In message <014901c6202e$8f31fc40$4b01a8c0@XEON2>, "Michael D. Spence" writes:
>I have two interfaces that connect to the Internet via separate
>cable modems.  One has a VPN box in the way and the other 
>doesn't.  Whenever my NetBSD system gets rebooted, dhclient 
>configures the two interfaces.  However, I would like to always
>use one of the interfaces as the default route and it is often 
>the case that the other one ends up in this role.
>
>It seems to me, from looking at dhclient-script, that this depends 
>on which interface gets configured first.  I thought about using
>the dhclient-script hooks to force the issue, but I'm not really
>comfortable that this is the best way.
>
>I also thought that adding some stuff to rc.local might work, but
>the problem there, ISTM, is that dhclient might not be done yet if
>the DHCP servers involved are being pokey.
>
>I also considered adding an alias to dhclient.conf for each of these
>interfaces, which could then invoke some alternative dhclient-script I 
>could write to do what needed to be done, but it isn't exactly clear to
>me that the real dhclient-script will run before or after mine (although
>I'd think it'd be before, right?).  If it's after, this wouldn't really
>be helpful.
>
>Any advice on choosing between these alternatives?  Is there another
>way that would be better?
>

I see several choices.

One is to punt.  Change your dhclient.conf file so that it doesn't 
request 'routers', and set the default statically, via /etc/mygate or
by setting defaultroute in rc.conf.

If you don't want to do that, create a /etc/dhclient-enter-hooks file.
It should say something like this:


if [ "$interface" = uselessinterface ]; then
	unset $new_routers
fi

That will unset the variable on entry, which will cause the rest of the 
script to avoid using it as a default route.

		--Steven M. Bellovin, http://www.cs.columbia.edu/~smb