3 # /etc/init.d/openflow-switch
5 # Written by Miquel van Smoorenburg <miquels@cistron.nl>.
6 # Modified for Debian by Ian Murdock <imurdock@gnu.ai.mit.edu>.
7 # Further changes by Javier Fernandez-Sanguino <jfs@debian.org>
8 # Modified for openflow-switch.
10 # Version: @(#)skeleton 1.9 26-Feb-2001 miquels@cistron.nl
13 # Provides: openflow-switch
14 # Required-Start: $network $named $remote_fs $syslog
16 # Default-Start: 2 3 4 5
18 # Short-Description: OpenFlow switch
21 PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
22 DAEMON=/usr/sbin/secchan
26 test -x $DAEMON || exit 0
28 LOGDIR=/var/log/openflow
29 PIDFILE=/var/run/$NAME.pid
30 DHCLIENT_PIDFILE=/var/run/dhclient.of0.pid
31 DODTIME=1 # Time to wait for the server to die, in seconds
32 # If this value is set too low you might not
33 # let some servers to die gracefully and
34 # 'restart' will not work
36 # Include secchan defaults if available
50 default=/etc/default/openflow-switch
51 if [ -f $default ] ; then
59 # Check if a given process pid's cmdline matches a given name
62 [ -z "$pid" ] && return 1
63 [ ! -d /proc/$pid ] && return 1
64 cmd=`cat /proc/$pid/cmdline | tr "\000" "\n"|head -n 1 |cut -d : -f 1`
65 # Is this the expected child?
78 # Check if the process is running looking at /proc
79 # (works for all users)
81 # No pidfile, probably no daemon present
82 [ ! -f "$PIDFILE" ] && return 1
83 # Obtain the pid and check it against the binary name
85 running_pid $pid $NAME || return 1
90 # Forcefully kill the process
91 [ ! -f "$PIDFILE" ] && return
95 [ -n "$DODTIME" ] && sleep "$DODTIME"s
98 [ -n "$DODTIME" ] && sleep "$DODTIME"s
100 echo "Cannot kill $NAME (pid=$pid)!"
131 if (test "$CACERT_MODE" != secure && test "$CACERT_MODE" != bootstrap) \
132 || test ! -e "$PRIVKEY" || test ! -e "$CERT" \
133 || (test ! -e "$CACERT" && test "$CACERT_MODE" != bootstrap); then
134 if test "$CACERT_MODE" != secure && test "$CACERT_MODE" != bootstrap
136 echo "CACERT_MODE is not set to 'secure' or 'bootstrap'"
138 if test ! -e "$PRIVKEY"; then
139 echo "$PRIVKEY: private key missing" >&2
141 if test ! -e "$CERT"; then
142 echo "$CERT: certificate for private key missing" >&2
144 if test ! -e "$CACERT" && test "$CACERT_MODE" != bootstrap; then
145 echo "$CACERT: CA certificate missing (and CA certificate bootstrapping not enabled)" >&2
147 echo "Run ofp-switch-setup (in the openflow-switch-config package) or edit /etc/default/openflow-switch to configure" >&2
148 if test "$MODE" = discovery; then
149 echo "You may also delete or rename $PRIVKEY to disable SSL requirement" >&2
154 SSL_OPTS="--private-key=$PRIVKEY --certificate=$CERT"
155 if test ! -e "$CACERT" && test "$CACERT_MODE" = bootstrap; then
156 SSL_OPTS="$SSL_OPTS --bootstrap-ca-cert=$CACERT"
158 SSL_OPTS="$SSL_OPTS --ca-cert=$CACERT"
164 if test -n "$value"; then
165 if expr "X$value" : 'X[0-9][0-9]*$'; then
166 if test $value -lt $2; then
167 echo "warning: The $1 option may not be set to a value below $2, treating as $2" >&2
171 echo "warning: The $1 option must be set to a number, ignoring" >&2
180 echo "warning: The $1 option in DAEMON_OPTS may now be set with the $2 variable in $default. The setting in DAEMON_OPTS will override the $2 variable, which will prevent the switch UI from configuring $1." >&2
187 if test -z "$NETDEVS"; then
188 echo "$default: No network devices configured, switch disabled" >&2
189 echo "Run ofp-switch-setup (in the openflow-switch-config package) or edit /etc/default/openflow-switch to configure" >&2
192 if test "$MODE" = discovery; then
194 elif test "$MODE" = in-band || test "$MODE" = out-of-band; then
195 if test -z "$CONTROLLER"; then
196 echo "$default: No controller configured and not configured for discovery, switch disabled" >&2
197 echo "Run ofp-switch-setup (in the openflow-switch-config package) or edit /etc/default/openflow-switch to configure" >&2
201 echo "$default: MODE must set to 'discovery', 'in-band', or 'out-of-band'" >&2
202 echo "Run ofp-switch-setup (in the openflow-switch-config package) or edit /etc/default/openflow-switch to configure" >&2
205 : ${PRIVKEY:=/etc/openflow-switch/of0-privkey.pem}
206 : ${CERT:=/etc/openflow-switch/of0-cert.pem}
207 : ${CACERT:=/etc/openflow-switch/cacert.pem}
211 if test -e "$PRIVKEY"; then
221 echo "$default: CONTROLLER must be in the form 'ssl:HOST[:PORT]' or 'tcp:HOST[:PORT]' when not in discovery mode" >&2
222 echo "Run ofp-switch-setup (in the openflow-switch-config package) or edit /etc/default/openflow-switch to configure" >&2
225 case $DISCONNECTED_MODE in
227 *) echo "$default: warning: DISCONNECTED_MODE is not 'switch' or 'drop'" >&2 ;;
230 check_int_var RATE_LIMIT 100
231 check_int_var INACTIVITY_PROBE 5
232 check_int_var MAX_BACKOFF 1
234 check_new_option --fail DISCONNECTED_MODE
235 check_new_option --stp STP
236 check_new_option --rate-limit RATE_LIMIT
237 check_new_option --inactivity INACTIVITY_PROBE
238 check_new_option --max-backoff MAX_BACKOFF
241 echo "$default: --rate-limit may now be set with RATE_LIMIT" >&2
244 echo -n "Loading openflow_mod: "
245 if grep -q '^openflow_mod$' /proc/modules; then
246 echo "already loaded, nothing to do."
247 elif modprobe openflow_mod; then
251 echo "openflow_mod has probably not been built for this kernel."
252 if ! test -d /usr/share/doc/openflow-datapath-source; then
253 echo "Install the openflow-datapath-source package, then read"
254 echo "/usr/share/doc/openflow-datapath-source/README.Debian"
256 echo "For instructions, read"
257 echo "/usr/share/doc/openflow-datapath-source/README.Debian"
262 must_succeed "Adding datapath" dpctl adddp nl:0
263 for netdev in $NETDEVS; do
264 must_succeed "Adding $netdev to datapath" dpctl addif nl:0 $netdev
267 xx='[0-9abcdefABCDEF][0-9abcdefABCDEF]'
271 $xx:$xx:$xx:$xx:$xx:$xx)
273 must_succeed "Setting of0 MAC address to $DATAPATH_ID" ifconfig of0 hw ether $DATAPATH_ID
277 echo "DATAPATH_ID is not a valid MAC address in the form XX:XX:XX:XX:XX:XX, ignoring" >&2
281 if test "$MODE" = in-band; then
282 if test "$SWITCH_IP" = dhcp; then
283 must_succeed "Temporarily disabling of0" ifconfig of0 down
285 COMMAND="ifconfig of0 $SWITCH_IP"
286 if test -n "$SWITCH_NETMASK"; then
287 COMMAND="$COMMAND netmask $SWITCH_NETMASK"
289 must_succeed "Configuring of0: $COMMAND" $COMMAND
290 if test -n "$SWITCH_GATEWAY"; then
291 # This can fail because the route already exists,
292 # so we don't insist that it succeed.
293 COMMAND="route add default gw $SWITCH_GATEWAY"
294 check_op "Adding default route: $COMMAND" $COMMAND
298 must_succeed "Disabling of0" ifconfig of0 down
301 if test -n "$CORE_LIMIT"; then
302 check_op "Setting core limit to $CORE_LIMIT" ulimit -c "$CORE_LIMIT"
305 # Compose secchan options.
307 set -- "$@" --verbose=ANY:console:emer --verbose=ANY:syslog:err
308 set -- "$@" --log-file
309 set -- "$@" --detach --pidfile=$PIDFILE
310 for vconn in $MGMT_VCONNS; do
311 set -- "$@" --listen="$vconn"
313 if test -n "$MONITOR_VCONN"; then
314 set -- "$@" --monitor="$MONITOR_VCONN"
316 if test -n "$COMMANDS"; then
317 set -- "$@" --command-acl="$COMMANDS"
320 yes) set -- "$@" --stp ;;
321 no) set -- "$@" --no-stp ;;
323 case $DISCONNECTED_MODE in
324 switch) set -- "$@" --fail=open ;;
325 drop) set -- "$@" --fail=closed ;;
327 if test -n "$RATE_LIMIT"; then
328 set -- "$@" --rate-limit=$RATE_LIMIT
330 if test -n "$INACTIVITY_PROBE"; then
331 set -- "$@" --inactivity-probe=$INACTIVITY_PROBE
333 if test -n "$MAX_BACKOFF"; then
334 set -- "$@" --max-backoff=$MAX_BACKOFF
336 set -- "$@" $SSL_OPTS $DAEMON_OPTS
337 if test "$MODE" = out-of-band; then
338 set -- "$@" --out-of-band
340 set -- "$@" nl:0 "$CONTROLLER"
341 echo -n "Starting $DESC: "
342 start-stop-daemon --start --quiet --pidfile $PIDFILE \
343 --exec $DAEMON -- "$@"
350 if test "$MODE" = in-band && test "$SWITCH_IP" = dhcp; then
351 echo -n "Starting dhclient on of0: "
352 start-stop-daemon --start --quiet --pidfile $DHCLIENT_PIDFILE \
353 --exec /sbin/dhclient -- -q -pf $DHCLIENT_PIDFILE of0
362 if test -e /var/run/dhclient.of0.pid; then
363 echo -n "Stopping dhclient on of0: "
364 start-stop-daemon --stop --quiet --oknodo \
365 --pidfile $DHCLIENT_PIDFILE --exec /sbin/dhclient
369 echo -n "Stopping $DESC: "
370 start-stop-daemon --stop --quiet --oknodo --pidfile $PIDFILE \
374 for netdev in $NETDEVS; do
375 check_op "Removing $netdev from datapath" dpctl delif nl:0 $netdev
377 check_op "Deleting datapath" dpctl deldp nl:0
378 check_op "Unloading kernel module" modprobe -r openflow_mod
381 echo -n "Forcefully stopping $DESC: "
392 start-stop-daemon --stop --test --quiet --pidfile \
393 $PIDFILE --exec $DAEMON \
412 echo "Usage: $N {start|stop|restart|force-reload|status|force-stop}" >&2