From fbc38f230bcc296772f53898fb79cda7075025b8 Mon Sep 17 00:00:00 2001 From: Tom Yan Date: Wed, 25 May 2016 20:04:01 +0800 Subject: networkd: set IFLA_INET6_ADDR_GEN_MODE as per stable_secret Although networkd has option (LinkLocalAddressing=) to toggle IPv6LL autoconfiguration, when it is enabled, the address is autoconfigured by the kernel, but not networkd. Therefore, we do not statically set IFLA_INET6_ADDR_GEN_MODE to IN6_ADDR_GEN_MODE_EUI64, but dynamically depending on whether stable_secret is set, just as what the kernel does by default. Note that this does NOT affect the global addresses configured by networkd. --- src/network/networkd-link.c | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) (limited to 'src/network') diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c index a021fc886f..9d2f244087 100644 --- a/src/network/networkd-link.c +++ b/src/network/networkd-link.c @@ -1607,7 +1607,20 @@ static int link_up(Link *link) { if (r < 0) return log_link_error_errno(link, r, "Could not open AF_INET6 container: %m"); - ipv6ll_mode = link_ipv6ll_enabled(link) ? IN6_ADDR_GEN_MODE_EUI64 : IN6_ADDR_GEN_MODE_NONE; + if (!link_ipv6ll_enabled(link)) + ipv6ll_mode = IN6_ADDR_GEN_MODE_NONE; + else { + const char *p = NULL; + _cleanup_free_ char *stable_secret = NULL; + + p = strjoina("/proc/sys/net/ipv6/conf/", link->ifname, "/stable_secret"); + r = read_one_line_file(p, &stable_secret); + + if (r < 0) + ipv6ll_mode = IN6_ADDR_GEN_MODE_EUI64; + else + ipv6ll_mode = IN6_ADDR_GEN_MODE_STABLE_PRIVACY; + } r = sd_netlink_message_append_u8(req, IFLA_INET6_ADDR_GEN_MODE, ipv6ll_mode); if (r < 0) return log_link_error_errno(link, r, "Could not append IFLA_INET6_ADDR_GEN_MODE: %m"); -- cgit v1.2.3-54-g00ecf From 4cef7fe3d1e8db7b1c20fb920c6e0ba05b0d2fc0 Mon Sep 17 00:00:00 2001 From: Tom Yan Date: Wed, 25 May 2016 20:40:48 +0800 Subject: networkd: Disable IPv6 when DHCPv6 is only enabled DHCPv6 requires an IPv6 link-local address to work. The client will not be started (even when enabled explicitly with `DHCP=`) if none is configured (either by autoconfiguration or manually). Therefore, disable IPv6 in such case. --- src/network/networkd-link.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'src/network') diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c index 9d2f244087..6e6f9618b0 100644 --- a/src/network/networkd-link.c +++ b/src/network/networkd-link.c @@ -110,7 +110,8 @@ static bool link_ipv6_enabled(Link *link) { if (!socket_ipv6_is_supported()) return false; - return link_dhcp6_enabled(link) || link_ipv6ll_enabled(link) || network_has_static_ipv6_addresses(link->network); + /* DHCPv6 client will not be started if no IPv6 link-local address is configured. */ + return link_ipv6ll_enabled(link) || network_has_static_ipv6_addresses(link->network); } static bool link_lldp_rx_enabled(Link *link) { @@ -1577,7 +1578,7 @@ static int link_up(Link *link) { return log_link_error_errno(link, r, "Could not set MAC address: %m"); } - /* If IPv6 not configured (no static IPv6 address and neither DHCPv6 nor IPv6LL is enabled) + /* If IPv6 not configured (no static IPv6 address and IPv6LL autoconfiguration is disabled) for this interface then disable IPv6 else enable it. */ (void) link_enable_ipv6(link); -- cgit v1.2.3-54-g00ecf From 2b2d8603ce5b9cbe797745ab6339f6f5e0dfb4ad Mon Sep 17 00:00:00 2001 From: Tom Yan Date: Sat, 28 May 2016 13:31:41 +0800 Subject: networkd: unset master if not enslaved with networkd When we manage an interface with networkd but not as a slave (i.e. no `Bridge=` or `Bond=` set in its .network), we do not want it to remain slaved. --- src/network/networkd-link.c | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'src/network') diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c index 6e6f9618b0..377e6f52f4 100644 --- a/src/network/networkd-link.c +++ b/src/network/networkd-link.c @@ -1568,6 +1568,13 @@ static int link_up(Link *link) { if (r < 0) return log_link_error_errno(link, r, "Could not allocate RTM_SETLINK message: %m"); + /* set it free if not enslaved with networkd */ + if (!link->network->bridge && !link->network->bond) { + r = sd_netlink_message_append_u32(req, IFLA_MASTER, 0); + if (r < 0) + return log_link_error_errno(link, r, "Could not append IFLA_MASTER attribute: %m"); + } + r = sd_rtnl_message_link_set_flags(req, IFF_UP, IFF_UP); if (r < 0) return log_link_error_errno(link, r, "Could not set link flags: %m"); -- cgit v1.2.3-54-g00ecf From 2b00a4e03dc375465de7f60f3a6937cbe8ffdf31 Mon Sep 17 00:00:00 2001 From: Tom Yan Date: Sat, 28 May 2016 13:35:01 +0800 Subject: networkd: disable IPv6 for bridge slave If an interface is managed as a bridge slave, we don't want any IP configuration for it. Therefore, disable IPv6 in such case. --- src/network/networkd-link.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'src/network') diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c index 377e6f52f4..0d9d228796 100644 --- a/src/network/networkd-link.c +++ b/src/network/networkd-link.c @@ -110,6 +110,9 @@ static bool link_ipv6_enabled(Link *link) { if (!socket_ipv6_is_supported()) return false; + if (link->network->bridge) + return false; + /* DHCPv6 client will not be started if no IPv6 link-local address is configured. */ return link_ipv6ll_enabled(link) || network_has_static_ipv6_addresses(link->network); } @@ -1586,7 +1589,7 @@ static int link_up(Link *link) { } /* If IPv6 not configured (no static IPv6 address and IPv6LL autoconfiguration is disabled) - for this interface then disable IPv6 else enable it. */ + for this interface, or if it is a bridge slave, then disable IPv6 else enable it. */ (void) link_enable_ipv6(link); if (link->network->mtu) { -- cgit v1.2.3-54-g00ecf