sudo aptitude install build-essential module-assistant git fakeroot dh-autoreconfsudo apt-get build-dep openvswitchsudo aptitude install dkms ipsec-tools racoon uuid-runtime python-twisted-webgit clone https://github.com/openvswitch/ovs.gitcd ovsDEB_BUILD_OPTIONS='parallel=4' fakeroot debian/rules binaryls -l ../*.deb-rw-r--r-- 1 cssu cssu 628336 10月 5 19:54 ../openvswitch-common_2.4.90-1_amd64.deb -rw-r--r-- 1 cssu cssu 2943956 10月 5 19:55 ../openvswitch-datapath-dkms_2.4.90-1_all.deb -rw-r--r-- 1 cssu cssu 4394030 10月 5 19:54 ../openvswitch-datapath-source_2.4.90-1_all.deb -rw-r--r-- 1 cssu cssu 5675708 10月 5 19:55 ../openvswitch-dbg_2.4.90-1_amd64.deb -rw-r--r-- 1 cssu cssu 38666 10月 5 19:54 ../openvswitch-ipsec_2.4.90-1_amd64.deb -rw-r--r-- 1 cssu cssu 32520 10月 5 19:54 ../openvswitch-pki_2.4.90-1_all.deb -rw-r--r-- 1 cssu cssu 1120278 10月 5 19:54 ../openvswitch-switch_2.4.90-1_amd64.deb -rw-r--r-- 1 cssu cssu 47896 10月 5 19:54 ../openvswitch-test_2.4.90-1_all.deb -rw-r--r-- 1 cssu cssu 406904 10月 5 19:54 ../openvswitch-testcontroller_2.4.90-1_amd64.deb -rw-r--r-- 1 cssu cssu 196494 10月 5 19:54 ../openvswitch-vtep_2.4.90-1_amd64.deb -rw-r--r-- 1 cssu cssu 83260 10月 5 19:54 ../python-openvswitch_2.4.90-1_all.debcd ..sudo dpkg -i *.deb
This package lets a user to optionally configure Open vSwitch bridges and ports from /etc/network/interfaces. Please refer to the interfaces(5) manpage for more details regarding /etc/network/interfaces.
The stanzas that configure the OVS bridges should begin with "allow-ovs" followed by name of the bridge. Here is an example. allow-ovs br0
The stanzas that configure the OVS ports should begin with "allow-${bridge-name}" followed by name of the port. Here is an example. allow-br0 eth0
The following OVS specific "command" options are supported:
More implementation specific details can be seen in the examples.
Examples:
ex 1: A standalone bridge.
allow-ovs br0
iface br0 inet static
address 192.168.1.1
netmask 255.255.255.0
ovs_type OVSBridge
ex 2: A bridge with one port.
allow-ovs br0
iface br0 inet dhcp
ovs_type OVSBridge
ovs_ports eth0
allow-br0 eth0
iface eth0 inet manual
ovs_bridge br0
ovs_type OVSPort
ex 3: A bridge with multiple physical ports.
allow-ovs br0
iface br0 inet dhcp
ovs_type OVSBridge
ovs_ports eth0 eth1
allow-br0 eth0
iface eth0 inet manual
ovs_bridge br0
ovs_type OVSPort
allow-br0 eth1
iface eth1 inet manual
ovs_bridge br0
ovs_type OVSPort
ex 4: A bridge with an OVS internal port.
allow-ovs br1
iface br1 inet static
address 192.168.1.1
netmask 255.255.255.0
ovs_type OVSBridge
ovs_ports vlan100
allow-br1 vlan100
iface vlan100 inet manual
ovs_bridge br1
ovs_type OVSIntPort
ovs_options tag=100
ovs_extra set interface ${IFACE} external-ids:iface-id=$(hostname -s)
ex 5: Bonding.
allow-ovs br2
iface br2 inet static
address 192.170.1.1
netmask 255.255.255.0
ovs_type OVSBridge
ovs_ports bond0
allow-br2 bond0
iface bond0 inet manual
ovs_bridge br2
ovs_type OVSBond
ovs_bonds eth2 eth3
ovs_options bond_mode=balance-tcp lacp=active
ex 6: Patch ports.
