Skip to content

Commit

Permalink
networkd: Implement ipv6-address-generation: stable-privacy
Browse files Browse the repository at this point in the history
The relevant systemd pull request has long been merged, so add support
for IPv6Token=prefixstable in the networkd generator.

systemd/systemd#16618
  • Loading branch information
tatokis authored and slyon committed Jul 17, 2024
1 parent 309e905 commit b879213
Show file tree
Hide file tree
Showing 5 changed files with 37 additions and 19 deletions.
4 changes: 2 additions & 2 deletions doc/netplan-yaml.md
Original file line number Diff line number Diff line change
Expand Up @@ -451,8 +451,8 @@ Match devices by MAC when setting options like: `wakeonlan` or `*-offload`.
- **`ipv6-address-generation`** (scalar) – since 0.99

> Configure method for creating the address for use with RFC4862 IPv6
> Stateless Address Auto-configuration (only supported with `NetworkManager`
> back end). Possible values are `eui64` or `stable-privacy`.
> Stateless Address Auto-configuration.
> Possible values are `eui64` or `stable-privacy`.

- **`ipv6-address-token`** (scalar) – since 0.100

Expand Down
20 changes: 14 additions & 6 deletions src/networkd.c
Original file line number Diff line number Diff line change
Expand Up @@ -910,12 +910,20 @@ _netplan_netdef_write_network_file(
g_string_append_printf(network, "Address=%s\n", g_array_index(def->ip6_addresses, char*, i));
if (def->ip6_addr_gen_token) {
g_string_append_printf(network, "IPv6Token=static:%s\n", def->ip6_addr_gen_token);
} else if (def->ip6_addr_gen_mode > NETPLAN_ADDRGEN_EUI64) {
/* EUI-64 mode is enabled by default, if no IPv6Token= is specified */
/* TODO: Enable stable-privacy mode for networkd, once PR#16618 has been released:
* https://github.com/systemd/systemd/pull/16618 */
g_set_error(error, NETPLAN_BACKEND_ERROR, NETPLAN_ERROR_UNSUPPORTED, "ERROR: %s: ipv6-address-generation mode is not supported by networkd\n", def->id);
return FALSE;
} else {
switch (def->ip6_addr_gen_mode) {
/* EUI-64 mode is enabled by default, if no IPv6Token= is specified */
case NETPLAN_ADDRGEN_DEFAULT:
case NETPLAN_ADDRGEN_EUI64:
break;
case NETPLAN_ADDRGEN_STABLEPRIVACY:
g_string_append(network, "IPv6Token=prefixstable\n");
break;
// LCOV_EXCL_START
default:
g_assert_not_reached();
// LCOV_EXCL_STOP
}
}
if (def->accept_ra == NETPLAN_RA_MODE_ENABLED)
g_string_append_printf(network, "IPv6AcceptRA=yes\n");
Expand Down
15 changes: 14 additions & 1 deletion tests/generator/test_common.py
Original file line number Diff line number Diff line change
Expand Up @@ -765,10 +765,23 @@ def test_ip6_addr_gen_mode(self):
version: 2
renderer: networkd
ethernets:
engreen:
dhcp6: yes
ipv6-address-generation: stable-privacy
enblue:
dhcp6: yes
ipv6-address-generation: eui64''')
self.assert_networkd({'enblue.network': '''[Match]\nName=enblue\n
self.assert_networkd({'engreen.network': '''[Match]\nName=engreen\n
[Network]
DHCP=ipv6
LinkLocalAddressing=ipv6
IPv6Token=prefixstable
[DHCP]
RouteMetric=100
UseMTU=true
''',
'enblue.network': '''[Match]\nName=enblue\n
[Network]
DHCP=ipv6
LinkLocalAddressing=ipv6
Expand Down
8 changes: 0 additions & 8 deletions tests/generator/test_errors.py
Original file line number Diff line number Diff line change
Expand Up @@ -350,14 +350,6 @@ def test_invalid_addr_gen_mode(self):
ipv6-address-generation: 0''', expect_fail=True)
self.assertIn("unknown ipv6-address-generation '0'", err)

def test_addr_gen_mode_not_supported(self):
err = self.generate('''network:
version: 2
ethernets:
engreen:
ipv6-address-generation: stable-privacy''', expect_fail=True)
self.assertIn("ERROR: engreen: ipv6-address-generation mode is not supported by networkd", err)

def test_addr_gen_mode_and_addr_gen_token(self):
err = self.generate('''network:
version: 2
Expand Down
9 changes: 7 additions & 2 deletions tests/generator/test_ovs.py
Original file line number Diff line number Diff line change
Expand Up @@ -1061,10 +1061,15 @@ def test_ovs_invalid_networkd_config(self):
bridges:
br0:
openvswitch: {}
ipv6-address-generation: stable-privacy
dhcp4: true
dhcp4-overrides:
use-domains: true
dhcp6: true
dhcp6-overrides:
use-domains: false
''', expect_fail=True)
self.assert_ovs({'cleanup.service': OVS_CLEANUP % {'iface': 'cleanup'}})
self.assertIn('br0: ipv6-address-generation mode is not supported by networkd', err)
self.assertIn('br0: networkd requires that use-domains has the same value', err)

def test_ovs_duplicates_when_parser_needs_second_pass(self):
''' Test case for LP: #2007682
Expand Down

0 comments on commit b879213

Please sign in to comment.