I am using CentOS as a firewall/router. I am using bonded interfaces,
vlan interfaces, and bridge interfaces. My problem currently is that on
boot the system is attempting to activate the bridge interface before
it's bonded-vlan members have been created. What this means is that the
bridge is created but not activated.
Is there anyway for me to influence the activation order and have bridge
interfaces dealt with last?
there's probably a better way to do this, but what I've done in the past
is to create special firewall related kinda stuff like your'e describing
in my own script thats run quite late in the init sequence, usually from
rc2.d/S99myfirewall or even from /etc/rc.d/rc.local
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
11-30-2007, 04:03 PM
Matt Hyclak
network interface activation order
On Fri, Nov 30, 2007 at 08:51:50AM -0800, John R Pierce enlightened us:
> Graham Johnston wrote:
> >I am using CentOS as a firewall/router. I am using bonded interfaces,
> >vlan interfaces, and bridge interfaces. My problem currently is that on
> >boot the system is attempting to activate the bridge interface before
> >it's bonded-vlan members have been created. What this means is that the
> >bridge is created but not activated.
> >
> >Is there anyway for me to influence the activation order and have bridge
> >interfaces dealt with last?
> >
>
> there's probably a better way to do this, but what I've done in the past
> is to create special firewall related kinda stuff like your'e describing
> in my own script thats run quite late in the init sequence, usually from
> rc2.d/S99myfirewall or even from /etc/rc.d/rc.local
>
>
Yes, there is probably a better way. My initial thought was to set ONBOOT=no
for the bridge interfaces and then bring them up in an initscript or
rc.local later.
Looking at the network startup script (/etc/init.d/network), though, it
looks like you can probably achieve the same effect simply by renaming the
ifcfg-brX files to something like ifcfg-zbrX.
There is a loop to bring up interfaces that looks like:
# bring up all other interfaces configured to come up at boot time
for i in $interfaces; do
and $interfaces is set just above by listing all files starting with ifcfg
and snagging the end part (e.g. eth0 or br0).
The loop figures out what kind of configuration it needs by reading the
file, so I don't think it cares what it is named, as long as it is
ifcfg-something. By renaming bridges to ifcfg-zbrX, it will come after
ifcfg-vlanX and I think solve your problem.
That was work, time for lunch :-)
Matt
--
Matt Hyclak
Department of Mathematics
Department of Social Work
Ohio University
(740) 593-1263
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
11-30-2007, 04:15 PM
Graham Johnston
network interface activation order
On Fri, 2007-11-30 at 12:03 -0500, Matt Hyclak wrote:
> On Fri, Nov 30, 2007 at 08:51:50AM -0800, John R Pierce enlightened us:
> > Graham Johnston wrote:
> > >I am using CentOS as a firewall/router. I am using bonded interfaces,
> > >vlan interfaces, and bridge interfaces. My problem currently is that on
> > >boot the system is attempting to activate the bridge interface before
> > >it's bonded-vlan members have been created. What this means is that the
> > >bridge is created but not activated.
> > >
> > >Is there anyway for me to influence the activation order and have bridge
> > >interfaces dealt with last?
> > >
> >
> > there's probably a better way to do this, but what I've done in the past
> > is to create special firewall related kinda stuff like your'e describing
> > in my own script thats run quite late in the init sequence, usually from
> > rc2.d/S99myfirewall or even from /etc/rc.d/rc.local
> >
> >
>
> Yes, there is probably a better way. My initial thought was to set ONBOOT=no
> for the bridge interfaces and then bring them up in an initscript or
> rc.local later.
>
> Looking at the network startup script (/etc/init.d/network), though, it
> looks like you can probably achieve the same effect simply by renaming the
> ifcfg-brX files to something like ifcfg-zbrX.
>
> There is a loop to bring up interfaces that looks like:
>
> # bring up all other interfaces configured to come up at boot time
> for i in $interfaces; do
>
> and $interfaces is set just above by listing all files starting with ifcfg
> and snagging the end part (e.g. eth0 or br0).
>
> The loop figures out what kind of configuration it needs by reading the
> file, so I don't think it cares what it is named, as long as it is
> ifcfg-something. By renaming bridges to ifcfg-zbrX, it will come after
> ifcfg-vlanX and I think solve your problem.
>
> That was work, time for lunch :-)
>
> Matt
>
I have already attempted naming it ifcfg-xBrVoice with no success. For
me the interfaces load in the following order, where the bridge members
are bond0.198 and bond0.199.
Graham Johnston
Manager, Network Services
Westman Communications Group
204.571.7225
johnstong@westmancom.com
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
11-30-2007, 04:20 PM
Nicolas Thierry-Mieg
network interface activation order
Matt Hyclak wrote:
On Fri, Nov 30, 2007 at 08:51:50AM -0800, John R Pierce enlightened us:
Graham Johnston wrote:
I am using CentOS as a firewall/router. I am using bonded interfaces,
vlan interfaces, and bridge interfaces. My problem currently is that on
boot the system is attempting to activate the bridge interface before
it's bonded-vlan members have been created. What this means is that the
bridge is created but not activated.