allow-ovs br0
iface br0 inet manual
ovs_type OVSBridge
ovs_ports patch0
allow-br0 patch0
iface patch0 inet manual
ovs_bridge br0
ovs_type OVSPatchPort
ovs_patch_peer patch1
allow-ovs br1
iface br1 inet manual
ovs_type OVSBridge
ovs_ports patch1
allow-br1 patch1
iface patch1 inet manual
ovs_bridge br1
ovs_type OVSPatchPort
ovs_patch_peer patch0
ex 7: Tunnel.
allow-ovs br1
iface br1 inet static
address 192.168.1.1
netmask 255.255.255.0
ovs_type OVSBridge
ovs_ports gre1
allow-br1 gre1
iface gre1 inet manual
ovs_bridge br1
ovs_type OVSTunnel
ovs_tunnel_type gre
ovs_tunnel_options options:remote_ip=182.168.1.2 options:key=1
ex 8: Create and destroy bridges.
ifup --allow=ovs $list_of_bridges
ifdown --allow=ovs $list_of_bridges
For example:
/usr/local/bin/ovs
#! /bin/bash
ifWAN=eth1
ipWAN=123.123.15.180/26
gwWAN=123.123.15.190
ifLAN=eth0
ipLAN=192.168.180.3/24
start() {
ovs-vsctl add-br brWAN
ovs-vsctl add-port brWAN ${ifWAN}
ifconfig ${ifWAN} 0
ifconfig brWAN ${ipWAN}
route add default gw ${gwWAN}
ovs-vsctl add-br brLAN
ovs-vsctl add-port brLAN ${ifLAN}
ifconfig ${ifLAN} 0
ifconfig brLAN ${ipLAN}
}
stop() {
ovs-vsctl del-port brWAN ${ifWAN}
ovs-vsctl del-br brWAN
ifconfig ${ifWAN} ${ipWAN}
route add default gw ${gwWAN}
ovs-vsctl del-port brLAN ${ifLAN}
ovs-vsctl del-br brLAN
ifconfig ${ifLAN} ${ipLAN}
}
case $1 in
start|stop)
"$1" ;;
*)
echo "Usage: $0 {start|stop}"
exit 1 ;;
esac
/etc/systemd/system/ovs.service
[Unit]
Description=Open vSwitch
After=networking.service, openvswitch-switch.service
[Service]
Type=oneshot
ExecStart=/usr/local/bin/ovs start
ExecStop=/usr/local/bin/ovs stop
RemainAfterExit=yes
[Install]
WantedBy=multi-user.target
sudo systemctl enable ovs.serviceCreated symlink from /etc/systemd/system/multi-user.target.wants/ovs.service to /etc/systemd/system/ovs.service.sudo service ovs startsudo service ovs stop
cat /usr/local/bin/ovs#! /bin/bash ### BEGIN INIT INFO # Provides: SuHuTAKO # Required-Start: $all # Required-Stop: # Should-Start: # Should-Stop: # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: Example initscript # Description: This file should be used to construct scripts to be # placed in /etc/init.d. ### END INIT INFO # Some things that run always touch /var/lock/ovs ifLAN=eth0 ifWAN=eth1 LAN=192.168.180.3 LANGW=192.168.180.254 #LAN0=192.168.179.3 #LAN0GW=192.168.179.254 WAN=${YourPublicIP} WANGW=${YourGatewayIP} start() { iptables --table nat -D POSTROUTING --out-interface ${ifWAN} -j MASQUERADE iptables --table nat -A POSTROUTING --out-interface brWAN -j MASQUERADE sysctl net.ipv4.ip_forward=1 # ifconfig ${ifLAN}:2 down # ifconfig ${ifLAN}:1 down ifconfig ${ifLAN}:0 down ovs-vsctl add-br brLAN ovs-vsctl add-port brLAN ${ifLAN} ovs-vsctl add-br brWAN ovs-vsctl add-port brWAN ${ifWAN} ifconfig ${ifLAN} 0.0.0.0 ifconfig ${ifWAN} 0.0.0.0 sleep 2 ifconfig brLAN ${LAN}/24 # ifconfig brLAN:0 ${LAN0}/24 # ifconfig brLAN:1 ${LANGW}/24 # ifconfig brLAN:2 ${LAN0GW}/24 ifconfig brWAN ${WAN}/26 route add default gw ${WANGW} route add -net 192.168.180.0/24 gw ${LANGW} # route add -net 192.168.179.0/24 gw ${LAN0GW} } stop() { # ifconfig brLAN:0 down ovs-vsctl del-port brLAN ${ifLAN} ovs-vsctl del-br brLAN ovs-vsctl del-port brWAN ${ifWAN} ovs-vsctl