| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The `network-link-${i.name}` units raced with other things trying to
configure the interface, or ran before the interface was available.
Instead of running our own set of shell scripts on boot, and hoping
they're executed at the right time, we can make use of udev to configure
the interface *while they appear*, by providing `.link` files in
/etc/systemd/network/*.link to set MACAddress and MTUBytes.
This doesn't require networkd to be enabled, and is populated properly
on non-networkd systems since
https://github.com/NixOS/nixpkgs/pull/82941.
This continues clean-up work done in
https://github.com/NixOS/nixpkgs/pull/85170 for the scripted networking
stack.
The only leftover part of the `network-link-${i.name}` unit (bringing
the interface up) is moved to the beginning of the
`network-addresses-${i.name}` unit.
Fixes: https://github.com/NixOS/nixpkgs/issues/74471
Closes: https://github.com/NixOS/nixpkgs/pull/87116
|
| |
|
|
| |
running systemd
|
| |
|
|
|
| |
The unit sets MTU and MAC Address even with networkd enabled, which
isn't necessary anymore, as networkd handles this by itself.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Systemd dependencies for scripted mode
were refactored according to analysis in #34586.
networking.vswitches can now be used with systemd-networkd,
although they are not supported by the daemon, a nixos receipe
creates the switch and attached required interfaces (just like
the scripted version).
Vlans and internal interfaces are implemented following the
template format i.e. each interface is
described using an attributeSet (vlan and type at the moment).
If vlan is present, then interface is added to the vswitch with
given tag (access mode). Type internal enabled vswitch to create
interfaces (see openvswitch docs).
Added configuration for configuring supported openFlow version on
the vswitch
This commit is a split from the original PR #35127.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This is a refactor of how resolvconf is managed on NixOS. We split it
into a separate service which is enabled internally depending on whether
we want /etc/resolv.conf to be managed by it. Various services now take
advantage of those configuration options.
We also now use systemd instead of activation scripts to update
resolv.conf.
NetworkManager now uses the right option for rc-manager DNS
automatically, so the configuration option shouldn't be exposed.
|
| |
|
|
|
| |
manually (#56682)
The second invocation of resolvconf, missed in https://github.com/NixOS/nixpkgs/pull/32308
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
When a bridge interface was reconfigured, running containers using
this bridge lost connectivity: restarting network-addresses-brN.service
triggered a restart of network-setup.service via a "partOf" relationship
introduced in 07e0c0e0a2f237639600f2a0d62f6eac748b1e6e.
This in turn restarted brN-netdev.service.
The bridge was thus destroyed and recreated with the same name but a new
interface id, causing attached veth interfaces to lose their connection.
This change removes the "partOf" relationship between
network-setup.service and network-addresses-brN.service for all bridges.
|
| | |
|
| | |
|
| |
|
|
|
| |
when the parent interface of a vlan interface is not up (yet), ip link cannot bring the vlan interface up
the vlan interface will be automatically brought up when the parent interface is up later
fix NixOS/nixpkgs#28620
|
| | |
|
| | |
|
| |\
| |
| | |
nixos/network-scripted: print error details
|
| | | |
|
| |/
|
|
| |
"${dev}-netdev.service"
|
| |\
| |
| |
| |
| | |
volth/restore-bridge-slaves-dynamically-added-by-libvirt
nixos/networking-scripted: restore bridge slaves dynamically added by…
|
| | | |
|
| | | |
|
| | | |
|
| |\ \
| | |
| | | |
dhcpcd service: fix service dependencies when default gateways are set
|
| | | |
| | |
| | |
| | | |
Even if IPv6 gateway is set, there's no need to set it early if IPv6 is disabled.
|
| | | | |
|
| | | | |
|
| |/ / |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| | |
Reverse the PartOf dependency between network-setup and network-addresses-*
This was joint work of: @nh2, @domenkozar, @fpletz, @aszlig and @basvandijk
at the NixCon 2017 hackathon.
|
| | |
| |
| |
| | |
Iff interface is set, it makes sense to add device route by default.
|
| | |
| |
| |
| | |
Fixes #28620.
|
| | |
| |
| |
| |
| |
| |
| | |
Systemd is complaining that it can't delay the startup of device units.
We have a before dependency on the respective device unit for every
netdev service, which doesn't make any sense because we create the
actual interface in this service.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Previously, depending on the environment and the type of interface that
was created, the configured IPs of an interface wouldn't be applied on a
nixos-rebuild switch. It works after a reboot.
This patch ensures that the network-addresses service is started
either via the network-link service or if the networking target is
activated (i.e. on system activation).
Fixes #28474 #16230.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This reverts commit 670b4e29adc16e0a29aa5b4c126703dcca56aeb6. The change
added in this commit was controversial when it was originally suggested
in https://github.com/NixOS/nixpkgs/pull/29205. Then that PR was closed
and a new one opened, https://github.com/NixOS/nixpkgs/pull/29503,
effectively circumventing the review process. I don't agree with this
modification. Adding an option 'resolveLocalQueries' to tell the locally
running name server that it should resolve local DNS queries feels
outright nuts. I agree that the current state is unsatisfactory and that
it should be improved, but this is not the right way.
(cherry picked from commit 23a021d12e8f939cd0bfddb1c7adeb125028c1e3)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When the user specifies the networking.nameservers setting in the
configuration file, it must take precedence over automatically
derived settings.
The culprit was services.bind that made the resolver set to
127.0.0.1 and ignore the nameserver setting.
This patch adds a flag to services.bind to override the nameserver
to localhost. It defaults to true. Setting this to false prevents the
service.bind and dnsmasq.resolveLocalQueries settings from
overriding the users' settings.
Also, when the user specifies a domain to search, it must be set in
the resolver configuration, even if the user does not specify any
nameservers.
(cherry picked from commit 670b4e29adc16e0a29aa5b4c126703dcca56aeb6)
This commit was accidentally merged to 17.09 but was intended for
master. This is the cherry-pick to master.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Previously services depending on network-online.target would wait until
dhcpcd times out if it was enabled and a static network address
configuration was used. Setting the default gateway statically is enough
for the networking to be considered online.
This also adjusts the relevant networking tests to wait for
network-online.target instead of just network.target.
|
| |/
|
|
|
| |
systemd does not create device units for loopback devices,
since they are not physical.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This reduces the time window during which IP addresses are gone during
switch-to-configuration. A complication is that with stopIfChanged =
true, preStop would try to delete the *new* IP addresses rather than
the old one (since the preStop script now runs after the switch to the
new configuration). So we now record the actually configured addresses
in /run/nixos/network/addresses/<interface>. This is more robust in
any case.
Issue https://github.com/NixOS/nixops/issues/640.
|
| |
|
|
|
|
|
|
|
|
|
| |
And adopt the tests to add an interface and remove it again.
It should work when deactivating rstp, it will not work when activating
rstp for the first bridge as then the userspace daemon is not yet
available. But once one bridge is active with stp, it should work with
the reload for any further bridge.
Fixes #21745. Also see #22547.
|
| | |
|
| |\
| |
| | |
network-interfaces service: fix bindsTo deps for masters
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Previously, netdev units for network interfaces defined in the nixos
configurations would bindTo the systemd device unit of the interface if
not in a container.
In situations where you switch to a new nixos configration with changes
to network-setup.service (like nameservers) and have stacked interfaces
like vlans on a bond, it would fail to propagate restarts to the netdevs
correctly resulting with broken networking. The bond would be present
but no vlan interfaces rendering the machine unreachable.
My fear is that the udev events fail to propagate correctly while a systemd
transaction that is also restarting the triggered netdev service is running.
This commit changes this behaviour so netdev services bindTo other netdev
services if present and otherwise fall back to the previous behaviour.
We also noticed that stacked interfaces would sometimes seemingly be stopped
in the wrong order. For instance in the above example, the bond interface
would be deleted before the vlan interfaces resulting in the vlan interfaces
not being present when their service is being stopped. This would cause the
systemd transaction to fail and thus break networking. Their postStop hooks
are now allowed to fail as we have reached the desired state.
|
| |/
|
|
|
|
|
|
|
| |
Until now the four attributes available very selectively provided a small
subset, while copying upstream documentation.
We make driver options an arbitrary key-value set and point to kernel
documentation, which is always up-to-date. This way every option can be set.
The four already existing options are deprecated with a warning.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
Now the tracking works with aggregated devices on aggregated devices.
So container with physical device where the device is put in a bond
which is the basis for a bridge is now handled correctly.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Test that adding physical devices to containers works, find that network setup
then doesn't work because there is no udev in the container to tell systemd
that the device is present.
Fixed by not depending on the device in the container.
Activate the new container test for release
Bonds, bridges and other network devices need the underlying not as
dependency when used inside the container. Because the device is already
there.
But the address configuration needs the aggregated device itself.
|