On Wed, Dec 07, 2016 at 03:41:56PM +0000, Mark Morgan Lloyd wrote:
My apologies for asking something here which is not strictly an ARM
question, but I thought I'd run it past the local experts before raising my
head in somewhere like LKML.
I'm tinkering with some systems (mostly RPis with pukka "Jessie") for
routing work, which have multiple "dirty" bearer interfaces with a tunnel to
an ISP on top expected to use the route with the numerically-lowest metric.
Potentially, the bearers come up and go down in an arbitrary sequence, with
each event triggering a small number of iptables commands. When the first
interface- whichever it is- comes up various table policies and global rules
will be established, and when the last interface goes down the tables will
be flushed to their default state. That raises two questions:
a) Am I correct in believing that Debian's handling of
/etc/network/interfaces is single-threaded (non-reentrant)?
b) Is it safe to use /proc/sys/net/ipv4/ip_forward (and the various
rp_filter and log_martians states) as counters?
So far (b) appears to work, but I'm interested to know whether this is by
design or by luck.
ip_forward is documented as simply 0 and not 0, so that seems safe
rp_filter is documented as having different behaviour for 0, 1 and 2,
so that one certainly can not be used as a counter.
log_martian is documented as true and false, so that is probably like
ip_forward.
Really only the kernel bnetwork developers could say for sure. Certainly
not in any way an arm related question, it is generic linux in general.