#!/bin/sh -x set -eu # Set public IPv6 network prefix in the form aaaa:bbbb:cccc:dddd # (yes, without trailing: or ::) hoster_prefix_v6="{{ hoster_ipv6_prefix }}" # hardcoded: use 42 prefix ns_prefix_v6="${hoster_prefix_v6}:42" # insert IPv4 address hoster_addr_v4="{{ hoster_ipv4_address }}" # hardcoded: net ns_net_v4="10.42.0.0/24" # hardcoded: peer address (inside namespace) ns_addr_peer_v4="10.42.0.2/32" case $- in *x*) debug="-x" ;; *) debug="" ;; esac case "$1" in start) ip netns exec dn42 sh $debug "$0" start-ns ip route add ${ns_net_v4} dev vethdn42 ip a add ${ns_prefix_v6}::1/128 dev vethdn42 ip route add ${ns_prefix_v6}::2/128 dev vethdn42 # hardcoded: route for dn42 ip route replace fd00::/8 via ${ns_prefix_v6}::2 dev vethdn42 src fcee::1 ;; start-ns) sysctl -w net.ipv6.conf.all.forwarding=1 ip -4 route flush dev eth0 ip -6 route flush dev eth0 ip -4 a flush dev eth0 ip -6 a flush dev eth0 ip a add ${ns_addr_peer_v4} dev eth0 ip route add ${hoster_addr_v4} dev eth0 ip route add default via ${hoster_addr_v4} dev eth0 ip a add ${ns_prefix_v6}::2/128 dev eth0 ip route add ${ns_prefix_v6}::1 dev eth0 ip route add default via ${ns_prefix_v6}::1 dev eth0 # hardcoded: dummy-interface with additional addresses ifup dn42_int # hardcoded: Additional rules for (policy) routing. # tables are filled by bird. ip -6 rule add prio 31000 table 210 ip -6 rule add prio 32000 table 250 # hardcoded: iptables iptables-nft-restore < /etc/iptables/netns/dn42/iptables.save ip6tables-nft-restore < /etc/iptables/netns/dn42/ip6tables.save ;; stop) ip -6 route flush dev vethdn42 ip -4 route flush dev vethdn42 ip -6 a flush dev vethdn42 ip -4 a flush dev vethdn42 ip netns exec dn42 sh $debug "$0" stop-ns ;; stop-ns) ifdown dn42_int ip -6 route flush dev eth0 ip -6 a flush dev eth0 ip -4 route flush dev eth0 ip -4 a flush dev eth0 ip -6 rule del prio 31000 ip -6 rule del prio 32000 ;; *) echo "Ignore invalid parameter $1" >&2 ;; esac