networkd: Implement ipv6-address-generation: stable-privacy #480
Conversation
The relevant systemd pull request has long been merged, so add support for IPv6Token=prefixstable in the networkd generator. systemd/systemd#16618
tatokis
force-pushed
the
networkd-ipv6-stable-privacy
branch
from
69b6ab0
to
9cb7136
Compare
slyon
added
the
community
There was a problem hiding this comment.
Thank you very much for your contribution to Netplan!
I very much like this PR and the fact that you're fixing an existing TODO. Kudos!
When checking the context of this PR, I found that the [Network].IPv6Prefix= setting isn't listed anymore in the most recent man-page. It seems like the logic was shuffled a little to make use of a Token= setting instead, see: https://www.freedesktop.org/software/systemd/man/latest/systemd.network.html (and systemd/systemd#20778)
There might still be some legacy-fallback, which might keep this PR totally valid!
Are we certain that it actually works, though? Would you mind creating an integration test around it, e.g. similar to tests/integration/ethernets.py:test_dhcp6, but then checking for the stable prefix?
| return FALSE; | ||
| } else { | ||
| switch (def->ip6_addr_gen_mode) { | ||
| case NETPLAN_ADDRGEN_DEFAULT: |
There was a problem hiding this comment.
nitpick: We should potentially keep the original comment about "EUI-64" here.
| case NETPLAN_ADDRGEN_DEFAULT: | |
| /* EUI-64 mode is enabled by default, if no IPv6Token= is specified */ | |
| case NETPLAN_ADDRGEN_DEFAULT: |
| @@ -1055,17 +1055,6 @@ def test_bridge_non_ovs_bond(self): | |||
| 'ovs-br.network': ND_EMPTY % ('ovs-br', 'ipv6'), | |||
| 'non-ovs-bond.netdev': '[NetDev]\nName=non-ovs-bond\nKind=bond\n'}) | |||
|
|
|||
| def test_ovs_invalid_networkd_config(self): | |||
There was a problem hiding this comment.
todo: We need to keep this test-case, in order to not decrease src/openvswitch.c code-coverage, checking that the OVS "cleanup" unit is created in failure case, too.
Of course, we cannot use the current failure case any more, as that got fixed :)
I'd suggest using something like this, which will trigger a similar failure-case:
def test_ovs_invalid_networkd_config(self):
err = self.generate('''network:
version: 2
bridges:
br0:
openvswitch: {}
dhcp4: true
dhcp4-overrides:
use-domains: true
dhcp6: true
dhcp6-overrides:
use-domains: false
''', expect_fail=True)
self.assert_ovs({'cleanup.service': OVS_CLEANUP % {'iface': 'cleanup'}})
self.assertIn('br0: networkd requires that use-domains has the same value', err)
Description
The relevant systemd pull request has long been merged, so add support for
IPv6Token=prefixstablein the networkd generator.systemd/systemd#16618
Checklist
make checksuccessfully.make check-coverage).