Hi all,
At work we have several standalone webservers with lots of IPs... let's
say x.x.x.100 - 200. That's a LOT of "ifconfig_IF_alias0, alias1,
alias2..." to maintain, and it's also painful when we need to move an IP
to a different server which happens occasionally. The right solution for
this is to use ranges with ipvr_addr_IF="x.x.x.100-200/24" and if you need
to move an IP you just create a gap.For example, if we needed to move the
IP .126 we'd just change it to:
ipv4_addr_IF="x.x.x.100-125/24 x.x.x.127-200/32"
This works great! But what about IPv6? We use corresponding IPv6 IPs so if
a customer actually wants IPv6 enabled it's as easy as adding the AAAA
record. So this leaves us with having to maintain 100 aliases again, and
when you create a gap you have to renumber all of those alias numbers or
leave things like "ifconfig_IF_alias67="inet6 up" strewn throughout the
config to fill the gaps. It's just not something worth maintaining long
term and I'd like a way to do ranges for IPv6 as well.
I've been playing with adding ipv6_addr_IF support to network.subr and it
certainly works but the main problem is that I'm only dealing with decimal
ranges. This would *not* work with any IPv6 hex ranges unless someone more
clever than I can think of a good way to code that up.
Mostly a blatant ripoff of ipv4_addrs_common() we come up with this:
# ipv6_addrs_common if action
# Evaluate the ifconfig_if_ipv6 arguments for interface $if and
# use $action to add or remove ipv6 addresses from $if.
ipv6_addrs_common()
{
local _ret _if _action _cidr _cidr_addr
local _ipaddr _prefixlen _range _ipnet _iplow _iphigh _ipcount
_ret=1
_if=$1
_action=$2
# get ipv6-addresses
cidr_addr=`get_if_var $_if ipv6_addrs_IF`
for _cidr in ${cidr_addr}; do
_ipaddr=${_cidr%%/*}
_prefixlen="/"${_cidr##*/}
_range=${_ipaddr##*:}
_ipnet=${_ipaddr%:*}
_iplow=${_range%-*}
_iphigh=${_range#*-}
# clear prefixlen when removing aliases
if [ "${_action}" = "-alias" ]; then
_prefixlen=""
fi
_ipcount=${_iplow}
while [ "${_ipcount}" -le "${_iphigh}" ]; do
eval "ifconfig ${_if} inet6 ${_action}
${_ipnet}:${_ipcount}${_prefixlen}"
_ipcount=$((${_ipcount}+1))
_ret=0
# only the first ipaddr in a subnet need the
real prefixlen
if [ "${_action}" != "-alias" ]; then
_prefixlen="/128"
fi
done
done
return $_ret
}
But again, has no concept of any non-decimal ranges. However, this would
still be invaluable to us and perhaps anyone else out there managing large
numbers of IPs on a server.
So two questions:
1) With its current limitations (decimal ranges only) would this ever be
accepted into network.subr?
2) Can anyone assist me with correctly modifying ipv6if() so this works
standalone? Without ipv6if() modification it will always return 1 and skip
setting up any ipv6 addresses on the interface because it doesn't find any
ifconfig_IF_ipv6 or ipv6_ifconfig_IF in rc.conf.
Thanks!
_______________________________________________
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hackers-unsubscr...@freebsd.org"
