Re: /proc/sys/net/* proliferation

david parsons (o.r.c@p.e.l.l.p.o.r.t.l.a.n.d.o.r.u.s)
13 Sep 1997 00:54:16 -0700

In article <>,
Andi Kleen <> wrote:
>Richard Gooch <rgooch@atnf.CSIRO.AU> writes:

>> Is there a good reason why these options aren't enabled by default?
>I think the idea is that compile time configuration for the network
>layer is to be phased out and replaced by sysctls. But it's a very bad
>thing to ship a system with ipforward or bootp relay turned on per
>default. That's a problem for vendors like Caldera or RedHat who ship
>binary kernel images.

Well, when you're building a distribution, it's pretty easy to have
the system tune itself to suit when the machine boots up. With
tunable security things, a distribution shouldn't ever assume that
any kernel will have the defaults set to anything, so why bother
to change the defaults when all it will do is annoy the people who
don't use those distributions?

I'll certainly cheerfully add support for tunable things into my
configuration tools iff 2.2.x doesn't completely break compatability
with older kernels. But I'd be somewhat annoyed if bootp stopped
working out of the clear blue sky and required some backwards
incompatable tweak to enable (since I still run 1.2.13 on occasion
when I want to read sgi tapes, I really don't want to have the
system freak out while trying to do 2.x.y things when that kernel
comes up.)

david parsons \bi/ I [heart] backwards compatability and published
\/ interfaces.