The branch, master has been updated
via 3d5b80f ctdb-tests: Add NAT gateway eventscript unit tests for
static routes
via 70bbbbe ctdb-eventscripts: CTDB_NATGW_STATIC_ROUTES can specify
gateways
via 34682af ctdb-eventscripts: New configuration variable
CTDB_NATGW_STATIC_ROUTES
via 7705efc ctdb-eventscripts: Clarify that CTDB_NATGW_DEFAULT_GATEWAY
is optional
via 8a3be1f ctdb-eventscripts: Improve check in NATGW "startup" event
via e22a22b ctdb-eventscripts: Reformat natgw_clear()
via 3c839c6 ctdb-eventscripts: Rename some NAT gateway functions
via c0e2394 ctdb-tests: Add a test for NAT gateway sanity checking
via 4ee4925 ctdb-eventscripts: Sanity check NAT gateway configuration
via 0953f57 ctdb-eventscripts: Improve readability of NAT gateway
update code
via 7fdd6b7 ctdb-tests: Add some tests for 11.natgw eventscript
via feeb984 ctdb-eventscripts: Use set_proc() to update /proc
from 233e3c9 selftest: Remove print_smbtorture4_version and
smbtorture4_possible check
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 3d5b80f26ae65ce43ea25dd94274ec865f1c4026
Author: Martin Schwenke <mar...@meltin.net>
Date: Mon Mar 17 16:06:48 2014 +1100
ctdb-tests: Add NAT gateway eventscript unit tests for static routes
Signed-off-by: Martin Schwenke <mar...@meltin.net>
Autobuild-User(master): Amitay Isaacs <ami...@samba.org>
Autobuild-Date(master): Wed Mar 26 06:24:01 CET 2014 on sn-devel-104
commit 70bbbbe448e96019c79832ac89563eefc25b1bae
Author: Martin Schwenke <mar...@meltin.net>
Date: Fri Mar 7 15:33:17 2014 +1100
ctdb-eventscripts: CTDB_NATGW_STATIC_ROUTES can specify gateways
Extend CTDB_NATGW_STATIC_ROUTES so that each network can have an
optional gateway that overrides CTDB_NATGW_DEFAULT_GATEWAY.
Signed-off-by: Martin Schwenke <mar...@meltin.net>
commit 34682affe9f19432851d5f921b58e692e5c6274d
Author: Martin Schwenke <mar...@meltin.net>
Date: Fri Mar 7 15:11:36 2014 +1100
ctdb-eventscripts: New configuration variable CTDB_NATGW_STATIC_ROUTES
This can be used to create more specific NATGW routes than the usual
NATGW default route.
Signed-off-by: Martin Schwenke <mar...@meltin.net>
commit 7705efc35551a083873e2fed91ac42d021669df9
Author: Martin Schwenke <mar...@meltin.net>
Date: Fri Mar 7 14:14:16 2014 +1100
ctdb-eventscripts: Clarify that CTDB_NATGW_DEFAULT_GATEWAY is optional
This has been implied since the command to add the route has had
errors redirected to /dev/null. If infrastucture (e.g. ADS, DNS) is
on the same network as CTDB_NATGW_PUBLIC_IP then no route is
necessary.
Signed-off-by: Martin Schwenke <mar...@meltin.net>
commit 8a3be1f1a979b8058cf7754632d60ab52d066d5c
Author: Martin Schwenke <mar...@meltin.net>
Date: Fri Mar 7 14:07:17 2014 +1100
ctdb-eventscripts: Improve check in NATGW "startup" event
Although the dots in $CTDB_NATGW_PUBLIC_IP could probably only help
match an invalid public IP address, this is only executed once so do
as exact a check as possible.
Use CTDB_BASE instead of hardcoding /etc/ctdb.
Make the error message less redundant.
Signed-off-by: Martin Schwenke <mar...@meltin.net>
commit e22a22b1f72f75507941b5652bb9a0a2f42dd22f
Author: Martin Schwenke <mar...@meltin.net>
Date: Fri Mar 7 13:55:47 2014 +1100
ctdb-eventscripts: Reformat natgw_clear()
Signed-off-by: Martin Schwenke <mar...@meltin.net>
commit 3c839c60d15f11c538709c3e6b85d888131d6e30
Author: Martin Schwenke <mar...@meltin.net>
Date: Fri Mar 7 13:47:43 2014 +1100
ctdb-eventscripts: Rename some NAT gateway functions
delete_all() really needed renaming for clarity. While doing this,
might as well rename some of the others that don't start with
"natgw_".
