[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: starting Fedora Server SIG



Dan Williams wrote:

Dan Horák wrote:
Chris Adams píše v Čt 13. 11. 2008 v 10:02 -0600:
Once upon a time, Dan Williams <dcbw redhat com> said:
You can certainly disable NetworkManager and use manual configuration of
your network devices.
For how long?  I thought I'd read that the plan was to use NM for
everything and eliminate /etc/init.d/network.
We will keep/maintain /etc/init.d/network forever :-) They don't
conflict, so there is no reason to completely drop the old method.
Who wins if they both want to set the default route and DNS servers?

If two equal class devices (ethernet > wifi > mobile broadband) are
capable of being the default route, the one detected earliest from HAL
wins.

OK, what does HAL know about multi-homed servers? And by the way, a common scenario with servers is to clone them with image copies. How do I establish which interface is which when the drive boots in hardware that is identical except for the NIC mac addresses?

The default device's DNS information gets added first, and each active
device's DNS information is appended.

That sounds like the worst possible scenario. I'd more likely want the latest device activated to be the first choice or not included at all, depending on what is really going on.

Thus you can certainly get more
than 3 nameservers in /etc/resolv.conf, but 3 is all that the glibc
resolver allows.

If these are dynamically added, are they tracked and removed as the corresponding interfaces go down?

In the future we can resurrect caching nameserver to
support split DNS, but that's based on _domain name_, not IP address, so
the best solution there, by default (but allow manual override) is to
use the DHCP-returned search domains (if any) as the domains to split
DNS for.

There are too many possibilities to even guess at how to intertwine multiple DNS servers. The main thing I'd want is a yes or no option on whether to install them if offered by DHCP. The DNS servers themselves may need local zone files and forwarders specified for public lookups.

Chances are that if you have a working statically assigned interface you would not want to switch them to subsequent DHCP assigned NIC - but on the other hand if you bring up a VPN tunnel, you might. And does NM

Why's that?

My scenario is where servers have multiple NICs to talk to the direct neighbors on each subnet that intentionally don't route to each other or where you want to isolate the traffic. For example, I run OpenNMS on an internal server that has static routing on the interfaces where I want it, but it also picks up a DHCP address from an otherwise isolated subnet so it can monitor those devices. The DHCP server offers a default route and DNS servers but if those are installed, I can't reach my internal network.

know enough to drop routes through an interface that is physically down (no link, not ifdown) statically assigned or not?

If the interface is physically down, NM will deactivate the connection
and addresses and routes get flushed.  Fine-grained modification of
device parameters and configuration while the interface is
down/disconnected isn't supported and likely won't be.

So you can alternate between several ethernet and wireless interfaces and as long as one is active everything will be happy? That's not a typical server scenario, but a good thing to have. Does route removal for down interface propagate so routing protocols (quagga) know to remove them from the advertised set?

I tend to think there will be a place for manual network configuration
for a long time (no matter what jeremy says :), because there are some
situations that are just too borderline to support in the short term, or
are sufficiently borderline that the maintenance cost of adding the
feature outweighs the benefit of the feature in the first place.
There's always a tradeoff to feature addition.

There is no way any software could guess the correct configuration for my multihomed machines and I don't think my dns servers could be automatically constructed either. If you think otherwise, consider situations where everything is firewalled and you have a lot of wires connected. But I'd be happy if I knew how to pre-configure some file that would be associated with a known interface when I swap disks among different servers or image copy and ship them out.

--
   Les Mikesell
     lesmikesell gmail com


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]