Age | Commit message (Collapse) | Author |
|
Currently when both ipv4ll and dhcp are enabled, ipv4ll
address (if one has been claimed) is removed when dhcp
address is aquired. This is not the best thing to do
since there might be clients unaware of the removal
trying to communicate.
This patch provides a smooth transition between ipv4ll
and dhcp. If ipv4ll address was claimed [1] before dhcp,
address is marked as deprecated. Deprecated address is still
a valid address and packets can be received on it but address
cannot be selected as a source address. If dhcp lease cannot
be extended, then ipv4ll address is marked as valid again.
[1] If there is no collision, claiming IPv4LL takes between 4 to
7 seconds.
|
|
Filter out everything except UDP packets destined for the DHCP client port,
this should avoid the vast majority of spurious wakeups.
Filter based on [0], with permission.
Possible improvemnts: also check for the DHCP magic cookie to drop invalid
packets. Check for our xid to filter out packets destined for other clients.
[0]: <https://github.com/ambrop72/badvpn/blob/master/dhcpclient/BDHCPClient.c#L57>
|
|
|
|
Passing the protocol to socket() is redundant as it will be specified again in
bind(). Dropping the redundancy reduces the cost of bind() from ~30ms to ~0ms.
For details see [0].
networkd in a container (i.e., with next to no network latency) can now
negotiate a DHCP lease in 0.7 - 5 ms.
Thanks to Kay for help with debugging and to Daniel Borkmann for the pointer
to fix the problem.
[0]: <https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=902fefb82ef72a50c78cb4a20cc954b037a98d1c>
|
|
When receiving lots of packets that are not meant for us, we waste a relatively large amount
of cpu time computing their checksums before discarding them. Move the checksum calculation last
so we never compute it for packets which would otherwise be discarded.
|
|
|
|
Do not try to parse ICMP packets
[tomegun: slightly tweaked debug message]
|
|
|
|
CLOCK_BOOTTIME_ALARM, too
|
|
One end of the socketpair is closed by the library, so only close our end. Also switch to
the safe_close() so we get notified about problems with closing.
|
|
This does not belong in shared as it is mostly a detail of our networking subsystem.
Moreover, now we can use libudev here, which will simplify things.
|
|
Increase the chance of using the same link local address between reboots. The
pseudo random sequence of addresses we attempt is now seeded with data that is
very likely to stay the same between reboots, but at the same time be unique
to the specific machine/nic.
First we try to use the ID_NET_NAME_* data from the udev db combined with the
machin-id, which is guaranteed to be unique and persistent, if available. If
that is not possible (e.g., in containers where we don't have access to the
udev db) we fallback to using the MAC address of the interface, which is
guaranteed to be unique, and likely to be persistent.
[tomegun: three minor changes:
- don't expose HASH_KEY in the siphash24 header
- get rid of some compile-warnings (and some casts at the same time),
by using uint8_t[8] rather than uint64_t in the api
- added commit message]
|
|
If necessary, restart the clients to deal with a changing mac address
at runtime. This will solve the problem of starting clients on bridges
before they have received their final MAC address.
|
|
The DHCP RFC does not require the DHCP server to send a subnet mask, so if it
is missing, let's try to use the default subnet masks based on address class.
In case the class the address belongs to does not have a default subnet mask,
we fail as before.
Also improve logging when handling invalid dhcp messages, and simply ignore them
rather than stop the whole dhcp client.
|
|
Accept any lease lifetime greater than one second. Server should not
hand out extremely short leases, but let's not be the ones to fail.
Do not fail when arming a timer in the past, but also only arm one such
timer.
Avoid rounding errors when computing the default timeouts, this may be
an issue if we are handed a very short lease.
Also, don't pass 'time_now' around, as that can be found in the event
object when needed.
|
|
Also keep start_time in sync, but that shouldn't matter.
|
|
The value is stored in the client object, so get it there when needed.
|
|
Check that the client identifier is formatted as suggested in the
RFC and that the messages sent ends with an end option.
|
|
Since the length used by options is known, send packets with no
extra padding.
|
|
Even though client identifiers SHOULD be treated as opaque objects by
DHCP servers, follow the recommendation of a hardware type field with
value 0x01 (ethernet) followed by the hardware address as described in
RFC 2132.
|
|
Otherwise we would fail with -EINVAL. Thanks to Brandon Philips
<brandon.philips@coreos.com>, for reporting the bug.
|
|
Init-Reboot is tried if a client IP address has been given when
the DHCP client is started. In Init-Reboot, start by sending a
broadcast DHCP Request including the supplied client IP address
but without the server identifier. After sending the request,
enter Reboot state.
If a DHCP Ack is received, proceed to Bound state as usual. If a
DHCP Nak is received or the first timeout triggers, start the
address acquisition over from DHCP Init state.
See RFC 2131, sections 4.3.2, 4.4, 4.4.1 and 4.4.2 for details.
|
|
This causes the DHCP client struct initialization and DHCP client
starting to be factored out into functions of their own.
|
|
|
|
Remove identical checksum function implementation from the test
case code.
|
|
safe_close() automatically becomes a NOP when a negative fd is passed,
and returns -1 unconditionally. This makes it easy to write lines like
this:
fd = safe_close(fd);
Which will close an fd if it is open, and reset the fd variable
correctly.
By making use of this new scheme we can drop a > 200 lines of code that
was required to test for non-negative fds or to reset the closed fd
variable afterwards.
|
|
The default slack caused there to be a delay before timers fired. Solve it
by setting timers that should trigger immediately to trigger far in the past.
This brings down the ideal-case dhcp lease acquisition time from about 500ms to
about 50ms (over a veth pair, so no network latency involved).
All the rest of the time (except for ~0.5ms) is spent in the bind() call in,
dhcp_network_bind_raw_socket(). I don't know if there is anything to be done
about that though...
|
|
This allows us to drop the repeated attempted creations of the runtime dirs during runtime.
|
|
|
|
|
|
We are already assuming the close() will not fail, so make it explicit.
|
|
This will be needed for sd-dhcp-server.
|
|
|
|
Implements IPv4LL with respect to RFC 3927
(http://tools.ietf.org/rfc/rfc3927.txt) and integrates it
with networkd. Majority of the IPv4LL state machine is
taken from avahi (http://avahi.org/) project's autoip.
IPv4LL can be enabled by IPv4LL=yes under [Network]
section of .network file.
IPv4LL works independent of DHCP but if DHCP lease is
aquired, then LL address will be dropped.
[tomegun: removed a trailing newline and a compiler warning]
|
|
|
|
|
|
This is necessary when mounting /dev/nfs based on a DHCP lease.
|
|
This is similar to sd-login, but exposes the state of networkd rather than logind.
Include it in libsystemd-dhcp and rename it to libsystemd-network.
|