From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1Rupq7-0002G9-CL for garchives@archives.gentoo.org; Tue, 07 Feb 2012 18:32:28 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 47254E0790; Tue, 7 Feb 2012 18:32:18 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by pigeon.gentoo.org (Postfix) with ESMTP id 1EB17E074E for ; Tue, 7 Feb 2012 18:31:43 +0000 (UTC) Received: from [192.168.1.43] (unknown [96.231.195.26]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 3BEA81B400C for ; Tue, 7 Feb 2012 18:31:42 +0000 (UTC) Message-ID: <1328639500.8348.114.camel@rook> Subject: Re: [gentoo-dev] Re: rfc: only the loopback interface should provide net From: Alexandre Rostovtsev To: gentoo-dev@lists.gentoo.org Date: Tue, 07 Feb 2012 13:31:40 -0500 In-Reply-To: <20120207173342.GB4579@linux1> References: <20120206210451.GA1940@linux1> <1328570113.8348.53.camel@rook> <20120207064348.GA3036@linux1> <1328603319.8348.81.camel@rook> <4F313792.7050502@gentoo.org> <20120207173342.GB4579@linux1> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.2.3 Content-Transfer-Encoding: 7bit Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org Mime-Version: 1.0 X-Archives-Salt: 468b0031-83ac-4a73-9ff5-b99b343b0688 X-Archives-Hash: 2e36b0d840062fc27cbcbe6b733d272d On Tue, 2012-02-07 at 11:33 -0600, William Hubbs wrote: > On Tue, Feb 07, 2012 at 04:46:58PM +0000, Duncan wrote: > > 1) Separate net.lo service for stuff that doesn't have to have an > > external connection at all. > > This can be easily done. I'll just make net.lo* not provide net. > > > 2) A default net (or net*) service that is is composed of all non-net.lo > > services, with a default any-one-of-them policy. > > Two reasons for this: > > > > 2a) It'll "just work" in the simple case. > > > > 2b) It's the easiest to automatically preconfigure without getting into > > lots of "detect all the networks and magically figure out whether they're > > lan-only or inet" hairballs. > > As soon as you add a second interface, this default "net" service > breaks. That is why I think we should add an "internet" service that > consists of interfaces the user says provide a connection to the > internet. Then we could make our services that need real > internet connections need that service instead of net. As I discussed in #gentoo-dev, it breaks if some of your interfaces are lan-only. That might be not uncommon in the server room, but for the typical gentoo user with a desktop or laptop, all interfaces are generally expected to allow internet connections, and if more than one is up (e.g. both eth0 and wlan0), the kernel will do the intelligent thing and choose the best one to route through. -Alexandre.