1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2024-12-23 17:34:00 +03:00
Commit Graph

219 Commits

Author SHA1 Message Date
Yu Watanabe
74f0fb9095 network: can: add support for listen-only mode
Closes #15129.
2020-03-17 00:32:35 +09:00
Yu Watanabe
b453122789 network: add a flag to ignore gateway provided by DHCP server
Closes #15117.
2020-03-16 19:34:43 +09:00
Susant Sahani
7f22402007 network: TC - introduce HHF
Please see https://lwn.net/Articles/577208/
2020-03-12 15:39:12 +09:00
Susant Sahani
1a95964bfa network: TC - introduce pfifo_fast
pfifo_fast - three-band first in, first out queue

Please see https://linux.die.net/man/8/tc-pfifo_fast
2020-03-12 15:38:18 +09:00
Susant Sahani
053a2ddbb2 network: TC - introduce pfifo_head_drop
This adds the required changes to gain access to
the head drop classfull queuing discipline named
pfifo_head_drop.
2020-03-12 15:37:17 +09:00
Susant Sahani
c853f594d4 network: TC - introduce BFIFO
bfifo - Byte limited First In, First Out queue
2020-03-12 15:35:51 +09:00
Yu Watanabe
ad365c5de7 network: tc: introduce DRR class 2020-03-12 15:35:51 +09:00
Susant Sahani
f5fc04417e network: TC - introduce DRR
Introduce the Deficit Round Robin Scheduler is a classful queuing discipline as
a more flexible replacement for Stochastic Fairness Queuing.

http://man7.org/linux/man-pages/man8/tc-drr.8.html
2020-03-12 15:35:51 +09:00
Susant Sahani
bde4ae88c8 network: tc- introduce PIE
Proportional Integral controller-Enhanced (PIE) is a control
theoretic active queue management scheme. It is based on the
proportional integral controller but aims to control delay.

http://man7.org/linux/man-pages/man8/tc-pie.8.html
2020-03-12 13:58:35 +09:00
Yu Watanabe
a834cb5247
Merge pull request #15036 from yuwata/can-termination-mod
network: add CAN Termination tristate option
2020-03-07 19:11:03 +09:00
Matt Ranostay
52aa38f14a network: add CAN Termination tristate option 2020-03-07 02:00:02 +09:00
Yu Watanabe
bba1f90ff5
Merge pull request #14890 from yuwata/network-tc-next
network: tc-next
2020-03-07 01:44:15 +09:00
Yu Watanabe
d739fddeb5 network: add setting to support RA without DHCPv6 client
Closes #13991.
2020-03-07 01:39:26 +09:00
Susant Sahani
cd305af1fe network: Allow DHCPv6 client to start without router's managed flag. 2020-03-07 01:38:26 +09:00
Susant Sahani
ad8352f4ff network: tc: introduce cake
CAKE (Common Applications Kept Enhanced)

Please see http://man7.org/linux/man-pages/man8/tc-cake.8.html
2020-03-02 15:59:37 +09:00
Susant Sahani
982998b087 network: TC introduce sfb - Stochastic Fair Blue
Please see https://www.systutorials.com/docs/linux/man/8-tc-sfb/
2020-03-02 15:48:24 +09:00
Susant Sahani
609e8340bb network: TC introduce GRED, Generic Random Early Detection
http://tldp.org/en/Traffic-Control-HOWTO/ar01s06.html
2020-03-02 15:48:24 +09:00
Susant Sahani
a74760653c network: TC introduce PFIFO 2020-03-02 15:48:00 +09:00
Yu Watanabe
19f86a6351 network: tc: support HTB class 2020-03-02 15:46:28 +09:00
Yu Watanabe
b934ac3d6e network: tc: support Hierarchy Token Bucket (HTB) 2020-03-02 15:46:28 +09:00
Susant Sahani
bd6379ec57 network: introduce IPv6 prefix assign
Expose a boolean flag to automatically add an address from the delegated prefix to the interface
2020-03-01 00:49:19 +09:00
Susant Sahani
d8b2396d34 network: add support for qdisc handle 2020-02-10 17:48:53 +09:00
Zbigniew Jędrzejewski-Szmek
c3b41d8811
Merge pull request #14805 from yuwata/network-ipv6-token-follow-up
network: rename eui64 to static
2020-02-07 17:05:33 +01:00
Yu Watanabe
9b749c11e2 network: tc: support teql
Closes #14792.
2020-02-07 17:41:49 +09:00
Yu Watanabe
f0c1ad308d network: fix ABRT
Fixes #14811 and oss-fuzz#20548.
2020-02-07 17:18:58 +09:00
Yu Watanabe
2ed5f6d5de network: introduce new [QDisc] section to support Parent=ingress
Follow-up for 18de0969c5.
2020-02-07 13:48:54 +09:00
Zbigniew Jędrzejewski-Szmek
ca58d00c68 network: FairQueueTrafficPolicing→FairQueueing
This never made into a release, so we can change the name with impunity.
Suggested by Davide Pesavento.

I opted to add the "ing" ending. "Fair queuing" is the name of the general
concept and algorithm, and "Fair queue" is mostly used for the implementation
name.
2020-02-04 17:37:16 +01:00
Zbigniew Jędrzejewski-Szmek
60ed2dcfc7 network: TokenBufferFilter→TokenBucketFilter
This never made into a release, so we can change the name with impunity.
Noticed by Davide Pesavento.
2020-02-04 17:28:15 +01:00
Yu Watanabe
18de0969c5 network: split TrafficControlQueueingDiscipline section into small pieces
Closes #14763.
2020-02-04 21:45:39 +09:00
Naïm Favier
53e1ba280f
network: add SuppressPrefixLength option to RoutingPolicyRule (#14736)
Closes #14724.
2020-02-03 08:25:48 +09:00
Yu Watanabe
ea471a4695 network: support UID based routing policy
Closes #14666.
2020-02-02 22:43:38 +09:00
Yu Watanabe
4bb7cc8287 network, udev: introduce PermanentMACAddress= setting in [Match] section
Closes #13983.
2020-01-08 17:54:54 +09:00
Lennart Poettering
dc5737470e
Merge pull request #14194 from yuwata/network-multipath-routing-12541
network: introduce multipath routing
2020-01-03 15:38:03 +01:00
Yu Watanabe
b078e52855 network: add more settings for CoDel 2019-12-28 22:25:12 +09:00
Susant Sahani
c695dcf929 network: Add support to configure DHCPv4 route MTU
This is useful for transitioning systems from small frames to jumbo frames.

Closes #14302
2019-12-28 21:37:26 +09:00
Susant Sahani
a9a5d632da network: tc introduce codel
Please see http://man7.org/linux/man-pages/man8/tc-codel.8.html
2019-12-28 21:35:39 +09:00
Susant Sahani
0f3ff4eae2 network: DHCP4 introduce send decline 2019-12-21 00:26:44 +09:00
Yu Watanabe
de697db05b network: introduce AddPrefixRoute= and deprecate PrefixRoute=
PrefixRoute= was added by e63be0847c,
but unfortunately, the meaning of PrefixRoute= is inverted; when true
IFA_F_NOPREFIXROUTE flag is added. This introduces AddPrefixRoute=
setting.
2019-12-18 16:32:31 +01:00
Yu Watanabe
6ff5cc6b7a network: introduce multipath route
Closes #12541.
2019-12-18 22:12:57 +09:00
Yu Watanabe
e83562e51e network: tc: add more settings for FQ 2019-12-13 23:36:17 +09:00
Yu Watanabe
ac810b75c1 network: tc: support more attributes for FQ-CoDel 2019-12-12 23:36:48 +09:00
Susant Sahani
7234b91596 network tc: inroduce FQ - Fair Queue traffic policing
Please see http://man7.org/linux/man-pages/man8/tc-fq.8.html
2019-12-12 17:26:20 +09:00
Susant Sahani
4e5ef14919 network tc: Add support to conkfigure CoDel - Controlled-Delay Active Queue Management algorithm
```
$ tc qdisc show dev dummy99
qdisc fq_codel 8005: dev dummy99 root refcnt 2 limit 1000p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 32Mb ecn
$ network cat dumm99.network
[Match]
Name=dummy99

[TrafficControlQueueingDiscipline]
Parent=root
FairQueuingControlledDelayPacketLimit=1000

```
2019-12-11 00:06:31 +09:00
Yu Watanabe
dcfc23ae77 network: tc: add more options for TBF 2019-12-10 01:28:38 +09:00
Susant Sahani
9942b71089 network: tc introduce sfq - Stochastic Fairness Queueing
Stochastic Fairness Queueing is a classless queueing discipline.
SFQ does not shape traffic but only schedules the transmission of packets, based on 'flows'.
The goal is to ensure fairness so that each flow is able to send data in turn,
thus preventing any single flow from drowning out the rest.
2019-12-04 20:58:17 +09:00
Susant Sahani
ba5841b520 networkd tc: introduce tbf
See https://linux.die.net/man/8/tc-tbf
2019-12-04 20:55:48 +09:00
Yu Watanabe
d8b736bd0c network: rename SendRawOption= to SendOption=
As DHCPv4.SendOption= and DHCPServer.SendRawOption= take the same
format.
2019-11-18 23:35:48 +09:00
Yu Watanabe
c1ed516cde test: add testcase for issue #13938 2019-11-05 10:49:07 +09:00
Susant Sahani
b9c5aa3c65 qdisc: netem add support to duplicate packets.
using this option the chosen percent of packets is duplicated before
queuing them
2019-10-31 10:36:28 +01:00
Susant Sahani
564ca98484 networkd: dhcp server Support Vendor specific 43
Implementes https://tools.ietf.org/html/rfc2132

```
[DHCPServer]
SendRawOption=26:uint32:1400
SendRawOption=23:uint8:10

