While it might seem odd, 0.0.0.0/0 or ::/0 gateways are valid and
commonly used on point-to-point links (e.g. a wireguard tunnel) to
indicate that all traffic needs to be sent to a given interface.
systemd-networkd actually documents this as a valid configuration in its
man pages [1].
Tested to do the right thing in one of my NixOS containers using
a Wireguard tunnel as its default route.
[1] https://www.freedesktop.org/software/systemd/man/systemd.network.html#DefaultRouteOnDevice=
Previously this wasn't done in the `forEach`-expression for
`cfg.interfaces` and thus `networking.useDHCP` didn't have any effect if
no further interface was statically configured.
Commit ca58bd0a50 broke the test networking.networkd.static. This happened because the test sets `networking.defaultGateway`. This is implemented by adding the gateway to the list of `routes` using `mkDefault`. The `routes` are then overridden by an empty list in the newly added code. Replace `mkDefault` with `id` so the two lists are merged and everything (hopefully) works as expected.
See https://github.com/NixOS/nixpkgs/pull/144590 for a more context.
allows configuration of foo-over-udp decapsulation endpoints. sadly networkd
seems to lack the features necessary to support local and peer address
configuration, so those are only supported when using scripted configuration.
This reverts commit d349582c07.
The workaround initially applied isn't necessary anymore, as 247.3
contains the following commit:
> 242fc1d261 network: fix IPv6PrivacyExtensions=kernel handling
… which fixes https://github.com/systemd/systemd/issues/18003.
Systemd dependencies for scripted mode
were refactored according to analysis in #34586.
networking.vswitches can now be used with systemd-networkd,
although they are not supported by the daemon, a nixos receipe
creates the switch and attached required interfaces (just like
the scripted version).
Vlans and internal interfaces are implemented following the
template format i.e. each interface is
described using an attributeSet (vlan and type at the moment).
If vlan is present, then interface is added to the vswitch with
given tag (access mode). Type internal enabled vswitch to create
interfaces (see openvswitch docs).
Added configuration for configuring supported openFlow version on
the vswitch
This commit is a split from the original PR #35127.
Systemd dependencies for scripted mode
were refactored according to analysis in #34586.
networking.vswitches can now be used with systemd-networkd,
although they are not supported by the daemon, a nixos receipe
creates the switch and attached required interfaces (just like
the scripted version).
Vlans and internal interfaces are implemented following the
template format i.e. each interface is
described using an attributeSet (vlan and type at the moment).
If vlan is present, then interface is added to the vswitch with
given tag (access mode). Type internal enabled vswitch to create
interfaces (see openvswitch docs).
Added configuration for configuring supported openFlow version on
the vswitch
This commit is a split from the original PR #35127.
Just maching all network interfaces caused many breakages, see #18962
and #71106.
We already don't support the global networking.useDHCP,
networking.defaultGateway(6) options if networking.useNetworkd is
enabled, but direct users to configure the per-device
networking.interfaces.<name?>.… options.
With systemd version 243 network units with empty match block will
generate warnigs. The reasoning seems to be that the intended behaviour
is hard to infere. Being explicit about really meaning any interface is
the reasonable thing here.
We want to get rid of this mechanism in the long run but as long as we
do not have a replacement we should stick with it and keep it in
reasonable good shape.
With systemd v242 using the `Gateway` attribute of the `[Network]`
section will lead to "onlink" routes on all the device that are matched
by the default configuration (typically all devices) causing multiple
default routes (even on localhost).
We can only avoid that - while keeping our default route option - when
we mark the route as explicitly not on link. Only gateways that are
within a subnet of one of the assigned interface addresses will be
installed into the routing table.
Since the bonds interface changed to a lot more possible values we create a
mapping of kernel bond attribute names and values to networkd attributes.
Those match for the most part, but have to transformed slightly.
There is also an assert that unknown options won’t slip through silently.
Regression introduced by 0cb487ee04.
This changed the result for defaultGateway to be a submodule instead of
just a plain string, so instead of using just cfg.defaultGateway we need
to pass cfg.defaultGateway.address now.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @abbradar
