Date: Thu, 18 Jun 2020 13:09:55 -0700 From: Chris <bsd-lists@BSDforge.com> To: freebsd-net <freebsd-net@freebsd.org> Cc: "Rodney W. Grimes" <freebsd-rwg@gndrsh.dnsmgr.net>, Jaap Akkerhuis <jaap@nlnetlabs.nl>, Andriy Gapon <avg@freebsd.org>, Ryan Steinmetz <zi@freebsd.org> Subject: Re: unbound and (isc) dhcpd startup order Message-ID: <d45915bb5d8b4a0a0f4a91dc3b701de8@udns.ultimatedns.net> In-Reply-To: <202006171733.05HHXxru086351@gndrsh.dnsmgr.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 17 Jun 2020 10:33:59 -0700 (PDT) Rodney W. Grimes freebsd-rwg@gndrsh.dnsmgr.net said > > > > On (06/16/20 08:14), Rodney W. Grimes wrote: > >>Ok, well, I just thought of one and not sure if it is an issue or not, > >>doesng unbound have the ability to specify interfaces? If so those > >>may not exist until NETWORKING has run? > > > > > > > Unbound isn't really going to do anything useful without the network. I > > don't think it is unreasonable that it should depend on NETWORKING. > > Well then the current setup for local_unbound is counter to that, > as it is BEFORE: NETWORKING > > > I think we're in an edge case here and, perhaps, a better solution might > > be to have someone(tm) add in support in rc.conf to specify dependency > > overrides. > > dns and configuration are a chicken/egg problem, not really an edge > case, and a person must make a decision as to how to deal with that. > > > > > So, perhaps you could set: > > > > dhcpd_after="unbound" > > > > Which would factor into the rcorder processing and make sure that dhcpd > > starts after unbound. > > > > This would allow people to fine-tune things when they run into cases > > like this. > > Even beside the unbound problem, this is a good idea. It would > fix my "I need ipfw before routing as without ipfw my ospf packets > get blocked and things take much longer to come up problem." Honestly. I'm really inclined to agree with Rodney. rcorder should really be a more fine-grained utility. What about something like: BEFORE: NETWORKING: pf or BEFORE: NETWORKING: ipfw or BEFORE: NETWORKING: unbound etc, etc... I think there *may* be a better direction. *But* this, at least should be an easy direction to add with few repercussions. Yes? > > > > -r > > > > The idea that a daemon that depends on the network being functional > > >> > > >> On a related note, unbound rc script provides "unbound" service. > > >> > > >> I think that maybe it should provide something more generic such > > as "nameserver" > > >> > > >> or "dns-server" (not sure if there is an established name for > > that). > > >> > > >> The reason I am saying this is that, IMO, if unbound is replaced > > with some other > > >> > > >> name server implementation the rc dependency chains should stay > > the same. > > >> > > > > > >> > > > I do not see anything in the base system that uses unbound or > > local_unbound > > >> > > > service name, so this looks like it could be straightforward, > > though there > > >> > > > may be some ports that have use of this token. > > >> > > > > > >> > > > For the blue bikeshed I find that "server" is just noise in the > > token > > >> > > > and that "dns" already has "s" for system, so just "dns" is good > > with me :-) > > >> > > > > >> > > That's a good point. > > >> > > >> I don't agree. The term dns is too generic. People are often running > > >> dfferent nameservers on the same machine, as example: authoritative > > >> and nonauthoritative (e.g. nsd & unbound). > > > > >>Given examples by others your right, we can not put all of these > >>behind the knob "dns". > > > > > >> Regards, > > >> jaap > >>-- > >>Rod Grimes > >rgrimes@freebsd.org > > > > -- > > Ryan Steinmetz > > PGP: 9079 51A3 34EF 0CD4 F228 EDC6 1EF8 BA6B D028 46D7 > > > > -- > Rod Grimes > rgrimes@freebsd.org --Chris
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?d45915bb5d8b4a0a0f4a91dc3b701de8>