summaryrefslogtreecommitdiff
path: root/src/network/networkd-link.c
AgeCommit message (Collapse)Author
2016-01-10tree-wide: unify argument lists of IN_SET()Daniel Mack
The new implementation will not allow passing the same values more than once, so clean up first.
2016-01-06resolved: introduce support for per-interface negative trust anchorsLennart Poettering
2016-01-05resolved,networkd: add a per-interface DNSSEC settingLennart Poettering
This adds a DNSSEC= setting to .network files, and makes resolved honour them.
2016-01-05networkd,resolved: add a per-interface mdns configuration optionLennart Poettering
2015-11-27tree-wide: expose "p"-suffix unref calls in public APIs to make gcc cleanup easyLennart Poettering
GLIB has recently started to officially support the gcc cleanup attribute in its public API, hence let's do the same for our APIs. With this patch we'll define an xyz_unrefp() call for each public xyz_unref() call, to make it easy to use inside a __attribute__((cleanup())) expression. Then, all code is ported over to make use of this. The new calls are also documented in the man pages, with examples how to use them (well, I only added docs where the _unref() call itself already had docs, and the examples, only cover sd_bus_unrefp() and sd_event_unrefp()). This also renames sd_lldp_free() to sd_lldp_unref(), since that's how we tend to call our destructors these days. Note that this defines no public macro that wraps gcc's attribute and makes it easier to use. While I think it's our duty in the library to make our stuff easy to use, I figure it's not our duty to make gcc's own features easy to use on its own. Most likely, client code which wants to make use of this should define its own: #define _cleanup_(function) __attribute__((cleanup(function))) Or similar, to make the gcc feature easier to use. Making this logic public has the benefit that we can remove three header files whose only purpose was to define these functions internally. See #2008.
2015-11-25networkd: link - do not drop config for loopback deviceChristian Hesse
Commit 5e5b137a (networkd: link - drop foreign config when configuring link) introduced a regression where addresses (including 127.0.0.1) are removed from loopback device. Do not handle loopback device when removing foreign configs. Signed-off-by: Christian Hesse <mail@eworm.de>
2015-11-22networkd: link - fix reading routesThomas Hindoe Paaboel Andersen
This regressed during the port to extract_first_word in c598ac76 (v228). CID #1338083
2015-11-19Revert "networkd: ndisc - revert to letting the kernel handle NDisc"Tom Gundersen
This reverts commit 23f186494cf041107896fc4bd7fc5b8f921fd79f. The bug has now been fixed, so we can go back to managing this ourselves.
2015-11-18network: fix indentationThomas Hindoe Paaboel Andersen
2015-11-18networkd: ndisc - revert to letting the kernel handle NDiscTom Gundersen
There is still a bug in the userspace version, so temporarily revert this. This is a work-around for issue #1866.
2015-11-17sd-dhcp6-client: bind to link-local addressTom Gundersen
This ensures that several DHCPv6 clients can run on separate interfaces simultaneously.
2015-11-17networkd: ndisc - always configure dhcp6 clientTom Gundersen
The ndisc client may trigger the dhcpv6 client to be started (this is the common case), so we should allocate the dhcpv6 client whenever we allocate the ndisc one.
2015-11-16networkd: ndisc/dhcpv6 - handle starting running clientsTom Gundersen
The clients may be triggered to be started repeatedly without being stopped first, simply swallow the error rather than failing the link.
2015-11-13networkd: check explicit state rather than link->networkTom Gundersen
When deserializing we can now have an attached network without the various clients yet having been configured. Hence, don't misused the link->network as a check to determine if a link is ready to be used, but check the state explicitly.