del-br brWAN ifconfig ${ifLAN} ${LAN}/24 # ifconfig ${ifLAN}:0 ${LAN0}/24 # ifconfig ${ifLAN}:1 ${LANGW}/24 # ifconfig ${ifLAN}:2 ${LAN0GW}/24 ifconfig ${ifWAN} ${WAN}/26 route add default gw ${WANGW} sysctl net.ipv4.ip_forward=1 iptables --table nat -A POSTROUTING --out-interface ${ifWAN} -j MASQUERADE } # Carry out specific functions when asked to by the system case "$1" in start) echo "Starting script ovs" start ;; stop) echo "Stopping script ovs" stop ;; restart) stop sleep 2 start ;; *) echo "Usage: $0 {start|stop|restart}" exit 1 ;; esac exit 0cat start-NAT0-AsDaemon#! /bin/bash MEM=8192M # Don't Edit, File automatically generated by Config-Kvm script if [ $EUID -ne 0 ] then sudo echo "Super User passwd, please:" if [ $? -ne 0 ] then echo "Sorry, need su privilege!" exit 1 fi fi if [ ! -d /proc/sys/net/ipv4/conf/brLAN ]; then echo "Network bridge brLAN does not exist, start it first." exit 2 fi sudo chmod 666 /dev/net/tun sudo tunctl -u `whoami` -t tapNAT0 sudo /sbin/ifconfig tapNAT0 up sudo ovs-vsctl add-port brLAN tapNAT0 mkdir /src3/KVM/network-NAT echo "Starting VM: NAT0..., mem=${MEM}" screen -S NAT0 -d -m kvm -name NAT0 -localtime -curses \ -m ${MEM} \ -net nic,vlan=0,netdev=tapNAT0,macaddr=50:e5:49:7f:25:92,model=virtio \ -netdev tap,id=tapNAT0,ifname=tapNAT0,script=no \ -monitor unix:/src3/KVM/network-NAT/MonSock,server,nowait \ -drive index=0,media=disk,if=virtio,file=/src3/KVM/img/NAT0.qcow2 &cat stop-NAT0#! /bin/bash # Don't Edit, File automatically generated by Config-Kvm script if [ $EUID -ne 0 ] then sudo echo "Super User passwd, please:" if [ $? -ne 0 ] then echo "Sorry, need su privilege!" exit 1 fi fi if [ -S /src3/KVM/network-NAT/MonSock ]; then echo "system_powerdown" | socat - unix-connect:/src3/KVM/network-NAT/MonSock echo "Please wait 10 seconds." sleep 10 else echo "Socket has been removed! Shutdown by ssh or resotre Lan only." fi ping -c 3 192.168.180.101 if [ $? -eq 0 ]; then echo "NAT0 still alive, shut it down. Enter passwd twice!" ssh -t jssu@192.168.180.101 'sudo init 0' else rm -rf /src3/KVM/network-NAT fi echo "Restore lan..." if [ -d /proc/sys/net/ipv4/conf/tapNAT0 ]; then sudo ovs-vsctl del-port brLAN tapNAT0 sudo /sbin/ifconfig tapNAT0 down sudo tunctl -d tapNAT0 fi
sudo aptitude install openvswitch-common openvswitch-ipsec openvswitch-pki openvswitch-switch openvswitch-vtep python-openvswitch
Add source mirror site to sources.list
$ more /etc/apt/sources.list
deb http://mirror.cs.nchu.edu.tw/debian/ wheezy main contrib
deb http://mirror.cs.nchu.edu.tw/debian/ jessie main contrib
deb-src http://mirror.cs.nchu.edu.tw/debian/ wheezy main contrib
deb-src http://mirror.cs.nchu.edu.tw/debian/ jessie main contrib
$ sudo aptitude update; sudo aptitude safe-upgrade
$ sudo aptitude install build-essential module-assistant
$ sudo apt-get build-dep openvswitch
$ sudo aptitude install graphviz libtool
$ tar zxvf openvswitch-*.tar.gz $ cd openvswitch-* $ fakeroot debian/rules binary $ cd .. $ sudo aptitude install dkms ipsec-tools racoon uuid-runtime python-twisted-web $ sudo dpkg -i *.deb $ rm -rf *.deb openvswitch-*