```
Frame 448: 350 bytes on wire (2800 bits), 350 bytes captured (2800 bits) on interface 0
Linux cooked capture
Internet Protocol Version 4, Src: 192.168.5.1, Dst: 192.168.5.11
User Datagram Protocol, Src Port: 67, Dst Port: 68
Dynamic Host Configuration Protocol (ACK)
    Message type: Boot Reply (2)
    Hardware type: Ethernet (0x01)
    Hardware address length: 6
    Hops: 0
    Transaction ID: 0x71f8de9d
    Seconds elapsed: 0
    Bootp flags: 0x0000 (Unicast)
    Client IP address: 0.0.0.0
    Your (client) IP address: 192.168.5.11
    Next server IP address: 0.0.0.0
    Relay agent IP address: 0.0.0.0
    Client MAC address: 1e:04:f8:b8:2f:d4 (1e:04:f8:b8:2f:d4)
    Client hardware address padding: 00000000000000000000
    Server host name not given
    Boot file name not given
    Magic cookie: DHCP
    Option: (53) DHCP Message Type (ACK)
        Length: 1
        DHCP: ACK (5)
    Option: (51) IP Address Lease Time
        Length: 4
        IP Address Lease Time: (3600s) 1 hour
    Option: (1) Subnet Mask (255.255.255.0)
        Length: 4
        Subnet Mask: 255.255.255.0
    Option: (3) Router
        Length: 4
        Router: 192.168.5.1
    Option: (6) Domain Name Server
        Length: 4
        Domain Name Server: 192.168.5.1
    Option: (42) Network Time Protocol Servers
        Length: 4
        Network Time Protocol Server: 192.168.5.1
    Option: (101) TCode
        Length: 13
        TZ TCode: Europe/Berlin
    Option: (43) Vendor-Specific Information
        Length: 9
        Value: 1701311a0431343030
    Option: (54) DHCP Server Identifier (192.168.5.1)
        Length: 4
        DHCP Server Identifier: 192.168.5.1
    Option: (255) End
        Option End: 255

```
2019-10-31 09:03:43 +09:00
Zbigniew Jędrzejewski-Szmek
864edb39cf network: rename SendOptions= to SendOption=
The name with plural made more sense where multiple options could be specified
in one line. After changes in the pull request, this option only accepts one
value, so from users' POV it should be singular.

(The field in the data structure remains plural, because it actually stores
multiple values.)
2019-10-30 08:56:18 +01:00
Susant Sahani
0f5bd7fe24 network: introduce TrafficControl
Add network delay to a interface
2019-10-30 09:33:51 +09:00
Yu Watanabe
78404d22cc network: support matching based on wifi interfece type 2019-10-25 16:43:18 +09:00
Zbigniew Jędrzejewski-Szmek
510c4bb31f
Merge pull request #13142 from yuwata/network-wifi-ssid-support-nl80211
network: wifi ssid support with nl80211
2019-10-23 14:51:23 +02:00
Zbigniew Jędrzejewski-Szmek
c8966bffdd
Merge pull request #13663 from ssahani/dhcp-send-option-data
network: DHCPv4 client- add support to send arbitary option and data
2019-10-16 11:31:22 +02:00
Yu Watanabe
277ba8d1ab network: add support matching based on BSSID= 2019-10-15 01:59:56 +09:00
Yu Watanabe
8d968fdd99 network: support matching based on wifi SSID 2019-10-15 01:59:06 +09:00
Susant Sahani
cb29c15605 network: DHCPv4 client: add support to send arbitary option and data 2019-10-15 00:14:02 +09:00
Susant Sahani
c16c780804 network: introduce ip nexthop routing
Used to manipulate entries in the kernel's nexthop tables.
Example:
```
[NextHop]
Id=3
Gateway=192.168.5.1
```
2019-10-14 21:32:48 +09:00
Susant Sahani
2805536bff network: DHCPv6 client add support for prefix delegation hint
Add support for prefix hint lenth and prefix hint address
```
Frame 43: 177 bytes on wire (1416 bits), 177 bytes captured (1416 bits) on interface 0
Ethernet II, Src: f6:c1:08:4d:45:f1 (f6:c1:08:4d:45:f1), Dst: IPv6mcast_01:00:02 (33:33:00:01:00:02)
Internet Protocol Version 6, Src: fe80::d250:c82:7f6e:28d6, Dst: ff02::1:2
User Datagram Protocol, Src Port: 546, Dst Port: 547
DHCPv6
    Message type: Solicit (1)
    Transaction ID: 0x5c7902
    Rapid Commit
    Identity Association for Non-temporary Address
    Fully Qualified Domain Name
    Identity Association for Prefix Delegation
        Option: Identity Association for Prefix Delegation (25)
        Length: 41
        Value: 1b97b1690000000000000000001a0019ffffffffffffffff…
        IAID: 1b97b169
        T1: 0
        T2: 0
        IA Prefix
            Option: IA Prefix (26)
            Length: 25
            Value: ffffffffffffffff3c000000000000000000000000000000…
            Preferred lifetime: infinity
            Valid lifetime: infinity
            Prefix length: 60
            Prefix address: ::
    Option Request
    Client Identifier
    Elapsed time
```
2019-10-01 23:52:40 +09:00
Siddharth Chandrasekara
afe42aef39 dhcp4: make IPServiceType configurable
IPServiceType set to CS6 (network control) causes problems on some old
network setups that continue to interpret the field as IP TOS.

Make DHCP work on such networks by allowing this field to be set to
CS4 (Realtime) instead, as this maps to IPTOS_LOWDELAY.

Signed-off-by: Siddharth Chandrasekaran <csiddharth@vmware.com>
2019-09-26 11:39:46 +09:00
Susant Sahani
299d578f7f network: DHCP server Add support to transmit SIP server
1. DHCP server trasmit
2. Client parses and saves in leases
Implements http://www.rfc-editor.org/rfc/rfc3361.txt

```
Frame 134: 348 bytes on wire (2784 bits), 348 bytes captured (2784 bits) on interface 0
Ethernet II, Src: 42:65:85:d6:4e:32 (42:65:85:d6:4e:32), Dst: 1e:04:f8:b8:2f:d4 (1e:04:f8:b8:2f:d4)
Internet Protocol Version 4, Src: 192.168.5.1, Dst: 192.168.5.11
User Datagram Protocol, Src Port: 67, Dst Port: 68
Dynamic Host Configuration Protocol (ACK)
    Message type: Boot Reply (2)
    Hardware type: Ethernet (0x01)
    Hardware address length: 6
    Hops: 0
    Transaction ID: 0x7cc87cb4
    Seconds elapsed: 0
    Bootp flags: 0x0000 (Unicast)
    Client IP address: 0.0.0.0
    Your (client) IP address: 192.168.5.11
    Next server IP address: 0.0.0.0
    Relay agent IP address: 0.0.0.0
    Client MAC address: 1e:04:f8:b8:2f:d4 (1e:04:f8:b8:2f:d4)
    Client hardware address padding: 00000000000000000000
    Server host name not given
    Boot file name not given
    Magic cookie: DHCP
    Option: (53) DHCP Message Type (ACK)
        Length: 1
        DHCP: ACK (5)
    Option: (51) IP Address Lease Time
        Length: 4
        IP Address Lease Time: (3600s) 1 hour
    Option: (1) Subnet Mask (255.255.255.0)
        Length: 4
        Subnet Mask: 255.255.255.0
    Option: (3) Router
        Length: 4
        Router: 192.168.5.1
    Option: (6) Domain Name Server
        Length: 4
        Domain Name Server: 192.168.5.1
    Option: (42) Network Time Protocol Servers
        Length: 4
        Network Time Protocol Server: 192.168.1.1
    Option: (120) SIP Servers <=====here
        Length: 9
        SIP Server Encoding: IPv4 Address (1)
        SIP Server Address: 192.168.1.1
        SIP Server Address: 192.168.5.2
    Option: (101) TCode
        Length: 13
        TZ TCode: Europe/Berlin
    Option: (54) DHCP Server Identifier (192.168.5.1)
        Length: 4
        DHCP Server Identifier: 192.168.5.1
    Option: (255) End
        Option End: 255
```

```
cat /run/systemd/netif/state                                                                                                   ✔    3148  16:40:51
OPER_STATE=routable
CARRIER_STATE=carrier
ADDRESS_STATE=routable
DNS=192.168.94.2 192.168.5.1
NTP=192.168.5.1
SIP=192.168.1.1 192.168.5.2

```

aa
2019-09-20 21:22:23 +09:00
Susant Sahani
5bc945bec4 network dhcp4: Add support send request options in a generic manner 2019-09-20 21:05:48 +09:00
Susant Sahani
203d4df573 network: Add support to advertie ipv6 route
Implements https://tools.ietf.org/html/rfc4191

cat veth99.network
```
[Match]
Name=veth99

