From owner-svn-src-all@freebsd.org Tue Feb 9 01:41:04 2016 Return-Path: Delivered-To: svn-src-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 94019AA10F7; Tue, 9 Feb 2016 01:41:04 +0000 (UTC) (envelope-from dteske@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 695691D54; Tue, 9 Feb 2016 01:41:04 +0000 (UTC) (envelope-from dteske@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u191f36A017584; Tue, 9 Feb 2016 01:41:03 GMT (envelope-from dteske@FreeBSD.org) Received: (from dteske@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u191f3Hu017582; Tue, 9 Feb 2016 01:41:03 GMT (envelope-from dteske@FreeBSD.org) Message-Id: <201602090141.u191f3Hu017582@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: dteske set sender to dteske@FreeBSD.org using -f From: Devin Teske Date: Tue, 9 Feb 2016 01:41:03 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r295422 - head/share/examples/jails X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 09 Feb 2016 01:41:04 -0000 Author: dteske Date: Tue Feb 9 01:41:03 2016 New Revision: 295422 URL: https://svnweb.freebsd.org/changeset/base/295422 Log: Adjust MAC algo to support interface branching Modified: head/share/examples/jails/jib head/share/examples/jails/jng Modified: head/share/examples/jails/jib ============================================================================== --- head/share/examples/jails/jib Tue Feb 9 00:15:41 2016 (r295421) +++ head/share/examples/jails/jib Tue Feb 9 01:41:03 2016 (r295422) @@ -227,32 +227,37 @@ jib_addm() # 6. Set the MAC address of the new interface using a sensible # algorithm to prevent conflicts on the network. # - # The formula I'm using is ``SP:SS:SI:II:II:II'' where: - # + S denotes 16 bits of sum(1) data, split because P (below). + # The formula I'm using is ``NP:SS:SS:II:II:II'' where: + # + N denotes 4 bits used as a counter to support branching + # each parent interface up to 15 times under the same jail + # name (see S below). # + P denotes the special nibble whose value, if one of # 2, 6, A, or E (but usually 2) denotes a privately # administered MAC address (while remaining routable). + # + S denotes 16 bits, the sum(1) value of the jail name. # + I denotes bits that are inherited from parent interface. # # The S bits are a CRC-16 checksum of NAME, allowing the jail # to change the epair(4) generation order without affecting the - # MAC address. Meanwhile, if the jail NAME changes (e.g., it - # was duplicated and given a new name with no other changes), - # the underlying network interface changes, or the jail is - # moved to another host, the MAC address will be recalculated - # to a new, similarly unique value preventing conflict. + # MAC address. Meanwhile, if... + # + the jail NAME changes (e.g., it was duplicated and given + # a new name with no other changes) + # + the underlying network interface changes + # + the jail is moved to another host + # the MAC address will be recalculated to a new, similarly + # unique value preventing conflict. # iface_devid=$( ifconfig $iface ether | awk '/ether/,$0=$2' ) - eiface_devid_a=${iface_devid#??:??:?} - eiface_devid_b=${iface_devid#??:??:?} + eiface_devid_a=${iface_devid#??:??:??} + eiface_devid_b=${iface_devid#??:??:??} num=$( set -- `echo -n $name | sum` && echo $1 ) quad=$(( $num & 15 )) case "$quad" in 10) quad=a ;; 11) quad=b ;; 12) quad=c ;; 13) quad=d ;; 14) quad=e ;; 15) quad=f ;; esac - eiface_devid_a=:$quad$eiface_devid_a - eiface_devid_b=:$quad$eiface_devid_b + eiface_devid_a=$quad$eiface_devid_a + eiface_devid_b=$quad$eiface_devid_b num=$(( $num >> 4 )) quad=$(( $num & 15 )) case "$quad" in @@ -267,6 +272,14 @@ jib_addm() 10) quad=a ;; 11) quad=b ;; 12) quad=c ;; 13) quad=d ;; 14) quad=e ;; 15) quad=f ;; esac + eiface_devid_a=$quad:$eiface_devid_a + eiface_devid_b=$quad:$eiface_devid_b + num=$(( $num >> 4 )) + quad=$(( $num & 15 )) + case "$quad" in + 10) quad=a ;; 11) quad=b ;; 12) quad=c ;; + 13) quad=d ;; 14) quad=e ;; 15) quad=f ;; + esac case "$iface_devid" in ?2:*|?6:*) eiface_devid_a=a:$quad$eiface_devid_a @@ -276,7 +289,14 @@ jib_addm() eiface_devid_a=2:$quad$eiface_devid_a eiface_devid_b=6:$quad$eiface_devid_b esac - num=$(( $num >> 4 )) + eval num=\$_${iface}_num + if [ "$num" ]; then + num=$(( $num + 1 )) + eval _${iface}_num=$num + else + num=0 + local _${iface}_num=$num + fi quad=$(( $num & 15 )) case "$quad" in 10) quad=a ;; 11) quad=b ;; 12) quad=c ;; Modified: head/share/examples/jails/jng ============================================================================== --- head/share/examples/jails/jng Tue Feb 9 00:15:41 2016 (r295421) +++ head/share/examples/jails/jng Tue Feb 9 01:41:03 2016 (r295422) @@ -260,30 +260,35 @@ jng_bridge() # 6. Set the MAC address of the new interface using a sensible # algorithm to prevent conflicts on the network. # - # The formula I'm using is ``SP:SS:SI:II:II:II'' where: - # + S denotes 16 bits of sum(1) data, split because P (below). + # The formula I'm using is ``NP:SS:SS:II:II:II'' where: + # + N denotes 4 bits used as a counter to support branching + # each parent interface up to 15 times under the same jail + # name (see S below). # + P denotes the special nibble whose value, if one of # 2, 6, A, or E (but usually 2) denotes a privately # administered MAC address (while remaining routable). + # + S denotes 16 bits, the sum(1) value of the jail name. # + I denotes bits that are inherited from parent interface. # # The S bits are a CRC-16 checksum of NAME, allowing the jail # to change link numbers in ng_bridge(4) without affecting the - # MAC address. Meanwhile, if the jail NAME changes (e.g., it - # was duplicated and given a new name with no other changes), - # the underlying network interface changes, or the jail is - # moved to another host, the MAC address will be recalculated - # to a new, similarly unique value preventing conflict. + # MAC address. Meanwhile, if... + # + the jail NAME changes (e.g., it was duplicated and given + # a new name with no other changes) + # + the underlying network interface changes + # + the jail is moved to another host + # the MAC address will be recalculated to a new, similarly + # unique value preventing conflict. # iface_devid=$( ifconfig $iface ether | awk '/ether/,$0=$2' ) - eiface_devid=${iface_devid#??:??:?} + eiface_devid=${iface_devid#??:??:??} num=$( set -- `echo -n $name | sum` && echo $1 ) quad=$(( $num & 15 )) case "$quad" in 10) quad=a ;; 11) quad=b ;; 12) quad=c ;; 13) quad=d ;; 14) quad=e ;; 15) quad=f ;; esac - eiface_devid=:$quad$eiface_devid + eiface_devid=$quad$eiface_devid num=$(( $num >> 4 )) quad=$(( $num & 15 )) case "$quad" in @@ -297,11 +302,25 @@ jng_bridge() 10) quad=a ;; 11) quad=b ;; 12) quad=c ;; 13) quad=d ;; 14) quad=e ;; 15) quad=f ;; esac + eiface_devid=$quad:$eiface_devid + num=$(( $num >> 4 )) + quad=$(( $num & 15 )) + case "$quad" in + 10) quad=a ;; 11) quad=b ;; 12) quad=c ;; + 13) quad=d ;; 14) quad=e ;; 15) quad=f ;; + esac case "$iface_devid" in ?2:*) eiface_devid=a:$quad$eiface_devid ;; *) eiface_devid=2:$quad$eiface_devid esac - num=$(( $num >> 4 )) + eval num=\$_${iface}_num + if [ "$num" ]; then + num=$(( $num + 1 )) + eval _${iface}_num=$num + else + num=0 + local _${iface}_num=$num + fi quad=$(( $num & 15 )) case "$quad" in 10) quad=a ;; 11) quad=b ;; 12) quad=c ;;