Signed-off-by: Martin Schwenke <mar...@meltin.net>
commit c0e239473b532cebd31ef5e53d8cbf23c262c18d
Author: Martin Schwenke <mar...@meltin.net>
Date: Mon Mar 17 06:15:39 2014 +1100
ctdb-tests: Add a test for NAT gateway sanity checking
Signed-off-by: Martin Schwenke <mar...@meltin.net>
commit 4ee4925d416a86341bd76c11fa99ec9173682a1d
Author: Martin Schwenke <mar...@meltin.net>
Date: Fri Mar 7 13:43:17 2014 +1100
ctdb-eventscripts: Sanity check NAT gateway configuration
NAT gateway really can't operate unless most of the configuration
variables are set.
A check in delete_all() can be removed - strange that this isn't also
done in the add case.
Signed-off-by: Martin Schwenke <mar...@meltin.net>
commit 0953f5799c8545d9afee27d2350f344f2480df02
Author: Martin Schwenke <mar...@meltin.net>
Date: Fri Mar 7 13:35:03 2014 +1100
ctdb-eventscripts: Improve readability of NAT gateway update code
Put the code into a couple of usefully named functions.
Signed-off-by: Martin Schwenke <mar...@meltin.net>
commit 7fdd6b7861a4767cd3e2dfa76a7d7e7790efd840
Author: Martin Schwenke <mar...@meltin.net>
Date: Fri Mar 14 16:29:01 2014 +1100
ctdb-tests: Add some tests for 11.natgw eventscript
This includes adding support for:
* Configuring fake NATGW state in the eventscript unit tests
* "natgwlist" and "setnatgwstate" in ctdb command stub
* ip command stub to default to "main table" when no table specified,
allow routes to be added without "dev" option (just add a default
dev), support "metric" option
Signed-off-by: Martin Schwenke <mar...@meltin.net>
commit feeb9843bf46d00beb10f3e959ba0f73f5e33e8c
Author: Martin Schwenke <mar...@meltin.net>
Date: Fri Mar 7 13:37:21 2014 +1100
ctdb-eventscripts: Use set_proc() to update /proc
In case we want to write some unit tests in the future.
Signed-off-by: Martin Schwenke <mar...@meltin.net>
-----------------------------------------------------------------------
Summary of changes:
ctdb/config/events.d/11.natgw | 139 +++++++++++++++++++++---------
ctdb/doc/ctdb.7.xml | 23 ++++--
ctdb/doc/ctdbd.conf.5.xml | 61 ++++++++++++-
ctdb/tests/eventscripts/11.natgw.001.sh | 12 +++
ctdb/tests/eventscripts/11.natgw.002.sh | 24 +++++
ctdb/tests/eventscripts/11.natgw.011.sh | 23 +++++
ctdb/tests/eventscripts/11.natgw.012.sh | 23 +++++
ctdb/tests/eventscripts/11.natgw.013.sh | 25 ++++++
ctdb/tests/eventscripts/11.natgw.014.sh | 25 ++++++
ctdb/tests/eventscripts/11.natgw.015.sh | 62 +++++++++++++
ctdb/tests/eventscripts/11.natgw.021.sh | 25 ++++++
ctdb/tests/eventscripts/11.natgw.022.sh | 25 ++++++
ctdb/tests/eventscripts/11.natgw.023.sh | 25 ++++++
ctdb/tests/eventscripts/11.natgw.024.sh | 25 ++++++
ctdb/tests/eventscripts/11.natgw.025.sh | 64 ++++++++++++++
ctdb/tests/eventscripts/scripts/local.sh | 101 ++++++++++++++++++++++
