PSARC 2006/552 Quagga SMF Modifications

6312914 routeadm needs to support smf-based routing services
6440342 remove redundancies in smf-related makefiles by moving manifest rules to usr/src/cmd/Makefile.targ

--HG--
rename : usr/src/cmd/cmd-inet/usr.sbin/in.rdisc.c => usr/src/cmd/cmd-inet/usr.sbin/in.rdisc/in.rdisc.c
rename : usr/src/cmd/cmd-inet/usr.sbin/routeadm.c => usr/src/cmd/cmd-inet/usr.sbin/routeadm/routeadm.c
rename : deleted_files/usr/src/cmd/volmgt/etc/Makefile => usr/src/cmd/volmgt/etc/Makefile

9 files changed, 701 insertions, 225 deletions

diff --git a/usr/src/cmd/svc/milestone/Makefile b/usr/src/cmd/svc/milestone/Makefile
index be0440da40..0b421f1825 100644
--- a/usr/src/cmd/svc/milestone/Makefile
+++ b/usr/src/cmd/svc/milestone/Makefile
@@ -2,9 +2,8 @@
 # CDDL HEADER START
 #
 # The contents of this file are subject to the terms of the
-# Common Development and Distribution License, Version 1.0 only
-# (the "License").  You may not use this file except in compliance
-# with the License.
+# Common Development and Distribution License (the "License").
+# You may not use this file except in compliance with the License.
 #
 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
 # or http://www.opensolaris.org/os/licensing.
@@ -20,7 +19,7 @@
 # CDDL HEADER END
 #
 #
-# Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
+# Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
 # Use is subject to license terms.
 #
 #ident	"%Z%%M%	%I%	%E% SMI"
@@ -46,6 +45,7 @@ NETSVCS= \
 	network-initial.xml \
 	network-loopback.xml \
 	network-physical.xml \
+	network-routing-setup.xml \
 	network-service.xml
 
 NETMANIFESTS= $(NETSVCS:%=$(ROOTSVCNETWORK)/%)
@@ -104,6 +104,7 @@ SVCMETHOD=\
 	net-loopback \
 	net-init \
 	net-physical \
+	net-routing-setup \
 	net-svc \
 	rmtmpfiles
 
diff --git a/usr/src/cmd/svc/milestone/fs-root b/usr/src/cmd/svc/milestone/fs-root
index 1672188383..cfbe472eb3 100644
--- a/usr/src/cmd/svc/milestone/fs-root
+++ b/usr/src/cmd/svc/milestone/fs-root
@@ -257,8 +257,6 @@ fi
 #
 /usr/sbin/devfsadm -I -P
 
-[ -f /etc/.dynamic_routing ] && /usr/bin/rm -f /etc/.dynamic_routing
-
 libc_mount
 libc_psr_mount
 
diff --git a/usr/src/cmd/svc/milestone/net-init b/usr/src/cmd/svc/milestone/net-init
index 7cbcb48089..5862c4edf6 100644
--- a/usr/src/cmd/svc/milestone/net-init
+++ b/usr/src/cmd/svc/milestone/net-init
@@ -26,79 +26,30 @@
 # ident	"%Z%%M%	%I%	%E% SMI"
 #
 # This is the second phase of TCP/IP configuration.  The first part is
-# run by the /lib/svc/method/net-physical script (the svc:/network/physical
-# service) and includes configuring the interfaces and setting the machine's
-# hostname.  This script (the svc:/network/initial service), does all
-# configuration that can be done before name services are started. This
-# includes configuring IP routing, and setting any tunable parameters.
-# The third part, run by the /lib/svc/method/net-svc script (the
-# svc:/network/service service), does all configuration that may require
-# name services.  This includes a final re-configuration of the interfaces.
+# run by the svc:/network/physical service and includes configuring the
+# interfaces and setting the machine's hostname.  The svc:/network/initial
+# service does all configuration that can be done before name services are
+# started, bar configuring IP routing (this is carried out by the
+# svc:/network/routing-setup service).  The final part, run by the
+# svc:/network/service service,  does all configuration that may require
+# name services.  This includes a final re-configuration of the
+# interfaces.
 #
 
 . /lib/svc/share/smf_include.sh
 
-case "$1" in
-'start')
-	#
-	# In a zone we need this service to be up, but all of the work
-	# it tries to do is irrelevant (and will actually lead to the service
-	# failing if we try to do it), so just bail out.
-	#
-	smf_is_globalzone || exit $SMF_EXIT_OK
-
-	;; # Fall through -- rest of script is the initialization code
-
-'stop')
-	smf_is_globalzone || exit $SMF_EXIT_OK
-
-	#
-	# If we were routing dynamically, we will note this with
-	# the .dynamic_routing file, so that we can leave the routes
-	# in place without thinking they're static route entries
-	# when we come back into states 2 or 3.
-	#
-	if /usr/bin/pgrep -x -u 0 'in.routed|in.rdisc' >/dev/null 2>&1; then
-		/usr/bin/pkill -z global -x -u 0 'in.routed|in.rdisc'
-		> /etc/.dynamic_routing
-	fi
-	/usr/bin/pkill -z global -x -u 0 'in.ndpd|in.ripngd'
-	exit $SMF_EXIT_OK
-	;;
-
-*)
-	echo "Usage: $0 { start | stop }"
-	exit 1
-	;;
-esac
+#
+# In a zone we need this service to be up, but all of the work
+# it tries to do is irrelevant (and will actually lead to the service
+# failing if we try to do it), so just bail out.
+#
+smf_is_globalzone || exit $SMF_EXIT_OK
 
 # Configure IPv6 Default Address Selection.
 if [ -f /etc/inet/ipaddrsel.conf ]; then
 	/usr/sbin/ipaddrsel -f /etc/inet/ipaddrsel.conf
 fi
 
-/usr/sbin/ifconfig -a6u >/etc/svc/volatile/ifconfig.$$
-numv6ifs=`/usr/bin/grep -c inet6 /etc/svc/volatile/ifconfig.$$`
-if  [ $numv6ifs -gt 1 ]; then
-	#
-	# Add a static route for multicast packets out of a link-local
-	# interface, although would like to specify multicast interface using
-	# an interface name!
-	#
-	set -- `/usr/bin/awk '
-		/inet6 fe80:/ {
-			print substr($2, 1, index($2, "/") - 1)
-		}' /etc/svc/volatile/ifconfig.$$`
-
-	if [ -n "$1" ]; then
-		echo "Setting default IPv6 interface for multicast:" \
-		    "add net ff00::/8: gateway $1"
-		/usr/sbin/route -n add -interface -inet6 "ff00::/8" "$1" \
-		    >/dev/null
-	fi
-fi
-/usr/bin/rm -f /etc/svc/volatile/ifconfig.$$
-
 #
 # Now that /usr is mounted, see if in.mpathd needs to be started by firing it
 # up in "adopt" mode; if there are no interfaces it needs to manage, it will
@@ -148,105 +99,6 @@ if [ $TCP_STRONG_ISS ]; then
 fi
 
 #
-# Configure default IPv4 routers using the local "/etc/defaultrouter"
-# configuration file.  The file can contain the hostnames or IP
-# addresses of one or more default routers.  If hostnames are used,
-# each hostname must also be listed in the local "/etc/hosts" file
-# because NIS and NIS+ are not running at the time that this script is
-# run.  Each router name or address is listed on a single line by
-# itself in the file.  Anything else on that line after the router's
-# name or address is ignored.  Lines that begin with "#" are
-# considered comments and ignored.
-#
-# The default routes listed in the "/etc/defaultrouter" file will
-# replace those added by the kernel during diskless booting.  An
-# empty "/etc/defaultrouter" file will cause the default route
-# added by the kernel to be deleted.
-#
-# Note that the default router file is ignored if we received routes
-# from a DHCP server.  Our policy is to always trust DHCP over local
-# administration.
-#
-smf_netstrategy
-
-if [ "$_INIT_NET_STRATEGY" = "dhcp" ] && [ -n "`/sbin/dhcpinfo Router`" ]; then
-	defrouters=`/sbin/dhcpinfo Router`
-elif [ -f /etc/defaultrouter ]; then
-	defrouters=`/usr/bin/grep -v \^\# /etc/defaultrouter | \
-	    /usr/bin/awk '{print $1}'`
-	if [ -n "$defrouters" ]; then
-		#
-		# We want the default router(s) listed in /etc/defaultrouter
-		# to replace the one added from the BOOTPARAMS WHOAMI response
-		# but we must avoid flushing the last route between the running
-		# system and its /usr file system.
-		#
-
-		# First, remember the original route.
-		shift $#
-		set -- `/usr/bin/netstat -rn -f inet | /usr/bin/grep '^default'`
-		route_IP="$2"
-
-		#
-		# Next, add those from /etc/defaultrouter.  While doing this,
-		# if one of the routes we add is for the route previously
-		# added as a result of the BOOTPARAMS response, we will see
-		# a message of the form:
-		#	"add net default: gateway a.b.c.d: entry exists"
-		#
-		do_delete=yes
-		for router in $defrouters; do
-			set -- `/usr/sbin/route -n add default -gateway $router`
-			[ $? -ne 0 -a "x$5" = "x$route_IP:" ] && do_delete=no
-		done
-
-		#
-		# Finally, delete the original default route unless it was
-		# also listed in the defaultrouter file.
-		#
-		if [ -n "$route_IP" -a $do_delete = yes ]; then
-			/usr/sbin/route -n delete default -gateway $route_IP \
-			    >/dev/null
-		fi
-	else
-		/usr/sbin/route -fn > /dev/null
-	fi
-else
-	defrouters=
-fi
-
-#
-# Use routeadm(1M) to configure forwarding and launch routing daemons for
-# IPv4 and IPv6 based on preset values.  These settings only apply to the
-# global zone.  For IPv4 dynamic routing, the system will default to
-# disabled if a default route was previously added via BOOTP, DHCP, or
-# the /etc/defaultrouter file.  routeadm also starts in.ndpd.
-#
-if [ ! -f /etc/.dynamic_routing ] && [ -z "$defrouters" ]; then
-	#
-	# No default routes were setup by "route" command above.
-	# Check the kernel routing table for any other default
-	# routes.
-	#
-	/usr/bin/netstat -rn -f inet | \
-	    /usr/bin/grep default >/dev/null 2>&1 && defrouters=yes
-fi
-[ -f /etc/.dynamic_routing ] && /usr/bin/rm -f /etc/.dynamic_routing
-if [ -z "$defrouters" ]; then
-	routeadmstr="-e ipv4-routing"
-else
-	routeadmstr="-d ipv4-routing"
-fi
-#
-# The -b option used here tells routeadm that the ipv4-routing
-# option in $routeadmstr is the boot-time default.  The
-# boot-time default is used if the administrator has not
-# explicitly enabled or disabled ipv4-routing using the -e or
-# -d routeadm option.
-#
-/usr/sbin/routeadm -u -b $routeadmstr
-
-#
 # In spite of global policy, there may be a need for IPsec because of
 # per-socket policy or tunnelled policy.  With that in mind, check for manual
 # keys in /etc/inet/secret/ipseckeys, or check for IKE configuration in
@@ -338,31 +190,5 @@ if [ -n "$interface_names" ]; then
 	)
 fi
 
