1#! /bin/bash 2 3#check ETH_DEV 4if [[ -z "${ETH_DEV}" ]]; then 5 echo "ETH_DEV is invalid" 6 exit 127 7fi 8#check that REMOTE_HOST is reachable 9ssh ${REMOTE_HOST} echo 10st=$? 11if [[ $st -ne 0 ]]; then 12 echo "host ${REMOTE_HOST} is not reachable" 13 exit $st 14fi 15 16#get ether addr of REMOTE_HOST 17REMOTE_MAC=`ssh ${REMOTE_HOST} ip addr show dev ${REMOTE_IFACE}` 18st=$? 19REMOTE_MAC=`echo ${REMOTE_MAC} | sed -e 's/^.*ether //' -e 's/ brd.*$//'` 20if [[ $st -ne 0 || -z "${REMOTE_MAC}" ]]; then 21 echo "coouldn't retrieve ether addr from ${REMOTE_IFACE}" 22 exit 127 23fi 24 25LOCAL_IFACE=dtap0 26 27LOCAL_MAC="00:64:74:61:70:30" 28 29REMOTE_IPV4=192.168.31.14 30LOCAL_IPV4=192.168.31.92 31 32REMOTE_IPV6=fd12:3456:789a:0031:0000:0000:0000:0014 33LOCAL_IPV6=fd12:3456:789a:0031:0000:0000:0000:0092 34 35DPDK_PATH=${RTE_SDK:-${PWD}} 36DPDK_BUILD=${RTE_TARGET:-x86_64-native-linux-gcc} 37 38# by default ipsec-secgw can't deal with multi-segment packets 39# make sure our local/remote host wouldn't generate fragmented packets 40# if reassmebly option is not enabled 41DEF_MTU_LEN=1400 42DEF_PING_LEN=1200 43 44#setup mtu on local iface 45set_local_mtu() 46{ 47 mtu=$1 48 ifconfig ${LOCAL_IFACE} mtu ${mtu} 49 sysctl -w net.ipv6.conf.${LOCAL_IFACE}.mtu=${mtu} 50} 51 52# configure local host/ifaces 53config_local_iface() 54{ 55 ifconfig ${LOCAL_IFACE} ${LOCAL_IPV4}/24 up 56 ifconfig ${LOCAL_IFACE} 57 58 ip neigh flush dev ${LOCAL_IFACE} 59 ip neigh add ${REMOTE_IPV4} dev ${LOCAL_IFACE} lladdr ${REMOTE_MAC} 60 ip neigh show dev ${LOCAL_IFACE} 61} 62 63config6_local_iface() 64{ 65 config_local_iface 66 67 sysctl -w net.ipv6.conf.${LOCAL_IFACE}.disable_ipv6=0 68 ip addr add ${LOCAL_IPV6}/64 dev ${LOCAL_IFACE} 69 70 ip -6 neigh add ${REMOTE_IPV6} dev ${LOCAL_IFACE} lladdr ${REMOTE_MAC} 71 ip neigh show dev ${LOCAL_IFACE} 72} 73 74#configure remote host/iface 75config_remote_iface() 76{ 77 ssh ${REMOTE_HOST} ifconfig ${REMOTE_IFACE} down 78 ssh ${REMOTE_HOST} ifconfig ${REMOTE_IFACE} ${REMOTE_IPV4}/24 up 79 ssh ${REMOTE_HOST} ifconfig ${REMOTE_IFACE} 80 81 ssh ${REMOTE_HOST} ip neigh flush dev ${REMOTE_IFACE} 82 83 # by some reason following ip neigh doesn't work for me here properly: 84 #ssh ${REMOTE_HOST} ip neigh add ${LOCAL_IPV4} \ 85 # dev ${REMOTE_IFACE} lladr ${LOCAL_MAC} 86 # so used arp instead. 87 ssh ${REMOTE_HOST} arp -i ${REMOTE_IFACE} -s ${LOCAL_IPV4} ${LOCAL_MAC} 88 ssh ${REMOTE_HOST} ip neigh show dev ${REMOTE_IFACE} 89 90 ssh ${REMOTE_HOST} iptables --flush 91} 92 93config6_remote_iface() 94{ 95 config_remote_iface 96 97 ssh ${REMOTE_HOST} sysctl -w \ 98 net.ipv6.conf.${REMOTE_IFACE}.disable_ipv6=0 99 ssh ${REMOTE_HOST} ip addr add ${REMOTE_IPV6}/64 dev ${REMOTE_IFACE} 100 101 ssh ${REMOTE_HOST} ip -6 neigh add ${LOCAL_IPV6} \ 102 dev ${REMOTE_IFACE} lladdr ${LOCAL_MAC} 103 ssh ${REMOTE_HOST} ip neigh show dev ${REMOTE_IFACE} 104 105 ssh ${REMOTE_HOST} ip6tables --flush 106} 107 108#configure remote and local host/iface 109config_iface() 110{ 111 config_local_iface 112 config_remote_iface 113} 114 115config6_iface() 116{ 117 config6_local_iface 118 config6_remote_iface 119} 120 121# secgw application parameters setup 122SGW_PORT_CFG="--vdev=\"net_tap0,mac=fixed\" ${ETH_DEV}" 123SGW_WAIT_DEV="${LOCAL_IFACE}" 124. ${DIR}/common_defs_secgw.sh 125