From b8792134924c753209ac4a815e07fe6d8b651102 Mon Sep 17 00:00:00 2001 From: Tasos Sahanidis Date: Sun, 16 Jun 2024 07:45:17 +0300 Subject: [PATCH] networkd: Implement ipv6-address-generation: stable-privacy The relevant systemd pull request has long been merged, so add support for IPv6Token=prefixstable in the networkd generator. https://github.com/systemd/systemd/pull/16618 --- doc/netplan-yaml.md | 4 ++-- src/networkd.c | 20 ++++++++++++++------ tests/generator/test_common.py | 15 ++++++++++++++- tests/generator/test_errors.py | 8 -------- tests/generator/test_ovs.py | 9 +++++++-- 5 files changed, 37 insertions(+), 19 deletions(-) diff --git a/doc/netplan-yaml.md b/doc/netplan-yaml.md index fe3693748..b6b3280c4 100644 --- a/doc/netplan-yaml.md +++ b/doc/netplan-yaml.md @@ -451,8 +451,8 @@ Match devices by MAC when setting options like: `wakeonlan` or `*-offload`. - **`ipv6-address-generation`** (scalar) – since 0.99 > Configure method for creating the address for use with RFC4862 IPv6 - > Stateless Address Auto-configuration (only supported with `NetworkManager` - > back end). Possible values are `eui64` or `stable-privacy`. + > Stateless Address Auto-configuration. + > Possible values are `eui64` or `stable-privacy`. - **`ipv6-address-token`** (scalar) – since 0.100 diff --git a/src/networkd.c b/src/networkd.c index ca6a6804b..1d61512b7 100644 --- a/src/networkd.c +++ b/src/networkd.c @@ -910,12 +910,20 @@ _netplan_netdef_write_network_file( g_string_append_printf(network, "Address=%s\n", g_array_index(def->ip6_addresses, char*, i)); if (def->ip6_addr_gen_token) { g_string_append_printf(network, "IPv6Token=static:%s\n", def->ip6_addr_gen_token); - } else if (def->ip6_addr_gen_mode > NETPLAN_ADDRGEN_EUI64) { - /* EUI-64 mode is enabled by default, if no IPv6Token= is specified */ - /* TODO: Enable stable-privacy mode for networkd, once PR#16618 has been released: - * https://github.com/systemd/systemd/pull/16618 */ - g_set_error(error, NETPLAN_BACKEND_ERROR, NETPLAN_ERROR_UNSUPPORTED, "ERROR: %s: ipv6-address-generation mode is not supported by networkd\n", def->id); - return FALSE; + } else { + switch (def->ip6_addr_gen_mode) { + /* EUI-64 mode is enabled by default, if no IPv6Token= is specified */ + case NETPLAN_ADDRGEN_DEFAULT: + case NETPLAN_ADDRGEN_EUI64: + break; + case NETPLAN_ADDRGEN_STABLEPRIVACY: + g_string_append(network, "IPv6Token=prefixstable\n"); + break; + // LCOV_EXCL_START + default: + g_assert_not_reached(); + // LCOV_EXCL_STOP + } } if (def->accept_ra == NETPLAN_RA_MODE_ENABLED) g_string_append_printf(network, "IPv6AcceptRA=yes\n"); diff --git a/tests/generator/test_common.py b/tests/generator/test_common.py index fd892517f..9521c9f2a 100644 --- a/tests/generator/test_common.py +++ b/tests/generator/test_common.py @@ -765,10 +765,23 @@ def test_ip6_addr_gen_mode(self): version: 2 renderer: networkd ethernets: + engreen: + dhcp6: yes + ipv6-address-generation: stable-privacy enblue: dhcp6: yes ipv6-address-generation: eui64''') - self.assert_networkd({'enblue.network': '''[Match]\nName=enblue\n + self.assert_networkd({'engreen.network': '''[Match]\nName=engreen\n +[Network] +DHCP=ipv6 +LinkLocalAddressing=ipv6 +IPv6Token=prefixstable + +[DHCP] +RouteMetric=100 +UseMTU=true +''', + 'enblue.network': '''[Match]\nName=enblue\n [Network] DHCP=ipv6 LinkLocalAddressing=ipv6 diff --git a/tests/generator/test_errors.py b/tests/generator/test_errors.py index f7a8d780d..d447c4920 100644 --- a/tests/generator/test_errors.py +++ b/tests/generator/test_errors.py @@ -350,14 +350,6 @@ def test_invalid_addr_gen_mode(self): ipv6-address-generation: 0''', expect_fail=True) self.assertIn("unknown ipv6-address-generation '0'", err) - def test_addr_gen_mode_not_supported(self): - err = self.generate('''network: - version: 2 - ethernets: - engreen: - ipv6-address-generation: stable-privacy''', expect_fail=True) - self.assertIn("ERROR: engreen: ipv6-address-generation mode is not supported by networkd", err) - def test_addr_gen_mode_and_addr_gen_token(self): err = self.generate('''network: version: 2 diff --git a/tests/generator/test_ovs.py b/tests/generator/test_ovs.py index 4393cea38..5a9d69483 100644 --- a/tests/generator/test_ovs.py +++ b/tests/generator/test_ovs.py @@ -1061,10 +1061,15 @@ def test_ovs_invalid_networkd_config(self): bridges: br0: openvswitch: {} - ipv6-address-generation: stable-privacy + dhcp4: true + dhcp4-overrides: + use-domains: true + dhcp6: true + dhcp6-overrides: + use-domains: false ''', expect_fail=True) self.assert_ovs({'cleanup.service': OVS_CLEANUP % {'iface': 'cleanup'}}) - self.assertIn('br0: ipv6-address-generation mode is not supported by networkd', err) + self.assertIn('br0: networkd requires that use-domains has the same value', err) def test_ovs_duplicates_when_parser_needs_second_pass(self): ''' Test case for LP: #2007682