Re: Routers with multiple "dirty" interfaces
On Wed, Dec 07, 2016 at 03:41:56PM +0000, Mark Morgan Lloyd wrote:
> My apologies for asking something here which is not strictly an ARM
> question, but I thought I'd run it past the local experts before raising my
> head in somewhere like LKML.
>
> I'm tinkering with some systems (mostly RPis with pukka "Jessie") for
> routing work, which have multiple "dirty" bearer interfaces with a tunnel to
> an ISP on top expected to use the route with the numerically-lowest metric.
>
> Potentially, the bearers come up and go down in an arbitrary sequence, with
> each event triggering a small number of iptables commands. When the first
> interface- whichever it is- comes up various table policies and global rules
> will be established, and when the last interface goes down the tables will
> be flushed to their default state. That raises two questions:
>
> a) Am I correct in believing that Debian's handling of
> /etc/network/interfaces is single-threaded (non-reentrant)?
>
> b) Is it safe to use /proc/sys/net/ipv4/ip_forward (and the various
> rp_filter and log_martians states) as counters?
>
> So far (b) appears to work, but I'm interested to know whether this is by
> design or by luck.
ip_forward is documented as simply 0 and not 0, so that seems safe
rp_filter is documented as having different behaviour for 0, 1 and 2,
so that one certainly can not be used as a counter.
log_martian is documented as true and false, so that is probably like
ip_forward.
Really only the kernel bnetwork developers could say for sure. Certainly
not in any way an arm related question, it is generic linux in general.
--
Len Sorensen
Reply to: