IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This is necessary for non-ipv4ll hosts to communicate with ipv4ll-only hosts on the same link. Defaults
to being enabled, but can be opted out.
See: <http://avahi.org/wiki/AvahiAutoipd#Routes>
This avoids having to distinguish between IPv4 and IPv6, allowing us
to keep their internal orderings. The consumers now has to turn the
strings into addresses.
All routes added by networkd are currently set RTPROT_BOOT, which according
to the kernel means "Route installed during boot" (rtnetlink.h). But this
is not always the case as networkd changes routing after boot too. Since
the kernel gives more detailed protocols, use them.
With this patch, user-configured static routes now use RTPROT_STATIC (which
they are) and DHCP routes use RTPROT_DHCP. There is no define for IPv4LL
yet, so those are installed as RTPROT_STATIC (though perhaps RTPROT_RA is
better?).
[tomegun: fixup
src/network/networkd-link.c:972:33: error: too few arguments to function 'route_new_dynamic']
Lennart said:
> We have these nice USEC_PER_MSEC-style macro definitions which make it a
> little bit clearer what we are converting here from what into
> what... please use that instead of writing "1000"...
>
> (we stole those from gstreamer btw)
The following bond options are supported by this patch.
MIIMonitorSec:
Specifies the frequency in milli-seconds that MII link
monitoring will occur.
UpDelaySec:
Specifies the delay time in milli-seconds to enable a link
after a link up status has been detected.
DownDelaySec:
Specifies the delay time in milli-seconds to disable a link
after a link failure has been detected.
changes:
1. Added gconf variables.
2. man page
conf:
[NetDev]
Name=bond1
Kind=bond
[Bond]
Mode=802.3ad
TransmitHashPolicy=layer2+3
LacpduTransmitRate=fast
MIIMonitorSec=1s
UpDelaySec=2s
DownDelaySec=8s
cat /proc/net/bonding/bond1
Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)
Bonding Mode: IEEE 802.3ad Dynamic link aggregation
Transmit Hash Policy: layer2+3 (2)
MII Status: up
MII Polling Interval (ms): 1000
Up Delay (ms): 2000
Down Delay (ms): 8000
802.3ad info
LACP rate: fast
Min links: 0
Aggregator selection policy (ad_select): stable
bond bond1 has no active aggregator
[tomegun: rephrased manpage, dropped bond_ prefix from variables]
LacpduTransmitRate
option specifies the rate in which link partner to transmit
LACPDU packets in 802.3ad mode. Possible values
slow : Request partner to transmit LACPDUs every 30 seconds
fast : Request partner to transmit LACPDUs every 1 second
The default is slow.
chages:
1. Added enum bond_lacp_rate_table
2. gperf LacpduTransmitRate
Test:
conf file:
[NetDev]
Name=bond1
Kind=bond
[Bond]
Mode=802.3ad
LacpduTransmitRate=fast
test:
cat /proc/net/bonding/bond1
Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)
Bonding Mode: IEEE 802.3ad Dynamic link aggregation
Transmit Hash Policy: layer2+3 (2)
MII Status: up
MII Polling Interval (ms): 0
Up Delay (ms): 0
Down Delay (ms): 0
802.3ad info
LACP rate: fast
Min links: 0
Aggregator selection policy (ad_select): stable
bond bond1 has no active aggregator
[tomegun: renamed from LacpduTransmitRate to LACPTransmitRate, manpage fixes and
dropped bond_ prefix from variables]
This patch adds support the transmit hash policy to use
for slave selection in balance-xor, 802.3ad, and tlb modes
layer2, layer3+4, layer2+3, encap3+4, encap3+4
Added:
1. BondXmitHashPolicy
2. conf param TransmitHashPolicy
Test conf:
[NetDev]
Name=bond1
Kind=bond
[Bond]
Mode=802.3ad
TransmitHashPolicy=layer2+3
test output:
cat /proc/net/bonding/bond1
Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)
Bonding Mode: IEEE 802.3ad Dynamic link aggregation
Transmit Hash Policy: layer2+3 (2)
MII Status: up
MII Polling Interval (ms): 0
Up Delay (ms): 0
Down Delay (ms): 0
802.3ad info
LACP rate: slow
Min links: 0
Aggregator selection policy (ad_select): stable
bond bond1 has no active aggregator
[tomegun: dropped bond_ prefix from new Bond variable, drop repeated man-page section]
Let's settle on a single type for all address family values, even if
UNIX is very inconsitent on the precise type otherwise. Given that
socket() is the primary entrypoint for the sockets API, and that uses
"int", and "int" is relatively simple and generic, we settle on "int"
for this.
Do not expose link_is_loopback, people should just get this from rtnl directly.
Do not expose NTP servers as IP addresses, these must be strings.
Expose ifindex as int, not unsigned. This is what the kernel (mostly) and glibc uses.
