2 set -o xtrace # print commands during script execution
3 set -o errexit # exit on command errors
5 SCRIPT_VERSION=$(cat /opt/config/script_version.txt)
6 CLOUD_ENV=$(cat /opt/config/cloud_env.txt)
7 BNG_GMUX_NET_CIDR=$(cat /opt/config/bng_gmux_net_cidr.txt)
8 BNG_GMUX_NET_IPADDR=$(cat /opt/config/bng_gmux_net_ipaddr.txt)
9 BRGEMU_BNG_NET_CIDR=$(cat /opt/config/brgemu_bng_net_cidr.txt)
10 BRGEMU_BNG_NET_IPADDR=$(cat /opt/config/brgemu_bng_net_ipaddr.txt)
11 CPE_SIGNAL_NET_CIDR=$(cat /opt/config/cpe_signal_net_cidr.txt)
12 CPE_SIGNAL_NET_IPADDR=$(cat /opt/config/cpe_signal_net_ipaddr.txt)
13 SDNC_IP_ADDR=$(cat /opt/config/sdnc_ip_addr.txt)
16 # Convert Network CIDR to Netmask
18 # Number of args to shift, 255..255, first non-255 byte, zeroes
19 set -- $(( 5 - ($1 / 8) )) 255 255 255 255 $(( (255 << (8 - ($1 % 8))) & 255 )) 0 0 0
20 [ $1 -gt 1 ] && shift $1 || shift
21 echo ${1-0}.${2-0}.${3-0}.${4-0}
24 # OpenStack network configuration
25 if [[ $CLOUD_ENV == "openstack" ]]
27 echo 127.0.0.1 $(hostname) >> /etc/hosts
29 # Allow remote login as root
30 mv /root/.ssh/authorized_keys /root/.ssh/authorized_keys.bk
31 cp /home/ubuntu/.ssh/authorized_keys /root/.ssh
33 MTU=$(/sbin/ifconfig | grep MTU | sed 's/.*MTU://' | sed 's/ .*//' | sort -n | head -1)
35 IP=$(cat /opt/config/oam_ipaddr.txt)
36 BITS=$(cat /opt/config/oam_cidr.txt | cut -d"/" -f2)
37 NETMASK=$(cdr2mask $BITS)
38 echo "auto eth2" >> /etc/network/interfaces
39 echo "iface eth2 inet static" >> /etc/network/interfaces
40 echo " address $IP" >> /etc/network/interfaces
41 echo " netmask $NETMASK" >> /etc/network/interfaces
42 echo " mtu $MTU" >> /etc/network/interfaces
44 # eth2 probably doesn't exist yet and we should reboot after this anyway
49 # Auto-start configuration for the VPP
50 cat > /etc/vpp/startup.conf << EOF
56 cli-listen localhost:5002
57 startup-config /etc/vpp/setup.gate
69 ## In the VPP there is one main thread and optionally the user can create worker(s)
70 ## The main thread and worker thread(s) can be pinned to CPU core(s) manually or automatically
72 ## Manual pinning of thread(s) to CPU core(s)
74 ## Set logical CPU core where main thread runs
77 ## Set logical CPU core(s) where worker threads are running
78 # corelist-workers 2-3,18-19
80 ## Automatic pinning of thread(s) to CPU core(s)
82 ## Sets number of CPU core(s) to be skipped (1 ... N-1)
83 ## Skipped CPU core(s) are not used for pinning main thread and working thread(s).
