13 # OpenVPN uses addresses in 10.<nodeid>/16 block. Avoid collisions with
14 # this block. NAT interface is not advertised and so does not require
15 # unique address throughout the topology. But the address of each slice's
16 # NAT interface must be unique on a single node.
28 ip link add name $ETUN0 type veth peer name $ETUN1
29 ifconfig $ETUN1 $EXTNET up
31 /sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
32 /sbin/iptables -A FORWARD -i eth0 -o $ETUN1 -m state --state RELATED,ESTABLISHED -j ACCEPT
33 /sbin/iptables -A FORWARD -i $ETUN1 -o eth0 -j ACCEPT
35 ### Put a process in the vserver so we can move the interface there
36 su $SLICE -c "sleep 30 &"
37 PID=`su $SLICE -c "pgrep -n sleep"`
38 $IP link set $ETUN0 netns $PID
39 naddress --add --nid $SLICEID --ip $INTNET
42 su $SLICE -c "sudo /sbin/ifconfig $ETUN0 $INTNET up; \
43 sudo /sbin/route add -net $BASENET $ETUN0; \
44 sudo /sbin/route add default gw $EXTIP; \
45 sudo /sbin/ifconfig lo 127.0.0.1/8 up"