| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
|
|
The long name is just too hard to type. We generally should avoid using
acronyms too liberally, if they aren't established enough, but it appears that
"RA" is known well enough. Internally we call the option "ipv6_accept_ra"
anyway, and the kernel also exposes it under this name. Hence, let's rename the
IPv6AcceptRouterAdvertisements= setting and the
[IPv6AcceptRouterAdvertisements] section to IPv6AcceptRA= and [IPv6AcceptRA].
The old setting IPv6AcceptRouterAdvertisements= is kept for compatibility with
older configuration. (However the section [IPv6AcceptRouterAdvertisements] is
not, as it was never available in a published version of systemd.
|
|
This reworks sd-ndisc and networkd substantially to support IPv6 RA much more
comprehensively. Since the API is extended quite a bit networkd has been ported
over too, and the patch is not as straight-forward as one could wish. The
rework includes:
- Support for DNSSL, RDNSS and RA routing options in sd-ndisc and networkd. Two
new configuration options have been added to networkd to make this
configurable.
- sd-ndisc now exposes an sd_ndisc_router object that encapsulates a full RA
message, and has direct, friendly acessor functions for the singleton RA
properties, as well as an iterative interface to iterate through known and
unsupported options. The router object may either be retrieved from the wire,
or generated from raw data. In many ways the sd-ndisc API now matches the
sd-lldp API, except that no implicit database of seen data is kept. (Note
that sd-ndisc actually had a half-written, but unused implementaiton of such
a store, which is removed now.)
- sd-ndisc will now collect the reception timestamps of RA, which is useful to
make sd_ndisc_router fully descriptive of what it covers.
Fixes: #1079
|
|
Add an option to disable appending DHCP option 3 (Router) to the DHCP
OFFER and ACK packets.
This commit adds the boolean option EmitRouter= for the [DHCPServer]
section in .network files.
Rationale: On embedded devices, it is very useful to have a DHCP server
running on an USB OTG ethernet gadget interface to avoid manual setup on
the client PCs, but it should only serve IP addresses, no route(r)s.
Otherwise, Windows clients experience network connectivity issues, due
to them using the address set in DHCP option 3 as default gateway.
Signed-off-by: Clemens Gruber <clemens.gruber@pqgruber.com>
|
|
This allows selecting the propagation level of emitted LLDP packets
(specifically: the destination MAC address of the packets). This is useful
because it allows generating LLDP packets that optionally cross certain types
of bridges.
See 802.11ab-2009, Table 7-1 for details.
|
|
It's only relevant to DHCP, and it should be where the DUID is configured too.
|
|
Rework DUID setting
|
|
Closes #2166.
We only allow 0, infinity and forever.
infinity and forever is same.
|
|
networkd: add support to set route table
1. add support to configure the table id.
if id is less than 256 we can fit this in the header of route as
netlink property is a char. But in kernel this proepty is a
unsigned 32. Hence if greater that 256 add this as RTA_TABLE
attribute.
2. we are not setting the address family now. Now set this property.
|
|
Separate fields are replaced with a struct.
Second second duid type field is removed. The first field was used to carry
the result of DUIDType= configuration, and the second was either a copy of
this, or contained the type extracted from DuidRawData. The semantics are changed
so that the type specified in DUIDType is always used. DUIDRawData= no longer
overrides the type setting.
The networkd code is now more constrained than the sd-dhcp code:
DUIDRawData cannot have 0 length, length 0 is treated the same as unsetting.
Likewise, it is not possible to set a DUIDType=0. If it ever becomes necessary
to set type=0 or a zero-length duid, the code can be changed to support that.
Nevertheless, I think that's unlikely.
This addresses #3127 § 1 and 3.
v2:
- rename DUID.duid, DUID.duid_len to DUID.raw_data, DUID.raw_data_len
|
|
Let's move DUID configuration into the [DHCP] section, since it only makes
sense in a DHCP context, and should be close to the configuration of
ClientIdentifier= and suchlike.
This really shouldn't be a section of its own, we don't have any for any of our
other per-protocol specific identifiers...
Follow-up for #2890 #2943
|
|
Fixes: #2889
|
|
|
|
|
|
|
|
Let's add some minimalistic LLDP sender support. The idea is that this is
either on or off, and all fields determined automatically rather than
configured explicitly.
|
|
This reworks the sd-lldp substantially, simplifying things on one hand, and
extending the logic a bit on the other.
Specifically:
- Besides the sd_lldp object only one other object is maintained now,
sd_lldp_neighbor. It's used both as storage for literal LLDP packets, and for
maintainging info about peers in the database. Separation between packet, TLV
and chassis data is not maintained anymore. This should be a major
simplification.
- The sd-lldp API has been extended so that a couple of per-neighbor fields may
be queried directly, without iterating through the object. Other fields that
may appear multiple times, OTOH have to be iterated through.
- The maximum number of entries in the neighbor database is now configurable
during runtime.
- The generation of callbacks from sd_lldp objects is more restricted:
callbacks are only invoked when actual data changed.
- The TTL information is now hooked with a timer event, so that removals from
the neighbor database due to TTLs now result in a callback event.
- Querying LLDP neighbor database will now return a strictly ordered array, to
guarantee stability.
- A "capabilities" mask may now be configured, that selects what type of LLDP
neighbor data is collected. This may be used to restrict collection of LLDP
info about routers instead of all neighbors. This is now exposed via
networkd's LLDP= setting.
- sd-lldp's API to serialize the collected data to text files has been removed.
Instead, there's now an API to extract the raw binary data from LLDP neighbor
objects, as well as one to convert this raw binary data back to an LLDP
neighbor object. networkd will save this raw binary data to /run now, and the
client side can simply parse the information.
- support for parsing the more exotic TLVs has been removed, since we are not
using that. Instead there are now APIs to extract the raw data from TLVs.
Given how easy it is to parse the TLVs clients should do so now directly
instead of relying on our APIs for that.
- A lot of the APIs that parse out LLDP strings have been simplified so that
they actually return strings, instead of char arrays with a length. To deal
with possibly dangerous characters the strings are escaped if needed.
- APIs to extract and format the chassis and port IDs as strings has been
added.
- lldp.h has been simplified a lot. The enums are anonymous now, since they
were never used as enums, but simply as constants. Most definitions we don't
actually use ourselves have eben removed.
|
|
This changes the UseDomains= setting of .network files to take an optional third value "route", in addition to the
boolean values. If set, the passed domain information is used for routing rules only, but not for the search path
logic.
|
|
configuration settings
All booleans called dhcp_xyz are now called ".dhcp_use_xyz", to match their respective configuration file settings. This
should clarify things a bit, in particular as there is a DHCP hostname that was previously called just ".hostname"
because ".dhcp_hostname" was already existing as a bool. Since this confusion is removed now because the bool is called
".dhcp_use_hostname", the string field is now renamed to ".dhcp_hostname".
|
|
Previously, .network files only knew a vaguely defined "Domains=" concept, for which the documentation declared it was
the "DNS domain" for the network connection, without specifying what that means.
With this the Domains setting is reworked, so that there are now "routing" domains and "search" domains. The former are
to be used by resolved to route DNS request to specific network interfaces, the latter is to be used for searching
single-label hostnames with (in addition to being used for routing). Both settings are configured in the "Domains="
setting. Normal domain names listed in it are now considered search domains (for compatibility with existing setups),
while those prefixed with "~" are considered routing domains only. To route all lookups to a specific interface the
routing domain "." may be used, referring to the root domain. An alternative syntax for this is the "*", as was already
implemented before using the "wildcard" domain concept.
This commit adds proper parsers for this new logic, and exposes this via the sd-network API. This information is not
used by resolved yet, this will be added in a later commit.
|
|
|
|
This adds a DNSSEC= setting to .network files, and makes resolved honour
them.
|
|
|
|
networkd previously knew an enum "ResolveSupport" for configuring
per-interface LLMNR support, resolved had a similar enum just called
"Support", with the same value and similar pasers.
Unify this, call the enum ResolveSupport, and port both daemons to it.
|
|
This patch adds support to configure IPV6 hop limit.
For example:
/proc/sys/net/ipv6/conf/wlp3s0/hop_limit
|
|
Configures Ipv6 Duplicate Address Detection.
10
|
|
|
|
This patch support to configure the ipv6 acceprt ra option.
for more information see
http://www.tldp.org/HOWTO/Linux+IPv6-HOWTO/proc-sys-net-ipv6..html
|
|
The constraints we place on the pool is that it is a contiguous
sequence of addresses in the same subnet as the server address, not
including the subnet nor broadcast addresses, but possibly including
the server address itself. If the server address is included in the
pool it is (obviously) reserved and not handed out to clients.
|
|
For now, this is very simple and IP addresses have to be configured
manually.
|
|
|
|
This one is simply to add: encode the tzdata timezone in the DHCP
options and optionally make use of it.
|
|
Rename the enum, the lookup functions and the parser for LLMNRSupport so
the type can be reused for mDNS.
|
|
This patch add support for macvtap.
see http://virt.kernelnewbies.org/MacVTap
|
|
Justification is similar to BPDUGuard rename. "Positive" values
are easier. This is a rather uncommon option, so using a slightly
longer name should not be a problem, and may in fact may make it
easier to guess what the option does without reading the
documentation.
|
|
Rename to follow the follow the style of other options.
In general "positive" options are preferred to "negative" ones,
because they are easier to describe and easier for humans to
parse (c.f. the shortening on the man page entry).
|
|
new bridge properties
br.network
[Match]
Name=enp0s25
[Network]
Bridge=br-test
[Bridge]
Cost=332
BPDUGuard = true
HairPin = true
FastLeave = true
RootBlock = true
UnicastFlood = true
|
|
This patch enhances the DHCP client to send the hostname
reference
http://lists.freedesktop.org/archives/systemd-devel/2014-July/021550.html
Tested with
Example conf:
[Match]
Name=eth1
[Network]
DHCP=v4
[DHCP]
SendHostname=true
Hostname=test
|
|
This patch add support for ipv6 privacy extensions.
The variable /proc/sys/net/ipv6/conf/<if>/use_tempaddr
can be changed via the boolean
IPv6PrivacyExtensions=[yes/no/prefer-temporary]
When true enables privacy extensions, but prefer public addresses over
temporary addresses.
prefer-temporary prefers temporary adresses over public addresses.
Defaults to false.
[Match]
Name=enp0s25
[Network]
IPv6PrivacyExtensions=prefer-temporary
|
|
In 5a8bcb674f71a20e95df55319b34c556638378ce, IPForwarding was introduced
to set forwarding flags on interfaces in .network files. networkd sets
forwarding options regardless of the previous setting, even if it was
set by e.g. sysctl. This commit creates a new option for IPForwarding,
"kernel", that preserves the sysctl settings rather than always setting
them.
See https://bugs.freedesktop.org/show_bug.cgi?id=89509 for the initial
bug report.
|
|
Despite having the internal logic in place to enable/disable using NTP
servers provided by DHCP the network config didn't expose the option.
|
|
|
|
Introduce BindCarrier= to indicate the set of links that determine if
the current link should be brought UP or DOWN.
[tomegun: add a bit to commit message]
|
|
Too generic name.
|
|
Makes it a bit less ambiguous.
|
|
Match{Name,OrginalName,Type,Driver,Path} can now take a space-separated glob of matches.
|
|
For now we only support the hardcoded values RT_SCOPE_{UNIVERSE,LOCAL,HOST},
and not numerical values or values from /etc/iproute2/rt_scopes.
This addresses https://bugs.freedesktop.org/show_bug.cgi?id=88508.
|
|
This allows the admin to set the host-specific part of IPv6 addresses, but still
receive the prefix via SLAAC.
.network file snippet:
[Network]
IPv6Token=::12
gives:
$ ip token
token ::12 dev eth0
This closes https://bugs.freedesktop.org/show_bug.cgi?id=81177.
|
