
echo '============================================================'
- ip addr show ${dev}
+ if [ -n "${netdev}" ]; then
+ ip addr show ${netdev}
+ fi
ip addr show ${bridge}
echo ' '
brctl show ${bridge}
@@ -210,19 +186,31 @@ show_status () {
}
op_start () {
+ netdev=${netdev:-$(ip route list 0.0.0.0/0 | \
+ sed 's/.*dev \([a-z]\+[0-9]\+\).*$/\1/')}
+ if is_network_root ; then
+ altdevs=$(find_alt_device $netdev)
+ for netdev in $altdevs; do break; done
+ if [ -z "$netdev" ]; then
+ [ -x /usr/bin/logger ] && /usr/bin/logger "network-bridge: bridging not supported on network root; not starting"
+ exit
+ fi
+ fi
+ netdev=${netdev:-eth0}
+
if [ "${bridge}" = "null" ] ; then
return
fi
- if link_exists "$pdev"; then
+ if link_exists "$bridge"; then
# The device is already up.
return
fi
- create_bridge ${tdev}
+ create_bridge ${bridge}
preiftransfer ${netdev}
- transfer_addrs ${netdev} ${tdev}
+ transfer_addrs ${netdev} ${bridge}
# Remember slaves for bonding interface.
if [ -e /sys/class/net/${netdev}/bonding/slaves ]; then
slaves=`cat /sys/class/net/${netdev}/bonding/slaves`
@@ -233,17 +221,15 @@ op_start () {
ip link set ${netdev} down
ip addr flush ${netdev}
fi
- ip link set ${netdev} name ${pdev}
- ip link set ${tdev} name ${bridge}
- setup_bridge_port ${pdev}
+ setup_bridge_port ${netdev}
# Restore slaves
if [ -n "${slaves}" ]; then
- ip link set ${pdev} up
- ifenslave ${pdev} ${slaves}
+ ip link set ${netdev} up
+ ifenslave ${netdev} ${slaves}
fi
- add_to_bridge2 ${bridge} ${pdev}
+ add_to_bridge2 ${bridge} ${netdev}
do_ifup ${bridge}
if [ ${antispoof} = 'yes' ] ; then
@@ -259,21 +245,24 @@ op_stop () {
return
fi
- transfer_addrs ${bridge} ${pdev}
+ netdev=${netdev:-$(brctl show | awk /$bridge/'{print $4}')}
+ if [ -z "${netdev}" ]; then
+ return
+ fi
+
+ transfer_addrs ${bridge} ${netdev}
if ! ifdown ${bridge}; then
get_ip_info ${bridge}
fi
- ip link set ${pdev} down
+ ip link set ${netdev} down
ip addr flush ${bridge}
- brctl delif ${bridge} ${pdev}
+ brctl delif ${bridge} ${netdev}
ip link set ${bridge} down
- ip link set ${bridge} name ${tdev}
- ip link set ${pdev} name ${netdev}
do_ifup ${netdev}
- brctl delbr ${tdev}
+ brctl delbr ${bridge}
}
# adds $dev to $bridge but waits for $dev to be in running state first
@@ -309,7 +298,7 @@ case "$command" in
;;
status)
- show_status ${netdev} ${bridge}
+ op_status
;;
*)
diff -Nurp xen-unstable.orig/tools/hotplug/Linux/network-bridges xen-unstable/tools/hotplug/Linux/network-bridges
--- xen-unstable.orig/tools/hotplug/Linux/network-bridges 1970-01-01 08:00:00.000000000 +0800
+++ xen-unstable/tools/hotplug/Linux/network-bridges 2009-06-23 12:08:09.000000000 +0800
@@ -0,0 +1,19 @@
+#!/bin/bash
+#
+# Runs network-bridge against each ethernet card.
+#
+
+dir=$(dirname "$0")
+
+run_all_ethernets()
+{
+ for f in /sys/class/net/*; do
+ netdev=$(basename $f)
+ if [[ $netdev =~ "^eth[0-9]+$" ]]; then
+ devnum=${netdev:3}
+ $dir/network-bridge "$@" "netdev=${netdev}" "bridge=xenbr${devnum}"
+ fi
+ done
+}
+
+run_all_ethernets "$@"
diff -Nurp xen-unstable.orig/tools/hotplug/Linux/network-dummy xen-unstable/tools/hotplug/Linux/network-dummy
--- xen-unstable.orig/tools/hotplug/Linux/network-dummy 1970-01-01 08:00:00.000000000 +0800
+++ xen-unstable/tools/hotplug/Linux/network-dummy 2009-06-23 12:06:50.000000000 +0800
@@ -0,0 +1,7 @@
+#!/bin/bash
+#
+# Use this script as default network-script if you don't want xend to
+# change dom0 networking.
+#
+
+/bin/true
[-- Attachment #3: Type: text/plain, Size: 138 bytes --]
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH]Change default network schema in network-bridge
2009-06-23 5:07 [PATCH]Change default network schema in network-bridge Zhigang Wang
@ 2009-06-23 9:01 ` Daniel P. Berrange
2009-06-23 9:53 ` Zhigang Wang
2009-06-24 14:38 ` Ian Jackson
0 siblings, 2 replies; 5+ messages in thread
From: Daniel P. Berrange @ 2009-06-23 9:01 UTC (permalink / raw)
To: Zhigang Wang; +Cc: xen-devel
On Tue, Jun 23, 2009 at 01:07:24PM +0800, Zhigang Wang wrote:
> hi,
>
> the default network-bridge renames network interfaces and often confuse people.
>
> this patch changes the network-bridge schema to:
>
> # start:
> # Creates the bridge
> # Copies the IP and MAC addresses from netdev to bridge
> # Enslaves netdev to bridge
> #
> # stop:
> # Removes netdev from the bridge
> # Transfers addresses, routes from bridge to netdev
> # Deletes bridge
>
> No rename will be performed. Eg.
>
> # brctl show
> bridge name bridge id STP enabled interfaces
> xenbr0 8000.000e0cd85dfe no eth0
>
> IP/route will be transfered to xenbr0 at start.
>
> I also add a extra script network-bridges to perform on all ethernet cards.
> and network-dummy if user doesn't want to xend to manage dom0 networking.
>
> This patch obsolete my last patch, titled: [PATCH]Fix network-bridge ifup problem.
>
> CC to Daniel for comments.
I agree with your thought that it makes more sense to just leave the
original device name alone, and not rename anything. The reason it
currently does renaming is that this was closer to the previous version
of network-bridge using netloop, and so made upgrades slightly easier
for existing Xen users.
I don't really have a strong opinion on whether network-bridge should now
be changed again to not do renaming of eth0. These days my recommendation
is for people to set '(network-script /bin/true)' and then just use their
OS distributions network scripts to add a bridge device. The end result
is the same, but this has the advantage that the network is setup correctly
right from start, rather than having to modify it on the fly when apps may
already have started using the network. We've got docs for Fedora/RHEL/
Debian/Ubuntu here
http://wiki.libvirt.org/page/Networking#Bridged_networking_.28aka_.22shared_physical_device.22.29
Regards,
Daniel
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH]Change default network schema in network-bridge
2009-06-23 9:01 ` Daniel P. Berrange
@ 2009-06-23 9:53 ` Zhigang Wang
2009-06-24 14:38 ` Ian Jackson
1 sibling, 0 replies; 5+ messages in thread
From: Zhigang Wang @ 2009-06-23 9:53 UTC (permalink / raw)
To: Daniel P. Berrange, keir.fraser; +Cc: xen-devel
[-- Attachment #1: Type: text/plain, Size: 2303 bytes --]
Daniel P. Berrange wrote:
> On Tue, Jun 23, 2009 at 01:07:24PM +0800, Zhigang Wang wrote:
>> hi,
>>
>> the default network-bridge renames network interfaces and often confuse people.
>>
>> this patch changes the network-bridge schema to:
>>
>> # start:
>> # Creates the bridge
>> # Copies the IP and MAC addresses from netdev to bridge
>> # Enslaves netdev to bridge
>> #
>> # stop:
>> # Removes netdev from the bridge
>> # Transfers addresses, routes from bridge to netdev
>> # Deletes bridge
>>
>> No rename will be performed. Eg.
>>
>> # brctl show
>> bridge name bridge id STP enabled interfaces
>> xenbr0 8000.000e0cd85dfe no eth0
>>
>> IP/route will be transfered to xenbr0 at start.
>>
>> I also add a extra script network-bridges to perform on all ethernet cards.
>> and network-dummy if user doesn't want to xend to manage dom0 networking.
>>
>> This patch obsolete my last patch, titled: [PATCH]Fix network-bridge ifup problem.
>>
>> CC to Daniel for comments.
>
>
>
> I agree with your thought that it makes more sense to just leave the
> original device name alone, and not rename anything. The reason it
> currently does renaming is that this was closer to the previous version
> of network-bridge using netloop, and so made upgrades slightly easier
> for existing Xen users.
>
> I don't really have a strong opinion on whether network-bridge should now
> be changed again to not do renaming of eth0. These days my recommendation
> is for people to set '(network-script /bin/true)' and then just use their
> OS distributions network scripts to add a bridge device. The end result
> is the same, but this has the advantage that the network is setup correctly
> right from start, rather than having to modify it on the fly when apps may
> already have started using the network. We've got docs for Fedora/RHEL/
> Debian/Ubuntu here
>
> http://wiki.libvirt.org/page/Networking#Bridged_networking_.28aka_.22shared_physical_device.22.29
>
> Regards,
> Daniel
Thanks Dan,
It seems at least the network-dummy script is not needed.
Keir, if you have interest to change the default network scripts, this is the new patch.
If not, I'll just upload the scripts to http://wiki.xensource.com/xenwiki/XenNetworking
thanks,
zhigang
[-- Attachment #2: xen-change-network-bridge-schema-v2.patch --]
[-- Type: text/x-patch, Size: 7728 bytes --]
diff -Nurp xen-unstable.orig/tools/hotplug/Linux/Makefile xen-unstable/tools/hotplug/Linux/Makefile
--- xen-unstable.orig/tools/hotplug/Linux/Makefile 2009-06-23 11:34:24.000000000 +0800
+++ xen-unstable/tools/hotplug/Linux/Makefile 2009-06-23 17:46:39.000000000 +0800
@@ -7,7 +7,7 @@ XENDOMAINS_INITD = init.d/xendomains
XENDOMAINS_SYSCONFIG = init.d/sysconfig.xendomains
# Xen script dir and scripts to go there.
-XEN_SCRIPTS = network-bridge vif-bridge
+XEN_SCRIPTS = network-bridge network-bridges vif-bridge
XEN_SCRIPTS += network-route vif-route
XEN_SCRIPTS += network-nat vif-nat
XEN_SCRIPTS += block
diff -Nurp xen-unstable.orig/tools/hotplug/Linux/network-bridge xen-unstable/tools/hotplug/Linux/network-bridge
--- xen-unstable.orig/tools/hotplug/Linux/network-bridge 2009-06-23 11:34:25.000000000 +0800
+++ xen-unstable/tools/hotplug/Linux/network-bridge 2009-06-23 11:48:26.000000000 +0800
@@ -5,7 +5,7 @@
# The script name to use is defined in /etc/xen/xend-config.sxp
# in the network-script field.
#
-# This script creates a bridge (default ${netdev}), adds a device
+# This script creates a bridge (default xenbr0), adds a device
# (defaults to the device on the default gateway route) to it, copies
# the IP addresses from the device to the bridge and adjusts the routes
# accordingly.
@@ -21,27 +21,19 @@
#
# Vars:
#
-# bridge The bridge to use (default ${netdev}).
-# netdev The interface to add to the bridge (default gateway device).
+# bridge The bridge to use (default xenbr0).
+# netdev The interface to add to the bridge (default gateway device or eth0).
# antispoof Whether to use iptables to prevent spoofing (default no).
#
-# Internal Vars:
-# pdev="p${netdev}"
-# tdev=tmpbridge
-#
# start:
-# Creates the bridge as tdev
-# Copies the IP and MAC addresses from pdev to bridge
-# Renames netdev to be pdev
-# Renames tdev to bridge
-# Enslaves pdev to bridge
+# Creates the bridge
+# Copies the IP and MAC addresses from netdev to bridge
+# Enslaves netdev to bridge
#
# stop:
-# Removes pdev from the bridge
-# Transfers addresses, routes from bridge to pdev
-# Renames bridge to tdev
-# Renames pdev to netdev
-# Deletes tdev
+# Removes netdev from the bridge
+# Transfers addresses, routes from bridge to netdev
+# Deletes bridge
#
# status:
# Print addresses, interfaces, routes
@@ -56,6 +48,9 @@ dir=$(dirname "$0")
findCommand "$@"
evalVariables "$@"
+bridge=${bridge:-xenbr0}
+antispoof=${antispoof:-no}
+
is_network_root () {
local rootfs=$(awk '{ if ($1 !~ /^[ \t]*#/ && $2 == "/") { print $3; }}' /etc/mtab)
local rootopts=$(awk '{ if ($1 !~ /^[ \t]*#/ && $2 == "/") { print $4; }}' /etc/mtab)
@@ -83,23 +78,6 @@ find_alt_device () {
echo "$ifs"
}
-netdev=${netdev:-$(ip route list 0.0.0.0/0 | \
- sed 's/.*dev \([a-z]\+[0-9]\+\).*$/\1/')}
-if is_network_root ; then
- altdevs=$(find_alt_device $netdev)
- for netdev in $altdevs; do break; done
- if [ -z "$netdev" ]; then
- [ -x /usr/bin/logger ] && /usr/bin/logger "network-bridge: bridging not supported on network root; not starting"
- exit
- fi
-fi
-netdev=${netdev:-eth0}
-bridge=${bridge:-${netdev}}
-antispoof=${antispoof:-no}
-
-pdev="p${netdev}"
-tdev=tmpbridge
-
get_ip_info() {
addr_pfx=`ip addr show dev $1 | egrep '^ *inet' | sed -e 's/ *inet //' -e 's/ .*//'`
gateway=`ip route show dev $1 | fgrep default | sed 's/default via //'`
@@ -111,9 +89,9 @@ do_ifup() {
# use the info from get_ip_info()
ip addr flush $1
ip addr add ${addr_pfx} dev $1
- ip link set dev $1 up
- [ -n "$gateway" ] && ip route add default via ${gateway}
fi
+ ip link set dev $1 up
+ [ -n "$gateway" ] && ip route add default via ${gateway}
fi
}
@@ -188,17 +166,15 @@ link_exists()
antispoofing () {
iptables -P FORWARD DROP
iptables -F FORWARD
- iptables -A FORWARD -m physdev --physdev-in ${pdev} -j ACCEPT
+ iptables -A FORWARD -m physdev --physdev-in ${netdev} -j ACCEPT
}
-# Usage: show_status dev bridge
-# Print ifconfig and routes.