[Network]
DHCP=no
IPv6PrefixDelegation=yes
Address=2001:db8:0:1::1/64

[IPv6Prefix]
Prefix=2001:db8:0:1::4/64

[IPv6RoutePrefix]
Route=2001:db0:fff::/48

```
Wireshark

```
Frame 481: 142 bytes on wire (1136 bits), 142 bytes captured (1136 bits) on interface 0
Ethernet II, Src: 1e:04:f8:b8:2f:d4 (1e:04:f8:b8:2f:d4), Dst: IPv6mcast_01 (33:33:00:00:00:01)
Internet Protocol Version 6, Src: fe80::1c04:f8ff:feb8:2fd4, Dst: ff02::1
Internet Control Message Protocol v6
    Type: Router Advertisement (134)
    Code: 0
    Checksum: 0xec77 [correct]
    [Checksum Status: Good]
    Cur hop limit: 0
    Flags: 0x00, Prf (Default Router Preference): Medium
    Router lifetime (s): 0
    Reachable time (ms): 0
    Retrans timer (ms): 0
    ICMPv6 Option (Source link-layer address : 1e:04:f8:b8:2f:d4)
        Type: Source link-layer address (1)
        Length: 1 (8 bytes)
        Link-layer address: 1e:04:f8:b8:2f:d4 (1e:04:f8:b8:2f:d4)
    ICMPv6 Option (MTU : 1500)
        Type: MTU (5)
        Length: 1 (8 bytes)
        Reserved
        MTU: 1500
    ICMPv6 Option (Prefix information : 2001:db8:0:1::4/64)
        Type: Prefix information (3)
        Length: 4 (32 bytes)
        Prefix Length: 64
        Flag: 0xc0, On-link flag(L), Autonomous address-configuration flag(A)
        Valid Lifetime: 2592000
        Preferred Lifetime: 604800
        Reserved
        Prefix: 2001:db8:0:1::4
    ICMPv6 Option (Route Information : Medium 2001:db0:fff::/48)
        Type: Route Information (24)
        Length: 3 (24 bytes)
        Prefix Length: 48
        Flag: 0x00, Route Preference: Medium
            ...0 0... = Route Preference: Medium (0)
            000. .000 = Reserved: 0
        Route Lifetime: 604800
        Prefix: 2001:db0:fff::
```
2019-09-17 12:09:59 +02:00
Yu Watanabe
f6c6ff97f5 network: add RoutingPolicyRule.Family= setting
Closes #13233.
2019-08-16 22:02:17 +09:00
Yu Watanabe
4bd04e3dcb network: drop recently added settings from deprecated [DHCP] section 2019-07-25 12:39:33 +09:00
Yu Watanabe
a24e12f020 network: add DHCPv4.RoutesToDNS= setting 2019-07-19 01:49:39 +09:00
Yu Watanabe
b956364db0 network: rename Neighbor.MACAddress= to Neighbor.LinkLayerAddress=
And make it support IPv4 address.

Closes #13015.
2019-07-11 22:22:29 +09:00
Lennart Poettering
7e82b4059b
Merge pull request #13006 from yuwata/network-split-dhcp-12917
networkd: DHCPv6 - separate DHCPv6 options from DHCPv4 options
2019-07-11 10:28:03 +02:00
Yu Watanabe
f392c06566
Merge pull request #12863 from 1848/if_xfrm
Added support for xfrm interfaces
2019-07-10 23:04:49 +09:00
1848
98d20a17a9 Added support for xfrm interfaces 2019-07-10 23:02:19 +09:00
Yu Watanabe
e4443f9bfc network: fix memleak
set_put() does not return -EEXIST.

Fixes #12995 and oss-fuzz#15678.
2019-07-10 12:27:48 +02:00
Yu Watanabe
4f7331a85e network: rename [DHCP] section to [DHCPv4]
To keep the backward compatibility broken by the previous commit.
2019-07-10 17:33:09 +09:00
Susant Sahani
caa8ca4286 networkd: DHCPv6 - separate DHCPv6 options from DHCPv4 options
