Hi,
I stumbled into this when I was searching for an error in my vlan and bridge-config and want to start a discussion about if this should be changed or not.
The zoneconf.cgi contains the following code-snippet:
# Name the physical NICs # Even though they may not be really named like this, we will name them ethX or wlanX my $ethcount = 0; my $wlancount = 0;
foreach (@nics) { my $nic = $_->[1];
if (-e "/sys/class/net/$nic/wireless") { $_->[1] = "wlan$wlancount"; $_->[2] = 1; $wlancount++; } else { $_->[1] = "eth$ethcount"; $ethcount++; } }
This renames all the nics to ethX or wlanX for the WUI. When you use any commandline tool (e.g ip addr or brctl show) the names of the NICs will mismatch with the ones shown in the WUI. Same for the assigened VLAN-IDs.
For example, one of my setups:
- WUI name --> real name - eth0 --> red0 - eth1 --> eth1 - eth2 --> orange0 - wlan0 --> blue0 - wlan1 --> wlan1
What is the goal of doing this? I personally think this is more confusing than useful. I would prefer to not rename the NICs. What do you think?
I attached a patch to change the naming back to the real names. Please decide to merge it or not, depending on where the discussion ends.
Secondly I created a patch to add the current output of "brctl show" and "ip addr" to the zoneconfig page. It's quite useful to have this by the hand without having to open a shell sometimes.
Regards, Alex
Alex Koch (2): zoneconf: Show real names of NICs in the WUI zoneconf: Add status output of "brctl show" and "ip addr"
html/cgi-bin/zoneconf.cgi | 34 ++++++++++++++++++++++++---------- langs/de/cgi-bin/de.pl | 5 ++++- langs/en/cgi-bin/en.pl | 5 ++++- 3 files changed, 32 insertions(+), 12 deletions(-)
-- 2.17.1
Currently the real names of all NICs are changed to ethX and wlanX in the WUI. This is confusing, because command line tools like ip or brctl print out the real names.
Signed-off-by: Alex Koch ipfire@starkstromkonsument.de --- html/cgi-bin/zoneconf.cgi | 11 +---------- 1 file changed, 1 insertion(+), 10 deletions(-)
diff --git a/html/cgi-bin/zoneconf.cgi b/html/cgi-bin/zoneconf.cgi index 6b8642818..bb24347df 100644 --- a/html/cgi-bin/zoneconf.cgi +++ b/html/cgi-bin/zoneconf.cgi @@ -144,21 +144,12 @@ closedir($dh);
@nics = sort {$a->[0] cmp $b->[0]} @nics; # Sort nics by their MAC address
-# Name the physical NICs -# Even though they may not be really named like this, we will name them ethX or wlanX -my $ethcount = 0; -my $wlancount = 0; - foreach (@nics) { my $nic = $_->[1];
+ # Test if NIC is a wireless interface to disable VLAN-Option in Dropdown if (-e "/sys/class/net/$nic/wireless") { - $_->[1] = "wlan$wlancount"; $_->[2] = 1; - $wlancount++; - } else { - $_->[1] = "eth$ethcount"; - $ethcount++; } }
Signed-off-by: Alex Koch ipfire@starkstromkonsument.de --- html/cgi-bin/zoneconf.cgi | 23 +++++++++++++++++++++++ langs/de/cgi-bin/de.pl | 5 ++++- langs/en/cgi-bin/en.pl | 5 ++++- 3 files changed, 31 insertions(+), 2 deletions(-)
diff --git a/html/cgi-bin/zoneconf.cgi b/html/cgi-bin/zoneconf.cgi index bb24347df..71b5c1550 100644 --- a/html/cgi-bin/zoneconf.cgi +++ b/html/cgi-bin/zoneconf.cgi @@ -97,6 +97,10 @@ my $css = <<END width: 4em; }
+ p.notice { + color: red; + } + #submit-container { width: 100%; padding-top: 20px; @@ -456,5 +460,24 @@ END ### END OF TABLE ###
&Header::closebox(); + +&Header::openbox('100%', 'left', $Lang::tr{"zoneconf brctl show"}); +print <<END + <p class="notice">$Lang::tr{"zoneconf notice uptodate"}</p> +END +; +my $br_config = `brctl show`; +print "<pre>$br_config</pre>"; +&Header::closebox(); + +&Header::openbox('100%', 'left', $Lang::tr{"zoneconf ip addr"}); +print <<END + <p class="notice">$Lang::tr{"zoneconf notice uptodate"}</p> +END +; +my $if_config = `ip addr`; +print "<pre>$if_config</pre>"; +&Header::closebox(); + &Header::closebigbox(); &Header::closepage(); diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl index 2e67e495f..363f11213 100644 --- a/langs/de/cgi-bin/de.pl +++ b/langs/de/cgi-bin/de.pl @@ -1,4 +1,4 @@ -%tr = ( +%tr = ( %tr,
'24 hours' => '24 Stunden', @@ -2905,11 +2905,14 @@ 'zoneconf access native' => 'Nativ', 'zoneconf access none' => 'Keine', 'zoneconf access vlan' => 'VLAN', +'zoneconf brctl show' => 'Status: Netzwerkbrücken', +'zoneconf ip addr' => 'Status: Netzwerkkarten', 'zoneconf nic assignment' => 'Netzwerkkartenzuordnung', 'zoneconf nicmode bridge' => 'Brücke', 'zoneconf nicmode default' => 'Normal', 'zoneconf nicmode macvtap' => 'MacVTap', 'zoneconf notice reboot' => 'Bitte einen Neustart durchführen, um die Änderungen zu übernehmen.', +'zoneconf notice uptodate' => 'ACHTUNG: Falls Änderungen an der Netzwerkkartenzuordnung vorgenommen wurden, werden diese hier erst nach einem Neustart angezeigt!', 'zoneconf title' => 'Zonen einrichten', 'zoneconf val native assignment error' => 'Eine Netzwerkkarte kann nicht von mehreren Zonen nativ verwendet werden.', 'zoneconf val ppp assignment error' => 'Die Netzwerkkarte, die von RED im PPP-Modus verwendet wird, kann keiner anderen Zone zugeordnet werden.', diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index 8b7e63cb8..d440d0528 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -1,4 +1,4 @@ -%tr = ( +%tr = ( %tr,
'24 hours' => '24 Hours', @@ -2951,11 +2951,14 @@ 'zoneconf access native' => 'Native', 'zoneconf access none' => 'None', 'zoneconf access vlan' => 'VLAN', +'zoneconf brctl show' => 'Status: Bridges', +'zoneconf ip addr' => 'Status: Interfaces', 'zoneconf nic assignment' => 'NIC Assignment', 'zoneconf nicmode bridge' => 'Bridge', 'zoneconf nicmode default' => 'Default', 'zoneconf nicmode macvtap' => 'MacVTtap', 'zoneconf notice reboot' => 'Please reboot to apply your changes.', +'zoneconf notice uptodate' => 'Attention: If you changed your NIC Assignment, a reboot is required for the changes to be shown!', 'zoneconf title' => 'Zone Configuration', 'zoneconf val native assignment error' => 'A NIC cannot be accessed natively by more than one zone.', 'zoneconf val ppp assignment error' => 'The NIC used for RED in PPP mode cannot be accessed by any other zone.',
Hi Alex,
your point is absolutely correct, however there's some thought behind this: as the udev rules rename the physical interfaces to <zone>0 when the interface accesses the zone directly, it could be quite confusing if the interface is named orange0 for example and you want to assign it to blue in the CGI, even though it would work fine. What do you think?
Regards Florian
Gesendet von ProtonMail mobile
-------- Original-Nachricht -------- An 3. Sep. 2019, 23:46, Alex Koch schrieb:
Hi,
I stumbled into this when I was searching for an error in my vlan and bridge-config and want to start a discussion about if this should be changed or not.
The zoneconf.cgi contains the following code-snippet:
# Name the physical NICs # Even though they may not be really named like this, we will name them ethX or wlanX my $ethcount = 0; my $wlancount = 0;
foreach (@nics) { my $nic = $_->[1];
if (-e "/sys/class/net/$nic/wireless") { $_->[1] = "wlan$wlancount"; $_->[2] = 1; $wlancount++; } else { $_->[1] = "eth$ethcount"; $ethcount++; } }
This renames all the nics to ethX or wlanX for the WUI. When you use any commandline tool (e.g ip addr or brctl show) the names of the NICs will mismatch with the ones shown in the WUI. Same for the assigened VLAN-IDs.
For example, one of my setups:
- WUI name --> real name
- eth0 --> red0
- eth1 --> eth1
- eth2 --> orange0
- wlan0 --> blue0
- wlan1 --> wlan1
What is the goal of doing this? I personally think this is more confusing than useful. I would prefer to not rename the NICs. What do you think?
