From owner-svn-src-head@FreeBSD.ORG Thu Jan 17 09:57:43 2013 Return-Path: Delivered-To: svn-src-head@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 6FF0038B; Thu, 17 Jan 2013 09:57:43 +0000 (UTC) (envelope-from bz@FreeBSD.org) Received: from mx1.sbone.de (mx1.sbone.de [IPv6:2a01:4f8:130:3ffc::401:25]) by mx1.freebsd.org (Postfix) with ESMTP id F1FC799; Thu, 17 Jan 2013 09:57:42 +0000 (UTC) Received: from mail.sbone.de (mail.sbone.de [IPv6:fde9:577b:c1a9:31::2013:587]) (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mx1.sbone.de (Postfix) with ESMTPS id 0473925D388E; Thu, 17 Jan 2013 09:57:42 +0000 (UTC) Received: from content-filter.sbone.de (content-filter.sbone.de [IPv6:fde9:577b:c1a9:31::2013:2742]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.sbone.de (Postfix) with ESMTPS id 4F6A3BE84A0; Thu, 17 Jan 2013 09:57:41 +0000 (UTC) X-Virus-Scanned: amavisd-new at sbone.de Received: from mail.sbone.de ([IPv6:fde9:577b:c1a9:31::2013:587]) by content-filter.sbone.de (content-filter.sbone.de [fde9:577b:c1a9:31::2013:2742]) (amavisd-new, port 10024) with ESMTP id Gw1JnwO0C8UA; Thu, 17 Jan 2013 09:57:38 +0000 (UTC) Received: from nv.sbone.de (nv.sbone.de [IPv6:fde9:577b:c1a9:31::2013:138]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.sbone.de (Postfix) with ESMTPSA id 9B69FBE8466; Thu, 17 Jan 2013 09:57:38 +0000 (UTC) Date: Thu, 17 Jan 2013 09:57:37 +0000 (UTC) From: "Bjoern A. Zeeb" To: Gleb Smirnoff Subject: Re: svn commit: r245525 - head/etc/rc.d In-Reply-To: <20130117093811.GJ96599@FreeBSD.org> Message-ID: References: <201301170127.r0H1Re6Y038117@svn.freebsd.org> <20130117.110723.1450987474949438621.hrs@allbsd.org> <20130117093811.GJ96599@FreeBSD.org> X-OpenPGP-Key-Id: 0x14003F198FEFA3E77207EE8D2B58B8F83CCF1842 MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: svn-src-head@FreeBSD.org, svn-src-all@FreeBSD.org, Hiroki Sato , src-committers@FreeBSD.org X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jan 2013 09:57:43 -0000 On Thu, 17 Jan 2013, Gleb Smirnoff wrote: > On Thu, Jan 17, 2013 at 11:07:23AM +0900, Hiroki Sato wrote: > H> bz> Author: bz > H> bz> Date: Thu Jan 17 01:27:39 2013 > H> bz> New Revision: 245525 > H> bz> URL: http://svnweb.freebsd.org/changeset/base/245525 > H> bz> > H> bz> Log: > H> bz> Add a conditional sleep 1 in case we add any IPv6 addresses to interfaces. > H> bz> Do this per jail started, not per address. This will allow DAD to complete > H> bz> and services to properly start. Before we have seen problems with services > H> bz> trying to start before the IPv6 address was available to use and thus > H> bz> erroring and failing to start. > H> bz> > H> bz> MFC after: 3 days > H> > H> This may be too pedantic, but I think this delay should use > H> DupAddrDetectTransmits (net.inet6.ip6.dad_count). The default value > H> of RETRANS_TIMER and MAX_RTR_SOLICITATION_DELAY in RFC 4861 is 1 sec, > H> so the theoretical delay value is (DupAddrDetectTransmits * > H> RETRANS_TIMER + MAX_RTR_SOLICITATION_DELAY). The rc.d/netif script > H> uses this value (typically 2 seconds) for DAD. > H> > H> I understand a simple 1 second delay works in practice, though. > > I'd prefer even a sleep loop that exits once address is avaialable. An > example is in ports/net/zebra/files/zebra.sh.in. That file doesn't seem to exist but a sleep loop is even worse unless it's bound by the maximum time allowed possibly. So we'd be down to an extra second again. The problem is that a) the second is too long already if you'd be starting 300 jails, it's an extra 5 minutes of startup time. b) the shell script is supposed to go away as-is anyway, and c) in case of duplicate address we are not failing either, so this is just "bandaid for best effort and stop annoyance". If you'd want to fix it perfectly you'd probably start adding all IP addresses for all jails to start in one go, do the max wait time as hrs explained or optimize that polling the interfaces and break out if all are good (which will most likely take longer actually than sleep 2 for a larger number of jails), and then start all the jails. /bz -- Bjoern A. Zeeb You have to have visions! Stop bit received. Insert coin for new address family.