1 #!/sbin/sh
2 #
3 # CDDL HEADER START
4 #
5 # The contents of this file are subject to the terms of the
6 # Common Development and Distribution License (the "License").
7 # You may not use this file except in compliance with the License.
8 #
9 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10 # or http://www.opensolaris.org/os/licensing.
11 # See the License for the specific language governing permissions
12 # and limitations under the License.
13 #
14 # When distributing Covered Code, include this CDDL HEADER in each
15 # file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16 # If applicable, add the following below this CDDL HEADER, with the
17 # fields enclosed by brackets "[]" replaced with your own identifying
18 # information: Portions Copyright [yyyy] [name of copyright owner]
19 #
20 # CDDL HEADER END
21 #
22 #
23 # Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved.
24 #
25 # Copyright (c) 2012 Joyent, Inc. All rights reserved.
26
27 # This script configures IP routing.
28
29 . /lib/svc/share/smf_include.sh
30
31 set -o xtrace
32
33 #
34 # In a shared-IP zone we need this service to be up, but all of the work
35 # it tries to do is irrelevant (and will actually lead to the service
36 # failing if we try to do it), so just bail out.
37 # In the global zone and exclusive-IP zones we proceed.
38 #
39 smf_configure_ip || exit $SMF_EXIT_OK
40
41 #
42 # If routing.conf file is in place, and has not already been read in
43 # by previous invokation of routeadm, legacy configuration is upgraded
44 # by this call to "routeadm -u". This call is also needed when
45 # a /var/svc/profile/upgrade file is found, as it may contain routeadm commands
46 # which need to be applied. Finally, routeadm starts in.ndpd by
47 # enabling the ndp service (in.ndpd), which is required for IPv6 address
48 # autoconfiguration. It would be nice if we could do this in
49 # network/loopback, but since the SMF backend is read-only at that
50 # point in boot, we cannot.
51 #
52 /sbin/routeadm -u
53
54 #
55 # Are we routing dynamically? routeadm(1M) reports this in the
56 # "current" values of ipv4/6-routing - if either are true, we are running
57 # routing daemons (or at least they are enabled to run).
58 #
59 dynamic_routing_test=`/sbin/routeadm -p | \
60 nawk '/^ipv[46]-routing [.]*/ { print $2 }' | /usr/bin/grep "current=enabled"`
61 if [ -n "$dynamic_routing_test" ]; then
62 dynamic_routing="true"
63 fi
64
65 #
66 # Configure default IPv4 routers using the local "/etc/defaultrouter"
67 # configuration file. The file can contain the hostnames or IP
68 # addresses of one or more default routers. If hostnames are used,
69 # each hostname must also be listed in the local "/etc/hosts" file
70 # because NIS is not running at the time that this script is
71 # run. Each router name or address is listed on a single line by
72 # itself in the file. Anything else on that line after the router's
73 # name or address is ignored. Lines that begin with "#" are
74 # considered comments and ignored.
75 #
76 # The default routes listed in the "/etc/defaultrouter" file will
77 # replace those added by the kernel during diskless booting. An
78 # empty "/etc/defaultrouter" file will cause the default route
79 # added by the kernel to be deleted.
80 #
81 # Note that the default router file is ignored if we received routes
82 # from a DHCP server. Our policy is to always trust DHCP over local
83 # administration.
84 #
85 smf_netstrategy
86
87 if [ "$_INIT_NET_STRATEGY" = "dhcp" ] && \
88 [ -n "`/sbin/dhcpinfo Router`" ]; then
89 defrouters=`/sbin/dhcpinfo Router`
90 elif [ -f /etc/defaultrouter ]; then
91 defrouters=`/usr/bin/grep -v \^\# /etc/defaultrouter | \
92 /usr/bin/awk '{print $1}'`
93 if [ -n "$defrouters" ]; then
94 #
95 # We want the default router(s) listed in
96 # /etc/defaultrouter to replace the one added from the
97 # BOOTPARAMS WHOAMI response but we must avoid flushing
98 # the last route between the running system and its
99 # /usr file system.
100 #
101
102 # First, remember the original route.
103 shift $#
104 set -- `/usr/bin/netstat -rn -f inet | \
105 /usr/bin/grep '^default'`
106 route_IP="$2"
107
108 #
109 # Next, add those from /etc/defaultrouter. While doing
110 # this, if one of the routes we add is for the route
111 # previously added as a result of the BOOTPARAMS
112 # response, we will see a message of the form:
113 # "add net default: gateway a.b.c.d: entry exists"
114 #
115 do_delete=yes
116 for router in $defrouters; do
117 route_added=`/usr/sbin/route -n add default \
118 -gateway $router`
119 res=$?