I attached a patch to change the naming back to the real names. Please decide to merge it or not, depending on where the discussion ends.
Secondly I created a patch to add the current output of "brctl show" and "ip addr" to the zoneconfig page. It's quite useful to have this by the hand without having to open a shell sometimes.
Regards, Alex
Alex Koch (2): zoneconf: Show real names of NICs in the WUI zoneconf: Add status output of "brctl show" and "ip addr"
html/cgi-bin/zoneconf.cgi | 34 ++++++++++++++++++++++++---------- langs/de/cgi-bin/de.pl | 5 ++++- langs/en/cgi-bin/en.pl | 5 ++++- 3 files changed, 32 insertions(+), 12 deletions(-)
-- [2.17.1](tel:2171)
Hi,
I agree with both of you :)
Showing the “old” names is confusing. Numbering them again is also not helpful.
Is it better if we do not show any device name at all? Nobody needs that to decide which NIC is being assigned to what zone, right?
-Michael
On 4 Sep 2019, at 07:49, Florian Bührle erdlof@protonmail.com wrote:
Hi Alex,
your point is absolutely correct, however there's some thought behind this: as the udev rules rename the physical interfaces to <zone>0 when the interface accesses the zone directly, it could be quite confusing if the interface is named orange0 for example and you want to assign it to blue in the CGI, even though it would work fine. What do you think?
Regards Florian
Gesendet von ProtonMail mobile
-------- Original-Nachricht -------- An 3. Sep. 2019, 23:46, Alex Koch schrieb:
Hi,
I stumbled into this when I was searching for an error in my vlan and bridge-config and want to start a discussion about if this should be changed or not.
The zoneconf.cgi contains the following code-snippet:
# Name the physical NICs # Even though they may not be really named like this, we will name them ethX or wlanX my $ethcount = 0; my $wlancount = 0;
foreach (@nics) { my $nic = $_->[1];
if (-e "/sys/class/net/$nic/wireless") { $_->[1] = "wlan$wlancount"; $_->[2] = 1; $wlancount++; } else { $_->[1] = "eth$ethcount"; $ethcount++; } }
This renames all the nics to ethX or wlanX for the WUI. When you use any commandline tool (e.g ip addr or brctl show) the names of the NICs will mismatch with the ones shown in the WUI. Same for the assigened VLAN-IDs.
For example, one of my setups:
- WUI name --> real name
- eth0 --> red0
- eth1 --> eth1
- eth2 --> orange0
- wlan0 --> blue0
- wlan1 --> wlan1
What is the goal of doing this? I personally think this is more confusing than useful. I would prefer to not rename the NICs. What do you think?
I attached a patch to change the naming back to the real names. Please decide to merge it or not, depending on where the discussion ends.
Secondly I created a patch to add the current output of "brctl show" and "ip addr" to the zoneconfig page. It's quite useful to have this by the hand without having to open a shell sometimes.
Regards, Alex
Alex Koch (2): zoneconf: Show real names of NICs in the WUI zoneconf: Add status output of "brctl show" and "ip addr"
html/cgi-bin/zoneconf.cgi | 34 ++++++++++++++++++++++++---------- langs/de/cgi-bin/de.pl | 5 ++++- langs/en/cgi-bin/en.pl | 5 ++++- 3 files changed, 32 insertions(+), 12 deletions(-)
-- 2.17.1
Hi Florian,
in the case you describe, the zone orange is of type normal and it has one NIC assigend as native. This results in that NIC beeing named orange0. Is this correct so far?
You can not assign multiple zones to one native NIC. If you want to add orange0, to the blue zone, you can only do this as a VLAN and blue has to be of type bridge. This will result in an additional interface named orange0.<VLAN-ID> that is part of the bridge blue0. This offers the blue zone available as <VLAN-ID> in the orange zone. Do you agree?
To me this is the expected behaviour. I personally don't mind the NIC being named orange0 in that case. I attached some screenshots and added the real names of the NICs to the table in brackets to illustrate this (including my patch for brctl show and ip addr).
My example (IPFire running in a VirtualBox) offers another issue: the real and the new names of the NICs even have different numbers. I don't know why this happens. I thought the zoneconf.cgi and udev both sort the NICs by their MAC-Addresses and start with 0?