Closes https://github.com/systemd/systemd/issues/12917
2019-07-10 16:59:29 +09:00
Yu Watanabe
44005bfb4e network,udev: add Property= setting in [Match] section
Closes #5665.
2019-07-01 01:24:42 +09:00
Susant Sahani
7da377ef16 networkd: add support to keep configuration 2019-06-06 22:50:29 +09:00
Susant Sahani
e520ce6440 networkd: Ability to selectively ignore IPv6 prefixes supplied via router advertisement
Closes https://github.com/systemd/systemd/issues/10647
2019-05-19 22:23:06 +09:00
Susant Sahani
9b88f20aba networkd: route add MPLS TTL propagate 2019-05-18 10:30:41 +09:00
Susant Sahani
69c317a07f networkd: introduce netdev ipvtap
This patch adds netdev ipvtap that is based on the
IP-VLAN network interface, called ipvtap. An ipvtap device can be created
in the same way as an ipvlan device, using 'kind ipvtap', and then accessed
using the tap user space interface.
2019-05-16 09:48:53 +09:00
Yu Watanabe
5d5003ab35 network: add DefaultRouteOnDevice= setting in [Network] section
When enabled, then default route bound to the interface will be created.
This is useful when adding routes on point-to-point interfaces.

Closes #788.
2019-05-15 12:44:30 +09:00
Yu Watanabe
6e114a2475
Merge pull request #12555 from ssahani/route-properties
networkd: route add support to configure fastopen_no_cookie
2019-05-14 09:03:52 +02:00
Susant Sahani
1501b429a9 networkd: DHCP client add support to send RELEASE packet
closes #10820
2019-05-14 09:03:01 +02:00
Susant Sahani
633c725865 networkd: route add support to configure fastopen_no_cookie
This patch adds fastopen_no_cookie option to enable/disable TCP fastopen
without a cookie on a per-route basis.
2019-05-14 08:08:36 +05:30
Susant Sahani
bdb397ed10 networkd: bridge FDB support more NTF_* flags
Add support to configure NTF_ROUTER and NTF_USE
2019-05-14 02:24:51 +02:00
Yu Watanabe
5af7bc6f4c
Merge pull request #12480 from ssahani/proxy-arp
network: bridge add support to configure proxy ARP/WIFI
2019-05-10 15:30:41 +02:00
Susant Sahani
727b573418 networkd: Add support for blacklisting servers
closes #6260

fuzzer: Add DHCP support for blacklisting servers
2019-05-10 15:29:55 +02:00
Susant Sahani
0fadb2a46f network: add support to configure proxy ARP/WIFI 2019-05-09 15:03:04 +09:00
Susant Sahani
1087623bac networkd: Add support to configure proxy ARP and proxy ARP Wifi 2019-05-09 01:44:26 +02:00
Zbigniew Jędrzejewski-Szmek
d1c377da0d
Merge pull request #12489 from ssahani/vxlan
networkd: VXLAN rename Id to VNI
2019-05-08 12:02:54 +02:00
Susant Sahani
61b824c561 networkd: bridge fdb add support to configure VXLAN VNI 2019-05-08 03:43:43 +02:00
Zbigniew Jędrzejewski-Szmek
29e19a6f19 fuzz: fix spelling of MACsec and MACAddress in the corpus 2019-05-08 06:53:07 +05:30
Susant Sahani
715cedfbf0 networkd: Allow DHCP4 client to set the number to attempt to reconfigure.
Otherwise current value is 6 and after 6 it will give up.
2019-05-07 17:12:04 +02:00
Susant Sahani
c2c2793f39 networkd: Add support to configure destination address for bridge FDB
Closes #5145.

Example conf:
```
[Match]
Name=vxlan1309

