[systemd-devel] [PATCH] networkd: don't touch global forwarding setting
Lennart Poettering
lennart at poettering.net
Tue Apr 28 10:36:36 PDT 2015
On Tue, 28.04.15 18:55, Benedikt Morbach (benedikt.morbach at googlemail.com) wrote:
> this inevitably leads to race conditions and also means that IPForward=yes on
> one interface is equivalent to setting it on _every_ interface.
> (except when it isn't, see below)
>
> Suppose you have two networks
>
> * /etc/systemd/network/eth0.network
> [Match]
> Name=eth0
>
> [Network]
> Address=10.0.0.1/24
> IPForward=yes
>
> * /etc/systemd/network/eth1.network
> [Match]
> Name=eth1
>
> [Network]
> Address=192.168.0.1/24
>
> Depending on which interface gets brought up first, the forwarding situation
> looks different.
> If eth0 gets brought up first, it enables forwarding for itself and globally.
> Then eth1 goes up and gets forwarding disabled as per the default.
> However, if eth0 comes up later, it will enable forwarding globally, so in this
> case both interfaces have forwarding enabled in the end.
Hmm? Not following?
If eth0 shows up first, then it will be configured, and thus the local
and global ip forwarding turned on. since the other interface hasn't
shown up yet/has not been configured the global setting doesn't matter
for it.
If eth1 shows up first, then it will be configured, and thus the local
ip forwaring turned off, the global is left untouched. Since the other
interface hasn't shown up yet/has not been configured the global
setting doesn't matter for it.
after both interfaces have been configured one will have local
forwarding on, one will have it off, and the global setting will be
on. so the right thing happened.
Hence, where is the problem you are trying to fix?
Lennart
--
Lennart Poettering, Red Hat
More information about the systemd-devel
mailing list