Michael, I would not show no names at all. Just keep the real device names in the WebUI. People need them whenever they are searching for errors or want to analyse something e.g. with tcpdump. Some people label their cases with the names. Monitoring systems also show the real names as returned by the system.
To me, the best solution would be running all zones as bridges per default. But this is something that will be addressed in IPFire 3.x anyway so I wouldn't invest any time in changing this for 2.x ... touching this might break other things and turn out to be an exhausting task. I accidentally changed the type of the red zone to bridged on my testing machine (static IP) and broke the zone that way. I didn't find the cause of this though ...
Regards, Alex
-------- Original Message -------- From: Michael Tremer [mailto:michael.tremer@ipfire.org] Sent: Thursday, 5 September 2019, 11:27 CEST To: Florian Bührle erdlof@protonmail.com Cc: ipfire@starkstromkonsument.de, development@lists.ipfire.org development@lists.ipfire.org Subject: [PATCH 0/2] zonconf: replace the nic-names with eth... and wlan... or not?
Hi,
I agree with both of you :)
Showing the “old” names is confusing. Numbering them again is also not helpful.
Is it better if we do not show any device name at all? Nobody needs that to decide which NIC is being assigned to what zone, right?
-Michael
On 4 Sep 2019, at 07:49, Florian Bührle erdlof@protonmail.com wrote:
Hi Alex,
your point is absolutely correct, however there's some thought behind this: as the udev rules rename the physical interfaces to <zone>0 when the interface accesses the zone directly, it could be quite confusing if the interface is named orange0 for example and you want to assign it to blue in the CGI, even though it would work fine. What do you think?
Regards Florian
Gesendet von ProtonMail mobile
-------- Original-Nachricht -------- An 3. Sep. 2019, 23:46, Alex Koch schrieb:
Hi,
I stumbled into this when I was searching for an error in my vlan and bridge-config and want to start a discussion about if this should be changed or not.
The zoneconf.cgi contains the following code-snippet:
# Name the physical NICs # Even though they may not be really named like this, we will name them ethX or wlanX my $ethcount = 0; my $wlancount = 0;
foreach (@nics) { my $nic = $_->[1];
if (-e "/sys/class/net/$nic/wireless") { $_->[1] = "wlan$wlancount"; $_->[2] = 1; $wlancount++; } else { $_->[1] = "eth$ethcount"; $ethcount++; } }
This renames all the nics to ethX or wlanX for the WUI. When you use any commandline tool (e.g ip addr or brctl show) the names of the NICs will mismatch with the ones shown in the WUI. Same for the assigened VLAN-IDs.
For example, one of my setups:
- WUI name --> real name - eth0 --> red0 - eth1 --> eth1 - eth2 --> orange0 - wlan0 --> blue0 - wlan1 --> wlan1
What is the goal of doing this? I personally think this is more confusing than useful. I would prefer to not rename the NICs. What do you think?
I attached a patch to change the naming back to the real names. Please decide to merge it or not, depending on where the discussion ends.
Secondly I created a patch to add the current output of "brctl show" and "ip addr" to the zoneconfig page. It's quite useful to have this by the hand without having to open a shell sometimes.
Regards, Alex
Alex Koch (2): zoneconf: Show real names of NICs in the WUI zoneconf: Add status output of "brctl show" and "ip addr"
html/cgi-bin/zoneconf.cgi | 34 ++++++++++++++++++++++++---------- langs/de/cgi-bin/de.pl | 5 ++++- langs/en/cgi-bin/en.pl | 5 ++++- 3 files changed, 32 insertions(+), 12 deletions(-)
-- 2.17.1
Hi,
On 7 Sep 2019, at 23:55, Alexander Koch ipfire@starkstromkonsument.de wrote:
Hi Florian,
in the case you describe, the zone orange is of type normal and it has one NIC assigend as native. This results in that NIC beeing named orange0. Is this correct so far?
You can not assign multiple zones to one native NIC. If you want to add orange0, to the blue zone, you can only do this as a VLAN and blue has to be of type bridge. This will result in an additional interface named orange0.<VLAN-ID> that is part of the bridge blue0. This offers the blue zone available as <VLAN-ID> in the orange zone. Do you agree?
blue0 could still be the VLAN device piggy-backing on orange0. There is no bridge required.
To me this is the expected behaviour. I personally don't mind the NIC being named orange0 in that case. I attached some screenshots and added the real names of the NICs to the table in brackets to illustrate this (including my patch for brctl show and ip addr).
My example (IPFire running in a VirtualBox) offers another issue: the real and the new names of the NICs even have different numbers. I don't know why this happens. I thought the zoneconf.cgi and udev both sort the NICs by their MAC-Addresses and start with 0?
No, udev initialised the NICs in the order they come up by the kernel.
That could differ from reboot to reboot if you have a NIC where the firmware is already loaded and so on. That is why we cannot depend on NIC names.
Michael, I would not show no names at all. Just keep the real device names in the WebUI. People need them whenever they are searching for errors or want to analyse something e.g. with tcpdump. Some people label their cases with the names. Monitoring systems also show the real names as returned by the system.
People who are on the console dealing with tcpdump are on their own and hopefully know how to find the correct NIC. I do not think that the webUI should be accommodating too much for this use-case. However, showing incorrect names is not good either.
If we show the current names you will have a page where “orange0” is configured as “green0” which I also find rather confusing.
So that leaves us with showing the vendor and model of the NIC?
To me, the best solution would be running all zones as bridges per default. But this is something that will be addressed in IPFire 3.x anyway so I wouldn't invest any time in changing this for 2.x ... touching this might break other things and turn out to be an exhausting task. I accidentally changed the type of the red zone to bridged on my testing machine (static IP) and broke the zone that way. I didn't find the cause of this though …
That also has downsides. We do it in IPFire 3, but the whole network architecture is based on a hotpluggable network that changes all the time. IPFire 2 is simply not designed for this and we will break a lot of things to make this happen.
Best, -Michael
Regards, Alex
-------- Original Message -------- From: Michael Tremer [mailto:michael.tremer@ipfire.org] Sent: Thursday, 5 September 2019, 11:27 CEST To: Florian Bührle erdlof@protonmail.com Cc: ipfire@starkstromkonsument.de, development@lists.ipfire.org development@lists.ipfire.org Subject: [PATCH 0/2] zonconf: replace the nic-names with eth... and wlan... or not?
Hi,
I agree with both of you :)
Showing the “old” names is confusing. Numbering them again is also not helpful.
Is it better if we do not show any device name at all? Nobody needs that to decide which NIC is being assigned to what zone, right?
-Michael
On 4 Sep 2019, at 07:49, Florian Bührle erdlof@protonmail.com wrote:
Hi Alex,
your point is absolutely correct, however there's some thought behind this: as the udev rules rename the physical interfaces to <zone>0 when the interface accesses the zone directly, it could be quite confusing if the interface is named orange0 for example and you want to assign it to blue in the CGI, even though it would work fine. What do you think?
Regards Florian
Gesendet von ProtonMail mobile
-------- Original-Nachricht -------- An 3. Sep. 2019, 23:46, Alex Koch schrieb:
Hi,
I stumbled into this when I was searching for an error in my vlan and bridge-config and want to start a discussion about if this should be changed or not.
The zoneconf.cgi contains the following code-snippet:
# Name the physical NICs # Even though they may not be really named like this, we will name them ethX or wlanX my $ethcount = 0; my $wlancount = 0;
foreach (@nics) { my $nic = $_->[1];
if (-e "/sys/class/net/$nic/wireless") { $_->[1] = "wlan$wlancount"; $_->[2] = 1; $wlancount++; } else { $_->[1] = "eth$ethcount"; $ethcount++; } }
This renames all the nics to ethX or wlanX for the WUI. When you use any commandline tool (e.g ip addr or brctl show) the names of the NICs will mismatch with the ones shown in the WUI. Same for the assigened VLAN-IDs.
For example, one of my setups:
- WUI name --> real name
- eth0 --> red0
- eth1 --> eth1
- eth2 --> orange0
- wlan0 --> blue0
- wlan1 --> wlan1
What is the goal of doing this? I personally think this is more confusing than useful. I would prefer to not rename the NICs. What do you think?
I attached a patch to change the naming back to the real names. Please decide to merge it or not, depending on where the discussion ends.
Secondly I created a patch to add the current output of "brctl show" and "ip addr" to the zoneconfig page. It's quite useful to have this by the hand without having to open a shell sometimes.
Regards, Alex
Alex Koch (2): zoneconf: Show real names of NICs in the WUI zoneconf: Add status output of "brctl show" and "ip addr"
html/cgi-bin/zoneconf.cgi | 34 ++++++++++++++++++++++++---------- langs/de/cgi-bin/de.pl | 5 ++++- langs/en/cgi-bin/en.pl | 5 ++++- 3 files changed, 32 insertions(+), 12 deletions(-)
-- 2.17.1
<190907_florians_example.png><190907_no_bridges.png><190908_all_bridges.png>
Hi,
-------- Ursprüngliche Nachricht -------- Von: Michael Tremer [mailto:michael.tremer@ipfire.org] Gesendet: Montag, 9. September 2019, 17:04 MESZ An: Alexander Koch ipfire@starkstromkonsument.de Cc: Florian Bührle erdlof@protonmail.com, development@lists.ipfire.org development@lists.ipfire.org Betreff: [PATCH 0/2] zoneconf: replace the nic-names with eth... and wlan... or not?
Hi,
On 7 Sep 2019, at 23:55, Alexander Koch ipfire@starkstromkonsument.de wrote:
Hi Florian,
in the case you describe, the zone orange is of type normal and it has one NIC assigend as native. This results in that NIC beeing named orange0. Is this correct so far?
You can not assign multiple zones to one native NIC. If you want to add orange0, to the blue zone, you can only do this as a VLAN and blue has to be of type bridge. This will result in an additional interface named orange0.<VLAN-ID> that is part of the bridge blue0. This offers the blue zone available as <VLAN-ID> in the orange zone. Do you agree?
blue0 could still be the VLAN device piggy-backing on orange0. There is no bridge required.
Oh, sorry. I missed that one. You are right of course ...
To me this is the expected behaviour. I personally don't mind the NIC being named orange0 in that case. I attached some screenshots and added the real names of the NICs to the table in brackets to illustrate this (including my patch for brctl show and ip addr).
My example (IPFire running in a VirtualBox) offers another issue: the real and the new names of the NICs even have different numbers. I don't know why this happens. I thought the zoneconf.cgi and udev both sort the NICs by their MAC-Addresses and start with 0?
No, udev initialised the NICs in the order they come up by the kernel.
That could differ from reboot to reboot if you have a NIC where the firmware is already loaded and so on. That is why we cannot depend on NIC names.
Thanks for correcting me here, I was not aware of this.
Michael, I would not show no names at all. Just keep the real device names in the WebUI. People need them whenever they are searching for errors or want to analyse something e.g. with tcpdump. Some people label their cases with the names. Monitoring systems also show the real names as returned by the system.
People who are on the console dealing with tcpdump are on their own and hopefully know how to find the correct NIC. I do not think that the webUI should be accommodating too much for this use-case. However, showing incorrect names is not good either.
If we show the current names you will have a page where “orange0” is configured as “green0” which I also find rather confusing.
So that leaves us with showing the vendor and model of the NIC?
Hm, I think yes. Same way as in the setup on the CLI. Do you want me to send a revised patch?
To me, the best solution would be running all zones as bridges per default. But this is something that will be addressed in IPFire 3.x anyway so I wouldn't invest any time in changing this for 2.x ... touching this might break other things and turn out to be an exhausting task. I accidentally changed the type of the red zone to bridged on my testing machine (static IP) and broke the zone that way. I didn't find the cause of this though …
That also has downsides. We do it in IPFire 3, but the whole network architecture is based on a hotpluggable network that changes all the time. IPFire 2 is simply not designed for this and we will break a lot of things to make this happen.
Best, -Michael
Regards, Alex
-------- Original Message -------- From: Michael Tremer [mailto:michael.tremer@ipfire.org] Sent: Thursday, 5 September 2019, 11:27 CEST To: Florian Bührle erdlof@protonmail.com Cc: ipfire@starkstromkonsument.de, development@lists.ipfire.org development@lists.ipfire.org Subject: [PATCH 0/2] zonconf: replace the nic-names with eth... and wlan... or not?
Hi,
I agree with both of you :)
Showing the “old” names is confusing. Numbering them again is also not helpful.
Is it better if we do not show any device name at all? Nobody needs that to decide which NIC is being assigned to what zone, right?
-Michael
On 4 Sep 2019, at 07:49, Florian Bührle erdlof@protonmail.com wrote:
Hi Alex,
your point is absolutely correct, however there's some thought behind this: as the udev rules rename the physical interfaces to <zone>0 when the interface accesses the zone directly, it could be quite confusing if the interface is named orange0 for example and you want to assign it to blue in the CGI, even though it would work fine. What do you think?
Regards Florian
Gesendet von ProtonMail mobile
-------- Original-Nachricht -------- An 3. Sep. 2019, 23:46, Alex Koch schrieb:
Hi,
I stumbled into this when I was searching for an error in my vlan and bridge-config and want to start a discussion about if this should be changed or not.
The zoneconf.cgi contains the following code-snippet:
# Name the physical NICs # Even though they may not be really named like this, we will name them ethX or wlanX my $ethcount = 0; my $wlancount = 0;
foreach (@nics) { my $nic = $_->[1];
if (-e "/sys/class/net/$nic/wireless") { $_->[1] = "wlan$wlancount"; $_->[2] = 1; $wlancount++; } else { $_->[1] = "eth$ethcount"; $ethcount++; } }
This renames all the nics to ethX or wlanX for the WUI. When you use any commandline tool (e.g ip addr or brctl show) the names of the NICs will mismatch with the ones shown in the WUI. Same for the assigened VLAN-IDs.
For example, one of my setups:
- WUI name --> real name
- eth0 --> red0
- eth1 --> eth1
- eth2 --> orange0
- wlan0 --> blue0
- wlan1 --> wlan1
What is the goal of doing this? I personally think this is more confusing than useful. I would prefer to not rename the NICs. What do you think?
I attached a patch to change the naming back to the real names. Please decide to merge it or not, depending on where the discussion ends.
Secondly I created a patch to add the current output of "brctl show" and "ip addr" to the zoneconfig page. It's quite useful to have this by the hand without having to open a shell sometimes.
Regards, Alex
Alex Koch (2): zoneconf: Show real names of NICs in the WUI zoneconf: Add status output of "brctl show" and "ip addr"
html/cgi-bin/zoneconf.cgi | 34 ++++++++++++++++++++++++---------- langs/de/cgi-bin/de.pl | 5 ++++- langs/en/cgi-bin/en.pl | 5 ++++- 3 files changed, 32 insertions(+), 12 deletions(-)
-- 2.17.1
<190907_florians_example.png><190907_no_bridges.png><190908_all_bridges.png>
Regards, Alex
Hi,
On 11 Sep 2019, at 19:34, Alexander Koch ipfire@starkstromkonsument.de wrote:
Hi,
-------- Ursprüngliche Nachricht -------- Von: Michael Tremer [mailto:michael.tremer@ipfire.org] Gesendet: Montag, 9. September 2019, 17:04 MESZ An: Alexander Koch ipfire@starkstromkonsument.de Cc: Florian Bührle erdlof@protonmail.com, development@lists.ipfire.org development@lists.ipfire.org Betreff: [PATCH 0/2] zoneconf: replace the nic-names with eth... and wlan... or not?
Hi,
On 7 Sep 2019, at 23:55, Alexander Koch ipfire@starkstromkonsument.de wrote:
Hi Florian,
in the case you describe, the zone orange is of type normal and it has one NIC assigend as native. This results in that NIC beeing named orange0. Is this correct so far?
You can not assign multiple zones to one native NIC. If you want to add orange0, to the blue zone, you can only do this as a VLAN and blue has to be of type bridge. This will result in an additional interface named orange0.<VLAN-ID> that is part of the bridge blue0. This offers the blue zone available as <VLAN-ID> in the orange zone. Do you agree?
blue0 could still be the VLAN device piggy-backing on orange0. There is no bridge required.
Oh, sorry. I missed that one. You are right of course ...
To me this is the expected behaviour. I personally don't mind the NIC being named orange0 in that case. I attached some screenshots and added the real names of the NICs to the table in brackets to illustrate this (including my patch for brctl show and ip addr).
My example (IPFire running in a VirtualBox) offers another issue: the real and the new names of the NICs even have different numbers. I don't know why this happens. I thought the zoneconf.cgi and udev both sort the NICs by their MAC-Addresses and start with 0?
No, udev initialised the NICs in the order they come up by the kernel. That could differ from reboot to reboot if you have a NIC where the firmware is already loaded and so on. That is why we cannot depend on NIC names.
Thanks for correcting me here, I was not aware of this.
No problem…
Michael, I would not show no names at all. Just keep the real device names in the WebUI. People need them whenever they are searching for errors or want to analyse something e.g. with tcpdump. Some people label their cases with the names. Monitoring systems also show the real names as returned by the system.
