Use case: VPN client

martin f krafft madduck at debian.org
Wed May 9 17:13:41 UTC 2007 

also sprach Marcus Better <marcus at better.se> [2007.05.09.1901 +0200]:
> "User A can connect to the office with an IPsec tunnel. Whenever
> A is out of office and connects to the Internet, the tunnel is
> brought up automatically. If A connects directly to the office
> network, the tunnel is not needed."

Fair enough, although I think this might be a job for the VPN
client? Or rather some other layer, which if it detects the office
network just ups eth0, otherwise vpn0. Read on below...

> It doesn't matter which network interface is used to connect to
> the Internet. It can be sometimes eth0, or the wireless interface,
> or ppp0. So it doesn't make much sense to specify this
> per-interface in /etc/networks/interfaces. My current solution
> with if-up.d scripts is messy and ad hoc.

I want to solve this with dependencies. vpn0 pre-depends on
a default gateway, so try to configure network interfaces in
a defined order until you get a connection.

> The scripts could be done with upstart. All that is needed is
> a daemon that emits the appropriate events (unless upstart will
> have that functionality itself?), plus some scripts. The scripts
> can be provided by a netconf plugin that would permit some simple
> configuration mechanism.

So upstart can run scripts when it receives events but it has no
knowledge (yet) of network events?

What exactly does upstart provide that you think would be stupid to
reimplement?

netconf is supposed to be a small daemon that provides interfaces
for tools and users, incl. dbus etc., and which calls helper scripts
for pretty much everything else.

-- 
 .''`.   martin f. krafft <madduck at debian.org>
: :'  :  proud Debian developer, author, administrator, and user
`. `'`   http://people.debian.org/~madduck - http://debiansystem.info
  `-  Debian - when you have better things to do than fixing systems
 
"those who are faithful know only the trivial side of love:
 it is the faithless who know love's tragedies."
                                                        -- oscar wilde
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature (GPG/PGP)
Url : http://lists.alioth.debian.org/pipermail/netconf-devel/attachments/20070509/b721452a/attachment.pgp

More information about the netconf-devel mailing list