[oi-dev] Bug in smf_netstrategy ?

Jim Klimov jimklimov at cos.ru
Sat Nov 30 06:48:05 UTC 2013


On 2013-11-29 21:07, Peter Tribble wrote:
> Note that this is about network *boot*. This is how networking gets
> configured before the system is running, potentially before /usr
> is even mounted, etc. In normal circumstances once you've got a
> system booted, you hand over to something like nwam which
> manages the whole process. Zones always start having a fully
> functioning OS already in place, so quite a bit of the boot logic
> can be skipped for them.

Not quite. This is rather about *boot-time* configuration of networking.
And exclusive-IP zones are little different from the global zone, since
they have to manage their own IP stack, routing tables, firewalls, can
be DHCP clients, can be routers, etc. Other networking-setup scripts
process them the same way, the checks are for "shared" IP stack where
relevant (i.e. to start a dummy service of a looping long sleep just
so a service contract is fulfilled).

Shared-IP zones do indeed inherit pre-set NICs, plumbed and with IP
addresses, and inherit routing, so dynamic reconfiguration from inside
such a zone is not relevant, and use file-based naming service setup.

Also, at least to an extent, you can set up local zones to use split
roots with delegated datasets, as well. I did not separate /usr, but
many pieces of /var/* - quite well. This was very useful to migrate
systems from (Open)Solaris to OpenIndiana - replacing the zone OS
image from old to ips, and mounting the same delegated dataset with
some data, logs and application config, nifty ;) But that's offtopic.

You can "ggrep -l smf_netstrategy /lib/svc/method/*" to see that this
routine is called from:
/lib/svc/method/identity-node
/lib/svc/method/net-physical
/lib/svc/method/net-routing-setup
/lib/svc/method/net-svc
/lib/svc/method/sysidtool-net

For example, in net-svc we can find this:
#
# If our network configuration strategy is DHCP, check for DNS
# configuration parameters obtained from the DHCP server.
#
# Script execution starts here.
#
smf_netstrategy

if [ "$_INIT_NET_STRATEGY" = "dhcp" ]; then
         dnsservers=`get_dhcp_var DNSserv`
         dnsdomain=`get_dhcp_var DNSdmain`
else
         dnsservers=""
         dnsdomain=""
fi



And in net-routing-setup we see this:

# Note that the default router file is ignored if we received routes
# from a DHCP server.  Our policy is to always trust DHCP over local
# administration.
#
smf_netstrategy

if [ "$_INIT_NET_STRATEGY" = "dhcp" ] && \
     [ -n "`/sbin/dhcpinfo Router`" ]; then
         defrouters=`/sbin/dhcpinfo Router`
elif [ -f /etc/defaultrouter ]; then
...


In sysidtool-net:
     if [ smf_configure_ip -a "X$_INIT_NET_STRATEGY" != "Xdhcp" ] ; then
             system_configured
             if [ $? -eq 0 ] ; then
                     config_interfaces
             fi
     fi


In identity-node:
case "$_INIT_NET_STRATEGY" in
         "dhcp") hostname=`/sbin/dhcpinfo Hostname` ;;
         "rarp") hostname=`/sbin/hostconfig -h -p bootparams`
...


And only in net-physical it is indeed for enabling DHCP for systems
booted off the network (root is NFS/CacheFS):

#
# If the system was net booted by DHCP, hand DHCP management off to the
# DHCP agent (ifconfig communicates to the DHCP agent through the
# loopback interface).
#
if [ -n "$_INIT_NET_IF" -a "$_INIT_NET_STRATEGY" = "dhcp" ]; then
         /sbin/dhcpagent -a
fi


So, I have a gut feeling that the current implementation is wrong to
skip any and all zones regardless of IP stack type. In fact, commenting
away that blocker did help my zones get configs from DHCP (as mentioned
in that Wiki post); though I am still uncertain about other possible
consequences.

//Jim





More information about the oi-dev mailing list