-#
-# Set 6to4 Relay Router communication support policy and, if applicable,
-# the destination Relay Router IPv4 address.  See /etc/default/inetinit for
-# setting and further info on ACCEPT6TO4RELAY and RELAY6TO4ADDR.
-# If ACCEPT6TO4RELAY=NO, the default value in the kernel will
-# be used.
-#
-ACCEPT6TO4RELAY=`echo "$ACCEPT6TO4RELAY" | /usr/bin/tr '[A-Z]' '[a-z]'`
-if [ "$ACCEPT6TO4RELAY" = yes ]; then
-        if [ "$RELAY6TO4ADDR" ]; then
-                /usr/sbin/6to4relay -e -a $RELAY6TO4ADDR
-        else
-                /usr/sbin/6to4relay -e
-        fi
-fi
-
-#
-# Read /etc/inet/static_routes and add each route.
-#
-if [ -f /etc/inet/static_routes ]; then
-	echo "Adding persistent routes:"
-	/usr/bin/egrep -v "^(#|$)" /etc/inet/static_routes | while read line; do
-		/usr/sbin/route add $line
-	done
-fi
-
 # Clear exit status.
 exit $SMF_EXIT_OK
diff --git a/usr/src/cmd/svc/milestone/net-loopback b/usr/src/cmd/svc/milestone/net-loopback
index 6275b8ebdf..9a23eb27b6 100644
--- a/usr/src/cmd/svc/milestone/net-loopback
+++ b/usr/src/cmd/svc/milestone/net-loopback
@@ -47,14 +47,12 @@ SUNW_NO_MPATHD=; export SUNW_NO_MPATHD
 # default IP forwarding behavior.  This will be the setting for
 # interfaces that don't modify the per-interface setting with the
 # router or -router ifconfig command in their /etc/hostname.<intf>
-# files.  The -F option tells routeadm to only update the forwarding
-# configuration for the system, and not dynamic routing.  We don't
-# want routing daemons started until later in the boot process (see
-# the net-init method for that).
+# files.  Due to their dependency on this service, the IP forwarding services
+# will run at this point (though routing daemons will not run until later
+# in the boot process) and set forwarding flags.
 #
-/sbin/routeadm -u -F
 
-# IPv4 loopback
+# ipV4 loopback
 /sbin/ifconfig lo0 plumb 127.0.0.1 up
 
 # Configure the v6 loopback if any IPv6 interfaces are configured.
diff --git a/usr/src/cmd/svc/milestone/net-routing-setup b/usr/src/cmd/svc/milestone/net-routing-setup
new file mode 100644
index 0000000000..9b1987fe05
--- /dev/null
+++ b/usr/src/cmd/svc/milestone/net-routing-setup
@@ -0,0 +1,237 @@
+#!/sbin/sh
+#
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License (the "License").
+# You may not use this file except in compliance with the License.
+#
+# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+# or http://www.opensolaris.org/os/licensing.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+# If applicable, add the following below this CDDL HEADER, with the
+# fields enclosed by brackets "[]" replaced with your own identifying
+# information: Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+#
+# Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
+# Use is subject to license terms.
+#
+# ident	"%Z%%M%	%I%	%E% SMI"
+
+# This script configures IP routing.
+
+. /lib/svc/share/smf_include.sh
+
+#
+# In a zone we need this service to be up, but all of the work
+# it tries to do is irrelevant (and will actually lead to the service 
+# failing if we try to do it), so just bail out. 
+#
+smf_is_globalzone || exit $SMF_EXIT_OK
+
+#
+# If routing.conf file is in place, and has not already been read in
+# by previous invokation of routeadm, we run routeadm -u here to get
+# and apply legacy configuration.  We also run "routeadm -u" when
+# a /var/svc/profile/upgrade file is found, as it may contain routeadm commands
+# which need to be applied. It would be nice if we could do this in
+# network/loopback, but since the SMF backend is read-only at that
+# point in boot, we cannot.
+#
+
+upgrade_routing_conf=""
+routing_conf_read=`/usr/bin/svcprop -p routeadm/routing-conf-read $SMF_FMRI`
+if [ -f /etc/inet/routing.conf -a "$routing_conf_read" = "false" ]; then
+        upgrade_routing_conf="true"
+fi
+if [ "$upgrade_routing_conf" = "true" -o -f /var/svc/profile/upgrade ]; then
+        /sbin/routeadm -u
+fi
+
+#
+# Are we routing dynamically? routeadm(1M) reports this in the
+# "current" values of ipv4/6-routing - if either are true, we are running
+# routing daemons (or at least they are enabled to run).
+#
+dynamic_routing_test=`/sbin/routeadm -p | \
+nawk '/^ipv[46]-routing [.]*/ { print $2 }'  | /usr/bin/grep "current=enabled"`
+if [ -n "$dynamic_routing_test" ]; then
+	dynamic_routing="true"
+fi
+
+/usr/sbin/ifconfig -a6u >/etc/svc/volatile/ifconfig.$$
+numv6ifs=`/usr/bin/grep -c inet6 /etc/svc/volatile/ifconfig.$$`
+if  [ $numv6ifs -gt 1 ]; then
+	#
+	# Add a static route for multicast packets out of a link-local
+	# interface, although would like to specify multicast interface using
+	# an interface name!
+	#
+	set -- `/usr/bin/awk '
+		/inet6 fe80:/ {
+			print substr($2, 1, index($2, "/") - 1)
+		}' /etc/svc/volatile/ifconfig.$$`
+
+	if [ -n "$1" ]; then
+		echo "Setting default IPv6 interface for multicast:" \
+			"add net ff00::/8: gateway $1"
+		/usr/sbin/route -n add -interface -inet6 "ff00::/8" "$1" \
+			>/dev/null
+	fi
+fi
+/usr/bin/rm -f /etc/svc/volatile/ifconfig.$$
+
+#
+# Configure default IPv4 routers using the local "/etc/defaultrouter"
+# configuration file.  The file can contain the hostnames or IP
+# addresses of one or more default routers.  If hostnames are used,
+# each hostname must also be listed in the local "/etc/hosts" file
+# because NIS and NIS+ are not running at the time that this script is
+# run.  Each router name or address is listed on a single line by
+# itself in the file.  Anything else on that line after the router's
+# name or address is ignored.  Lines that begin with "#" are
+# considered comments and ignored.
+#
+# The default routes listed in the "/etc/defaultrouter" file will
+# replace those added by the kernel during diskless booting.  An
+# empty "/etc/defaultrouter" file will cause the default route
+# added by the kernel to be deleted.
+#
+# Note that the default router file is ignored if we received routes
+# from a DHCP server.  Our policy is to always trust DHCP over local
+# administration.
+#
+smf_netstrategy
+
+if [ "$_INIT_NET_STRATEGY" = "dhcp" ] && \
+    [ -n "`/sbin/dhcpinfo Router`" ]; then
+	defrouters=`/sbin/dhcpinfo Router`
+elif [ -f /etc/defaultrouter ]; then
+	defrouters=`/usr/bin/grep -v \^\# /etc/defaultrouter | \
+	    /usr/bin/awk '{print $1}'`
+	if [ -n "$defrouters" ]; then
+		#
+		# We want the default router(s) listed in
+		# /etc/defaultrouter to replace the one added from the
+		# BOOTPARAMS WHOAMI response but we must avoid flushing
+		# the last route between the running system and its
+		# /usr file system.
+		#
+
+		# First, remember the original route.
+		shift $#
+		set -- `/usr/bin/netstat -rn -f inet | \
+		    /usr/bin/grep '^default'`
+		route_IP="$2"
+
+		#
+		# Next, add those from /etc/defaultrouter.  While doing
+		# this, if one of the routes we add is for the route
+		# previously added as a result of the BOOTPARAMS
+		# response, we will see a message of the form:
+		#       "add net default: gateway a.b.c.d: entry exists"
+		#
+		do_delete=yes
+		for router in $defrouters; do
+			set -- `/usr/sbin/route -n add default \
+			    -gateway $router`
+			[ $? -ne 0 -a "x$5" = "x$route_IP:" ] \
+			    && do_delete=no
+		done
+
+		#
+		# Finally, delete the original default route unless it
+		# was also listed in the defaultrouter file.
+		#
+		if [ -n "$route_IP" -a $do_delete = yes ]; then
+			/usr/sbin/route -n delete default \
+			    -gateway $route_IP >/dev/null
+		fi
+	else
+		/usr/sbin/route -fn > /dev/null
+	fi
+else
+	defrouters=
+fi
+
+#
+# Use routeadm(1M) to configure forwarding and launch routing daemons
+# for IPv4 and IPv6 based on preset values.  These settings only apply
+# to the global zone.  For IPv4 dynamic routing, the system will default
+# to disabled if a default route was previously added via BOOTP, DHCP,
+# or the /etc/defaultrouter file.  routeadm also starts in.ndpd.
+#
+if [ "$dynamic_routing" != "true"  ] && [ -z "$defrouters" ]; then
+	#
+	# No default routes were setup by "route" command above.
+	# Check the kernel routing table for any other default
+	# routes.
+	#
+	/usr/bin/netstat -rn -f inet | \
+	    /usr/bin/grep default >/dev/null 2>&1 && defrouters=yes
+fi
+
+#
+# The routeadm/ipv4-routing-set property is true if the administrator
+# has run "routeadm -e/-d ipv4-routing".  If not, we revert to the
+# appropriate defaults.  We no longer run "routeadm -u" on every boot
+# however, as persistent daemon state is now controlled by SMF.
+#
+ipv4_routing_set=`/usr/bin/svcprop -p routeadm/ipv4-routing-set $SMF_FMRI`
+if [ -z "$defrouters" ]; then
+	#
+	# Set default value for ipv4-routing to enabled.  If routeadm -e/-d
+	# has not yet been run by the administrator, we apply this default.
+	#
+	/usr/sbin/svccfg -s $SMF_FMRI \
+	    setprop routeadm/default-ipv4-routing = true
+	if [ "$ipv4_routing_set" = "false" ]; then
+		/sbin/routeadm -e ipv4-routing -u
+	fi
+else
+	#
+	# Default router(s) have been found,  so ipv4-routing default value
+	# should be disabled.  If routaedm -e/d has not yet been run by
+	# the administrator, we apply this default.
+	/usr/sbin/svccfg -s $SMF_FMRI \
+	    setprop routeadm/default-ipv4-routing = false
+	if [ "$ipv4_routing_set" = "false" ]; then
+		/sbin/routeadm -d ipv4-routing -u
+	fi
+fi
+
+#
+# Set 6to4 Relay Router communication support policy and, if applicable,
+# the destination Relay Router IPv4 address.  See /etc/default/inetinit for
+# setting and further info on ACCEPT6TO4RELAY and RELAY6TO4ADDR.
+# If ACCEPT6TO4RELAY=NO, the default value in the kernel will
+# be used.
+#
+ACCEPT6TO4RELAY=`echo "$ACCEPT6TO4RELAY" | /usr/bin/tr '[A-Z]' '[a-z]'`
+if [ "$ACCEPT6TO4RELAY" = yes ]; then
+	if [ "$RELAY6TO4ADDR" ]; then
+		/usr/sbin/6to4relay -e -a $RELAY6TO4ADDR
+	else
+		/usr/sbin/6to4relay -e
+	fi
+fi
+
+#
+# Read /etc/inet/static_routes and add each route.
+#
+if [ -f /etc/inet/static_routes ]; then
+	echo "Adding persistent routes:"
+	/usr/bin/egrep -v "^(#|$)" /etc/inet/static_routes | while read line; do
+		/usr/sbin/route add $line
+	done
+fi
+
+# Clear exit status.
+exit $SMF_EXIT_OK
diff --git a/usr/src/cmd/svc/milestone/network-initial.xml b/usr/src/cmd/svc/milestone/network-initial.xml
index 5f106155f3..52c2c3cde3 100644
--- a/usr/src/cmd/svc/milestone/network-initial.xml
+++ b/usr/src/cmd/svc/milestone/network-initial.xml
@@ -1,15 +1,14 @@
 <?xml version="1.0"?>
 <!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
 <!--
- Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
+ Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
  Use is subject to license terms.
 
  CDDL HEADER START
 
  The contents of this file are subject to the terms of the
- Common Development and Distribution License, Version 1.0 only
- (the "License").  You may not use this file except in compliance
- with the License.
+ Common Development and Distribution License (the "License").
+ You may not use this file except in compliance with the License.
 
  You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
  or http://www.opensolaris.org/os/licensing.
@@ -57,19 +56,6 @@
 		<service_fmri value='svc:/system/filesystem/usr' />
 	</dependency>
 
-	<!--
-		This dependency was added to make sure soconfig runs in
-		devices-local method, before routeadm invocation in net-init.
-		This is because routeadm commands depend on sockets.
-	-->
-	<dependency
-		name='devices'
-		grouping='require_all'
-		restart_on='none'
-		type='service'>
-		<service_fmri value='svc:/milestone/devices' />
-	</dependency>
-
 	<dependency
 		name='cryptoframework'
 		grouping='optional_all'
@@ -81,13 +67,13 @@
 	<exec_method
 		type='method'
 		name='start'
-		exec='/lib/svc/method/net-init start'
+		exec='/lib/svc/method/net-init'
 		timeout_seconds='600' />
 
 	<exec_method
 		type='method'
 		name='stop'
-		exec='/lib/svc/method/net-init stop'
+		exec=':true'
 		timeout_seconds='3' />
 
 	<property_group name='startd' type='framework'>
@@ -105,8 +91,7 @@ initial network services
 		<description>
 			<loctext xml:lang='C'>
 				Initial network services includes
-				configuring IP routing and setting any
-				tunable parameters.
+				setting any tunable parameters.
 			</loctext>
 		</description>
 		<documentation>
diff --git a/usr/src/cmd/svc/milestone/network-physical.xml b/usr/src/cmd/svc/milestone/network-physical.xml
index e0a8eda24b..c491b04420 100644
--- a/usr/src/cmd/svc/milestone/network-physical.xml
+++ b/usr/src/cmd/svc/milestone/network-physical.xml
@@ -1,15 +1,14 @@
 <?xml version="1.0"?>
 <!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
 <!--
- Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
+ Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
  Use is subject to license terms.
 
  CDDL HEADER START
 
  The contents of this file are subject to the terms of the
- Common Development and Distribution License, Version 1.0 only
- (the "License").  You may not use this file except in compliance
- with the License.
+ Common Development and Distribution License (the "License").
+ You may not use this file except in compliance with the License.
 
  You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
  or http://www.opensolaris.org/os/licensing.
@@ -39,6 +38,15 @@
 	type='service'
 	version='1'>
 
+	<!-- ifconfig needs loopback for IPC with dhcpagent -->
+	<dependency
+		name='loopback'
+		grouping='require_all'
+		restart_on='none'
+		type='service'>
+		<service_fmri value='svc:/network/loopback' />
+	</dependency>
+
 	<instance name='default' enabled='true'>
 
 	<exec_method
diff --git a/usr/src/cmd/svc/milestone/network-routing-setup.xml b/usr/src/cmd/svc/milestone/network-routing-setup.xml
new file mode 100644
index 0000000000..daba3ca9b9
--- /dev/null
+++ b/usr/src/cmd/svc/milestone/network-routing-setup.xml
@@ -0,0 +1,136 @@
+<?xml version="1.0"?>
+<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
+<!--
+ Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
+ Use is subject to license terms.
+
+ CDDL HEADER START
+
+ The contents of this file are subject to the terms of the
+ Common Development and Distribution License (the "License").
+ You may not use this file except in compliance with the License.
+
+ You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+ or http://www.opensolaris.org/os/licensing.
+ See the License for the specific language governing permissions
+ and limitations under the License.
+
+ When distributing Covered Code, include this CDDL HEADER in each
+ file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+ If applicable, add the following below this CDDL HEADER, with the
+ fields enclosed by brackets "[]" replaced with your own identifying
+ information: Portions Copyright [yyyy] [name of copyright owner]
+
+ CDDL HEADER END
+
+        ident	"%Z%%M%	%I%	%E% SMI"
+
+	NOTE:  This service manifest is not editable; its contents will
+	be overwritten by package or patch operations, including
+	operating system upgrade.  Make customizations in a different
+	file.
+-->
+
+<service_bundle type='manifest' name='SUNWcsr:routing-setup'>
+
+<service
+	name='network/routing-setup'
+	type='service'
+	version='1'>
+
+	<!-- loopback/physical network configuration is required -->
+	<dependency
+		name='network'
+		grouping='optional_all'
+		restart_on='none'
+		type='service'>
+		<service_fmri value='svc:/milestone/network' />
+	</dependency>
+
+	<!-- usr filesystem required to run routing-related commands -->
+	<dependency
+		name='filesystem'
+		grouping='require_all'
+		restart_on='none'
+		type='service'>
+		<service_fmri value='svc:/system/filesystem/usr' />
+	</dependency>
+
+	<!--
+		This dependency was added to make sure soconfig runs in
+		devices-local method, before routeadm invocation in
+		network/routing-setup.  This is because routeadm commands
+		depend on sockets.
+	-->
+	<dependency
+		name='devices'
+		grouping='require_all'
+		restart_on='none'
+		type='service'>
+		<service_fmri value='svc:/milestone/devices' />
+	</dependency>
+
+	<exec_method
+		type='method'
+		name='start'
+		exec='/lib/svc/method/net-routing-setup'
+		timeout_seconds='600'>
+	</exec_method>
+
+	<exec_method
+		type='method'
+		name='stop'
+		exec=':true'
+		timeout_seconds='3'>
+	</exec_method>
+
+	<property_group name='startd' type='framework'>
+		<propval name='duration' type='astring' value='transient' />
+	</property_group>
+
+	<instance name='default' enabled='true' >
+
+	<!-- Properties in this group are used by routeadm (1M) -->
+	<property_group name='routeadm' type='framework'>
+		<stability value='Evolving' />
+		<!-- set if routeadm -e/d ipv4-routing is explicitly invoked -->
+		<propval name='ipv4-routing-set' type='boolean'
+			value='false' />
+		<!-- set if routeadm -e/d ipv6-routing is explicitly invoked -->
+		<propval name='ipv6-routing-set' type='boolean'
+			value='false' />
+		<!-- set if legacy routing.conf configuration has been read -->
+		<propval name='routing-conf-read' type='boolean'
+			value='false' />
+		<!-- default for ipv4-routing to revert to via routeadm -r -->
+		<propval name='default-ipv4-routing' type='boolean'
+		    value='false' />
+		<propval name='default-ipv6-routing' type='boolean'
+			value='false' />
+		<!-- routing-svcs values, current and default -->
+		<propval name='routing-svcs' type='astring'
+		    value='route:default ripng:default' />
+		<propval name='default-routing-svcs' type='astring'
+		    value='route:default ripng:default' />
+		<propval name='value_authorization' type='astring'
+			value='solaris.smf.value.routing' />
+	</property_group>
+
+	</instance>
+
+	<stability value='Unstable' />
+
+	<template>
+		<common_name>
+			<loctext xml:lang='C'>
+				Initial routing-related configuration.
+			</loctext>
+		</common_name>
+		<documentation>
+			<manpage title='routeadm' section='1M'
+				manpath='/usr/share/man' />
+		</documentation>
+	</template>
+</service>
+
+</service_bundle>
diff --git a/usr/src/cmd/svc/shell/routing_include.sh b/usr/src/cmd/svc/shell/routing_include.sh
new file mode 100644
index 0000000000..bccba88d11
--- /dev/null
+++ b/usr/src/cmd/svc/shell/routing_include.sh
@@ -0,0 +1,287 @@
+#!/bin/sh
+#
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License (the "License").
+# You may not use this file except in compliance with the License.
+#
+# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+# or http://www.opensolaris.org/os/licensing.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+# If applicable, add the following below this CDDL HEADER, with the
+# fields enclosed by brackets "[]" replaced with your own identifying
+# information: Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+#
+# Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
+# Use is subject to license terms.
+#
+# ident	"%Z%%M%	%I%	%E% SMI"
+
+#
+# These functions are used to help map daemon arguments to appropriate
+# routing properties and back, allowing legacy specifications of daemon
+# arguments to be reflected in SMF property values for daemon services.
+#
+
+#
+# set_routeadm_property inst_fmri propname propvalue
+#
+# Functions sets appropriate property value in routeadm property group
+# (via routeadm -m) for inst_fmri to propvalue.
+#
+set_routeadm_property()
+{
+	/sbin/routeadm -m $1 ${2}="${3}"
+}
+
+#
+# The functions below are used to map from daemon arguments to appropriate
+# routeadm properties (properties that the service user can manipulate
+# to control daemon functionality. getopts is used extensively to
+# retrieve options/values from argument list, and these option values
+# are used to set properties appropriately.
+#
+
+#