Is there anyway for me to influence the activation order and have bridge
interfaces dealt with last?
there's probably a better way to do this, but what I've done in the past
is to create special firewall related kinda stuff like your'e describing
in my own script thats run quite late in the init sequence, usually from
rc2.d/S99myfirewall or even from /etc/rc.d/rc.local
Yes, there is probably a better way. My initial thought was to set ONBOOT=no
for the bridge interfaces and then bring them up in an initscript or
rc.local later.
Looking at the network startup script (/etc/init.d/network), though, it
looks like you can probably achieve the same effect simply by renaming the
ifcfg-brX files to something like ifcfg-zbrX.
There is a loop to bring up interfaces that looks like:
# bring up all other interfaces configured to come up at boot time
for i in $interfaces; do
and $interfaces is set just above by listing all files starting with ifcfg
and snagging the end part (e.g. eth0 or br0).
The loop figures out what kind of configuration it needs by reading the
file, so I don't think it cares what it is named, as long as it is
ifcfg-something. By renaming bridges to ifcfg-zbrX, it will come after
ifcfg-vlanX and I think solve your problem.
That was work, time for lunch :-)
Matt
I don't think so
the initial loop is not activating bridge and vlan:
if [ "$TYPE" = "Bridge" ]; then
bridgeinterfaces="$bridgeinterfaces $i"
continue
fi
if [ "${DEVICE%%.*}" != "$DEVICE" ] ; then
vlaninterfaces="$vlaninterfaces $i"
continue
fi
Then later:
for i in $vlaninterfaces $bridgeinterfaces ...
<snip a few lines>
action $"Bringing up interface $i: " ./ifup $i boot
So, it should be bringing up your vlan interfaces before the bridges
do you have
TYPE=Bridge
in your bridge ifcfg file?
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
11-30-2007, 05:03 PM
Graham Johnston
network interface activation order
On Fri, 2007-11-30 at 18:20 +0100, Nicolas Thierry-Mieg wrote:
>
> Matt Hyclak wrote:
> > On Fri, Nov 30, 2007 at 08:51:50AM -0800, John R Pierce enlightened us:
> >> Graham Johnston wrote:
> >>> I am using CentOS as a firewall/router. I am using bonded interfaces,
> >>> vlan interfaces, and bridge interfaces. My problem currently is that on
> >>> boot the system is attempting to activate the bridge interface before
> >>> it's bonded-vlan members have been created. What this means is that the
> >>> bridge is created but not activated.
> >>>
> >>> Is there anyway for me to influence the activation order and have bridge
> >>> interfaces dealt with last?
> >>>
> >> there's probably a better way to do this, but what I've done in the past
> >> is to create special firewall related kinda stuff like your'e describing
> >> in my own script thats run quite late in the init sequence, usually from
> >> rc2.d/S99myfirewall or even from /etc/rc.d/rc.local
> >>
> >>
> >
> > Yes, there is probably a better way. My initial thought was to set ONBOOT=no
> > for the bridge interfaces and then bring them up in an initscript or
> > rc.local later.
> >
> > Looking at the network startup script (/etc/init.d/network), though, it
> > looks like you can probably achieve the same effect simply by renaming the
> > ifcfg-brX files to something like ifcfg-zbrX.
> >
> > There is a loop to bring up interfaces that looks like:
> >
> > # bring up all other interfaces configured to come up at boot time
> > for i in $interfaces; do
> >
> > and $interfaces is set just above by listing all files starting with ifcfg
> > and snagging the end part (e.g. eth0 or br0).
> >
> > The loop figures out what kind of configuration it needs by reading the
> > file, so I don't think it cares what it is named, as long as it is
> > ifcfg-something. By renaming bridges to ifcfg-zbrX, it will come after
> > ifcfg-vlanX and I think solve your problem.
> >
> > That was work, time for lunch :-)
> >
> > Matt
> >
>
> I don't think so
>
> the initial loop is not activating bridge and vlan:
>
> if [ "$TYPE" = "Bridge" ]; then
> bridgeinterfaces="$bridgeinterfaces $i"
> continue
> fi
>
> if [ "${DEVICE%%.*}" != "$DEVICE" ] ; then
> vlaninterfaces="$vlaninterfaces $i"
> continue
> fi
>
> Then later:
> for i in $vlaninterfaces $bridgeinterfaces ...
> <snip a few lines>
> action $"Bringing up interface $i: " ./ifup $i boot
>
>
> So, it should be bringing up your vlan interfaces before the bridges
>
> do you have
> TYPE=Bridge
> in your bridge ifcfg file?
I had TYPE=bridge, and it very much so wants TYPE=Bridge.
thanks everyone for your help, it's working now.
Graham Johnston
Manager, Network Services
Westman Communications Group
204.571.7225
johnstong@westmancom.com
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
network interface activation order
