View previous topic :: View next topic |
Author |
Message |
charles17 Advocate
Joined: 02 Mar 2008 Posts: 3685
|
Posted: Tue Sep 02, 2014 10:30 am Post subject: Re: TIP: Complete network stack without net.* scripts |
|
|
VinzC wrote: | Basic configuration
Install Roy Marples' dhcpcd with zeroconf support:
Code: | USE=zeroconf emerge -a dhcpcd |
It is of course best to add the USE flag to your favourite /etc/portage/package.use file. | Zeroconf has gone (net-misc/dhcpcd-6.4.3). Will this guide still work, even without zeroconf?
Also, I am wondering why Gentoo handbook hasn't yet adopted this simplified setup. |
|
Back to top |
|
|
xaviermiller Bodhisattva
Joined: 23 Jul 2004 Posts: 8722 Location: ~Brussels - Belgique
|
Posted: Tue Sep 02, 2014 10:36 am Post subject: |
|
|
I use that setup without zeroconf support, and it rocks. _________________ Kind regards,
Xavier Miller |
|
Back to top |
|
|
Dr.Willy Guru
Joined: 15 Jul 2007 Posts: 547 Location: NRW, Germany
|
Posted: Tue Sep 02, 2014 10:37 am Post subject: Re: TIP: Complete network stack without net.* scripts |
|
|
charles17 wrote: | Also, I am wondering why Gentoo handbook hasn't yet adopted this simplified setup. |
That is a good question. |
|
Back to top |
|
|
xaviermiller Bodhisattva
Joined: 23 Jul 2004 Posts: 8722 Location: ~Brussels - Belgique
|
Posted: Wed Sep 03, 2014 12:19 pm Post subject: |
|
|
charles17 wireless problem moved here _________________ Kind regards,
Xavier Miller |
|
Back to top |
|
|
VinzC Watchman
Joined: 17 Apr 2004 Posts: 5098 Location: Dark side of the mood
|
Posted: Wed Sep 03, 2014 1:16 pm Post subject: Re: TIP: Complete network stack without net.* scripts |
|
|
charles17 wrote: | Zeroconf has gone (net-misc/dhcpcd-6.4.3). Will this guide still work, even without zeroconf? |
dhcp ebuild wrote: | dhcpcd has zeroconf support active by default. |
Means Zeroconf may have its USE flag gone but it's now built-in. It can be disabled with -L command line switch however. See http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/net-misc/dhcpcd/dhcpcd-6.4.3.ebuild?view=markup . _________________ Gentoo addict: tomorrow I quit, I promise!... Just one more emerge...
1739! |
|
Back to top |
|
|
charles17 Advocate
Joined: 02 Mar 2008 Posts: 3685
|
Posted: Wed Sep 03, 2014 4:08 pm Post subject: Re: TIP: Complete network stack without net.* scripts |
|
|
Just put this wonderful guide on a wiki page. VPN interfaces and DNS resolution still missing there. |
|
Back to top |
|
|
Dr.Willy Guru
Joined: 15 Jul 2007 Posts: 547 Location: NRW, Germany
|
Posted: Wed Sep 03, 2014 4:58 pm Post subject: Re: TIP: Complete network stack without net.* scripts |
|
|
charles17 wrote: | Just put this wonderful guide on a wiki page. VPN interfaces and DNS resolution still missing there. |
Awesome.
The part about wpa_supplicant's ctrl_interface (see https://forums.gentoo.org/viewtopic-p-7610948.html#7610948) should probably be mentioned. |
|
Back to top |
|
|
VinzC Watchman
Joined: 17 Apr 2004 Posts: 5098 Location: Dark side of the mood
|
Posted: Thu Sep 04, 2014 6:44 am Post subject: Re: TIP: Complete network stack without net.* scripts |
|
|
charles17 wrote: | Just put this wonderful guide on a wiki page. VPN interfaces and DNS resolution still missing there. |
As for VPN I kept having some weirdness (I've always used pon/poff for my VPN connections) along with openresolv and dnsmasq. Every now and then remote name servers failed to register with openresolv. From the couple of times I used pon/poff lately the problem doesn't happen.
This said VPN configuration is not that straightforward as there are many ways to implement a VPN connection, with or without flexible DNS resolution, with or without name caching, with or without mDNSResponder... My typical configuration is openresolv, dnsmasq and pptpclient plus some customized if-up scripts. So this is but as simple as this dhcpcd tutorial.
I would say VPN interfaces and dhcpcd are irrelevant in the end. Just teach dhcpcd to stay away from VPN interfaces (which configuration is usually dictated by the remote server) and that's it. Then you can plug in any VPN management you like. DNS resolution along with VPN is another dedicated topic IMHO. _________________ Gentoo addict: tomorrow I quit, I promise!... Just one more emerge...
1739! |
|
Back to top |
|
|
charles17 Advocate
Joined: 02 Mar 2008 Posts: 3685
|
Posted: Thu Sep 04, 2014 8:05 am Post subject: Re: TIP: Complete network stack without net.* scripts |
|
|
Done. Next question:
How are the network dependant services like ntpd, fetchmail sshd handled? Would dhcpcd start/stop them or do we need to have them in runlevel default? |
|
Back to top |
|
|
UberLord Retired Dev
Joined: 18 Sep 2003 Posts: 6835 Location: Blighty
|
Posted: Fri Sep 05, 2014 12:58 pm Post subject: Re: TIP: Complete network stack without net.* scripts |
|
|
charles17 wrote: | Done. Next question:
How are the network dependant services like ntpd, fetchmail sshd handled? Would dhcpcd start/stop them or do we need to have them in runlevel default? |
Not currently no.
Someone, like say an OpenRC dev needs to make a dhcpcd hook re-entrant so it goes inactive -> active ->inactive when no interfaces a running.
Still, for ntpd and sshd they generally bind to the wildcard address so it doesn't matter if there's a working IP or it changes, it still works. _________________ Use dhcpcd for all your automated network configuration needs
Use dhcpcd-ui (GTK+/Qt) as your System Tray Network tool |
|
Back to top |
|
|
charles17 Advocate
Joined: 02 Mar 2008 Posts: 3685
|
Posted: Fri Sep 05, 2014 1:20 pm Post subject: Re: TIP: Complete network stack without net.* scripts |
|
|
UberLord wrote: | Not currently no.
Someone, like say an OpenRC dev needs to make a dhcpcd hook re-entrant so it goes inactive -> active ->inactive when no interfaces a running.
Still, for ntpd and sshd they generally bind to the wildcard address so it doesn't matter if there's a working IP or it changes, it still works. | I was wondering because debugging dhcpcd-hooks/50-ntp.conf gave me output with Code: | ++ eval service_condcommand ntpd restart '&'
+++ service_condcommand ntpd restart | But this seems not to be doing anything. |
|
Back to top |
|
|
depontius Advocate
Joined: 05 May 2004 Posts: 3522
|
Posted: Fri Sep 05, 2014 1:45 pm Post subject: Re: TIP: Complete network stack without net.* scripts |
|
|
UberLord wrote: | charles17 wrote: | Done. Next question:
How are the network dependant services like ntpd, fetchmail sshd handled? Would dhcpcd start/stop them or do we need to have them in runlevel default? |
Not currently no.
Someone, like say an OpenRC dev needs to make a dhcpcd hook re-entrant so it goes inactive -> active ->inactive when no interfaces a running.
Still, for ntpd and sshd they generally bind to the wildcard address so it doesn't matter if there's a working IP or it changes, it still works. |
Especially on a dual-homed server, but sometimes even on my clients, I don't like to bind to the wildcard - I like to know where I'm listening. I'm quite interested in better OpenRC support of this way of running dhcpcd. _________________ .sigs waste space and bandwidth |
|
Back to top |
|
|
UberLord Retired Dev
Joined: 18 Sep 2003 Posts: 6835 Location: Blighty
|
Posted: Fri Sep 05, 2014 1:50 pm Post subject: Re: TIP: Complete network stack without net.* scripts |
|
|
depontius wrote: | Especially on a dual-homed server, but sometimes even on my clients, I don't like to bind to the wildcard - I like to know where I'm listening. I'm quite interested in better OpenRC support of this way of running dhcpcd. |
Silly question then - what is the expected result IF the IP address changes at all? I assume you have dhcpcd hooks in place to insert the IP to listen on into your service configs
And if it doesn't change, why are you running a DHCP client? _________________ Use dhcpcd for all your automated network configuration needs
Use dhcpcd-ui (GTK+/Qt) as your System Tray Network tool |
|
Back to top |
|
|
depontius Advocate
Joined: 05 May 2004 Posts: 3522
|
Posted: Fri Sep 05, 2014 2:34 pm Post subject: Re: TIP: Complete network stack without net.* scripts |
|
|
UberLord wrote: | depontius wrote: | Especially on a dual-homed server, but sometimes even on my clients, I don't like to bind to the wildcard - I like to know where I'm listening. I'm quite interested in better OpenRC support of this way of running dhcpcd. |
Silly question then - what is the expected result IF the IP address changes at all? I assume you have dhcpcd hooks in place to insert the IP to listen on into your service configs
And if it doesn't change, why are you running a DHCP client? |
I've done both, on different systems. On my home systems I'm not fussy once I'm inside my LAN, so I let the wildcards happen. However on my home LAN I use dhcp for central administration purposes. My name/IP mapping is only in my BIND zone files, and my name/MAC mapping is only in my dhcpd.conf. I can control all of that from my server, and clients remain dumb. On my laptops I'm much fussier, and I tweak things quite a bit depending on what network I'm attached to. The laptop runs the corporate image, and that means RH with network-manage, so I'm using those hooks. (Though I did dual-boot Gentoo on the previous corporate laptop, before they changed the security rules, and then I used the dhcpcd hooks.) Whenever I get my own personal laptop, I'll use the dhcpcd hooks again.
One side... I'm being somewhat paranoid based on the network I connect to - on "unknown" networks I wind up with no listening ports other than dhcpcd itself. But even whenI connect to my home or work networks, how do I know they're really my home or work networks, or someone setting up a dhcp server to deliver the expected IP, tricking me into starting some services? I've not come up with a good way to handle this one that wouldn't take a bunch of software infrastructure. _________________ .sigs waste space and bandwidth |
|
Back to top |
|
|
UberLord Retired Dev
Joined: 18 Sep 2003 Posts: 6835 Location: Blighty
|
Posted: Fri Sep 05, 2014 2:44 pm Post subject: Re: TIP: Complete network stack without net.* scripts |
|
|
depontius wrote: | One side... I'm being somewhat paranoid based on the network I connect to - on "unknown" networks I wind up with no listening ports other than dhcpcd itself. But even whenI connect to my home or work networks, how do I know they're really my home or work networks, or someone setting up a dhcp server to deliver the expected IP, tricking me into starting some services? I've not come up with a good way to handle this one that wouldn't take a bunch of software infrastructure. |
Uh, DHCP authentication? (not well supported by DHCP servers, but dhcpcd supports it).
http://tools.ietf.org/html/rfc3118
It's in the DHCPv6 standard as well which dhcpcd supports.
Maybe IEEE802.11 authentication on the switched port or WPA PSK?
All valid solutions. _________________ Use dhcpcd for all your automated network configuration needs
Use dhcpcd-ui (GTK+/Qt) as your System Tray Network tool |
|
Back to top |
|
|
depontius Advocate
Joined: 05 May 2004 Posts: 3522
|
Posted: Fri Sep 05, 2014 3:16 pm Post subject: Re: TIP: Complete network stack without net.* scripts |
|
|
UberLord wrote: | depontius wrote: | One side... I'm being somewhat paranoid based on the network I connect to - on "unknown" networks I wind up with no listening ports other than dhcpcd itself. But even whenI connect to my home or work networks, how do I know they're really my home or work networks, or someone setting up a dhcp server to deliver the expected IP, tricking me into starting some services? I've not come up with a good way to handle this one that wouldn't take a bunch of software infrastructure. |
Uh, DHCP authentication? (not well supported by DHCP servers, but dhcpcd supports it).
http://tools.ietf.org/html/rfc3118
It's in the DHCPv6 standard as well which dhcpcd supports.
Maybe IEEE802.11 authentication on the switched port or WPA PSK?
All valid solutions. |
I can do stuff like that for my home network, and will look into it. The corporate network is so silly-backwards you wouldn't believe it. But it's their network, their laptop, their software, and they insist that I use it as provided. Oh well. _________________ .sigs waste space and bandwidth |
|
Back to top |
|
|
steveL Watchman
Joined: 13 Sep 2006 Posts: 5153 Location: The Peanut Gallery
|
Posted: Sun Sep 07, 2014 11:20 am Post subject: Re: TIP: Complete network stack without net.* scripts |
|
|
UberLord wrote: | Someone, like say an OpenRC dev needs to make a dhcpcd hook re-entrant so it goes inactive -> active ->inactive when no interfaces a running. |
Hmm what do you want to happen? Also, I wish you were still in charge of openrc; I reviewed the commit history a while back, and it's gone completely downhill since you left. Some of the sh is simply painful to look at (as in: embarrassing), and there's been no other real code, apart from one patch from a user who like many others should have been nurtured into a developer on the project but wasn't. Oh an aborted attempt to remove an API, which I advised strongly against before it happened, and it was reverted a few weeks later: no other actual code, since you left. Disappointing, to say the least.
Quote: | Still, for ntpd and sshd they generally bind to the wildcard address so it doesn't matter if there's a working IP or it changes, it still works. |
Heh indeed. Funny how the old ideas still work.. just like a tap, or a plug still does the job. ;-) |
|
Back to top |
|
|
UberLord Retired Dev
Joined: 18 Sep 2003 Posts: 6835 Location: Blighty
|
Posted: Sun Sep 07, 2014 7:49 pm Post subject: Re: TIP: Complete network stack without net.* scripts |
|
|
steveL wrote: | Hmm what do you want to happen? |
Me? Nothing, I'm not entirely sure of the usefulness of this feature.
You either have complex scripts to update the IP services bind to (heh, like my hook scripts in dhcpcd - good examples there!) or you have the IP hard coded and made the running of DHCP for central IP management kinda redundant.
Saying that, I have made this patch upstream:
http://roy.marples.name/projects/dhcpcd/ci/1113488b81673c23b3b079e1fc5ea6df5ffc0ee5?sbs=0
Which will aid the creation of a hook. I've even provided a rough idea of how it would look here:
https://bugs.gentoo.org/show_bug.cgi?id=522206#c1
Quote: | Also, I wish you were still in charge of openrc; I reviewed the commit history a while back, and it's gone completely downhill since you left. Some of the sh is simply painful to look at (as in: embarrassing), and there's been no other real code, apart from one patch from a user who like many others should have been nurtured into a developer on the project but wasn't. Oh an aborted attempt to remove an API, which I advised strongly against before it happened, and it was reverted a few weeks later: no other actual code, since you left. Disappointing, to say the least.
Quote: | Still, for ntpd and sshd they generally bind to the wildcard address so it doesn't matter if there's a working IP or it changes, it still works. |
Heh indeed. Funny how the old ideas still work.. just like a tap, or a plug still does the job. |
Sorry that you think it's gone down hill, but I really don't have the time to maintain it anymore. All my free time goes into dhcpcd, dhcpcd-ui (working on a dhcpcd-qt port as we speak).
