James Carlson ???: >Zhenghui Xie writes: > > >>milestone/network will be enabled fairly early by NWAM, actually once >>NWAM configure IP on any interface, milestone/network will be enabled >>and be online. >> >> > >Any? Does that include lo0? > > Not just lo0. It should be lo0 plus any not-loopback interface.
The current meaning of milestone/network is: " the service exists to ensure network security and basical network configuration are online before establishing listening sockets." Right now actually we cannot ganrantee security at milestone/network stage even though we say so. But after 6185380, IPsec will be some separate service(s) and should not depend on network. Then I think it can be fixed as such: IPsec service(s) don't depend on any network service. milestone/network depend on IPsec service(s) and network/loopback and milestone/network will be enabled by NWAM profile when NWAM reaches NWAM_IFF_RUNNING state. So after NWAM,(just my understanding) milestone/network means that the machine can safely talk to the outside world. -Jan
