[gentoo-user] systemd-networkd: simpler config for my network

[gentoo-user] systemd-networkd: simpler config for my network

[Stefan G. Weichinger]

Aside from all the discussions around systemd, I simply gave the new
systemd-networkd a try.

It helped me to simplify my config for my main machine where I run KVM
for virtualization and need a network bridge:

http://www.oops.co.at/en/publications/systemd-networkd-network-configuration-for-a-kvm-server

Maybe someone else can make use of that as well.

Stefan

Re: [gentoo-user] systemd-networkd: simpler config for my network

[Nilesh Govindrajan]

[-- Attachment #1: Type: text/plain, Size: 629 bytes --]

On 31-Mar-2014 5:45 pm, "Stefan G. Weichinger" <lists@xunil.at> wrote:
>
>
> Aside from all the discussions around systemd, I simply gave the new
> systemd-networkd a try.
>
> It helped me to simplify my config for my main machine where I run KVM
> for virtualization and need a network bridge:
>
>
http://www.oops.co.at/en/publications/systemd-networkd-network-configuration-for-a-kvm-server
>
> Maybe someone else can make use of that as well.
>
> Stefan
>

IMHO, tap interfaces are not required there because they get created
automatically as needed when you specify the bridge to which QEMU must
attach to. It's an overkill.

[-- Attachment #2: Type: text/html, Size: 924 bytes --]

Re: [gentoo-user] systemd-networkd: simpler config for my network

[Stefan G. Weichinger]

Am 31.03.2014 14:17, schrieb Nilesh Govindrajan:
> On 31-Mar-2014 5:45 pm, "Stefan G. Weichinger" <lists@xunil.at> wrote:
>>
>>
>> Aside from all the discussions around systemd, I simply gave the new
>> systemd-networkd a try.
>>
>> It helped me to simplify my config for my main machine where I run KVM
>> for virtualization and need a network bridge:
>>
>>
> http://www.oops.co.at/en/publications/systemd-networkd-network-configuration-for-a-kvm-server
>>
>> Maybe someone else can make use of that as well.
>>
>> Stefan
>>
> 
> IMHO, tap interfaces are not required there because they get created
> automatically as needed when you specify the bridge to which QEMU must
> attach to. It's an overkill.

So the openrc-example might be simplified? ok with me ... does anyone
confirm?


Thanks, Stefan

Re: [gentoo-user] systemd-networkd: simpler config for my network

[Stefan G. Weichinger]

Am 31.03.2014 14:39, schrieb Stefan G. Weichinger:
> Am 31.03.2014 14:17, schrieb Nilesh Govindrajan:
>> On 31-Mar-2014 5:45 pm, "Stefan G. Weichinger" <lists@xunil.at> wrote:
>>>
>>>
>>> Aside from all the discussions around systemd, I simply gave the new
>>> systemd-networkd a try.
>>>
>>> It helped me to simplify my config for my main machine where I run KVM
>>> for virtualization and need a network bridge:
>>>
>>>
>> http://www.oops.co.at/en/publications/systemd-networkd-network-configuration-for-a-kvm-server
>>>
>>> Maybe someone else can make use of that as well.
>>>
>>> Stefan
>>>
>>
>> IMHO, tap interfaces are not required there because they get created
>> automatically as needed when you specify the bridge to which QEMU must
>> attach to. It's an overkill.
> 
> So the openrc-example might be simplified? ok with me ... does anyone
> confirm?

Today I tried to set up a bonding between 2 physical NICs and then I
wanted to make a bridge on top of that to connect the VMs.

So far no success, maybe my fault, maybe not yet possible with networkd.

More tomorrow ;-)

S

[gentoo-user] Re: systemd-networkd: simpler config for my network

[Tom H]

Stefan G. Weichinger <lists <at> xunil.at> writes:
> Am 31.03.2014 14:17, schrieb Nilesh Govindrajan:
>> On 31-Mar-2014 5:45 pm, "Stefan G. Weichinger" <lists <at> xunil.at> 
wrote:
>>>
>>> Aside from all the discussions around systemd, I simply gave the new
>>> systemd-networkd a try.
>>>
>>> It helped me to simplify my config for my main machine where I run KVM
>>> for virtualization and need a network bridge:
>>>
>>> http://www.oops.co.at/en/publications/systemd-networkd-network-
configuration-for-a-kvm-server
>>>
>>> Maybe someone else can make use of that as well.
>> 
>> IMHO, tap interfaces are not required there because they get created
>> automatically as needed when you specify the bridge to which QEMU must
>> attach to. It's an overkill.
> 
> So the openrc-example might be simplified? ok with me ... does anyone
> confirm?

It depends how you set up your network on the qemu command line.

If you use "qemu -netdev tap,id=hn0,script=no,downscript=no ...", you need 
to set up a tap.

If you use "qemu -netdev tap,id=hn0 ...", you don't need to set up a tap if 
you have a "/etc/qemu-ifup" script..

But you do need to set a bridge on both cases.

Re: [gentoo-user] Re: systemd-networkd: simpler config for my network

[Stefan G. Weichinger]

Am 06.04.2014 15:02, schrieb Tom H:

>> So the openrc-example might be simplified? ok with me ... does anyone
>> confirm?
> 
> It depends how you set up your network on the qemu command line.
> 
> If you use "qemu -netdev tap,id=hn0,script=no,downscript=no ...", you need 
> to set up a tap.
> 
> If you use "qemu -netdev tap,id=hn0 ...", you don't need to set up a tap if 
> you have a "/etc/qemu-ifup" script..
> 
> But you do need to set a bridge on both cases.

ok ... I would have to look that up as I don't use qemu via command line
but via virtmanager/libvirt.

Thanks, Stefan

Re: [gentoo-user] Re: systemd-networkd: simpler config for my network

[Tom H]

On Mon, Apr 7, 2014 at 4:04 AM, Stefan G. Weichinger <lists@xunil.at> wrote:
> Am 06.04.2014 15:02, schrieb Tom H:
>
>>> So the openrc-example might be simplified? ok with me ... does anyone
>>> confirm?
>>
>> It depends how you set up your network on the qemu command line.
>>
>> If you use "qemu -netdev tap,id=hn0,script=no,downscript=no ...", you need
>> to set up a tap.
>>
>> If you use "qemu -netdev tap,id=hn0 ...", you don't need to set up a tap if
>> you have a "/etc/qemu-ifup" script..
>>
>> But you do need to set a bridge on both cases.
>
> ok ... I would have to look that up as I don't use qemu via command line
> but via virtmanager/libvirt.
>
> Thanks, Stefan

You're welcome.

I've never used virt-manager but I assume that it functions like
virt-install or that it uses virt-install under the gui.

If that's the case, it won't use predefined tap devices, slaved to a
bridge or not. It'll create vnetX tap devices and add them to a bridge
on the fly. But if you want to use tapX tap devices rather than vnetX
ones, you can edit the xml to set that up.

Re: [gentoo-user] Re: systemd-networkd: simpler config for my network

[Stefan G. Weichinger]

Am 07.04.2014 19:14, schrieb Tom H:

> You're welcome.
> 
> I've never used virt-manager but I assume that it functions like
> virt-install or that it uses virt-install under the gui.
> 
> If that's the case, it won't use predefined tap devices, slaved to a
> bridge or not. It'll create vnetX tap devices and add them to a bridge
> on the fly. But if you want to use tapX tap devices rather than vnetX
> ones, you can edit the xml to set that up.

I just looked up what systemd-networkd and virt-manager do.

No tap-devices here when I run a local VM ... so I might review the
openrc-script for reference.

Thanks, Stefan

Re: [gentoo-user] Re: systemd-networkd: simpler config for my network

[Stefan G. Weichinger]

Am 08.04.2014 07:24, schrieb Stefan G. Weichinger:

> I just looked up what systemd-networkd and virt-manager do.
> 
> No tap-devices here when I run a local VM ... so I might review the
> openrc-script for reference.

edited and tested the bridge.service:

http://www.oops.co.at/en/publications/systemd-networkd-network-configuration-for-a-kvm-server

openrc-example still to be streamlined ;-)

Re: [gentoo-user] systemd-networkd: simpler config for my network

[Pavel Volkov]

On Monday, 31 March 2014 16:14:44 MSK, Stefan G. Weichinger wrote:
> Aside from all the discussions around systemd, I simply gave the new
> systemd-networkd a try.
>
> It helped me to simplify my config for my main machine where I run KVM
> for virtualization and need a network bridge:
>

I browsed through the man pages before and it seemed like systemd-networkd 
can't yet be configured to enable SLAAC on IPv6 interface.
Am I right?
And this is such a common configuration...

Re: [gentoo-user] systemd-networkd: simpler config for my network

[Stefan G. Weichinger]

Am 15.04.2014 00:02, schrieb Pavel Volkov:
> On Monday, 31 March 2014 16:14:44 MSK, Stefan G. Weichinger wrote:
>> Aside from all the discussions around systemd, I simply gave the new
>> systemd-networkd a try.
>>
>> It helped me to simplify my config for my main machine where I run KVM
>> for virtualization and need a network bridge:
>>
> 
> I browsed through the man pages before and it seemed like
> systemd-networkd can't yet be configured to enable SLAAC on IPv6 interface.
> Am I right?
> And this is such a common configuration...

Did you test it?

I think it just works ...

Stefan

Re: [gentoo-user] systemd-networkd: simpler config for my network

[Pavel Volkov]

On Tuesday, 15 April 2014 18:04:54 MSK, Stefan G. Weichinger wrote:
> Did you test it?
>
> I think it just works ...
>

Not yet, but it seems weird to have DHCP= for DHCPv4 and not to have any 
options (DHCPv6/SLAAC/unconfigured) for IPv6. Only Address= for static 
address.

Here is another problem. I need to issue this command:
"ip token set ::2/64 dev br0"
1. after the bridge device is created
2. before IP address is configured on it

netctl still seems a lot more capable than systemd-networkd...
And netctl runs separate services (line netctl@eth0.service) for separate 
interfaces unlike systemd-networkd, you can create more custom deps on top 
of it.

Re: [gentoo-user] systemd-networkd: simpler config for my network

[Stefan G. Weichinger]

Am 15.04.2014 19:25, schrieb Pavel Volkov:
> On Tuesday, 15 April 2014 18:04:54 MSK, Stefan G. Weichinger wrote:
>> Did you test it?
>>
>> I think it just works ...
>>
> 
> Not yet, but it seems weird to have DHCP= for DHCPv4 and not to have any
> options (DHCPv6/SLAAC/unconfigured) for IPv6. Only Address= for static
> address.
> 
> Here is another problem. I need to issue this command:
> "ip token set ::2/64 dev br0"
> 1. after the bridge device is created
> 2. before IP address is configured on it
> 
> netctl still seems a lot more capable than systemd-networkd...
> And netctl runs separate services (line netctl@eth0.service) for
> separate interfaces unlike systemd-networkd, you can create more custom
> deps on top of it.

Aside from not knowing the solution for your issues and aside from just
defending systemd:

systemd-networkd is still in development and very new ...

And it is not meant to be a drop-in replacement for big guns like
gnome-networkmanager or netctl, but just a simple tool for static setups.

Tom Gundersen, one of the main coders said "IPv6 support is so far very
basic (you can set static IPv6 addresses, and that's it). We plan to
support it fully in the future though."

-> https://plus.google.com/+TomGundersen/posts/8d1tzMJWppJ

Maybe things developed since then.

You might ask your questions on the systemd-devel-ml and share your
experience?

Stefan

Re: [gentoo-user] systemd-networkd: simpler config for my network

[Stefan G. Weichinger]

Am 15.04.2014 20:25, schrieb Stefan G. Weichinger:

> Tom Gundersen, one of the main coders said "IPv6 support is so far very
> basic (you can set static IPv6 addresses, and that's it). We plan to
> support it fully in the future though."
> 
> -> https://plus.google.com/+TomGundersen/posts/8d1tzMJWppJ
> 
> Maybe things developed since then.

I took the opportunity and asked Tom myself (we were in contact last
week due to my questions around my KVM-related network-setup).

Some quotes out of his reply, I showed him this thread for a start.

->

> Am 15.04.2014 19:25, schrieb Pavel Volkov:
>>> Not yet, but it seems weird to have DHCP= for DHCPv4 and not to have any
>>> options (DHCPv6/SLAAC/unconfigured) for IPv6. Only Address= for static
>>> address.
> 
> Currently, the only IPv6 support we have is static addresses and
> whatever the kernel provides natively. The reason for this is just
> lack of hours in the day, and it is definitely on the TODO. We expect
> to have DHCPv6 soon, but the patches have not yet been posted. Any
> further assistance in the form of patches or testing would be greatly
> appreciated of course.
> 
>>> Here is another problem. I need to issue this command:
>>> "ip token set ::2/64 dev br0"
>>> 1. after the bridge device is created
>>> 2. before IP address is configured on it
> 
> This seems like a useful feature and should be simple to implement.
> Can't promise to work on that any time soon though, but, again,
> patches would be appreciated.
> 
>>> netctl still seems a lot more capable than systemd-networkd...
> 
> Yes, we still have a lot of features left on our TODO. Things are
> 
>>> And netctl runs separate services (line netctl@eth0.service) for
>>> separate interfaces unlike systemd-networkd, you can create more custom
>>> deps on top of it.
> 
> That is also true, but this was a conscious choice from our side. Most
> of the deps (as the token use-case you mentioned above) are sorted out
> by networkd internally (when support is added), so the config remains
> purely declarative. Moreover, exposing network state simply as systemd
> units is not really powerful enough, as we probably want much more
> fine-grained status information (if an interface is up, if it has a
> link-local address assigned, a routable address assigned, if the
> global internet is reachable etc, etc.). We have therefore taken the
> approach of exposing this info (and more, such as DHCP leases and
> their associated information) through a C library. The plan is to
> obviously also add a dbus API.
> 
>> And it is not meant to be a drop-in replacement for big guns like
>> gnome-networkmanager or netctl, but just a simple tool for static setups.
> 
> True, we target mainly static setups (i.e., ones where you don't
> usually change the network configuration at run-time, though you may
> still use dynamic configuration such as DHCP of course). However, we
> still have a lot more features we need/want before we are done 
> 
>> Maybe things developed since then.
> 
> Not really. I have been working mostly on IPv4 so far, but Patrik
> Flykt from Intel is hard at work on DHCPv6, so that should be coming
> along soon.
> 
> Cheers,
> 
> Tom

So IPv6 isn't yet much supported as you noticed, right.

Interesting anyway, isn't it?

Best, Stefan