On Wed, Dec 07, 2016 at 03:41:56PM +0000, Mark Morgan Lloyd wrote: > My apologies for asking something here which is not strictly an ARM > question, but I thought I'd run it past the local experts before raising my > head in somewhere like LKML. > > I'm tinkering with some systems (mostly RPis with pukka "Jessie") for > routing work, which have multiple "dirty" bearer interfaces with a tunnel to > an ISP on top expected to use the route with the numerically-lowest metric. > > Potentially, the bearers come up and go down in an arbitrary sequence, with > each event triggering a small number of iptables commands. When the first > interface- whichever it is- comes up various table policies and global rules > will be established, and when the last interface goes down the tables will > be flushed to their default state. That raises two questions: > > a) Am I correct in believing that Debian's handling of > /etc/network/interfaces is single-threaded (non-reentrant)? > > b) Is it safe to use /proc/sys/net/ipv4/ip_forward (and the various > rp_filter and log_martians states) as counters? > > So far (b) appears to work, but I'm interested to know whether this is by > design or by luck.
ip_forward is documented as simply 0 and not 0, so that seems safe rp_filter is documented as having different behaviour for 0, 1 and 2, so that one certainly can not be used as a counter. log_martian is documented as true and false, so that is probably like ip_forward. Really only the kernel bnetwork developers could say for sure. Certainly not in any way an arm related question, it is generic linux in general. -- Len Sorensen
