From owner-freebsd-net@FreeBSD.ORG Mon Apr 26 16:46:22 2010 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 36BE3106566B for ; Mon, 26 Apr 2010 16:46:22 +0000 (UTC) (envelope-from jdc@koitsu.dyndns.org) Received: from qmta14.emeryville.ca.mail.comcast.net (qmta14.emeryville.ca.mail.comcast.net [76.96.27.212]) by mx1.freebsd.org (Postfix) with ESMTP id 1D4658FC15 for ; Mon, 26 Apr 2010 16:46:21 +0000 (UTC) Received: from omta12.emeryville.ca.mail.comcast.net ([76.96.30.44]) by qmta14.emeryville.ca.mail.comcast.net with comcast id ACYc1e0040x6nqcAEGmNk0; Mon, 26 Apr 2010 16:46:22 +0000 Received: from koitsu.dyndns.org ([98.248.46.159]) by omta12.emeryville.ca.mail.comcast.net with comcast id AGmL1e0013S48mS8YGmMf9; Mon, 26 Apr 2010 16:46:22 +0000 Received: by icarus.home.lan (Postfix, from userid 1000) id 4FE519B425; Mon, 26 Apr 2010 09:46:18 -0700 (PDT) Date: Mon, 26 Apr 2010 09:46:18 -0700 From: Jeremy Chadwick To: Julian Elischer Message-ID: <20100426164618.GA55086@icarus.home.lan> References: <20100426080815.GA41938@icarus.home.lan> <4BD5B887.9070203@elischer.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4BD5B887.9070203@elischer.org> User-Agent: Mutt/1.5.20 (2009-06-14) Cc: freebsd-net@freebsd.org, freebsd-rc@freebsd.org Subject: Re: rc(8) script -- waiting for the network to become usable X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Apr 2010 16:46:22 -0000 On Mon, Apr 26, 2010 at 09:00:07AM -0700, Julian Elischer wrote: > On 4/26/10 1:08 AM, Jeremy Chadwick wrote: > >Foremost, sorry for the cross-post, but more eyes in this case means > >overall more discussion. Secondly, please keep me CC'd as I'm not on > >either -rc or -net. > > > >I recently proposed addition of a new script to the rc framework which > >verifies (using ping) that layer 3 network connectivity is up/functional > >before continuing on with daemons which require network access: > > a down side is that you can't boot if some OTHER machine is not up. The boot-up process will still continue regardless if the ping check passed or failed. It just means that daemons/services attempting to use the network and *expect* connectivity to work may not function correctly (meaning: they'll behave just like they already do. ;-) ) I indirectly tried to cover the "if some other machine is not up" point in my initial post on -stable: "1) This script requires the $waitnetwork_ip box/router/whatever respond to ICMP ECHO requests. Please do not bikeshed on this point; we need something that works, and this requirement shouldn't be that bad to deal with (firewall/ACL-wise). For most folks (co-located in particular), this could be your default gateway, but you can use whatever you want." It would be possible to extend the script to loop through multiple IPs specified in $waitnetwork_ip (space-delimited); the first one to cause ping to exit with code 0 (ICMP ECHO reply seen) would therefore deem the network usable and continue on. > >http://lists.freebsd.org/pipermail/freebsd-stable/2010-April/056400.html > > > >The overall response was positive, with full acknowledgement that this > >is indeed a hack -- yet necessary -- and that something more appropriate > >could probably be introduced into the base system to provide a much > >cleaner solution (launchd was mentioned). > > there does need to be some dependency tracking to do with networks. > maybe there acn be a selection of ways to pass that milestone.. > > (carrier detect, ping, incoming packets non-0) etc. > my favourite is: > > INPUT_PACKETS=`netstat -i | awk "/${IP}/"'{print $5}'` > if [ -n "${INPUT_PACKETS}" -a "${INPUT_PACKETS}" != "0" ] > them > echo "It's UP!" > fi This isn't the same thing as doing a ping check though. As I understand it, netstat -i shows you how many Ethernet packets have been seen -- that includes ARP. The intended goal of the script is to verify that a usable network connection exists -- usable in this case means "whatever host you device in $waitnetwork_ip responds to ICMP". If this is an Internet host (e.g. 4.2.2.1), then said IP responding to ICMP would indicate Internet connectivity is available. I think most users would fall into the latter class, not the "I want to verify my LAN connectivity is up and working, except the other box on my LAN is powered off..." class. Basically what I'm saying is that I fully acknowledge there's no absolute 100% failsafe method that's going to work for every single user's environment. My script's goal isn't to address every single problem/scenario -- just the most common one, and one I (we?) server administrators deal with regularly. -- | Jeremy Chadwick jdc@parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB |