Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 65153 - New bridge init script - better for VPN
Summary: New bridge init script - better for VPN
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: High enhancement (vote)
Assignee: Gentoo's Team for Core System packages
URL:
Whiteboard:
Keywords: InVCS
: 62191 64914 (view as bug list)
Depends on:
Blocks: 66472
  Show dependency tree
 
Reported: 2004-09-23 16:42 UTC by James Le Cuirot
Modified: 2004-11-08 11:03 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
New bridge init script (bridge,1.09 KB, text/plain)
2004-09-23 16:43 UTC, James Le Cuirot 		Details
net.tap0 init script (net.tap0,206 bytes, text/plain)
2004-09-23 16:43 UTC, James Le Cuirot 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description James Le Cuirot gentoo-dev 2004-09-23 16:42:14 UTC 
I've just been to hell and back trying to get my bridged VPN to work. But now it works, I'm in heaven. It's wonderful. Getting it working would have been a lot easier if there had been a better init script for the bridge. The problem with the current one is that it assumes that the interfaces for the bridge are already present. I was trying to bridge tap0 with eth0 but tap0 didn't exist yet because OpenVPN hadn't started yet... but OpenVPN needed network access. Catch 22? Almost. I could create a "permanent" tap0 device that would exist before starting OpenVPN. So I made net.tap0 but how was I to ensure that got executed before bridge? I was getting tangled up in dependencies and it wasn't looking pretty. I thought there had to be a simpler solution. Well I cracked it. This new script runs each interface's script and then runs the bridge's script. For example, if the bridge br0 comprises of eth0 and tap0 then net.eth0 gets run, followed by net.tap0 and then net.br0. It is not necessary to add any of the net.* scripts to the default runlevel. Only the bridge script is necessary (and the openvpn script if you're using that). eth0 should not be given an IP and needs to be in promiscuous mode so that is simply stated in /etc/conf.d/net with "0.0.0.0 promisc" as the ifconfig setting. I have also included the script necessary to create tap0. Perhaps this could be included with the OpenVPN package? I've tested this out on two machines and it works great.
Comment 1 James Le Cuirot gentoo-dev 2004-09-23 16:43:09 UTC 
Created attachment 40253 [details]
New bridge init script
Comment 2 James Le Cuirot gentoo-dev 2004-09-23 16:43:32 UTC 
Created attachment 40254 [details]
net.tap0 init script
Comment 3 James Le Cuirot gentoo-dev 2004-09-23 16:46:14 UTC 
Oh yeah and this also works with the old-style network init scripts. One of the machines I tried this on uses x86 and the other uses ~x86.
Comment 4 James Le Cuirot gentoo-dev 2004-10-18 08:39:45 UTC 
*bump* I don't mean to be impatient but I think this is a major improvement on the current script and could save people many hours of confusion.
Comment 5 Roy Marples (RETIRED) gentoo-dev 2004-11-05 08:57:02 UTC 
*** Bug 64914 has been marked as a duplicate of this bug. ***
Comment 6 Roy Marples (RETIRED) gentoo-dev 2004-11-05 09:04:24 UTC 
We already have a re-worked bridging script in CVS which incorporates your idea slightly.

bridge_br0="eth0 tun0"
ifconfig_br0=( "null" )
ifconfig_tun0=( "null" )

net.br0 linked to net.lo
net.tun0 linked to net.lo

This config will create a bridge called br0 and it will detect that tun0 does not exist and it will run net.tun0 start to create it.

This will be in baselayout-1.11.6
Comment 7 Roy Marples (RETIRED) gentoo-dev 2004-11-05 09:05:43 UTC 
*** Bug 62191 has been marked as a duplicate of this bug. ***
Comment 8 Roy Marples (RETIRED) gentoo-dev 2004-11-08 11:03:59 UTC 
Fixed in baselayout-1.11.6