Rather than refetching the link information on ever event, we liston to
rtnl to track them. Much code stolen from resolved.
This will allow us to simplify the sd-network api and don't expose
information available over rtnl.
As long as the number of array entries is relatively small it's nicer to
simply return the number of entries directly, instead of using a size_t*
return parameter for it.
Constructors should return the object they created as first parameter,
except when they are generated as a child/member object of some other
object in which case that should be first.
Special care is needed so that we get an error message if the
file failed to parse, but not when it is missing. To avoid duplicating
the same error check in every caller, add an additional 'warn' boolean
to tell config_parse whether a message should be issued.
This makes things both shorter and more robust wrt. to error reporting.
It appears there is no good way to decide whether or not broadcasts should be enabled,
there is hardware that must have broadcast, and there are networks that only allow
unicast. So we give up and make this configurable.
By default, unicast is used, but if the kernel were to inform us abotu certain
interfaces requiring broadcast, we could change this to opt-in by default in
those cases.
Vendor Class Identifier be used by DHCP clients to identify
their vendor type and configuration. When using this option,
vendors can define their own specific identifier values, such
as to convey a particular hardware or operating system
configuration or other identifying information.
Vendor-specified DHCP options—features that let administrators assign
separate options to clients with similar configuration requirements.
For example, if DHCP-aware clients for example we want to separate
different gateway and option for different set of people
(dev/test/hr/finance) in a org or devices for example web/database
servers or let's say in a embedded device etc and require a different
default gateway or DNS server than the rest of clients.
Now route metric can be configuted via conf file:
example conf:
[Match]
Name=em1
[Route]
Gateway=192.168.1.12
Metric=10
Test:
ip route output
default via 192.168.1.12 dev em1 metric 10
[tomegun: squash TODO update and reword man page a bit]
This patch adds supports networkd to configure bond mode
during creation via persistent conf. Mode can be configured
with conf param 'Mode'. A new section Bond is added to the
conf to support bond mode.
These modes can be configured now.
balance-rr
active-backup
balance-xor
broadcast
802.3ad
balance-tlb
balance-alb
Example conf file: test-bond.conf
[NetDev]
Name=bond1
Kind=bond
[Bond]
Mode=balance-xor
Test case:
1. start networkd service:
12: bond1: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc
noqueue state UNKNOWN mode DEFAULT group default
link/ether 22:89:6c:47:23:d2 brd ff:ff:ff:ff:ff:ff
2. find bond mode:
cat /proc/net/bonding/bond1
Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)
Bonding Mode: load balancing (xor)
Transmit Hash Policy: layer2 (0)
MII Status: up
MII Polling Interval (ms): 0
Up Delay (ms): 0
Down Delay (ms): 0
Changes:
1. Added file networkd-bond.c
2. Bond mode enum BondMode
3. conf section [Bond]
[tomegun: whitespace]
This patch adds peer address support for
networkd . In the [Address] a new configurable
param is Peer.
[Match]
Name=ipip-tun
[Address]
Address=10.0.0.1/32
Peer=10.0.0.2/32
When doing a NEWADDR, the reply we get back is the NEWADDR itself, rather
than just an empty ack (unlike how NEWLINK works). For this reason, the
process that did the NEWADDR does not get the broadcast message.
We were only listening for broadcast messages, and hence not tracking the
addresses we added ourselves. This went unnoticed as the kernel will usually
send NEWADDR messages from time to time anyway, so things would mostly work,
but in the worst case we would not notice that a routable address was available
and consider ourselves offline.
This patch introduces TUN/TAP device creation support
to networkd.
Example conf to create a tap device:
file: tap.netdev
------------------
[NetDev]
Name=tap-test
Kind=tap
[Tap]
OneQueue=true
MultiQueue=true
PacketInfo=true
User=sus
Group=sus
------------------
Test:
1. output of ip link
tap-test: tap pi one_queue UNKNOWN_FLAGS:900 user 1000 group 1000
id:
uid=1000(sus) gid=10(wheel) groups=10(wheel),1000(sus)
context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
Modifications:
Added:
1. file networkd-tuntap.c
3. netdev kind NETDEV_KIND_TUN and NETDEV_KIND_TAP
2. Tun and Tap Sections and config params to parse
conf and gperf conf parameters
[tomegun: tweak the 'kind' checking for received ifindex]
Send hostname (option 12) in DISCOVER and REQUEST messages so the
DHCP server could use it to register with dynamic DNS and such.
To opt-out of this behaviour set SendHostname to false in [DHCP]
section of .network file
[tomegun: rebased, made sure a failing set_hostname is a noop and moved
config from DHCPv4 to DHCP]
We failed to take a ref when waiting for udev synchronization. Fix that and also
make unreffing in callbacks simpler throughout by using _cleanup_ macros.
Fixes <https://bugs.freedesktop.org/show_bug.cgi?id=80556>.
The logic otherwise is that we leave anything preconfigured alone, but in the case of DHCP
we actually need to update it whenever the lease is renewed.
