tech-net: rc.conf vs interface aliases

Subject: rc.conf vs interface aliases
To: None <tech-net@netbsd.org>
From: der Mouse <mouse@Rodents.Montreal.QC.CA>
List: tech-net
Date: 01/18/2006 16:05:31
I have a 3.0 machine with four interfaces.  I want to configure one of
them "normally" and the others with some four or five addresses each.

"Fine", you say, "put them in /etc/ifconfig.*".  That's where the
problems start.  You see, there are multiple things that use these
interfaces, and which interface is which is comparatively likely to
change.  So I would tend to create a file (/etc/ifnames, say) with
lines like

	FOOIF=fxp0
	BARIF=vr0
	BAZIF=ex0

which is then read by things that use them.  Then if vr0 is replaced by
fxp1, say, changing that one file will cause everything to pick up the
changes correctly.

Except then I have trouble with /etc/rc.conf.  It's easy enough to add
". /etc/ifnames" and write

	net_interfaces="$FOOIF $BARIF"
	eval ifconfig_"$FOOIF"=10.0.0.1/24

but then when I get to BARIF, what do I do?  The principal address is
easy enough, but the aliases are another story.  I really dislike the
idea of rewriting /etc/ifconfig.* from /etc/rc.conf (and indeed it
won't even work if done naīvely, because rc.conf is run before / is
writable), and ifaliases_* is insanely restricted.

For my own machines, I have /etc/netstart (which maps to
/etc/rc.d/network on 3.0) patched so I could do this as

	eval ifconfig_"$BARIF"=...
	eval ifalias_"$BARIF"_1="... alias"
	eval ifalias_"$BARIF"_2="... alias"
	eval ifalias_"$BARIF"_3="... alias"

Of course, I could do the same here, but mucking about with the
supplied /etc/rc.d/* scripts is just asking for trouble at OS upgrade
time.

There's also the issue that these same interface names need to appear
in /etc/pf.conf, which has no facility akin to sh's . or C's #include.

I'm currently leaning towards a local script in rc.d, with REQUIRE:root
and BEFORE:network, which rewrites /etc/ifconfig.* and /etc/pf.conf
based on /etc/ifnames (or whatever).  But that seems pretty gross, and
I'm wondering if any of you have thoughts on a righter way to do this,
especially if it leads to something that makes it into the base system
and thus doesn't provoke upgrade grief.  If it weren't for pf.conf, I'd
probably be offering patches to /etc/rc.d/network....

/~\ The ASCII				der Mouse
\ / Ribbon Campaign
 X  Against HTML	       mouse@rodents.montreal.qc.ca
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B