Re: [SPAM] Re: Custom options and passing options via command line.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Lennart Poettering <lennart@xxxxxxxxxxxxxx> writes:

> On Mo, 09.05.22 19:13, Kamil Jońca (kjonca@xxxxxxxxxxxx) wrote:
>
>> >> 3. decide where to resolve names based on domain and existence of ipsec
>> >> or openvpn tunnel.
>> >
>> > Sounds like a job for the resolved domain routing logic, which already
>> > exists?
>>
>> Not quite. When I asked previously  I got response, that resolved is
>> based on interfaces. But ipsec tunnel does not need dedicated
>> interface.
>
> but networkd-dispatcher stuff is also interface based, no? so it
> wouldn't solve your problem either?
In my previous post I wrote about *resolved*" - when I tested
systemd-RESOLVED* could not fit my needs (and I am happy dnsmasq user then)


>
>> I still do not know what mean "local host" here. I guess that this will
>> be interface address.  :)
>
> Yes.
>
>> I still do not know if this is rather "snat" or rather "masquerade". How
>> can I decide which to use. And what engine is used here.
>
> The engine is decided at build time, i.e. can be either iptables or
> nftables.

But there are two kind of "nat' in *tables suites: 1.masquerade or 2.snat.

>
>> I know that networkd cannot handle bridge without ports (quite
>> convenient when you use it as dummy interface with qemu machines)
>
> It cannot?

As far as I know - it cannot.
Bridge without ports have no ip assigned and is in "configuring" state.
Please correct me if I am wrong

Especially what wyould be equivalent of:

--8<---------------cut here---------------start------------->8---
iface qemu inet static
        address 192.168.11.1
        netmask 255.255.255.0
        bridge_ports none
--8<---------------cut here---------------end--------------->8---
This creates "bridge" with assigned IP, without any ports (and with
scripts it can create/drop some nftables rules ...)


>> > Afaics RouteMetric= [DHCPv4] section already does all you need. just
>> > give the iface whose default route you want to take precedence a lower
>> > metric and you are done.
>>
>> How? By editing files? And what with other examples?
>
> I am not sure I follow? when do you intend to change the preference?

When I manually up interface
(ie. when, for example, issue comand networkctl up "interface name")

>> > Note anyway that networkd assumes it manages an interface in its
>> > entirety: if you muck with what it sets up it likely will override
>> > your changes sooner or later, when some event happens... you have a
>>
>> I do not want interfere with interfaces "per se" I simply want to get
>> some info from systemd and pass it to dnsmasq (for DNS) or nftables (for
>> filtering) . That's it.
>
> You started out asking about default routes?

Yes, but in
https://lists.freedesktop.org/archives/systemd-devel/2022-May/047907.html
I wrote:

"[1] - but please treat this as an example only. This also can be
additional domain to search. Or additional DNS to use, or ...
something."

KJ
[Index of Archives]     [LARTC]     [Bugtraq]     [Yosemite Forum]     [Photo]

  Powered by Linux