On Sun, Apr 19, 2009 at 10:11 AM, Marc Haber <mh+debian-packa...@zugschlus.de> wrote: > On Wed, Feb 11, 2009 at 08:50:52PM +0100, Vincent Bernat wrote: >> The following configuration does not work: >> iface myvlan inet manual >> encapsulation dot1q >> master eth0 >> vlan-id 45 >> >> I get: >> error: Network is down >> >> A work around is to add: >> iface eth0 inet manual >> >> I have attached a patch for this issue. > > I do not think that it's a good idea - from a security point of view - > to automatically take up an interface just because a VLAN is > configured. I will think about adding an option like "init_master" to > allow this to happen, but I do not think that it's a good idea to do > this by default. > I do believe this functionality belongs to the kernel, so the kernel can do this securely. From user space simply bringing up an interface could lead to an IP being bound to that interface. A inter-kernel API could allow the interface to receive packets w/o it's configuration being applied, while at the same time keeping the configuration intact so the eth0 interface can be uped from userspace is requested.
Another thing, why are you using tags on every frame? It seams to me that it would be smart to try and save bits by choosing one vlan to be un-tagged being suspected of having more frames then any of the others. > Greetings > Marc > > -- > ----------------------------------------------------------------------------- > Marc Haber | "I don't trust Computers. They | Mailadresse im Header > Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834 > Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 > > > > > -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