2015-11-13networkd: stop managing per-interface IP forwarding settingsLennart Poettering
As it turns out the kernel does not support per-interface IPv6 packet forwarding controls (unlike as it does for IPv4), but only supports a global option (#1597). Also, the current per-interface management of the setting isn't really useful, as you want it to propagate to at least one more interface than the one you configure it on. This created much grief (#1411, #1808). Hence, let's roll this logic back and simplify this again, so that we can expose the same behaviour on IPv4 and IPv6 and things start to work automatically again for most folks: if a network with this setting set is set up we propagate the setting into the global setting, but this is strictly one-way: we never reset it again, and we do nothing for network interfaces where this setting is not enabled. Fixes: #1808, #1597.
2015-11-13networkd: rearrange checks when to write something into sysctl a bitLennart Poettering
Move check whether ipv6 is available into link_ipv6_privacy_extensions() to keep it as internal and early as possible. Always check if there's a network attached to a link before we apply sysctls. We do this for most of the sysctl functions already, with this change we do it for all.
2015-11-13networkd: fix a couple of format string typesLennart Poettering
We really should use %i for ints, and %u for unsigneds, and be careful what we pick depending on the type we want to print.
2015-11-13util-lib: optionally, when writing a string to a file, verify string on failureLennart Poettering
With this change, the idiom: r = write_string_file(p, buf, 0); if (r < 0) { if (verify_one_line_file(p, buf) > 0) r = 0; } gets reduced to: r = write_string_file(p, buf, WRITE_STRING_FILE_VERIFY_ON_FAILURE); i.e. when writing the string fails and the new flag WRITE_STRING_FILE_VERIFY_ON_FAILURE is specified we'll not return a failure immediately, but check the contents of the file. If it matches what we wanted to write we suppress the error and exit cleanly.
2015-11-11networkd: link - drop foreign config when configuring linkTom Gundersen
This is a change in behavior: Before we would never remove any state, only add to it, we now drop unwanted state from any link the moment we start managing it. Note however, that we still will not remove any foreign state added at runtime, to avoid any feedback loops. However, we make no guarantees about coexisting with third-party tools that change the state of the links we manage.
2015-11-11networkd: improve loggingTom Gundersen
2015-11-11networkd: link - track state of IPv6LL addressTom Gundersen
This is managed by the kernel, but we should track whether or not we have a configured IPv6LL address. This fixes two issues: - we now wait for IPv6LL before considering the link ready - we now wait for IPv6LL before attempting to do NDisc or DHCPv6 these protocols relies on an LL address being available.
2015-11-11networkd: ndisc - handle router advertisement in userspaceTom Gundersen
Router Discovery is a core part of IPv6, which by default is handled by the kernel. However, the kernel implementation is meant as a fall-back, and to fully support the protocol a userspace implementation is desired. The protocol essentially listens for Router Advertisement packets from routers on the local link and use these to configure the client automatically. The four main pieces of information are: what kind (if any) of DHCPv6 configuration should be performed; a default gateway; the prefixes that should be considered to be on the local link; and the prefixes with which we can preform SLAAC in order to pick a global IPv6 address. A lot of additional information is also available, which we do not yet fully support, but which will eventually allow us to avoid the need for DHCPv6 in the common case. Short-term, the reason for wanting this is in userspace was the desire to fully track all the addresses on links we manage, and that is not possible for addresses managed by the kernel (as the kernel does not expose to us the fact that it manages these addresses). Moreover, we would like to support stable privacy addresses, which will soon be mandated and the legacy MAC-based global addresses deprecated, to do this well we need to handle the generation in userspace. Lastly, more long-term we wish to support more RA options than what the kernel exposes.
2015-11-11networkd: IPv6 router discovery - follow IPv6AcceptRouterAdvertisemnt=Tom Gundersen
The previous behavior: When DHCPv6 was enabled, router discover was performed first, and then DHCPv6 was enabled only if the relevant flags were passed in the Router Advertisement message. Moreover, router discovery was performed even if AcceptRouterAdvertisements=false, moreover, even if router advertisements were accepted (by the kernel) the flags indicating that DHCPv6 should be performed were ignored. New behavior: If RouterAdvertisements are accepted, and either no routers are found, or an advertisement is received indicating DHCPv6 should be performed, the DHCPv6 client is started. Moreover, the DHCP option now truly enables the DHCPv6 client regardless of router discovery (though it will probably not be very useful to get a lease withotu any routes, this seems the more consistent approach). The recommended default setting should be to set DHCP=ipv4 and to leave IPv6AcceptRouterAdvertisements unset.
