Jiri B <jirib <at> devio.us> writes: > I'm aware of both. So what is this renaming of ifaces good > for? Like /etc/mactab in Linux... I've thought I have usage > for this but then I discovered I did bad testing and reorder > of nics was my issue in RHEVM/kvm world.
hey, this is OpenBSD, which is neither forcing you, nor restricting to use your brain :) /etc/netstart brings all networks related stuff up. if your virtualization environment changes an order but preserves MAC addresses (which most hypervisors do by generating MACs at virtual machine creation, interface addition, etc), you can write a little shim on top of /etc/netstart which will assign unique group to interface with a given MAC address. after that and all /etc/netstart juggling, pf may filter on groups instead of interface names. with decent shell programming skills, writing such a shim should take less than hour including testing.
