X-Git-Url: http://xvm.mit.edu/gitweb/invirt/packages/invirt-xen-config.git/blobdiff_plain/ba2cbfd952ad6ef034730d81f7c79c71c7d674d9..adc23d07c56c0b5be6fd77382bc816b101dfe974:/vif-invirtroute

diff --git a/vif-invirtroute b/vif-invirtroute
index 49a7e4c..b3d9207 100755
--- a/vif-invirtroute
+++ b/vif-invirtroute
@@ -13,11 +13,11 @@
 # vif-route (add|remove|online|offline)
 #
 # Environment vars:
-# vif         vif interface name (required).
+# vif    vif interface name (required).
 # XENBUS_PATH path to this device's details in the XenStore (required).
 # Read from the store:
-# ip      list of IP networks for the vif, space-separated (default given in
-#         this script).
+# ip     list of IP networks for the vif, space-separated (default given in
+#        this script).
 #
 # This script will set up proxy arp  for any ip addresses that are being routed
 # type read to determine if the device is ioemu
@@ -31,21 +31,23 @@ dev=${dev:-${vif}}
 
 case "$command" in
     online|add)
-        ifconfig ${dev} ${main_ip} netmask 255.255.255.255 up
-        echo 1 >/proc/sys/net/ipv4/conf/${dev}/proxy_arp
+	ifconfig ${dev} ${main_ip} netmask 255.255.255.255 up
+	echo 1 >/proc/sys/net/ipv4/conf/${dev}/proxy_arp
 	echo 1 >/proc/sys/net/ipv4/conf/${dev}/rp_filter 
 	xenstore-write "$XENBUS_PATH/feature-gso-tcpv4" 0
-        if [ x${qemu_online} != xyes ]; then
-          ethtool -K ${dev} tx off
-        fi
-        ipcmd='add'
-        cmdprefix=''
-        ;;
+	if [ x${qemu_online} != xyes ]; then
+	  ethtool -K ${dev} tx off
+	fi
+	ipcmd='add'
+	ipt_action='-A'
+	cmdprefix=''
+	;;
     offline|remove)
-        do_without_error ifdown ${vif}
-        ipcmd='del'
-        cmdprefix='do_without_error'
-        ;;
+	do_without_error ifdown ${vif}
+	ipcmd='del'
+	ipt_action='-D'
+	cmdprefix='do_without_error'
+	;;
 esac
 
 vif_type=$(xenstore_read_default "$XENBUS_PATH/type" "viffront")
@@ -54,7 +56,30 @@ if [  ${vif_type} != "ioemu"  -o  x${qemu_online} = xyes ] ; then
     # If we've been given a list of IP addresses, then add routes from dom0 to
     # the guest using those addresses.
 	for addr in ${ip} ; do
+	    # When PVHVM is enabled, Xen plugs two interfaces into
+	    # HVMs - an emulated tap device and a paravirt vif device.
+	    # vif-invirtroute (and vif-route, for that matter!) will
+	    # fail when the second one is brought up, because the
+	    # second invocation of 'ip route add' is identical to the
+	    # first (same source and destination IPs) and the kernel
+	    # rejects the new route.
+	    #
+	    # We work around this by adding the routes with different metrics.
+	    # This should work because:
+	    #
+	    # 1) In the case of a pv-aware guest, the kernel will
+	    # unplug the tap interface, which will bring down the tap
+	    # interface's route, leaving only the one via the vif (and
+	    # so the metric shouldn't matter, because it's the only
+	    # route)
+	    #
+	    # 2) In the case of a non-pv-aware guest, the tap route
+	    # (with metric 1) should take precedence over the vif
+	    # route and carry all the traffic.
+
+	    src=""
 	    if [ $ipcmd == "add" ]; then
+		src="src ${main_ip}"
 		case $dev in
 		    vif*)
 			metric="metric 2"
@@ -64,15 +89,22 @@ if [  ${vif_type} != "ioemu"  -o  x${qemu_online} = xyes ] ; then
 			;;
 		esac
 	    fi
-	    ${cmdprefix} ip route ${ipcmd} ${addr} dev ${dev} src ${main_ip} $metric
+	    ${cmdprefix} ip route ${ipcmd} ${addr} dev ${dev} ${src} $metric
 	    case "$command" in
 		online|add)
-		    arpspoof -i $(invirt-getconf xen.iface) -t 18.181.0.1 ${addr}&
-		    sleep 5
-		    kill %arpspoof
+		    timeout -s KILL 5 arpspoof -i $(invirt-getconf xen.iface) -t ${gateway} ${addr} || :
 		    ;;
 	    esac
 	done 
+	if [ -n "$other_ip" ]; then
+	    ${cmdprefix} ip route ${ipcmd} ${other_ip} dev ${dev} ${src} $metric
+	    iptables -t nat ${ipt_action} PREROUTING -d ${other_ip} -j DNAT --to-destination ${addr}
+	    case "$command" in
+		online|add)
+		    timeout -s KILL 5 arpspoof -i $(invirt-getconf xen.iface) -t ${other_gateway} ${other_ip} || :
+		    ;;
+	    esac
+	fi
     fi
 fi