network: introduce DAD for static IPV4 address #14102
Conversation
ssahani
force-pushed
the
acd-duplicate-ip
branch
4 times, most recently
from
0d5f385 to
80b9e0d
Compare
ssahani
changed the title
yuwata
force-pushed
the
acd-duplicate-ip
branch
from
80b9e0d to
d1af242
Compare
|
(v244-rc1 was released. Let's merge this after v244 release.) |
|
Thank you. LGTM |
yuwata
force-pushed
the
acd-duplicate-ip
branch
2 times, most recently
from
49ba008 to
78ab099
Compare
|
A test case is also added. |
man/systemd.network.xml
Outdated
| </listitem> | ||
| </varlistentry> | ||
| <varlistentry> | ||
| <term><varname>IPv4DuplicateAddressDetection=</varname></term> |
There was a problem hiding this comment.
is yet another option really needed? we already have DuplicateAddressDetection=, currently only used for IPv6. It could be generalized to apply to both address families: use IPv4 ACD if the address is v4, use IPv6 DAD if the address is v6.
There was a problem hiding this comment.
Sounds nice. Thanks. I'd like to update so. @ssahani Do you agree with that?
There was a problem hiding this comment.
I noticed that DuplicateAddressDetection= is controversial. If set to yes, then NODAD flag is set. Maybe, we should deprecate the setting, and introduce IPv6DuplicateAddressDetection=.
There was a problem hiding this comment.
Yes . It works for IPv6. We set this and kernel does the DAD. Mixing up will not work. Renaming indeed is nice.
There was a problem hiding this comment.
oh, I didn't realize DuplicateAddressDetection= logic was inverted. Definitely surprising and user-unfriendly.
Unfortunately, there is already a IPv6DuplicateAddressDetection= option in the [Network] section. Could it be a source of confusion to have the same option name in different sections with different semantics?
yuwata
force-pushed
the
acd-duplicate-ip
branch
from
78ab099 to
05a3192
Compare
|
Hmm... I noticed that |
yuwata
force-pushed
the
acd-duplicate-ip
branch
from
05a3192 to
909ea24
Compare
|
@ssahani I added one more commit. PTAL. |
|
LGTM |
src/network/networkd-address.c
Outdated
| address->section->filename, address->section->line); | ||
| } | ||
|
|
||
| if (address->family != AF_INET && address->ipv4_duplicate_address_detection) { |
There was a problem hiding this comment.
should there be a similar check for ipv6 DAD on non-ipv6 addresses?
There was a problem hiding this comment.
NODAD flag for IPv4 address should be silently ignored by kernel. So, I think it is not necessary.
|
@keszybz Could you take a final look? |
man/systemd.network.xml
Outdated
| <term><varname>IPv4DuplicateAddressDetection=</varname></term> | ||
| <listitem> | ||
| <para>Takes a boolean. When true performs IPv4 Duplicate Address Detection. See | ||
| <ulink url="https://tools.ietf.org/html/rfc5227">RFC 5224</ulink>. Defaults to false.</para> |
There was a problem hiding this comment.
No, let's not add yet another option. If users wants DAD, then most likely they want both ipv4 and ipv6, and don't care about internal implementation details, i.e. whether this is the kernel that is doing this or the user space.
Let's do the following: make DuplicateAddressDetection take: yes|no, "both", "ipv4", "ipv6". If yes|no, then warn about the inverted meaning and set according to current semantics. If "ipv4", enable for IPv4, if "ipv6", enable for IPv6, if "both" enable for both.
This is easier for the users, and will give us more flexibility to add new variants of this setting in the future.
src/network/networkd-address.c
Outdated
| switch (event) { | ||
|
|
||
| case SD_IPV4ACD_EVENT_STOP: | ||
| log_link_debug(link, "Stopping ACD client ..."); |
There was a problem hiding this comment.
No space before the ellipsis. (Right now it looks like the ellipsis is a placeholder for a client name.)
src/network/networkd-address.c
Outdated
| return; | ||
|
|
||
| case SD_IPV4ACD_EVENT_BIND: | ||
| log_link_debug(link, "Successfully claimed address '%s'", strna(pretty)); |
yuwata
added
the
reviewed/needs-rework 🔨
yuwata
force-pushed
the
acd-duplicate-ip
branch
from
f72f1d9 to
ff47b67
Compare
yuwata
removed
the
reviewed/needs-rework 🔨
|
@keszybz Thank you for the comments. Updated. PTAL. |
yuwata
force-pushed
the
acd-duplicate-ip
branch
from
ff47b67 to
d87db44
Compare
keszybz
left a comment
keszybz
left a comment
There was a problem hiding this comment.
Looks pretty good, except for the backwards compat part (which I may be misunderstanding, so please be patient).
keszybz
added
the
reviewed/needs-rework 🔨
yuwata
force-pushed
the
acd-duplicate-ip
branch
from
d87db44 to
35d7be7
Compare
yuwata
removed
the
reviewed/needs-rework 🔨
|
@keszybz Updated. Please take another look. Thank you. |
src/network/networkd-address.c
Outdated
| r = parse_boolean(rvalue); | ||
| if (r >= 0) { | ||
| log_syntax(unit, LOG_WARNING, filename, line, 0, | ||
| "For historical reason, %s=%s means %s=%s. " |
yuwata
force-pushed
the
acd-duplicate-ip
branch
from
35d7be7 to
dc7d3c5
Compare
yuwata
added
good-to-merge/waiting-for-ci 👍
|
@keszybz Thank you for the review. The two comments are addressed now. I've updated the green label. |
4 participants
closes #2527