Am 28.06.21 um 11:23 schrieb Alessandro Vesely:
A complex script doesn't have to be error prone.
it is by definition more error prone than a simple restore which has
exactly that job and it makes no sense to argue about such simple facts
do what you want but stop talking nonense when it comes to best practice
Speed is not a concern, given that boot only happens once every few months.
i care always about speed
Setting iptables atomically is not needed because ip link set $interface
up commands are issued after iptables -A ones.
irrelevant
# NIC-Konfiguration
ExecStart=-/usr/sbin/ethtool -G lan rx 512 tx 256
ExecStart=-/usr/sbin/ethtool -K lan lro off
ExecStart=-/usr/sbin/ethtool -G wan rx 512 tx 256
ExecStart=-/usr/sbin/ethtool -K wan lro off
I hadn't had to do that, yet (been lucky with autoconf?)
bla - you don't want LRO on a router because it breaks end-to-end
principle and maybe you heard about buffer bloat
# Sicherstellen dass 'sysctl' angewendet wird
ExecStart=-/usr/sbin/sysctl -q --load=/etc/sysctl*.conf
Shouldn't this be automatic?
what when i don't want that automatic to avoid all sort of warnings when
that automatic fires before iptables is loaded and so all the conntrack
values are unknown?
I set up DHCP independently of the network. It only listens to the
internal interface, so it's somewhat easier. I consider it a separate
issue
you didn't realize the difference between dhcp client/server!