func main() { log.SetFlags(log.Lshortfile) iface, err := net.InterfaceByName("eth0") if err != nil { log.Fatal(err) } ip, ipNet, _ := net.ParseCIDR("192.168.122.128/24") if err := netlink.NetworkLinkAddIp(iface, ip, ipNet); err != nil { log.Fatal(err) } if err := netlink.AddDefaultGw("192.168.122.1", "eth0"); err != nil { log.Fatal(err) } if err := netlink.NetworkLinkUp(iface); err != nil { log.Fatal(err) } start := time.Now() arping.SetTimeout(100 * time.Millisecond) for { addr, t, err := arping.PingOverIface(net.ParseIP("192.168.122.1"), *iface) if err != nil { log.Println("ARP error:", err) continue } log.Printf("ARP success after %s: %v %v", time.Now().Sub(start), addr, t) return } }
func (t *TapManager) NewTap(uid, gid int) (*Tap, error) { tap := &Tap{Name: "flynntap." + random.String(5), bridge: t.bridge} if err := createTap(tap.Name, uid, gid); err != nil { return nil, err } var err error tap.IP, err = t.bridge.alloc.RequestIP(t.bridge.ipNet, nil) if err != nil { tap.Close() return nil, err } iface, err := net.InterfaceByName(tap.Name) if err != nil { tap.Close() return nil, err } if err := netlink.NetworkLinkUp(iface); err != nil { tap.Close() return nil, err } if err := netlink.AddToBridge(iface, t.bridge.iface); err != nil { tap.Close() return nil, err } return tap, nil }
func createBridge(name, network, natIface string) (*Bridge, error) { ipAddr, ipNet, err := net.ParseCIDR(network) if err != nil { return nil, err } if err := netlink.CreateBridge(name, true); err != nil { return nil, err } iface, err := net.InterfaceByName(name) if err != nil { return nil, err } if err := netlink.NetworkLinkAddIp(iface, ipAddr, ipNet); err != nil { return nil, err } if err := netlink.NetworkLinkUp(iface); err != nil { return nil, err } if err := ioutil.WriteFile("/proc/sys/net/ipv4/ip_forward", []byte("1\n"), 0644); err != nil { return nil, err } if err := setupIPTables(name, natIface); err != nil { return nil, err } return &Bridge{name, iface, ipAddr, ipNet}, nil }
// attach a container network interface to an external network func (v *veth) attach(n *configs.Network) (err error) { bridge, err := net.InterfaceByName(n.Bridge) if err != nil { return err } host, err := net.InterfaceByName(n.HostInterfaceName) if err != nil { return err } if err := netlink.AddToBridge(host, bridge); err != nil { return err } if err := netlink.NetworkSetMTU(host, n.Mtu); err != nil { return err } if n.HairpinMode { if err := netlink.SetHairpinMode(host, true); err != nil { return err } } if err := netlink.NetworkLinkUp(host); err != nil { return err } return nil }
func InterfaceUp(name string) error { iface, err := net.InterfaceByName(name) if err != nil { return err } return netlink.NetworkLinkUp(iface) }
func (l *loopback) initialize(config *network) error { iface, err := net.InterfaceByName("lo") if err != nil { return err } return netlink.NetworkLinkUp(iface) }
// SetPeerLinkNetInNs configures peer link's IP network in network namespace specified by PID func (veth *VethPair) SetPeerLinkNetInNs(nspid int, ip net.IP, network *net.IPNet, gw *net.IP) error { origNs, _ := NetNsHandle(os.Getpid()) defer syscall.Close(int(origNs)) defer system.Setns(origNs, syscall.CLONE_NEWNET) if err := SetNetNsToPid(nspid); err != nil { return fmt.Errorf("Setting network namespace failed: %s", err) } if err := netlink.NetworkLinkAddIp(veth.peerIfc, ip, network); err != nil { return fmt.Errorf("Unable to set IP: %s in pid: %d network namespace", ip.String(), nspid) } if err := netlink.NetworkLinkUp(veth.peerIfc); err != nil { return fmt.Errorf("Unable to bring %s interface UP: %s", veth.peerIfc.Name, nspid) } if gw != nil { if err := netlink.AddDefaultGw(gw.String(), veth.peerIfc.Name); err != nil { return fmt.Errorf("Unable to set Default gateway: %s in pid: %d network namespace", gw.String(), nspid) } } return nil }
