[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Proposal: Network configuration file format

On Wed, Aug 04, 1999 at 10:13:17AM +0200, Rene Mayrhofer wrote:
> Here is my proposal for a network configuration file format.

Hmmm. I suppose that's my cue.

Included in netbase 3.14-4 (and the short lived 3.14-3 too actually),
and currently available for i386, m68k and alpha, are a couple of
binaries "/sbin/ifup" and "/sbin/ifdown", and a configuration file

Note, this is existing, working, even partially tested (!) code.

It more or less works for standard ethernet based configs (hardcoded
addresses, bootp and pcmcia cards should all work; dhcp is a bit flakey),
coping with network routes under 2.0 and 2.2, and so on.

It should expand gracefully to support ipv6 and ipx, and should support
wacky networking via ax25 and stuff too.

It has some nominal support for schemes (add "scheme foo" before one
group of interfaces, and "scheme bar" before another and use "ifup -s
foo eth0" or "ifup -s bar eth0" to select which one you want), but I
have a feeling how it works probably needs to change.

The source is my second attempt at a literate program, so *theoretically*
you should be able to take the source to bed and read it and *enjoy* it,
but in reality... Well, YMMV.

If you download the source, and have a look at the *.defn files, you
should get some idea how to handle different address families (inet6, ipx,
or whatever). Patches to support some of those better would be welcome.

The two biggest changes I expect are support for logical interfaces
("extppp" which may turn out to be ppp1 sometimes instead of ppp0, or
similar) and schemes (I expect these two to influence each other); and I
expect the .defn format to become a little snazzier to make configuration
files more pleasant to write.

Actually, the other biggest change I expect is an "/etc/interface/up.d/"
directory for handling any services that need to be reconfigured/restarted
when interfaces change; for example proxy redirectors, bind, NFS mounts,

Anyway. Have a look at /etc/network/interfaces and play around. The "-v"
and "-n" (verbose, and no-act) will probably be useful. If you use "-n"
it'll tell you exactly what commands it would run.

Oh. For reference:

[aj@azure ~]$ cat /etc/init.d/network 
ifup -a
[aj@azure ~]$ _

(actually, I lie. I have some firewalling rules in there too)

Patches, proposals, praise and prestidigitation on any of the above is
quite welcome.

> 5.1 An example as I would use it for my home network:
> # The local network.
> network "internal" {
>   # The main connection to the internal network.
>   interface "eth0" { addressv4 }
>   # This is for testing apache's virtual server capabilities
>   interface "eth0:0" { addressv4 dhcp }
>   networkv4;
>   netmaskv4;
>   broadcastv4;
> }

scheme internal
iface eth0 inet4 static

iface eth0:0 inet4 dhcp
	# erm. I think. this may or may not work. Does dhcp over an
	# alias actually work?

> # a direct connection to a other local network that provides some services
> network "untrusted" {
>   interface "eth1" { addressv4 }
>   networkv4;
>   netmaskv4;

Is this what you mean? It's the same as ?

>   broadcastv4;

This also seems weird?

> }

scheme untrusted
iface eth1 inet static

> # For using Vmware's network capabilities.
> network "vmnet" {
>   interface "vmnet0" { addressv4 }
>   networkv4;
>   netmaskv4;
>   broadcastv4;
> }

(left as an exercise to the interested reader :)

> # The ISDN connection to the outside
> network "isdn" {
>   interface "isdn0" { 
>     addressv4;
>     ptpaddressv4;
>   }
>   networkv4;
>   netmaskv4;
>   arp false;
>   # A shell script sets this to true if I want automatic connections to
> be made
>   enabled false;
>   # Maybe we should put in the ISDN settings here too (telephone number,
>   # protocol, ...)
> }

I've never actually had the pleasure of setting up an ISDN interface. I
expect you'd want to write a special defn for it though, and have something

iface isdn0 inet isdn
    # whatever other parameters isdn takes

(use "ifup isdn0" by hand, instead of expecting it to come up as part of
/etc/init.d/network (ie, ifup -a))

> # The default route to the internet
> route default {
>   gatewayv4;
> }

        # in the appropriate iface block

> # Now some firewalling rules
> # masquerade the internal network to the internet, but do www access
> over a
> # (transparent) proxy on the local host

These I don't have at all. I'm not convinced they're *incredibly*

> rule { from "dialin" to "internet" masquerade }
> rule { from "dialin" to "internal" reject incoming }

These could be kind of cute, though.

a "I'll take `show you the code' for 100 points, please" j

Anthony Towns <aj@humbug.org.au> <http://azure.humbug.org.au/~aj/>
I don't speak for anyone save myself. PGP encrypted mail preferred.

 ``The thing is: trying to be too generic is EVIL. It's stupid, it 
        results in slower code, and it results in more bugs.''
                                        -- Linus Torvalds

Attachment: pgpMM1PXrKW7V.pgp
Description: PGP signature

Reply to: