2 # Script to set up one of the nodes as a NAT gateway for all other nodes.
3 # This is used to ensure that all nodes in the cluster can still originate
4 # traffic to the external network even if there are no public addresses
11 [ -z "$CTDB_NATGW_PUBLIC_IFACE" ] && exit 0
15 PATH=/usr/bin:/bin:/usr/sbin:/sbin:$PATH
19 remove_ip $CTDB_NATGW_PUBLIC_IP $CTDB_NATGW_PUBLIC_IFACE
20 remove_ip $CTDB_NATGW_PUBLIC_IP_HOST lo
22 ip route del 0.0.0.0/0 metric 10 >/dev/null 2>/dev/null
24 # Delete the masquerading setup from a previous iteration where we
26 iptables -D POSTROUTING -t nat -s $CTDB_NATGW_PRIVATE_NETWORK -d ! $CTDB_NATGW_PRIVATE_NETWORK -j MASQUERADE >/dev/null 2>/dev/null
32 MYPNN=`ctdb pnn | cut -d: -f2`
33 NATGWMASTER=`ctdb natgwlist | head -1`
34 NATGWIP=`ctdb natgwlist | tail --lines=+2 | head -1 | cut -d: -f3`
36 CTDB_NATGW_PUBLIC_IP_HOST=`echo $CTDB_NATGW_PUBLIC_IP | sed -e "s/\/.*/\/32/"`
40 if [ "$MYPNN" == "$NATGWMASTER" ]; then
41 # This is the first node, set it up as the NAT GW
42 echo 1 >/proc/sys/net/ipv4/ip_forward
43 iptables -A POSTROUTING -t nat -s $CTDB_NATGW_PRIVATE_NETWORK -d ! $CTDB_NATGW_PRIVATE_NETWORK -j MASQUERADE
44 ip addr add $CTDB_NATGW_PUBLIC_IP dev $CTDB_NATGW_PUBLIC_IFACE
45 ip route add 0.0.0.0/0 via $CTDB_NATGW_DEFAULT_GATEWAY >/dev/null 2>/dev/null
47 # This is not the NAT-GW
48 # Assign the public ip to the private interface and make
49 # sure we dont respond to ARPs.
50 # We do this so that the ip address will exist on a
51 # non-loopback interface so that samba may send it along in the
53 ip addr add $CTDB_NATGW_PUBLIC_IP_HOST dev lo
54 ip route add 0.0.0.0/0 via $NATGWIP metric 10
57 # flush our route cache
58 echo 1 > /proc/sys/net/ipv4/route/flush