[Chilli] Coova-Chilli Multi Tenanency Mode

Luis Ferreira lferreira at cabocom.cv
Thu Feb 7 16:05:21 UTC 2013

Hello everyone,


1. It could be related to iptable locking, because I've got a bit of success
if I add "sleep 5" on /etc/init.d/chilli after starting each vlan. It's not
100% win, but at least the success rate increased.


2. The iptables file located at v /usr/local/var/run/chilli.tun0.sh is it
generated every time chilli boots? Is it executed on chilli process startup?
Could that be the issue? Not giving enough time for the OS to write the
file, and ask it to run the script? If it's that, that would explain why is
a sporadic problem happening on multi chilli, because is starting several
chilli processes as fast as the machine is capable of.





Luis Ferreira

Director Técnico

Cabocom S.A.


-----Mensagem original-----
De: Petr Štetiar [mailto:ynezz at true.cz] 
Enviada: quinta-feira, 7 de Fevereiro de 2013 05:35
Para: Robert White
Cc: Luis Ferreira; chilli at coova.org
Assunto: Re: [Chilli] Coova-Chilli Multi Tenanency Mode


Robert White < <mailto:rwhite at globalgossip.net> rwhite at globalgossip.net>
[2013-02-07 13:40:21]:


> All rules from up.sh except the following seem to get created:


> ipt_in -p tcp -m tcp --dport $UAMPORT --dst $ADDR -j ACCEPT


And sometimes some other rules :)


> It seems to only ever happen in multi-instance environments so maybe 

> it is something to do with iptables locking and not allowing the 

> insertion of the rule while another instance is trying to do the same?
I'm not sure.


Yes, maybe something like that, I didn't investigated it in the detail

I've added simple locking into the coova-chilli init.d script and added
wildcard system wide iptables rules like "-i tun+" and it improved a lot.


-- ynezz

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.coova.org/pipermail/chilli/attachments/20130207/051fd4f7/attachment.html>

More information about the Chilli mailing list