120 set -- $route_added
121 [ $res -ne 0 -a "$5" = "$route_IP:" ] && do_delete=no
122 done
123
124 #
125 # Finally, delete the original default route unless it
126 # was also listed in the defaultrouter file.
127 #
128 if [ -n "$route_IP" -a $do_delete = yes ]; then
129 /usr/sbin/route -n delete default \
130 -gateway $route_IP >/dev/null
131 fi
132 else
133 /usr/sbin/route -fn > /dev/null
134 fi
135 else
136 defrouters=
137 fi
138
139 #
140 # Use routeadm(1M) to configure forwarding and launch routing daemons
141 # for IPv4 and IPv6 based on preset values. These settings only apply
142 # to the global zone. For IPv4 dynamic routing, the system will default
143 # to disabled if a default route was previously added via BOOTP, DHCP,
144 # or the /etc/defaultrouter file. routeadm also starts in.ndpd.
145 #
146 if [ "$dynamic_routing" != "true" ] && [ -z "$defrouters" ]; then
147 #
148 # No default routes were setup by "route" command above.
149 # Check the kernel routing table for any other default
150 # routes.
151 #
152 /usr/bin/netstat -rn -f inet | \
153 /usr/bin/grep default >/dev/null 2>&1 && defrouters=yes
154 fi
155
156 #
157 # The routeadm/ipv4-routing-set property is true if the administrator
158 # has run "routeadm -e/-d ipv4-routing". If not, we revert to the
159 # appropriate defaults. We no longer run "routeadm -u" on every boot
160 # however, as persistent daemon state is now controlled by SMF.
161 #
162 ipv4_routing_set=`/usr/bin/svcprop -p routeadm/ipv4-routing-set $SMF_FMRI`
163 smartos_param=`/usr/bin/bootparams | grep "^smartos"`
164 if [ -z "$defrouters" ] && [ "$smartos_param" != "" ]; then
165 #
166 # Set default value for ipv4-routing to enabled. If routeadm -e/-d
167 # has not yet been run by the administrator, we apply this default.
168 # The -b option is project-private and informs routeadm not
169 # to treat the enable as administrator-driven.
170 #
171 /usr/sbin/svccfg -s $SMF_FMRI \
172 setprop routeadm/default-ipv4-routing = true
173 if [ "$ipv4_routing_set" = "false" ]; then
174 /sbin/routeadm -b -e ipv4-routing -u
175 fi
176 else
177 #
178 # Default router(s) have been found, so ipv4-routing default value
179 # should be disabled. If routaedm -e/d has not yet been run by
180 # the administrator, we apply this default. The -b option is
181 # project-private and informs routeadm not to treat the disable as
182 # administrator-driven.
183 #
184 /usr/sbin/svccfg -s $SMF_FMRI \
185 setprop routeadm/default-ipv4-routing = false
186 if [ "$ipv4_routing_set" = "false" ]; then
187 /sbin/routeadm -b -d ipv4-routing -u
188 fi
189 fi
190
191 #
192 # See if static routes were created by install. If so, they were created
193 # under /etc/svc/volatile. Copy them into their proper place.
194 #
195 if [ -f /etc/svc/volatile/etc/inet/static_routes ]; then
196 echo "Installing persistent routes"
197 if [ -f /etc/inet/static_routes ]; then
198 cat /etc/svc/volatile/etc/inet/static_routes | grep -v '^#' \
199 >> /etc/inet/static_routes
200 else
201 cp /etc/svc/volatile/etc/inet/static_routes \
202 /etc/inet/static_routes
203 fi
204 /usr/bin/rm /etc/svc/volatile/etc/inet/static_routes
205
206 fi
207
208 #
209 # Read /etc/inet/static_routes and add each route.
210 #
211 if [ -f /etc/inet/static_routes ]; then
212 echo "Adding persistent routes:"
213 /usr/bin/egrep -v "^(#|$)" /etc/inet/static_routes | while read line; do
214 /usr/sbin/route add $line
215 done
216 fi
217
218 #
219 # Read /etc/inet/static_routes.vmadm and add each route.
220 #
221 if [ -f /etc/inet/static_routes.vmadm ]; then
222 echo "Adding vmadm persistent routes:"
223 /usr/bin/egrep -v "^(#|$)" /etc/inet/static_routes.vmadm | while read line; do
224 /usr/sbin/route add $line
225 done
226 fi
227
228 #
229 # Log the result
230 #
231 echo "Routing setup complete:"
232 /usr/bin/netstat -rn
233
234 # Clear exit status.
235 exit $SMF_EXIT_OK