gluon-next-node: mark local-node ip6 as deprecated
Prevent the local-node ip6 from being eligible for source address selection. This is highly undesireable in a layer 3 mesh.
This commit is contained in:
Nils Schneider
parent
5bfb06fe36
commit
8e20cbda95
@ -53,6 +53,7 @@ Packages
|
|||||||
package/gluon-client-bridge
|
package/gluon-client-bridge
|
||||||
package/gluon-ebtables-filter-multicast
|
package/gluon-ebtables-filter-multicast
|
||||||
package/gluon-ebtables-filter-ra-dhcp
|
package/gluon-ebtables-filter-ra-dhcp
|
||||||
|
package/gluon-next-node
|
||||||
|
|
||||||
Releases
|
Releases
|
||||||
--------
|
--------
|
||||||
|
|||||||
21
docs/package/gluon-next-node.rst
Normal file
21
docs/package/gluon-next-node.rst
Normal file
@ -0,0 +1,21 @@
|
|||||||
|
gluon-next-node
|
||||||
|
===============
|
||||||
|
|
||||||
|
This package provides a virtual interface (tied to *br-client*) called *local-node*
|
||||||
|
using the same MAC, IP4 and IP6 across all nodes in a mesh. Thus, the node that
|
||||||
|
the client is currently connected to, can always be reached under a known address.
|
||||||
|
|
||||||
|
The IP6 is marked es deprecated to prevent it from being used as a source
|
||||||
|
address for packages originating from a node.
|
||||||
|
|
||||||
|
site.conf
|
||||||
|
---------
|
||||||
|
|
||||||
|
next_node.mac
|
||||||
|
MAC to be set on the interface.
|
||||||
|
|
||||||
|
next_node.ip4
|
||||||
|
IP4 to be set on the interface.
|
||||||
|
|
||||||
|
next_node.ip6
|
||||||
|
IP6 to be set on the interface.
|
||||||
@ -19,14 +19,23 @@ c:section('network', 'device', 'local_node_dev',
|
|||||||
|
|
||||||
local prefix4 = ip.IPv4(site.prefix4)
|
local prefix4 = ip.IPv4(site.prefix4)
|
||||||
c:delete('network', 'local_node')
|
c:delete('network', 'local_node')
|
||||||
c:section('network', 'interface', 'local_node',
|
c:delete('network', 'local_node4')
|
||||||
{
|
c:delete('network', 'local_node6')
|
||||||
ifname = 'local-node',
|
|
||||||
proto = 'static',
|
c:section('network', 'interface', 'local_node4',
|
||||||
ipaddr = site.next_node.ip4,
|
{
|
||||||
netmask = prefix4:mask():string(),
|
ifname = 'local-node',
|
||||||
ip6addr = site.next_node.ip6 .. '/128',
|
proto = 'static',
|
||||||
}
|
ipaddr = site.next_node.ip4 .. '/32',
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
c:section('network', 'interface', 'local_node6',
|
||||||
|
{
|
||||||
|
ifname = 'local-node',
|
||||||
|
proto = 'static_deprecated',
|
||||||
|
ip6addr = site.next_node.ip6,
|
||||||
|
}
|
||||||
)
|
)
|
||||||
|
|
||||||
c:delete('network', 'local_node_route6')
|
c:delete('network', 'local_node_route6')
|
||||||
|
|||||||
30
package/gluon-next-node/files/lib/netifd/proto/static_deprecated.sh
Executable file
30
package/gluon-next-node/files/lib/netifd/proto/static_deprecated.sh
Executable file
@ -0,0 +1,30 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
. /lib/functions.sh
|
||||||
|
. ../netifd-proto.sh
|
||||||
|
init_proto "$@"
|
||||||
|
|
||||||
|
proto_static_deprecated_init_config() {
|
||||||
|
renew_handler=1
|
||||||
|
|
||||||
|
proto_config_add_string 'ip6addr:ip6addr'
|
||||||
|
}
|
||||||
|
|
||||||
|
proto_static_deprecated_setup() {
|
||||||
|
local config="$1"
|
||||||
|
local iface="$2"
|
||||||
|
|
||||||
|
local ip6addr
|
||||||
|
json_get_vars ip6addr
|
||||||
|
|
||||||
|
proto_init_update "*" 1
|
||||||
|
proto_add_ipv6_address "$ip6addr" "" "0"
|
||||||
|
proto_send_update "$config"
|
||||||
|
}
|
||||||
|
|
||||||
|
proto_static_deprecated_teardown() {
|
||||||
|
local config="$1"
|
||||||
|
}
|
||||||
|
|
||||||
|
add_protocol static_deprecated
|
||||||
|
|
||||||
Loading…
Reference in New Issue
Block a user