Changeset View
Changeset View
Standalone View
Standalone View
tests/sys/common/vnet.subr
| # $FreeBSD$ | # $FreeBSD$ | ||||
| # VNAT/jail utility functions | # VNAT/jail utility functions | ||||
| ## | ## | ||||
| vnet_init() | vnet_init() | ||||
| { | { | ||||
| if [ "`sysctl -i -n kern.features.vimage`" != 1 ]; then | if [ "`sysctl -i -n kern.features.vimage`" != 1 ]; then | ||||
| atf_skip "This test requires VIMAGE" | atf_skip "This test requires VIMAGE" | ||||
| fi | fi | ||||
| } | } | ||||
| vnet_mkepair() | vnet_mkepair() | ||||
| { | { | ||||
| ifname=$(ifconfig epair create) | ifname=$(ifconfig epair create) | ||||
| echo $ifname >> created_interfaces.lst | echo $ifname >> created_interfaces.lst | ||||
| echo ${ifname%a}b >> created_interfaces.lst | |||||
kp: Do we need this? We should already be adding epair0a to created_interfaces.lst, and deleting… | |||||
melifaroAuthorUnsubmitted Done Inline ActionsIn short, yes. Currently, there is no guarantee that jail is destroyed upon return of the jail -r cmd. For example, when some connections inside the jail are in TIME_WAIT state, destruction is delayed till fin_wait2 timeout. As a result, interface may appear in the host jail only after 60 seconds. Please take a look at the following example: #!/bin/sh epair=$(ifconfig epair create) jail_name=j-`date +%s` jail -c name=${jail_name}a persist vnet vnet.interface=${epair} jail -c name=${jail_name}b persist vnet vnet.interface=${epair%a}b jexec ${jail_name}a ifconfig ${epair} inet 192.168.0.1/24 jexec ${jail_name}b ifconfig ${epair%a}b inet 192.168.0.2/24 jexec ${jail_name}b nc -l 4242 & sleep 0.1 echo test | jexec ${jail_name}a nc -Nn 192.168.0.2 4242 jexec ${jail_name}a netstat -an jail -r ${jail_name}a jail -r ${jail_name}b sleep 0.1 ifconfig -l echo ---- jls -N echo ---- jls -dN echo Sleeping.. sleep 58 ifconfig -l sleep 3 ifconfig -l It outputs test Active Internet connections (including servers) Proto Recv-Q Send-Q Local Address Foreign Address (state) tcp4 0 0 192.168.0.1.48519 192.168.0.2.4242 TIME_WAIT em0 em1 em2 lo0 epair0b ---- JID IP Address Hostname Path ---- JID IP Address Hostname Path j-1584786208a / Sleeping.. em0 em1 em2 lo0 epair0b em0 em1 em2 lo0 epair0b epair0a melifaro: In short, yes.
Currently, there is no guarantee that jail is destroyed upon return of the… | |||||
melifaroAuthorUnsubmitted Done Inline ActionsLet me put it differently: it does not guarantee that interface won't be leaked but increases this possibility. I'd prefer to have the proper solution but was unable to find one.
melifaro: Let me put it differently: it does not //guarantee// that interface won't be leaked but… | |||||
| echo ${ifname%a} | echo ${ifname%a} | ||||
| } | } | ||||
| vnet_mkbridge() | vnet_mkbridge() | ||||
| { | { | ||||
| ifname=$(ifconfig bridge create) | ifname=$(ifconfig bridge create) | ||||
| echo $ifname >> created_interfaces.lst | |||||
| echo ${ifname} | |||||
| } | |||||
| vnet_mkloopback() | |||||
| { | |||||
| ifname=$(ifconfig lo create) | |||||
| echo $ifname >> created_interfaces.lst | echo $ifname >> created_interfaces.lst | ||||
| echo ${ifname} | echo ${ifname} | ||||
| } | } | ||||
| vnet_mkjail() | vnet_mkjail() | ||||
| { | { | ||||
| jailname=$1 | jailname=$1 | ||||
| shift | shift | ||||
| Show All 29 Lines | |||||
Do we need this? We should already be adding epair0a to created_interfaces.lst, and deleting that one deletes epair0b as well.