Date: Tue, 2 Jun 2009 17:06:24 -0500 From: Brooks Davis <brooks@freebsd.org> To: David Kelly <dkelly@hiwaay.net> Cc: Doug Barton <dougb@freebsd.org>, freebsd-stable@freebsd.org, freebsd-current@freebsd.org Subject: Re: Do you use a value other than AUTO for network_interfaces? Message-ID: <20090602220624.GD15552@lor.one-eyed-alien.net> In-Reply-To: <20090602205125.GA75470@Grumpy.DynDNS.org> References: <4A257B82.1000701@FreeBSD.org> <EA04BF4C-AE45-4624-9C1B-152FC26405C4@verweg.com> <20090602205125.GA75470@Grumpy.DynDNS.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--hxkXGo8AKqTJ+9QI Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Jun 02, 2009 at 03:51:25PM -0500, David Kelly wrote: > On Tue, Jun 02, 2009 at 10:30:46PM +0200, Ruben van Staveren wrote: > >=20 > > On 2 Jun 2009, at 21:20, Doug Barton wrote: > >=20 > > >Up till Sunday in 8-current, and for a long time in general > > >network.subr (part of the rc.d system) has emitted a warning that > > >values of network_interfaces other than AUTO are deprecated. I > > >removed that warning in HEAD Sunday, and there is no a discussion > > >about whether or not it should be put back, and whether or not there > > >is any need for the user to specify the list of network interfaces at > > >all. > >=20 > > Well, I do. > >=20 > > I only want to configure only the interfaces that are connected and > > that I know about. especially in combination with IPv6 there is a nit > > that you'll get autoconfiguration for all interfaces unless they are > > all explicitly configured. >=20 > And while I'm not currently using anything other than AUTO I would think > there is a security ramification if someone were to plug in to a > supposedly unused port, then reboot the machine to prompt AUTO to > configure their interface. >=20 > Its not just a security thing, its an "idiot-proof" thing. If someone is > moving machines around I don't want them to come up and partially work > if the wires are plugged into the wrong holes. Would rather it be > completely broken. >=20 > I think its good that there is an AUTO *option*. Is also OK that it be > the default. I don't think mandatory AUTO is good, if I want a port > disabled then I want it to stay disabled. To repeat what I wrote earlier today on another list there's no need to worry about hot plugged or newly added interfaces getting magically configured to do dhcp or anything else[0]. For the system to do something with an interface the following must be true: - It makes it in to the list of interfaces somehow (either by adding it to network_interfaces or leaving network_interfaces alone) - It actually exists or is create early in the process via cloned_interfaces, gif_interfaces, etc - The ifconfig_<if> variable is set (I think i can be "", but "up" is always a good choice if you just want a stub. - The ifconfig_<if> variable must not contain the NOAUTO keyword. If all of those things are true, the interface will be configured at startup or on insert. Otherwise, it won't be. -- Brooks [0] This is at least true in the IPv4 case, the IPv6 case really needs work. I thought someone had patches to bring the IPv6 support up to par with the IPv4 case, but they haven't been committed yet. --hxkXGo8AKqTJ+9QI Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (FreeBSD) iD8DBQFKJaJfXY6L6fI4GtQRAsTIAJ44ujZ0IyN+UOFfrEYO+fOuoPJU/QCfUQ9L QDD118Wna7ApeNBlsLL0pcE= =56aR -----END PGP SIGNATURE----- --hxkXGo8AKqTJ+9QI--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090602220624.GD15552>