ctdb/tests/eventscripts/stubs/ctdb | 82 ++++++++++++++++--
ctdb/tests/eventscripts/stubs/ip | 84 ++++++++++++++++---
18 files changed, 779 insertions(+), 69 deletions(-)
create mode 100755 ctdb/tests/eventscripts/11.natgw.001.sh
create mode 100755 ctdb/tests/eventscripts/11.natgw.002.sh
create mode 100755 ctdb/tests/eventscripts/11.natgw.011.sh
create mode 100755 ctdb/tests/eventscripts/11.natgw.012.sh
create mode 100755 ctdb/tests/eventscripts/11.natgw.013.sh
create mode 100755 ctdb/tests/eventscripts/11.natgw.014.sh
create mode 100755 ctdb/tests/eventscripts/11.natgw.015.sh
create mode 100755 ctdb/tests/eventscripts/11.natgw.021.sh
create mode 100755 ctdb/tests/eventscripts/11.natgw.022.sh
create mode 100755 ctdb/tests/eventscripts/11.natgw.023.sh
create mode 100755 ctdb/tests/eventscripts/11.natgw.024.sh
create mode 100755 ctdb/tests/eventscripts/11.natgw.025.sh
Changeset truncated at 500 lines:
diff --git a/ctdb/config/events.d/11.natgw b/ctdb/config/events.d/11.natgw
index 8555005..b2a219c 100755
--- a/ctdb/config/events.d/11.natgw
+++ b/ctdb/config/events.d/11.natgw
@@ -14,7 +14,22 @@ loadconfig
[ -n "$CTDB_NATGW_NODES" ] || exit 0
export CTDB_NATGW_NODES
-set_natgw_capability ()
+natgw_check_config ()
+{
+ [ -r "$CTDB_NATGW_NODES" ] || \
+ die "error: CTDB_NATGW_NODES=${CTDB_NATGW_NODES} unreadable"
+ [ -n "$CTDB_NATGW_PUBLIC_IP" ] || \
+ die "Invalid configuration: CTDB_NATGW_PUBLIC_IP not set"
+ [ -n "$CTDB_NATGW_PUBLIC_IFACE" ] || \
+ die "Invalid configuration: CTDB_NATGW_PUBLIC_IFACE not set"
+ [ -n "$CTDB_NATGW_PRIVATE_NETWORK" ] || \
+ die "Invalid configuration: CTDB_NATGW_PRIVATE_NETWORK not set"
+
+ # The default is to create a single default route
+ [ -n "$CTDB_NATGW_STATIC_ROUTES" ] || CTDB_NATGW_STATIC_ROUTES="0.0.0.0/0"
+}
+
+natgw_set_capability ()
{
# Set NATGW capability depending on configuration
if [ "$CTDB_NATGW_SLAVE_ONLY" = "yes" ] ; then
@@ -24,24 +39,70 @@ set_natgw_capability ()
fi
}
-delete_all() {
- _ip="${CTDB_NATGW_PUBLIC_IP%/*}"
- _maskbits="${CTDB_NATGW_PUBLIC_IP#*/}"
+natgw_clear ()
+{
+ _ip="${CTDB_NATGW_PUBLIC_IP%/*}"
+ _maskbits="${CTDB_NATGW_PUBLIC_IP#*/}"
+
+ delete_ip_from_iface \
+ $CTDB_NATGW_PUBLIC_IFACE $_ip $_maskbits >/dev/null 2>&1
+ for _net_gw in $CTDB_NATGW_STATIC_ROUTES ; do
+ _net="${_net_gw%@*}"
+ ip route del "$_net" metric 10 >/dev/null 2>/dev/null
+ done
+
+ # Delete the masquerading setup from a previous iteration where we
+ # were the NAT-GW
+ iptables -D POSTROUTING -t nat \
+ -s $CTDB_NATGW_PRIVATE_NETWORK ! -d $CTDB_NATGW_PRIVATE_NETWORK \
+ -j MASQUERADE >/dev/null 2>/dev/null
+
+ iptables -D INPUT -p tcp --syn -d $_ip/32 -j REJECT 2>/dev/null
+}
- [ -z "$CTDB_NATGW_PUBLIC_IFACE" ] || {
- delete_ip_from_iface $CTDB_NATGW_PUBLIC_IFACE $_ip $_maskbits
>/dev/null 2>&1
- }