func (v *veth) initialize(config *network) error { peer := config.TempVethPeerName if peer == "" { return fmt.Errorf("peer is not specified") } child, err := net.InterfaceByName(peer) if err != nil { return err } if err := netlink.NetworkLinkDown(child); err != nil { return err } if err := netlink.NetworkChangeName(child, config.Name); err != nil { return err } // get the interface again after we changed the name as the index also changes. if child, err = net.InterfaceByName(config.Name); err != nil { return err } if config.MacAddress != "" { if err := netlink.NetworkSetMacAddress(child, config.MacAddress); err != nil { return err } } ip, ipNet, err := net.ParseCIDR(config.Address) if err != nil { return err } if err := netlink.NetworkLinkAddIp(child, ip, ipNet); err != nil { return err } if config.IPv6Address != "" { if ip, ipNet, err = net.ParseCIDR(config.IPv6Address); err != nil { return err } if err := netlink.NetworkLinkAddIp(child, ip, ipNet); err != nil { return err } } if err := netlink.NetworkSetMTU(child, config.Mtu); err != nil { return err } if err := netlink.NetworkLinkUp(child); err != nil { return err } if config.Gateway != "" { if err := netlink.AddDefaultGw(config.Gateway, config.Name); err != nil { return err } } if config.IPv6Gateway != "" { if err := netlink.AddDefaultGw(config.IPv6Gateway, config.Name); err != nil { return err } } return nil }
// Setup networking func setupNetworking(args *InitArgs) error { if args.Ip != "" { // eth0 iface, err := net.InterfaceByName("eth0") if err != nil { return fmt.Errorf("Unable to set up networking: %v", err) } ip, ipNet, err := net.ParseCIDR(args.Ip) if err != nil { return fmt.Errorf("Unable to set up networking: %v", err) } if err := netlink.NetworkLinkAddIp(iface, ip, ipNet); err != nil { return fmt.Errorf("Unable to set up networking: %v", err) } if err := netlink.NetworkSetMTU(iface, args.Mtu); err != nil { return fmt.Errorf("Unable to set MTU: %v", err) } if err := netlink.NetworkLinkUp(iface); err != nil { return fmt.Errorf("Unable to set up networking: %v", err) } // loopback iface, err = net.InterfaceByName("lo") if err != nil { return fmt.Errorf("Unable to set up networking: %v", err) } if err := netlink.NetworkLinkUp(iface); err != nil { return fmt.Errorf("Unable to set up networking: %v", err) } } if args.Gateway != "" { gw := net.ParseIP(args.Gateway) if gw == nil { return fmt.Errorf("Unable to set up networking, %s is not a valid gateway IP", args.Gateway) } if err := netlink.AddDefaultGw(gw.String(), "eth0"); err != nil { return fmt.Errorf("Unable to set up networking: %v", err) } } return nil }
func (v *veth) create(n *network, nspid int) (err error) { tmpName, err := v.generateTempPeerName() if err != nil { return err } n.TempVethPeerName = tmpName defer func() { if err != nil { netlink.NetworkLinkDel(n.HostInterfaceName) netlink.NetworkLinkDel(n.TempVethPeerName) } }() if n.Bridge == "" { return fmt.Errorf("bridge is not specified") } bridge, err := net.InterfaceByName(n.Bridge) if err != nil { return err } if err := netlink.NetworkCreateVethPair(n.HostInterfaceName, n.TempVethPeerName, n.TxQueueLen); err != nil { return err } host, err := net.InterfaceByName(n.HostInterfaceName) if err != nil { return err } if err := netlink.AddToBridge(host, bridge); err != nil { return err } if err := netlink.NetworkSetMTU(host, n.Mtu); err != nil { return err } if n.HairpinMode { if err := netlink.SetHairpinMode(host, true); err != nil { return err } } if err := netlink.NetworkLinkUp(host); err != nil { return err } child, err := net.InterfaceByName(n.TempVethPeerName) if err != nil { return err } return netlink.NetworkSetNsPid(child, nspid) }
func createBridge(name, network, natIface string) (*Bridge, error) { ipAddr, ipNet, err := net.ParseCIDR(network) if err != nil { return nil, err } if err := netlink.CreateBridge(name, true); err != nil { return nil, err } iface, err := net.InterfaceByName(name) if err != nil { return nil, err } // We need to explicitly assign the MAC address to avoid it changing to a lower value // See: https://github.com/flynn/flynn/issues/223 b := random.Bytes(5) mac := fmt.Sprintf("fe:%02x:%02x:%02x:%02x:%02x", b[0], b[1], b[2], b[3], b[4]) if err := netlink.NetworkSetMacAddress(iface, mac); err != nil { return nil, err } if err := netlink.NetworkLinkAddIp(iface, ipAddr, ipNet); err != nil { return nil, err } if err := netlink.NetworkLinkUp(iface); err != nil { return nil, err } if err := ioutil.WriteFile("/proc/sys/net/ipv4/ip_forward", []byte("1\n"), 0644); err != nil { return nil, err } if err := setupIPTables(name, natIface); err != nil { return nil, err } bridge := &Bridge{ name: name, iface: iface, ipAddr: ipAddr, ipNet: ipNet, alloc: ipallocator.New(), } bridge.alloc.RequestIP(ipNet, ipAddr) return bridge, nil }
// SetLinkUp brings the link up. // It is equivalent of running: ip link set dev ${interface name} up func (l *Link) SetLinkUp() error { return netlink.NetworkLinkUp(l.NetInterface()) }
// configureBridge attempts to create and configure a network bridge interface named `bridgeIface` on the host // If bridgeIP is empty, it will try to find a non-conflicting IP from the Docker-specified private ranges // If the bridge `bridgeIface` already exists, it will only perform the IP address association with the existing // bridge (fixes issue #8444) // If an address which doesn't conflict with existing interfaces can't be found, an error is returned. func configureBridge(bridgeIP string) error { nameservers := []string{} resolvConf, _ := resolvconf.Get() // we don't check for an error here, because we don't really care // if we can't read /etc/resolv.conf. So instead we skip the append // if resolvConf is nil. It either doesn't exist, or we can't read it // for some reason. if resolvConf != nil { nameservers = append(nameservers, resolvconf.GetNameserversAsCIDR(resolvConf)...) } var ifaceAddr string if len(bridgeIP) != 0 { _, _, err := net.ParseCIDR(bridgeIP) if err != nil { return err } ifaceAddr = bridgeIP } else { for _, addr := range addrs { _, dockerNetwork, err := net.ParseCIDR(addr) if err != nil { return err } if err := networkdriver.CheckNameserverOverlaps(nameservers, dockerNetwork); err == nil { if err := networkdriver.CheckRouteOverlaps(dockerNetwork); err == nil { ifaceAddr = addr break } else { log.Debugf("%s %s", addr, err) } } } } if ifaceAddr == "" { return fmt.Errorf("Could not find a free IP address range for interface '%s'. Please configure its address manually and run 'docker -b %s'", bridgeIface, bridgeIface) } log.Debugf("Creating bridge %s with network %s", bridgeIface, ifaceAddr) if err := createBridgeIface(bridgeIface); err != nil { // the bridge may already exist, therefore we can ignore an "exists" error if !os.IsExist(err) { return err } } iface, err := net.InterfaceByName(bridgeIface) if err != nil { return err } ipAddr, ipNet, err := net.ParseCIDR(ifaceAddr) if err != nil { return err } if netlink.NetworkLinkAddIp(iface, ipAddr, ipNet); err != nil { return fmt.Errorf("Unable to add private network: %s", err) } if err := netlink.NetworkLinkUp(iface); err != nil { return fmt.Errorf("Unable to start network bridge: %s", err) } return nil }
// ConfigureNetworking is called once during host startup and sets up the local // bridge and forwarding rules for containers. func (l *LibcontainerBackend) ConfigureNetworking(config *host.NetworkConfig) error { log := l.logger.New("fn", "ConfigureNetworking") var err error l.bridgeAddr, l.bridgeNet, err = net.ParseCIDR(config.Subnet) if err != nil { return err } l.ipalloc.RequestIP(l.bridgeNet, l.bridgeAddr) err = netlink.CreateBridge(l.bridgeName, false) bridgeExists := os.IsExist(err) if err != nil && !bridgeExists { return err } bridge, err := net.InterfaceByName(l.bridgeName) if err != nil { return err } if !bridgeExists { // We need to explicitly assign the MAC address to avoid it changing to a lower value // See: https://github.com/flynn/flynn/issues/223 b := random.Bytes(5) bridgeMAC := fmt.Sprintf("fe:%02x:%02x:%02x:%02x:%02x", b[0], b[1], b[2], b[3], b[4]) if err := netlink.NetworkSetMacAddress(bridge, bridgeMAC); err != nil { return err } } currAddrs, err := bridge.Addrs() if err != nil { return err } setIP := true for _, addr := range currAddrs { ip, net, _ := net.ParseCIDR(addr.String()) if ip.Equal(l.bridgeAddr) && net.String() == l.bridgeNet.String() { setIP = false } else { if err := netlink.NetworkLinkDelIp(bridge, ip, net); err != nil { return err } } } if setIP { if err := netlink.NetworkLinkAddIp(bridge, l.bridgeAddr, l.bridgeNet); err != nil { return err } } if err := netlink.NetworkLinkUp(bridge); err != nil { return err } // enable IP forwarding if err := ioutil.WriteFile("/proc/sys/net/ipv4/ip_forward", []byte("1\n"), 0644); err != nil { return err } // Set up iptables for outbound traffic masquerading from containers to the // rest of the network. if err := iptables.EnableOutboundNAT(l.bridgeName, l.bridgeNet.String()); err != nil { return err } // Read DNS config, discoverd uses the nameservers dnsConf, err := dns.ClientConfigFromFile("/etc/resolv.conf") if err != nil { return err } config.Resolvers = dnsConf.Servers // Write a resolv.conf to be bind-mounted into containers pointing at the // future discoverd DNS listener if err := os.MkdirAll("/etc/flynn", 0755); err != nil { return err } var resolvSearch string if len(dnsConf.Search) > 0 { resolvSearch = fmt.Sprintf("search %s\n", strings.Join(dnsConf.Search, " ")) } if err := ioutil.WriteFile("/etc/flynn/resolv.conf", []byte(fmt.Sprintf("%snameserver %s\n", resolvSearch, l.bridgeAddr.String())), 0644); err != nil { return err } l.resolvConf = "/etc/flynn/resolv.conf" // Allocate IPs for running jobs l.containersMtx.Lock() defer l.containersMtx.Unlock() for _, container := range l.containers { if !container.job.Config.HostNetwork { if _, err := l.ipalloc.RequestIP(l.bridgeNet, container.IP); err != nil { log.Error("error requesting ip", "job.id", container.job.ID, "err", err) } } } close(l.networkConfigured) return nil }
func (Link) SetUp(intf *net.Interface) error { netlinkMu.Lock() defer netlinkMu.Unlock() return errF(netlink.NetworkLinkUp(intf)) }
// setLinkOptions validates and sets link's various options passed in as LinkOptions. func setLinkOptions(ifc *net.Interface, opts LinkOptions) error { macaddr, mtu, flags, ns := opts.MacAddr, opts.MTU, opts.Flags, opts.Ns // if MTU is passed in LinkOptions if mtu != 0 { if err := validMtu(mtu); err != nil { return err } if err := netlink.NetworkSetMTU(ifc, mtu); err != nil { return fmt.Errorf("Unable to set MTU: %s", err) } } // if MacAddress is passed in LinkOptions if macaddr != "" { if err := validMacAddress(macaddr); err != nil { return err } if err := netlink.NetworkSetMacAddress(ifc, macaddr); err != nil { return fmt.Errorf("Unable to set MAC Address: %s", err) } } // if ns is passed in LinkOptions if ns != 0 { if err := validNs(ns); err != nil { return err } if err := netlink.NetworkSetNsPid(ifc, ns); err != nil { return fmt.Errorf("Unable to set Network namespace: %s", err) } } // if flags is passed in LinkOptions if flags != 0 { if err := validFlags(flags); err != nil { return err } if ns != 0 && (ns != 1 || ns != os.Getpid()) { if (flags & syscall.IFF_UP) == syscall.IFF_UP { origNs, _ := NetNsHandle(os.Getpid()) defer syscall.Close(int(origNs)) defer system.Setns(origNs, syscall.CLONE_NEWNET) if err := SetNetNsToPid(ns); err != nil { return fmt.Errorf("Switching to %d network namespace failed: %s", ns, err) } if err := netlink.NetworkLinkUp(ifc); err != nil { return fmt.Errorf("Unable to bring %s interface UP: %s", ifc.Name, ns) } } } else { if err := netlink.NetworkLinkUp(ifc); err != nil { return fmt.Errorf("Could not bring up network link %s: %s", ifc.Name, err) } } } return nil }
// SetPeerLinkUp sets peer link up func (veth *VethPair) SetPeerLinkUp() error { return netlink.NetworkLinkUp(veth.peerIfc) }