[systemd-devel] systemd-networkd, IPv6PrivacyExtensions=kernel, sysctl and devicenames

Ede Wolf listac at nebelschwaden.de
Fri May 22 12:44:36 UTC 2020 

Hello,

Thanks for replying. As I have written, I am using no custom .rules or 
.link file. /etc/udev/rules.d is empty and /etc/systemd/network only 
contains .network files.

But I believe the problem would not change. As wether I rename an 
interface or 99-default.link as part of systemd-networkd does it, should 
make no difference.

The problem is, that sysctl.conf is being executed before the interfaces 
get their eventual names.

What would work is disabling interface renaming alltogether by adding 
net.ifnames=0 to the kernel, but those ethx names are not reliably 
persistent. So nothing is really won here. Unless you only have one 
interface, that is.

Unless I have missed somthing, that's why I am asking, those settings 
would need to be moved  from sysctl.conf to the [Network] section of a 
corresponding unit file alltogether, so that systemd has control over it.

As a workaround I have set default values:

net.ipv6.conf.default.stable_secret=<hex>
net.ipv6.conf.default.addr_gen_mode=2
net.ipv6.conf.all.addr_gen_mode=2


But I am getting different results on two different machines. One, where 
it works even on a systemd renamed link, and one, where it is not. Still 
trying to figure out, why that is.

But the key should be to be able to set those on a per link base, what I 
have not been able to do so far at all.




Am 22.05.20 um 12:21 schrieb Kevin P. Fleming:
> Do you have a udev 'persistent network device name' rules file in
> /etc/udev/rules.d? Many distributions install such a rules file by
> default, and this renames the interfaces to 'standard' names.
> 
> On Fri, May 22, 2020 at 3:47 AM Ede Wolf <listac at nebelschwaden.de> wrote:
>>
>> Hello,
>>
>> I am trying to enable temporary and/or stable addresses for a link and
>> am most likely running into troubles with the device naming. However, I
>> do not change any network name myself, neither in udev nor as part or a
>> link file, it's just the standard system settings (from Arch, in case
>> that matters).
>>
>> my sysctl.conf (both ens3 and eth0 refer to the same interface):
>>
>>
>> net.ipv6.conf.ens3.addr_gen_mode = 2
>> net.ipv6.conf.ens3.use_tempaddr = 2
>>
>> net.ipv6.conf.eth0.addr_gen_mode = 2
>> net.ipv6.conf.eth0.use_tempaddr = 2
>>
>>
>> And the logs read:
>>
>> journalctl -b0 | grep -E 'sysctl|ens3|eth0'
>> 08:56:46 systemd[263]: systemd-sysctl.service: Executing:
>> /usr/lib/systemd/systemd-sysctl
>> 08:56:46 systemd-sysctl[263]: Couldn't write '2' to
>> 'net/ipv6/conf/ens3/addr_gen_mode', ignoring: No such file or directory
>> 08:56:46 systemd-sysctl[263]: Couldn't write '2' to
>> 'net/ipv6/conf/ens3/use_tempaddr', ignoring: No such file or directory
>> 08:56:47 kernel: virtio_net virtio0 ens3: renamed from eth0
>> 08:56:47 systemd[1]: sys-subsystem-net-devices-ens3.device: Changed dead
>> -> plugged
>> 08:56:47 systemd[1]:
>> sys-devices-pci0000:00-0000:00:03.0-virtio0-net-ens3.device: Changed
>> dead -> plugged
>> 08:56:51 systemd-networkd[459]: ens3: Interface name change detected,
>> ens3 has been renamed to eth0.
>> 08:56:51 systemd-networkd[459]: eth0: Interface name change detected,
>> eth0 has been renamed to ens3.
>> 08:56:51 systemd-networkd[459]: ens3: IPv6 successfully enabled
>> 08:56:51 systemd-networkd[459]: ens3: Link UP
>> 08:56:51 systemd-networkd[459]: ens3: Gained carrier
>> ...
>>
>>
>> As it appears to me, the eth0 settings from sysctl.conf have been
>> accepted - at least no errors are logged in this regard -, but are lost,
>> because the interface got renamed afterwards. The ens3 interface was not
>> yet known at time of invoking systemd-sysctl, and therefore we get the
>> errors. That in turn means, the settings are not being applied.
>>
>> To make things worse, in sysctl.conf I've additionally set:
>>
>> net.ipv6.conf.default.stable_secret=<some hex poem>
>> net.ipv6.conf.default.addr_gen_mode=2
>> net.ipv6.conf.all.addr_gen_mode=2
>>
>>
>> Which results in all IP address having a stable privacy scope link,
>> _execpt_ of course ens3. The one that would be by far most important.
>>
>> What am I missing here? And insight is highly appreciated
>>
>> Thanks
>>
>> Ede
>> _______________________________________________
>> systemd-devel mailing list
>> systemd-devel at lists.freedesktop.org
>> https://lists.freedesktop.org/mailman/listinfo/systemd-devel

More information about the systemd-devel mailing list