tech-net archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Interface description support
Just my 3 cents...
dms> But it also occurs to me that calling it a "description" is misleading
dms> if it's really an alternative name. To me, "description" would be
dms> something like "Inter-office VPN" or "4th floor desktops". [...]
Yepp, that's actually how I understand the initial proposal.
I come from a cisco background where an "interface description" as
an optional comment, and *only* a comment; still, it tremendously
helps preserving sanity:
shake> show interface description | exclude down
Interface Status Protocol Description
Vl1 up up
Fa0/1 up up uplink
Fa0/2 up up ry
Fa0/8 up up alexis
The
#define IFDESCRSIZE 64
from the proposed patch would be exactly appropriate for this purpose
("4th floor desktops").
[OpenBSD uses "ifconfig ... description <value>" is this sense.]
dms> [...] What's been
dms> getting discussed here I would call an "alias", though I'd want to find
dms> a different word for it because ifconfig(8)'s command line already has
dms> an "alias" keyword.
FWIW, the linux iproute2 tools happen to use this nomenclature ("ip link set
eth0 alias outbound". "label" comes to mind, too.
And I would prefer a very simple, rigid syntax for it. Just one word
such as "inside" or "egress" is all I'd need for this "label" purpose.
This would allow sh or awk scripts parsing ifconfig/route/packetfilter
to remain on sane side. The nightmares start with "multiple words
in quotes" -- please, don't make us go this route for labels.
[OpenBSD uses "ifconfig ... group <group-name>" for this purpose
group group-name
Assign the interface to a "group". group-name may not be
longer than 15 characters and must not end with a digit.
Any interface can be in multiple groups.
]
Lastly, I am *not* a great fan from the macro mechanism in npf where the
effective situation:
# npfctl show
[...]
group "external" on vioif0
ruleset "blacklistd" all
pass final all
requires an extra translation to find the corresponding configuration
statements in /etc/npf.conf:
$ext_if = "vioif0"
[...]
group "external" on $ext_if {
ruleset "blacklistd"
pass final all
}
If description labels (as a replacement for such macros) could be preserved
in both these views, this would ease things a lot. I even wouldn't mind
having to use/see explicit syntax for this goal. (OpenBSD's pf happens
to do without.)
Martin
Home |
Main Index |
Thread Index |
Old Index