Date: Wed, 28 Dec 2011 10:58:45 +0400 From: Gleb Smirnoff <glebius@FreeBSD.org> To: Doug Barton <dougb@FreeBSD.org> Cc: Pyun Yong-Hyeon <pyunyh@gmail.com>, Brooks Davis <brooks@FreeBSD.org>, freebsd-rc@FreeBSD.org, Eygene Ryabinkin <rea@FreeBSD.org>, Dag-Erling Smorgrav <des@des.no>, d@delphij.net, Xin LI <delphij@delphij.net> Subject: Re: Annoying ERROR: 'wlan0' is not a DHCP-enabled interface Message-ID: <20111228065845.GZ8035@glebius.int.ru> In-Reply-To: <4EF971E4.4050905@FreeBSD.org> References: <4EB6693F.2020102@delphij.net> <4EF93429.4020404@FreeBSD.org> <KQLeXs1YdEQxk4IGqrNuq/Y6CrA@g5jH1yj%2BTnAiSdLOy3xs5Jutvhc> <4EF971E4.4050905@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Dec 26, 2011 at 11:21:08PM -0800, Doug Barton wrote: D> > Worse, this solution will ruin host's connectivity in the following D> > scenario: D> > D> > - one runs his remote server with all static configuration and strict, D> > default-to-deny firewall configuration (call this person "Eygene D> > Ryabinkin"); D> > D> > - his upstream provider tells him: listen, we're rearranging our IP D> > space and you should change IP1 to IP2; D> > D> > - administrator is busy changing the configuration of his host; his D> > plan is to substitute IP1 to IP2 everywhere and to reboot his D> > machine to cleanly acquire IP2 and continue operations; D> > D> > - he already substituted IP1 -> IP2 in rc.conf and starts poking D> > the firewall configuration, but here comes the link down event D> > due to the $PROVIDER who reconfigures his $CISCO or whatever; D> > D> > - the system ends up in an unusable state, because link up event D> > will change interface's IP, but firewall isn't ready for this D> > and isn't allowing connections to IP2, but allows them only for D> > IP1 that is already gone from the interface due to devd and netif D> > script. D> D> First, I think what you're describing is a pretty small edge case. This case makes the suggested change unacceptable. This is a common practice to change things with ifconfig w/o modifing rc.conf, and if things go wrong then call server room personnel and ask to reboot a box. So box ma y have different configuration in rc.conf and on interfaces for a long time. Moreover, even if I got the same IP in rc.conf and on an interface, I don't want any address deletion or assignment on link event. This would be spurious messages for routing daemons. -- Totus tuus, Glebius.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20111228065845.GZ8035>