remove gateway requirements for manual interface configuration #1520

Merged
merged 2 commits into from Nov 18, 2016

Projects

None yet

2 participants

@tomtom13
Contributor

First and simple batch of changes:

  • remove gateway requirements for manual interface configuration. Forcing users to put random gateway on closed networks, screws up "route" on host and makes installation unable to access outside world.
@schakrava
Member

@tomtom13, thanks for this. Please help me understand this better, I have a few questions.

  • What are closed networks and is gateway not required in such networks?
  • Is it possible/recommended to have a default gw on such networks such as 0.0.0.0 or something like that?
  • And how does this effect normal static ip config where the config is useless without a gw and results in the system being inaccessible over the network?
@tomtom13
Contributor

Closed network is colloquial for network that is physically connected to internet by not a single device in this network is not aware how to access outside world (or any other network) because they don't know what is a gateway. Do not mistake it for private network - private network is a network with private addressing space that knows / doesn't know how to access outside networks. Security in closed networks is achieved by means that any outsider (without overtaking an equipment inside of your network) is not aware of it, can't physically send any data (because other equipment doesn't know this network exists and how to reach it) and equipment on that network can't reply back because they don't know how to send data outside of this closed network (lack of gateway).

so for example:

  • let's say you have in you enterprise a large backbone and you want to use it to create a dedicated network which nobody should technically access or know of ... and your equipment does not allow you to create a vlan.
  • you have two machines on 1gb network and want them to talk to each other via dedicated 10GB fibre ... you install fibre interfaces in each machine, join them and then give them IP addresses from outside of you your 1GB network. Every time you will attempt to access other machine using a address from this "closed network" you will effectively push traffic through fibre rather than 1GB

0.0.0.0 gateway .... a very bad idea. Newer, under any circumstances provide a phony gateway. Fist, you end up with 2 routes to outside world, second all IP timeouts and TTL actually get fucked up by this because your machine if it can't access something will try some weird trick on other gateway - behaviour is unpredictable, third if your 0.0.0.0 gateway gets higher priority than your real gateway - you machine won't be able to talk to outside world on other interfaces.

static IP configurations are not useless without gateway - it all depends what you are trying to chive. Technically speaking if we qualify usefulness of link without gateway, it's equally useless nowadays without DNS - how will you access update server if you can't resolve name to ip ? :)

Finally - the Ethernet interface is NOT technically required a IP address at all ... IPX comes to mind :)

@schakrava schakrava merged commit f9b804e into rockstor:master Nov 18, 2016
@schakrava
Member

Thanks for the explanation @tomtom13 . I had to make a tiny backend change, but looks good. Thanks for your contribution!

@tomtom13
Contributor

Seriously no problem. From standpoint of NAS - Network is a first letter of NAS ... so it's rather important and I would rather move it slowly and have as many eyes watching changes / testing / criticizing. To much at stake here, and we all (specially me) make errors.

@schakrava schakrava changed the title from Issue #1517 to remove gateway requirements for manual interface configuration Dec 13, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment