Author: arkurth
Date: Wed Aug 19 18:38:08 2009
New Revision: 805918

URL: http://svn.apache.org/viewvc?rev=805918&view=rev
Log:
VCL-195
Added Version_6.pm::ignore_private_default_routes() subroutine and added call 
to this subroutine from post_load(). The new sub configures default routes 
configured for the private interface to be ignored. Default routes configured 
for the private interface cause problems communicating from the computer to the 
public network if the metric of the private default route is less than the 
metric of the public default route. When this occurs, traffic is always routed 
on the private interface.

Modified:
    incubator/vcl/trunk/managementnode/lib/VCL/Module/OS/Windows/Version_6.pm

Modified: 
incubator/vcl/trunk/managementnode/lib/VCL/Module/OS/Windows/Version_6.pm
URL: 
http://svn.apache.org/viewvc/incubator/vcl/trunk/managementnode/lib/VCL/Module/OS/Windows/Version_6.pm?rev=805918&r1=805917&r2=805918&view=diff
==============================================================================
--- incubator/vcl/trunk/managementnode/lib/VCL/Module/OS/Windows/Version_6.pm 
(original)
+++ incubator/vcl/trunk/managementnode/lib/VCL/Module/OS/Windows/Version_6.pm 
Wed Aug 19 18:38:08 2009
@@ -213,6 +213,14 @@
 
 =item *
 
+Ignore default routes configured for the private interface
+
+=cut
+
+       $self->ignore_private_default_routes();
+
+=item *
+
 Activate Windows license
 
 =cut
@@ -1331,6 +1339,60 @@
 
 #/////////////////////////////////////////////////////////////////////////////
 
+=head2 ignore_private_default_routes
+
+ Parameters  : None
+ Returns     : If successful: true
+               If failed: false
+ Description : Configures computer to ignore default routes configured for the
+               private network interface. This is necessary in order for 
traffic
+               to be correctly routed out of the computer. If default routes 
are
+               configured for both the public and private interfaces and the
+               metric for the private default route is equal to or less than 
the
+               metric for the public route, traffic originating from the
+               computer to the Internet will fail because it will be routed on
+               the private interface.
+
+=cut
+
+sub ignore_private_default_routes {
+       my $self = shift;
+       unless (ref($self) && $self->isa('VCL::Module')) {
+               notify($ERRORS{'CRITICAL'}, 0, "subroutine can only be called 
as a VCL::Module module object method");
+               return; 
+       }
+       
+       # Get required data
+       my $management_node_keys = $self->data->get_management_node_keys();
+       my $computer_node_name   = $self->data->get_computer_node_name();
+       
+       # Get the private interface name
+       my $private_interface_name = $self->get_private_interface_name();
+       if (!$private_interface_name) {
+               notify($ERRORS{'WARNING'}, 0, "unable to determine private 
interface name");
+               return; 
+       }
+       
+       # Run netsh.exe to configure any default routes configured for the 
private interface to be ignored
+       my $netsh_command = "netsh.exe interface ip set interface 
\"$private_interface_name\" ignoredefaultroutes=enabled";
+       my ($netsh_exit_status, $netsh_output) = 
run_ssh_command($computer_node_name, $management_node_keys, $netsh_command);
+       if (defined($netsh_exit_status) && $netsh_exit_status == 0) {
+               notify($ERRORS{'OK'}, 0, "configured interface 
\"$private_interface_name\" to ignore default routes");
+       }
+       elsif (defined($netsh_exit_status)) {
+               notify($ERRORS{'WARNING'}, 0, "failed to configure interface 
\"$private_interface_name\" to ignore default routes, exit status: 
$netsh_exit_status, output:\...@{$netsh_output}");
+               return;
+       }
+       else {
+               notify($ERRORS{'WARNING'}, 0, "failed to run ssh command to 
configure interface \"$private_interface_name\" to ignore default routes");
+               return;
+       }
+       
+       return 1;
+}
+
+#/////////////////////////////////////////////////////////////////////////////
+
 1;
 __END__
 


Reply via email to