+# set_daemon_value_property inst_fmri optstring options option prop
+#	default_value
+#
+# Function looks for option/value in argument string, and sets associated
+# property if found. If a default is specified, and the option is not
+# in the argument string, it will be used.
+#
+set_daemon_value_property()
+{
+	OPTIND=1
+	value_set=""
+	while getopts $3 opt $2; do
+		case $opt in
+			"$4" )	set_routeadm_property $1 $5 $OPTARG
+				value_set="true"
+				;;
+			? )
+		esac
+	done
+	# No value set - use default if specified.
+	if [ -z "$value_set" -a -n "$6" ]; then
+		set_routeadm_property $1 $5 $6
+	fi
+}
+
+#
+# set_daemon_ordered_multivalue_property inst_fmri optstring options option prop
+#       default_value
+#
+# Function looks for option/values in argument string, and sets associated
+# property if found. If a default is specified, and the option is not
+# in the argument string, it will be used.  Use ";" as delimiter for
+# multiple values.
+#
+set_daemon_ordered_multivalue_property()
+{
+	OPTIND=1
+	value_set=""
+	while getopts $3 opt $2; do
+		case $opt in
+			"$4" )  if [ -z "$value_set" ]; then
+					value_set="${OPTARG}"
+				else
+					value_set="$value_set;${OPTARG}"
+				fi
+                                ;;
+			? )
+		esac
+	done
+	if [ -n "$value_set" ]; then
+		set_routeadm_property $1 $5 "$value_set"
+	fi
+	# No value set - use default if specified.
+	if [ -z "$value_set" -a -n "$6" ]; then
+		set_routeadm_property $1 $5 $6
+	fi
+}
+
+#
+# set_daemon_boolean_property inst_fmri optstring options option
+#       prop value_if_found default
+#
+# Function looks for option in argument string, and sets associated
+# property, if found, to value_if_found. If a default is specified, and
+# the option is not found, it will be used.
+#
+set_daemon_boolean_property()
+{
+	OPTIND=1
+	value_set=""
+	while getopts $3 opt $2; do
+		case $opt in
+			"$4" )	set_routeadm_property $1 $5 $6
+				value_set="true"
+				;;
+			? )
+		esac
+	done
+	# No value set - use default if specified.
+	if [ -z "$value_set" -a -n "$7" ]; then
+		set_routeadm_property $1 $5 $7
+	fi
+}
+
+#
+# set_daemon_nonoption_properties inst_fmri optstring options propnames
+#       default
+#
+# Function looks past option list for addition values, and sets properties
+# specified in propnames to additional positional values. If no value
+# is found for additional property, default is used.
+#
+set_daemon_nonoption_properties()
+{
+	OPTIND=1
+	# Skip options
+	while getopts $3 opt $2; do
+		case $opt in
+			? )
+		esac
+	done
+	pos=$OPTIND
+	for prop in $4
+	do
+		val=`/usr/bin/echo $2 | /usr/bin/nawk -v POS=$pos \
+		    '{ print $POS }'`
+		if [ -z "$val" ]; then
+			val="$5"
+		fi
+		set_routeadm_property $1 $prop $val
+		pos=`expr $pos + 1`
+	done
+}
+
+#
+# get_daemon_args $inst_fmri
+#
+# Retrieves routeadm/daemon-args property values, if any.  Removes
+# quotes around values including spaces.
+#
+get_daemon_args()
+{
+	args=`/usr/sbin/svccfg -s $1 listprop routeadm/daemon-args | \
+	    /usr/bin/nawk '{ for (i = 3; i <= NF; i++) printf "%s ", $i }' | \
+	    /usr/bin/nawk '{sub(/^\"/, ""); sub(/\"[ \t]*$/,""); print}'`
+	echo "$args"
+}
+
+#
+# clear_daemon_args $inst_fmri
+#
+# Blanks routeadm/daemon-args property used in upgrade.
+#
+clear_daemon_args()
+{
+	/usr/sbin/svccfg -s $1 delprop routeadm/daemon-args 2>/dev/null
+}
+
+#
+# The functions below are used to map back from property settings to
+# commandline arguments to launch daemons.
+#
+
+get_routeadm_property()
+{
+	propval=`/sbin/routeadm -l $1 | /usr/bin/nawk -v PROP=$2 \
+	    '($1 == PROP) { for (i = 3; i < NF; i++) printf $i" "; \
+	    if (NF >= 3) {printf $NF}}'`
+	echo "$propval"	
+}
+
+#
+# get_daemon_option_from_boolean_property inst_fmri prop option value_set
+#
+# Returns appropriate daemon option for boolean property prop - if current
+# value matches value_set.
+#
+get_daemon_option_from_boolean_property()
+{
+	propval=`get_routeadm_property $1 $2`
+	if [ "$propval" = "$4" ]; then
+		echo "${3}"
+	fi
+}
+
+#
+# get_daemon_option_from_property inst_fmri prop option ignore_value
+#
+# Returns appropriate daemon option and associated value (unless value
+# matches ignore_value, in which case nothing is returned).
+#
+get_daemon_option_from_property()
+{
+	propval=`get_routeadm_property $1 $2`
+	if [ "$propval" != "$4" ]; then
+		echo "-${3} \"$propval\""
+	fi
+}
+
+#
+# get_daemon_ordered_multivalue_option_from_property_quoted inst_fmri prop
+# option
+#
+# Returns appropriate daemon option and associated values. Values are
+# quoted, i.e. -A "value1 has spaces" -A "value2 has spaces"
+#
+get_daemon_ordered_multivalue_option_from_property_quoted()
+{
+	# get property values, removing trailing delimiter.
+	propvals=`get_routeadm_property $1 $2 | \
+	    /usr/bin/nawk '{sub(/;[ \t]*$/, ""); print }'`
+	# Substitute switch for internal delimiters, quoting values.
+	fixed_propvals=`/usr/bin/echo $propvals | \
+	    /usr/bin/nawk -v SWITCH="\" -${3} \"" \
+	    '{sub(/;/, SWITCH); print }'`
+	if [ -n "$fixed_propvals" ]; then
+		echo "-${3} \"$fixed_propvals\""
+	fi
+}
+
+#
+# get_daemon_ordered_multivalue_option_from_property inst_fmri prop
+# option
+#
+# Returns appropriate daemon option and associated values. Values are
+# unquoted, i.e. -A value1 -A value2
+#
+get_daemon_ordered_multivalue_option_from_property()
+{
+	# get property values, removing trailing delimiter.
+	propvals=`get_routeadm_property $1 $2 | \
+	    /usr/bin/nawk '{sub(/;[ \t]*$/, ""); print }'`
+	# Substitute switch for internal delimiters.
+	fixed_propvals=`/usr/bin/echo $propvals | \
+	    /usr/bin/nawk -v SWITCH=" -${3} " \
+	    '{sub(/;/, SWITCH); print }'`
+	if [ -n "$fixed_propvals" ]; then
+		echo "-${3} $fixed_propvals"
+	fi
+}
+
+#
+# get_nonoption_property inst_fmri prop ignore_value
+#
+# Returns appropriate non-option property (at end of option list), unless
+# value matches ignore value, in which case nothing is returned.
+#
+get_daemon_nonoption_property()
+{
+	propval=`get_routeadm_property $1 $2`
+	if [ -n "$propval" -a "$propval" != "$3" ]; then
+		echo "$propval"
+	fi
+}