Commit 76865ca1 authored by David Johnson's avatar David Johnson

Make sure our anti-ARP spoofing flow rules are re-added on reboot.

This is necessary for Mitaka and on.  I don't know if I hadn't done it,
or just can't find the old mechanism that no longer works :).  Anyway,
now I do it in a new way!
parent ce0ba38b
......@@ -92,6 +92,16 @@ ovs-vsctl add-port ${EXTERNAL_NETWORK_BRIDGE} ${EXTERNAL_NETWORK_INTERFACE}
DNSDOMAIN=`cat /etc/resolv.conf | grep search | head -1 | awk '{ print $2 }'`
DNSSERVER=`cat /etc/resolv.conf | grep nameserver | head -1 | awk '{ print $2 }'`
#
# If we're Mitaka or greater, we have to always re-add our anti-ARP
# spoofing flows on each boot. See setup-network-plugin-openvswitch.sh
# and the bottom of this script.
#
readdflows=""
if [ $OSVERSION -gt $OSLIBERTY ] ; then
readdflows='up for line in `cat /etc/neutron/ovs-default-flows/br-ex`; do ovs-ofctl add-flow br-ex $line ; done'
fi
#
# We need to blow away the Emulab config -- no more dhcp
# This would definitely break experiment modify, of course
......@@ -114,6 +124,7 @@ iface ${EXTERNAL_NETWORK_BRIDGE} inet static
dns-nameservers $DNSSERVER
up echo "${EXTERNAL_NETWORK_BRIDGE}" > /var/run/cnet
up echo "${EXTERNAL_NETWORK_BRIDGE}" > /var/emulab/boot/controlif
$readdflows
auto ${EXTERNAL_NETWORK_INTERFACE}
iface ${EXTERNAL_NETWORK_INTERFACE} inet static
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment