Added --no-mtu flag to disable setting MTU 9000 on Ethernet NICs

adamuk01 · adamuk01 · commit a95c0f4870c2 · 2025-11-12T09:56:19.000Z
diff --git a/preinstall/setup-multi-nic-routing.sh b/preinstall/setup-multi-nic-routing.sh
@@ -1,26 +1,34 @@
-setup-multi-nic-routing.sh#!/usr/bin/env bash
+#!/usr/bin/env bash
 #
 # setup-multi-nic-routing.sh
-# v1.0
 #
-# Configures source-based routing for multiple NICs using NetworkManager.
+# This script configures source-based routing for multiple NICs using NetworkManager.
 #
-# Features:
-#   - Validates NICs are present and up
-#   - Creates dedicated routing tables: weka-<nic>
-#   - Adds source-based routing rules
-#   - Routes local subnet and optional client subnet via NIC
-#   - Enables ARP tuning (arp_filter/arp_announce)
-#   - Sets MTU=9000 for Ethernet interfaces
-#   - --reset: removes rules/routes only, preserves NM connections
-#   - Supports multi-run, multi-NIC, different subnets safely
+# For each specified NIC:
+#   - Validates the interface is present and up
+#   - Retrieves its IPv4 address and subnet
+#   - Creates a dedicated routing table (e.g. weka-eth0, weka-eth1, ...)
+#   - Adds a source-based routing rule for traffic from that IP
+#   - Adds a route to the local subnet via the same interface and IP
+#   - Optionally adds a route to a remote client subnet via a specified gateway
+#   - Enables ARP tuning (arp_filter=1, arp_announce=2) only for the listed NICs
+#   - Sets MTU=9000 for Ethernet interfaces (unless --no-mtu is used)
 #
-# Usage examples:
-#   ./setup-multi-nic-routing.sh --nics ib0 ib1
+# Supports:
+#   --nics             Space-separated list of NICs (required)
+#   --client-subnet    Optional remote subnet (CIDR format) to route via gateway (could be 0.0.0.0/0)
+#   --gateway          Optional gateway for the client subnet
+#   --reset            Removes any existing source-based routing rules created by this script
+#   --no-mtu           Skip setting MTU=9000 for Ethernet NICs
+#   --dry-run          Show intended actions without applying them
+#
+# Example usage:
 #   ./setup-multi-nic-routing.sh --nics eth0 eth1 --client-subnet 192.168.50.0/24 --gateway 10.0.0.254
-#   ./setup-multi-nic-routing.sh --nics ens19 ens20 --reset
-#   ./setup-multi-nic-routing.sh --nics eth0 --client-subnet 0.0.0.0/0 --gateway 10.1.1.254
-#   ./setup-multi-nic-routing.sh --nics eth1 --client-subnet 0.0.0.0/0 --gateway 10.1.2.254
+#   ./setup-multi-nic-routing.sh --nics eth0 eth1 --client-subnet 0.0.0.0/0 --gateway 10.1.1.254
+#   ./setup-multi-nic-routing.sh --nics ib0 ib1                      # Flat IB or Ethernet (no gateway)
+#   ./setup-multi-nic-routing.sh --nics eth0 eth1 --reset            # Remove only routing rules
+#   ./setup-multi-nic-routing.sh --nics eth0 eth1 --no-mtu           # Skip MTU 9000 change
+#   ./setup-multi-nic-routing.sh --nics eth0 eth1 --dry-run          # Preview only
 #
 
 set -euo pipefail
@@ -30,12 +38,13 @@ ROUTE_TABLE_PREFIX="weka"
 SYSCTL_FILE="/etc/sysctl.d/99-weka.conf"
 RT_TABLES="/etc/iproute2/rt_tables"
 DRY_RUN=false
-RESET=false
+RESET_MODE=false
+NO_MTU=false
 
 # ---- FUNCTIONS ----
 
 usage() {
-    echo "Usage: $0 --nics <nic1> [nic2 ...] [--client-subnet <CIDR>] [--gateway <IP>] [--dry-run] [--reset]"
+    echo "Usage: $0 --nics <nic1> [nic2 ...] [--client-subnet <CIDR>] [--gateway <IP>] [--reset] [--no-mtu] [--dry-run]"
     exit 1
 }
 
@@ -69,9 +78,15 @@ get_ip_for_nic() {
 
 get_network_cidr() {
     local ip_cidr="$1"
-    local network_line
-    network_line=$(ipcalc "$ip_cidr" 2>/dev/null | awk '/^Network:/ {print $2}')
-    echo "$network_line"
+    ipcalc "$ip_cidr" 2>/dev/null | awk '/^Network:/ {print $2}'
+}
+
+ensure_rt_table() {
+    local table_id="$1"
+    local table_name="$2"
+    if ! grep -qw "$table_name" "$RT_TABLES"; then
+        run_or_echo "echo \"$table_id $table_name\" >> \"$RT_TABLES\""
+    fi
 }
 
 apply_sysctl_arp_settings() {
@@ -91,55 +106,27 @@ apply_sysctl_arp_settings() {
     fi
 }
 
-# Reset rules only (do NOT delete NM connection)
-reset_nic_config() {
+find_existing_table_id() {
     local nic="$1"
-    local table_name="${ROUTE_TABLE_PREFIX}-${nic}"
-
-    echo "🧹 Resetting routing rules for $nic ..."
-
-    # Remove matching ip rules
-    local rules
-    rules=$(ip rule show | grep -w "lookup" | grep "$table_name" || true)
-    if [[ -n "$rules" ]]; then
-        echo "$rules" | while read -r rule; do
-            local priority
-            priority=$(echo "$rule" | awk '{print $1}' | sed 's/://')
-            run_or_echo "ip rule del priority $priority"
-        done
-    else
-        echo "  No ip rules found for $table_name"
-    fi
-
-    # Flush the routing table
-    run_or_echo "ip route flush table $table_name || true"
-
-    echo "  ✅ Routing rules cleared for $nic"
+    grep -E "weka-${nic}" "$RT_TABLES" | awk '{print $1}' | head -n1
 }
 
-# Get or allocate a routing table ID (ensure unique)
-get_or_allocate_table_id() {
-    local nic="$1"
-    local table_name="${ROUTE_TABLE_PREFIX}-${nic}"
-
-    # Reuse table if it exists
-    local existing_entry
-    existing_entry=$(grep -w "$table_name" "$RT_TABLES" | awk '{print $1}' || true)
-    if [[ -n "$existing_entry" ]]; then
-        echo "$existing_entry"
-        return
-    fi
+find_next_table_id() {
+    awk '$1 ~ /^[0-9]+$/ {print $1}' "$RT_TABLES" | sort -n | tail -1 | awk '{print $1+1}'
+}
 
-    # Allocate next free numeric ID starting from 100
-    local used_ids
-    used_ids=$(awk '{print $1}' "$RT_TABLES" | grep -E '^[0-9]+$' | sort -n | uniq)
-    local id=100
-    while echo "$used_ids" | grep -qw "$id"; do
-        ((id++))
+reset_routing_rules() {
+    for nic in "${NIC_LIST[@]}"; do
+        echo "🧹 Resetting rules for $nic..."
+        local ip_spec
+        ip_spec=$(get_ip_for_nic "$nic")
+        local ip_only="${ip_spec%%/*}"
+        ip rule show | grep -w "$ip_only" | awk -F: '{print $1}' | while read -r rule_id; do
+            run_or_echo "ip rule del pref $rule_id"
+        done
     done
-
-    run_or_echo "echo \"$id $table_name\" >> \"$RT_TABLES\""
-    echo "$id"
+    echo "✅ Reset complete — existing routing rules removed (interfaces untouched)."
+    exit 0
 }
 
 configure_nic() {
@@ -153,46 +140,39 @@ configure_nic() {
     local local_subnet
     local_subnet=$(get_network_cidr "$ip_spec")
     local ip_only="${ip_spec%%/*}"
-    local con_name="${nic}"
     local nic_type
     nic_type=$(nmcli -g GENERAL.TYPE device show "$nic" 2>/dev/null | head -n1)
 
     echo "⚙️  Configuring $nic (Type: $nic_type, IP: $ip_only, Local subnet: $local_subnet, Table: $table_name)..."
 
-    run_or_echo "nmcli con delete \"$con_name\" &>/dev/null || true"
-
-    run_or_echo "nmcli con add type \"$nic_type\" ifname \"$nic\" con-name \"$con_name\" \
-        ipv4.addresses \"$ip_spec\" \
-        ipv4.method manual \
-        connection.autoconnect yes \
-        ipv4.route-metric 0 \
-        ipv4.routing-rules \"priority $table_id from $ip_only table $table_id\""
-
-    if [[ "$nic_type" == "ethernet" ]]; then
-        echo "📦 Setting MTU 9000 on $nic (Ethernet)"
-        run_or_echo "nmcli con modify \"$con_name\" 802-3-ethernet.mtu 9000"
+    # Configure routing rule
+    if ! ip rule show | grep -q "from $ip_only lookup $table_name"; then
+        run_or_echo "ip rule add from $ip_only table $table_name pref $table_id"
+    else
+        echo "ℹ️  Rule already exists for $ip_only → table $table_name"
     fi
 
-    # Add local subnet route
-    echo "🔁 Adding route to local subnet: $local_subnet src=$ip_only table=$table_id"
-    run_or_echo "nmcli connection modify \"$con_name\" +ipv4.routes \"$local_subnet src=$ip_only table=$table_id\""
+    # Local subnet route
+    run_or_echo "ip route replace $local_subnet dev $nic src $ip_only table $table_name"
 
-    # Add client subnet route
+    # Optional client subnet route (skip main if 0.0.0.0/0)
     if [[ -n "$client_subnet" && -n "$gateway" ]]; then
-        echo "📡 Adding route to client subnet: $client_subnet via $gateway (table: $table_name)"
-        # Always add to NIC's custom table
-        run_or_echo "nmcli connection modify \"$con_name\" +ipv4.routes \"$client_subnet $gateway table=$table_id\""
-
-        # Only add to main table if not default route
-        if [[ "$client_subnet" != "0.0.0.0/0" ]]; then
-            run_or_echo "nmcli connection modify \"$con_name\" +ipv4.routes \"$client_subnet $gateway\""
+        if [[ "$client_subnet" == "0.0.0.0/0" ]]; then
+            echo "🌍 Adding default route (client subnet) to table $table_name only"
+            run_or_echo "ip route replace default via $gateway dev $nic table $table_name"
         else
-            echo "⚠️ Skipping adding 0.0.0.0/0 to main routing table; route exists only in $table_name"
+            echo "📡 Adding route to client subnet: $client_subnet via $gateway"
+            run_or_echo "ip route replace $client_subnet via $gateway dev $nic table $table_name"
         fi
     fi
 
-    run_or_echo "nmcli con down \"$con_name\""
-    run_or_echo "nmcli con up \"$con_name\""
+    # Set MTU if Ethernet and not disabled
+    if [[ "$nic_type" == "ethernet" && $NO_MTU == false ]]; then
+        echo "📦 Setting MTU 9000 on $nic (Ethernet)"
+        run_or_echo "ip link set dev $nic mtu 9000"
+    elif [[ "$nic_type" == "ethernet" && $NO_MTU == true ]]; then
+        echo "🚫 Skipping MTU change on $nic (Ethernet) due to --no-mtu flag"
+    fi
 }
 
 # ---- MAIN ----
@@ -201,7 +181,6 @@ NIC_LIST=()
 CLIENT_SUBNET=""
 GATEWAY=""
 
-# Parse CLI arguments
 while [[ $# -gt 0 ]]; do
     case "$1" in
         --nics)
@@ -219,12 +198,16 @@ while [[ $# -gt 0 ]]; do
             GATEWAY="$2"
             shift 2
             ;;
-        --dry-run)
-            DRY_RUN=true
+        --reset)
+            RESET_MODE=true
             shift
             ;;
-        --reset)
-            RESET=true
+        --no-mtu)
+            NO_MTU=true
+            shift
+            ;;
+        --dry-run)
+            DRY_RUN=true
             shift
             ;;
         *)
@@ -234,27 +217,18 @@ while [[ $# -gt 0 ]]; do
     esac
 done
 
-# Validate input
 if [[ ${#NIC_LIST[@]} -lt 1 ]]; then
     errmsg "At least one NIC must be specified"
     usage
 fi
 
 check_requirements
+apply_sysctl_arp_settings
 
-# ---- RESET MODE ----
-if $RESET; then
-    echo "🔄 Reset mode enabled — clearing routing rules and tables for specified NICs."
-    for nic in "${NIC_LIST[@]}"; do
-        reset_nic_config "$nic"
-    done
-    echo "✅ Reset complete. NM connections and ARP settings preserved."
-    exit 0
+if $RESET_MODE; then
+    reset_routing_rules
 fi
 
-# ---- NORMAL CONFIGURATION ----
-apply_sysctl_arp_settings
-
 for nic in "${NIC_LIST[@]}"; do
     validate_nic "$nic"
     ip_spec=$(get_ip_for_nic "$nic")
@@ -263,18 +237,22 @@ for nic in "${NIC_LIST[@]}"; do
         exit 1
     fi
 
-    table_name="${ROUTE_TABLE_PREFIX}-${nic}"
-    table_id=$(get_or_allocate_table_id "$nic")
+    table_id=$(find_existing_table_id "$nic" || true)
+    if [[ -z "$table_id" ]]; then
+        table_id=$(find_next_table_id)
+        table_name="${ROUTE_TABLE_PREFIX}-${nic}"
+        ensure_rt_table "$table_id" "$table_name"
+    else
+        table_name=$(grep -E "^[[:space:]]*$table_id" "$RT_TABLES" | awk '{print $2}')
+    fi
 
     configure_nic "$nic" "$ip_spec" "$GATEWAY" "$CLIENT_SUBNET" "$table_name" "$table_id"
 done
 
 if ! $DRY_RUN; then
     echo "⚙️  Configuring NetworkManager to ignore carrier"
-    echo "[main]" > /etc/NetworkManager/conf.d/99-weka-carrier.conf
-    echo "ignore-carrier=*" >> /etc/NetworkManager/conf.d/99-weka-carrier.conf
+    echo "[main]" > /etc/NetworkManager/conf.d/99-weka-carrier.conf && echo "ignore-carrier=*" >> /etc/NetworkManager/conf.d/99-weka-carrier.conf
 fi
 
-echo "✅ ${DRY_RUN:-false}" | grep -q true && tag='[dry-run] ' || tag=''
-echo "✅ ${tag}Successfully processed ${#NIC_LIST[@]} NIC(s)."
+echo "✅ Successfully processed ${#NIC_LIST[@]} NIC(s)."
 
