Hi Steve, Steve Langasek schrieb: > >> The default of the zeroconf settings should be, either "do never configure >> the add hoc ip address" or "only configure the add hoc ip address if no ip >> address is configured for this interface". > > Both of these defeat the purpose of zeroconf.
It would not defeat the purpose of zeroconf to have debconf question
about the default configuration. Unless you thing the purpose of
zeroconf is to get no question on installation. You did not state that
in the packages description.
If you want to mimick windows functionality, then you should use the
fallback case as default. This would be perfectly enough.
>> With the two ip addresses the machine broadcasts with two different
>> addresses. This might result in alarms in the network, because a machine
>> comunicates with the wrong address. This might also result in the
>> disabling of the machine on a switch which sees the wrong address (cisco
>> catalyst dhcp-snooping).
>
> This is not the meaning of "unrelated software". It apparently makes
> zeroconf unsuitable for your *environment*, but that's not a bug that can be
> fixed in zeroconf -- this is what zeroconf *does*.
>> Some programs rely on the configured and allowed ip address to operate.
>> If now one machine responds on a different address because it can also
>> reach the other machine with it, we get a problem. We have one report
>> that ssh reports a security warning, because a key is recorded with a
>> different ip address.
>
> So you have multiple machines on your local link that are running zeroconf
> (or similar technology), as a result they can talk to each other using local
> link addresses, and this is inconsistent with the policies in your
> environment.
>
> Ok, so you will apparently not want to use zeroconf in your environment, or
> you will need to reconsider the correctess of your policies. Again, not a
> bug in zeroconf, which is working as designed.
You are right if you see zeroconf as a package isolated. But since
zeroconf comes in via dependencies a lot of people will install it
accidentaly. You might not see this as a bug of zeroconf but of the
depending package. My point is that this combination is not suitable for
the next stable release.
>> Services using tcpwrappers get configured with ip addresses. These
>> services will sometimes fail because they use the wrong addresses.
>
> ditto.
>
>> You could introduce debconf questions or just make the default
>> configuration disabled or fallback.
>
> I don't think it's justified to demand such a default; I don't believe this
> optimizes for the common case.
As I said, the common case is that people have already ip address and
internet connection, so they don't need the zeroconf package. But if
they get ist installed via dependencies they have a lot of spurious
problems which are difficult to detect.
(ifconfig should be fixed to display both addresses or the fixed address
or a warning about it. The kernel should be fixed to send with the
correct broadcast address.)
Christoph
--
============================================================================
Christoph Martin, Leiter der EDV der Verwaltung, Uni-Mainz, Germany
Internet-Mail: [EMAIL PROTECTED]
Telefon: +49-6131-3926337
Fax: +49-6131-3922856
signature.asc
Description: OpenPGP digital signature
