summaryrefslogtreecommitdiffstats
path: root/network/80-container-ve.network (follow)
Commit message (Collapse)AuthorAgeFilesLines
* network: take explicit ownership of our own interfacesLennart Poettering2024-01-101-2/+2
| | | | | | | | | | This is a follow-up for #30786 and uses it to assign ID_NET_MANAGED_BY=io.systemd.Network to all all network interfaces that we consider ours to manage. This should hopefully have the effect that other well-behaving managers won't fight for these devices. This doesn't bother with network interfaces we match inside containers, since udev is not available there anyway.
* network: use Kind= instead of Driver=Yu Watanabe2023-11-081-1/+1
| | | | | | | | networkd ignores errors in reading driver through ethtool. The kind of network interface is retrieved through netlink, and networkd checks checks many failures. So, using Kind= should be safer. No functional change, just for safety.
* network: disable IPv6AcceptRA= in several default configYu Watanabe2023-11-031-0/+1
| | | | | | | Also, - drop DHCP=no, as it is the default setting, - enable IPv6SendRA= for wifi access point, - enable MulticastDNS= for wifi adhoc mode.
* network: change license of examples to MIT-0Zbigniew Jędrzejewski-Szmek2022-10-261-2/+2
| | | | | | | | | | | | | | | Arguably, CC0 is just fine for examples since they are not code. But it's easier to be consistent and just use MIT-0 for all "documentation". Thus, the license is changed similarly code examples under man/. Based on 'git shortlog -ns network/*' and 'git log -p', the following folks should ack this: Zbigniew Jędrzejewski-Szmek Lennart Poettering Tom Gundersen Yu Watanabe Daan De Meyer Marc-André Lureau
* network: license all config files as CC0Zbigniew Jędrzejewski-Szmek2022-01-121-6/+10
| | | | | | | | Same justification as the previous commit. $ for i in network/*-*; do git blame $i;done | less shows that those files were written by Tom Gundersen, Lennart Poettering, Yu Watanabe, me, and Marc-André Lureau.
* network: use IPMasquerade=both instead of yesYu Watanabe2021-02-241-1/+1
| | | | Follow-up for 4c72d851cd007e945a85811f89376a2675daa1a5.
* networkd: Enable IPv6SendRA on builtin network filesDaan De Meyer2021-01-061-0/+1
| | | | | | | | | RAs trigger neighbor discovery which allows users to query the LL address of the container/VM via `ip neighbor get dev`. This is useful as it gives users an easy way to connect to the container without needing LLMNR or mDNS to resolve the hostname of the container to an IP address. In practice, this allows connecting with only networkd enabled and without resolved running in the host/container.
* license: LGPL-2.1+ -> LGPL-2.1-or-laterYu Watanabe2020-11-091-1/+1
|
* Add SPDX license headers to various assorted filesZbigniew Jędrzejewski-Szmek2017-11-191-0/+2
|
* network: allow LLDP packets to cross non-customer bridges for container ↵Lennart Poettering2016-05-091-1/+1
| | | | | | | | | | | network interfaces This changes the default .network files we ship for nspawn containers to set EmitLLDP=customer-bridge in order to allow propagation of the LLDP packets across bridges. This is useful so that "networkctl status" shows all peers connected to a virtual container network, collecting this data via LLDP. This is safe since the default configuration for these interfaces does not bridge these links to external interfaces, but relies on IP routing for this.
* network: add automatic configuration for the networks created by nspawn ↵Lennart Poettering2016-05-091-0/+4
| | | | | | | --network-zone= This way, they "just work", similar to --network-veth behaves, as long as networkd is enabled and running on all involved nodes.
* network: turn on LLDP tx+rx for the default container network configurationLennart Poettering2016-02-211-0/+2
| | | | | Containers are relatively trusted and the veth tunnels are small networks, hence let's turn on LLDP both ways for them.
* network: fix 'LinkLocal' -> 'LinkLocalAddressing' in network filesDavid Herrmann2015-02-141-1/+1
| | | | | | | | | | | | 'LinkLocal' was renamed to 'LinkLocalAddressing' in: commit 56fd6bf795926409b087bce406ea851ad89f9fe8 Author: Tom Gundersen <teg@jklm.no> Date: Sat Feb 14 00:32:26 2015 +0100 networkd: .network - rename LinkLocal to LinkLocalAddressing ..but apparently the network files were not updated. Fix this.
* networkd: generalize IPv4LL to LinkLocalTom Gundersen2015-02-091-1/+1
| | | | | | This allows both IPv4 and IPv6 link-local addresses to be enabled or disabled. By default we still enable IPv6LL and disable IPv4LL. The old config option is kept for backwards compatibility, but removed from the documentation.
* network: IPMasquerade= implies IPForward=, hence remove itLennart Poettering2015-01-131-1/+0
|
* doc: network - add comment about default prefix sizeTom Gundersen2015-01-131-0/+1
| | | | | | Should hopefully make it clear that this is not some magic value, just the default we picked. Suggested by Jan Engelhardt.
* networkd: add minimal IP forwarding and masquerading support to .network filesLennart Poettering2015-01-131-0/+2
| | | | | | | | | | | | | | This adds two new settings to networkd's .network files: IPForwarding=yes and IPMasquerade=yes. The former controls the "forwarding" sysctl setting of the interface, thus controlling whether IP forwarding shall be enabled on the specific interface. The latter controls whether a firewall rule shall be installed that exposes traffic coming from the interface as coming from the local host to all other interfaces. This also enables both options by default for container network interfaces, thus making "systemd-nspawn --network-veth" have network connectivity out of the box.
* network: automatically assign each container veth link a /28 IP address rangeLennart Poettering2014-06-181-0/+2
|
* network: always take possession of host side of nspawn veth tunnels and do ↵Lennart Poettering2014-05-181-0/+13
IPv4LL on them