Annoying ERROR: 'wlan0' is not a DHCP-enabled interface
Gleb Smirnoff
glebius at FreeBSD.org
Wed Dec 28 07:00:23 UTC 2011
On Mon, Dec 26, 2011 at 11:21:08PM -0800, Doug Barton wrote:
D> > Worse, this solution will ruin host's connectivity in the following
D> > scenario:
D> >
D> > - one runs his remote server with all static configuration and strict,
D> > default-to-deny firewall configuration (call this person "Eygene
D> > Ryabinkin");
D> >
D> > - his upstream provider tells him: listen, we're rearranging our IP
D> > space and you should change IP1 to IP2;
D> >
D> > - administrator is busy changing the configuration of his host; his
D> > plan is to substitute IP1 to IP2 everywhere and to reboot his
D> > machine to cleanly acquire IP2 and continue operations;
D> >
D> > - he already substituted IP1 -> IP2 in rc.conf and starts poking
D> > the firewall configuration, but here comes the link down event
D> > due to the $PROVIDER who reconfigures his $CISCO or whatever;
D> >
D> > - the system ends up in an unusable state, because link up event
D> > will change interface's IP, but firewall isn't ready for this
D> > and isn't allowing connections to IP2, but allows them only for
D> > IP1 that is already gone from the interface due to devd and netif
D> > script.
D>
D> First, I think what you're describing is a pretty small edge case.
This case makes the suggested change unacceptable. This is a common practice
to change things with ifconfig w/o modifing rc.conf, and if things go wrong
then call server room personnel and ask to reboot a box. So box ma y have
different configuration in rc.conf and on interfaces for a long time.
Moreover, even if I got the same IP in rc.conf and on an interface,
I don't want any address deletion or assignment on link event. This
would be spurious messages for routing daemons.
--
Totus tuus, Glebius.
More information about the freebsd-rc
mailing list