From owner-freebsd-hackers@FreeBSD.ORG Mon May 5 23:28:07 2003 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DAB9437B401 for ; Mon, 5 May 2003 23:28:06 -0700 (PDT) Received: from rwcrmhc53.attbi.com (rwcrmhc53.attbi.com [204.127.198.39]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6C3A643F75 for ; Mon, 5 May 2003 23:28:06 -0700 (PDT) (envelope-from DougB@freebsd.org) Received: from master.dougb.net (12-234-22-23.client.attbi.com[12.234.22.23]) by attbi.com (rwcrmhc53) with SMTP id <2003050606280505300q05ite>; Tue, 6 May 2003 06:28:05 +0000 Date: Mon, 5 May 2003 23:28:04 -0700 (PDT) From: Doug Barton To: Sean Hamilton In-Reply-To: <011901c31390$7aef5730$0300000a@antalus> Message-ID: <20030505225826.G666@znfgre.qbhto.arg> References: <011901c31390$7aef5730$0300000a@antalus> Organization: http://www.FreeBSD.org/ X-message-flag: Outlook -- Not just for spreading viruses anymore! MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: hackers@freebsd.org Subject: Re: Bridge config in /etc/rc (patch) X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 May 2003 06:28:07 -0000 On Mon, 5 May 2003, Sean Hamilton wrote: > Greetings, > > As I manage three FreeBSD bridges, I found it somewhat irritating that there > was no convenient way of doing so. I have to disagree with this. /etc/rc.local has always existed to handle these kind of edge cases. I'm not even sure we want to have something like this in /etc/rc.conf, because we already get complaints that there are too many options, and it's too hard to configure. On the other hand, we have the line of reasoning that says there should only be one place/method of configuring boot time parameters. My personal feeling is that /etc/defaults/rc.conf IS too complex, but I'm not 100% sure how to proceed from that premise. Our focus so far has been to bring rcNG into the tree, and make it do everything we need it to in order to replace the old system. Our next topic is where to go from here. That said, I appreciate your work, an I have some comments on it that hopefully will help. > Configuration goes like this: > > bridge_enable="YES" > bridge_ifaces="fxp0,fxp1,fxp2" I would prefer that this variable match the argument to sysctl. This not only makes the conf file easier for people to configure (because there are examples in the man page), but it also makes your code easier, since you don't have to sed out the commas. > or, for multiple bridges > > bridge_enable="YES" > bridge0_ifaces="fxp3,fxp4,fxp5" > bridge1_ifaces="rl0,rl1,dc0" I'm also not thrilled about this, although I assume that you copied the interface alias code, so it was reasonable for you to write it this way. The problem is, I'm not sure what the best way to replace this is. The problem btw is that if a user has 3 things (aliases, bridges, whatever), and they want to comment out the first or second, the subsequent entries must be renumbered, or the existing code misses them. That's not too hard when you have only three entries, but when you have hundreds, it's a big pita. One way to do this is to use a seperate, free-form config file (like I did today with devd.conf), but for something like this, we might as well just teach users how to put it in /etc/rc.local, or /etc/sysctl.conf. But, we have just started kicking this question around on the -rc list, so stay tuned. :) > Also allowed: > > bridge_ipfw="YES" > bridge_ipfilter="YES" If we decide to go with a config option for bridge, this is a reasonable addition. > I've also added an option, "ip_any_interface=YES" which sets > net.inet.ip.check_interface to 0. This felt more natural than having the > option, "ip_check_interface=NO". Err... have to give this some thought. > This is a first for me on several counts, so hopefully I've got everything > right. Or should I be submitting this as a PR? It's not really a problem, > so... Well if you take a look at the PR database, you'll see that there are a lot of examples of new functionality in there. However, posting it here for comment is a fine first step, and I hope I haven't scared you off. If you're interested in more details about this topic, take a look at http://groups.yahoo.com/group/FreeBSD-rc/ and feel free to join the list. Doug -- This .signature sanitized for your protection