[systemd-devel] miredo unit files

[Henry Gebhardt]

Dear list members,

I have been maintaining a systemd overlay for Gentoo.  Hence i was
contacted about how to get miredo running with systemd.  I herefore
forward you the email, in the hope to get some help as to the proper
solution.  Please find the problem description and proposed solution
below.

Note that systemd-units refers to a temporary package that installs unit
files for various daemons.

On Thu, Jan 06, 2011 at 03:01:44PM +0500, Alexander E. Patrakov wrote:
> Please find attached the modified ebuild for net-misc/miredo and the 
> corresponding files. Note: it is not of the quality needed for 
> inclusion. This is sent for discussion purposes only.
> 
> Miredo provides IPv6 connectivity and thus it is IMHO logical for its 
> client service to be wanted by network.target. The server service (note: 
> completely untested, as I don't have a PC with two consecutive IPv4 
> addresses and native IPv6 connectivity) is wanted by multi-user.target 
> because it is just a network daemon.
> 
> This cannot go into systemd-units because of a patch that I think is 
> required for correctness. The problem that the patch intends to solve 
> happens to people who use the BindAddress directive in 
> /etc/miredo/miredo.conf. Note, however, that there is no such directive 
> by default.
> 
> I don't know the way to tell systemd "don't start miredo until the 
> system has the IP address specified in the BindAddress directive". So, 
> systemd starts miredo as soon as it thinks it can. If the address 
> specified in the BindAddress directive is missing at that point, miredo 
> fails. The patch prevents the failure by setting the IP_FREEBIND socket 
> option. So miredo doesn't exit right away, but instead fails to send the 
> initial packet and goes into the "retry after 100 seconds" mode. The 
> same happens without the patch if miredo is started before a route to 
> the default server appears.
> 
> So IPv6 connectivity appears not right after the boot, but 100 seconds 
> later. The constant 100 can be changed:
> 
> ./libteredo/maintain.c:static const unsigned RestartDelay = 100; // seconds
> 
> but I am not sure if it right to change it. Maybe it is completely wrong 
> to make miredo a service that is wanted by network.target, and instead 
> it should be started and stopped from dhcpcd or NetworkManager hooks. I 
> want your opinion on this matter.
> 
> Differences from the existing initscript:
> 
> 1) Foreground mode, because it is simpler
> 2) Removed the ability to pass custom parameters, because I found 
> nothing that is worth allowing the user to change:
> 
> -c config_file: would be useful if it made sense to run two teredo 
> tunnels in parallel. However, it doesn't make sense.
> -t or --chrootdir: requires custom setup (copying nss libraries) by the 
> user, likely to break after glibc upgrades.
> -u username or --user username: there is already a user named "miredo", 
> no reason to change this
> server_name: settable in the configuration file.
> 
> 
> -- 
> Alexander E. Patrakov

I didn't attach the ebuild as that is too Gentoo specific.

Thank you,

Henry
-------------- next part --------------
[Unit]
Description=Teredo IPv6 tunneling for Unix
After=syslog.target

[Service]
ExecStart=/usr/sbin/miredo -f

[Install]
WantedBy=network.target
-------------- next part --------------
diff -ur miredo-1.2.3.orig/libteredo/teredo.c miredo-1.2.3/libteredo/teredo.c
--- miredo-1.2.3.orig/libteredo/teredo.c	2011-01-06 11:19:42.000000000 +0500
+++ miredo-1.2.3/libteredo/teredo.c	2011-01-06 11:26:42.000000000 +0500
@@ -82,6 +82,15 @@
 
 	fcntl (fd, F_SETFD, FD_CLOEXEC);
 
+#ifdef IP_FREEBIND
+	/*
+	 * Required for race-free startup under systemd,
+	 * because the order of starting a network interface and miredo
+	 * is not guaranteed.
+	 */
+	setsockopt (fd, SOL_IP, IP_FREEBIND, &(int){ 1 }, sizeof (int));
+#endif
+
 	if (bind (fd, (struct sockaddr *)&myaddr, sizeof (myaddr)))
 	{
 		close (fd);
-------------- next part --------------
[Unit]
Description=Teredo IPv6 tunneling for Unix (server)
After=syslog.target network.target

[Service]
ExecStart=/usr/sbin/miredo-server -f

[Install]
WantedBy=multi-user.target