From 3bbff271a02b8f49be4e0b7deaaf6a70fb6f7fde Mon Sep 17 00:00:00 2001 From: Joshua Boniface Date: Sun, 14 Oct 2018 11:00:31 -0400 Subject: [PATCH] Reorganize sysctl commands; fix bug with rp_filtering on vni_dev --- node-daemon/pvcd/Daemon.py | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/node-daemon/pvcd/Daemon.py b/node-daemon/pvcd/Daemon.py index aece4619..108ede7d 100644 --- a/node-daemon/pvcd/Daemon.py +++ b/node-daemon/pvcd/Daemon.py @@ -226,20 +226,24 @@ logger.out('Starting pvcd on host {}'.format(myfqdn), state='s') # Enable routing functions common.run_os_command('sysctl net.ipv4.ip_forward=1') +common.run_os_command('sysctl net.ipv6.ip_forward=1') + +# Send redirects common.run_os_command('sysctl net.ipv4.conf.all.send_redirects=1') common.run_os_command('sysctl net.ipv4.conf.default.send_redirects=1') -common.run_os_command('sysctl net.ipv4.conf.all.rp_filter=0') -common.run_os_command('sysctl net.ipv4.conf.default.rp_filter=0') -common.run_os_command('sysctl net.ipv4.conf.all.accept_source_route=1') -common.run_os_command('sysctl net.ipv4.conf.default.accept_source_route=1') -common.run_os_command('sysctl net.ipv6.ip_forward=1') -common.run_os_command('sysctl net.ipv6.conf.all.rp_filter=0') -common.run_os_command('sysctl net.ipv6.conf.default.rp_filter=0') common.run_os_command('sysctl net.ipv6.conf.all.send_redirects=1') common.run_os_command('sysctl net.ipv6.conf.default.send_redirects=1') + +# Accept source routes +common.run_os_command('sysctl net.ipv4.conf.all.accept_source_route=1') +common.run_os_command('sysctl net.ipv4.conf.default.accept_source_route=1') common.run_os_command('sysctl net.ipv6.conf.all.accept_source_route=1') common.run_os_command('sysctl net.ipv6.conf.default.accept_source_route=1') +# Disable RP filtering on the VNI dev interface (to allow traffic pivoting from primary) +common.run_os_command('sysctl net.ipv4.conf.{}.rp_filter=0'.format(config['vni_dev'])) +common.run_os_command('sysctl net.ipv6.conf.{}.rp_filter=0'.format(config['vni_dev'])) + ############################################################################### # PHASE 2 - Determine coordinator mode and start Zookeeper on coordinators ###############################################################################