mirror of
https://github.com/systemd/systemd-stable.git
synced 2024-12-22 13:33:56 +03:00
networkd: Static neighbor support
When using networkd we currently have no way of ensuring that static neighbor entries are set when our link comes up. This change adds a new section to the network definition that allows multiple static neighbors to be set on a link.
This commit is contained in:
parent
289e6774d0
commit
e4a71bf36f
@ -907,6 +907,31 @@
|
||||
</variablelist>
|
||||
</refsect1>
|
||||
|
||||
<refsect1>
|
||||
<title>[Neighbor] Section Options</title>
|
||||
<para>A <literal>[Neighbor]</literal> section accepts the
|
||||
following keys. The neighbor section adds a permanent, static
|
||||
entry to the neighbor table (IPv6) or ARP table (IPv4) for
|
||||
the given hardware address on the links matched for the network.
|
||||
Specify several <literal>[Neighbor]</literal> sections to configure
|
||||
several static neighbors.</para>
|
||||
|
||||
<variablelist class='network-directives'>
|
||||
<varlistentry>
|
||||
<term><varname>Address=</varname></term>
|
||||
<listitem>
|
||||
<para>The IP address of the neighbor.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
<varlistentry>
|
||||
<term><varname>MACAddress=</varname></term>
|
||||
<listitem>
|
||||
<para>The hardware address of the neighbor.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
</variablelist>
|
||||
</refsect1>
|
||||
|
||||
<refsect1>
|
||||
<title>[IPv6AddressLabel] Section Options</title>
|
||||
|
||||
|
@ -64,6 +64,8 @@ sources = files('''
|
||||
networkd-manager.h
|
||||
networkd-ndisc.c
|
||||
networkd-ndisc.h
|
||||
networkd-neighbor.c
|
||||
networkd-neighbor.h
|
||||
networkd-radv.c
|
||||
networkd-radv.h
|
||||
networkd-network-bus.c
|
||||
|
@ -20,6 +20,7 @@
|
||||
#include "networkd-lldp-tx.h"
|
||||
#include "networkd-manager.h"
|
||||
#include "networkd-ndisc.h"
|
||||
#include "networkd-neighbor.h"
|
||||
#include "networkd-radv.h"
|
||||
#include "networkd-routing-policy-rule.h"
|
||||
#include "set.h"
|
||||
@ -744,6 +745,9 @@ void link_check_ready(Link *link) {
|
||||
if (!link->addresses_configured)
|
||||
return;
|
||||
|
||||
if (!link->neighbors_configured)
|
||||
return;
|
||||
|
||||
if (!link->static_routes_configured)
|
||||
return;
|
||||
|
||||
@ -890,6 +894,34 @@ static int link_request_set_routes(Link *link) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int link_request_set_neighbors(Link *link) {
|
||||
Neighbor *neighbor;
|
||||
int r;
|
||||
|
||||
assert(link);
|
||||
assert(link->network);
|
||||
assert(link->state != _LINK_STATE_INVALID);
|
||||
|
||||
link_set_state(link, LINK_STATE_CONFIGURING);
|
||||
|
||||
LIST_FOREACH(neighbors, neighbor, link->network->neighbors) {
|
||||
r = neighbor_configure(neighbor, link, NULL);
|
||||
if (r < 0) {
|
||||
log_link_warning_errno(link, r, "Could not set neighbor: %m");
|
||||
link_enter_failed(link);
|
||||
return r;
|
||||
}
|
||||
}
|
||||
|
||||
if (link->neighbor_messages == 0) {
|
||||
link->neighbors_configured = true;
|
||||
link_check_ready(link);
|
||||
} else
|
||||
log_link_debug(link, "Setting neighbors");
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int address_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) {
|
||||
int r;
|
||||
|
||||
@ -1047,6 +1079,8 @@ static int link_request_set_addresses(Link *link) {
|
||||
|
||||
link_set_state(link, LINK_STATE_CONFIGURING);
|
||||
|
||||
link_request_set_neighbors(link);
|
||||
|
||||
LIST_FOREACH(addresses, ad, link->network->static_addresses) {
|
||||
r = address_configure(ad, link, address_handler, false);
|
||||
if (r < 0) {
|
||||
|
@ -70,6 +70,7 @@ typedef struct Link {
|
||||
|
||||
unsigned address_messages;
|
||||
unsigned address_label_messages;
|
||||
unsigned neighbor_messages;
|
||||
unsigned route_messages;
|
||||
unsigned routing_policy_rule_messages;
|
||||
unsigned routing_policy_rule_remove_messages;
|
||||
@ -97,6 +98,8 @@ typedef struct Link {
|
||||
bool ipv4ll_address:1;
|
||||
bool ipv4ll_route:1;
|
||||
|
||||
bool neighbors_configured;
|
||||
|
||||
bool static_routes_configured;
|
||||
bool routing_policy_rules_configured;
|
||||
bool setting_mtu;
|
||||
|
237
src/network/networkd-neighbor.c
Normal file
237
src/network/networkd-neighbor.c
Normal file
@ -0,0 +1,237 @@
|
||||
/* SPDX-License-Identifier: LGPL-2.1+ */
|
||||
|
||||
#include "sd-netlink.h"
|
||||
|
||||
#include "alloc-util.h"
|
||||
#include "conf-parser.h"
|
||||
#include "ether-addr-util.h"
|
||||
#include "hashmap.h"
|
||||
#include "in-addr-util.h"
|
||||
#include "netlink-util.h"
|
||||
#include "networkd-link.h"
|
||||
#include "networkd-manager.h"
|
||||
#include "networkd-neighbor.h"
|
||||
|
||||
void neighbor_free(Neighbor *neighbor) {
|
||||
if (!neighbor)
|
||||
return;
|
||||
|
||||
if (neighbor->network) {
|
||||
LIST_REMOVE(neighbors, neighbor->network->neighbors, neighbor);
|
||||
assert(neighbor->network->n_neighbors > 0);
|
||||
neighbor->network->n_neighbors--;
|
||||
|
||||
if (neighbor->section) {
|
||||
hashmap_remove(neighbor->network->neighbors_by_section, neighbor->section);
|
||||
network_config_section_free(neighbor->section);
|
||||
}
|
||||
}
|
||||
|
||||
free(neighbor);
|
||||
}
|
||||
|
||||
static int neighbor_new_static(Network *network, const char *filename, unsigned section_line, Neighbor **ret) {
|
||||
_cleanup_(network_config_section_freep) NetworkConfigSection *n = NULL;
|
||||
_cleanup_(neighbor_freep) Neighbor *neighbor = NULL;
|
||||
int r;
|
||||
|
||||
assert(network);
|
||||
assert(ret);
|
||||
assert(!!filename == (section_line > 0));
|
||||
|
||||
if (filename) {
|
||||
r = network_config_section_new(filename, section_line, &n);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
neighbor = hashmap_get(network->neighbors_by_section, n);
|
||||
if (neighbor) {
|
||||
*ret = TAKE_PTR(neighbor);
|
||||
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
|
||||
neighbor = new(Neighbor, 1);
|
||||
if (!neighbor)
|
||||
return -ENOMEM;
|
||||
|
||||
*neighbor = (Neighbor) {
|
||||
.network = network,
|
||||
.family = AF_UNSPEC,
|
||||
};
|
||||
|
||||
LIST_APPEND(neighbors, network->neighbors, neighbor);
|
||||
network->n_neighbors++;
|
||||
|
||||
if (filename) {
|
||||
neighbor->section = TAKE_PTR(n);
|
||||
|
||||
r = hashmap_ensure_allocated(&network->neighbors_by_section, &network_config_hash_ops);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
r = hashmap_put(network->neighbors_by_section, neighbor->section, neighbor);
|
||||
if (r < 0)
|
||||
return r;
|
||||
}
|
||||
|
||||
*ret = TAKE_PTR(neighbor);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int neighbor_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) {
|
||||
int r;
|
||||
|
||||
assert(link);
|
||||
assert(link->neighbor_messages > 0);
|
||||
|
||||
link->neighbor_messages--;
|
||||
|
||||
if (IN_SET(link->state, LINK_STATE_FAILED, LINK_STATE_LINGER))
|
||||
return 1;
|
||||
|
||||
r = sd_netlink_message_get_errno(m);
|
||||
if (r < 0 && r != -EEXIST)
|
||||
log_link_warning_errno(link, r, "Could not set neighbor: %m");
|
||||
|
||||
if (link->neighbor_messages == 0) {
|
||||
log_link_debug(link, "Neighbors set");
|
||||
link->neighbors_configured = true;
|
||||
link_check_ready(link);
|
||||
}
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
int neighbor_configure(Neighbor *neighbor, Link *link, link_netlink_message_handler_t callback) {
|
||||
_cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL;
|
||||
int r;
|
||||
|
||||
assert(neighbor);
|
||||
assert(link);
|
||||
assert(link->ifindex > 0);
|
||||
assert(link->manager);
|
||||
assert(link->manager->rtnl);
|
||||
|
||||
if (neighbor->family == AF_UNSPEC)
|
||||
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Neighbor without Address= configured");
|
||||
if (!neighbor->mac_configured)
|
||||
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Neighbor without MACAddress= configured");
|
||||
|
||||
r = sd_rtnl_message_new_neigh(link->manager->rtnl, &req, RTM_NEWNEIGH,
|
||||
link->ifindex, neighbor->family);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Could not allocate RTM_NEWNEIGH message: %m");
|
||||
|
||||
r = sd_rtnl_message_neigh_set_state(req, NUD_PERMANENT);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Could not set state: %m");
|
||||
|
||||
r = sd_netlink_message_set_flags(req, NLM_F_REQUEST | NLM_F_CREATE | NLM_F_REPLACE);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Could not set flags: %m");
|
||||
|
||||
r = sd_netlink_message_append_ether_addr(req, NDA_LLADDR, &neighbor->mac);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Could not append NDA_LLADDR attribute: %m");
|
||||
|
||||
switch (neighbor->family) {
|
||||
case AF_INET6:
|
||||
r = sd_netlink_message_append_in6_addr(req, NDA_DST, &neighbor->in_addr.in6);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Could not append NDA_DST attribute: %m");
|
||||
break;
|
||||
case AF_INET:
|
||||
r = sd_netlink_message_append_in_addr(req, NDA_DST, &neighbor->in_addr.in);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Could not append NDA_DST attribute: %m");
|
||||
break;
|
||||
default:
|
||||
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Neighbor with invalid address family");
|
||||
}
|
||||
|
||||
r = netlink_call_async(link->manager->rtnl, NULL, req, callback ?: neighbor_handler,
|
||||
link_netlink_destroy_callback, link);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Could not send rtnetlink message: %m");
|
||||
|
||||
link->neighbor_messages++;
|
||||
link_ref(link);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int config_parse_neighbor_address(const char *unit,
|
||||
const char *filename,
|
||||
unsigned line,
|
||||
const char *section,
|
||||
unsigned section_line,
|
||||
const char *lvalue,
|
||||
int ltype,
|
||||
const char *rvalue,
|
||||
void *data,
|
||||
void *userdata) {
|
||||
|
||||
Network *network = userdata;
|
||||
_cleanup_(neighbor_freep) Neighbor *n = NULL;
|
||||
int r;
|
||||
|
||||
assert(filename);
|
||||
assert(section);
|
||||
assert(lvalue);
|
||||
assert(rvalue);
|
||||
assert(data);
|
||||
|
||||
r = neighbor_new_static(network, filename, section_line, &n);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
r = in_addr_from_string_auto(rvalue, &n->family, &n->in_addr);
|
||||
if (r < 0) {
|
||||
log_syntax(unit, LOG_ERR, filename, line, r, "Neighbor Address is invalid, ignoring assignment: %s", rvalue);
|
||||
return 0;
|
||||
}
|
||||
|
||||
TAKE_PTR(n);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int config_parse_neighbor_hwaddr(const char *unit,
|
||||
const char *filename,
|
||||
unsigned line,
|
||||
const char *section,
|
||||
unsigned section_line,
|
||||
const char *lvalue,
|
||||
int ltype,
|
||||
const char *rvalue,
|
||||
void *data,
|
||||
void *userdata) {
|
||||
|
||||
Network *network = userdata;
|
||||
_cleanup_(neighbor_freep) Neighbor *n = NULL;
|
||||
int r;
|
||||
|
||||
assert(filename);
|
||||
assert(section);
|
||||
assert(lvalue);
|
||||
assert(rvalue);
|
||||
assert(data);
|
||||
|
||||
r = neighbor_new_static(network, filename, section_line, &n);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
r = ether_addr_from_string(rvalue, &n->mac);
|
||||
if (r < 0) {
|
||||
log_syntax(unit, LOG_ERR, filename, line, r, "Neighbor MACAddress is invalid, ignoring assignment: %s", rvalue);
|
||||
return 0;
|
||||
}
|
||||
|
||||
n->mac_configured = true;
|
||||
TAKE_PTR(n);
|
||||
|
||||
return 0;
|
||||
}
|
37
src/network/networkd-neighbor.h
Normal file
37
src/network/networkd-neighbor.h
Normal file
@ -0,0 +1,37 @@
|
||||
/* SPDX-License-Identifier: LGPL-2.1+ */
|
||||
#pragma once
|
||||
|
||||
#include "sd-netlink.h"
|
||||
|
||||
#include "conf-parser.h"
|
||||
#include "ether-addr-util.h"
|
||||
#include "in-addr-util.h"
|
||||
#include "list.h"
|
||||
#include "macro.h"
|
||||
|
||||
typedef struct Neighbor Neighbor;
|
||||
|
||||
#include "networkd-link.h"
|
||||
#include "networkd-network.h"
|
||||
|
||||
struct Neighbor {
|
||||
Network *network;
|
||||
Link *link;
|
||||
NetworkConfigSection *section;
|
||||
|
||||
int family;
|
||||
union in_addr_union in_addr;
|
||||
bool mac_configured;
|
||||
struct ether_addr mac;
|
||||
|
||||
LIST_FIELDS(Neighbor, neighbors);
|
||||
};
|
||||
|
||||
void neighbor_free(Neighbor *neighbor);
|
||||
|
||||
DEFINE_TRIVIAL_CLEANUP_FUNC(Neighbor*, neighbor_free);
|
||||
|
||||
int neighbor_configure(Neighbor *neighbor, Link *link, link_netlink_message_handler_t callback);
|
||||
|
||||
CONFIG_PARSER_PROTOTYPE(config_parse_neighbor_address);
|
||||
CONFIG_PARSER_PROTOTYPE(config_parse_neighbor_hwaddr);
|
@ -93,6 +93,8 @@ Address.AutoJoin, config_parse_address_flags,
|
||||
Address.Scope, config_parse_address_scope, 0, 0
|
||||
IPv6AddressLabel.Prefix, config_parse_address_label_prefix, 0, 0
|
||||
IPv6AddressLabel.Label, config_parse_address_label, 0, 0
|
||||
Neighbor.Address, config_parse_neighbor_address, 0, 0
|
||||
Neighbor.MACAddress, config_parse_neighbor_hwaddr, 0, 0
|
||||
RoutingPolicyRule.TypeOfService, config_parse_routing_policy_rule_tos, 0, 0
|
||||
RoutingPolicyRule.Priority, config_parse_routing_policy_rule_priority, 0, 0
|
||||
RoutingPolicyRule.Table, config_parse_routing_policy_rule_table, 0, 0
|
||||
|
@ -210,6 +210,7 @@ int network_load_one(Manager *manager, const char *filename) {
|
||||
"Link\0"
|
||||
"Network\0"
|
||||
"Address\0"
|
||||
"Neighbor\0"
|
||||
"IPv6AddressLabel\0"
|
||||
"RoutingPolicyRule\0"
|
||||
"Route\0"
|
||||
@ -300,6 +301,7 @@ void network_free(Network *network) {
|
||||
IPv6ProxyNDPAddress *ipv6_proxy_ndp_address;
|
||||
RoutingPolicyRule *rule;
|
||||
FdbEntry *fdb_entry;
|
||||
Neighbor *neighbor;
|
||||
AddressLabel *label;
|
||||
Prefix *prefix;
|
||||
Address *address;
|
||||
@ -350,6 +352,9 @@ void network_free(Network *network) {
|
||||
while ((ipv6_proxy_ndp_address = network->ipv6_proxy_ndp_addresses))
|
||||
ipv6_proxy_ndp_address_free(ipv6_proxy_ndp_address);
|
||||
|
||||
while ((neighbor = network->neighbors))
|
||||
neighbor_free(neighbor);
|
||||
|
||||
while ((label = network->address_labels))
|
||||
address_label_free(label);
|
||||
|
||||
@ -362,6 +367,7 @@ void network_free(Network *network) {
|
||||
hashmap_free(network->addresses_by_section);
|
||||
hashmap_free(network->routes_by_section);
|
||||
hashmap_free(network->fdb_entries_by_section);
|
||||
hashmap_free(network->neighbors_by_section);
|
||||
hashmap_free(network->address_labels_by_section);
|
||||
hashmap_free(network->prefixes_by_section);
|
||||
hashmap_free(network->rules_by_section);
|
||||
|
@ -15,6 +15,7 @@
|
||||
#include "networkd-fdb.h"
|
||||
#include "networkd-ipv6-proxy-ndp.h"
|
||||
#include "networkd-lldp-tx.h"
|
||||
#include "networkd-neighbor.h"
|
||||
#include "networkd-radv.h"
|
||||
#include "networkd-route.h"
|
||||
#include "networkd-routing-policy-rule.h"
|
||||
@ -235,6 +236,7 @@ struct Network {
|
||||
LIST_HEAD(Route, static_routes);
|
||||
LIST_HEAD(FdbEntry, static_fdb_entries);
|
||||
LIST_HEAD(IPv6ProxyNDPAddress, ipv6_proxy_ndp_addresses);
|
||||
LIST_HEAD(Neighbor, neighbors);
|
||||
LIST_HEAD(AddressLabel, address_labels);
|
||||
LIST_HEAD(Prefix, static_prefixes);
|
||||
LIST_HEAD(RoutingPolicyRule, rules);
|
||||
@ -243,6 +245,7 @@ struct Network {
|
||||
unsigned n_static_routes;
|
||||
unsigned n_static_fdb_entries;
|
||||
unsigned n_ipv6_proxy_ndp_addresses;
|
||||
unsigned n_neighbors;
|
||||
unsigned n_address_labels;
|
||||
unsigned n_static_prefixes;
|
||||
unsigned n_rules;
|
||||
@ -250,6 +253,7 @@ struct Network {
|
||||
Hashmap *addresses_by_section;
|
||||
Hashmap *routes_by_section;
|
||||
Hashmap *fdb_entries_by_section;
|
||||
Hashmap *neighbors_by_section;
|
||||
Hashmap *address_labels_by_section;
|
||||
Hashmap *prefixes_by_section;
|
||||
Hashmap *rules_by_section;
|
||||
|
@ -0,0 +1,6 @@
|
||||
[Match]
|
||||
Name=dummy98
|
||||
|
||||
[Neighbor]
|
||||
Address=2004:da8:1:0::
|
||||
MACAddress=00:00:5e:00:02:00
|
@ -165,6 +165,9 @@ EmitDNS=
|
||||
EmitDomains=
|
||||
Managed=
|
||||
OtherInformation=
|
||||
[Neighbor]
|
||||
Address=
|
||||
MacAddress=
|
||||
[IPv6AddressLabel]
|
||||
Label=
|
||||
Prefix=
|
||||
|
10
test/test-network/conf/25-neighbor-section.network
Normal file
10
test/test-network/conf/25-neighbor-section.network
Normal file
@ -0,0 +1,10 @@
|
||||
[Match]
|
||||
Name=dummy98
|
||||
|
||||
[Neighbor]
|
||||
Address=192.168.10.1
|
||||
MACAddress=00:00:5e:00:02:65
|
||||
|
||||
[Neighbor]
|
||||
Address=2004:da8:1:0::1
|
||||
MACAddress=00:00:5e:00:02:66
|
@ -525,6 +525,7 @@ class NetworkdNetWorkTests(unittest.TestCase, Utilities):
|
||||
'25-fibrule-invert.network',
|
||||
'25-fibrule-port-range.network',
|
||||
'25-ipv6-address-label-section.network',
|
||||
'25-neighbor-section.network',
|
||||
'25-link-section-unmanaged.network',
|
||||
'25-route-gateway.network',
|
||||
'25-route-gateway-on-link.network',
|
||||
@ -775,6 +776,17 @@ class NetworkdNetWorkTests(unittest.TestCase, Utilities):
|
||||
print(output)
|
||||
self.assertRegex(output, '2004:da8:1::/64')
|
||||
|
||||
def test_ipv6_neighbor(self):
|
||||
self.copy_unit_to_networkd_unit_path('25-neighbor-section.network', '12-dummy.netdev')
|
||||
self.start_networkd()
|
||||
|
||||
self.assertTrue(self.link_exits('dummy98'))
|
||||
|
||||
output = subprocess.check_output(['ip', 'neigh', 'list']).rstrip().decode('utf-8')
|
||||
print(output)
|
||||
self.assertRegex(output, '192.168.10.1.*00:00:5e:00:02:65.*PERMANENT')
|
||||
self.assertRegex(output, '2004:da8:1:0::1.*00:00:5e:00:02:66.*PERMANENT')
|
||||
|
||||
def test_sysctl(self):
|
||||
self.copy_unit_to_networkd_unit_path('25-sysctl.network', '12-dummy.netdev')
|
||||
self.start_networkd()
|
||||
|
Loading…
Reference in New Issue
Block a user