This adds support for DHCP options 33 and 121: Static Route and
Classless Static Route. To enable this feature, set UseRoutes=true
in .network file. Returned routes are added to the routing table.
If there are v4 or v6 specific options we can keep those in separate sections,
but for the common options, we will use only one.
Moreovere only use DHCP=[yes/both|no/none|v4|v6] to enable or disable the clients.
We used to check if e.g. IFLA_BOND_MAX is defined and provide fallback
values in missing.h is it wasn't. But over time, various kernel
versions added IFLA_* defines, so checking for IFLA_BOND_MAX is not
enough if the kernel is new enough to have some of them but too old to
have all. In case we detect that the latest known enum value is
missing, #define most of them.
https://bugs.freedesktop.org/show_bug.cgi?id=80095
When an address is configured to be all zeroes, networkd will now
automatically find a locally unused network of the right size from a
list of pre-configured pools. Currently those pools are 10.0.0.0/8,
172.16.0.0/12, 192.168.0.0/16 and fc00::/7, i.e. the network ranges for
private networks. They are compiled in, but should be configurable
eventually.
This allows applying the same configuration to a large number of
interfaces with each time a different IP range block, and management of
these IP ranges is fully automatic.
When allocating an address range from the pool it is made sure the range
is not used otherwise.
We could still have an old interface name and/or mac address when libudev
tells us that the device is initialized, as the up-to-date info could still
be on its way from the kernel.
This reverts (and rewrites) commit 7d95c772cb.
The issue blocking this feature has now been fixed in the kernel, and backported
to the various stable kernels.
Our netdevs will now have stable MAC addresses, even if one is not specified.
It may sometimes be necessary to specify the MAC address of a netdev.
Let us set the correct one from the get-go, rather than having the
kernel generate a random one, and then change it after.
It should not be possible to have a DHCP lease on a link without also having
an associated network. Add assert() to avoid compiler warnings.
Reported by Thomas H. P. Andersen
When enabled in [Network] it will set up a dhcp server on the interface, listening
on one of its statically configured IPv4 addresses and with a fixed size pool of
leases determined from it.
Example:
[Match]
Name=ve-arch-tree
[Network]
Address=192.168.12.5/24
DHCPServer=yes
[Route]
Gateway=192.168.12.5
Destination=192.168.12.0/24
In this case we will configure ve-arch-tree with the address 192.168.12.5 and
hand out addresses in the range 192.168.12.6 - 192.168.12.38.
In the future, we should (as suggested by Lennart) introduce a syntax to pick the
server address automatically.
Configuration will be in
root:root /run/systemd/network
and state will be in
systemd-network:systemd-network /run/systemd/netif
This matches what we do for logind's seat/session state.
Rely on modules being built-in or autoloaded on-demand.
As networkd is a network facing service, we want to limits its capabilities,
as much as possible. Also, we may not have CAP_SYS_MODULE in a container,
and we want networkd to work the same there.
Module autoloading does not always work, but should be fixed by the kernel
patch f98f89a0104454f35a: 'net: tunnels - enable module autoloading', which
is currently in net-next and which people may consider backporting if they
want tunneling support without compiling in the modules.
Early adopters may also use a module-load.d snippet and order
systemd-modules-load.service before networkd to force the module
loading of tunneling modules.
This sholud fix the various build issues people have reported.
This patch adds path of mtu discovery for sit tunnel.
To enable/disable DiscoverPathMTU is introduced.
Example configuration
file: sit.netdev
[NetDev]
Name=sit-tun
Kind=sit
MTUBytes=1480
[Tunnel]
DiscoverPathMTU=1
Local=X.X.X.X
Remote=X.X.X.X
By default pmtudisc is turned on , if DiscoverPathMTU
is missing from the config. To turn it off
DiscoverPathMTU=0 needs to be set.
This allows us to run networkd mostly unpriviliged with the exception of
CAP_NET_* and CAP_SYS_MODULE. I'd really like to get rid of the latter
though...
Djalal Harouni <tixxdz@opendz.org>:
There is also this one genrated by LTO, IMO it's a false positive since
we do *check* for "lease" but the code is not consistent since in that
code path, "lease" is initialized to NULL in other places, except for
this one:
src/resolve/resolved-manager.c: In function 'manager_update_resolv_conf':
src/libsystemd-network/sd-dhcp-lease.c:67:18: warning: 'lease' may be used uninitialized in this function [-Wmaybe-uninitialized]
if (lease->dns_size) {
^
src/network/sd-network.c:146:24: note: 'lease' was declared here
sd_dhcp_lease *lease;
^
This makes callback behaviour more like sd-event or sd-resolve, and
creates proper object for unregistering callbacks.
Taking the refernce to the slot is optional. If not taken life time of
the slot will be bound to the underlying bus object (or in the case of
an async call until the reply has been recieved).
