3 # Copyright (c) 2011 Nicira, Inc.
5 # Licensed under the Apache License, Version 2.0 (the "License");
6 # you may not use this file except in compliance with the License.
7 # You may obtain a copy of the License at:
9 # http://www.apache.org/licenses/LICENSE-2.0
11 # Unless required by applicable law or agreed to in writing, software
12 # distributed under the License is distributed on an "AS IS" BASIS,
13 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 # See the License for the specific language governing permissions and
15 # limitations under the License.
20 ${UTIL}: Provides helper functions to save Open vSwitch's configuration.
24 save-interfaces Outputs a shell script on stdout that will restore
25 the current kernel configuration of the specified
26 network interfaces, as well as the system iptables
28 save-flows Outputs a shell script on stdout that will restore
29 Openflow flows of each Open vSwitch bridge.
30 save-datapaths Outputs a shell script on stdout that will restore
31 the datapaths with the same port numbers as before.
33 This script is meant as a helper for the Open vSwitch init script commands.
37 PATH=/sbin:/bin:/usr/sbin:/usr/bin
44 if test -x $dir/$1; then
53 if missing_program ip; then
54 echo "$0: ip not found in $PATH" >&2
58 if test "$#" = 0; then
64 state=`ip link show dev $dev` || continue
67 # Link state (Ethernet addresses, up/down, ...)
70 *"state UP"* | *[,\<]"UP"[,\>]* )
74 linkcmd="$linkcmd down"
77 if expr "$state" : '.*\bdynamic\b' > /dev/null; then
78 linkcmd="$linkcmd dynamic"
80 if qlen=`expr "$state" : '.*qlen \([0-9]+\)'`; then
81 linkcmd="$linkcmd txqueuelen $qlen"
83 if hwaddr=`expr "$state" : '.*link/ether \([^ ]*\)'`; then
84 linkcmd="$linkcmd address $hwaddr"
86 if brd=`expr "$state" : '.*brd \([^ ]*\)'`; then
87 linkcmd="$linkcmd broadcast $brd"
89 if mtu=`expr "$state" : '.*mtu \([0-9]+\)'`; then
90 linkcmd="$linkcmd mtu $mtu"
92 if test -n "$linkcmd"; then
93 echo ip link set dev $dev down # Required to change hwaddr.
94 echo ip link set dev $dev $linkcmd
97 # IP addresses (including IPv6).
98 echo "ip addr flush dev $dev 2>/dev/null" # Suppresses "Nothing to flush".
99 ip addr show dev $dev | while read addr; do
102 # Check and trim family.
110 # Trim device off the end--"ip" insists on having "dev" precede it.
112 while test $# != 0; do
115 # Omit kernel-maintained route.
119 if test "$2" = link; then
120 # Omit route derived from IP address, e.g.
121 # 172.16.0.0/16 derived from 172.16.12.34.
126 # Address label string
127 addrcmd="$addrcmd label $1"
132 addrcmd="$addrcmd $1"
135 if test "$1" != "$dev"; then
136 addrcmd="$addrcmd $1"
139 echo ip -f $family addr add $addrcmd dev $dev
143 echo "ip route flush dev $dev proto boot 2>/dev/null" # Suppresses "Nothing to flush".
144 ip route show dev $dev | while read route; do
145 # "proto kernel" routes are installed by the kernel automatically.
147 *" proto kernel "*) continue ;;
150 echo "ip route add $route dev $dev"
156 if missing_program iptables-save; then
157 echo "# iptables-save not found in $PATH, not saving iptables state"
160 echo "iptables-restore <<'EOF'"
167 if missing_program ovs-ofctl; then
168 echo "$0: ovs-ofctl not found in $PATH" >&2
172 for bridge in "$@"; do
173 echo "ovs-ofctl add-flows ${bridge} - << EOF"
174 ovs-ofctl dump-flows "${bridge}" | sed -e '/NXST_FLOW/d' \
175 -e 's/\(idle\|hard\)_age=[^,]*,//g'
181 ovs-vsctl --no-wait --timeout=5 "$@"
185 if missing_program ovs-dpctl; then
186 echo "$0: ovs-dpctl not found in $PATH" >&2
189 if missing_program ovs-vsctl; then
190 echo "$0: ovs-vsctl not found in $PATH" >&2
195 echo "ovs-dpctl add-dp ${dp}"
196 ovs-dpctl show $dp | while read line; do
197 # An example 'ovs-dpctl show' output looks like this:
199 # lookups: hit:0 missed:0 lost:0
201 # port 0: br1 (internal)
202 # port 2: gre2886795521 (ipsec_gre: key=flow, remote_ip=172.17.1.1, tos=inherit)
203 # port 3: gre1 (ipsec_gre: remote_ip=192.168.113.1)
204 # port 14: gre2 (gre: remote_ip=192.168.115.1)
205 # port 15: gre3 (gre64: remote_ip=192.168.116.1)
207 # port 17: br1- (patch: peer=br1+)
209 # Skip lines which do not have 'port'
210 if port_no=`expr "${line}" : '.*port \([0-9]\+\):'`; then :; else
214 netdev=`echo ${line} | awk '{print $3}'`
216 # Do not add port that has the same name as the datapath. It gets
218 [ "${dp#system@}" = "${netdev}" ] && continue
220 type=`echo ${line} | awk '{print $4}' | sed 's/[:)(]//g'`
221 [ ! -n "${type}" ] && type="system"
223 command="ovs-dpctl add-if ${dp}\
224 ${netdev},type=${type},port_no=${port_no}"
226 options=`echo ${line} | awk -F: '{print $3}' | sed 's/[) ]//g'`
227 [ -n "${options}" ] && command="${command},${options}"
229 # For ipsec, ovs-dpctl does not show the key value pairs related
230 # to certificates. Get that information from ovs-vsctl.
231 if [ "${type}" = "ipsec_gre" ] ; then
232 if peer_cert=`ovs_vsctl get interface \
233 "${netdev}" options:peer_cert 2>/dev/null`; then
234 # The option peer_cert comes with an accompanying
235 # "certificate" or "use_ssl_cert"
236 if certificate=`ovs_vsctl get interface "${netdev}" \
237 options:certificate 2>/dev/null` ; then
238 command="${command},peer_cert=${peer_cert},certificate=${certificate}"
240 use_ssl_cert=`ovs_vsctl get interface "${netdev}" \
241 options:use_ssl_cert 2>/dev/null`
242 command="${command},peer_cert=${peer_cert},use_ssl_cert=${use_ssl_cert}"
245 psk=`ovs_vsctl get interface "${netdev}" \
246 options:psk 2>/dev/null`
247 command="${command},psk=${psk}"
278 echo >&2 "$0: unknown command \"$1\" (use --help for help)"
projects / openvswitch / blob