If you feel that passionate about it, then join the team and help out! _________________ Use dhcpcd for all your automated network configuration needs
Use dhcpcd-ui (GTK+/Qt) as your System Tray Network tool |
|
Back to top |
|
|
charles17 Advocate
Joined: 02 Mar 2008 Posts: 3685
|
Posted: Mon Sep 08, 2014 9:11 am Post subject: Re: TIP: Complete network stack without net.* scripts |
|
|
Will this interrupt ("backgrounding") and reactivate those network dependant services like openrc/netifrc does?
Then those services would need to be in runlevel default (using "need net" or "use net")?
I'd like to try it but need some help. What is the easiest way of emerging dhcpcd with this patch? |
|
Back to top |
|
|
UberLord Retired Dev
Joined: 18 Sep 2003 Posts: 6835 Location: Blighty
|
|
Back to top |
|
|
charles17 Advocate
Joined: 02 Mar 2008 Posts: 3685
|
Posted: Mon Sep 08, 2014 10:54 am Post subject: Re: TIP: Complete network stack without net.* scripts |
|
|
UberLord wrote: | Install the 9999 version.
That will also install Fossil so you can pull the latest dhcpcd code from my repository. | Tried that but getting errors, see pastebin. How to proceed? |
|
Back to top |
|
|
UberLord Retired Dev
Joined: 18 Sep 2003 Posts: 6835 Location: Blighty
|
|
Back to top |
|
|
charles17 Advocate
Joined: 02 Mar 2008 Posts: 3685
|
|
Back to top |
|
|
UberLord Retired Dev
Joined: 18 Sep 2003 Posts: 6835 Location: Blighty
|
|
Back to top |
|
|
charles17 Advocate
Joined: 02 Mar 2008 Posts: 3685
|
Posted: Mon Sep 08, 2014 2:39 pm Post subject: |
|
|
Thanks for your fast action. Compilation works and I did a first test with "99-openrc". Code: | set -x
# https://bugs.gentoo.org/show_bug.cgi?id=522206#c1
if $if_oneup && if_ipwaited then;
mark_service_started dhcpcd
else
mark_service_inactive dhcpcd
fi | What is that syntax error it shows me? Quote: | $ su -c "dhcpcd -dB"
Password:
dhcpcd[6481]: version 6.4.3 starting
dhcpcd[6481]: udev: starting
dhcpcd[6481]: dev: loaded udev
dhcpcd[6481]: enp2s14: if_disable_autolinklocal: Invalid argument
dhcpcd[6481]: wlp8s0: if_disable_autolinklocal: Invalid argument
dhcpcd[6481]: enp2s14: executing `/lib/dhcpcd/dhcpcd-run-hooks' PREINIT
/lib/dhcpcd/dhcpcd-hooks/99-openrc: line 6: syntax error near unexpected token `else'
/lib/dhcpcd/dhcpcd-hooks/99-openrc: line 6: `else'
+ for hook in /etc/dhcpcd.enter-hook '/lib/dhcpcd/dhcpcd-hooks/*' /etc/dhcpcd.exit-hook
+ for skip in '$skip_hooks'
+ case "$hook" in
+ '[' -f /etc/dhcpcd.exit-hook ']'
dhcpcd[6481]: enp2s14: executing `/lib/dhcpcd/dhcpcd-run-hooks' NOCARRIER
/lib/dhcpcd/dhcpcd-hooks/99-openrc: line 6: syntax error near unexpected token `else'
/lib/dhcpcd/dhcpcd-hooks/99-openrc: line 6: `else'
+ for hook in /etc/dhcpcd.enter-hook '/lib/dhcpcd/dhcpcd-hooks/*' /etc/dhcpcd.exit-hook
+ for skip in '$skip_hooks'
+ case "$hook" in
+ '[' -f /etc/dhcpcd.exit-hook ']'
dhcpcd[6481]: wlp8s0: executing `/lib/dhcpcd/dhcpcd-run-hooks' PREINIT
/lib/dhcpcd/dhcpcd-hooks/99-openrc: line 6: syntax error near unexpected token `else'
/lib/dhcpcd/dhcpcd-hooks/99-openrc: line 6: `else'
+ for hook in /etc/dhcpcd.enter-hook '/lib/dhcpcd/dhcpcd-hooks/*' /etc/dhcpcd.exit-hook
+ for skip in '$skip_hooks'
+ case "$hook" in
+ '[' -f /etc/dhcpcd.exit-hook ']'
dhcpcd[6481]: wlp8s0: executing `/lib/dhcpcd/dhcpcd-run-hooks' CARRIER
/lib/dhcpcd/dhcpcd-hooks/99-openrc: line 6: syntax error near unexpected token `else'
/lib/dhcpcd/dhcpcd-hooks/99-openrc: line 6: `else'
+ for hook in /etc/dhcpcd.enter-hook '/lib/dhcpcd/dhcpcd-hooks/*' /etc/dhcpcd.exit-hook
+ for skip in '$skip_hooks'
+ case "$hook" in
+ '[' -f /etc/dhcpcd.exit-hook ']'
dhcpcd[6481]: enp2s14: waiting for carrier
dhcpcd[6481]: DUID 00:01:00:01:0f:02:bb:59:00:1b:77:b1:c8:8e
dhcpcd[6481]: wlp8s0: IAID 77:b1:c8:8e
dhcpcd[6481]: wlp8s0: delaying IPv6 router solictation for 0.4 seconds
dhcpcd[6481]: wlp8s0: delaying DHCP for 0.4 seconds
ntpd | * Stopping ntpd ... [ ok ]
ntpd | * Starting ntpd ... [ ok ]
dhcpcd[6481]: wlp8s0: reading lease `/var/lib/dhcpcd/dhcpcd-wlp8s0.lease'
dhcpcd[6481]: wlp8s0: rebinding lease of 192.168.178.23
dhcpcd[6481]: wlp8s0: sending REQUEST (xid 0x1742fc50), next in 4.2 seconds
dhcpcd[6481]: wlp8s0: soliciting an IPv6 router
dhcpcd[6481]: wlp8s0: sending Router Solicitation
dhcpcd[6481]: wlp8s0: acknowledged 192.168.178.23 from 192.168.178.1
dhcpcd[6481]: wlp8s0: leased 192.168.178.23 for 864000 seconds
dhcpcd[6481]: wlp8s0: renew in 432000 seconds, rebind in 756000 seconds
dhcpcd[6481]: wlp8s0: IP address 192.168.178.23/24 already exists
dhcpcd[6481]: wlp8s0: adding route to 192.168.178.0/24
dhcpcd[6481]: wlp8s0: adding default route via 192.168.178.1
dhcpcd[6481]: wlp8s0: writing lease `/var/lib/dhcpcd/dhcpcd-wlp8s0.lease'
dhcpcd[6481]: wlp8s0: executing `/lib/dhcpcd/dhcpcd-run-hooks' REBOOT
/lib/dhcpcd/dhcpcd-hooks/99-openrc: line 6: syntax error near unexpected token `else'
/lib/dhcpcd/dhcpcd-hooks/99-openrc: line 6: `else'
+ for hook in /etc/dhcpcd.enter-hook '/lib/dhcpcd/dhcpcd-hooks/*' /etc/dhcpcd.exit-hook
+ for skip in '$skip_hooks'
+ case "$hook" in
+ '[' -f /etc/dhcpcd.exit-hook ']'
dhcpcd[6481]: wlp8s0: sending ARP announce (1 of 2), next in 2.0 seconds
ntpd | * Stopping ntpd ... [ ok ]
ntpd | * Starting ntpd ... [ ok ]
dhcpcd[6481]: wlp8s0: sending ARP announce (2 of 2)
dhcpcd[6481]: wlp8s0: sending Router Solicitation
dhcpcd[6481]: wlp8s0: sending Router Solicitation
dhcpcd[6481]: wlp8s0: sending Router Solicitation
dhcpcd[6481]: wlp8s0: no IPv6 Routers available |
|
|
Back to top |
|
|
|