Age | Commit message (Collapse) | Author |
|
Also use inet_ntoa rather than inet_ntop.
|
|
|
|
Export the NTP servers so timesyncd can use them.
|
|
Log error no for such client_stop(client, DHCP_EVENT_STOP)
|
|
- Also only allow positive ifindex on both dhcp and ipv4ll
[tomegun: the kernel always sets a positive ifindex, but some APIs accept
ifindex=0 with various meanings, so we should protect against
accidentally passing ifindex=0 along.]
|
|
To make sure we don't delay boot on systems where (some) network links are managed by someone else
we don't block if something else has successfully brought up a link.
We will still block until all links we are aware of that are managed by networkd have been
configured, but if no such links exist, and someone else have configured a link sufficiently
that it has a carrier, it may be that the link is ready so we should no longer block.
Note that in all likelyhood the link is not ready (no addresses/routes configured),
so whatever network managment daemon configured it should provide a similar wait-online
service to block network-online.target until it is ready.
The aim is to block as long as we know networking is not fully configured, but no longer. This
will allow systemd-networkd-wait-online.service to be enabled on any system, even if we don't
know whether networkd is the main/only network manager.
Even in the case networking is fully configured by networkd, the default behavior may not be
sufficient: if two links need to be configured, but the first is fully configured before the
second one appears we will assume the network is up. To work around that, we allow specifying
specific devices to wait for before considering the network up.
This unit is enabled by default, just like systemd-networkd, but will only be pulled in if
anyone pulls in network-online.target.
|
|
|
|
This essentially swaps the roles of rtnl and udev in networkd. After this
change libudev is only used for waiting for udev to initialize devices and
to get udev-specific information needed for some [Match] attributes.
This in particular simplifies the code in containers where udev is not really
useful, but also simplifies things and reduces round-trips in the non-container
case.
|
|
Also unref client objects in test code, and initalize logging,
to DEBUG by default.
|
|
These are redundant now that the REQUEST messages contain the same information.
|
|
Specify what kind of REQUEST we send, and distinguish between REBOOT and START.
Also log stop reasons as strings rather than numbers.
|
|
|
|
Also reshuffle some code to make the correspondence with the RFC a bit more
obvious.
Small functional change: fail if we try to send a message from the wrong state.
|
|
|
|
As we are now filtering the raw socket based on the transaction id, we must
reset the BPF when we reset the transaction id.
|
|
Add an explicit stop state for IPv4LL so that the user can stop the
IPv4LL client from the callback. When returning from the callback,
check also the stop state in order to halt any further protocol
processing.
|
|
Similar to DHCP, the IPv4LL library user can decide to free the LL
client any time the callback is called. Guard against freeing the
LL client in the callback by introducing proper reference counting.
Also update code using the IPv4LL library to properly handle a
returned NULL from the notify and stop functions if the IPv4LL
client was freed.
|
|
Add an explicit stop state for the DHCP client so that the library
user can issue a stop at any time the callback has been called.
When returning from the callback, check also the stop state and
stop any further DHCP processing.
|
|
The DHCP library user can decide to free the DHCP client any time
the callback is called. After the callback has been called, other
computations may still be needed - the best example being a full
restart of the DHCP procedure in case of lease expiry.
Fix this by introducing proper reference counting. Properly handle
a returned NULL from the notify and stop functions if the DHCP
client was freed.
|
|
|
|
This test should have been updated when changing the magic cookie handling around.
Reported by Ken MacLeod.
|
|
|
|
|
|
Improve the checksum computation by using 64 bit integers instead of the 16 bit
integers in the existing implementation. This change speeds up the computation
with approximately 78% both on 64 bit and 32 bit systems.
Please see RFC 1071 for details.
|
|
This should significantly reduce spurious wakeups.
|
|
Umut said: 'I have noticed a bug that we are sending PROBE/ANNOUNCE messages on
00:00:00:00:00:00 address where it should be broadcast.'
|
|
Try a bit harder to make the kernel drop packets not for us. This should reduce
the number of wakeups from n^2 to n in the number of dhcp clients, which admittedly
only makes a differenc in very extreme cases.
|
|
If they are too small to fit the IP+UDP+DHCP headers they can be of no use, so
don't waste resources parsing them. This is at the cost of losing some verbosity
in the logging.
|
|
Also move the checking of it to the main message handler, rather than the
options parser.
Fix a bug, so we now drop the packet if any of the magic bytes don't match.
