Bug#806673: ifupdown: doesn't configure IPv6 addresses over WLAN anymore
On Wed, 2015-12-02 at 10:36 +0100, Guus Sliepen wrote: > /u/s/d/ifupdown/examples/network-interfaces.gz seems to be rather > > limited and perhaps in some places even outdated, for example it > > says: > > - "The loopback interface isn't really required any longer" > > That shouls perhaps rather be something like "it doesn't need to be > > set > > up by ifupdown anymore [as it's already set up by xyz]". > > Yes, it could use a makeover. Do you want to put the ideas in a separate wishlist bug? > Well, there is only so much you can do with examples. You would like > to > see that example because it matches your needs, but everyone has > different requirements. Sure, but I think there are some quite general cases (e.g. every one with a desktop system will have wifi+v4+v6),... everyone with a server will have static+v4+v6... and many people have some kind of VPN. Plus, examples can also be used to demonstrate more general concepts, like the "merging". > > iface wlan0-bar all > > wpa-ssidbar > > wpa-key-mgmtWPA-PSK > > wpa-psk foo > > > > iface wlan0-bar inet dhcp > > iface wlan0-bar inet6 dhcp > > If anything, I'd rather have ifupdown automatically detect the > address > type from the address option, and allow multiple ones, so you could > do: > > iface wlan0-bar > wpa-ssid bar > wpa-psk foo > address 1.2.3.4/24 > gateway 1.2.3.1 > address 2000::1234/24 > gateway 2000::1 > ... Well,... well in any case,... any such change would be very well thought, so that it's simple but powerful enough to allow "any" kind of connections / setups people want to describe. > And maybe have dhcp and dhcp6 as options below the iface line. But > that's all cosmetic, and people don't like needless changes, so this > would be low priority. I agree in a way, but OTOH /e/n/interfaces syntax has IMHO become kind of a limiting factor to really generically describe what a connection should look like. This starts with the problem that it's protocol-family-centric (i.e. that's already encoded in the iface line), while nowadays connections typically are not. They're dual-stacked, and more protocols (VPN) may run on top of them. > Thanks for all your comments by the way, it's always good to hear > what > other people think :) I'll try to address them in future versions. Thanks for your work on ifupdown =) Chris. smime.p7s Description: S/MIME cryptographic signature
Bug#806673: ifupdown: doesn't configure IPv6 addresses over WLAN anymore
On Wed, Dec 02, 2015 at 03:58:19AM +0100, Christoph Anton Mitterer wrote: > > DHCPv6 requires a link-local address. Unfortunately, the ISC DHCP > > client immediately bails out if the interface doesn't have a > > link-local address. It would have been nice if it would just go to > > the background and wait until one appears. I'll work around it by > > having ifup wait for a link-local address right before starting the > > DHCP client. > > Did you report that upstream (i.e. that it doesn't bail out)? Not yet, there might be some other solution I've overlooked. > /u/s/d/ifupdown/examples/network-interfaces.gz seems to be rather > limited and perhaps in some places even outdated, for example it says: > - "The loopback interface isn't really required any longer" > That shouls perhaps rather be something like "it doesn't need to be set > up by ifupdown anymore [as it's already set up by xyz]". Yes, it could use a makeover. > > In general, if you run "ifup foo", it will act as if it runs all > > "iface foo" stanzas in /etc/network/interfaces in sequence. So if > > will first try to bring up your inet stanza, which in turn will > > configure wpa-supplicant. Then it brings up the inet6 stanza, but > > you don't need to repeat the wpa-* options. > > Ah good to know... so it does some kind of "merging". > I think that should be more clearly explained like you did it just here > in the manpage... AFAICS, there is no section which really describes > that thoroughly. Yes. > And perhaps additionally in the example interfaces file using one as I > did with wifi + v4/v6 + wpa-*. > Maybe even one with eth, like: > iface eth0 inet dhcp > iface eth0 inet6 dhcp > iface eth0 inet manual > up vpnc foo > > And tell people: > First it will bring v4 and v6 DHCP up... afterwards it will do the > vpnc. Well, there is only so much you can do with examples. You would like to see that example because it matches your needs, but everyone has different requirements. Too many examples or very complex examples also won't help. But I'll try to remove some outdated stuff and ensure the more common situations have a proper example. > And perhaps it would be cleaner (in terms of config file language) to > have a pseudo family for shared options so that one can e.g. specify > something like that: > > iface wlan0-bar all > wpa-ssidbar > wpa-key-mgmtWPA-PSK > wpa-psk foo > > iface wlan0-bar inet dhcp > iface wlan0-bar inet6 dhcp If anything, I'd rather have ifupdown automatically detect the address type from the address option, and allow multiple ones, so you could do: iface wlan0-bar wpa-ssid bar wpa-psk foo address 1.2.3.4/24 gateway 1.2.3.1 address 2000::1234/24 gateway 2000::1 ... And maybe have dhcp and dhcp6 as options below the iface line. But that's all cosmetic, and people don't like needless changes, so this would be low priority. Thanks for all your comments by the way, it's always good to hear what other people think :) I'll try to address them in future versions. -- Met vriendelijke groet / with kind regards, Guus Sliepensignature.asc Description: Digital signature
