rc(8) script -- waiting for the network to become usable

Jeremy Chadwick freebsd at jdc.parodius.com
Mon Apr 26 16:46:22 UTC 2010


On Mon, Apr 26, 2010 at 09:00:07AM -0700, Julian Elischer wrote:
> On 4/26/10 1:08 AM, Jeremy Chadwick wrote:
> >Foremost, sorry for the cross-post, but more eyes in this case means
> >overall more discussion.  Secondly, please keep me CC'd as I'm not on
> >either -rc or -net.
> >
> >I recently proposed addition of a new script to the rc framework which
> >verifies (using ping) that layer 3 network connectivity is up/functional
> >before continuing on with daemons which require network access:
> 
> a down side is that you can't boot if some OTHER machine is not up.

The boot-up process will still continue regardless if the ping check
passed or failed.  It just means that daemons/services attempting to use
the network and *expect* connectivity to work may not function
correctly (meaning: they'll behave just like they already do.  ;-) )

I indirectly tried to cover the "if some other machine is not up" point
in my initial post on -stable:

  "1) This script requires the $waitnetwork_ip box/router/whatever respond
  to ICMP ECHO requests.  Please do not bikeshed on this point; we need
  something that works, and this requirement shouldn't be that bad to deal
  with (firewall/ACL-wise).  For most folks (co-located in particular),
  this could be your default gateway, but you can use whatever you want."

It would be possible to extend the script to loop through multiple IPs
specified in $waitnetwork_ip (space-delimited); the first one to cause
ping to exit with code 0 (ICMP ECHO reply seen) would therefore deem the
network usable and continue on.

> >http://lists.freebsd.org/pipermail/freebsd-stable/2010-April/056400.html
> >
> >The overall response was positive, with full acknowledgement that this
> >is indeed a hack -- yet necessary -- and that something more appropriate
> >could probably be introduced into the base system to provide a much
> >cleaner solution (launchd was mentioned).
> 
> there does need to be some dependency tracking to do with networks.
> maybe there acn be a selection of ways to pass that milestone..
> 
> (carrier detect, ping, incoming packets non-0) etc.
> my favourite is:
> 
> INPUT_PACKETS=`netstat -i | awk "/${IP}/"'{print $5}'`
> if [ -n "${INPUT_PACKETS}" -a "${INPUT_PACKETS}" != "0" ]
> them
>     echo  "It's UP!"
> fi

This isn't the same thing as doing a ping check though.  As I understand
it, netstat -i shows you how many Ethernet packets have been seen --
that includes ARP.  The intended goal of the script is to verify that a
usable network connection exists -- usable in this case means "whatever
host you device in $waitnetwork_ip responds to ICMP".  If this is an
Internet host (e.g. 4.2.2.1), then said IP responding to ICMP would
indicate Internet connectivity is available.

I think most users would fall into the latter class, not the "I want to
verify my LAN connectivity is up and working, except the other box on my
LAN is powered off..." class.

Basically what I'm saying is that I fully acknowledge there's no
absolute 100% failsafe method that's going to work for every single
user's environment.  My script's goal isn't to address every single
problem/scenario -- just the most common one, and one I (we?) server
administrators deal with regularly.

-- 
| Jeremy Chadwick                                   jdc at parodius.com |
| Parodius Networking                       http://www.parodius.com/ |
| UNIX Systems Administrator                  Mountain View, CA, USA |
| Making life hard for others since 1977.              PGP: 4BD6C0CB |



More information about the freebsd-net mailing list