On 03/08/2010 10:50:48 AM, Peter Stuge wrote:
> Karl O. Pinc wrote:
> > > I'm hoping that we can make "route-gateway dhcp" work on Unix
> > > platforms as well. I'm thinking there are two possible ways we
> > > could do this:
>
> Network interface configuration is highly distribution specific.
>
>
> > A) dhclient
> >
> > B) dhclient.conf
> >
> > C) dhclient
> >
> > D) dhcptl or omapi or .. omshell
> ..
> > This would be tied to the ISC implementation, but probably nobody
> > cares.
>
> I know of at least four DHCP clients and I avoid dhclient as much as
> possible. It would be a tremendous mistake to tie OpenVPN to any one
> DHCP client IMO.
Only D is tied to dhclient. A, B, and C, work fine with any dhcp
client daemon. (Or A does anyway, B and C require configuration file
support for the interface. I assume this is a common property of dhcp
clients.)
Yes. It would be nice not to force use of a particular client.
Especially if, as you write, many clients are in use.
>
>
> What most if not all distributions have in common, or could have in
> common, is that a script configures the network interface. Sometimes
> it's called ifup, other times it's /etc/init.d/net.tap0, yet other
> times it's something else.
>
> I suggest instead relying on a generic configuration script to do
> interface configuration when the VPN comes up.
The trouble with that is that these scripts can do other things.
If all you're interested in is configuring via dhcp, then that's all
you want to start/stop. At least that's what runs through my head.
It's because network configuration is distro specific, but
starting/stopping/running/configuring a dhcp daemon isn't nearly so
that makes this approach appealing. On the other hand, if
the ifup/ifdown/(etc.) scripts do what's needed and don't cause
any problems then maybe it makes sense to use what the
administrator is familiar with -- but this assumes that the
person setting up OpenVPN is familiar with how network
interface activation is scripted.
In either case we'd be looking at an openvpn configuration
directive (or 2) that takes a command to run once
the link comes up (and down). If that was in place then
any of A, B, C, or D, or your choice of using an ifup/ifdown
script would all work.
Given that. Why not just use -up and --down to do what's
needed? Avoid changing the code and write documentation.
Karl <k...@meme.com>
Free Software: "You don't pay back, you pay forward."
-- Robert A. Heinlein
