Re: npf and ephemeral interfaces (tun0)

To: Tobias Nygren <tnn%NetBSD.org@localhost>
Subject: Re: npf and ephemeral interfaces (tun0)
From: Manuel Bouyer <bouyer%antioche.eu.org@localhost>
Date: Wed, 17 Feb 2016 18:21:07 +0100

On Wed, Feb 17, 2016 at 04:57:04PM +0100, Tobias Nygren wrote:
> On Wed, 17 Feb 2016 15:26:55 +0000
> David Brownlee <abs%absd.org@localhost> wrote:
> 
> > I have a server which needs to run an npf map rule on its OpenVPN
> > interface (tun0).
> > 
> > I can create the rule fine, but when the system restarts tnpf rejects
> > the rulset because there is no tun0 interface. Am I missing something?
> > Is there a way around this?
> 
> I do "ifconfig tun0 create" in /etc/netstart.local combined with
> "openvpn --persist-tun" to prevent it from removing the interface on
> reconnect.

that's not a workaround applicable to all cases.
For example on a Xen dom0 guest interfaces can't be pre-created
(and also the name changes over time, but that's another issue)

-- 
Manuel Bouyer <bouyer%antioche.eu.org@localhost>
     NetBSD: 26 ans d'experience feront toujours la difference
--

References:
- npf and ephemeral interfaces (tun0)
  - From: David Brownlee
- Re: npf and ephemeral interfaces (tun0)
  - From: Tobias Nygren

Prev by Date: Re: npf and ephemeral interfaces (tun0)
Next by Date: Re: npf and ephemeral interfaces (tun0)
Previous by Thread: Re: npf and ephemeral interfaces (tun0)
Next by Thread: Re: npf and ephemeral interfaces (tun0)
Indexes:

Home | Main Index | Thread Index | Old Index