From owner-freebsd-arch@FreeBSD.ORG Mon Jul 10 18:25:08 2006 Return-Path: X-Original-To: freebsd-arch@freebsd.org Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9949B16A509 for ; Mon, 10 Jul 2006 18:25:08 +0000 (UTC) (envelope-from dmitry@atlantis.dp.ua) Received: from postman.atlantis.dp.ua (postman.atlantis.dp.ua [193.108.47.1]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1904F43D78 for ; Mon, 10 Jul 2006 18:25:04 +0000 (GMT) (envelope-from dmitry@atlantis.dp.ua) Received: from smtp.atlantis.dp.ua (smtp.atlantis.dp.ua [193.108.46.231]) by postman.atlantis.dp.ua (8.13.1/8.13.1) with ESMTP id k6AIOmks071264; Mon, 10 Jul 2006 21:24:48 +0300 (EEST) (envelope-from dmitry@atlantis.dp.ua) Date: Mon, 10 Jul 2006 21:24:48 +0300 (EEST) From: Dmitry Pryanishnikov To: Sam Leffler In-Reply-To: <44B2713A.2020204@errno.com> Message-ID: <20060710211733.Y58186@atlantis.atlantis.dp.ua> References: <44B15511.206@errno.com> <20060710103404.I25526@atlantis.atlantis.dp.ua> <44B2713A.2020204@errno.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-arch@freebsd.org Subject: Re: vlans and cloning X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 10 Jul 2006 18:25:08 -0000 Hello! On Mon, 10 Jul 2006, Sam Leffler wrote: >> ifconfig vlan0 create >> ifconfig vlan0 vlan 1 vlandev em0 >> >> sequence is required for now. Also, I thing it's perfectly correct to have >> >> cloned_interfaces="vlan30" >> >> while NOT having 'ifconfig_vlan30' assignment - system administrator >> could just reserve a spare interface w/o assigning it's parameters. So I >> think >> that possibility of the specific device cloning w/o arguments, e.g., >> >> ifconfig vlan30 create >> >> should be preserved. > > Clearly one would need to fix rc scripts. The question is should the > old behaviour be preserved; it provides no functionality--i.e. a cloned > device is unusable until you set the tag+parent and you cannot set the > tag or parent on an existing cloned device (once setup). So the only I don't agree: 1) Cloned but unset device is perfectly legal for, e.g., mentioning in ipfw rules (or any other context which requires interface name); 2) Sure, you _can_ change tag+parent afterwards: root@homelynx# ifconfig vlan32 create root@homelynx# ifconfig vlan32 vlan 32 vlandev rl0 root@homelynx# ifconfig vlan32 -vlandev root@homelynx# ifconfig vlan32 vlan 33 vlandev rl0 root@homelynx# > preserve existing practice. Removing the 2 step procedure would allow > code to be removed and (IMO) clarify how a vlan is crafted. In the > future there will be cloned devices that cannot/will-not be specified > with a 2-step procedure so having vlans work this way will violate POLA. Please don't break well-known and useful behaviour! Remember that it allows to switch easily physical vlanXXX device assignment (e.g., migration to the another trunk) w/o reloading firewall rules. Sincerely, Dmitry -- Atlantis ISP, System Administrator e-mail: dmitry@atlantis.dp.ua nic-hdl: LYNX-RIPE