fdo-mirrors/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git synced 2026-01-26 17:50:25 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

ipv4: enable by default ipv4.dhcp-ipv6-only-preferred when CLAT is on

Browse source 
When CLAT is enabled, we want to also enable and honor by default DHCP
option 108 (IPv6-only preferred), so that the host can avoid
requesting an IPv4 address and go IPv6-only.
This commit is contained in:
Beniamino Galvani 2025-10-05 12:02:51 +02:00
parent 193e37b410
commit 13cf12dd6e
7 changed files with 42 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
NEWS
View file

@ -41,6 +41,9 @@ USE AT YOUR OWN RISK. NOT RECOMMENDED FOR PRODUCTION USE!
available devices when creating connection profiles for physical interfaces
(Ethernet, Wi-Fi, etc.).
* Add support for CLAT (464XLAT) using a BPF program.
* Change the default value of the ipv4.dhcp-ipv6-only-preferred property
to a new value "auto" which automatically enables the option when CLAT
is enabled ("yes" or "auto") in the connection profile.
=============================================
NetworkManager-1.56

2
man/NetworkManager.conf.xml
View file

@ -976,7 +976,7 @@ ipv6.ip6-privacy=0
</varlistentry>
<varlistentry>
<term><varname>ipv4.dhcp-ipv6-only-preferred</varname></term>
<listitem><para>If left unspecified, the "IPv6-only preferred" DHCPv4 option is disabled.</para></listitem>
<listitem><para>If left unspecified, it defaults to "auto".</para></listitem>
</varlistentry>
<varlistentry>
<term><varname>ipv4.dhcp-hostname-flags</varname></term>

31
src/core/devices/nm-device.c
View file

@ -1966,16 +1966,29 @@ _prop_get_ipv4_dhcp_ipv6_only_preferred(NMDevice *self)
return FALSE;
ipv6_only = nm_setting_ip4_config_get_dhcp_ipv6_only_preferred(s_ip4);
if (ipv6_only != NM_SETTING_IP4_DHCP_IPV6_ONLY_PREFERRED_DEFAULT)
return ipv6_only;
if (ipv6_only == NM_SETTING_IP4_DHCP_IPV6_ONLY_PREFERRED_DEFAULT) {
ipv6_only = nm_config_data_get_connection_default_int64(
NM_CONFIG_GET_DATA,
NM_CON_DEFAULT("ipv4.dhcp-ipv6-only-preferred"),
self,
NM_SETTING_IP4_DHCP_IPV6_ONLY_PREFERRED_NO,
NM_SETTING_IP4_DHCP_IPV6_ONLY_PREFERRED_AUTO,
NM_SETTING_IP4_DHCP_IPV6_ONLY_PREFERRED_AUTO);
}
return nm_config_data_get_connection_default_int64(
NM_CONFIG_GET_DATA,
NM_CON_DEFAULT("ipv4.dhcp-ipv6-only-preferred"),
self,
NM_SETTING_IP4_DHCP_IPV6_ONLY_PREFERRED_NO,
NM_SETTING_IP4_DHCP_IPV6_ONLY_PREFERRED_YES,
NM_SETTING_IP4_DHCP_IPV6_ONLY_PREFERRED_NO);
if (NM_IN_SET(ipv6_only,
NM_SETTING_IP4_DHCP_IPV6_ONLY_PREFERRED_YES,
NM_SETTING_IP4_DHCP_IPV6_ONLY_PREFERRED_NO))
return ipv6_only == NM_SETTING_IP4_DHCP_IPV6_ONLY_PREFERRED_YES;
/* auto */
if (nm_streq0(nm_device_get_effective_ip_config_method(self, AF_INET6),
NM_SETTING_IP6_CONFIG_METHOD_AUTO)
&& _prop_get_ipv4_clat(self) != NM_SETTING_IP4_CONFIG_CLAT_NO) {
return TRUE;
}
return FALSE;
}
/**

13
src/libnm-core-impl/nm-setting-ip4-config.c
View file

@ -1376,18 +1376,25 @@ nm_setting_ip4_config_class_init(NMSettingIP4ConfigClass *klass)
/**
* NMSettingIP4Config:dhcp-ipv6-only-preferred
*
* Controls the "IPv6-Only Preferred" DHCPv4 option (RFC 8925).
* Controls the "IPv6-Only Preferred" DHCPv4 option (option 108 - RFC 8925).
*
* When set to %NM_SETTING_IP4_DHCP_IPV6_ONLY_PREFERRED_YES, the host adds the
* option to the parameter request list; if the DHCP server sends the option back,
* the host stops the DHCP client for the time interval specified in the option.
*
* Enable this feature if the host supports an IPv6-only mode, i.e. either all
* applications are IPv6-only capable or there is a form of 464XLAT deployed.
* applications are IPv6-only capable or there is a form of CLAT (464XLAT)
* deployed.
*
* If set to %NM_SETTING_IP4_DHCP_IPV6_ONLY_PREFERRED_AUTO, the option is
* automatically turned on when the IPv6 method is "auto" and the connection
* profile has ipv4.clat set to "yes" or "auto". If these two conditions are
* met, the host can operate in IPv6-only mode and therefore it is safe to
* disable DHCPv4 when the network also supports it.
*
* When set to %NM_SETTING_IP4_DHCP_IPV6_ONLY_PREFERRED_DEFAULT, the actual value
* is looked up in the global configuration; if not specified, it defaults to
* %NM_SETTING_IP4_DHCP_IPV6_ONLY_PREFERRED_NO.
* %NM_SETTING_IP4_DHCP_IPV6_ONLY_PREFERRED_AUTO.
*
* If the connection has IPv6 method set to "disabled", this property does not
* have effect and the "IPv6-Only Preferred" option is always disabled.

3
src/libnm-core-public/nm-setting-ip4-config.h
View file

@ -110,6 +110,8 @@ typedef enum {
* @NM_SETTING_IP4_DHCP_IPV6_ONLY_PREFERRED_DEFAULT: use the global default value
* @NM_SETTING_IP4_DHCP_IPV6_ONLY_PREFERRED_NO: the option is disabled
* @NM_SETTING_IP4_DHCP_IPV6_ONLY_PREFERRED_YES: the option is enabled
* @NM_SETTING_IP4_DHCP_IPV6_ONLY_PREFERRED_AUTO: the option is enabled when
* the IPv6 method is "auto" and CLAT is enabled. Since: 1.58
*
* #NMSettingIP4DhcpIpv6OnlyPreferred values specify if the "IPv6-Only Preferred"
* option (RFC 8925) for DHCPv4 is enabled.
@ -120,6 +122,7 @@ typedef enum {
NM_SETTING_IP4_DHCP_IPV6_ONLY_PREFERRED_DEFAULT = -1,
NM_SETTING_IP4_DHCP_IPV6_ONLY_PREFERRED_NO = 0,
NM_SETTING_IP4_DHCP_IPV6_ONLY_PREFERRED_YES = 1,
NM_SETTING_IP4_DHCP_IPV6_ONLY_PREFERRED_AUTO = 2,
} NMSettingIP4DhcpIpv6OnlyPreferred;
/**

2
src/libnmc-setting/settings-docs.h.in
View file

@ -194,7 +194,7 @@
#define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_DHCP_HOSTNAME N_("If the \"dhcp-send-hostname\" property is TRUE, then the specified name will be sent to the DHCP server when acquiring a lease. This property and \"dhcp-fqdn\" are mutually exclusive and cannot be set at the same time.")
#define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_DHCP_HOSTNAME_FLAGS N_("Flags for the DHCP hostname and FQDN. Currently, this property only includes flags to control the FQDN flags set in the DHCP FQDN option. Supported FQDN flags are \"fqdn-serv-update\" (0x1), \"fqdn-encoded\" (0x2) and \"fqdn-no-update\" (0x4). When no FQDN flag is set and \"fqdn-clear-flags\" (0x8) is set, the DHCP FQDN option will contain no flag. Otherwise, if no FQDN flag is set and \"fqdn-clear-flags\" (0x8) is not set, the standard FQDN flags are set in the request: \"fqdn-serv-update\" (0x1), \"fqdn-encoded\" (0x2) for IPv4 and \"fqdn-serv-update\" (0x1) for IPv6. When this property is set to the default value \"none\" (0x0), a global default is looked up in NetworkManager configuration. If that value is unset or also \"none\" (0x0), then the standard FQDN flags described above are sent in the DHCP requests.")
#define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_DHCP_IAID N_("A string containing the \"Identity Association Identifier\" (IAID) used by the DHCP client. The string can be a 32-bit number (either decimal, hexadecimal or as colon separated hexadecimal numbers). Alternatively it can be set to the special values \"mac\", \"perm-mac\", \"ifname\" or \"stable\". When set to \"mac\" (or \"perm-mac\"), the last 4 bytes of the current (or permanent) MAC address are used as IAID. When set to \"ifname\", the IAID is computed by hashing the interface name. The special value \"stable\" can be used to generate an IAID based on the stable-id (see connection.stable-id), a per-host key and the interface name. When the property is unset, the value from global configuration is used; if no global default is set then the IAID is assumed to be \"ifname\". For DHCPv4, the IAID is only used with \"ipv4.dhcp-client-id\" values \"duid\" and \"ipv6-duid\" to generate the client-id. For DHCPv6, note that at the moment this property is only supported by the \"internal\" DHCPv6 plugin. The \"dhclient\" DHCPv6 plugin always derives the IAID from the MAC address. The actually used DHCPv6 IAID for a currently activated interface is exposed in the lease information of the device.")
#define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_DHCP_IPV6_ONLY_PREFERRED N_("Controls the \"IPv6-Only Preferred\" DHCPv4 option (RFC 8925). When set to \"yes\" (1), the host adds the option to the parameter request list; if the DHCP server sends the option back, the host stops the DHCP client for the time interval specified in the option. Enable this feature if the host supports an IPv6-only mode, i.e. either all applications are IPv6-only capable or there is a form of 464XLAT deployed. When set to \"default\" (-1), the actual value is looked up in the global configuration; if not specified, it defaults to \"no\" (0). If the connection has IPv6 method set to \"disabled\", this property does not have effect and the \"IPv6-Only Preferred\" option is always disabled.")
#define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_DHCP_IPV6_ONLY_PREFERRED N_("Controls the \"IPv6-Only Preferred\" DHCPv4 option (option 108 - RFC 8925). When set to \"yes\" (1), the host adds the option to the parameter request list; if the DHCP server sends the option back, the host stops the DHCP client for the time interval specified in the option. Enable this feature if the host supports an IPv6-only mode, i.e. either all applications are IPv6-only capable or there is a form of CLAT (464XLAT) deployed. If set to \"auto\" (2), the option is automatically turned on when the IPv6 method is \"auto\" and the connection profile has ipv4.clat set to \"yes\" or \"auto\". If these two conditions are met, the host can operate in IPv6-only mode and therefore it is safe to disable DHCPv4 when the network also supports it. When set to \"default\" (-1), the actual value is looked up in the global configuration; if not specified, it defaults to \"auto\" (2). If the connection has IPv6 method set to \"disabled\", this property does not have effect and the \"IPv6-Only Preferred\" option is always disabled.")
#define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_DHCP_REJECT_SERVERS N_("Array of servers from which DHCP offers must be rejected. This property is useful to avoid getting a lease from misconfigured or rogue servers. For DHCPv4, each element must be an IPv4 address, optionally followed by a slash and a prefix length (e.g. \"192.168.122.0/24\"). This property is currently not implemented for DHCPv6.")
#define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_DHCP_SEND_HOSTNAME N_("Since 1.52 this property is deprecated and is only used as fallback value for dhcp-send-hostname if it's set to 'default'. This is only done to avoid breaking existing configurations, the new property should be used from now on.")
#define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_DHCP_SEND_HOSTNAME_V2 N_("If TRUE, a hostname is sent to the DHCP server when acquiring a lease. Some DHCP servers use this hostname to update DNS databases, essentially providing a static hostname for the computer. If the dhcp-hostname property is NULL and this property is TRUE, the current persistent hostname of the computer is sent. The default value is default (-1). In this case the global value from NetworkManager configuration is looked up. If it's not set, the value from dhcp-send-hostname-deprecated, which defaults to TRUE, is used for backwards compatibility. In the future this will change and, in absence of a global default, it will always fallback to TRUE.")

4
src/nmcli/gen-metadata-nm-settings-nmcli.xml.in
View file

@ -1452,9 +1452,9 @@
nmcli-description="The Vendor Class Identifier DHCP option (60). Special characters in the data string may be escaped using C-style escapes, nevertheless this property cannot contain nul bytes. If the per-profile value is unspecified (the default), a global connection default gets consulted. If still unspecified, the DHCP option is not sent to the server."
format="string" />
<property name="dhcp-ipv6-only-preferred"
nmcli-description="Controls the &quot;IPv6-Only Preferred&quot; DHCPv4 option (RFC 8925). When set to &quot;yes&quot; (1), the host adds the option to the parameter request list; if the DHCP server sends the option back, the host stops the DHCP client for the time interval specified in the option. Enable this feature if the host supports an IPv6-only mode, i.e. either all applications are IPv6-only capable or there is a form of 464XLAT deployed. When set to &quot;default&quot; (-1), the actual value is looked up in the global configuration; if not specified, it defaults to &quot;no&quot; (0). If the connection has IPv6 method set to &quot;disabled&quot;, this property does not have effect and the &quot;IPv6-Only Preferred&quot; option is always disabled."
nmcli-description="Controls the &quot;IPv6-Only Preferred&quot; DHCPv4 option (option 108 - RFC 8925). When set to &quot;yes&quot; (1), the host adds the option to the parameter request list; if the DHCP server sends the option back, the host stops the DHCP client for the time interval specified in the option. Enable this feature if the host supports an IPv6-only mode, i.e. either all applications are IPv6-only capable or there is a form of CLAT (464XLAT) deployed. If set to &quot;auto&quot; (2), the option is automatically turned on when the IPv6 method is &quot;auto&quot; and the connection profile has ipv4.clat set to &quot;yes&quot; or &quot;auto&quot;. If these two conditions are met, the host can operate in IPv6-only mode and therefore it is safe to disable DHCPv4 when the network also supports it. When set to &quot;default&quot; (-1), the actual value is looked up in the global configuration; if not specified, it defaults to &quot;auto&quot; (2). If the connection has IPv6 method set to &quot;disabled&quot;, this property does not have effect and the &quot;IPv6-Only Preferred&quot; option is always disabled."
format="choice (NMSettingIP4DhcpIpv6OnlyPreferred)"
values="default (-1), no (0), yes (1)" />
values="default (-1), no (0), yes (1), auto (2)" />
<property name="clat"
nmcli-description="Controls the CLAT (Customer-side translator) functionality. CLAT is used to implement the client part of 464XLAT (RFC 6877), an architecture that provides IPv4 connectivity to hosts on IPv6-only networks. When CLAT is enabled, NetworkManager discovers the NAT64 prefix from IPv6 Router Advertisements; if a NAT64 prefix is announced, NetworkManager installs a BPF program to perform the stateless translation of packets between IPv4 and IPv6. Setting &quot;no&quot; (0) completely disables CLAT. &quot;auto&quot; (1) enables CLAT only when the IPv4 method is &apos;auto&apos; and the device doesn&apos;t have a native IPv4 gateway. &quot;force&quot; (2) enables CLAT even if the IPv4 method is not &apos;auto&apos; and even if the device has a native IPv4 gateway. When set to &quot;default&quot; (-1), the actual value is looked up in the global configuration; if not specified it defaults to &quot;no&quot; (0). In the future the default fall back value will change to &quot;auto&quot; (1)."
format="choice (NMSettingIp4ConfigClat)"