func addIPConfigToLink(ipConfig *ipam.IPConfig, link netlink.Link, ifName string) error {
log.Debugf("Configuring link %+v/%s with %+v", link, ifName, ipConfig)
addr := &netlink.Addr{IPNet: &ipConfig.IP}
if err := netlink.AddrAdd(link, addr); err != nil {
return fmt.Errorf("failed to add addr to %q: %v", ifName, err)
}
// Sort provided routes to make sure we apply any more specific
// routes first which may be used as nexthops in wider routes
sort.Sort(ipam.ByMask(ipConfig.Routes))
for _, r := range ipConfig.Routes {
log.Debugf("Adding route %+v", r)
rt := &netlink.Route{
LinkIndex: link.Attrs().Index,
Scope: netlink.SCOPE_UNIVERSE,
Dst: &r.Destination,
Gw: r.NextHop,
}
if r.IsL2() {
rt.Scope = netlink.SCOPE_LINK
}
if err := netlink.RouteAdd(rt); err != nil {
if !os.IsExist(err) {
return fmt.Errorf("failed to add route '%s via %v dev %v': %v",
r.Destination.String(), r.NextHop, ifName, err)
}
}
}
return nil
}
func setGateway(gateway string) error {
if gateway == "" {
return nil
}
gatewayIp := net.ParseIP(gateway)
if gatewayIp == nil {
return errors.New("Invalid gateway address " + gateway)
}
route := netlink.Route{
Scope: netlink.SCOPE_UNIVERSE,
Gw: gatewayIp,
}
if err := netlink.RouteAdd(&route); err == syscall.EEXIST {
//Ignore this error
} else if err != nil {
log.Errorf("gateway set failed: %v", err)
return err
}
log.Infof("Set default gateway %s", gateway)
return nil
}
func (n *network) checkSubnetExistInRoutes() {
routeList, err := netlink.RouteList(nil, netlink.FAMILY_V4)
if err == nil {
for _, route := range n.rl {
exist := false
for _, r := range routeList {
if r.Dst == nil {
continue
}
if routeEqual(r, route) {
exist = true
break
}
}
if !exist {
if err := netlink.RouteAdd(&route); err != nil {
if nerr, ok := err.(net.Error); !ok {
log.Errorf("Error recovering route to %v: %v, %v", route.Dst, route.Gw, nerr)
}
continue
} else {
log.Infof("Route recovered %v : %v", route.Dst, route.Gw)
}
}
}
}
}
func setupRoute(config *configs.Config) error {
for _, config := range config.Routes {
_, dst, err := net.ParseCIDR(config.Destination)
if err != nil {
return err
}
src := net.ParseIP(config.Source)
if src == nil {
return fmt.Errorf("Invalid source for route: %s", config.Source)
}
gw := net.ParseIP(config.Gateway)
if gw == nil {
return fmt.Errorf("Invalid gateway for route: %s", config.Gateway)
}
l, err := netlink.LinkByName(config.InterfaceName)
if err != nil {
return err
}
route := &netlink.Route{
Scope: netlink.SCOPE_UNIVERSE,
Dst: dst,
Src: src,
Gw: gw,
LinkIndex: l.Attrs().Index,
}
if err := netlink.RouteAdd(route); err != nil {
return err
}
}
return nil
}
func configureIface(ifname string, ipn ip.IP4Net, mtu int) error {
iface, err := netlink.LinkByName(ifname)
if err != nil {
return fmt.Errorf("failed to lookup interface %v", ifname)
}
err = netlink.AddrAdd(iface, &netlink.Addr{IPNet: ipn.ToIPNet(), Label: ""})
if err != nil {
return fmt.Errorf("failed to add IP address %v to %v: %v", ipn.String(), ifname, err)
}
err = netlink.LinkSetMTU(iface, mtu)
if err != nil {
return fmt.Errorf("failed to set MTU for %v: %v", ifname, err)
}
err = netlink.LinkSetUp(iface)
if err != nil {
return fmt.Errorf("failed to set interface %v to UP state: %v", ifname, err)
}
// explicitly add a route since there might be a route for a subnet already
// installed by Docker and then it won't get auto added
err = netlink.RouteAdd(&netlink.Route{
LinkIndex: iface.Attrs().Index,
Scope: netlink.SCOPE_UNIVERSE,
Dst: ipn.Network().ToIPNet(),
})
if err != nil && err != syscall.EEXIST {
return fmt.Errorf("failed to add route (%v -> %v): %v", ipn.Network().String(), ifname, err)
}
return nil
}
func (d *driver) createNetwork(w http.ResponseWriter, r *http.Request) {
var req createNetworkRequest
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
panic(err)
}
if len(d.networkID) != 0 {
panic(fmt.Errorf("driver already has a network defined"))
}
route := &netlink.Route{
LinkIndex: d.hostLink.Attrs().Index,
Scope: netlink.SCOPE_LINK,
Dst: d.ipnet,
}
if err := netlink.RouteAdd(route); err != nil {
Warn.Printf("error adding link-scope route: %s\n", err)
}
d.networkID = req.NetworkID
Debug.Println("driver.createNetwork", req.NetworkID, req.Options)
w.Header().Set("Content-Type", "application/json")
fmt.Fprint(w, `{}`)
}
// addRouteIface required for L3 mode adds a link scoped route in the default ns
func addRouteIface(ipVlanL3Network *net.IPNet, iface netlink.Link) error {
return netlink.RouteAdd(&netlink.Route{
LinkIndex: iface.Attrs().Index,
Scope: netlink.SCOPE_LINK,
Dst: ipVlanL3Network,
})
}
func programGateway(path string, gw net.IP) error {
runtime.LockOSThread()
defer runtime.UnlockOSThread()
origns, err := netns.Get()
if err != nil {
return err
}
defer origns.Close()
f, err := os.OpenFile(path, os.O_RDONLY, 0)
if err != nil {
return fmt.Errorf("failed get network namespace %q: %v", path, err)
}
defer f.Close()
nsFD := f.Fd()
if err = netns.Set(netns.NsHandle(nsFD)); err != nil {
return err
}
defer netns.Set(origns)
gwRoutes, err := netlink.RouteGet(gw)
if err != nil {
return fmt.Errorf("route for the gateway could not be found: %v", err)
}
return netlink.RouteAdd(&netlink.Route{
Scope: netlink.SCOPE_UNIVERSE,
LinkIndex: gwRoutes[0].LinkIndex,
Gw: gw,
})
}
func routingUp() {
veth, err := netlink.LinkByName("myveth1")
if err != nil {
panic(err)
}
err = netlink.LinkSetUp(veth)
if err != nil {
panic(err)
}
addr, _ := netlink.ParseAddr("172.19.80.2/24")
err = netlink.AddrAdd(veth, addr)
if err != nil {
panic(err)
}
routes := createRoutes(veth)
for _, route := range routes {
fmt.Println("Adding route", route)
err := netlink.RouteAdd(route)
if err != nil {
fmt.Println(err)
// panic(err)
}
}
}
func applyNetConf(link netlink.Link, netConf config.InterfaceConfig) error {
if netConf.DHCP {
log.Infof("Running DHCP on %s", link.Attrs().Name)
cmd := exec.Command("dhcpcd", "-A4", "-e", "force_hostname=true", link.Attrs().Name)
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
if err := cmd.Run(); err != nil {
log.Error(err)
}
} else if netConf.IPV4LL {
if err := AssignLinkLocalIP(link); err != nil {
log.Error("IPV4LL set failed")
return err
}
} else if netConf.Address == "" {
return nil
} else {
addr, err := netlink.ParseAddr(netConf.Address)
if err != nil {
return err
}
if err := netlink.AddrAdd(link, addr); err != nil {
log.Error("addr add failed")
return err
}
log.Infof("Set %s on %s", netConf.Address, link.Attrs().Name)
}
if netConf.MTU > 0 {
if err := netlink.LinkSetMTU(link, netConf.MTU); err != nil {
log.Error("set MTU Failed")
return err
}
}
if err := netlink.LinkSetUp(link); err != nil {
log.Error("failed to setup link")
return err
}
if netConf.Gateway != "" {
gatewayIp := net.ParseIP(netConf.Gateway)
if gatewayIp == nil {
return errors.New("Invalid gateway address " + netConf.Gateway)
}
route := netlink.Route{
Scope: netlink.SCOPE_UNIVERSE,
Gw: net.ParseIP(netConf.Gateway),
}
if err := netlink.RouteAdd(&route); err != nil {
log.Error("gateway set failed")
return err
}
log.Infof("Set default gateway %s", netConf.Gateway)
}
return nil
}
// AddHostRoute adds a host-scoped route to a device.