Before we used to only drop the packet if they were all wrong.
|
|
Currently when both ipv4ll and dhcp are enabled, ipv4ll
address (if one has been claimed) is removed when dhcp
address is aquired. This is not the best thing to do
since there might be clients unaware of the removal
trying to communicate.
This patch provides a smooth transition between ipv4ll
and dhcp. If ipv4ll address was claimed [1] before dhcp,
address is marked as deprecated. Deprecated address is still
a valid address and packets can be received on it but address
cannot be selected as a source address. If dhcp lease cannot
be extended, then ipv4ll address is marked as valid again.
[1] If there is no collision, claiming IPv4LL takes between 4 to
7 seconds.
|
|
Filter out everything except UDP packets destined for the DHCP client port,
this should avoid the vast majority of spurious wakeups.
Filter based on [0], with permission.
Possible improvemnts: also check for the DHCP magic cookie to drop invalid
packets. Check for our xid to filter out packets destined for other clients.
[0]: <https://github.com/ambrop72/badvpn/blob/master/dhcpclient/BDHCPClient.c#L57>
|
|
|
|
Passing the protocol to socket() is redundant as it will be specified again in
bind(). Dropping the redundancy reduces the cost of bind() from ~30ms to ~0ms.
For details see [0].
networkd in a container (i.e., with next to no network latency) can now
negotiate a DHCP lease in 0.7 - 5 ms.
Thanks to Kay for help with debugging and to Daniel Borkmann for the pointer
to fix the problem.
[0]: <https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=902fefb82ef72a50c78cb4a20cc954b037a98d1c>
|
|
When receiving lots of packets that are not meant for us, we waste a relatively large amount
of cpu time computing their checksums before discarding them. Move the checksum calculation last
so we never compute it for packets which would otherwise be discarded.
|
|
|
|
Do not try to parse ICMP packets
[tomegun: slightly tweaked debug message]
|
|
|
|
CLOCK_BOOTTIME_ALARM, too
|
|
One end of the socketpair is closed by the library, so only close our end. Also switch to
the safe_close() so we get notified about problems with closing.
|
|
This does not belong in shared as it is mostly a detail of our networking subsystem.
Moreover, now we can use libudev here, which will simplify things.
|
|
Increase the chance of using the same link local address between reboots. The
pseudo random sequence of addresses we attempt is now seeded with data that is
very likely to stay the same between reboots, but at the same time be unique
to the specific machine/nic.
First we try to use the ID_NET_NAME_* data from the udev db combined with the
machin-id, which is guaranteed to be unique and persistent, if available. If
that is not possible (e.g., in containers where we don't have access to the
udev db) we fallback to using the MAC address of the interface, which is
guaranteed to be unique, and likely to be persistent.
[tomegun: three minor changes:
- don't expose HASH_KEY in the siphash24 header
- get rid of some compile-warnings (and some casts at the same time),
by using uint8_t[8] rather than uint64_t in the api
- added commit message]
|
|
If necessary, restart the clients to deal with a changing mac address
at runtime. This will solve the problem of starting clients on bridges
before they have received their final MAC address.
|
|
The DHCP RFC does not require the DHCP server to send a subnet mask, so if it
is missing, let's try to use the default subnet masks based on address class.
In case the class the address belongs to does not have a default subnet mask,
we fail as before.
Also improve logging when handling invalid dhcp messages, and simply ignore them
rather than stop the whole dhcp client.
|
|
Accept any lease lifetime greater than one second. Server should not
hand out extremely short leases, but let's not be the ones to fail.
Do not fail when arming a timer in the past, but also only arm one such
timer.
Avoid rounding errors when computing the default timeouts, this may be
an issue if we are handed a very short lease.
Also, don't pass 'time_now' around, as that can be found in the event
object when needed.
|
|
Also keep start_time in sync, but that shouldn't matter.
|
|
The value is stored in the client object, so get it there when needed.
|
|
Check that the client identifier is formatted as suggested in the
RFC and that the messages sent ends with an end option.
|
|
Since the length used by options is known, send packets with no
extra padding.
|
|
Even though client identifiers SHOULD be treated as opaque objects by
DHCP servers, follow the recommendation of a hardware type field with
value 0x01 (ethernet) followed by the hardware address as described in
RFC 2132.
|
|
Otherwise we would fail with -EINVAL. Thanks to Brandon Philips
<brandon.philips@coreos.com>, for reporting the bug.
|