Some network option should be the same everywhere so move them to the registry

1257f36c · Julien Muchembled · ef5401a4 · 1257f36c · 1257f36c · 1257f36c
Commit 1257f36c authored Feb 26, 2015 by Julien Muchembled
15 changed files
--- a/demo/m1/re6stnet.conf
+++ b/demo/m1/re6stnet.conf
@@ -2,12 +2,9 @@ log m1/
 state m1/
 babel-pidfile m1/babeld.pid
 pp 1194 tcp
-hello 4
 dh dh2048.pem
 ca ca.crt
 cert m1/cert.crt
 key m1/cert.key
 table 0
-client-count 2
-tunnel-refresh 100
 neighbour 6/16
--- a/demo/m2/re6stnet.conf
+++ b/demo/m2/re6stnet.conf
@@ -2,11 +2,8 @@ log m2/
 state m2/
 babel-pidfile m2/babeld.pid
 pp 1194 tcp
-hello 4
 dh dh2048.pem
 ca ca.crt
 cert m2/cert.crt
 key m2/cert.key
 table 0
-client-count 2
-tunnel-refresh 100
--- a/demo/m3/re6stnet.conf
+++ b/demo/m3/re6stnet.conf
@@ -2,11 +2,8 @@ log m3/
 state m3/
 babel-pidfile m3/babeld.pid
 pp 1194 tcp
-hello 4
 dh dh2048.pem
 ca ca.crt
 cert m3/cert.crt
 key m3/cert.key
 table 0
-client-count 2
-tunnel-refresh 100
--- a/demo/m4/re6stnet.conf
+++ b/demo/m4/re6stnet.conf
@@ -2,11 +2,8 @@ log m4/
 state m4/
 babel-pidfile m4/babeld.pid
 pp 1194 tcp
-hello 4
 dh dh2048.pem
 ca ca.crt
 cert m4/cert.crt
 key m4/cert.key
 table 0
-client-count 2
-tunnel-refresh 100
--- a/demo/m5/re6stnet.conf
+++ b/demo/m5/re6stnet.conf
 log m5/
 state m5/
 babel-pidfile m5/babeld.pid
-hello 4
 ca ca.crt
 cert m5/cert.crt
 key m5/cert.key

--- a/demo/m6/re6stnet.conf
+++ b/demo/m6/re6stnet.conf
@@ -2,14 +2,11 @@ log m6/
 state m6/
 babel-pidfile m6/babeld.pid
 pp 1194 tcp
-hello 4
 dh dh2048.pem
 ca ca.crt
 cert m6/cert.crt
 key m6/cert.key
 table 0
-client-count 2
-tunnel-refresh 100
 # TODO: Run a DHCPv4 client on machine9. Unfortunately, isc-dhcp-client 4.2.4
 #       fails with "Bind socket to interface: No such device"
 daemon "exec dnsmasq -d8 - -i $re6stnet_iface -F 192.168.42.2,192.168.42.254,255.255.255.0,infinite -F ${re6stnet_subnet%/*},ra-only,${re6stnet_subnet#*/},1d -O option:router,192.168.42.1 -l m6/dnsmasq.leases"
--- a/demo/m7/re6stnet.conf
+++ b/demo/m7/re6stnet.conf
@@ -2,11 +2,8 @@ log m7/
 state m7/
 babel-pidfile m7/babeld.pid
 pp 1194 tcp
-hello 4
 dh dh2048.pem
 ca ca.crt
 cert m7/cert.crt
 key m7/cert.key
 table 0
-client-count 2
-tunnel-refresh 100
--- a/demo/m8/re6stnet.conf
+++ b/demo/m8/re6stnet.conf
 log m8/
 state m8/
 babel-pidfile m8/babeld.pid
-hello 4
 ca ca.crt
 cert m8/cert.crt
 key m8/cert.key

--- a/demo/registry/re6st-registry.conf
+++ b/demo/registry/re6st-registry.conf
 ca ca.crt
 key registry/ca.key
 logfile registry/registry.log
+hello 4
+client-count 2
+tunnel-refresh 100
--- a/demo/registry/re6stnet.conf
+++ b/demo/registry/re6stnet.conf
 log registry/
 state registry/
 babel-pidfile registry/babeld.pid
-hello 4
 dh dh2048.pem
 ca ca.crt
 cert registry/cert.crt
 key registry/cert.key
 gateway
-client-count 2
-tunnel-refresh 100
--- a/re6st-registry
+++ b/re6st-registry
@@ -92,6 +92,28 @@ def main():
    _('--min-protocol', default=version.min_protocol, type=int,
        help="Reject nodes that are too old. Current is %s." % version.protocol)
+    _ = parser.add_argument_group('routing').add_argument
+    _('--hello', type=int, default=15,
+        help="Hello interval in seconds, for both wired and wireless"
+             " connections. OpenVPN ping-exit option is set to 4 times the"
+             " hello interval. It takes between 3 and 4 times the"
+             " hello interval for Babel to re-establish connection with a"
+             " node for which the direct connection has been cut.")
+    _ = parser.add_argument_group('tunnelling').add_argument
+    _('--encrypt', action='store_true',
+        help='Specify that tunnels should be encrypted.')
+    _('--client-count', default=10, type=int,
+        help="Number of client tunnels to set up.")
+    _('--max-clients', type=int,
+        help="Maximum number of accepted clients per OpenVPN server. (default:"
+             " client-count * 2, which actually represents the average number"
+             " of tunnels to other peers)")
+    _('--tunnel-refresh', default=300, type=int,
+        help="Interval in seconds between two tunnel refresh: the worst"
+             " tunnel is closed if the number of client tunnels has reached"
+             " its maximum number (client-count).")
    config = parser.parse_args()
    if not version.min_protocol <= config.min_protocol <= version.protocol:
@@ -100,6 +122,9 @@ def main():
    utils.setupLog(config.verbose, config.logfile)
+    if config.max_clients is None:
+        config.max_clients = config.client_count * 2
    server = registry.RegistryServer(config)
    def requestHandler(request, client_address, _):
        RequestHandler(request, client_address, server)

--- a/re6st/plib.py
+++ b/re6st/plib.py
@@ -61,7 +61,7 @@ def client(iface, address_list, encrypt, *args, **kw):
 def router(subnet, hello_interval, table, log_path, state_path, pidfile,
-           tunnel_interfaces, control_socket, *args, **kw):
+           tunnel_interfaces, control_socket, default, *args, **kw):
    s = utils.ipFromBin(subnet)
    n = len(subnet)
    cmd = ['babeld',
@@ -71,7 +71,7 @@ def router(subnet, hello_interval, table, log_path, state_path, pidfile,
            '-S', state_path,
            '-I', pidfile,
            '-s',
-            '-C', 'default max-rtt-penalty 5000 rtt-max 500 rtt-decay 125',
+            '-C', 'default ' + default,
            '-C', 'redistribute local deny',
            '-C', 'redistribute ip %s/%u eq %u' % (s, n, n),
            '-C', 'redistribute deny']

--- a/re6st/registry.py
+++ b/re6st/registry.py
@@ -99,10 +99,12 @@ class RegistryServer(object):
    def updateNetworkConfig(self):
        kw = {
+            'babel_default': 'max-rtt-penalty 5000 rtt-max 500 rtt-decay 125',
            'protocol': version.protocol,
            'registry_prefix': self.prefix,
        }
-        for x in 'min_protocol',:
+        for x in ('client_count', 'encrypt', 'hello',
+                  'max_clients', 'min_protocol', 'tunnel_refresh'):
            kw[x] = getattr(self.config, x)
        config = json.dumps(kw, sort_keys=True)
        if config != self.getConfig('last_config', None):

--- a/re6st/tunnel.py
+++ b/re6st/tunnel.py
@@ -6,8 +6,6 @@ from . import ctl, plib, utils, version, x509
 PORT = 326
-# Be careful the refresh interval should let the routes be established
 class MultiGatewayManager(dict):
@@ -165,7 +163,7 @@ class BaseTunnelManager(object):
    # TODO: To minimize downtime when network parameters change, we should do
    #       our best to not restart any process. Ideally, this list should be
    #       empty and the affected subprocesses reloaded.
-    NEED_RESTART = frozenset()
+    NEED_RESTART = frozenset(('babel_default', 'encrypt', 'hello'))
    _forward = None
@@ -425,13 +423,14 @@ class BaseTunnelManager(object):
 class TunnelManager(BaseTunnelManager):
+    NEED_RESTART = BaseTunnelManager.NEED_RESTART.union((
+        'client_count', 'max_clients', 'tunnel_refresh'))
    def __init__(self, control_socket, cache, cert, cert_renew, openvpn_args,
-                 timeout, refresh, client_count, iface_list, address,
+                 timeout, client_count, iface_list, address, ip_changed,
-                 ip_changed, encrypt, remote_gateway, disable_proto,
+                 remote_gateway, disable_proto, neighbour_list=()):
-                 neighbour_list=()):
        super(TunnelManager, self).__init__(cache, cert, cert_renew, address)
        self.ctl = ctl.Babel(control_socket, weakref.proxy(self), self._network)
-        self.encrypt = encrypt
        self.ovpn_args = openvpn_args
        self.timeout = timeout
        # Create and open read_only pipe to get server events
@@ -440,7 +439,6 @@ class TunnelManager(BaseTunnelManager):
        self._disconnected = 0
        self._distant_peers = []
        self._iface_to_prefix = {}
-        self._refresh_time = refresh
        self._iface_list = iface_list
        self._ip_changed = ip_changed
        self._gateway_manager = MultiGatewayManager(remote_gateway) \
@@ -457,8 +455,12 @@ class TunnelManager(BaseTunnelManager):
            for i in xrange(1, self._client_count + 1))
        self._free_iface_list = []
+    @property
+    def encrypt(self):
+        return self.cache.encrypt
    def resetTunnelRefresh(self):
-        self._next_tunnel_refresh = time.time() + self._refresh_time
+        self._next_tunnel_refresh = time.time() + self.cache.tunnel_refresh
    def _tuntap(self, iface=None):
        if iface:

--- a/re6stnet
+++ b/re6stnet
@@ -59,12 +59,6 @@ def getConfig():
    _('--control-socket', metavar='CTL_SOCK', default=ctl.SOCK_PATH,
        help="Socket path to use for communication between re6stnet and babeld"
             " (option -R of Babel).")
-    _('--hello', type=int, default=15,
-        help="Hello interval in seconds, for both wired and wireless"
-             " connections. OpenVPN ping-exit option is set to 4 times the"
-             " hello interval. It takes between 3 and 4 times the"
-             " hello interval for Babel to re-establish connection with a"
-             " node for which the direct connection has been cut.")
    _('--table', type=int, default=42,
        help="Use given table id. Set 0 to use the main table, if you want to"
             " access internet via this network (in this case, make sure you"
@@ -80,8 +74,6 @@ def getConfig():
             " subprocesses. Often used to configure verbosity.")
    _('--ovpnlog', action='store_true',
        help="Tell each OpenVPN subprocess to log to a dedicated file.")
-    _('--encrypt', action='store_true',
-        help='Specify that tunnels should be encrypted.')
    _('--pp', nargs=2, action='append', metavar=('PORT', 'PROTO'),
        help="Port and protocol to be announced to other peers, ordered by"
             " preference. For each protocol (udp, tcp, udp6, tcp6), start one"
@@ -95,16 +87,12 @@ def getConfig():
             " Common name defines the allocated prefix in the network.")
    _('--key', required=True,
        help="Local peer's private key in .pem format.")
-    _('--client-count', default=10, type=int,
+    _('--client-count', type=int,
-        help="Number of client tunnels to set up.")
+        help="Number of client tunnels to set up."
+             " (default: value from registry)")
    _('--max-clients', type=int,
-        help="Maximum number of accepted clients per OpenVPN server. (default:"
+        help="Maximum number of accepted clients per OpenVPN server."
-             " client-count * 2, which actually represents the average number"
+             " (default: value from registry)")
-             " of tunnels to other peers)")
-    _('--tunnel-refresh', default=300, type=int,
-        help="Interval in seconds between two tunnel refresh: the worst"
-             " tunnel is closed if the number of client tunnels has reached"
-             " its maximum number (client-count).")
    _('--remote-gateway', action='append', dest='gw_list',
        help="Force each tunnel to be created through one the given gateways,"
             " in a round-robin fashion.")
@@ -145,10 +133,13 @@ def main():
    exit.signal(-1, signal.SIGHUP, signal.SIGUSR2)
    next_renew = cert.maybeRenew(config.registry)
+    cache = Cache(db_path, config.registry, cert)
    network = cert.network
+    if config.client_count is None:
+        config.client_count = cache.client_count
    if config.max_clients is None:
-        config.max_clients = config.client_count * 2
+        config.max_clients = cache.max_clients
    if 'none' in config.disable_proto:
        config.disable_proto = ()
@@ -253,15 +244,13 @@ def main():
        # Init db and tunnels
        tunnel_interfaces = server_tunnels.keys()
-        timeout = 4 * config.hello
+        timeout = 4 * cache.hello
-        cache = Cache(db_path, config.registry, cert)
        cleanup = [lambda: cache.cacheMinimize(config.client_count)]
        if config.client_count and not config.client:
            tunnel_manager = tunnel.TunnelManager(config.control_socket,
                cache, cert, next_renew, config.openvpn_args, timeout,
-                config.tunnel_refresh, config.client_count, config.iface_list,
+                config.client_count, config.iface_list, address, ip_changed,
-                address, ip_changed, config.encrypt, remote_gateway,
+                remote_gateway, config.disable_proto, config.neighbour)
-                config.disable_proto, config.neighbour)
            tunnel_interfaces += tunnel_manager.new_iface_list
            write_pipe = tunnel_manager.write_pipe
        else:
@@ -293,13 +282,13 @@ def main():
                    sys.exit("error: --disable_proto option disables"
                             " all addresses given by --client")
                cleanup.append(plib.client('re6stnet',
-                    address_list, config.encrypt, '--ping-restart',
+                    address_list, cache.encrypt, '--ping-restart',
                    str(timeout), *config.openvpn_args).stop)
            elif server_tunnels:
                required('dh')
                for iface, (port, proto) in server_tunnels.iteritems():
                    cleanup.append(plib.server(iface, config.max_clients,
-                        config.dh, write_pipe, port, proto, config.encrypt,
+                        config.dh, write_pipe, port, proto, cache.encrypt,
                        '--ping-exit', str(timeout), *config.openvpn_args).stop)
            ip('addr', my_ip, 'dev', config.main_interface)
@@ -356,11 +345,11 @@ def main():
            ip('route', 'unreachable', *x)
            config.babel_args += config.iface_list
-            cleanup.append(plib.router(subnet, config.hello, config.table,
+            cleanup.append(plib.router(subnet, cache.hello, config.table,
                os.path.join(config.log, 'babeld.log'),
                os.path.join(config.state, 'babeld.state'),
                config.babel_pidfile, tunnel_interfaces,
-                config.control_socket,
+                config.control_socket, cache.babel_default,
                *config.babel_args).stop)
            if config.up:
                exit.release()