- Copy stable/10 (r259064) to releng/10.0 as part of the

[FreeBSD/releng/10.0.git] / share / examples / netgraph / virtual.chain

#!/bin/sh
#
# Copyright (c) 2010, Yavuz Gokirmak
#
# All rights reserved.
#
# This source code may be used, modified, copied, distributed, and
# sold, in both source and binary form provided that the above
# copyright and these terms are retained, verbatim, as the first
# lines of this file.  Under no circumstances is the author
# responsible for the proper functioning of the software nor does
# the author assume any responsibility for damages incurred with
# its use.
#
# $FreeBSD$
#
# This script creates and connects n router like nodes. Complex wide
# area topologies can be created with the help of script.
#
# Virtual nodes are generated via jails and network connections are
# established using ng_eiface(4) node types.
#
# To use this script:
#
# 0. Make your own copy of this example script.
#
# 1. Edit the definition of ${TARGET_TOPOLOGY} to define your virtual
#    nodes. Virtual topology definition includes node names and their
#    IP address. Target top. syntax: ( name|ip<->name|ip ... )
#    Example 1: ( n1|10.0.2.1/30<->n2|10.0.2.2/30 ...)
#    Example 2: ( n1|2001:b90::14a/125<->n1|2001:b90::14b/125 ...)
#
# 2. Run this script with "start" as the command line argument.
#
# 3. Add necessary static route commands for each virtual node. For
#    example assume you have three virtual nodes connected each other
#    like a chain (n1 is connected to n2, n2 is connected to n3).
#    In order to establish connectivity among these virtual nodes,
#    you have to add default routes to node n1 and node n3. Example
#    static route command is:
#      STATIC_ROUTE0="jexec n1 route add -inet default 10.0.2.2"
#      STATIC_ROUTE1="jexec n3 route add -inet default 10.0.2.5"
#    After defining default routes with above format you have to set
#    the total number of static route commands as:
#      STATIC_ROUTE_CNT=2
#
# 4. Stop bridging by running this script with "stop" as the
#    command line argument.
#
# 5. This script uses a template file in order to carry information
#    between start and stop calls.
#      In the start call, the netgraph interfaces and jails are created.
#      At the stop phase, all created objects should be removed.
#    DO NOT delete the temporary file between the start and stop phases.
#
# Target Topology:
#
# +---------------+  +---------------------------------------------+
# |  n1 (vimage)  |  |                 n2 (vimage)                 |
# |               |  |                                             |
# | +-----------+ |  | +-----------+  +-----------+  +-----------+ |
# | |  ngeth0   | |  | |  ngeth1   |  |  ngeth2   |  |  ngeth4   | |
# | |(ng_eiface)| |  | |(ng_eiface)|  |(ng_eiface)|  |(ng_eiface)| |
# | +--+-----+--+ |  | +--+-----+--+  +--+-----+--+  +--+-----+--+ |
# |    |ether|    |  |    |ether|        |ether|        |ether|    |
# |    +-X---+    |  |    +--X--+        +--X--+        +--X--+    |
# +-------X-------+  +------X--------------X---------------X-------+
#         X                X              X                X
#          X               X             X                X
#           XXXXXXXXXXXXXXX            X                  X
#                                    X                    X
#                          +--------X------+     +--------X------+
#                          |   -+--X--+-   |     |   -+--X--+-   |
#                          |    |ether|    |     |    |ether|    |
#                          | +--+-----+--+ |     | +--+-----+--+ |
#                          | |  ngeth3   | |     | |  ngeth5   | |
#                          | |(ng_eiface)| |     | |(ng_eiface)| |
#                          | +-----------+ |     | +-----------+ |
#                          |               |     |               |
#                          |  n3 (vimage)  |     |  n4 (vimage)  |
#                          +---------------+     +---------------+
#
#
#

# List the names of virtual nodes and their IP addresses. Use ':'
# character to separate node name from node IP address and netmask.

TARGET_TOPOLOGY="n1|10.0.2.1/30<->n2|10.0.2.2/30 n2|10.0.2.5/30<->n3|10.0.2.6/30 n2|10.0.2.9/30<->n4|10.0.2.10/30"
STATIC_ROUTE0="jexec n1 route add -inet default 10.0.2.2"
STATIC_ROUTE1="jexec n3 route add -inet default 10.0.2.5"
STATIC_ROUTE2="jexec n4 route add -inet default 10.0.2.9"
STATIC_ROUTE_CNT=3

# MAC manufacturer prefix. This can be modified according to needs.
MAC_PREFIX="00:1d:92"

# Temporary file is important for proper execution of script.
TEMP_FILE="/var/tmp/.virtual.chain.tmp"

# Set root directory for jails to be created.
JAIL_PATH="/usr/jails/router"


####################################################################
####    Nothing below this point should need to be modified.    ####
####################################################################


# Start/restart routine.
virtual_chain_start() {

        # Load netgraph KLD's as necessary.

        for KLD in ng_ether ng_bridge ng_eiface; do
                if ! kldstat -v | grep -qw ${KLD}; then
                        echo -n "Loading ${KLD}.ko... "
                        kldload ${KLD} || exit 1
                        echo "done"
                fi
        done

        # Reset all interfaces and jails. If temporary file can not be found
        # script assumes that there is no previous configuration.

        if [ ! -e ${TEMP_FILE} ]; then
                echo "No previous configuration(${TEMP_FILE}) found to clean-up."
        else
                echo -n "Cleaning previous configuration..."
                virtual_chain_stop
                echo "done"
        fi

        # Create temporary file for usage. This file includes generated
        # interface names and jail names. All bridges, interfaces and jails
        # are written to file while created. In clean-up process written
        # objects are cleaned (i.e. removed) from system.

        if [ -e ${TEMP_FILE} ]; then
                touch ${TEMP_FILE}
        fi


        # Attach other interfaces as well.
        for CONNECTION in ${TARGET_TOPOLOGY}; do

                # Virtual connections are defined in TARGET_TOPOLOGY variable.
                # They have the form of 'nodeName|IPaddr'. Below two lines split

                PEER1=`echo ${CONNECTION} | awk -F"<->" '{print $1}'`
                PEER1_NAME=`echo ${PEER1} | awk -F"|" '{print $1}'`
                PEER1_IP=`echo ${PEER1} | awk -F"|" '{print $2}'`

                PEER2=`echo ${CONNECTION} | awk -F"<->" '{print $2}'`
                PEER2_NAME=`echo ${PEER2} | awk -F"|" '{print $1}'`
                PEER2_IP=`echo ${PEER2} | awk -F"|" '{print $2}'`

                # !!! if not created already..
                # Create virtual node (jail) with given name and using
                # JAIL_PATH as root directory for jail.

                virtual_chain_create_peer_if_necessary ${PEER1_NAME}
                virtual_chain_create_peer_if_necessary ${PEER2_NAME}

                # create an interface for peer with the given peer IP. Get interface
                # for future use; you will connect this interface to the other
                # peers' (PEER2) interface.
                virtual_chain_create_interface_with_ip ${PEER1_NAME} ${PEER1_IP}
                PEER1_INTERFACE=${RET_INTERFACE}

                # create an interface for peer with the given peer IP. Get interface
                # for future use; you will connect this interface to the other
                # peers' (PEER2) interface.
                virtual_chain_create_interface_with_ip ${PEER2_NAME} ${PEER2_IP}
                PEER2_INTERFACE=${RET_INTERFACE}

                # Connect virtual interface to other interface. Syntax is :
                # ngctl connect INTERFACE1: INTERFACE2: ether ether.

                echo -n "Connecting ${PEER1_INTERFACE}:ether to ${PEER2_INTERFACE}:ether..."
                ngctl connect ${PEER1_INTERFACE}: ${PEER2_INTERFACE}: ether ether \
                        || exit 1
                echo "done"

        done

        # Executes static route add commands.
        i=0
        while [ $i != $STATIC_ROUTE_CNT ]; do
                eval ROUTE=\${STATIC_ROUTE${i}}
                ret=`${ROUTE}`
                i=`expr $i + 1`
        done

        echo "Virtual WAN established successfully!"
}

virtual_chain_create_interface_with_ip() {

        NODE_NAME=$1
        NODE_IP=$2

        # Create a ng_eiface object for virtual node. ng_eiface
        # object has a hook that can be connected to one of bridge
        # links. After creating interface get its automatically
        # generated name for further usage.

        echo "Creating eiface interface for virtual node ${NODE_NAME}."
        ngctl mkpeer eiface ether ether
        EIFACE=`ngctl l | grep ngeth | tail -n 1| awk '{print $2}'`
        echo "Interface ${EIFACE} is created."

