From nobody Mon Aug 15 05:50:13 2022 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4M5k00239gz4ZDTN for ; Mon, 15 Aug 2022 05:50:24 +0000 (UTC) (envelope-from franco@opnsense.org) Received: from mail.opnsense.org (mail.opnsense.org [IPv6:2001:1af8:4700:a129:100::2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4M5jzz1Bmfz3Yc2; Mon, 15 Aug 2022 05:50:23 +0000 (UTC) (envelope-from franco@opnsense.org) Received: from localhost (mail.opnsense.org [127.0.0.1]) by mail.opnsense.org (Postfix) with ESMTP id 68F1A1550DE; Mon, 15 Aug 2022 07:50:15 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at mail.opnsense.org Received: from mail.opnsense.org ([127.0.0.1]) by localhost (mail.opnsense.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yAMfZQ-5MP0Q; Mon, 15 Aug 2022 07:50:15 +0200 (CEST) Content-Type: text/plain; charset=us-ascii DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=opnsense.org; s=dkim; t=1660542615; bh=Nkad8oYGpR4HAPOwrfztlqPSWKTvMsmmn+8Mtt5B9/Y=; h=Subject:From:In-Reply-To:Date:Cc:References:To:From; b=AXA5/hIYBVUGHeKj2cftK7yQw1k0kGGcfjqReVxqCNdSXSuiTeZiStzMg1ROXrX7w vkcD1zmWkQcFq9e0v/8IgzWydz2cPsQq2Jel90EkaEk2bdNRRqUW3TvfpBWas+PNHk 9aq1TM38Mb6i19s+NOK8rKH8ZkbGkEEeyPgL5z/A= List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.120.0.1.13\)) Subject: Re: Import dhcpcd(8) into FreeBSD base From: Franco Fichtner In-Reply-To: <636ed93d-57d1-0a26-1d8c-9fc0a55cece0@marples.name> Date: Mon, 15 Aug 2022 07:50:13 +0200 Cc: Ben Woods , FreeBSD Net , emaste@freebsd.org, Hiroki Sato , brooks@freebsd.org, cy@freebsd.org, Philip Paeps Content-Transfer-Encoding: quoted-printable Message-Id: <65A9F183-09B0-4A70-BE8B-CED050076380@opnsense.org> References: <9831CA1D-1AE2-4B46-A781-D6B98BECDFBA@opnsense.org> <636ed93d-57d1-0a26-1d8c-9fc0a55cece0@marples.name> To: Roy Marples X-Rspamd-Queue-Id: 4M5jzz1Bmfz3Yc2 X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=opnsense.org header.s=dkim header.b="AXA5/hIY"; dmarc=pass (policy=quarantine) header.from=opnsense.org; spf=pass (mx1.freebsd.org: domain of franco@opnsense.org designates 2001:1af8:4700:a129:100::2 as permitted sender) smtp.mailfrom=franco@opnsense.org X-Spamd-Result: default: False [-3.50 / 15.00]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-0.998]; DMARC_POLICY_ALLOW(-0.50)[opnsense.org,quarantine]; MV_CASE(0.50)[]; R_SPF_ALLOW(-0.20)[+mx]; R_DKIM_ALLOW(-0.20)[opnsense.org:s=dkim]; MIME_GOOD(-0.10)[text/plain]; MLMMJ_DEST(0.00)[freebsd-net@freebsd.org]; FROM_EQ_ENVFROM(0.00)[]; ARC_NA(0.00)[]; RCVD_TLS_LAST(0.00)[]; MIME_TRACE(0.00)[0:+]; RCPT_COUNT_SEVEN(0.00)[8]; TO_MATCH_ENVRCPT_SOME(0.00)[]; ASN(0.00)[asn:60781, ipnet:2001:1af8::/32, country:NL]; FROM_HAS_DN(0.00)[]; DKIM_TRACE(0.00)[opnsense.org:+]; TO_DN_SOME(0.00)[]; RCVD_COUNT_THREE(0.00)[3]; MID_RHS_MATCH_FROM(0.00)[] X-ThisMailContainsUnwantedMimeParts: N Hi Roy, I appreciate your answers. More inline below. > On 8. Aug 2022, at 12:42, Roy Marples wrote: >=20 > Both dhclient and rtsold are only activated manually. > For dhclient there is an exponential backoff after each message is = sent. If the messages go nowhere (ie LINK_STATE_DOWN) then this delays = the configuration aquisition and can slow down the boot process. > For rtsold this is actually quite tricky as it requires a working LL = address before it can work. > This leads to sleep commands in rc which results in a slower than = optimal boot time. While there are true they do pertain to RC integration in FreeBSD. I = know because other projects have improved the situation with the tools at hand. > dhcpcd reacts to state changes - however FreeBSD does not announce all = state changes needed for this. For example here is a changeset I made 6 = years ago for FreeBSD which allows this IPv6 addresses to announce state = transitions from TENTATIVE to non TENTATIVE/DUPLICATED here: > https://reviews.freebsd.org/D5469 Yes, this would be nice to have user space access to. :) > Any DHCPv6 client also needs either a sleep or the above state changes = to be made available. I agree there is no canonical way to watch for changes, especially for = scripting duty around SLAAC. > There is a swathe of DHCP related RFC's that dhclient does not = support, although none are necessary to actually get a working = configuration for most users. That could be. 6RD through DHCP is tricky for example. But on the other = hand we do have a lot of people using routers and direct ISP connectivity and do encounter the most visible = issues here which in my opinion you cannot see from a home lab or traditional "network server" FreeBSD use case. > rtsold (in FreeBSD-13 at least) has no mechanism to get RDNSS and = DNSSL options from RA messages into the local nameserver. I may be mistaken, but the -R option should take care of this and seems = to be enabled by default invoking resolvconf(8). I think this has been the case for a number of major iterations before = FreeBSD 13. > dhclient and FreeBSD kernel RA handling do not support a predictable = configuration for multi-homed boxes. It operates on a first come, first = served basis. That's due to dhclient-script handling, sort of like the RC integration = issue mentioned before. > dhcpcd supports a predictable configuration allowing a "better" = interface to take over the default route, preferred nameservers, etc. That does sound nice for integration. Thanks for confirming.=20 > There's no proposal to remove dhclient or rtsold yet. To be fair, that was the original proposal. If dhclient and rtosold are = not removed and made second class citizens in FreeBSD that amounts to the same bitrot = and neglect that we would see if it would be taken out of the base system. Just my concerns here. I'm sure people will find a way. :) Cheers, Franco=