Comments (4)
The on-establish hook is not run when renewing an existing connection; this is expected. Unfortunately is it sometimes necessary to tear down and recreate L2TP offload interfaces even for a renewal, as some settings can't be changed for existing L2TP interfaces.
For interface setup, use on-up, which is called each time an interface is created (and for each peer in TUN and Multi-TAP mode).
Note that on-up is currently not passed all environment variables that on-establish gets (in particular, no IP address and port information). This is unlikely to be an issue in practice, as this information is fairly useless with on-establish as well for anything but logging purposes, as addresses and ports may change without on-establish being called again...
from fastd.
What would be the appropriate hook to clean up after disconnect/timeout? Thinking of setting link down, nomaster and removing the link, or is that entirely pointless?
The documentation on when these hooks are called is slightly unintuitive.
from fastd.
Hmm yes, I think some of the documentation predates the multi-interface modes of fastd and could use some updates and clarification...
The rules are:
- on-up is run just after the interface has been created, on-down just before the interface is removed
- In TUN and Multi-TAP mode, on-establish is normally run after on-up, and on-disestablish is run before on-down. However, additional on-down+on-up pairs can happen on renewal without further on-establish/on-disestablish when L2TP offloading is enabled - either because a new L2TP interface needs to be created to change tunnel configuration, or when switching between
null@l2tp
and another method. - Each on-up call is eventually matched by an on-down and each on-establish by an on-disestablish
- With
persist interface no
, a peer interface is removed as soon as its connection times out (or is disestablished for another reason)
on-down is usually the right place for cleanup, if there is anything that isn't cleaned up simply by the interface disappearing.
from fastd.
Maybe it would be a good idea to deprecate on-establish/on-disestablish in TUN and Multi-TAP modes to reduce confusion, and possibly extend peer-specific on-up/on-down to include the same environment as on-establish/on-disestablish currently do.
Edit: This only makes sense when persist interface no
is also set
from fastd.
Related Issues (20)
- fastd 20 osx build failure
- Broken init script? HOT 4
- Android still supported? HOT 4
- fastd 22 build issue HOT 3
- Explain what fastd is HOT 1
- Any chance to get encryption over l2tp offloading? HOT 5
- Interface value null with offloaded null@l2tp in socket response
- OpenRC service management script HOT 3
- arp flood if forward enabled HOT 4
- Multipath optin using MP-DCCP with tunprox HOT 1
- No packets received on fastd interface HOT 2
- Keepalive mechanism HOT 5
- Best MTU for L2TPv3 mode with kernel offload? HOT 1
- Add VXLAN backend HOT 1
- Distributed peering HOT 3
- Question: Does fastd implement perfect forward secrecy? HOT 2
- request a new release HOT 1
- Enhancement: config: allow setting a file-path rather then the raw secret HOT 2
- Question: What does `dropping duplicate packet from` mean? HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from fastd.