func AddHostRoute(ipn *net.IPNet, gw net.IP, dev netlink.Link) error {
return netlink.RouteAdd(&netlink.Route{
LinkIndex: dev.Attrs().Index,
Scope: netlink.SCOPE_HOST,
Dst: ipn,
Gw: gw,
})
}
func (dev *vxlanDevice) AddRoute(subnet ip.IP4Net) error {
route := &netlink.Route{
Scope: netlink.SCOPE_UNIVERSE,
Dst: subnet.ToIPNet(),
Gw: subnet.IP.ToIP(),
}
log.Infof("calling RouteAdd: %s", subnet)
return netlink.RouteAdd(route)
}
func addRoute(link netlink.Link, podIP net.IP) error {
route := netlink.Route{
LinkIndex: link.Attrs().Index,
Scope: netlink.SCOPE_LINK,
Dst: &net.IPNet{
IP: podIP,
Mask: net.IPv4Mask(0xff, 0xff, 0xff, 0xff),
},
}
return netlink.RouteAdd(&route)
}
func routeAdd(ip *net.IPNet, iface netlink.Link) error {
route := netlink.Route{
LinkIndex: iface.Attrs().Index,
Dst: ip,
}
log.Debugf("Adding route %+v", route)
if err := netlink.RouteAdd(&route); err != nil {
log.Errorf("Unable to add route %+v: %+v", route, err)
}
return nil
}
func AddDefaultGateway(ip string) error {
err := netlink.RouteAdd(&netlink.Route{
Scope: netlink.SCOPE_UNIVERSE,
Gw: net.ParseIP(ip),
})
if err != nil {
log.Errorf("Adding Default Gateway: %s", ip)
return err
}
return nil
}
// AddHostRoute adds a host-scoped route to a device.
func AddRoute(neighborNetwork *net.IPNet, nextHop net.IP, iface netlink.Link) error {
log.Debugf("Adding route in the default namespace for IPVlan L3 mode with the following:")
log.Debugf("IP Prefix: [ %s ] - Next Hop: [ %s ] - Source Interface: [ %s ]",
neighborNetwork, nextHop, iface.Attrs().Name)
return netlink.RouteAdd(&netlink.Route{
Scope: netlink.SCOPE_UNIVERSE,
LinkIndex: iface.Attrs().Index,
Dst: neighborNetwork,
Gw: nextHop,
})
}
func AddRoute(link netlink.Link, scope netlink.Scope, dst *net.IPNet, gw net.IP) error {
err := netlink.RouteAdd(&netlink.Route{
LinkIndex: link.Attrs().Index,
Scope: scope,
Dst: dst,
Gw: gw,
})
if os.IsExist(err) { // squash duplicate route errors
err = nil
}
return err
}
func (t *AWSVPCTracker) createHostRoute(cidr string) error {
dst, err := parseCIDR(cidr)
if err != nil {
return err
}
route := &netlink.Route{
LinkIndex: t.linkIndex,
Dst: dst,
Scope: netlink.SCOPE_LINK,
}
return netlink.RouteAdd(route)
}
func applyNetConf(link netlink.Link, netConf InterfaceConfig) error {
if netConf.IPV4LL {
if err := AssignLinkLocalIP(link); err != nil {
log.Errorf("IPV4LL set failed: %v", err)
return err
}
} else if netConf.Address == "" {
return nil
} else {
addr, err := netlink.ParseAddr(netConf.Address)
if err != nil {
return err
}
if err := netlink.AddrAdd(link, addr); err != nil {
//Ignore this error
log.Errorf("addr add failed: %v", err)
} else {
log.Infof("Set %s on %s", netConf.Address, link.Attrs().Name)
}
}
if netConf.MTU > 0 {
if err := netlink.LinkSetMTU(link, netConf.MTU); err != nil {
log.Errorf("set MTU Failed: %v", err)
return err
}
}
if err := netlink.LinkSetUp(link); err != nil {
log.Errorf("failed to setup link: %v", err)
return err
}
if netConf.Gateway != "" {
gatewayIp := net.ParseIP(netConf.Gateway)
if gatewayIp == nil {
return errors.New("Invalid gateway address " + netConf.Gateway)
}
route := netlink.Route{
Scope: netlink.SCOPE_UNIVERSE,
Gw: net.ParseIP(netConf.Gateway),
}
if err := netlink.RouteAdd(&route); err != nil {
log.Errorf("gateway set failed: %v", err)
return err
}
log.Infof("Set default gateway %s", netConf.Gateway)
}
return nil
}
/**
* Add a route @src -> @dst through interface @dev.
* The gateway @gw is optional and may be an emtpy string.