$ sudo aptitude install git $ git clone git://git.openvswitch.org/openvswitch $ cd openvswitch $ dpkg-buildpackage -b $ echo $? $ cd .. $ sudo aptitude install racoon ipsec-tools python-twisted-web dkms uuid-runtimeKernel version 3.11 or newer versions:
$ sudo dpkg -i openvswitch-switch_*_amd64.deb openvswitch-common_*_amd64.deb \
openvswitch-datapath-source_*.deb openvswitch-datapath-dkms_*_all.deb \
openvswitch-test_*_all.deb openvswitch-pki_*_all.deb \
openvswitch-ipsec_*_amd64.deb python-openvswitch_*_all.deb
$ lsmod | grep openvswitch
openvswitch 63837 0
vxlan 30915 1 openvswitch
gre 12957 1 openvswitch
libcrc32c 12426 1 openvswitch
Kernel version below 3.11:
$ sudo dpkg -i openvswitch-switch_*_amd64.deb openvswitch-common_*_amd64.deb \
openvswitch-datapath-source_*.deb openvswitch-datapath-dkms_*_all.deb \
openvswitch-test_*_all.deb ovsdbmonitor_*_all.deb \
openvswitch-ipsec_*_amd64.deb python-openvswitch_*_all.deb \
openvswitch-controller_*_amd64.deb openvswitch-pki_*_all.deb
$ sudo module-assistant auto-install openvswitch-datapath
$ lsmod | grep openvswitch
openvswitch 62681 0
gre 12531 1 openvswitch
# br0 is internel bridge
# On host1
$ sudo ovs-vsctl add-port br0 vx0 -- set interface vx0 type=vxlan options:remote_ip=${host2IP}
# On host2
$ sudo ovs-vsctl add-port br0 vx0 -- set interface vx0 type=vxlan options:remote_ip=${host1IP}
# Remove
$ sudo ovs-vsctl del-port vx0
# On host1
$ sudo ovs-vsctl add-port br0 gre0 -- set interface gre0 type=vxlan options:remote_ip=${host2IP}
# On host2
$ sudo ovs-vsctl add-port br0 gre0 -- set interface gre0 type=vxlan options:remote_ip=${host1IP}
# Remove
$ sudo ovs-vsctl del-port gre0
$ git clone http://github.com/noxrepo/pox
$ cd pox
$ more README
POX is a network controller written in Python.
POX officially requires Python 2.7 (though much of it will work fine
fine with Python 2.6), and should run under Linux, Mac OS, and Windows.
You can place a pypy distribution alongside pox.py (in a directory
named "pypy"), and POX will run with pypy (this can be a significant
performance boost!).
POX currently communicates with OpenFlow 1.0 switches and includes
special support for Open vSwitch.
pox.py boots up POX. It takes a list of module names on the command line,
locates the modules, calls their launch() function (if it exists), and
then transitions to the "up" state.
Modules are looked for everywhere that Python normally looks, plus the
"pox" and "ext" directories. Thus, you can do the following:
./pox.py forwarding.l2_learning
You can pass options to the modules by specifying options after the module
name. These are passed to the module's launch() funcion. For example,
to set the address or port of the controller, invoke as follows:
./pox.py openflow.of_01 --address=10.1.1.1 --port=6634
pox.py also supports a few command line options of its own which should
be given first:
--verbose print stack traces for initialization exceptions
--no-openflow don't start the openflow module automatically
$ cd /usr/local/bin
$ sudo ln -s /src3/OpenvSwitch/pox/pox.py
$ git clone git://github.com/OPENNETWORKINGLAB/flowvisor.git
$ sudo aptitude install ant openjdk-6-jdk
$ cd flowvisor
$ make
$ make doc
$ sudo adduser flowvisor
$ sudo make fvuser=flowvisor fvgroup=flowvisor install
...
Installation prefix (/usr/local):
Install to different root directory ()
...
Enter password for account 'fvadmin' on the flowvisor:
...
$ pox.py --verbose openflow.of_01 --port=6634 forwarding.l2_learning
$ sudo ovs-vsctl set-controller br1 tcp:127.0.0.1
$ sudo ovs-vsctl show
0e337a5e-5e01-4ba7-8007-1cbacf4689d5
Bridge "br0"
Port "eth0"
Interface "eth0"
Port "br0"
Interface "br0"
type: internal
Port tapOMV
Interface tapOMV
Bridge "br1"
Controller "tcp:127.0.0.1"
Port "eth1"
Interface "eth1"
Port "br1"
Interface "br1"
type: internal
ovs_version: "1.11.90"
$ sudo ovs-vsctl del-controller br1
$ sudo mkdir /src3/OpenvSwitch
$ sudo chown jssu:jssu /src3/OpenvSwitch
$ cd /src3/OpenvSwitch
$ wget http://openvswitch.org/releases/openvswitch-1.7.0.tar.gz
$ tar zxvf openvswitch-1.7.0.tar.gz
$ cd openvswitch-1.7.0/
$ ./configure --with-linux=/lib/modules/`uname -r`/build CONFIG_TUN=yes
$ make
$ sudo make install
$ sudo mkdir -p /usr/local/var/run/openvswitch
$ sudo insmod datapath/linux/openvswitch.ko
$ mkdir -p /usr/local/etc/openvswitch
$ sudo ovsdb-tool create /usr/local/etc/openvswitch/conf.db vswitchd/vswitch.ovsschema
$ sudo ovsdb-server --remote=punix:/usr/local/var/run/openvswitch/db.sock \
--remote=db:Open_vSwitch,manager_options \
--private-key=db:SSL,private_key \
--certificate=db:SSL,certificate \
--bootstrap-ca-cert=db:SSL,ca_cert \
--pidfile --detach
$ sudo ovs-vsctl --no-wait init
$ sudo ovs-vswitchd --pidfile --detach
$ sudo ovs-vsctl add-br br0
$ sudo ovs-vsctl add-port br0 eth0
$ kill `cd /usr/local/var/run/openvswitch && cat ovsdb-server.pid ovs-vswitchd.pid`
$ cd /src4/KVM $ sudo aptitude install autoconf uml-utilities build-essential pkg-config libssl-dev $ sudo aptitude install python-jsonpipe python-qt4 python-zope.interface python-twisted-conch # $ mv ~/Downloads/openvswitch-1.4.1.tar.gz . $ wget http://openvswitch.org/releases/openvswitch-1.4.1.tar.gz $ tar zxvf openvswitch-1.4.1.tar.gz $ rm openvswitch-1.4.1.tar.gz $ mv openvswitch-1.4.1 openvswitch $ cd openvswitch $ ./configure --with-linux=/lib/modules/`uname -r`/build CONFIG_TUN=yes $ make $ sudo make install $ sudo mkdir -p /usr/local/var/run/openvswitchLoad kernel modules with "insmod".
$ sudo insmod datapath/linux/openvswitch_mod.ko $ dmesg | grep "Open vSwitch" [84094.179344] openvswitch_mod: Open vSwitch switching datapath 1.4.1, built Mar 31 2012 20:37:23 $ lsmod | grep "openvswitch" openvswitch_mod 67907 0Initialize the configuration database using ovsdb-tool, e.g.:
$ sudo mkdir -p /usr/local/etc/openvswitch $ sudo ovsdb-tool create /usr/local/etc/openvswitch/conf.db vswitchd/vswitch.ovsschema
$ sudo ovsdb-server --remote=punix:/usr/local/var/run/openvswitch/db.sock \
--remote=db:Open_vSwitch,manager_options \
--private-key=db:SSL,private_key \
--certificate=db:SSL,certificate \
--bootstrap-ca-cert=db:SSL,ca_cert \
--pidfile --detach
Initialize the database using ovs-vsctl.
$ sudo ovs-vsctl --no-wait initStart the main Open vSwitch daemon.
$ sudo ovs-vswitchd --pidfile --detach Sep 24 10:36:37|00001|reconnect|INFO|unix:/usr/local/var/run/openvswitch/db.sock: connecting... Sep 24 10:36:37|00002|reconnect|INFO|unix:/usr/local/var/run/openvswitch/db.sock: connectedStop the Open vSwitch daemons.
