[Novalug] Service start-up order with bridged ethernet in Ubuntu 9.10

Paul paul@pseudonoise.net
Tue Mar 16 01:33:34 EDT 2010


I have an Ubuntu 9.10 server machine that acts as the gateway and VPN
access point for a small LAN.  It has two real ethernet interfaces and
a virtual layer 2 bridge interface so that openvpn clients can access
the network using bridged ethernet mode (see contents of
/etc/network/interfaces below).  In addition to openvpn, the server
runs bind9, dhcp3-server, sshd, ntpd, and apache2.  These services are
configured to listen only on the bridge interface's IP address,
10.yy.yy.1 (the LAN side of the gateway).

All of this works great, except when the machine is first booted:
some of the daemons attempt to start before the bridge interface is
up.  They try to bind to the bridge's IP address--which doesn't exist
yet--and fail.  I have to manually start the failed services
afterwards, which is mildly annoying because sshd is one of them and
the machine usually has no monitor or keyboard attached.  I've been
lucky so far, but I just know that we'll experience a UPS-draining
power outage a few hours before I realize that I had forgotten a file
while out on travel and need to use the VPN to get it :-)

Does anyone know of a good way to make the services start after the
bridge interface is up?  Is there an additional "Required-Start" entry
that needs to be added to the /etc/init.d scripts for bridges, beyond
$network?

Thanks,
-Paul
----
auto lo
iface lo inet loopback

# External LAN interface
auto eth0
iface eth0 inet static
    pre-up /etc/configureFirewall.sh
    address 10.xx.xx.2
    gateway 10.xx.xx.1
    netmask 255.255.255.0

# Internal LAN bridge interface
auto bridgeInt
iface bridgeInt inet static
      address 10.yy.yy.1
      netmask 255.255.255.0
      bridge_ports eth1

# Internal LAN interface
auto eth1
iface eth1 inet manual
      up ifconfig $IFACE 0.0.0.0 up
      up ip link set $IFACE promisc on
      down ip link set $IFACE promisc off
      down ifconfig $IFACE down



More information about the Novalug mailing list