2015-11-10networkd: Add support to configure IPV6 hop limitSusant Sahani
This patch adds support to configure IPV6 hop limit. For example: /proc/sys/net/ipv6/conf/wlp3s0/hop_limit
2015-11-03Merge pull request #1726 from teg/networkd-2Daniel Mack
networkd: (de)serialize more state and support expiring routes
2015-10-30networkd: link - port to extract_first_word()Tom Gundersen
2015-10-30networkd: route - add expiration supportTom Gundersen
This should really live in the kernel, but the netlink API currently does not support it. Until support has been added, expire the route from userspace.
2015-10-30networkd: link - deserialize routesTom Gundersen
2015-10-30networkd: link - (de)serialize IPv4LL and DHCPv4 addressesTom Gundersen
This initializes the clients to try rebinding the preexisting addresses before doing anything else.
2015-10-30networkd: link - deserializeTom Gundersen
For now only deserialize some basic state and the applied addresses. When a link is added, try to deserialize it's state from /run. This is relevant only when networkd is restarted at runtime.
2015-10-30networkd: link - serialize routesTom Gundersen
2015-10-30networkd: route - rename fields in structTom Gundersen
2015-10-29network: fix use-after-free in link_freeHristo Venev
Freeing a link removes it both from addresses and addresses_foreign, causing SIGSEGV if one of the sets is freed.
2015-10-27util-lib: split out allocation calls into alloc-util.[ch]Lennart Poettering
2015-10-27util-lib: split out printf() helpers to stdio-util.hLennart Poettering
2015-10-27util-lib: move string table stuff into its own string-table.[ch]Lennart Poettering
2015-10-25util-lib: split out fd-related operations into fd-util.[ch]Lennart Poettering
There are more than enough to deserve their own .c file, hence move them over.
2015-10-22networkd: ndisc - make logging messages uniformTom Gundersen
Refer to Router Discovery rather than ICMPv6.
2015-10-22networkd: rename icmp6 to ndiscTom Gundersen
2015-10-22sd-ndisc: rename API from sd-icmp6-ndTom Gundersen
2015-10-21networkd: manager/link - only serialize once per event-loop iterationTom Gundersen
Every time the state is written out we may trigger third-party apps, so let's be a bit more careful about writing this out unnecessarily.
2015-10-21networkd: link - serialize addressesTom Gundersen
2015-10-21networkd: address - distinguish between addresses added by us and by othersTom Gundersen
We only keep the addresses that we added ourselves in link->addresses, and introduce a new set link->addresses_foreign to keep addresses of unknown origin. Only functional change is that "foreign" addresses no longer prevent a link from entering "configured" state.
2015-10-21networkd: address - merge _change() into _configure()Tom Gundersen
These functions are almost entirely the same, so avoid duplication.
2015-10-21networkd: link - only consider configured when all addresses are readyTom Gundersen
We were considering a link configured whilst its IPv6 addresses were still tentative. Fixes issue #650.
2015-10-16networkd: add support for configure IPv6 DADSusant Sahani
Configures Ipv6 Duplicate Address Detection. 10
2015-10-14Merge pull request #1530 from teg/network-fixes-2Lennart Poettering
networkd/libsystemd-network: collection of trivial patches v2
2015-10-12man: describe IPv6AcceptRouterAdvertisements= betterZbigniew Jędrzejewski-Szmek
With the previous description it wasn't clear that the kernel default is being described. Add link to kernel docs.
2015-10-11networkd: address - introduce address_is_ready()Tom Gundersen
Checks that a given address is not tentative nor deprecated.
2015-10-11networkd: make address_{establish,release}() staticTom Gundersen
No need to expose these functions, but rather call them from address_{add,drop}.