*/
func Add(src, dst, dev, gw string) {
route := mkRoute(src, dst, dev, gw)
/* Adding an existing route leads to error */
if Exists(route) {
log.Printf("route %s -> %s exists already, not adding it", src, dst)
return
}
err := netlink.RouteAdd(route)
if err != nil {
log.Fatalf("failed to add route %s -> %s: %s", src, dst, err)
}
}
func setupBridgeIPv6(config *networkConfiguration, i *bridgeInterface) error {
procFile := "/proc/sys/net/ipv6/conf/" + config.BridgeName + "/disable_ipv6"
ipv6BridgeData, err := ioutil.ReadFile(procFile)
if err != nil {
return fmt.Errorf("Cannot read IPv6 setup for bridge %v: %v", config.BridgeName, err)
}
// Enable IPv6 on the bridge only if it isn't already enabled
if ipv6BridgeData[0] != '0' {
if err := ioutil.WriteFile(procFile, []byte{'0', '\n'}, ipv6ForwardConfPerm); err != nil {
return fmt.Errorf("Unable to enable IPv6 addresses on bridge: %v", err)
}
}
_, addrsv6, err := i.addresses()
if err != nil {
return err
}
// Add the default link local ipv6 address if it doesn't exist
if !findIPv6Address(netlink.Addr{IPNet: bridgeIPv6}, addrsv6) {
if err := netlink.AddrAdd(i.Link, &netlink.Addr{IPNet: bridgeIPv6}); err != nil {
return &IPv6AddrAddError{IP: bridgeIPv6, Err: err}
}
}
// Store bridge network and default gateway
i.bridgeIPv6 = bridgeIPv6
i.gatewayIPv6 = i.bridgeIPv6.IP
if config.AddressIPv6 == nil {
return nil
}
// Store and program user specified bridge network and network gateway
i.bridgeIPv6 = config.AddressIPv6
i.gatewayIPv6 = config.AddressIPv6.IP
if err := netlink.AddrAdd(i.Link, &netlink.Addr{IPNet: i.bridgeIPv6}); err != nil {
return &IPv6AddrAddError{IP: i.bridgeIPv6, Err: err}
}
// Setting route to global IPv6 subnet
logrus.Debugf("Adding route to IPv6 network %s via device %s", config.AddressIPv6.String(), config.BridgeName)
err = netlink.RouteAdd(&netlink.Route{
Scope: netlink.SCOPE_UNIVERSE,
LinkIndex: i.Link.Attrs().Index,
Dst: config.AddressIPv6,
})
if err != nil && !os.IsExist(err) {
logrus.Errorf("Could not add route to IPv6 network %s via device %s", config.AddressIPv6.String(), config.BridgeName)
}
return nil
}
func addRouteByLink(CIDR, ifc string) error {
link, err := netlink.LinkByName(ifc)
if err != nil {
return err
}
_, dst, err := net.ParseCIDR(CIDR)
if err != nil {
return err
}
route := netlink.Route{LinkIndex: link.Attrs().Index, Dst: dst}
return netlink.RouteAdd(&route)
}
// Add a route from the global namespace
func programRoute(dest *net.IPNet, nh net.IP) error {
gwRoutes, err := netlink.RouteGet(nh)
if err != nil {
return fmt.Errorf("route for the next hop %s could not be found: %v", nh, err)
}
return netlink.RouteAdd(&netlink.Route{
Scope: netlink.SCOPE_UNIVERSE,
LinkIndex: gwRoutes[0].LinkIndex,
Gw: gwRoutes[0].Gw,
Dst: dest,
})
}
func setInterfaceRoutes(iface netlink.Link, i *nwIface) error {
for _, route := range i.Routes() {
err := netlink.RouteAdd(&netlink.Route{
Scope: netlink.SCOPE_LINK,
LinkIndex: iface.Attrs().Index,
Dst: route,
})
if err != nil {
return err
}
}
return nil
}
// AddHostRoute adds a route to a device using netlink into the Linux default namespace.
func addLinuxRoute(neighborNetwork *net.IPNet, nextHop net.IP, netIface string) error {
iface, err := netlink.LinkByName(netIface)
if err != nil {
return err
}
log.Infof("Adding route learned via BGP for a remote endpoint with:")
log.Infof("IP Prefix: [ %s ] - Next Hop: [ %s ] - Source Interface: [ %s ]", neighborNetwork, nextHop, iface.Attrs().Name)
return netlink.RouteAdd(&netlink.Route{
Scope: netlink.SCOPE_UNIVERSE,
LinkIndex: iface.Attrs().Index,
Dst: neighborNetwork,
Gw: nextHop,
})
}
// Program a route in to the namespace routing table.
func programRoute(path string, dest *net.IPNet, nh net.IP) error {
return nsInvoke(path, func(nsFD int) error { return nil }, func(callerFD int) error {
gwRoutes, err := netlink.RouteGet(nh)
if err != nil {
return fmt.Errorf("route for the next hop could not be found: %v", err)
}
return netlink.RouteAdd(&netlink.Route{
Scope: netlink.SCOPE_UNIVERSE,
LinkIndex: gwRoutes[0].LinkIndex,
Gw: gwRoutes[0].Gw,
Dst: dest,
})
})
}
func (Link) AddDefaultGW(intf *net.Interface, ip net.IP) error {
netlinkMu.Lock()
defer netlinkMu.Unlock()
link, err := netlink.LinkByName(intf.Name)
if err != nil {
return errF(err)
}
route := &netlink.Route{
Scope: netlink.SCOPE_UNIVERSE,
LinkIndex: link.Attrs().Index,
Gw: ip,
}
return errF(netlink.RouteAdd(route))
}
func setupFixedCIDRv6(config *NetworkConfiguration, i *bridgeInterface) error {
log.Debugf("Using IPv6 subnet: %v", config.FixedCIDRv6)
if err := ipAllocator.RegisterSubnet(config.FixedCIDRv6, config.FixedCIDRv6); err != nil {
return &FixedCIDRv6Error{Net: config.FixedCIDRv6, Err: err}
}
// Setting route to global IPv6 subnet
log.Debugf("Adding route to IPv6 network %s via device %s", config.FixedCIDRv6.String(), config.BridgeName)
err := netlink.RouteAdd(&netlink.Route{
Scope: netlink.SCOPE_UNIVERSE,
LinkIndex: i.Link.Attrs().Index,
Dst: config.FixedCIDRv6,
})
if err != nil && !os.IsExist(err) {
log.Errorf("Could not add route to IPv6 network %s via device %s", config.FixedCIDRv6.String(), config.BridgeName)
}
return nil
}
func (rb *HostgwBackend) handleSubnetEvents(batch subnet.EventBatch) {
for _, evt := range batch {
switch evt.Type {
case subnet.SubnetAdded:
log.Infof("Subnet added: %v via %v", evt.Lease.Network, evt.Lease.Attrs.PublicIP)
if evt.Lease.Attrs.BackendType != "host-gw" {
log.Warningf("Ignoring non-host-gw subnet: type=%v", evt.Lease.Attrs.BackendType)
continue
}
route := netlink.Route{
Dst: evt.Lease.Network.ToIPNet(),
Gw: evt.Lease.Attrs.PublicIP.ToIP(),
LinkIndex: rb.extIface.Index,
}
if err := netlink.RouteAdd(&route); err != nil {
log.Errorf("Error adding route to %v via %v: %v", evt.Lease.Network, evt.Lease.Attrs.PublicIP, err)
continue
}
case subnet.SubnetRemoved:
log.Info("Subnet removed: ", evt.Lease.Network)
if evt.Lease.Attrs.BackendType != "host-gw" {
log.Warningf("Ignoring non-host-gw subnet: type=%v", evt.Lease.Attrs.BackendType)
continue
}
route := netlink.Route{
Dst: evt.Lease.Network.ToIPNet(),
Gw: evt.Lease.Attrs.PublicIP.ToIP(),
LinkIndex: rb.extIface.Index,
}
if err := netlink.RouteDel(&route); err != nil {
log.Errorf("Error deleting route to %v: %v", evt.Lease.Network, err)
continue
}
default:
log.Error("Internal error: unknown event type: ", int(evt.Type))
}
}
}
func (dev *vxlanDevice) Configure(ipn ip.IP4Net) error {
setAddr4(dev.link, ipn.ToIPNet())
if err := netlink.LinkSetUp(dev.link); err != nil {
return fmt.Errorf("failed to set interface %s to UP state: %s", dev.link.Attrs().Name, err)
}
// explicitly add a route since there might be a route for a subnet already
// installed by Docker and then it won't get auto added
route := netlink.Route{
LinkIndex: dev.link.Attrs().Index,
Scope: netlink.SCOPE_UNIVERSE,
Dst: ipn.Network().ToIPNet(),
}
if err := netlink.RouteAdd(&route); err != nil && err != syscall.EEXIST {
return fmt.Errorf("failed to add route (%s -> %s): %v", ipn.Network().String(), dev.link.Attrs().Name, err)
}
return nil
}