Comments (4)
neocturne
commented on August 12, 2024
The on-establish hook is not run when renewing an existing connection; this is expected. Unfortunately is it sometimes necessary to tear down and recreate L2TP offload interfaces even for a renewal, as some settings can't be changed for existing L2TP interfaces.
For interface setup, use on-up, which is called each time an interface is created (and for each peer in TUN and Multi-TAP mode).
Note that on-up is currently not passed all environment variables that on-establish gets (in particular, no IP address and port information). This is unlikely to be an issue in practice, as this information is fairly useless with on-establish as well for anything but logging purposes, as addresses and ports may change without on-establish being called again...
from fastd.
mweinelt
commented on August 12, 2024
What would be the appropriate hook to clean up after disconnect/timeout? Thinking of setting link down, nomaster and removing the link, or is that entirely pointless?
The documentation on when these hooks are called is slightly unintuitive.
from fastd.
neocturne
commented on August 12, 2024
Hmm yes, I think some of the documentation predates the multi-interface modes of fastd and could use some updates and clarification...
The rules are:
- on-up is run just after the interface has been created, on-down just before the interface is removed
- In TUN and Multi-TAP mode, on-establish is normally run after on-up, and on-disestablish is run before on-down. However, additional on-down+on-up pairs can happen on renewal without further on-establish/on-disestablish when L2TP offloading is enabled - either because a new L2TP interface needs to be created to change tunnel configuration, or when switching between
null@l2tpand another method. - Each on-up call is eventually matched by an on-down and each on-establish by an on-disestablish
- With
persist interface no, a peer interface is removed as soon as its connection times out (or is disestablished for another reason)
on-down is usually the right place for cleanup, if there is anything that isn't cleaned up simply by the interface disappearing.
from fastd.
neocturne
commented on August 12, 2024
Maybe it would be a good idea to deprecate on-establish/on-disestablish in TUN and Multi-TAP modes to reduce confusion, and possibly extend peer-specific on-up/on-down to include the same environment as on-establish/on-disestablish currently do.
Edit: This only makes sense when persist interface no is also set
from fastd.
Related Issues (20)
- fastd 20 osx build failure
- Broken init script? HOT 4
- Android still supported? HOT 4
- fastd 22 build issue HOT 3
- Explain what fastd is HOT 1
- Any chance to get encryption over l2tp offloading? HOT 5
- Interface value null with offloaded null@l2tp in socket response
- OpenRC service management script HOT 3
- arp flood if forward enabled HOT 4
- Multipath optin using MP-DCCP with tunprox HOT 1
- No packets received on fastd interface HOT 2
- Keepalive mechanism HOT 5
- Best MTU for L2TPv3 mode with kernel offload? HOT 1
- Add VXLAN backend HOT 1
- Distributed peering HOT 3
- Question: Does fastd implement perfect forward secrecy? HOT 2
- request a new release HOT 1
- Enhancement: config: allow setting a file-path rather then the raw secret HOT 2
- Question: What does `dropping duplicate packet from` mean? HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from fastd.