Date: Fri, 28 Nov 2003 08:41:04 -0200 From: "Daniel C. Sobral" <dcs@tcoip.com.br> To: Bruce M Simpson <bms@spc.org> Cc: cvs-all@FreeBSD.org Subject: Re: cvs commit: src/etc rc.network src/etc/defaults rc.conf src/share/man/man5 rc.conf.5 Message-ID: <3FC72640.9060305@tcoip.com.br> In-Reply-To: <20031127213110.GA76702@saboteur.dek.spc.org> References: <200311270951.hAR9pT19090236@repoman.freebsd.org> <3FC65A71.3050104@tcoip.com.br> <20031127213110.GA76702@saboteur.dek.spc.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Bruce M Simpson wrote: >>What if /usr/local is NFS mounted? >=20 > Up to the user where they put their isakmpd or racoon package. It is, a= fter > all, relocatable for such a reason. This merely brings in the infrastru= cture > to make running it possible at the right time. >=20 > This would certainly be the case in an embedded [wireless] system. I'm sorry, but I think an NFS mounted /usr is far more common than an=20 NFS directory mounted over IPSEC. I advance that this commit priviledges = an unusual setup over a more common one. We do install isakmpd on=20 /usr/local by default, after all. If a directory depends on isakmpd=20 being up, it shouldn't be auto-mounted through fstab, IMHO. But, alas, what rcNG *does not* do, which is it's greatest flaw IMO, is=20 taking into account network dependencies correctly. Network dependencies = change too much to have it statically ordered, beyond a certain point. One example is the case above. There are reasonable grounds for wanting=20 isakmpd to be up both before and after NFS. Before if you want to mount=20 NFS through IPSEC, and after if you keep isakmpd NFS-mounted, and=20 doesn't care for encrypted NFS mounts. Another example is dynamic routers and ntpd. OSPF is very=20 time-sensitive, and clock changes can play hell with the routing tables, = so ntpd ought to be up before OSPF (or ntpdate ran before OSPF is=20 brought up), which is no trouble if you have specialized hardware for=20 synching the clock. OTOH, the route to ntpd servers might not be up=20 before OSPF is run, and ntpd is completely incapable of handling=20 non-existent routes (it gets stuck forever on using an incorrect=20 interface, and has to be restarted). Sorry for the rant. :-( I could never think of a solution to this=20 problem, and whenever I see a commit where I can see one wanting to do=20 things in the very opposite order... it upsets me. :-( --=20 Daniel C. Sobral Ger=EAncia de Opera=E7=F5es Divis=E3o de Comunica=E7=E3o de Dados Coordena=E7=E3o de Seguran=E7a VIVO Centro Oeste Norte Fones: 55-61-313-7654/Cel: 55-61-9618-0904 E-mail: Daniel.Capo@tco.net.br Daniel.Sobral@tcoip.com.br dcs@tcoip.com.br
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3FC72640.9060305>