Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 65153

Summary: New bridge init script - better for VPN
Product: Gentoo Linux Reporter: James Le Cuirot <chewi>
Component: Current packagesAssignee: Gentoo's Team for Core System packages <base-system>
Status: RESOLVED FIXED    
Severity: enhancement CC: kent
Priority: High Keywords: InVCS
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---
Bug Depends on:    
Bug Blocks: 66472    
Attachments: New bridge init script
net.tap0 init script

Description James Le Cuirot gentoo-dev 2004-09-23 16:42:14 UTC 
I've just been to hell and back trying to get my bridged VPN to work. But now it works, I'm in heaven. It's wonderful. Getting it working would have been a lot easier if there had been a better init script for the bridge. The problem with the current one is that it assumes that the interfaces for the bridge are already present. I was trying to bridge tap0 with eth0 but tap0 didn't exist yet because OpenVPN hadn't started yet... but OpenVPN needed network access. Catch 22? Almost. I could create a "permanent" tap0 device that would exist before starting OpenVPN. So I made net.tap0 but how was I to ensure that got executed before bridge? I was getting tangled up in dependencies and it wasn't looking pretty. I thought there had to be a simpler solution. Well I cracked it. This new script runs each interface's script and then runs the bridge's script. For example, if the bridge br0 comprises of eth0 and tap0 then net.eth0 gets run, followed by net.tap0 and then net.br0. It is not necessary to add any of the net.* scripts to the default runlevel. Only the bridge script is necessary (and the openvpn script if you're using that). eth0 should not be given an IP and needs to be in promiscuous mode so that is simply stated in /etc/conf.d/net with "0.0.0.0 promisc" as the ifconfig setting. I have also included the script necessary to create tap0. Perhaps this could be included with the OpenVPN package? I've tested this out on two machines and it works great.
Comment 1 James Le Cuirot gentoo-dev 2004-09-23 16:43:09 UTC 
Created attachment 40253 [details]
New bridge init script
Comment 2 James Le Cuirot gentoo-dev 2004-09-23 16:43:32 UTC 
Created attachment 40254 [details]
net.tap0 init script
Comment 3 James Le Cuirot gentoo-dev 2004-09-23 16:46:14 UTC 
Oh yeah and this also works with the old-style network init scripts. One of the machines I tried this on uses x86 and the other uses ~x86.
Comment 4 James Le Cuirot gentoo-dev 2004-10-18 08:39:45 UTC 
*bump* I don't mean to be impatient but I think this is a major improvement on the current script and could save people many hours of confusion.
Comment 5 Roy Marples (RETIRED) gentoo-dev 2004-11-05 08:57:02 UTC 
*** Bug 64914 has been marked as a duplicate of this bug. ***
Comment 6 Roy Marples (RETIRED) gentoo-dev 2004-11-05 09:04:24 UTC 
We already have a re-worked bridging script in CVS which incorporates your idea slightly.

bridge_br0="eth0 tun0"
ifconfig_br0=( "null" )
ifconfig_tun0=( "null" )

net.br0 linked to net.lo
net.tun0 linked to net.lo

This config will create a bridge called br0 and it will detect that tun0 does not exist and it will run net.tun0 start to create it.

This will be in baselayout-1.11.6
Comment 7 Roy Marples (RETIRED) gentoo-dev 2004-11-05 09:05:43 UTC 
*** Bug 62191 has been marked as a duplicate of this bug. ***
Comment 8 Roy Marples (RETIRED) gentoo-dev 2004-11-08 11:03:59 UTC 
Fixed in baselayout-1.11.6