84 ## The main thread is automatically pinned to the first available CPU core and worker(s)
85 ## are pinned to next free CPU core(s) after core assigned to main thread
88 ## Specify a number of workers to be created
89 ## Workers are pinned to N consecutive CPU cores while skipping "skip-cores" CPU core(s)
90 ## and main thread's CPU core
93 ## Set scheduling policy and priority of main and worker threads
95 ## Scheduling policy options are: other (SCHED_OTHER), batch (SCHED_BATCH)
96 ## idle (SCHED_IDLE), fifo (SCHED_FIFO), rr (SCHED_RR)
97 # scheduler-policy fifo
99 ## Scheduling priority is used only for "real-time policies (fifo and rr),
100 ## and has to be in the range of priorities supported for a particular policy
101 # scheduler-priority 50
105 ## Change default settings for all intefaces
107 ## Number of receive queues, enables RSS
111 ## Number of transmit queues, Default is equal
112 ## to number of worker threads or 1 if no workers treads
115 ## Number of descriptors in transmit and receive rings
116 ## increasing or reducing number can impact performance
117 ## Default is 1024 for both rx and tx
121 ## VLAN strip offload mode for interface
123 # vlan-strip-offload on
126 ## Whitelist specific interface by specifying PCI address
129 ## Whitelist specific interface by specifying PCI address and in
130 ## addition specify custom parameters for this interface
135 ## Change UIO driver used by VPP, Options are: igb_uio, vfio-pci
136 ## and uio_pci_generic (default)
137 # uio-driver vfio-pci
139 ## Disable mutli-segment buffers, improves performance but
140 ## disables Jumbo MTU support
143 ## Increase number of buffers allocated, needed only in scenarios with
144 ## large number of interfaces and worker threads. Value is per CPU socket.
148 ## Change hugepages allocation per-socket, needed only if there is need for
149 ## larger number of mbufs. Default is 256M on each detected CPU socket
150 # socket-mem 2048,2048
156 while read -r line ; do
157 if [ "$line" != "${line#*network device}" ]; then
158 echo -n "${line%% *} "
163 NICS=$(get_nic_pci_list)
164 NICS=`echo ${NICS} | sed 's/[0]\+\([0-9]\)/\1/g' | sed 's/[.:]/\//g'`
166 BRGEMU_BNG_NIC=GigabitEthernet`echo ${NICS} | cut -d " " -f 2` # second interface in list
167 CPE_SIGNAL_NIC=GigabitEthernet`echo ${NICS} | cut -d " " -f 4` # fourth interface in list
168 BNG_GMUX_NIC=GigabitEthernet`echo ${NICS} | cut -d " " -f 5` # fifth interface in list
170 cat > /etc/vpp/setup.gate << EOF
171 set int state ${BRGEMU_BNG_NIC} up
172 set interface ip address ${BRGEMU_BNG_NIC} ${BRGEMU_BNG_NET_IPADDR}/${BRGEMU_BNG_NET_CIDR#*/}
174 set int state ${CPE_SIGNAL_NIC} up
175 set interface ip address ${CPE_SIGNAL_NIC} ${CPE_SIGNAL_NET_IPADDR}/${CPE_SIGNAL_NET_CIDR#*/}
177 set int state ${BNG_GMUX_NIC} up
178 set interface ip address ${BNG_GMUX_NIC} ${BNG_GMUX_NET_IPADDR}/${BNG_GMUX_NET_CIDR#*/}
180 set vbng dhcp4 remote 10.4.0.1 local ${CPE_SIGNAL_NET_IPADDR}
181 set vbng aaa config /etc/vpp/vbng-aaa.cfg nas-port 5060
183 tap connect tap0 address 192.168.40.40/24
184 set int state tap-0 up
185 set int ip address tap-0 192.168.40.41/24
186 ip route add ${SDNC_IP_ADDR}/32 via 192.168.40.40 tap-0
190 cat > /etc/vpp/vbng-aaa.cfg << EOF
193 # specify which authentication comes first respectively which
194 # authentication is used. possible values are: "radius" and "local".
195 # if you specify "radius,local" then the RADIUS server is asked
196 # first then the local one. if only one keyword is specified only
197 # this server is asked.
198 auth_order radius,local
200 # maximum login tries a user has
203 # timeout for all login tries
204 # if this time is exceeded the user is kicked out
207 # name of the nologin file which when it exists disables logins.
208 # it may be extended by the ttyname which will result in
209 # a terminal specific lock (e.g. /etc/nologin.ttyS2 will disable
210 # logins on /dev/ttyS2)
213 # name of the issue file. it's only display when no username is passed
214 # on the radlogin command line
215 issue /usr/local/etc/radiusclient/issue
219 # RADIUS server to use for authentication requests. this config
220 # item can appear more then one time. if multiple servers are
221 # defined they are tried in a round robin fashion if one
222 # server is not answering.
