On 06/03/2016 11:23 PM, Rainer Weikusat wrote:
> This stop-modify-restart is a bit coarse-grained and it's also
> possible to do this manually without 'interface downtime' but there's
> no general interface for that: The sequence of commands will depend on
> both the running configuration and the desired configuration and has
> to be worked out beforehand and then executed. Considering that the
> modified interfaces file can be created before causing any side
> effects and then be swapped atomically via mv in between the down and
> the up, 'play nice with the system' is IMHO a better idea. Changing
> the stored configuration while the interface is up bound to cause
> trouble unless care is taken to ensure that this can be interrupted at
> any point (imagine a sudden power outage) with the system still
> remaining in or capable of returning to an operational state.
Yes, I 100% agree. Thank you for the detailed info.
I am trying to do it like that (using the interfaces file). However,
cdist has some limitations in it's default usage pattern regarding
"down-mod-up". Of course since it's connecting over the network, I need
to be careful what NICs go down and how they are reconfigured.
I think I've hit on something. Since I am adding containers (LXC) and
virtual network to the box, I think I will add an tap and bridge
interface to an /etc/network/interface.d/ file. If I use something like:
auto br0
iface br0 inet static
pre-up ip tuntap add dev tap0 mode tap
pre-up ip link set tap0 up
post-down ip link set tap0 down
post-down ip tuntap del dev tap0 mode tap
bridge_ports tap0
address 10.1.1.1
netmask 255.255.255.0
broadcast 10.1.1.255
And make sure there is the source /etc/network/interface.d/* line in the
interfaces file. Then route with iptables between the a physical NIC
(eth0 for example) and the virtual NIC (tap0) and have all the
containers connected to br0.
Are there any glaring problems with this setup?
Thanks everyone again for all the advice and explanations.
Simon
::
Re: [DNG] ifconfig vs ip