$ sudo kill `cd /usr/local/var/run/openvswitch && cat ovsdb-server.pid ovs-vswitchd.pid`Create a bridge
$ sudo ovs-vsctl add-br br0
$ sudo ovs-vsctl add-port br0 eth0
$ sudo ovs-vsctl show
a09ea244-910a-4dc2-ba18-969d2ea884f9
Bridge "br0"
Port "br0"
Interface "br0"
type: internal
Port "eth0"
Interface "eth0"
$ sudo ifconfig br0 up
$ sudo ifconfig br0 down
$ cd ../bin/
$ more ovs-start
#! /bin/bash
sudo insmod /src4/KVM/openvswitch/datapath/linux/openvswitch_mod.ko
sudo ovsdb-server --remote=punix:/usr/local/var/run/openvswitch/db.sock \
--remote=db:Open_vSwitch,manager_options \
--private-key=db:SSL,private_key \
--certificate=db:SSL,certificate \
--bootstrap-ca-cert=db:SSL,ca_cert \
--pidfile --detach
sudo ovs-vsctl --no-wait init
sudo ovs-vswitchd --pidfile --detach
sudo ovs-vsctl add-br br0
sudo ovs-vsctl add-port br0 eth0
sudo ovs-vsctl show
sudo ifconfig eth0 0.0.0.0
sudo ifconfig br0 192.168.0.2
sudo route add default gw 192.168.0.254
$ more ovs-stop
#! /bin/bash
sudo ovs-vsctl del-port br0 eth0
sudo ovs-vsctl del-br br0
sudo ovs-vsctl show
sudo ifconfig eth0 192.168.0.2
sudo route add default gw 192.168.0.254
sudo kill `cd /usr/local/var/run/openvswitch && cat ovsdb-server.pid ovs-vswitchd.pid`
sudo rmmod openvswitch_mod
$ more TAP-start
#! /bin/bash
Bridge='br0'
HostIP=`ifconfig ${Bridge} | grep "Bcast" | sed 's/^[ \t]*inet addr://' | sed 's/[ \t]*Bcast:.*$//'`
sudo ifconfig $1 ${HostIP} netmask 255.255.255.255 up
sudo ovs-vsctl add-port ${Bridge} $1
$ more TAP-stop
#! /bin/bash
Bridge='br0'
sudo ifconfig $1 down
sudo ovs-vsctl del-port ${Bridge} $1
$ chmod +x ovs-start ovs-stop TAP-start TAP-stop
$ more start-VM
#! /bin/bash
# Don't Edit, File automatically generated by Config-KVM script
if [ $EUID -ne 0 ]
then sudo echo "Super User passwd, please:"
if [ $? -ne 0 ]
then echo "Sorry, need su privilege!"
exit 1
fi
fi
echo "Starting VM: ovs-VM..., mem=1024M"
mkdir /src4/KVM/network-ovs
sudo kvm -name ovs-VM -m 1024M -localtime \
-net nic,macaddr=6c:f0:49:17:96:a6 \
-net tap,script=/src4/KVM/bin/TAP-start,downscript=/src4/KVM/bin/TAP-stop \
-monitor unix:/src4/KVM/network-ovs/MonSock,server,nowait \
-usb -usbdevice tablet -k en-us \
-hda /src4/KVM/Resize/Debian-Mini.img \
-daemonize
$ more stop-VM
#! /bin/bash
# Don't Edit, File automatically generated by Config-KVM script
if [ $EUID -ne 0 ]
then sudo echo "Super User passwd, please:"
if [ $? -ne 0 ]
then echo "Sorry, need su privilege!"
exit 1
fi
fi
echo "system_powerdown" | sudo socat - unix-connect:/src4/KVM/network-ovs/MonSock
echo "Please wait 5 seconds."
sleep 5
sudo rm -rf /src4/KVM/network-ovs
$ rm *~ $ chmod +x start-VM stop-VM $ ovs-start $ start-VM
$ more Config-Kvm-ovs
#! /bin/bash
if [ $# != 4 ]
then echo "$0 OS.img hostname VM-IP Ether-card"
exit 1
elif [ ! -f $1 ]
then echo "OS image: $1 does not exist."
exit 2
elif [ ! -d /mnt/tmp ]
then echo "Mount point /mnt/tmp does not exist, create it first."
exit 3
fi
# We also need to test hostname, VM-IP, Ether-card are legal ones.
KvmScript="start-${2}"
StopAndRestoreLan="stop-${2}-restore-lan"
DeclAutoGen="# Don't Edit, File automatically generated by Config-KVM script"
# We need to get the Ip of the assigned ether card and its MAC address and get a
# fake MAC address for our VM.
HostIP=`ifconfig $4 | grep "Bcast" | sed 's/^[ \t]*inet addr://' | sed 's/[ \t]*Bcast:.*$//'`
PREFIX=`ifconfig $4 | grep "HWaddr" | sed 's/^[be][rt].[0-9]*.*Link.*HWaddr //' | cut -d':' -f 1-3`
F4=`od -An -N1 -x /dev/random | sed 's/^\ 00//'`
F5=`od -An -N1 -x /dev/random | sed 's/^\ 00//'`
F6=`od -An -N1 -x /dev/random | sed 's/^\ 00//'`
FakeMac=$PREFIX:${F4}:${F5}:${F6}
echo " I got current IP: ${HostIP}, FakeMac: ${FakeMac}"
echo "$2" >hostname
echo "127.0.0.1 localhost.localdomain localhost" >hosts
# Without the next line, "$ hostname --fqdn" can't produce the correct hostname.
echo "127.0.1.1 $2" >>hosts
echo "" >>hosts
echo "# The following lines are desirable for IPv6 capable hosts" >>hosts
echo "# \(added automatically by netbase upgrade\)" >>hosts
echo "" >>hosts
echo "::1 ip6-localhost ip6-loopback" >>hosts
echo "fe00::0 ip6-localnet" >>hosts
echo "ff00::0 ip6-mcastprefix" >>hosts
echo "ff02::1 ip6-allnodes" >>hosts
echo "ff02::2 ip6-allrouters" >>hosts
echo "ff02::3 ip6-allhosts" >>hosts
string=`basename $0`
Offset=`file $1`
Offset=`echo -n ${Offset##*startsector }`
Offset=`echo -n ${Offset%%,*}`
Offset=`expr ${Offset} '*' 512`
Gateway=`ip route list`
Gateway=`echo -n ${Gateway#*default via }`
Gateway=`echo -n ${Gateway%% dev*}`
echo "We need your root passwd for mounting $1:"
sudo mount -o loop,offset=${Offset} $1 /mnt/tmp
# Apparently, Debian adopts the lousy Ubuntu ether device rename policy. We are forced
# to empty the /etc/udev/rules.d/70*net* file!! Otherwise, next time we boot our VM,
# its ether device name will be wrong!
WHOAMI=`whoami`
sudo cp hostname /mnt/tmp/etc/hostname
sudo cp /etc/resolv.conf /mnt/tmp/etc
sudo cp hosts /mnt/tmp/etc/hosts
sudo cp recover70rules /mnt/tmp/home/${WHOAMI}
sudo cp ../DebianNetFiles/Empty70NetFile /mnt/tmp/home/${WHOAMI}
# Bring up ether interface and route packets to host in /etc/rc.local
cp ../DebianNetFiles/rc.local.kvm rc.local
cat <<EOF >interfaces
auto lo eth0
iface lo inet loopback
iface eth0 inet static
address ${3}
netmask 255.255.255.0
gateway ${Gateway}
dns-nameservers 140.120.13.1 140.120.1.2
EOF
cat <<'EOF' >modules
virtio
virtio_pci
virtio_ring
virtio_net
virtio_blk
EOF
echo "# route add default gw ${HostIP}" >>rc.local
echo "" >>rc.local
echo "exit 0" >>rc.local
sudo cp rc.local /mnt/tmp/etc/rc.local
sudo chmod 755 /mnt/tmp/etc/rc.local
sudo mv /mnt/tmp/etc/network/interfaces /mnt/tmp/etc/network/interfaces.orig
sudo cp interfaces /mnt/tmp/etc/network/interfaces
sudo mv /etc/initramfs-tools/modules /etc/initramfs-tools/modules.orig
sudo cp modules /etc/initramfs-tools/modules
sudo mv /mnt/tmp/etc/ssh/ssh_config /mnt/tmp/etc/ssh/ssh_config.orig
sudo mv /mnt/tmp/etc/ssh/sshd_config /mnt/tmp/etc/ssh/sshd_config.orig
sudo cp ../DebianNetFiles/ssh_config /mnt/tmp/etc/ssh
sudo cp ../DebianNetFiles/sshd_config /mnt/tmp/etc/ssh
sudo mv /mnt/tmp/etc/apt/sources.list /mnt/tmp/etc/apt/sources.list.orig
sudo cp ../DebianNetFiles/sources.list /mnt/tmp/etc/apt
if [ -f /mnt/tmp/etc/udev/rules.d/70-persistent-net.rules ]
then echo "Fix 70-persistent-net"
sudo rm /mnt/tmp/etc/udev/rules.d/70-persistent-net.rules
fi
sudo umount /mnt/tmp
# Next three files are no longer needed and rc.local does not exist for Minix
rm -f rc.local hostname hosts interfaces modules
# Preparing Host Network Configuration Script
SrcDir=`dirname $(pwd)`
SockDir=${SrcDir}/network-$$
echo SockDir=${SockDir}
cat <<EOF >${KvmScript}
#! /bin/bash
${DeclAutoGen}
if [ \$EUID -ne 0 ]
then sudo echo "Super User passwd, please:"
if [ \$? -ne 0 ]
then echo "Sorry, need su privilege!"
exit 1
fi
fi
echo "Starting VM: ${2}..., mem=1024M"
mkdir ${SockDir}
EOF
cp ${KvmScript} ${KvmScript}-AsDaemon
cat <<EOF >>${KvmScript}
sudo kvm -name $2 -m 1024M -localtime \\
-net nic,macaddr=${FakeMac},model=virtio \\
-net tap,script=/src4/KVM/bin/start-TAP,downscript=/src4/KVM/bin/stop-TAP \\
-monitor unix:${SockDir}/MonSock,server,nowait \\
-usb -usbdevice tablet -k en-us \\
-drive index=0,media=disk,if=virtio,file=$1 \\
-daemonize
EOF
cat <<EOF >>${KvmScript}-AsDaemon
sudo screen -S $2 -d -m kvm -name $2 -m 1024M -localtime \\
-net nic,macaddr=${FakeMac},model=virtio \\
-net tap,script=/src4/KVM/bin/start-TAP,downscript=/src4/KVM/bin/stop-TAP \\
-monitor unix:${SockDir}/MonSock,server,nowait \\
-usb -usbdevice tablet -k en-us \\
-drive index=0,media=disk,if=virtio,file=$1 \\
-curses -daemonize
EOF
# Preparing Restore Lan Script
cat <<EOF >${StopAndRestoreLan}
#! /bin/bash
${DeclAutoGen}
if [ \$EUID -ne 0 ]
then sudo echo "Super User passwd, please:"
if [ \$? -ne 0 ]
then echo "Sorry, need su privilege!"
exit 1
fi
fi
echo "system_powerdown" | sudo socat - unix-connect:${SockDir}/MonSock
echo "Please wait 5 seconds."
sleep 5
sudo rm -rf ${SockDir}
EOF
chmod 755 ${KvmScript} ${KvmScript}-AsDaemon ${StopAndRestoreLan}
$ sudo ovs-vsctl set-controller br0 tcp:0.0.0.0:6633 $ sudo ovs-ofctl show br0 $ sudo ovs-ofctl dump-flows br0 $ sudo ovs-ofctl add-flow br0 "table=0 ip dl_type=0x0800 nw_proto=6 tp_dst=80 nw_dst=140.120.15.180 idle_timeout=0 action=mod_nw_dst:192.168.180.10,normal" $ sudo ovs-ofctl add-flow br0 "table=0 ip dl_type=0x0800 nw_proto=6 tp_dst=80 nw_src=192.168.180.10 idle_timeout=0 action=mod_nw_src:140.120.15.180,normal" $ sudo ovs-ofctl del-flows br0
Delete all flows and then insert initial flow.
$ sudo ovs-ofctl del-flows brLAN ; sudo ovs-ofctl add-flow brLAN "table=0,priority=0,action=normal"