meta-google: gbmc-bridge: Conditionally advertise default route
We only want to advertise that we have a default route if we have an
external (non-bridge) interface that has a default route. This
disambiguates routes on the internal machine network to avoid
blackholes.
Change-Id: I4059ddf0f74a0b15ca3f93f096b79415a851d3f7
Signed-off-by: William A. Kennington III <wak@google.com>
diff --git a/meta-google/recipes-google/networking/gbmc-bridge/-bmc-gbmcbr.network.in b/meta-google/recipes-google/networking/gbmc-bridge/-bmc-gbmcbr.network.in
index 09ef620..a2bfc0d 100644
--- a/meta-google/recipes-google/networking/gbmc-bridge/-bmc-gbmcbr.network.in
+++ b/meta-google/recipes-google/networking/gbmc-bridge/-bmc-gbmcbr.network.in
@@ -11,4 +11,4 @@
[IPv6AcceptRA]
DHCPv6Client=false
[IPv6PrefixDelegation]
-RouterLifetimeSec=30
+RouterLifetimeSec=0
diff --git a/meta-google/recipes-google/networking/gbmc-bridge/gbmc-br-gw-src.sh b/meta-google/recipes-google/networking/gbmc-bridge/gbmc-br-gw-src.sh
index cfe993f..9e01d4a 100644
--- a/meta-google/recipes-google/networking/gbmc-bridge/gbmc-br-gw-src.sh
+++ b/meta-google/recipes-google/networking/gbmc-bridge/gbmc-br-gw-src.sh
@@ -12,12 +12,41 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-[ -z "${gbmc_br_gw_src_lib-}" ] || return
+[ -n "${gbmc_br_gw_src_lib-}" ] && return
source /usr/share/network/lib.sh || exit
gbmc_br_gw_src_ip=
declare -A gbmc_br_gw_src_routes=()
+gbmc_br_gw_defgw=
+
+gbmc_br_set_router() {
+ local defgw=
+ local route
+ for route in "${!gbmc_br_gw_src_routes[@]}"; do
+ if [[ "$route" != *' dev gbmcbr '* ]]; then
+ defgw=1
+ break
+ fi
+ done
+ [ "$defgw" = "$gbmc_br_gw_defgw" ] && return
+ gbmc_br_gw_defgw="$defgw"
+
+ local files=(/run/systemd/network/{00,}-bmc-gbmcbr.network.d/50-defgw.conf)
+ if [ -n "$defgw" ]; then
+ local file
+ for file in "${files[@]}"; do
+ mkdir -p "$(dirname "$file")"
+ printf '[IPv6PrefixDelegation]\nRouterLifetimeSec=30\n' >"$file"
+ done
+ else
+ rm -f "${files[@]}"
+ fi
+
+ if [ "$(systemctl is-active systemd-networkd)" != 'inactive' ]; then
+ networkctl reload && networkctl reconfigure gbmcbr
+ fi
+}
gbmc_br_gw_src_update() {
[ -n "$gbmc_br_gw_src_ip" ] || return
@@ -42,9 +71,11 @@
if [ "$action" = 'add' -a -z "${gbmc_br_gw_src_routes["$route"]}" ]; then
gbmc_br_gw_src_routes["$route"]=1
gbmc_br_gw_src_update
+ gbmc_br_set_router
elif [ "$action" = 'del' -a -n "${gbmc_br_gw_src_routes["$route"]}" ]; then
unset 'gbmc_br_gw_src_routes[$route]'
gbmc_br_gw_src_update
+ gbmc_br_set_router
fi
# Match only global IP addresses on the bridge that match the BMC stateless
# prefix (<mpfx>:fd00:). So 2002:af4:3480:2248:fd00:6345:3069:9186 would be