- ip route del 0.0.0.0/0 metric 10 >/dev/null 2>/dev/null
+natgw_set_master ()
+{
+ set_proc sys/net/ipv4/ip_forward 1
+ iptables -A POSTROUTING -t nat \
+ -s $CTDB_NATGW_PRIVATE_NETWORK ! -d $CTDB_NATGW_PRIVATE_NETWORK \
+ -j MASQUERADE
+
+ # block all incoming connections to the NATGW IP address
+ ctdb_natgw_public_ip_host="${CTDB_NATGW_PUBLIC_IP%/*}/32"
+ iptables -D INPUT -p tcp --syn \
+ -d $ctdb_natgw_public_ip_host -j REJECT 2>/dev/null
+ iptables -I INPUT -p tcp --syn \
+ -d $ctdb_natgw_public_ip_host -j REJECT 2>/dev/null
+
+ ip addr add $CTDB_NATGW_PUBLIC_IP dev $CTDB_NATGW_PUBLIC_IFACE
+ for _net_gw in $CTDB_NATGW_STATIC_ROUTES ; do
+ _net="${_net_gw%@*}"
+ if [ "$_net" != "$_net_gw" ] ; then
+ _gw="${_net_gw#*@}"
+ else
+ _gw="$CTDB_NATGW_DEFAULT_GATEWAY"
+ fi
- # Delete the masquerading setup from a previous iteration where we
- # were the NAT-GW
- iptables -D POSTROUTING -t nat -s $CTDB_NATGW_PRIVATE_NETWORK ! -d
$CTDB_NATGW_PRIVATE_NETWORK -j MASQUERADE >/dev/null 2>/dev/null
+ [ -n "$_gw" ] || continue
+ ip route add "$_net" metric 10 via "$_gw"
+ done
+}
- # remove any iptables rule we may have on this address
- iptables -D INPUT -p tcp --syn -d $_ip/32 -j REJECT 2>/dev/null
+natgw_set_slave ()
+{
+ _natgwip="$1"
+
+ for _net_gw in $CTDB_NATGW_STATIC_ROUTES ; do
+ _net="${_net_gw%@*}"
+ ip route add "$_net" via "$_natgwip" metric 10
+ done
+
+ # Make sure winbindd does not stay bound to this address if we are
+ # no longer NATGW master
+ smbcontrol winbindd ip-dropped $CTDB_NATGW_PUBLIC_IP >/dev/null 2>&1
}
-ensure_natgwmaster ()
+natgw_ensure_master ()
{
_event="$1"
@@ -57,57 +118,53 @@ ensure_natgwmaster ()
case "$1" in
setup)
- set_natgw_capability
+ natgw_check_config
+ natgw_set_capability
;;
startup)
+ natgw_check_config
+
# Error if CTDB_NATGW_PUBLIC_IP is listed in public addresses
- grep -q "^$CTDB_NATGW_PUBLIC_IP[[:space:]]"
"${CTDB_PUBLIC_ADDRESSES:-/etc/ctdb/public_addresses}" && \
- die "ERROR: NATGW configured to use a public address. NATGW must
not use a public address."
+ ip_pat=$(echo "$CTDB_NATGW_PUBLIC_IP" | sed -e 's@\.@\\.@g')
+ if grep -q "^${ip_pat}[[:space:]]" \
+ "${CTDB_PUBLIC_ADDRESSES:-${CTDB_BASE}/public_addresses}" ; then
+ die "ERROR: CTDB_NATGW_PUBLIC_IP same as a public address"
+ fi
# do not send out arp requests from loopback addresses
- echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
+ set_proc sys/net/ipv4/conf/all/arp_announce 2
;;
updatenatgw|ipreallocated)
+ natgw_check_config
+
mypnn=$(ctdb pnn | cut -d: -f2)
- set_natgw_capability
- ensure_natgwmaster "$1"
+ natgw_set_capability
+ natgw_ensure_master "$1"
- delete_all
+ natgw_clear
if [ "$mypnn" = "$natgwmaster" ]; then
- # This is the NAT GW
- echo 1 >/proc/sys/net/ipv4/ip_forward
- iptables -A POSTROUTING -t nat -s $CTDB_NATGW_PRIVATE_NETWORK !
-d $CTDB_NATGW_PRIVATE_NETWORK -j MASQUERADE
-
- # block all incoming connections to the natgw address
- ctdb_natgw_public_ip_host="${CTDB_NATGW_PUBLIC_IP%/*}/32"
- iptables -D INPUT -p tcp --syn -d $ctdb_natgw_public_ip_host -j
REJECT 2>/dev/null
- iptables -I INPUT -p tcp --syn -d $ctdb_natgw_public_ip_host -j
REJECT 2>/dev/null
-
- ip addr add $CTDB_NATGW_PUBLIC_IP dev $CTDB_NATGW_PUBLIC_IFACE
- ip route add 0.0.0.0/0 metric 10 via
$CTDB_NATGW_DEFAULT_GATEWAY >/dev/null 2>/dev/null
+ natgw_set_master
else
- # This is NOT the NAT GW
- ip route add 0.0.0.0/0 via $natgwip metric 10
- # Make sure winbindd does not stay bound to this address
- # if we are no longer natgwmaster
- smbcontrol winbindd ip-dropped $CTDB_NATGW_PUBLIC_IP >/dev/null
2>/dev/null
+ natgw_set_slave "$natgwip"
fi
# flush our route cache
- echo 1 > /proc/sys/net/ipv4/route/flush
+ set_proc sys/net/ipv4/route/flush 1
;;
shutdown|removenatgw)
- delete_all
+ natgw_check_config
+ natgw_clear
;;
monitor)
- set_natgw_capability
- ensure_natgwmaster "$1"
+ natgw_check_config
+ natgw_set_capability
+ natgw_ensure_master "$1"
;;
*)
diff --git a/ctdb/doc/ctdb.7.xml b/ctdb/doc/ctdb.7.xml
index 989a280..f48d5a6 100644
--- a/ctdb/doc/ctdb.7.xml
+++ b/ctdb/doc/ctdb.7.xml
@@ -635,11 +635,12 @@ CTDB_NATGW_DEFAULT_GATEWAY=10.0.0.1
<varname>CTDB_NATGW_PUBLIC_IP</varname> on the configured public
interfaces <varname>CTDB_NATGW_PUBLIC_IFACE</varname> and acts as
a router, masquerading outgoing connections from slave nodes
- via this IP address. It also establishes a fallback default
- route to the configured default gateway
- <varname>CTDB_NATGW_DEFAULT_GATEWAY</varname> with a metric of 10.
- A metric 10 route is used so it can co-exist with other
- default routes that may be available.
+ via this IP address. If
+ <varname>CTDB_NATGW_DEFAULT_GATEWAY</varname> is set then it
+ also establishes a fallback default route to the configured
+ this gateway with a metric of 10. A metric 10 route is used
+ so it can co-exist with other default routes that may be
+ available.
</para>
<para>
@@ -654,9 +655,17 @@ CTDB_NATGW_DEFAULT_GATEWAY=10.0.0.1
</para>
<para>
+ <varname>CTDB_NATGW_STATIC_ROUTES</varname> can be used to
+ have NATGW create more specific routes instead of just default
+ routes.
+ </para>
+
+ <para>
This is implemented in the <filename>11.natgw</filename>
- eventscript. Please see the eventscript file for the finer
- details.
+ eventscript. Please see the eventscript file and the
+ <citetitle>NAT GATEWAY</citetitle> section in
+ <citerefentry><refentrytitle>ctdbd.conf</refentrytitle>
+ <manvolnum>5</manvolnum></citerefentry> for more details.
</para>
</refsect2>
diff --git a/ctdb/doc/ctdbd.conf.5.xml b/ctdb/doc/ctdbd.conf.5.xml
index d80bda6..188a4df 100644
--- a/ctdb/doc/ctdbd.conf.5.xml
+++ b/ctdb/doc/ctdbd.conf.5.xml
@@ -458,11 +458,13 @@
<listitem>
<para>
IPADDR is an alternate network gateway to use on the NAT
- gateway master node. A fallback default route is added
- via this network gateway.
+ gateway master node. If set, a fallback default route
+ is added via this network gateway.
</para>
<para>
- No default.
+ No default. Setting this variable is optional - if not
+ set that no route is created on the NAT gateway master
+ node.
</para>
</listitem>
</varlistentry>
@@ -543,6 +545,42 @@
</listitem>
</varlistentry>
+ <varlistentry>
+
<term>CTDB_NATGW_STATIC_ROUTES=<parameter>IPADDR/MASK[@GATEWAY]</parameter>
...</term>
+ <listitem>
+ <para>
+ Each IPADDR/MASK identifies a network or host to which
+ NATGW should create a fallback route, instead of
+ creating a single default route. This can be used when
+ there is already a default route, via an interface that
+ can not reach required infrastructure, that overrides
+ the NAT gateway default route.
+ </para>
+ <para>
+ If GATEWAY is specified then the corresponding route on
+ the NATGW master node will be via GATEWAY. Such routes
+ are created even if
+ <varname>CTDB_NATGW_DEFAULT_GATEWAY</varname> is not
+ specified. If GATEWAY is not specified for some
+ networks then routes are only created on the NATGW
+ master node for those networks if
+ <varname>CTDB_NATGW_DEFAULT_GATEWAY</varname> is
+ specified.
+ </para>
+ <para>
+ This should be used with care to avoid causing traffic
+ to unnecessarily double-hop through the NAT gateway
+ master, even when a node is hosting public IP addresses.
+ Each specified network or host should probably have a
+ corresponding automatically created link route or static
+ route to avoid this.
+ </para>
+ <para>
+ No default.
+ </para>
+ </listitem>
+ </varlistentry>
+
</variablelist>
<refsect3>
@@ -554,6 +592,23 @@ CTDB_NATGW_DEFAULT_GATEWAY=10.0.0.1
CTDB_NATGW_PUBLIC_IP=10.0.0.227/24
CTDB_NATGW_PUBLIC_IFACE=eth0
</screen>
+
+ <para>
+ A variation that ensures that infrastructure (ADS, DNS, ...)
+ directly attached to the public network (10.0.0.0/24) is
+ always reachable would look like this:
+ </para>
+ <screen>
+CTDB_NATGW_NODES=/etc/ctdb/natgw_nodes
+CTDB_NATGW_PRIVATE_NETWORK=192.168.1.0/24
+CTDB_NATGW_PUBLIC_IP=10.0.0.227/24
+CTDB_NATGW_PUBLIC_IFACE=eth0
+CTDB_NATGW_STATIC_ROUTES=10.0.0.0/24
+ </screen>
+ <para>
+ Note that <varname>CTDB_NATGW_DEFAULT_GATEWAY</varname> is
+ not specified.
+ </para>
</refsect3>
</refsect2>
diff --git a/ctdb/tests/eventscripts/11.natgw.001.sh
b/ctdb/tests/eventscripts/11.natgw.001.sh
new file mode 100755
index 0000000..afcc097
--- /dev/null
+++ b/ctdb/tests/eventscripts/11.natgw.001.sh
@@ -0,0 +1,12 @@
+#!/bin/sh
+
+. "${TEST_SCRIPTS_DIR}/unit.sh"
+
+define_test "not configured"
+
+setup_ctdb
+
+ok_null
+simple_test_event "ipreallocate"
+
+check_routes 0
diff --git a/ctdb/tests/eventscripts/11.natgw.002.sh
b/ctdb/tests/eventscripts/11.natgw.002.sh
new file mode 100755
index 0000000..e496e4a
--- /dev/null
+++ b/ctdb/tests/eventscripts/11.natgw.002.sh
@@ -0,0 +1,24 @@
+#!/bin/sh
+
+. "${TEST_SCRIPTS_DIR}/unit.sh"
+
+define_test "missing config file"
+
+setup_ctdb
+setup_ctdb_natgw <<EOF
+192.168.1.21 master
+192.168.1.22
+192.168.1.23
+192.168.1.24
+EOF
+
+rm -f "$CTDB_NATGW_NODES"
+
+required_result 1 <<EOF
+error: CTDB_NATGW_NODES=${CTDB_NATGW_NODES} unreadable
+EOF
+
+for i in "startup" "ipreallocated" "monitor" ; do
+ simple_test_event "$i"
+done
+
diff --git a/ctdb/tests/eventscripts/11.natgw.011.sh
b/ctdb/tests/eventscripts/11.natgw.011.sh
new file mode 100755
index 0000000..4c5a937
--- /dev/null
+++ b/ctdb/tests/eventscripts/11.natgw.011.sh
@@ -0,0 +1,23 @@
+#!/bin/sh
+
+. "${TEST_SCRIPTS_DIR}/unit.sh"
+
+define_test "master node, basic configuration"
+
+setup_ctdb
+
+setup_ctdb_natgw <<EOF
+192.168.1.21 master
+192.168.1.22
+192.168.1.23
+192.168.1.24
+EOF
+
+ok_null
+simple_test_event "ipreallocated"
+
+ok "default via ${CTDB_NATGW_DEFAULT_GATEWAY} dev ethXXX metric 10 "
+simple_test_command ip route show
+
+ok_natgw_master_ip_addr_show
+simple_test_command ip addr show "$CTDB_NATGW_PUBLIC_IFACE"
diff --git a/ctdb/tests/eventscripts/11.natgw.012.sh
b/ctdb/tests/eventscripts/11.natgw.012.sh
new file mode 100755
index 0000000..6ec98a0
--- /dev/null
+++ b/ctdb/tests/eventscripts/11.natgw.012.sh
@@ -0,0 +1,23 @@
+#!/bin/sh
+
+. "${TEST_SCRIPTS_DIR}/unit.sh"
+
+define_test "slave node, basic configuration"
+
+setup_ctdb
+
+setup_ctdb_natgw <<EOF
+192.168.1.21
+192.168.1.22 master
+192.168.1.23
+192.168.1.24
+EOF
+
+ok_null
+simple_test_event "ipreallocated"
+
+ok "default via ${FAKE_CTDB_NATGW_MASTER} dev ethXXX metric 10 "
+simple_test_command ip route show
+
+ok_natgw_slave_ip_addr_show
+simple_test_command ip addr show "$CTDB_NATGW_PUBLIC_IFACE"
diff --git a/ctdb/tests/eventscripts/11.natgw.013.sh
b/ctdb/tests/eventscripts/11.natgw.013.sh
new file mode 100755
index 0000000..16f0622
--- /dev/null
+++ b/ctdb/tests/eventscripts/11.natgw.013.sh
@@ -0,0 +1,25 @@
+#!/bin/sh
+
+. "${TEST_SCRIPTS_DIR}/unit.sh"
+
+define_test "master node, no gateway"
+
+setup_ctdb
+
+setup_ctdb_natgw <<EOF
+192.168.1.21 master
+192.168.1.22
+192.168.1.23
+192.168.1.24
+EOF
+
+CTDB_NATGW_DEFAULT_GATEWAY=""
+
+ok_null
+simple_test_event "ipreallocated"
+
+ok_null
+simple_test_command ip route show
+
+ok_natgw_master_ip_addr_show
+simple_test_command ip addr show "$CTDB_NATGW_PUBLIC_IFACE"
diff --git a/ctdb/tests/eventscripts/11.natgw.014.sh
b/ctdb/tests/eventscripts/11.natgw.014.sh
new file mode 100755
index 0000000..462756c
--- /dev/null
+++ b/ctdb/tests/eventscripts/11.natgw.014.sh
@@ -0,0 +1,25 @@
+#!/bin/sh
+
+. "${TEST_SCRIPTS_DIR}/unit.sh"
+
+define_test "slave node, no gateway"
+
+setup_ctdb
+
+setup_ctdb_natgw <<EOF
+192.168.1.21
+192.168.1.22 master
+192.168.1.23
+192.168.1.24
+EOF
+
+CTDB_NATGW_DEFAULT_GATEWAY=""
+
+ok_null
+simple_test_event "ipreallocated"
+
+ok "default via ${FAKE_CTDB_NATGW_MASTER} dev ethXXX metric 10 "
+simple_test_command ip route show
+
+ok_natgw_slave_ip_addr_show
+simple_test_command ip addr show "$CTDB_NATGW_PUBLIC_IFACE"
diff --git a/ctdb/tests/eventscripts/11.natgw.015.sh
b/ctdb/tests/eventscripts/11.natgw.015.sh
new file mode 100755
index 0000000..d202ae6
--- /dev/null
+++ b/ctdb/tests/eventscripts/11.natgw.015.sh
@@ -0,0 +1,62 @@
+#!/bin/sh
+
+. "${TEST_SCRIPTS_DIR}/unit.sh"
--
Samba Shared Repository
