(resent from the right email address :P) On Tue, Jan 27, 2009 at 2:05 PM, Erik Nordmark <[email protected]> wrote: > Sebastien Roy wrote: > >>> Do we have examples of 3rd party software which invokes ifconfig to >>> change the IP configuration? >> >> Our punchin client and server are an example. > > Who is the 3rd party that wrote that? I thought it was us? ;-) > >> Panics and manually triggered reboots are two of my concerns. > > So let's figure out how to solve those, instead of trying to pretend > that 3rd party software doesn't have to undo the changes it does to the > running system. > > I don't think it is to hard to come up with a scheme for that while > letting the core of ipadm only do persistent object creation and properties. > > A possibility would be an undo log which is cleanup up on boot. If the > software invokes libdladm to create a temporary object (e.g., the IP > interface ip.tun0) then library would create a persistent object but > also add an entry to the cleanup log which takes care of deleting it on > reboot (should the application forgot). > > If there are dependencies on the object when you reboot, for instance > the admin having set some property on the object using ipadm (which > wouldn't add to the cleanup log), then when the cleanup log is run we > can choose (poilcy) whether to blow away the property setting and the > object, or leave the object in place. > > I think that approach is simpler for the admin (the admin would not have > to worry about anything but persistent configuration), and handles > applications which desire an implicit cleanup on reboot.
Don't forget high availability software. I'm not sure how Sun cluster handles it, but Veritas Cluster Server obviously has to use ifconfig to add and remove IP addresses associated with a service. While administrator-initiated failover of services wouldn't present an issue (since an orderly shutdown and removal of the IP address can be done), most places presumably but it to auto-restart services on other nodes when there is a node failure. In that case, having the repaired node restart with the service IP address wouldn't be a very popular behavior. _______________________________________________ networking-discuss mailing list [email protected]
