From jdc@koitsu.dyndns.org  Wed Sep 29 09:53:10 2010
Return-Path: <jdc@koitsu.dyndns.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 633B11065673
	for <freebsd-gnats-submit@freebsd.org>; Wed, 29 Sep 2010 09:53:10 +0000 (UTC)
	(envelope-from jdc@koitsu.dyndns.org)
Received: from QMTA11.westchester.pa.mail.comcast.net (qmta11.westchester.pa.mail.comcast.net [76.96.59.211])
	by mx1.freebsd.org (Postfix) with ESMTP id 119C48FC19
	for <freebsd-gnats-submit@freebsd.org>; Wed, 29 Sep 2010 09:53:09 +0000 (UTC)
Received: from omta19.westchester.pa.mail.comcast.net ([76.96.62.98])
	by QMTA11.westchester.pa.mail.comcast.net with comcast
	id CZnN1f00127AodY5BZtApB; Wed, 29 Sep 2010 09:53:10 +0000
Received: from koitsu.dyndns.org ([98.248.41.155])
	by omta19.westchester.pa.mail.comcast.net with comcast
	id CZt91f0013LrwQ23fZt9ld; Wed, 29 Sep 2010 09:53:09 +0000
Received: by icarus.home.lan (Postfix, from userid 1000)
	id AC3E39B418; Wed, 29 Sep 2010 02:53:07 -0700 (PDT)
Message-Id: <20100929095307.AC3E39B418@icarus.home.lan>
Date: Wed, 29 Sep 2010 02:53:07 -0700 (PDT)
From: Jeremy Chadwick <freebsd@jdc.parodius.com>
Reply-To: Jeremy Chadwick <freebsd@jdc.parodius.com>
To: FreeBSD-gnats-submit@freebsd.org
Cc: dougb@FreeBSD.org
Subject: [rc.subr] Verify network link and packet flow before starting network services
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         151063
>Category:       conf
>Synopsis:       [rc.subr] Verify network link and packet flow before starting network services
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    dougb
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Wed Sep 29 10:00:11 UTC 2010
>Closed-Date:    Sat Jun 25 23:16:49 UTC 2011
>Last-Modified:  Sat Jun 25 23:16:49 UTC 2011
>Originator:     Jeremy Chadwick
>Release:        FreeBSD 8.1-STABLE amd64
>Organization:
>Environment:
System: FreeBSD icarus.home.lan 8.1-STABLE FreeBSD 8.1-STABLE #0: Wed Sep 15 14:59:46 PDT 2010 root@icarus.home.lan:/usr/obj/usr/src/sys/X7SBA_RELENG_8_amd64 amd64
>Description:
	There's a long-standing issue that plagues both users and system administrators
	on FreeBSD: network services (named, ntpd, etc.) starting before the actual
	network layer is up and fully functional.  Monitoring link state according to
	ifconfig is not enough -- actual packet flow verification is needed.

	I've written a script along with the help of the community and Doug Barton
	to help alleviate this problem as best possible.  There are better solutions
	over the long-term, involving daemons which maintain/spawn services (think
	svcs(1) and svcadm(1M) on Solaris), but for now this should be sufficient.

	Original discussion thread:

	http://lists.freebsd.org/pipermail/freebsd-stable/2010-April/056400.html

	The script is in use by existing community users, and tested by a good number
	of people with complex network environments (dual NICs + vlan(4) + NAT) on
	both RELENG_7 and RELENG_8.  So far it has been used by placing the script
	into /usr/local/etc/rc.d followed by setting appropriate vars in /etc/rc.conf:

	http://jdc.parodius.com/freebsd/netwait

	Patches for rc.conf(5) man page and /etc/defaults/rc.conf:

	http://jdc.parodius.com/freebsd/netwait_patches/

	All of this should be reviewed by someone with familiarity with rc(8).
	Please CC Doug Barton <dougb@FreeBSD.org> as well.  Thanks!
>How-To-Repeat:
	n/a
>Fix:
	n/a
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->freebsd-rc 
Responsible-Changed-By: linimon 
Responsible-Changed-When: Wed Sep 29 16:31:31 UTC 2010 
Responsible-Changed-Why:  
Over to maintainer(s). 

http://www.freebsd.org/cgi/query-pr.cgi?pr=151063 
Responsible-Changed-From-To: freebsd-rc->dougb 
Responsible-Changed-By: dougb 
Responsible-Changed-When: Sat Jun 4 06:13:04 UTC 2011 
Responsible-Changed-Why:  

.... because I said I would ... 

http://www.freebsd.org/cgi/query-pr.cgi?pr=151063 
State-Changed-From-To: open->patched 
State-Changed-By: dougb 
State-Changed-When: Sun Jun 19 22:49:10 UTC 2011 
State-Changed-Why:  

Committed to HEAD as r223310. Will MFC prior to 8.3-RELEASE. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=151063 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: conf/151063: commit references a PR
Date: Sun, 19 Jun 2011 22:48:55 +0000 (UTC)

 Author: dougb
 Date: Sun Jun 19 22:48:40 2011
 New Revision: 223310
 URL: http://svn.freebsd.org/changeset/base/223310
 
 Log:
   Add the netwait rc.d script. It waits for the specified period for the
   network to become active.
   
   PR:		conf/151063
   Submitted by:	Jeremy Chadwick <freebsd@jdc.parodius.com>
 
 Modified:
   head/etc/defaults/rc.conf
   head/etc/rc.d/Makefile
   head/etc/rc.d/mountcritremote
   head/share/man/man5/rc.conf.5
 
 Modified: head/etc/defaults/rc.conf
 ==============================================================================
 --- head/etc/defaults/rc.conf	Sun Jun 19 22:08:55 2011	(r223309)
 +++ head/etc/defaults/rc.conf	Sun Jun 19 22:48:40 2011	(r223310)
 @@ -444,6 +444,13 @@ ubthidhci_enable="NO"		# Switch an USB B
  #ubthidhci_addr="2"		# Check usbconfig list to find the correct
  				# numbers for your system.
  