223 # optionally you can specify a the port number on which is remote
224 # RADIUS listens separated by a colon from the hostname. if
225 # no port is specified /etc/services is consulted of the radius
226 # service. if this fails also a compiled in default is used.
230 # RADIUS server to use for accouting requests. All that I
231 # said for authserver applies, too.
236 # file holding shared secrets used for the communication
237 # between the RADIUS client and server
238 servers /usr/local/etc/radiusclient/servers
240 # dictionary of allowed attributes and values
241 # just like in the normal RADIUS distributions
242 dictionary /usr/local/etc/radiusclient/dictionary
244 # program to call for a RADIUS authenticated login
245 login_radius /usr/local/sbin/login.radius
247 # file which holds sequence number for communication with the
249 seqfile /var/run/radius.seq
251 # file which specifies mapping between ttyname and NAS-Port attribute
252 mapfile /usr/local/etc/radiusclient/port-id-map
254 # default authentication realm to append to all usernames if no
255 # realm was explicitly specified by the user
256 # the radiusd directly form Livingston doesnt use any realms, so leave
260 # time to wait for a reply from the RADIUS server
263 # resend request this many times before trying the next server
266 # The length of time in seconds that we skip a nonresponsive RADIUS
267 # server for transaction requests. Server(s) being in the "dead" state
268 # are tried only after all other non-dead servers have been tried and
269 # failed or timeouted. The deadtime interval starts when the server
270 # does not respond to an authentication/accounting request transmissions.
271 # When the interval expires, the "dead" server would be re-tried again,
272 # and if it's still down then it will be considered "dead" for another
273 # such interval and so on. This option is no-op if there is only one
274 # server in the list. Set to 0 in order to disable the feature.
277 # local address from which radius packets have to be sent
282 # program to execute for local login
283 # it must support the -f flag for preauthenticated login
284 login_local /bin/login
287 cat >> /usr/local/etc/radiusclient/dictionary << EOF
290 # DHCP Proxy/Relay attributes
292 ATTRIBUTE DHCP-Agent-Circuit-Id 82.1 integer
293 ATTRIBUTE DHCP-Agent-Remote-Id 82.2 string
294 ATTRIBUTE DHCP-Relay-Circuit-Id 82.1 integer
295 ATTRIBUTE DHCP-Relay-Remote-Id 82.2 string
299 cat >> /usr/local/etc/radiusclient/servers << EOF
301 localhost/localhost testing123
305 # Download DHCP config files
307 unzip -p -j /opt/vcpe-scripts-$SCRIPT_VERSION.zip v_bng_init.sh > /opt/v_bng_init.sh
308 unzip -p -j /opt/vcpe-scripts-$SCRIPT_VERSION.zip v_bng.sh > /opt/v_bng.sh
309 chmod +x v_bng_init.sh
311 sed -i 's/^\(# Provides:\).*/\1 v_bng/g' ./v_bng.sh
312 mv v_bng.sh /etc/init.d
313 update-rc.d v_bng.sh defaults
315 # Rename network interface in openstack Ubuntu 16.04 images. Then, reboot the VM to pick up changes
316 if [[ $CLOUD_ENV != "rackspace" ]]
318 sed -i "s/GRUB_CMDLINE_LINUX=.*/GRUB_CMDLINE_LINUX=\"net.ifnames=0 biosdevname=0\"/g" /etc/default/grub
319 grub-mkconfig -o /boot/grub/grub.cfg
320 sed -i "s/ens[0-9]*/eth0/g" /etc/network/interfaces.d/*.cfg
321 touch /etc/udev/rules.d/70-persistent-net.rules
322 sed -i "s/ens[0-9]*/eth0/g" /etc/udev/rules.d/70-persistent-net.rules
323 echo 'network: {config: disabled}' >> /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg
329 # Indicate script has finished executing
330 echo 'Execution of vBNG install script completed' > /opt/script_status.txt