-show_status () {
- local dev=$1
- local bridge=$2
-
+op_status () {
+ netdev=${netdev:-$(brctl show | awk /$bridge/'{print $4}')}
echo '============================================================'
- ip addr show ${dev}
+ if [ -n "${netdev}" ]; then
+ ip addr show ${netdev}
+ fi
ip addr show ${bridge}
echo ' '
brctl show ${bridge}
@@ -210,19 +186,31 @@ show_status () {
}
op_start () {
+ netdev=${netdev:-$(ip route list 0.0.0.0/0 | \
+ sed 's/.*dev \([a-z]\+[0-9]\+\).*$/\1/')}
+ if is_network_root ; then
+ altdevs=$(find_alt_device $netdev)
+ for netdev in $altdevs; do break; done
+ if [ -z "$netdev" ]; then
+ [ -x /usr/bin/logger ] && /usr/bin/logger "network-bridge: bridging not supported on network root; not starting"
+ exit
+ fi
+ fi
+ netdev=${netdev:-eth0}
+
if [ "${bridge}" = "null" ] ; then
return
fi
- if link_exists "$pdev"; then
+ if link_exists "$bridge"; then
# The device is already up.
return
fi
- create_bridge ${tdev}
+ create_bridge ${bridge}
preiftransfer ${netdev}
- transfer_addrs ${netdev} ${tdev}
+ transfer_addrs ${netdev} ${bridge}
# Remember slaves for bonding interface.
if [ -e /sys/class/net/${netdev}/bonding/slaves ]; then
slaves=`cat /sys/class/net/${netdev}/bonding/slaves`
@@ -233,17 +221,15 @@ op_start () {
ip link set ${netdev} down
ip addr flush ${netdev}
fi
- ip link set ${netdev} name ${pdev}
- ip link set ${tdev} name ${bridge}
- setup_bridge_port ${pdev}
+ setup_bridge_port ${netdev}
# Restore slaves
if [ -n "${slaves}" ]; then
- ip link set ${pdev} up
- ifenslave ${pdev} ${slaves}
+ ip link set ${netdev} up
+ ifenslave ${netdev} ${slaves}
fi
- add_to_bridge2 ${bridge} ${pdev}
+ add_to_bridge2 ${bridge} ${netdev}
do_ifup ${bridge}
if [ ${antispoof} = 'yes' ] ; then
@@ -259,21 +245,24 @@ op_stop () {
return
fi
- transfer_addrs ${bridge} ${pdev}
+ netdev=${netdev:-$(brctl show | awk /$bridge/'{print $4}')}
+ if [ -z "${netdev}" ]; then
+ return
+ fi
+
+ transfer_addrs ${bridge} ${netdev}
if ! ifdown ${bridge}; then
get_ip_info ${bridge}
fi
- ip link set ${pdev} down
+ ip link set ${netdev} down
ip addr flush ${bridge}
- brctl delif ${bridge} ${pdev}
+ brctl delif ${bridge} ${netdev}
ip link set ${bridge} down
- ip link set ${bridge} name ${tdev}
- ip link set ${pdev} name ${netdev}
do_ifup ${netdev}
- brctl delbr ${tdev}
+ brctl delbr ${bridge}
}
# adds $dev to $bridge but waits for $dev to be in running state first
@@ -309,7 +298,7 @@ case "$command" in
;;
status)
- show_status ${netdev} ${bridge}
+ op_status
;;
*)
diff -Nurp xen-unstable.orig/tools/hotplug/Linux/network-bridges xen-unstable/tools/hotplug/Linux/network-bridges
--- xen-unstable.orig/tools/hotplug/Linux/network-bridges 1970-01-01 08:00:00.000000000 +0800
+++ xen-unstable/tools/hotplug/Linux/network-bridges 2009-06-23 12:08:09.000000000 +0800
@@ -0,0 +1,19 @@
+#!/bin/bash
+#
+# Runs network-bridge against each ethernet card.
