On Wed, 17 Jun 2020 10:33:59 -0700 (PDT) Rodney W. Grimes
freebsd-...@gndrsh.dnsmgr.net said
>
> On (06/16/20 08:14), Rodney W. Grimes wrote:
>>Ok, well, I just thought of one and not sure if it is an issue or not,
>>doesng unbound have the ability to specify interfaces? If so those
>>may not exist until NETWORKING has run?
> >
>
> Unbound isn't really going to do anything useful without the network. I
> don't think it is unreasonable that it should depend on NETWORKING.
Well then the current setup for local_unbound is counter to that,
as it is BEFORE: NETWORKING
> I think we're in an edge case here and, perhaps, a better solution might
> be to have someone(tm) add in support in rc.conf to specify dependency
> overrides.
dns and configuration are a chicken/egg problem, not really an edge
case, and a person must make a decision as to how to deal with that.
>
> So, perhaps you could set:
>
> dhcpd_after="unbound"
>
> Which would factor into the rcorder processing and make sure that dhcpd
> starts after unbound.
>
> This would allow people to fine-tune things when they run into cases
> like this.
Even beside the unbound problem, this is a good idea. It would
fix my "I need ipfw before routing as without ipfw my ospf packets
get blocked and things take much longer to come up problem."
Honestly. I'm really inclined to agree with Rodney. rcorder should
really be a more fine-grained utility.
What about something like:
BEFORE: NETWORKING: pf
or
BEFORE: NETWORKING: ipfw
or
BEFORE: NETWORKING: unbound
etc, etc...
I think there *may* be a better direction. *But* this, at least
should be an easy direction to add with few repercussions. Yes?
> -r
>
> The idea that a daemon that depends on the network being functional
> >> > > >> On a related note, unbound rc script provides "unbound" service.
> >> > > >> I think that maybe it should provide something more generic such
> as "nameserver"
> >> > > >> or "dns-server" (not sure if there is an established name for
> that).
> >> > > >> The reason I am saying this is that, IMO, if unbound is replaced
> with some other
> >> > > >> name server implementation the rc dependency chains should stay
> the same.
> >> > > >
> >> > > > I do not see anything in the base system that uses unbound or
> local_unbound
> >> > > > service name, so this looks like it could be straightforward,
> though there
> >> > > > may be some ports that have use of this token.
> >> > > >
> >> > > > For the blue bikeshed I find that "server" is just noise in the
> token
> >> > > > and that "dns" already has "s" for system, so just "dns" is good
> with me :-)
> >> > >
> >> > > That's a good point.
> >>
> >> I don't agree. The term dns is too generic. People are often running
> >> dfferent nameservers on the same machine, as example: authoritative
> >> and nonauthoritative (e.g. nsd & unbound).
> >
>>Given examples by others your right, we can not put all of these
>>behind the knob "dns".
> >
> >> Regards,
> >> jaap
>>--
>>Rod Grimes
>rgri...@freebsd.org
>
> --
> Ryan Steinmetz
> PGP: 9079 51A3 34EF 0CD4 F228 EDC6 1EF8 BA6B D028 46D7
>
--
Rod Grimes
rgri...@freebsd.org
--Chris
_______________________________________________
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
