[Battlemesh] routing daemons fighting to enforce sysctl settings

Ferry Huberts mailings at hupie.com
Fri Jun 24 11:53:17 CEST 2016


If you check the code paths in olsrd v1 you can see that are quite a few 
entry points into the function that changes these proc values.

So it's probably not as simple as you're suggesting.

I can of-course add a setting that would disable any writing to proc but 
I'd then have the immediate problem that people switch it off and 
subsequently complain that things don't work as expected.

Between a rock and a hard place I guess


On 24/06/16 11:33, Daniel Golle wrote:
> Hi!
> I'm currently helping to switch from some ancient OLSR1-based
> hand-crafted and hard-to-maintain firmware to a Libre-Mesh based
> environment. In order to integrate with the existing OLSR1 mesh, some
> nodes should run BMX6/7 as well as OLSRd (using 2 devices is not an
> option, we just don't have enough of them). While this generally works
> nicely due to the routing-table-import features of BMX6, there is a
> single very annoying problem:
> Both routing daemons try changing sysctl settings in conflicting ways
> without any means for the user to disable that 'egocentric' behaviour.
> olsrd[21487]: Writing '0' (was 2) to /proc/sys/net/ipv4/conf/all/rp_filter
> bmx7[1237]: INFO  check_proc_sys_net(): changing /proc/sys/net/ipv4/conf/all/rp_filter from 0 to 2
> I generally believe that a routing daemon shouldn't take-over the OS to
> a degree which makes co-existence with other routing daemons or other
> networking stuff impossible. Currently both, OLSRd and BMX repeatingly
> try to enforce settings even in /proc/sys/net/ipv*/conf/all/ which thus
> affects all interfaces and not only the ones governed by that specific
> protocol.
> I had a discussion with Henning about a similar issue I had with OLSRd
> changing send_redirects without any way to configure it not to touch
> sysctl values. Now the problem came back and kinda confirms my opinion
> that setting sysctl options (/proc/sys/net/*) is a task to be carried
> out by the OS, ie. netifd on OpenWrt/LEDE or connman or NetworkManager
> or whatever-you-use.
> Thus my demand to routing protocols developers: Please at least create
> a way to tell your routing daemon "don't touch my sysctl, I'll take
> care of it myself!". This should imho be the default for the
> OpenWrt/LEDE build of the routing daemons and netifd should handle
> stuff like rp_filter and send_redirects -- the routing daemon might
> still warn you about UCI settings known to cause problems under certain
> conditions.
> Cheers
> Daniel
> _______________________________________________
> Battlemesh mailing list
> Battlemesh at ml.ninux.org
> http://ml.ninux.org/mailman/listinfo/battlemesh

Ferry Huberts

More information about the Battlemesh mailing list