Bug#806673: ifupdown: doesn't configure IPv6 addresses over WLAN anymore
On Tue, 2015-12-01 at 22:28 +0100, Guus Sliepen wrote: > Ok, finally reproduced it. The problem is that apparently, the Linux > kernel waits with assigning an IPv6 link-local address until the > interface sees a "carrier". For wireless interfaces, that means it > waits > until it has associated with the base station. DHCPv6 requires a > link-local address. Unfortunately, the ISC DHCP client immediately > bails > out if the interface doesn't have a link-local address. It would have > been nice if it would just go to the background and wait until one > appears. I'll work around it by having ifup wait for a link-local > address right before starting the DHCP client. Did you report that upstream (i.e. that it doesn't bail out)? > The loopback interface is always a bit special, and doesn't follow > the > rules of other interfaces. Sure it's not that I'd complain... what I kinda miss is a best- practises/examples documentation on how people *should* lay out their ifupdown configuration (i.e. /e/n/interfaces). /u/s/d/ifupdown/examples/network-interfaces.gz seems to be rather limited and perhaps in some places even outdated, for example it says: - "The loopback interface isn't really required any longer" That shouls perhaps rather be something like "it doesn't need to be set up by ifupdown anymore [as it's already set up by xyz]". - The way it shows how to configure multiple addresses per iface: # iface eth0 inet static # address 192.168.0.100/24 # gateway 192.168.0.1 # iface eth0:1 inet static # address 192.168.0.200 # netmask 255.255.255.0 is as far less preferred over: # iface eth0 inet static # address 192.168.0.100/24 # gateway 192.168.0.1 # iface eth0 inet static # address 192.168.0.200 # netmask 255.255.255.0 I.e. I think it should be pointed more out that the later is preferred when you just want more addresses, while the former really gives you addition virtual ifaces (which most people probably wouldn't need). > In general, if you run "ifup foo", it will act as if it runs all > "iface > foo" stanzas in /etc/network/interfaces in sequence. So if will first > try to bring up your inet stanza, which in turn will configure > wpa-supplicant. Then it brings up the inet6 stanza, but you don't > need > to repeat the wpa-* options. Ah good to know... so it does some kind of "merging". I think that should be more clearly explained like you did it just here in the manpage... AFAICS, there is no section which really describes that thoroughly. And perhaps additionally in the example interfaces file using one as I did with wifi + v4/v6 + wpa-*. Maybe even one with eth, like: iface eth0 inet dhcp iface eth0 inet6 dhcp iface eth0 inet manual up vpnc foo And tell people: First it will bring v4 and v6 DHCP up... afterwards it will do the vpnc. > That's a bad idea. But if you want, you can separate the wpa- > supplicant > stuff from the IPv4 and IPv6 configuration, like so: > > iface wlan0-bar inet manual > wpa-ssidbar > wpa-key-mgmtWPA-PSK > wpa-psk foo > > iface wlan0-bar inet dhcp > iface wlan0-bar inet6 dhcp I see... again, it would be (at least for me) a bit unclear, from the manpage, that "manual" actually gets run here ("interfaces for which no configuration is done by default")... And perhaps it would be cleaner (in terms of config file language) to have a pseudo family for shared options so that one can e.g. specify something like that: iface wlan0-bar all wpa-ssidbar wpa-key-mgmtWPA-PSK wpa-psk foo iface wlan0-bar inet dhcp iface wlan0-bar inet6 dhcp iface wlan0-bar all vpnc foo With "all" being poor naming for "done for all families" or and it should allow (if not already the case) to have such section several times like above: 1) set up wpa 2) run v4 dhcp 3) run v6 dhcp 4) set up some tunnel, once v4 and/or v6 addresses are there. > > => which leads to the question, what happens if I do that with > > scripts: > > iface eth0 inet dhcp > > post-up vpnc something > > pre-down vpnc-disconnect > > iface eth0 inet6 dhcp > > post-up vpnc something > > pre-down vpnc-disconnect > > It would execute the scripts twice. Sounds logical,... but also something, that would be IMHO good to have clearly shown in the docs/examples. Thanks again for your efforts and best wishes, Chris. smime.p7s Description: S/MIME cryptographic signature
Bug#806673: ifupdown: doesn't configure IPv6 addresses over WLAN anymore
On Mon, 2015-11-30 at 09:09 +0100, Guus Sliepen wrote: > > Well but why wouldn't it get the RAs for v4 and not for v6? > There is no RA for IPv4, only DHCP. Argl... that's why I shouldn't write mails so late in the evening. I meant: why would it get the RAs via ethernet, but not via Wifi :D > > > And if I have just: > > > iface wlan0-bar inet6 dhcp|auto > > > wpa-ssidbar > > > > > > wpa-key-mgmtWPA-PSK > > > wpa-psk foo > > I even get: > > # ifup wlan0 > > wpa_supplicant: /sbin/wpa_supplicant daemon failed to start > > run-parts: /etc/network/if-pre-up.d/wpasupplicant exited with > > return code 1 > > Failed to bring up wlan0-bar. > > Ah, I'll try to reproduce this problem. Thanks. :) I also don't yet understand the basic idea of how especially dual stacked ifaces (and basically most network connections are dual stacked these days) should be properly described in /e/n/interfaces. For lo, people typically just use: iface lo inet loopback and no second iface lo inet6 loopback For others, typically eth/wlan I wonder a bit what's the way of doing it correctly: a) like you said iface wlan0-bar inet dhcp wpa-ssidbar wpa-key-mgmtWPA-PSK wpa-psk foo iface wlan0-bar inet6 dhcp|auto => what if v4 would become disabled there? would it still apply the wpa-settings to the connection? b) or doubling everything: iface wlan0-bar inet dhcp wpa-ssidbar wpa-key-mgmtWPA-PSK wpa-psk foo iface wlan0-bar inet6 dhcp|auto wpa-ssidbar wpa-key-mgmtWPA-PSK wpa-psk foo => which leads to the question, what happens if I do that with scripts: iface eth0 inet dhcp post-up vpnc something pre-down vpnc-disconnect iface eth0 inet6 dhcp post-up vpnc something pre-down vpnc-disconnect Cheers, Chris. smime.p7s Description: S/MIME cryptographic signature
Bug#806673: ifupdown: doesn't configure IPv6 addresses over WLAN anymore
On Mon, Nov 30, 2015 at 12:34:40AM +0100, Christoph Anton Mitterer wrote: > On Sun, 2015-11-29 at 23:21 +0100, Guus Sliepen wrote: > > > This is not a bug in ifupdown. In both cases, you have instructed > > ifupdown to start only a DHCPv4 client. It could be that, in the > > first case, the kernel automatically configures an IPv6 address > > based on router advertisement messages that it receives via the eth0 > > interface (ie, SLAAC). > > Well but why wouldn't it get the RAs for v4 and not for v6? There is no RA for IPv4, only DHCP. You have to explicitly run a DHCP client to get an automatically assigned IPv4 address. With IPv6, there is stateless autoconfiguration (SLAAC) and there is DHCPv6. The kernel handles the former but you again need to explicitly start a DHCPv6 client to get an address from a DHCPv6 server. > And if I have just: > >iface wlan0-bar inet6 dhcp|auto > >wpa-ssidbar > > > >wpa-key-mgmtWPA-PSK > >wpa-psk foo > I even get: > # ifup wlan0 > wpa_supplicant: /sbin/wpa_supplicant daemon failed to start > run-parts: /etc/network/if-pre-up.d/wpasupplicant exited with return code 1 > Failed to bring up wlan0-bar. Ah, I'll try to reproduce this problem. -- Met vriendelijke groet / with kind regards, Guus Sliepensignature.asc Description: Digital signature
Bug#806673: ifupdown: doesn't configure IPv6 addresses over WLAN anymore
Package: ifupdown Version: 0.7.54 Severity: important Hi. Since NM is more or less forced upon people I usually us that for daily network configuration... so I don't know when the following problem started. When I configure a iface like this: > iface eth0 inet dhcp then I get (from the same router) both, v4 and v6 addresses. However, when having something similar for a wlan: >iface wlan0-bar inet dhcp >wpa-ssidbar > >wpa-key-mgmtWPA-PSK >wpa-psk foo I only get v4 addresses. It works with NM, so I don't think it's a misconfiguration of the router or dhclient.conf. Now there is obviously the address family inet6 in /e/n/interfaces. I never understood how that is actually used/needed for. E.g. as above with eth0, inet already configures v6. How would one configure e.g. a wlan to also have inet6... does one really have to duplicate all the wpa-* stanzas for both inet and inet6? Or, is in the case of dhcp, inet vs. inet6 rather the family over which DHCP is tried (i.e. DHCPv4 vs. DHCPv6) and not the addresses that are configured in the end? Cheers, Chris. -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 4.2.0-1-amd64 (SMP w/8 CPU cores) Locale: LANG=en_DE.UTF-8, LC_CTYPE=en_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages ifupdown depends on: ii adduser 3.113+nmu3 ii initscripts 2.88dsf-59.2 ii iproute2 4.3.0-1 ii libc62.19-22 ii lsb-base 9.20150917 Versions of packages ifupdown recommends: ii isc-dhcp-client [dhcp-client] 4.3.3-5 Versions of packages ifupdown suggests: ii ppp 2.4.6-3.1 pn rdnssd -- debconf information: ifupdown/convert-interfaces: true