+#
+
+dir=$(dirname "$0")
+
+run_all_ethernets()
+{
+ for f in /sys/class/net/*; do
+ netdev=$(basename $f)
+ if [[ $netdev =~ "^eth[0-9]+$" ]]; then
+ devnum=${netdev:3}
+ $dir/network-bridge "$@" "netdev=${netdev}" "bridge=xenbr${devnum}"
+ fi
+ done
+}
+
+run_all_ethernets "$@"
[-- Attachment #3: Type: text/plain, Size: 138 bytes --]
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Re: [PATCH]Change default network schema in network-bridge
2009-06-23 9:01 ` Daniel P. Berrange
2009-06-23 9:53 ` Zhigang Wang
@ 2009-06-24 14:38 ` Ian Jackson
2009-06-26 15:33 ` Daniel P. Berrange
1 sibling, 1 reply; 5+ messages in thread
From: Ian Jackson @ 2009-06-24 14:38 UTC (permalink / raw)
To: Daniel P. Berrange; +Cc: Zhigang Wang, xen-devel
Daniel P. Berrange writes ("[Xen-devel] Re: [PATCH]Change default network schema in network-bridge"):
> These days my recommendation
> is for people to set '(network-script /bin/true)' and then just use their
> OS distributions network scripts to add a bridge device.
This is definitely the best way of doing things. I've always thought
that the network-script thing was a terrible hack (and it's flaky
too).
Perhaps we should keep the script, but change the defaults and the
documentation ?
> http://wiki.libvirt.org/page/Networking#Bridged_networking_.28aka_.22shared_physical_device.22.29
Would you be able to resubmit (some of) that as a .txt file for
inclusion in the xen-unstable tree, or copy it to the Xen wiki ?
I'm not exactly sure of the authorship and copyright status so I'm
reluctant to just do that myself.
Ian.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Re: [PATCH]Change default network schema in network-bridge
2009-06-24 14:38 ` Ian Jackson
@ 2009-06-26 15:33 ` Daniel P. Berrange
0 siblings, 0 replies; 5+ messages in thread
From: Daniel P. Berrange @ 2009-06-26 15:33 UTC (permalink / raw)
To: Ian Jackson; +Cc: Zhigang Wang, xen-devel
On Wed, Jun 24, 2009 at 03:38:25PM +0100, Ian Jackson wrote:
> Daniel P. Berrange writes ("[Xen-devel] Re: [PATCH]Change default network schema in network-bridge"):
> > These days my recommendation
> > is for people to set '(network-script /bin/true)' and then just use their
> > OS distributions network scripts to add a bridge device.
>
> This is definitely the best way of doing things. I've always thought
> that the network-script thing was a terrible hack (and it's flaky
> too).
>
> Perhaps we should keep the script, but change the defaults and the
> documentation ?
>
> > http://wiki.libvirt.org/page/Networking#Bridged_networking_.28aka_.22shared_physical_device.22.29
>
> Would you be able to resubmit (some of) that as a .txt file for
> inclusion in the xen-unstable tree, or copy it to the Xen wiki ?
> I'm not exactly sure of the authorship and copyright status so I'm
> reluctant to just do that myself.
I wrote initial content, the remainder is just bug fixes/tweaks too minor
to be copyrightable. Here is a simplified text version that just covers
the bridging setup, without the other libvirt specific bits
Signed off by: Daniel P. Berrange <berrange@redhat.com>
Regards,
Daniel
Native OS bridge configuration
==============================
The traditional "network-bridge" script attempts to modify existing active
network interfaces to enable bridging. For non-trivial network configurations
though this can be error prone, and the temporary disruption to network
connectivity can upset some applications. This document outlines how to
configure bridging using an OS' native network configuration files.
Disabling Xen's network scripts
-------------------------------
The first step is to check XenD's network bridge is disabled by
editing /etc/xen/xend-config.sxp and changing the line
(network-script network-bridge)
To be
(network-script /bin/true)
Fedora/RHEL Bridging
====================
This outlines how to setup bridging using standard network initscripts
present in Fedora or RHEL distros and their derivatives
Disabling NetworkManager
------------------------
As of time of writing (Fedora 11) NetworkManager does not support bridging,
so it is neccessary to disable it, and revert to "classic" network initscripts
# chkconfig NetworkManager off
# chkconfig network on
# service NetworkManager stop
# service network start
NB, as an alternative to turning off NetworkManager, you can also add a line
"NM_CONTROLLED=no" to the ifcfg-XXX scripts below
Creating network initscripts
----------------------------
In the /etc/sysconfig/network-scripts directory it is necccessary to create
2 config files. The first (ifcfg-eth0) defines your physical network interface,
and says that it will be part of a bridge:
# cat > ifcfg-eth0 <<EOF
DEVICE=eth0
HWADDR=00:16:76:D6:C9:45
ONBOOT=yes
BRIDGE=br0
EOF
Obviously change the HWADDR to match your actual NIC's address. You may also
wish to configure the device's MTU here using e.g. MTU=9000.
