Morning Folks, I was asked off list why would I be making a macro for the loopback address, It is a good question and for those of you who thought It was a weird request I made in the first place some clarification below
what I meant was *a* Loopback address , not "*the* Loopback address" , what I mean interims of Networking is an Address on an Interface that is always up, either a Loopback interface, and on which I can run services such as SShd and have OSPF / BGPd originate messages from ... having it on a loopback eg lo1 means the IP address should always be up (as the Interface is always up (no physical dependencies) (useful for routers with multiple physical nics and multiple paths from which to reach the loopback, normally I would create a loopback interface for the Router ID / service that I wanted multihhomed, in my case, I want an alias to set the address on the loopback interface lo1 then refer to the loopback address in pf.conf then refer to the loopback address in bgpd.conf (the routerID and the Local Address for MultihopBGP sessions and then refer to the loopback address in Ospfd.conf Router ID and if the router ID was to be an any cast DNS server you would refer to the Loopback Address as a listen on in Relayd,conf nsd.conf or unbound .conf also .. I hope this helps Tom Smyth On Thu, 4 Sept 2025 at 21:41, Tom Smyth <[email protected]> wrote: > Hi Ingo, Pascale, > > thanks for your very helpful responses... Ill give it a go > > much obliged, > > Tom Smyth > > On Thu, 4 Sept 2025 at 21:00, Ingo Schwarze <[email protected]> wrote: > >> Hi Tom, >> >> Tom Smyth wrote on Thu, Sep 04, 2025 at 08:17:04PM +0100: >> >> > sometimes in my router configs I would like to be able to declare >> > a macro in one location and refer to it across multiple files, >> > for instance a loopback address might be refered to in BGP, OSPF >> > and IPSEC and PF configuration, >> > >> > is there a way in OpenBSD of configuring aliases / variables like >> > that and then using them in config files where they would be >> > expanded / understood by the parser of the config file ... >> >> I don't think there is a method that is going to work with >> absolutely all config files one might come up with - but many >> of the daemons you mention are based on parse.y, hence they have >> reasonably similar configuration syntax, and many of them support >> the "include" directive: >> >> $ man -s 5 -k Ic=include >> acme-client.conf(5) - acme-client configuration file >> bgpd.conf(5) - BGP routing daemon configuration file >> eigrpd.conf(5) - EIGRP routing daemon configuration file >> hostapd.conf(5) - configuration file for the Host Access Point daemon >> httpd.conf(5) - HTTP daemon configuration file >> iked.conf(5) - IKEv2 configuration file >> ipsec.conf(5) - IPsec configuration file >> iscsi.conf(5) - ISCSI daemon configuration file >> ldapd.conf(5) - LDAP daemon configuration file >> ldpd.conf(5) - LDP routing daemon configuration file >> man.conf(5) - configuration file for man >> ospf6d.conf(5) - OSPF for IPv6 routing daemon configuration file >> ospfd.conf(5) - OSPF routing daemon configuration file >> pf.conf(5) - packet filter configuration file >> rad.conf(5) - router advertisement daemon configuration file >> relayd.conf(5) - relay daemon configuration file >> smtpd.conf(5) - SMTP daemon configuration file >> snmpd.conf(5) - SNMP daemon configuration file >> unwind.conf(5) - validating DNS resolver configuration file >> vm.conf(5) - virtual machine configuration >> >> So you *might* get away with putting *some* macros into *one* >> configuration file that you #include from configuration files >> for *some* different daemons - provided that you carefully >> study the documentation about which configuration file supports >> exactly what, be careful to not put stuff into the common file >> that makes any of the including daemons choke, and carefully >> test every daemon after every change. >> >> Disclaimer 1: as usual with apropos(1), do not take the above list >> at face value - instead, actually RTFM. For example, man.conf(5) >> supports an "includes" directive with a very different syntax that >> does soemthing very different but also matches the search >> expression "Ic=include". >> >> Disclaimer 2: i never did this myself, but i see no reason why it >> shouldn't work. >> >> > or am I asking for too much and just script the changes through >> > in config generators (which is what I do presently ? >> >> That's not completely unreasonable either; i did such things in >> the past when i had multiple firewalls separating various network >> segments and wanted conistent config files across more than one >> machine. >> >> Yours, >> Ingo >> > > > -- > Kindest regards, > Tom Smyth. > -- Kindest regards, Tom Smyth.