[BridgeFDB]
MACAddress=00:00:00:00:00:00
Destination=10.0.0.2

[BridgeFDB]
MACAddress=00:00:00:00:00:00
Destination=10.0.0.4

[BridgeFDB]
MACAddress=00:00:00:00:00:00
Destination=10.0.0.5
```
2019-05-03 06:11:52 +02:00
Susant Sahani
81962db798 network: Introduce MACsec
Media Access Control Security (MACsec) is an 802.1AE IEEE
industry-standard security technology that provides secure
communication for all traffic on Ethernet links.
MACsec provides point-to-point security on Ethernet links between
directly connected nodes and is capable of identifying and preventing
most security threats, including denial of service, intrusion,
man-in-the-middle, masquerading, passive wiretapping, and playback attacks.

Closes #5754
2019-04-12 10:12:41 +09:00
Yu Watanabe
4d6cd572a7 fuzz: add testcases for the bug in condition_free_list_type() 2019-03-24 00:35:39 +09:00
Susant Sahani
3a56e697c8 networkd: Introduce l2tp tunnel
This works allows networkd to configure l2tp tunnel.
See http://man7.org/linux/man-pages/man8/ip-l2tp.8.html
2019-03-14 10:57:41 +09:00
Tobias Jungel
7f15b71460 networkd: Add bridge port capabilities
This PR adds the configuration switches for multicast flooding, neighbor
suppression and learning of a bridge port.
2019-03-13 16:27:22 +01:00
Clemens Gruber
c423be28a0 network: introduce TripleSampling= option in CAN section
When enabled, three samples are used to determine the value of a
received bit by majority rule.

This patch adds support for the TripleSampling= option in the [CAN]
section of .network files.
2019-03-11 17:15:47 +01:00
Yu Watanabe
9cb8c55934 network: rename GatewayOnlink= to GatewayOnLink=
But still GatewayOnlink= is supported for backward compatibility.
2019-02-28 10:00:22 +09:00
Zbigniew Jędrzejewski-Szmek
c448459d56 networkd: refuse more than 128 NTP servers
This test case is a bit silly, but it shows that our code is unprepared to
handle so many network servers, with quadratic complexity in various places.
I don't think there are any valid reasons to have hundres of NTP servers
configured, so let's just emit a warning and cut the list short.

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13354
2019-02-27 14:52:33 +01:00
Zbigniew Jędrzejewski-Szmek
83ec459276 networkd: fix memleak when the same NetDev is specified twice
hashmap_put() returns 0 if the (key, value) pair is already present in the
hashmap, and -EEXIST if the key exists, but the value is different.

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13433
2019-02-27 14:31:28 +01:00
Zbigniew Jędrzejewski-Szmek
95b2903bde tests: shorten the fuzz test case
The test was failing in Ubuntu CI with a 30s timeout. It makes
sense to keep the file so exercise the set allocation logic, but
we can make it shorter.
2019-02-21 12:30:13 +01:00
Zbigniew Jędrzejewski-Szmek
5e2a51d588 networkd: use OrderedSets instead of strvs to store lists of domains
We were already using OrderedSets in the manager object, but strvs in the
configuration parsing code. Using sets gives us better scaling when many
domains are used.

In oss-fuzz #13059 the attached reproducer takes approximately 30.5 s to be
parsed. Converting to sets makes this go down to 10s. This is not _vastly_
faster, but using sets seems like a nicer approach anyway. In particular, we
avoid the quadratic de-unification operation after each addition.
2019-02-21 12:04:27 +01:00
Lennart Poettering
84e4b0b893
Merge pull request #11716 from ssahani/drop-autoconf-address
networkd: ipv6ra allow to ignore addresses
2019-02-15 12:17:46 +01:00
Susant Sahani
24433ffa6d Add to fuzzer 2019-02-14 21:10:59 +05:30
Susant Sahani
93b4dab57e networkd: Allow to retain configs even if carrier is lost
When there is bad link in the network the carrier goes up/down.
This makes networkd stops all the clients and drop config.
But if the remote router/dhcpserver running a prevention
of DHCP Starvation attack or DHCP Flood attack it does not allow
networkd to take a DHCP lease resulting failure in configuration.
This patch allows to keep the client running and keep the conf
also for this scenario.

Closes #9111
2019-02-06 13:35:11 +01:00
Lennart Poettering
7ece6f5897 networkd: permit DNS "DefaultRoute" configuration in .network files 2018-12-21 12:10:07 +01:00
William A. Kennington III
e4a71bf36f networkd: Static neighbor support
When using networkd we currently have no way of ensuring that static
neighbor entries are set when our link comes up. This change adds a new
section to the network definition that allows multiple static neighbors
to be set on a link.
2018-12-09 16:56:37 -08:00
Yu Watanabe
801503d22b
Merge pull request #10988 from ssahani/IFLA_BRPORT_MCAST_TO_UCAST
networkd: bridge add support to configure multicast_to_unicast
2018-12-06 14:32:52 +01:00
Susant Sahani
8b220643b1 networkd: RPDB rule - add support to configure inverted rule.
Closes #10706
2018-12-06 10:42:36 +05:30
Susant Sahani
d3aa8b49e5 networkd: bridge add support to configure multicast_to_unicast
closes #10649
2018-12-03 23:49:46 +05:30
Yu Watanabe
97f9df9e30 network: rename Protocol= in [RoutingPolicyRule] to IPProtocol= 2018-12-02 06:13:47 +01:00
Susant Sahani
926062f083 networkd: add support to configure ip rule port range and protocol.
Please see:

iprule: support for ip_proto, sport and dport match options
https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit/?id=f686f764682745daf6a93b0a6330ba42a961f858

Closes 10622
2018-11-28 20:06:28 +05:30
Yu Watanabe
e2e6148619 fuzz: add testcase of oss-fuzz#11345 2018-11-11 12:03:52 +09:00
Yu Watanabe
872faf59c0 fuzz: add testcases of recent issues 2018-11-09 11:45:43 +09:00
Yu Watanabe
d571998498 fuzz: add a testcase for oss-fuzz#11285 2018-11-08 12:31:02 +09:00
Evgeny Vereshchagin
220fa139de tests: add a couple of files containing all the sections and directives
This should help the fuzzers to discover code paths faster.

In case anyone is interested, they were generated with the following script
```
perl -aF'/[\s,]+/' -ne '
if (my ($s, $d) = ($F[0] =~ /^([^\s\.]+)\.([^\s\.]+)$/)) { $d{$s}{$d} = 1; }
END { while (my ($key, $value) = each %d) {
    printf "[%s]\n%s\n", $key, join("\n", keys(%$value))
}}'
```
by passing src/network/networkd-network-gperf.gperf and
src/network/netdev/netdev-gperf.gperf to it.
2018-11-06 19:42:29 +01:00
Evgeny Vereshchagin
d0f51aa9cd tests: add a reporoducer for https://github.com/systemd/systemd/issues/10639 2018-11-06 19:01:32 +01:00
Evgeny Vereshchagin
efc1a59af6 tests: add some data that can be fed to fuzz-network-parser 2018-11-06 19:01:32 +01:00