Date: Thu, 7 Apr 2005 04:56:23 +0000 (UTC) From: Sergei Gnezdov <use-reply-to@gnezdov.net> To: freebsd-ipfw@freebsd.org Subject: Re: DHCP with ipfw Message-ID: <slrnd59fic.2u4h.use-reply-to@gnezdov.net> References: <20050404090719.F2268544E1F@mail2-new.vianetworks.nl> <200504042025.18092.asstec@matik.com.br> <200504060212.j362CUJO093071@gnezdov.net> <200504060733.50938.asstec@matik.com.br>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2005-04-06, Suporte Matik <asstec@matik.com.br> wrote:
> On Tuesday 05 April 2005 23:12, Sergei Gnezdov wrote:
>
>> In gmane.os.freebsd.devel.ipfw, you wrote:
>> > On Monday 04 April 2005 05:06, Martin wrote:
>> >> If the DHCP server is slow and did not reply back before the
>> >> dhclient did continue the boot process, you maybe you do have
>> >> to reload the FW rules once your DHCP connection is established.
>> >
>> > your dhcpd should not be sooo slow and ignore several retries
>>
>> I don't think dhcp speed matters. I can say for sure that I see
>> ipfw rules initialization happends before (!) dhcp is initialized.
>> I can't prove it with dmesg, because it does not capture absolutely
>> everything, but I can see on the console ipfw rules show up first
>> and then a dhcp startup message.
>
> after boot mounts your partitions the network should be initialized
> and if you have ifconfig_nic="DHCP" in your rc.conf dhclient should
> look for a dhcp server first and probably gets an answer. If you
> didn't daemonized the dhclient process it should stay until timeout
> or getting the IP address and then run the rest of network setup.
>
> So almost for sure dhcp goes first but is not getting an answer within
> time and you do not noticed it.
>
You are probably right about timeout. I enabled rc.conf debuging and
captured the following console output:
/etc/rc: DEBUG: run_rc_command: evaluating pccard_start().
/etc/rc: DEBUG: run_rc_command: evaluating network_start().
/etc/rc: DEBUG: Cloned:
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
/etc/rc: DEBUG: The following interfaces were not configured: plip0
/etc/rc.d/ipfilter: DEBUG: checkyesno: ipfilter_enable is set to NO.
/etc/rc: DEBUG: checkyesno: isdn_enable is set to NO.
/etc/rc: DEBUG: checkyesno: ppp_enable is set to NO.
/etc/rc: DEBUG: checkyesno: firewall_enable is set to YES.
/etc/rc: DEBUG: run_rc_command: evaluating ipfw_precmd().
ipfw2 initialized, divert disabled, rule-based forwarding disabled, default to d
eny, logging disabled
/etc/rc: DEBUG: run_rc_command: evaluating ipfw_start().
Executing: /etc/rc
Flushed all rules.
00100 allow ip from any to any via lo0
00200 deny ip from any to 127.0.0.0/8
00300 deny ip from 127.0.0.0/8 to any
ipfw: hostname ``to'' unknown
ipfw: hostname ``'' unknown
[snip...]
ipfw: hostname ``'' unknown
Firewall rules loaded, starting divert daemons:/etc/rc.d/natd: DEBUG: checkyesno
: natd_enable is set to NO.
/etc/rc: DEBUG: checkyesno: firewall_logging is set to YES.
Firewall logging enabled
net.inet.ip.fw.enable: 1 -> 1
/etc/rc: DEBUG: pid file (/var/run/dhclient.pid): not readable.
/etc/rc: DEBUG: run_rc_command: evaluating dhclient_prestart().
/etc/rc: DEBUG: checkyesno: background_dhclient is set to NO.
Starting dhclient.
/etc/rc: DEBUG: run_rc_command: _doit: /sbin/dhclient rl0
/etc/rc: DEBUG: run_rc_command: evaluating dhclient_poststart().
rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=8<VLAN_MTU>
inet6 fe80::250:bfff:fe73:50f3%rl0 prefixlen 64 scopeid 0x1
inet 192.168.2.102 netmask 0xffffff00 broadcast 192.168.2.255
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?slrnd59fic.2u4h.use-reply-to>