Setting up the network, and setting up a network interface are really
different things. The interface is an IP {address, mask, broadcast}. The
network is default route and /etc/resolv.conf.
As this bug illustrates, setting both without the ability to separate them
is a flaw in DHCP. Realizing that this flaw won't be easily corrected, I'd
like to submit this patch for consideration as a compromise solution. It's
working well locally, and integrates well with real usage of Debian where
this problem could occur.
This patch is based off the default DHCP client script in Lenny.
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
--- dhclient-script.lenny 2010-03-23 19:28:08.000000000 -0400
+++ dhclient-script 2010-03-23 19:27:25.000000000 -0400
@@ -67,6 +67,30 @@
return $exit_status
}
+lcl_cfg_dir="/var/lib/dhcp3"
+ok2set_default_route () {
+ local ifc_config="${lcl_cfg_dir}/${interface}.cfg"
+
+ if [ -r "$ifc_config" ]; then
+ source "$ifc_config"
+ fi
+
+ return "${lcl_ok2set_default_route:-0}" # by default set default route
+
+} # ok2set_default_route()
+
+ok2set_resolv () {
+ local ifc_config="${lcl_cfg_dir}/${interface}.cfg"
+
+ if [ -r "$ifc_config" ]; then
+ source "$ifc_config"
+ fi
+
+ return "${lcl_ok2set_resolv:-0}" # by default set-up /etc/resolv.conf
+
+} # ok2set_resolv()
+
+
run_hookdir() {
local dir="$1"
local exit_status
@@ -185,9 +209,14 @@
done
fi
- for router in $new_routers; do
- route add default dev $interface gw $router $metric_arg
- done
+ if ok2set_default_route; then
+ logger "setting default route for $interface"
+ for router in $new_routers; do
+ route add default dev $interface gw $router $metric_arg
+ done
+ else
+ logger "NOT setting default route for $interface"
+ fi
fi
if [ "$new_ip_address" != "$alias_ip_address" -a -n
"$alias_ip_address" ];
@@ -197,7 +226,12 @@
route add -host $alias_ip_address $interface:0
fi
- make_resolv_conf
+ if ok2set_resolv; then
+ logger "setting /etc/resolv.conf for $interface"
+ make_resolv_conf
+ else
+ logger "NOT setting /etc/resolv.conf for $interface"
+ fi
;;
@@ -237,11 +271,21 @@
route add -host $alias_ip_address dev $interface:0
fi
- for router in $new_routers; do
- route add default dev $interface gw $router $metric_arg
- done
+ if ok2set_default_route; then
+ logger "setting default route for $interface"
+ for router in $new_routers; do
+ route add default dev $interface gw $router $metric_arg
+ done
+ else
+ logger "NOT setting default route for $interface"
+ fi
- make_resolv_conf
+ if ok2set_resolv; then
+ logger "setting /etc/resolv.conf for $interface"
+ make_resolv_conf
+ else
+ logger "NOT setting /etc/resolv.conf for $interface"
+ fi
else
# Changed from 'ifconfig $interface inet 0 down' - see Debian bug
#144666
ifconfig $interface inet 0
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
This patch allows the user to create a file in /var/lib/dhcp3 that
controls setting up network (not interface) information on a per
interface basis.
So, to solve my initial problem of having openvpn controlling the network
settings and the DHCP client contolling the interface settings, I add
pre-up and post-down commands to the /etc/network/interfaces file.
auto wlan0
iface wlan0 inet dhcp
...
# Disable setting of /etc/resolv.conf and the default route by the DHCP
client.
pre-up /bin/echo lcl_ok2set_route=1 > /var/lib/dhcp3/wlan0.cfg
pre-up /bin/echo lcl_ok2set_resolv=1 >> /var/lib/dhcp3/wlan0.cfg
...
post-down /bin/rm -f /var/lib/dhcp3/wlan0.cfg
This allows DHCP to control the interface and openvpn to control the
networking. In my case, all non-DHCP traffic goes openvpn, thereby
replacing wireless security protocols with openvpn.
It should be obvious that this also resolves the issues of two network
interfaces fighting over control of the network setting (/etc/resolv.conf
and the default route), since the /etc/network/interfaces file can signal
the DHCP clients which interface controls the network settings in the
same fashion.
Finally, this patch maintains backwards compatibility. If you don't
create the interface configuration file, everything works as it always
has, the the DCHP client will set both the network settings and the
interface settings.
I hope you'll include this code in a future versions of the DHCP client
with Debian. It may be used under the current licence terms of the DHCP
client package it would go into.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
