From owner-freebsd-ipfw@FreeBSD.ORG Wed Apr 6 10:34:20 2005 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CAB3F16A4CE for ; Wed, 6 Apr 2005 10:34:20 +0000 (GMT) Received: from msrv.matik.com.br (msrv.matik.com.br [200.152.83.14]) by mx1.FreeBSD.org (Postfix) with ESMTP id 772DF43D1F for ; Wed, 6 Apr 2005 10:34:19 +0000 (GMT) (envelope-from asstec@matik.com.br) Received: from [200.152.82.190] ([200.152.82.190]) by msrv.matik.com.br (8.13.1/8.12.11) with ESMTP id j36AbY1r084141; Wed, 6 Apr 2005 07:37:35 -0300 (BRST) (envelope-from asstec@matik.com.br) From: Suporte Matik To: sergei@gnezdov.net Date: Wed, 6 Apr 2005 07:33:47 -0300 User-Agent: KMail/1.7.2 References: <20050404090719.F2268544E1F@mail2-new.vianetworks.nl> <200504042025.18092.asstec@matik.com.br> <200504060212.j362CUJO093071@gnezdov.net> In-Reply-To: <200504060212.j362CUJO093071@gnezdov.net> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200504060733.50938.asstec@matik.com.br> X-Virus-Scanned: ClamAV 0.80/777/Mon Mar 21 04:41:55 2005 clamav-milter version 0.80j on msrv.matik.com.br X-Virus-Status: Clean X-Spam-Status: No, score=-101.2 required=5.0 tests=ALL_TRUSTED,ISO_7BITS, MONOTONE_WORDS_2_15,NO_RDNS2,TW_PF,USER_IN_WHITELIST autolearn=failed version=3.0.2 X-Spam-Checker-Version: SpamAssassin 3.0.2 (2004-11-16) on msrv.matik.com.br X-Filter-Version: 1.11a (msrv.matik.com.br) cc: freebsd-ipfw@freebsd.org Subject: Re: DHCP with ipfw X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Apr 2005 10:34:20 -0000 On Tuesday 05 April 2005 23:12, Sergei Gnezdov wrote: > In gmane.os.freebsd.devel.ipfw, you wrote: > > On Monday 04 April 2005 05:06, Martin wrote: > >> If the DHCP server is slow and did not reply back before the > >> dhclient did continue the boot process, you maybe you do have > >> to reload the FW rules once your DHCP connection is established. > > > > your dhcpd should not be sooo slow and ignore several retries > > I don't think dhcp speed matters. I can say for sure that I see > ipfw rules initialization happends before (!) dhcp is initialized. > I can't prove it with dmesg, because it does not capture absolutely > everything, but I can see on the console ipfw rules show up first > and then a dhcp startup message. after boot mounts your partitions the network should be initialized and if you have ifconfig_nic="DHCP" in your rc.conf dhclient should look for a dhcp server first and probably gets an answer. If you didn't daemonized the dhclient process it should stay until timeout or getting the IP address and then run the rest of network setup. So almost for sure dhcp goes first but is not getting an answer within time and you do not noticed it. May be your timeout in dhclient.conf is too low if your network performance is poor. Or you may try increasing your retry value may be you have an intrface problem and the -w option could be useful for you or you consider configuring interface NIC { } in your dhclient.conf BTW what fbsd version are you referring to? > I think startup order is simply incorrect. does not make so much sense starting ipfw before the initial network setup what invokes certainly dhclient first if set ... Hans -- Infomatik http://info.matik.com.br