        # Write name of the interface to temp file. Clean-up procedure
        # will use this name to shutdown interface.

        echo "interface ${EIFACE}" >> ${TEMP_FILE}

        # Move virtual interface to virtual node. Note that Interface
        # name will not be changed at the end of this movement. Moved
        # interface can be seen at the output of ifconfig command in
        # jail: 'jexec jailname ifconfig'

        echo "Moving ${EIFACE} to ${NODE_NAME}"
        ifconfig ${EIFACE} vnet ${NODE_NAME}

        # Make lo0 interface localhost.
        jexec ${NODE_NAME} ifconfig lo0 localhost

        # Generate a random mac address for virtual interface. First
        # three octets can be changed by user. Last three octets are
        # generated randomly.
        M4=`od -An -N2 -i /dev/random | sed -e 's/ //g' | \
                        awk '{ print $1 % 256 }'`
        M5=`od -An -N2 -i /dev/random | sed -e 's/ //g' | \
                        awk '{ print $1 % 256 }'`
        M6=`od -An -N2 -i /dev/random | sed -e 's/ //g' | \
                        awk '{ print $1 % 256 }'`

        MAC=`printf ${MAC_PREFIX}:%02x:%02x:%02x ${M4} ${M5} ${M6}`

        # Set the link address (mac address) of virtual interface in
        # virtual node to randomly generated MAC.
        echo "Setting MAC address of ${EIFACE} to '${MAC}'"
        jexec ${NODE_NAME} ifconfig ${EIFACE} link $MAC

        # Either IPv4 or IPv6 can be used in this script. Ifconfig
        # IP setting syntax differs slightly for two IP versions.
        # For version 4 'inet' keyword is used whereas for version 6
        # 'inet6' is used. Below line tries to decide which IP version
        # is given and sets IPVER to 'inet' or 'inet6'.

        IPVER=`echo ${NODE_IP} | awk -F"." '{ split($4,last,"/"); \
                if( NF==4 && $1>0 && $1<256 && $2<256 && $3<256 && \
                last[1]<256) print "inet"; else print "inet6"}'`

        # Set IP address of virtual interface in virtual node.
        echo "Setting IP address of ${EIFACE} to '${NODE_IP}'"
        jexec ${NODE_NAME} ifconfig ${EIFACE} ${IPVER} ${NODE_IP}

        RET_INTERFACE=${EIFACE}
}

virtual_chain_create_peer_if_necessary() {

        if ! grep -q $1 ${TEMP_FILE} ; then

                echo -n "Creating virtual node (jail) ${1}..."
                jail -c vnet name=${1} host.hostname=${1} \
                        path=${JAIL_PATH} persist
                jexec ${1} sysctl -w net.inet.ip.forwarding=1
                jexec ${1} sysctl -w net.inet6.ip6.forwarding=1
                echo "done"

                # Write name of the jail to temp file. Clean-up
                # procedure will use this name to remove jail.

                echo "node ${1}" >> ${TEMP_FILE}
        fi

}

# Stop routine.
virtual_chain_stop() {

        if [ ! -e ${TEMP_FILE} ]; then
                echo "Nothing to stop! ${TEMP_FILE}: temp file not found"
        else

                echo -n "Shutdown bridge interface.."
                OBJECTS=`cat ${TEMP_FILE} | grep bridge | awk '{print $2}'`
                for BRIDGE in ${OBJECTS}; do
                        ngctl shutdown ${BRIDGE}: >/dev/null 2>&1
                done
                echo "done"

                echo -n "Shutdown all eiface interfaces..."
                OBJECTS=`cat ${TEMP_FILE} | grep interface | awk '{print $2}'`
                for INTERFACE in ${OBJECTS}; do
                        ngctl shutdown ${INTERFACE}: >/dev/null 2>&1
                done
                echo "done"

                echo -n "Removing all jails..."
                OBJECTS=`cat ${TEMP_FILE} | grep node | awk '{print $2}'`
                for NODE in ${OBJECTS}; do
                        jail -r ${NODE}
                done
                echo "done"

                echo "Removing tempfile ${TEMP_FILE}"
                rm ${TEMP_FILE}
        fi
        echo "Virtual LAN objects removed successfully!"

}

virtual_chain_usage() {
        echo "usage: $0 start [target_topology]"
        echo "     : $0 [ stop | help ]"
}


# Main entry point.

case $# in
        1)
                case $1 in
                        start)
                                echo -n "Creating default target topology:"
                                echo " ${TARGET_TOPOLOGY}"
                                virtual_chain_start
                                ;;
                        stop)

                                if [ ! -e ${TEMP_FILE} ]; then
                                        echo -n "Noting to stop! ${TEMP_FILE}:"
                                        echo " temp file not found"
                                else
                                        virtual_chain_stop
                                fi
                                ;;
                        help)
                                virtual_chain_usage
                                exit 1
                                ;;
                        *)
                                virtual_chain_usage
                                exit 1

                esac
                ;;
        2)
                case $1 in
                        start)
                                TARGET_TOPOLOGY=$2
                                echo -n "Creating target topology:"
                                echo "${TARGET_TOPOLOGY}"
                                virtual_chain_start
                                ;;
                        *)
                                virtual_chain_usage
                                exit 1
                esac
                ;;

        *)
                virtual_chain_usage
                exit 1
esac