- # ipsec support
- if [ "${IPSEC_VXLAN_TUNNELS_ENABLED}" == "yes" ]; then
- # shellcheck disable=SC2206
- ALL_NODES=(${!CONTROLIP} ${COMPUTE_IPS[*]})
- for ((inx_ip1=0; inx_ip1<$((${#ALL_NODES[@]} - 1)); inx_ip1++)); do
- for ((inx_ip2=$((inx_ip1 + 1)); inx_ip2<${#ALL_NODES[@]}; inx_ip2++)); do
- KEY1=0x$(dd if=/dev/urandom count=32 bs=1 2> /dev/null| xxd -p -c 64)
- KEY2=0x$(dd if=/dev/urandom count=32 bs=1 2> /dev/null| xxd -p -c 64)
- ID=0x$(dd if=/dev/urandom count=4 bs=1 2> /dev/null| xxd -p -c 8)
- ip1=${ALL_NODES[$inx_ip1]}
- ip2=${ALL_NODES[$inx_ip2]}
- ${SSH} $ip1 "sudo ip xfrm state add src $ip1 dst $ip2 proto esp spi $ID reqid $ID mode transport auth sha256 $KEY1 enc aes $KEY2"
- ${SSH} $ip1 "sudo ip xfrm state add src $ip2 dst $ip1 proto esp spi $ID reqid $ID mode transport auth sha256 $KEY1 enc aes $KEY2"
- ${SSH} $ip1 "sudo ip xfrm policy add src $ip1 dst $ip2 proto udp dir out tmpl src $ip1 dst $ip2 proto esp reqid $ID mode transport"
- ${SSH} $ip1 "sudo ip xfrm policy add src $ip2 dst $ip1 proto udp dir in tmpl src $ip2 dst $ip1 proto esp reqid $ID mode transport"
-
- ${SSH} $ip2 "sudo ip xfrm state add src $ip2 dst $ip1 proto esp spi $ID reqid $ID mode transport auth sha256 $KEY1 enc aes $KEY2"
- ${SSH} $ip2 "sudo ip xfrm state add src $ip1 dst $ip2 proto esp spi $ID reqid $ID mode transport auth sha256 $KEY1 enc aes $KEY2"
- ${SSH} $ip2 "sudo ip xfrm policy add src $ip2 dst $ip1 proto udp dir out tmpl src $ip2 dst $ip1 proto esp reqid $ID mode transport"
- ${SSH} $ip2 "sudo ip xfrm policy add src $ip1 dst $ip2 proto udp dir in tmpl src $ip1 dst $ip2 proto esp reqid $ID mode transport"
- done
- done
-
- for ip in ${!CONTROLIP} ${COMPUTE_IPS[*]}; do
- echo "ip xfrm configuration for node $ip:"
- ${SSH} $ip "sudo ip xfrm policy list"
- ${SSH} $ip "sudo ip xfrm state list"
- done
- fi
-
- # Control Node - PUBLIC_BRIDGE will act as the external router
- # Parameter values below are used in integration/test - changing them requires updates in intergration/test as well
- EXTNET_GATEWAY_IP="10.10.10.250"
- EXTNET_INTERNET_IP="10.9.9.9"
- EXTNET_PNF_IP="10.10.10.253"
- ${SSH} ${!CONTROLIP} "sudo ifconfig ${PUBLIC_BRIDGE} up ${EXTNET_GATEWAY_IP}/24"
-
- # Control Node - external net PNF simulation
+# Control Node - PUBLIC_BRIDGE will act as the external router
+# Parameter values below are used in integration/test - changing them requires updates in intergration/test as well
+EXTNET_GATEWAY_IP="10.10.10.250"
+EXTNET_INTERNET_IP="10.9.9.9"
+EXTNET_PNF_IP="10.10.10.253"
+${SSH} ${!CONTROLIP} "sudo ifconfig ${PUBLIC_BRIDGE} up ${EXTNET_GATEWAY_IP}/24"
+
+# Control Node - external net PNF simulation
+${SSH} ${!CONTROLIP} "
+ sudo ip netns add pnf_ns;
+ sudo ip link add pnf_veth0 type veth peer name pnf_veth1;
+ sudo ip link set pnf_veth1 netns pnf_ns;
+ sudo ip link set pnf_veth0 up;
+ sudo ip netns exec pnf_ns ifconfig pnf_veth1 up ${EXTNET_PNF_IP}/24;
+ sudo ovs-vsctl add-port ${PUBLIC_BRIDGE} pnf_veth0;
+"
+
+# Control Node - external net internet address simulation
+${SSH} ${!CONTROLIP} "
+ sudo ip tuntap add dev internet_tap mode tap;
+ sudo ifconfig internet_tap up ${EXTNET_INTERNET_IP}/24;
+"
+
+# Computes
+compute_index=1
+for compute_ip in ${COMPUTE_IPS[*]}; do
+ # Tunnel from controller to compute
+ COMPUTEPORT=compute$(( compute_index++ ))_vxlan