The second config file (ifcfg-br0) defines the bridge device:
# cat > ifcfg-br0 <<EOF
DEVICE=br0
TYPE=Bridge
BOOTPROTO=dhcp
ONBOOT=yes
DELAY=0
EOF
WARNING: The line TYPE=Bridge is case-sensitive - it must have uppercase
'B' and lower case 'ridge'
After changing this restart networking (or better still reboot)
# service network restart
The final step is to configure iptables to allow all traffic to be
forwarded across the bridge
# echo "-I FORWARD -m physdev --physdev-is-bridged -j ACCEPT" > /etc/sysconfig/iptables-forward-bridged
# lokkit --custom-rules=ipv4:filter:/etc/sysconfig/iptables-forward-bridged
# service libvirtd reload
Alternatively, you can prevent bridged traffic getting pushed through
the host's iptables rules completely. In /etc/sysctl.conf add
# cat >> /etc/sysctl.conf <<EOF
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0
EOF
# sysctl -p /etc/sysctl.conf
You should now have a "shared physical device", to which guests can be
attached and have full LAN access
# brctl show
bridge name bridge id STP enabled interfaces
br0 8000.000e0cb30550 no eth0
Debian/Ubuntu Bridging
=======================
This outlines how to setup bridging using standard network interface config files
on Debian / Ubuntu distributions and their derivatives
Disabling NetworkManager
------------------------
Stop network manager
sudo /etc/dbus-1/event.d/26NetworkManagerDispatcher stop
sudo /etc/dbus-1/event.d/25NetworkManager stop
Create two files with only the word 'exit' in them. These files are:
/etc/default/NetworkManager
/etc/default/NetworkManagerDispatcher
Altering the interface config
-----------------------------
First take down the interface you wish to bridge
ifdown eth0
Edit /etc/network/interfaces and find the config for the physical
interface, which looks something like
allow-hotplug eth0
iface eth0 inet static
address 192.168.2.4
netmask 255.255.255.0
network 192.168.2.0
broadcast 192.168.2.255
gateway 192.168.2.2
Remove the 'allow-hotplug eth0' line, replacing it with 'auto br0',
and change the next line with iface name to 'br0', so it now starts
with
auto br0
iface br0 inet static
And then define the interface as being a bridge and specify its ports
bridge_ports eth0
bridge_stp off
bridge_maxwait 5
The complete config should now look like
auto br0
iface br0 inet static
address 192.168.2.4
netmask 255.255.255.0
network 192.168.2.0
broadcast 192.168.2.255
gateway 192.168.2.2
bridge_ports eth0
bridge_stp off
bridge_maxwait 5
The interface can now be started with
ifup br0
Finally add the '/etc/sysctl.conf' settings
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0
And then load the settings with
sysctl -p /etc/sysctl.conf
You should now have a "shared physical device", to which guests
can be attached and have full LAN access
# brctl show
bridge name bridge id STP enabled interfaces
br0 8000.000e0cb30550 no eth0
Other operating systems / distributions
=======================================
[...send patches to this file with instructions....]
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2009-06-26 15:33 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2009-06-23 5:07 [PATCH]Change default network schema in network-bridge Zhigang Wang
2009-06-23 9:01 ` Daniel P. Berrange
2009-06-23 9:53 ` Zhigang Wang
2009-06-24 14:38 ` Ian Jackson
2009-06-26 15:33 ` Daniel P. Berrange
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.