Age | Commit message (Collapse) | Author |
|
Justification is similar to BPDUGuard rename. "Positive" values
are easier. This is a rather uncommon option, so using a slightly
longer name should not be a problem, and may in fact may make it
easier to guess what the option does without reading the
documentation.
|
|
Looking at the kernel commit, "on" seems to be the default value:
commit 867a59436fc35593ae0e0efcd56cc6d2f8506586
Author: Vlad Yasevich <vyasevic@redhat.com>
Date: Wed Jun 5 10:08:01 2013 -0400
bridge: Add a flag to control unicast packet flood.
Add a flag to control flood of unicast traffic. By default, flood is
on and the bridge will flood unicast traffic if it doesn't know
the destination. When the flag is turned off, unicast traffic
without an FDB will not be forwarded to the specified port.
... and it seems to be the reasonable thing to do by default.
|
|
Rename to follow the follow the style of other options.
In general "positive" options are preferred to "negative" ones,
because they are easier to describe and easier for humans to
parse (c.f. the shortening on the man page entry).
|
|
Old name was slightly misleading, because this flag does not determine
whether DSCP is used overall, but only if it is copied to the
decapsulated packet. Rename to better reflect that.
"Copy" does not imply direction. This is on purpose, because we might
later on enhance the setting to allow/disallow copying in the other
direction, to the encapsulated packet. If that is implemented,
CopyDSCP could understand additional values. This is nicer than
having two separate settings and follows the example of DHCP=.
Also, we try to avoid abbreviations, but we allow acronyms
like MTU, in DiscoverPathMTU=.
This setting was recently added, so it's fine to rename it without
backwards compat.
|
|
networkd: ip6gre add support for flowlabel
|
|
new bridge properties
br.network
[Match]
Name=enp0s25
[Network]
Bridge=br-test
[Bridge]
Cost=332
BPDUGuard = true
HairPin = true
FastLeave = true
RootBlock = true
UnicastFlood = true
|
|
|
|
This patch adds support for setting the
DSCP field in the ip6 tunnel.
when set it inherits DSCP field between inner and outer header.
|
|
Add Pv6 Flow Label support. The 20-bit Flow Label field in the IPv6
header[RFC2460] is used by a node to label packets of a flow.
|
|
networkd: allow hostname override
|
|
networkd: move config parsers to specific header files
|
|
move config_parse_tunnel_address from networkd.h to
tunnel specific file networkd-netdev-tunnel.h
|
|
move config_parse_vxlan_group_address from
networkd.h to networkd-netdev-vxlan.h
|
|
This patch adds support to configure IFF_VNET_HDR flag
for a tap device. It allows whether sending and receiving
large pass larger (GSO) packets. This greatly increases the
achievable throughput.
|
|
This patch enhances the DHCP client to send the hostname
reference
http://lists.freedesktop.org/archives/systemd-devel/2014-July/021550.html
Tested with
Example conf:
[Match]
Name=eth1
[Network]
DHCP=v4
[DHCP]
SendHostname=true
Hostname=test
|
|
property callback returns are consistent
|
|
It is no different to return 0 over 1 in the property
callback. It is confusing to return 1 which made me think
1 has a special purpose. This way code is consistent with
the rest of the tree.
|
|
Merge write_string_file(), write_string_file_no_create() and
write_string_file_atomic() into write_string_file() and provide a flags mask
that allows combinations of atomic writing, newline appending and automatic
file creation. Change all users accordingly.
|
|
- Make sure that the IPv6PrivacyExtensions=yes results in
prefer-temporary, not prefer-public.
- Introduce special enum value "kernel" to leave setting unset, similar
how we have it for the IP forwarding settings.
- Bring the enum values in sync with the the strings we parse for them,
to the level this makes sense (specifically, rename "disabled" to
"no", and "prefer-temporary" to "yes").
- Make sure we really set the value to to "no" by default, the way it is
already documented in the man page.
- Fix whitespace error.
- Make sure link_ipv6_privacy_extensions() actually returns the correct
enum type, rather than implicitly casting it to "bool".
- properly size formatting buffer for ipv6 sysctl value
- Don't complain if /proc/sys isn't writable
- Document that the enum follows the kernel's own values (0 = off, 1 =
prefer-public, 2 = prefer-temporary)
- Drop redundant negating of error code passed to log_syntax()
- Manpage fixes
This fixes a number of issues from PR #417
|
|
networkd: be more defensive when writing to ipv4/ipv6 forwarding sett…
|
|
1) never bother with setting the flag for loopback devices
2) if we fail to write the flag due to EROFS (which is likely to happen
in containers where /proc/sys is read-only) or any other error, check
if the flag already has the right value. If so, don't complain.
Closes #469
|
|
|
|
Ipv6 private extensions
|
|
This patch add support for ipv6 privacy extensions.
The variable /proc/sys/net/ipv6/conf/<if>/use_tempaddr
can be changed via the boolean
IPv6PrivacyExtensions=[yes/no/prefer-temporary]
When true enables privacy extensions, but prefer public addresses over
temporary addresses.
prefer-temporary prefers temporary adresses over public addresses.
Defaults to false.
[Match]
Name=enp0s25
[Network]
IPv6PrivacyExtensions=prefer-temporary
|
|
Error message for enumerating addresses was not 'addresses' but 'links'.
This patch fixes it.
|
|
If a link is attempted t obe enslaved by a netdev that has already failed, we
must fail immediately and not save the callback for later, as it will then
never get triggered.
|
|
This only happens when something has gone wrong, so is not easy to hit. However,
if a bridge (say) is configured on a system without bridge support we will hit
this.
Fixes issue #299.
|
|
The kernel bonding layer allows passing an array of ARP IP targets as
bond-configuration. Due to the weird implementation of arrays in netlink
(which we haven't figure out a generic way to support, yet), we usually
hard-code the supported array-sizes. However, this should not be exported
from sd-netlink.
Instead, make sure the caller just uses it's current hack of enumerating
the types, and the sd-netlink core will have it's own list of supported
array-sizes (to be removed in future extensions, btw!). If either does not
match, we will just return a normal error.
Note that we provide 2 constants for ARP_IP_TARGETS_MAX now. However, both
have very different reasons:
- the constant in netdev-bond.c is used to warn the user that the given
number of targets might not be supported by the kernel (even though the
kernel might increase that number at _any_ time)
- the constant in sd-netlink is solely used due to us missing a proper
array implementation. Once that's supported in the type-system, it can
be removed without notice
Last but not least, this patch turns the log_error() into a log_warning().
Given that the previous condition was off-by-one, anyway, it never hit at
the right time. Thus, it was probably of no real use.
|
|
Replaces strerror() usage with log_netdev_error_errno()
|
|
This ports a lot of manual code over to sigprocmask_many() and friends.
Also, we now consistly check for sigprocmask() failures with
assert_se(), since the call cannot realistically fail unless there's a
programming error.
Also encloses a few sd_event_add_signal() calls with (void) when we
ignore the return values for it knowingly.
|
|
The names fw-util.[ch] are too ambiguous, better rename the files to
firewall-util.[ch]. Also rename the test accordingly.
|
|
Improve tun/tap logging by using the new log_*errno*() functions that set 'errno' explicitly. Also fix a bunch of incorrect errno/r confusions.
|
|
Replaces strerror() usage with log_netdev_error_errno()
|
|
|
|
IPForwarding=kernel v3
|
|
In 5a8bcb674f71a20e95df55319b34c556638378ce, IPForwarding was introduced
to set forwarding flags on interfaces in .network files. networkd sets
forwarding options regardless of the previous setting, even if it was
set by e.g. sysctl. This commit creates a new option for IPForwarding,
"kernel", that preserves the sysctl settings rather than always setting
them.
See https://bugs.freedesktop.org/show_bug.cgi?id=89509 for the initial
bug report.
|
|
sd-rtnl: make joining broadcast groups implicit
|
|
|
|
networkd: bond - only set packets_per_slave on balance-rr mode
|
|
Replace strerror() usage with log_netdev_error_errno()
|
|
Replace strerror() usage with log_netdev_error_errno()
|
|
dhcp domain option
previously hostname_is_valid was used to validate domain names, which
would silently drop perfectly valid dns names that were longer than a
single dns label.
|
|
Otherwise the creation of the bond fails.
|
|
networkd: bond improve logging
|
|
utezduyar/use-async-convenience-function-on-setting-hostname
networkd: use async convenience call to set hostname
|
|
|
|
Replaces a lof of strerror() usage with log_netdev_error_errno()
|
|
Replaces a lof of strerror() usage with log_netdev_error_errno()
|
|
Replaces a lof of strerror() usage with log_netdev_error_errno()
|
|
networkd: actually always use AddressFamilyBoolean as the bit mask it is
|