People who are on the console dealing with tcpdump are on their own and hopefully know how to find the correct NIC. I do not think that the webUI should be accommodating too much for this use-case. However, showing incorrect names is not good either. If we show the current names you will have a page where “orange0” is configured as “green0” which I also find rather confusing. So that leaves us with showing the vendor and model of the NIC?
Hm, I think yes. Same way as in the setup on the CLI. Do you want me to send a revised patch?
Yes, I think so. Can you coordinate with Florian, because technically it is his code :)
I think it might be a little bit of a challenge to get this into the UI because the NIC names will be very long.
When we first considered this we had the table upside down and later changed the orientation of it. That might help you now.
Let me know if I can help out with anything here.
Best, -Michael
To me, the best solution would be running all zones as bridges per default. But this is something that will be addressed in IPFire 3.x anyway so I wouldn't invest any time in changing this for 2.x ... touching this might break other things and turn out to be an exhausting task. I accidentally changed the type of the red zone to bridged on my testing machine (static IP) and broke the zone that way. I didn't find the cause of this though …
That also has downsides. We do it in IPFire 3, but the whole network architecture is based on a hotpluggable network that changes all the time. IPFire 2 is simply not designed for this and we will break a lot of things to make this happen. Best, -Michael
Regards, Alex
-------- Original Message -------- From: Michael Tremer [mailto:michael.tremer@ipfire.org] Sent: Thursday, 5 September 2019, 11:27 CEST To: Florian Bührle erdlof@protonmail.com Cc: ipfire@starkstromkonsument.de, development@lists.ipfire.org development@lists.ipfire.org Subject: [PATCH 0/2] zonconf: replace the nic-names with eth... and wlan... or not?
Hi,
I agree with both of you :)
Showing the “old” names is confusing. Numbering them again is also not helpful.
Is it better if we do not show any device name at all? Nobody needs that to decide which NIC is being assigned to what zone, right?
-Michael
On 4 Sep 2019, at 07:49, Florian Bührle erdlof@protonmail.com wrote:
Hi Alex,
your point is absolutely correct, however there's some thought behind this: as the udev rules rename the physical interfaces to <zone>0 when the interface accesses the zone directly, it could be quite confusing if the interface is named orange0 for example and you want to assign it to blue in the CGI, even though it would work fine. What do you think?
Regards Florian
Gesendet von ProtonMail mobile
-------- Original-Nachricht -------- An 3. Sep. 2019, 23:46, Alex Koch schrieb:
Hi,
I stumbled into this when I was searching for an error in my vlan and bridge-config and want to start a discussion about if this should be changed or not.
The zoneconf.cgi contains the following code-snippet:
# Name the physical NICs # Even though they may not be really named like this, we will name them ethX or wlanX my $ethcount = 0; my $wlancount = 0;
foreach (@nics) { my $nic = $_->[1];
if (-e "/sys/class/net/$nic/wireless") { $_->[1] = "wlan$wlancount"; $_->[2] = 1; $wlancount++; } else { $_->[1] = "eth$ethcount"; $ethcount++; } }
This renames all the nics to ethX or wlanX for the WUI. When you use any commandline tool (e.g ip addr or brctl show) the names of the NICs will mismatch with the ones shown in the WUI. Same for the assigened VLAN-IDs.
For example, one of my setups:
- WUI name --> real name
- eth0 --> red0
- eth1 --> eth1
- eth2 --> orange0
- wlan0 --> blue0
- wlan1 --> wlan1
What is the goal of doing this? I personally think this is more confusing than useful. I would prefer to not rename the NICs. What do you think?
I attached a patch to change the naming back to the real names. Please decide to merge it or not, depending on where the discussion ends.
Secondly I created a patch to add the current output of "brctl show" and "ip addr" to the zoneconfig page. It's quite useful to have this by the hand without having to open a shell sometimes.
Regards, Alex
Alex Koch (2): zoneconf: Show real names of NICs in the WUI zoneconf: Add status output of "brctl show" and "ip addr"
html/cgi-bin/zoneconf.cgi | 34 ++++++++++++++++++++++++---------- langs/de/cgi-bin/de.pl | 5 ++++- langs/en/cgi-bin/en.pl | 5 ++++- 3 files changed, 32 insertions(+), 12 deletions(-)
-- 2.17.1
<190907_florians_example.png><190907_no_bridges.png><190908_all_bridges.png>
Regards, Alex
-
Alex Koch -
Alexander Koch
-
Florian Bührle -
Michael Tremer