 +### Network link/usability verification options
 +netwait_enable="NO"		# Enable rc.d/netwait (or NO)
 +#netwait_ip=""			# IP addresses to be pinged by netwait.
 +netwait_timeout="60"		# Total number of seconds to perform pings.
 +#netwait_if=""			# Interface name to watch link state on.
 +netwait_if_timeout="30"		# Total number of seconds to monitor link state.
 +
  ### Miscellaneous network options: ###
  icmp_bmcastecho="NO"	# respond to broadcast ping packets
  
 
 Modified: head/etc/rc.d/Makefile
 ==============================================================================
 --- head/etc/rc.d/Makefile	Sun Jun 19 22:08:55 2011	(r223309)
 +++ head/etc/rc.d/Makefile	Sun Jun 19 22:48:40 2011	(r223310)
 @@ -22,7 +22,7 @@ FILES=	DAEMON FILESYSTEMS LOGIN NETWORKI
  	ldconfig local localpkg lockd lpd \
  	mixer motd mountcritlocal mountcritremote mountlate \
  	mdconfig mdconfig2 mountd moused mroute6d mrouted msgs \
 -	named natd netif netoptions \
 +	named natd netif netoptions netwait \
  	newsyslog nfsclient nfscbd nfsd \
  	nfsserver nfsuserd nisdomain nsswitch ntpd ntpdate \
  	othermta \
 
 Modified: head/etc/rc.d/mountcritremote
 ==============================================================================
 --- head/etc/rc.d/mountcritremote	Sun Jun 19 22:08:55 2011	(r223309)
 +++ head/etc/rc.d/mountcritremote	Sun Jun 19 22:48:40 2011	(r223310)
 @@ -4,7 +4,7 @@
  #
  
  # PROVIDE: mountcritremote
 -# REQUIRE: NETWORKING FILESYSTEMS cleanvar ipsec
 +# REQUIRE: NETWORKING FILESYSTEMS cleanvar ipsec netwait
  # KEYWORD: nojail
  
  . /etc/rc.subr
 
 Modified: head/share/man/man5/rc.conf.5
 ==============================================================================
 --- head/share/man/man5/rc.conf.5	Sun Jun 19 22:08:55 2011	(r223309)
 +++ head/share/man/man5/rc.conf.5	Sun Jun 19 22:48:40 2011	(r223310)
 @@ -24,7 +24,7 @@
  .\"
  .\" $FreeBSD$
  .\"
 -.Dd June 18, 2011
 +.Dd June 19, 2011
  .Dt RC.CONF 5
  .Os
  .Sh NAME
 @@ -4293,6 +4293,61 @@ Bus address of the USB Bluetooth control
  Check the output of
  .Xr usbconfig 8
  on your system to find this information.
 +.It Va netwait_enable
 +.Pq Vt bool
 +If set to
 +.Dq Li YES ,
 +delays the start of network-reliant services until
 +.Va netwait_if
 +is up and ICMP packets to a destination defined in
 +.Va netwait_ip
 +are flowing.
 +Link state is examined first, followed by
 +.Dq Li pinging
 +an IP address to verify network usability.
 +If no destination can be reached or timeouts are exceeded,
 +network services are started anyway with no guarantee that
 +the network is usable.
 +Use of this variable requires both
 +.Va netwait_ip
 +and
 +.Va netwait_if
 +to be set.
 +.It Va netwait_ip
 +.Pq Vt str
 +Empty by default.
 +This variable contains a space-delimited list of IP addresses to
 +.Xr ping 8 .
 +DNS hostnames should not be used as resolution is not guaranteed
 +to be functional at this point.
 +If multiple IP addresses are specified,
 +each will be tried until one is successful or the list is exhausted.
 +.It Va netwait_timeout
 +.Pq Vt int
 +Indicates the total number of seconds to perform a
 +.Dq Li ping
 +against each IP address in
 +.Va netwait_ip ,
 +at a rate of one ping per second.
 +If any of the pings are successful,
 +full network connectivity is considered reliable.
 +The default is 60.
 +.It Va netwait_if
 +.Pq Vt str
 +Empty by default.
 +Defines the name of the network interface on which watch for link.
 +.Xr ifconfig 8
 +is used to monitor the interface, looking for
 +.Dq Li status: no carrier .
 +Once gone, the link is considered up.
 +This can be a
 +.Xr vlan 4
 +interface if desired.
 +.It Va netwait_if_timeout
 +.Pq Vt int
 +Defines the total number of seconds to wait for link to become usable,
 +polled at a 1-second interval.
 +The default is 30.
  .El
  .Sh FILES
  .Bl -tag -width ".Pa /etc/defaults/rc.conf" -compact
 @@ -4364,6 +4419,7 @@ on your system to find this information.
  .Xr ntpdate 8 ,
  .Xr pfctl 8 ,
  .Xr pflogd 8 ,
 +.Xr ping 8 ,
  .Xr powerd 8 ,
  .Xr quotacheck 8 ,
  .Xr quotaon 8 ,
 _______________________________________________
 svn-src-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-src-all
 To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
 
State-Changed-From-To: patched->closed 
State-Changed-By: dougb 
State-Changed-When: Sat Jun 25 23:16:30 UTC 2011 
State-Changed-Why:  

MFCs complete. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=151063 
>Unformatted:
