Kernel ifindexes are always greater than zero (see dev_new_index()
in net/core/dev.c). Also don't bother warning about ifindex
lookup failures for devices we know aren't kernel network interfaces.
When copying device names into ioctl structs, we know that the device
names are of valid length, so we were using strcpy(). But you can't
prove that they're short enough just looking at the local code, so
some code analysis tools warn about a potential buffer overflow.. So
use g_strlcpy() instead.
The kernel wants there to be a default route over every RA-ed IPv6
interface, and it gets confused and annoyed if we remove that default
route and replace it with our own (causing it to effectively drop all
further RAs on the floor, which is particularly bad if some of the
information in the earlier RA had an expiration time).
So, rather than replacing the kernel's default route(s), just add an
additional one of our own, with a lower (ie, higher priority) metric.
https://bugzilla.redhat.com/show_bug.cgi?id=785772
Reset all known bond options to their default values, not just the
ones that NMSettingBond allows overriding. Also, remove any bond
slaves that were already attached to the bond before we managed it.
Only update bond parameters that need to be updated. In particular,
setting either arp_interval or miimon to 0 has the side effect of also
setting the other one to 0, so don't do that if it's already 0.
Fix the handling of arp_ip_target; the sysfs arp_ip_target node does
not work the same way as the ifcfg BONDING_OPTS line (which is what
the code was assuming before).
libnl3 wants a destination address when setting a route, so just hand
it '::' with a address len of 0 so we don't get -NLE_MISSING_ATTR
when trying to set the IPv6 default route.
Otherwise if another connection was subsequently activated on a
bond interface, and didn't specify all options, ones set for the
previous connection could stay set for the new connection.
If we want to support vlan without libnl3,
then we can use ioctl.
Changelog:
V2: fix identation and comments.
Signed-off-by: Weiping Pan <wpan@redhat.com>
Make sure we don't already have an NMDevice for this interface
before creating it, and also when creating the interface, make
a new NMDevice for it immediately to prevent a race between
telling the kernel to create the interface via netlink, and when
udev later tells us about it. In between there we could be
triggered to try creating the interface again.
First make it build on libnl1/2. Second, the VLAN
virtual interface name might not always be given in the
NMConnection (if the master is a UUID and thus the name
is determined automatically) so just take the interface
name instead. And make sure we verify it's a VLAN
interface before deleting it.
Lastly, construct the VLAN interface name if it's not
given in the NMConnection. This means we need to know
the master interface name when creating the connection,
which we always will since you can't create the VLAN
interface without it's master being present. That also
means we need to return the name to the caller so it
can be used to create the NMDevice for the VLAN interface
after we've created it in the kernel.
We make use of libnl (>=3.2.1) to create/delete kernel vlan device,
and it can set vlan id, vlan flags and ingress/egress priority mapping.
V3:
1 nm_netlink_iface_to_index() should use slave name
V2:
1 use existing nm_netlink_iface_to_index()
Signed-off-by: Weiping Pan <wpan@redhat.com>
Removes all bonding options properties and adds a "options" dict to hold
them all. Accessible via accessor functions. ifcfg interface is
unchanged.
Signed-off-by: Thomas Graf <tgraf@redhat.com>
Add two helper functions, one for IPv4 and one for IPv6, to ensure
that the core code benefits from compiler type checking when adding
routes. Previously nm_netlink_route_add() took a void* which meant
we messed up adding IPv6 routes sometimes due to confusion over
what was supposed to be passed to it. Also fixes what appears to
be a C&P error with add_ip6_route_to_gateway().
Reported by Tomáš Trnka <tomastrnka@gmx.com>
If the route already exists and the kernel tells us that, we
don't need to do anything. We certainly don't need to warn
about it in the logs.
There was a typo in the IPv6 default route replace function that
ignored a returned error, and thus we didn't suppress the NLE_EXIST
error like we wanted to. Do the same for the IPv4 default route
while we're at it.
Adds a new function nm_system_apply_bonding_config() which applies
the parameters specified in the NMSettingBond object via sysfs.
Calls that function after creating/updating the bonding master
device.
If a parameter is not specified in the ifcfg the parameter will be
re-initialized to the default value. This may overwrite changes
which have been done manually via sysfs but it is the only reliable
way of setting up the bond.
Supported parameters for now:
- mode (default: balance-rr)
- miimon (default: 100)
- updelay (default: 0)
- downdelay (default: 0)
- arp_interval (default: 0)
- arp_ip_target (default: none)
Thomas Graf <tgraf@redhat.com>
Kills the strdup() and avoids having the caller free the memory. Also renames
the function to nm_system_get_iface_type() since "link" is not a common term
in NM.
Signed-off-by: Thomas Graf <tgraf@redhat.com>
Code is written generic enough to allow easy addition of further master/slave
relationships such as bridging relations.
Signed-off-by: Thomas Graf <tgraf@redhat.com>
(whitespace cleanups and libnl compat by dcbw)
A bonding device is like a virtual ethernet device. We therefore reuse
nm-device-ethernet and add some special handling to detect bonding
connections.
Changes v2:
- Fixed memory leak
Signed-off-by: Thomas Graf <tgraf@redhat.com>
Creates virtual kernel devices as needed. Since the manager is
initialized after the connections have been loaded no
CONNECTIONS_ADDED notification is received for connections parsed
at startup.
Therefore walks the loaded connections looking for bonding
connections.
Connections added on the fly are handled via the notifications.
Connection renaming and deleting is not supported yet.
Signed-off-by: Thomas Graf <tgraf@redhat.com>
NM already includes <linux/if.h> in some places, f.e. nm-netlink-monitor and
we can't mix usage of the two. Stick to using <linux/if.h> as it provides
additional flag definitions such as operational link state and link mode.
Signed-off-by: Thomas Graf <tgraf@redhat.com>
If configuration fails, there won't be an IPv6 config for the device,
thus the route flush when deactivating the device if it fails would
only flush IPv4 routes. We don't know how far through IPv6 setup
we got, so we do want to flush IPv6 routes on deactivate if we
started IPv6 config at any point.
DHCPv6 doesn't really use broadcast; instead clients use reserved
multicast addresses to talk to the server. ff02::1:2 (link scope)
and ff05::1:3 (site scope) are used. This means the routing table
has to have a route that can handle outgoing traffic to these
addresses, which is ff00::/8. The kernel sometimes adds one for us,
so we need to (a) make sure we don't tear that route down, and
(b) that if it's not there before we start DHCPv6, that we add it.
Otherwise dhclient complains about not being able to send outgoing
traffic from it's send_packet6() function with "no route to host".
It will then use an expired lease, which causes NM to assign that
leases IP address to the interface, whcih causes the kernel to
assign the required ff00::/8 route, and then dhclient performs a
renew (since the expired lease has expired of course) and then
everything works out in the end. But the latency sucks.
So make DHCPv6 faster by ensuring that dhclient has the routes
it needs before we start the DHCP session.
This commit implements MAC cloning feature in NetworkManager. To support that,
'PermHwAddress' property is added into *.Device.Wired and *.Device.Wireless
interfaces. The permanent MAC address is obtained when creating the device, and
is used for 'locking' connections to the device. If a cloned MAC is specified
in connection to be activated, the MAC is set to the interface in stage1. While
disconecting, the permanent MAC is set back to the interface.
