cb73ae3f0b
Infiniband profiles can have a p-key set. Both in kernel API
("create_child" sysctl) and in NetworkManager API, that key can range
from 0x0001 to 0xFFFF (0x8000 excluded). NetworkManager does not support
renaming the interface, so kernel always assigns the interface name
"$PHYSDEV.$PKEY_ID" (with $PKEY_ID as 4 character hex digits).
Note that the highest bit in the p-key (0x8000) is the full-membership
flag. Internally, kernel only supports full-membership so when we create
for example "ib0.00c1" and "ib0.80c1" interfaces, their actually used
p-key is in both cases 0x80c1 and you can see it with `ip -d link`.
Nonetheless, kernel and NetworkManager allow to configure the p-key
without the highest bit set, and the result differs in the interface
name.
Note that initscripts' ifup-ib0 would always internally coerce the
PKEY_ID variable to have the high bit set ([1]). It also would require
that the `DEVICE=` variable is specified and matches the expected
interface name. So both these configurations are identical and valid:
DEVICE=ib0.80c1
PHYSDEV=ib0
PKEY_ID=0x80c1
and
DEVICE=ib0.80c1
PHYSDEV=ib0
PKEY_ID=0x00c1
Historically, NetworkManager would also implement the same restrictions
([2], [3], [4]). That meant, not all valid NetworkManager infiniband
profiles could be expressed as ifcfg file. For example, NetworkManager
allows to have "connection.interface-name" (`DEVICE=`) unset (which
ifup-ib and ifcfg reader did not allow). Also, NetworkManager would
allow configuring a "infiniband.p-key" without full membership flag, and
the reader would mangle that.
This caused various problems to the point that when you configure an
infiniband.p-key with a non-full-membership key, the ifcfg-rh written by
NetworkManager was invalid. Either, you could leave
"connection.interface-name" unset, but then the reader would complain
about missing `DEVICE=`. Or, we could write `DEVICE=ib0.00c1;
PKEY_ID=0x00c1`, which was invalid as we expected `DEVICE=ib0.80c1`.
This was addressed by rhbz 2122703 ([5]). The fix was to
- not require a `DEVICE=` ([6]).
- don't mangle the `PKEY_ID=` in the reader ([7]).
which happened in 1.41.2 and 1.40.2 (rhel-8.8).
With this change, we could persist any valid infiniband profile to ifcfg
format. We also could read back any valid ifcfg file that NetworkManager
would have written in the past (note that it could not write valid ifcfg
files previously, if the p-key didn't have the full-membership key set).
The problem is, that users were used to edit ifcfg files by hand, and
users would have files with:
DEVICE=ib0.80c1
PHYSDEV=ib0
PKEY_ID=0x00c1
This files had worked before, but now failed to verify as we would
expect `DEVICE=ib0.00c1`. Also, there was a change in behavior that
PKEY_ID is now interpreted without the high bit set. This is reported as
rhbz 2209164 ([8]).
We will do several things to fix that:
1) we now normalize the "connection.interface-name" to be valid. It was
not useful to set it anyway, as it was redundant. Complaining about a
redundant setting, which makes little sense to configure, is not useful.
This is done by [9].
2) we now again treat PKEY_ID= as if it had 0x8000 flag set. This was done by
[10].
With step 1) and 2), we are able to read any existing ifcfg files out
there in the way we did before 1.41.2.
There is however one piece missing. When we now create a profile using
nmcli/libnm/D-Bus, which has a non-full-membership p-key, then the
profile gets mangled in the process.
If the user uses NetworkManager API to configure an interface and
chooses a non-full-membership p-key, then this should work the same as
with keyfile plugin (or on rhel-9, where keyfile is the default). Note
that before 1.41.2 it didn't work at all, when the user used ifcfg-rh
backend. Likely(?) there are no users who rely on creating such a profile
with nmcli/libnm/D-Bus and expect to automatically have the p-key
normalized. That didn't work before 1.41.2 and didn't behave that way
between 1.41.2 and now.
This patch fixes that by introducing a new key PKEY_ID_NM= for holding
the real p-key. Now ifcfg backend is consistent with handling infiniband
profiles, and old, hand-written ifcfg files still work as before.
There is of course change in behavior, that ifcfg files between 1.41.2
and now were interpreted differently. But that is bug 2209164 ([8]) and
what we fix here.
For now strong reasons, we keep writing the PKEY_ID to file too. It's
redundant, but that is what a human might expect there.
[1]
|
||
|---|---|---|
| .gitlab-ci | ||
| contrib | ||
| data | ||
| docs | ||
| examples | ||
| introspection | ||
| m4 | ||
| man | ||
| po | ||
| src | ||
| tools | ||
| vapi | ||
| .clang-format | ||
| .dir-locals.el | ||
| .git-blame-ignore-revs | ||
| .gitignore | ||
| .gitlab-ci.yml | ||
| .lgtm.yml | ||
| .mailmap | ||
| .triage-policies.yml | ||
| AUTHORS | ||
| autogen.sh | ||
| ChangeLog | ||
| config-extra.h.meson | ||
| config-extra.h.mk | ||
| config.h.meson | ||
| configure.ac | ||
| CONTRIBUTING.md | ||
| COPYING | ||
| COPYING.GFDL | ||
| COPYING.LGPL | ||
| linker-script-binary.ver | ||
| linker-script-devices.ver | ||
| linker-script-settings.ver | ||
| lsan.suppressions | ||
| MAINTAINERS | ||
| MAINTAINERS.md | ||
| Makefile.am | ||
| Makefile.examples | ||
| Makefile.glib | ||
| Makefile.vapigen | ||
| meson.build | ||
| meson_options.txt | ||
| NEWS | ||
| README.md | ||
| RELICENSE.md | ||
| TODO | ||
| valgrind.suppressions | ||
NetworkManager core daemon has moved to gitlab.freedesktop.org!
git clone https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git
Networking that Just Works
NetworkManager attempts to keep an active network connection available at all times. The point of NetworkManager is to make networking configuration and setup as painless and automatic as possible. NetworkManager is intended to replace default route, replace other routes, set IP addresses, and in general configure networking as NM sees fit (with the possibility of manual override as necessary). In effect, the goal of NetworkManager is to make networking Just Work with a minimum of user hassle, but still allow customization and a high level of manual network control. If you have special needs, we'd like to hear about them, but understand that NetworkManager is not intended for every use-case.
NetworkManager will attempt to keep every network device in the system up and active, as long as the device is available for use (has a cable plugged in, the killswitch isn't turned on, etc). Network connections can be set to 'autoconnect', meaning that NetworkManager will make that connection active whenever it and the hardware is available.
"Settings services" store lists of user- or administrator-defined "connections", which contain all the settings and parameters required to connect to a specific network. NetworkManager will never activate a connection that is not in this list, or that the user has not directed NetworkManager to connect to.
How it works:
The NetworkManager daemon runs as a privileged service (since it must access and control hardware), but provides a D-Bus interface on the system bus to allow for fine-grained control of networking. NetworkManager does not store connections or settings, it is only the mechanism by which those connections are selected and activated.
To store pre-defined network connections, two separate services, the "system settings service" and the "user settings service" store connection information and provide these to NetworkManager, also via D-Bus. Each settings service can determine how and where it persistently stores the connection information; for example, the GNOME applet stores its configuration in GConf, and the system settings service stores its config in distro-specific formats, or in a distro- agnostic format, depending on user/administrator preference.
A variety of other system services are used by NetworkManager to provide network functionality: wpa_supplicant for wireless connections and 802.1x wired connections, pppd for PPP and mobile broadband connections, DHCP clients for dynamic IP addressing, dnsmasq for proxy nameserver and DHCP server functionality for internet connection sharing, and avahi-autoipd for IPv4 link-local addresses. Most communication with these daemons occurs, again, via D-Bus.
Why doesn't my network Just Work?
Driver problems are the #1 cause of why NetworkManager sometimes fails to connect to wireless networks. Often, the driver simply doesn't behave in a consistent manner, or is just plain buggy. NetworkManager supports only those drivers that are shipped with the upstream Linux kernel, because only those drivers can be easily fixed and debugged. ndiswrapper, vendor binary drivers, or other out-of-tree drivers may or may not work well with NetworkManager, precisely because they have not been vetted and improved by the open-source community, and because problems in these drivers usually cannot be fixed.
Sometimes, command-line tools like 'iwconfig' will work, but NetworkManager will fail. This is again often due to buggy drivers, because these drivers simply aren't expecting the dynamic requests that NetworkManager and wpa_supplicant make. Driver bugs should be filed in the bug tracker of the distribution being run, since often distributions customize their kernel and drivers.
Sometimes, it really is NetworkManager's fault. If you think that's the case, please file a bug at:
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/issues
Attaching NetworkManager debug logs from the journal (or wherever your distribution directs syslog's 'daemon' facility output, as /var/log/messages or /var/log/daemon.log) is often very helpful, and (if you can get) a working wpa_supplicant config file helps enormously. See the logging section of file contrib/fedora/rpm/NetworkManager.conf for how to enable debug logging in NetworkManager.