[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Easy way to restart network

Tomas Kral wrote:
> What is the recommended and easy way to restart network subsystem on a
> desktop without need of rebooting the computer?

This has been a popular topic this week!

> On Lenny I used to, as admin, execute something like this,
> #!/bin/sh
> # restart network
> su -c'\
> modprobe -r cdc_ether;\
> modprobe cdc_ether;\
> cd /etc/init.d;\
> ./networking stop;\
> ./networking start;\
> ./arno-iptables-firewall restart;\
> cd -\
> '
> On Squeeze, it sometimes complains that eth1 device does not exist yet.
> My idea is to automate the task, and set a watchdog over ISP connection,
> and call a safe script when it drops to bring it up again.

You didn't show us how your /etc/network/interfaces is set up.  It
would be useful to know if you are using 'auto eth0' / 'auto eth1'
which I assume you are otherwise the networking stop and start would
not work, but it is still an assumption I have to make.  And without
that information it makes it hard to guess at your problem with eth1
not existing yet.  Please show us.

On Squeeze you should use the 'service' utility to operate on services
instead of calling them directly.  This is new in Squeeze and
addresses the problem of environment polution.  This doesn't in any
way change the way '/etc/init.d/service restart' works now but is an
improvement over it.  Since it is now available I recommend using it.

I would reorder the actions to remove the modules after having brought
down the interface.  I expect that is the problem.  Probably unloading
the module brings down the interface and there is a race between which
happens first.  At a guess.

You have backslashes at the end of every line.  But you have also
created a quoted string with semicolons.  In this case you don't need
to have quoted newline continuations.  I think it reads better without

You cd into /etc/init.d and then at the end of the script 'cd -' to
return and then exit.  The current working directory is a property of
the process and since the process is exiting immediately it is no
necessary to try to return before exiting.  So that 'cd -' can be

I would read this reference:


And in particular this section is very useful:


And then add 'allow-hotplug eth0' so that the interfaces are event
driven too.  Then use ifup and ifdown instead.

# restart network
su -c '
service networking stop;
modprobe -r cdc_ether;
sleep 1;
modprobe cdc_ether;
service networking start;
service arno-iptables-firewall restart;

I added a sleep 1 there because I have a system with an Intel chipset
and it has a vaguely similar problem.  I sometimes have to unload and
reload that module too.  I found that it was much more reliable if I
gave the system a few cycles between unloading and loading.  YMMV.

I would be inclined to set up sudo and /etc/sudoers so that this uses
sudo instead of su.  I find it a more convenient solution.  It would
turn this into a normal script instead of a script in the argument
list and then just sudo that script.  Again YMMV.

If you decide to try the ifup/ifdown route it would look like this.
As an advantage it would not cycle the eth0 network but just eth1.

# Call script with sudo.
ifdown eth1
modprobe -r cdc_ether
sleep 1
modprobe cdc_ether
ifup eth1
service arno-iptables-firewall restart

As further improvement possibilities, if you look in /etc/network/ you
will find a series of .d directories such as /etc/network/if-up.d/ and
in there scripts.  You could have the firewall script automatically
restart whenever the network comes online.

File something like /etc/network/if-up.d/local-firewall-restart:
# Restart firewall whenever the interface comes online.
case $IFACE in
  eth*) service arno-iptables-firewall restart ;;
exit 0

And then remove that from the other script because it will always happen.
Make sure to 'chmod a+x /etc/network/if-up.d/local-firewall-restart'
to make the script executable.

# Call script with sudo.
ifdown eth1
modprobe -r cdc_ether
sleep 1
modprobe cdc_ether
ifup eth1

I don't know if any of the above is a critical item.  But that is the
type of thinking I have about it.  Hope that helps.


Attachment: signature.asc
Description: Digital signature

Reply to: