Interfaces may come up at any time, even during our initialization of
them, for various reasons; e.g. the kernel will raise VLAN when its
parent is raised; or we will raise an interface if configured with
BindCarrier and its associated interfaces come up.
When LinkLocalAddressing has been disabled for ipv6, we disable
addr_gen_mode in the kernel, so it will not automatically create a
ipv6ll address when the interface is raised. However, we currently
drop all foreign addresses before disabling addr_gen_mode.
If the link has been up for a long time, then its kernel-created ipv6ll
address will be correctly dropped. If the link is down, and stays
down until we raise it after finishing configuration, the addr_gen_mode
setting will be disabled when the interface is raised and the kernel
will not create any ipv6ll address.
However, if the interface is raised after dropping foreign config,
but before we have disabled addr_gen_mode, the kernel will create a
ipv6ll tentative address that will eventually finish DAD and become a
working ipv6ll address, even though we have been configured to disable
ipv6ll.
Moving our call to drop foreign addresses to after we have successfully
set addr_gen_mode closes this window; after we disable addr_gen_mode,
we can safely remove foreign ipv6ll addresses (including tentative ones)
and be sure that the kernel will not create any more.
Fixes: #13882.
The kernel will create an ipv6ll tentative address immediately when an
interface is raised if addr_gen_mode is not disabled; and, the kernel does
not notify netlink listeners about any tentative addresses. So it's
possible for an interface to contain tentative ipv6 link-local address(es)
that networkd doesn't know about when all foreign addresses are dropped.
In this case, networkd is later notified about the new ipv6ll address(es)
after they finish DAD and are no longer tentative; but since that's after
networkd has already dropped foreign addresses, they are incorrectly left
on the interface.
Similar to the link->setting_mtu flag, this delays continued configuration
until after the genmode has been successfully set; this is important
because we do not want networkd to raise the interface before the genmode
has been set, as if we're disabling the genmode, raising the interface
before we have successfully disabled the genmode will result in the kernel
creating a ipv6ll address, even though we don't want that.
If the interface is in initialized state, no network file is assigned to
the interface. If an interface is not managed by networkd, previously,
the foreign configs of the interface was dropped.
Fixes#14250.
The kernel resets the ipv6 mtu after NETDEV_UP or NETDEV_CHANGEMTU event,
so we must reset the ipv6 mtu to our configured value after we detect
IFF_UP flag set or after we set the device mtu.
Fixes: #13914.
This switches detect_container() to path_is_read_only_rw("/sys"), as if
systemd-udevd.service is conditionalized with that way.
This also updates the log message.
This partially reverts 95355a281c.
It seems that other parts of link_stop_clients() should be skipped
when restarting, but I don't know enough about those other clients to have
an opinion if it is better to stop&start them on restart or not.
Anyway, that can be done in later patches now that the support for restarts
is there.
Fixes#13625.
When nspawn container with private network starts, networkd creates
the default route for the interface. The route may cause problem on
the host side, and it can be created with DefaultRouteOnDevice= now.
Hence, this makes networkd not create the route implicitly any more.
Closes#13418.
*We* control the sysctl setting. If the user configured IPv6, then we apply the
settings, and just make sure that at some point during the configuration the
sysctl is disabled (i.e. ipv6 enabled) if we have IPv6 configured.
Replaces #13283.
Otherwise, changing the default gateway doesn't purge old gateway routes
left on the system during daemon restart. This also fixes removing other
foreign gateway routes that don't match the expected configuration.
Tested:
Changed gateway addresses prior to the patch and they lingered on
the system during each reconfiguration. Applied this patch and
reconfigured gateways and other routes multiple times and it removed
the foreign routes that had gateways that didn't match.
Signed-off-by: William A. Kennington III <william@wkennington.com>
The flag IFA_F_NOPREFIXROUTE was introduced in kernel-3.14. But even if
the kernel does not support the flag, it should be just ignored. So, it
is not necessary to do the fallback logic. Moreover, the current logic
is not a fallback mechanism but just retrying. So, it should not work.
Let's drop that.
Some path of configuring address, route or etc., go to failed state, but
some do not. E.g., failure in address configuration which is provided by
DHCPv4 goes to failed state, but static address does not.
This is just for consistency. This should not change anything if
everything is fine.
This also voidify manager_rtnl_process_address().
When DHCP or any other dynamic addresses are changed, then
link_request_set_routes() is invoked, and even if no static routes
are configured, the operational state is needlessly changed to
configuring state.
This makes the state is changed only when static routes are configured.
Fixes#12931.
In file included from ../src/basic/macro.h:558,
from ../src/basic/alloc-util.h:9,
from ../src/network/networkd-link.c:7:
../src/network/networkd-link.c: In function ‘link_sysctl_ipv6_enabled’:
../src/basic/log.h:107:9: error: ‘%s’ directive argument is null [-Werror=format-overflow=]
107 | log_internal_realm(LOG_REALM_PLUS_LEVEL(LOG_REALM, (level)), __VA_ARGS__)
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../src/shared/log-link.h:21:25: note: in expansion of macro ‘log_internal’
21 | log_internal(level, error, _FILE_, __LINE__, __func__, ##__VA_ARGS__); \
| ^~~~~~~~~~~~
../src/shared/log-link.h:33:50: note: in expansion of macro ‘log_link_full’
33 | #define log_link_warning_errno(link, error, ...) log_link_full(link, LOG_WARNING, error, ##__VA_ARGS__)
| ^~~~~~~~~~~~~
../src/network/networkd-link.c:83:24: note: in expansion of macro ‘log_link_warning_errno’
83 | return log_link_warning_errno(link, r,
| ^~~~~~~~~~~~~~~~~~~~~~
../src/network/networkd-link.c:84:77: note: format string is defined here
84 | "Failed to read net.ipv6.conf.%s.disable_ipv6 sysctl property: %m",
| ^~
cc1: some warnings being treated as errors
Previously, when a bridge or bonding interface is in degraded-carrier
state, then we cannot judge the interface has addresses or not.
By using the new states, dbus clients can distinguish such situation.
Otherwise, the interface cannot be in "configured" state, as ipv6 link local
addressing is enabled by default. Note that even if ConfigureWithoutCarrier=
is set, all dynamic configurations are checked when the interface has
carrier.
