From: Andrew Tridgell <tridge@samba.org>
Date: Wed, 12 Sep 2007 03:23:36 +0000 (+1000)
Subject: - set arp_ignore to prevent replying to arp requests for addresses on loopback
X-Git-Tag: tevent-0.9.20~348^2~2421
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=6c77184d96349f13768d87c764355d98a68f007f;p=thirdparty%2Fsamba.git

- set arp_ignore to prevent replying to arp requests for addresses on loopback
- put removed IPs on loopback with scope host
- check for nul strings in ethtool call
;

(This used to be ctdb commit e2df1d6d08e67a36ff05a590a34c56e900741287)
---

diff --git a/ctdb/config/events.d/10.interface b/ctdb/config/events.d/10.interface
index 718dd2290c7..76face39e99 100755
--- a/ctdb/config/events.d/10.interface
+++ b/ctdb/config/events.d/10.interface
@@ -26,7 +26,14 @@ case $cmd in
      startup)
 	# make sure that we only respond to ARP messages from the NIC where
 	# a particular ip address is associated.
-	echo 1 > /proc/sys/net/ipv4/conf/all/arp_filter
+	[ -f /proc/sys/net/ipv4/conf/all/arp_filter ] && {
+	    echo 1 > /proc/sys/net/ipv4/conf/all/arp_filter
+	}
+	# make sure we don't reply to arp requests for IPs we have moved to scope
+	# host on loopback
+	[ -f /proc/sys/net/ipv4/conf/all/arp_ignore ] && {
+	    echo 3 > /proc/sys/net/ipv4/conf/all/arp_ignore
+	}
 	;;
 
 
@@ -71,7 +78,9 @@ case $cmd in
 		 echo "`/bin/date` Failed to del $ip on dev $iface"
 		 exit 1
 	}
-	/sbin/ip addr add $ip/32 dev lo >/dev/null 2>/dev/null
+	# we put the IP on loopback so our killtcp code can work, this allows
+	# us to avoid restarting the NFS server when we release an IP
+	/sbin/ip addr add $ip/32 dev lo scope host >/dev/null 2>/dev/null
 
 	# flush our route cache
 	echo 1 > /proc/sys/net/ipv4/route/flush
@@ -90,12 +99,21 @@ case $cmd in
 
      monitor)
 	[ -x /usr/sbin/ethtool ] && {
-		cat $CTDB_PUBLIC_ADDRESSES | sed -e "s/^[^\t ]*[\t ]*//" -e "s/[\t ]*$//" | sort | uniq | while read IFACE; do
-	    		/usr/sbin/ethtool $IFACE | grep 'Link detected: yes' > /dev/null || {
-				echo "`date` ERROR: No link on the public network interface $IFACE"
-				exit 1
-	    		}
-		done
+	    [ -z "$CTDB_PUBLIC_INTERFACE" ] || {
+	    	/usr/sbin/ethtool $CTDB_PUBLIC_INTERFACE | grep 'Link detected: yes' > /dev/null || {
+		    echo "`date` ERROR: No link on the public network interface $CTDB_PUBLIC_INTERFACE"
+		    exit 1
+	    	}
+	    }
+	    cat $CTDB_PUBLIC_ADDRESSES | sed -e "s/^[^\t ]*[\t ]*//" -e "s/[\t ]*$//" | 
+	    sort | uniq | while read IFACE; do
+		[ -z "$IFACE" ] || {
+	    	    /usr/sbin/ethtool $IFACE | grep 'Link detected: yes' > /dev/null || {
+			echo "`date` ERROR: No link on the public network interface $IFACE"
+			exit 1
+	    	    }
+		}
+	    done
 	}
 	;;