2015-02-22 17:58:52 -08:00
|
|
|
package bridge
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"fmt"
|
|
|
|
|
"io/ioutil"
|
|
|
|
|
"net"
|
|
|
|
|
|
2015-05-28 16:30:36 -07:00
|
|
|
"github.com/Sirupsen/logrus"
|
2015-02-22 17:58:52 -08:00
|
|
|
"github.com/vishvananda/netlink"
|
|
|
|
|
)
|
|
|
|
|
|
2015-03-04 13:25:43 -08:00
|
|
|
var bridgeIPv6 *net.IPNet
|
2015-02-22 17:58:52 -08:00
|
|
|
|
2015-05-28 16:30:36 -07:00
|
|
|
const (
|
|
|
|
|
bridgeIPv6Str = "fe80::1/64"
|
|
|
|
|
ipv6ForwardConfPerm = 0644
|
|
|
|
|
)
|
2015-02-22 17:58:52 -08:00
|
|
|
|
|
|
|
|
func init() {
|
|
|
|
|
// We allow ourselves to panic in this special case because we indicate a
|
|
|
|
|
// failure to parse a compile-time define constant.
|
2015-03-04 13:25:43 -08:00
|
|
|
if ip, netw, err := net.ParseCIDR(bridgeIPv6Str); err == nil {
|
|
|
|
|
bridgeIPv6 = &net.IPNet{IP: ip, Mask: netw.Mask}
|
2015-02-22 17:58:52 -08:00
|
|
|
} else {
|
2015-03-04 13:25:43 -08:00
|
|
|
panic(fmt.Sprintf("Cannot parse default bridge IPv6 address %q: %v", bridgeIPv6Str, err))
|
2015-02-22 17:58:52 -08:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2015-05-22 10:56:36 -07:00
|
|
|
func setupBridgeIPv6(config *networkConfiguration, i *bridgeInterface) error {
|
2015-02-22 17:58:52 -08:00
|
|
|
// Enable IPv6 on the bridge
|
2015-04-15 05:25:42 +00:00
|
|
|
procFile := "/proc/sys/net/ipv6/conf/" + config.BridgeName + "/disable_ipv6"
|
2015-05-28 16:30:36 -07:00
|
|
|
if err := ioutil.WriteFile(procFile, []byte{'0', '\n'}, ipv6ForwardConfPerm); err != nil {
|
2015-02-22 17:58:52 -08:00
|
|
|
return fmt.Errorf("Unable to enable IPv6 addresses on bridge: %v", err)
|
|
|
|
|
}
|
2015-02-27 09:11:53 -08:00
|
|
|
|
2015-04-28 05:57:36 +00:00
|
|
|
_, addrsv6, err := i.addresses()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
2015-05-12 23:35:15 +00:00
|
|
|
// Add the default link local ipv6 address if it doesn't exist
|
|
|
|
|
if !findIPv6Address(netlink.Addr{IPNet: bridgeIPv6}, addrsv6) {
|
2015-04-28 05:57:36 +00:00
|
|
|
if err := netlink.AddrAdd(i.Link, &netlink.Addr{IPNet: bridgeIPv6}); err != nil {
|
2015-05-14 14:56:15 -07:00
|
|
|
return &IPv6AddrAddError{IP: bridgeIPv6, Err: err}
|
2015-04-28 05:57:36 +00:00
|
|
|
}
|
2015-02-27 09:11:53 -08:00
|
|
|
}
|
|
|
|
|
|
2015-04-24 15:13:44 -07:00
|
|
|
// Store bridge network and default gateway
|
2015-04-10 16:02:25 +00:00
|
|
|
i.bridgeIPv6 = bridgeIPv6
|
2015-04-24 15:13:44 -07:00
|
|
|
i.gatewayIPv6 = i.bridgeIPv6.IP
|
|
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2015-05-22 10:56:36 -07:00
|
|
|
func setupGatewayIPv6(config *networkConfiguration, i *bridgeInterface) error {
|
2015-04-24 15:13:44 -07:00
|
|
|
if config.FixedCIDRv6 == nil {
|
2015-05-14 14:56:15 -07:00
|
|
|
return &ErrInvalidContainerSubnet{}
|
2015-04-24 15:13:44 -07:00
|
|
|
}
|
|
|
|
|
if !config.FixedCIDRv6.Contains(config.DefaultGatewayIPv6) {
|
2015-05-14 14:56:15 -07:00
|
|
|
return &ErrInvalidGateway{}
|
2015-04-24 15:13:44 -07:00
|
|
|
}
|
|
|
|
|
if _, err := ipAllocator.RequestIP(config.FixedCIDRv6, config.DefaultGatewayIPv6); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Store requested default gateway
|
|
|
|
|
i.gatewayIPv6 = config.DefaultGatewayIPv6
|
2015-04-10 16:02:25 +00:00
|
|
|
|
2015-02-27 09:11:53 -08:00
|
|
|
return nil
|
2015-02-22 17:58:52 -08:00
|
|
|
}
|
2015-05-28 16:30:36 -07:00
|
|
|
|
|
|
|
|
func setupIPv6Forwarding(config *networkConfiguration, i *bridgeInterface) error {
|
|
|
|
|
// Enable IPv6 forwarding
|
|
|
|
|
if err := ioutil.WriteFile("/proc/sys/net/ipv6/conf/default/forwarding", []byte{'1', '\n'}, ipv6ForwardConfPerm); err != nil {
|
|
|
|
|
logrus.Warnf("Unable to enable IPv6 default forwarding: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if err := ioutil.WriteFile("/proc/sys/net/ipv6/conf/all/forwarding", []byte{'1', '\n'}, ipv6ForwardConfPerm); err != nil {
|
|
|
|
|
logrus.Warnf("Unable to enable IPv6 all forwarding: %v", err)
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
