opensuse / wicked Goto Github PK

From TODO file:

• Beeing able to disable e.g. “ppp” or “wireless” support in the code would be very helpful and help to pass security audit. This would require some refactoring to have all e.g. ppp code in one place...

From TODO file:

• support pppoe

From TODO file:

• route tables and improve routing support, implement routing tables/rules rules support to configure simple multihoming.
  Note: Our productive servers (dist.suse.de) require this.

From TODO file:

• Support all sorts of trigger scripts when interfaces are brought up and down. execute scripts from ifup.d and ifdown.d execute {ifup,ifdown}-connections

From TODO file:

• network/ifcfg-*
  • Complete support of /etc/sysconfig/network/ifcfg-* files [many code has been “cloned+tweaked” for libnetcontrol]
  • Bonding options are IMO incomplete, but may be used in ifcfg files [see bond interface support]; ensure to at least ignore them properly
  • Fix some bridge variable parsing bugs (priority/path-cost parsing)
  • Support the VLAN_ID variable (custom interface names)
  • Support for TUNNEL variable (tun/tap/sit/gre/ipip/..)
  • Convert WIRELESS_* variables, currently dummy code
  • reading only the WIRELESS_ESSID variable
  • Convert also per-network WIRELESS_*[NET]
  • ETHTOOL_OPTIONS[SUFFIX] – it is an array on SLE11-SP2 mandatory
  • Convert BOOTPROTO=ifplugd + IFPLUGD_PRIORITY; Used by default on notebooks with eth+wlan interface to set up an “OR + priority” interfaces sets.
  • SEND_GRATUITOUS_ARP/CHECK_DUPLICATE_IP
  • ??? LABEL[SUFFIX], SCOPE[SUFFIX], IP_OPTIONS[SUFFIX]

From TODO file:

• express explicit dependencies between devices.
  <meta:require check="netif-up">eth0/meta:require
  or some such.

From TODO file:

• try to request (renew) iBFT provided address in iBFT-dhcp mode (but do newer remove it from the interface, even the dhcp server suggests other IP; add additionally instead) to not break iSCSI[, ...] devices.

From TODO file:

• Fix routes / ifroutes parsing [incomplete, see libnetcontrol]

From TODO file:

source tree:
- Cleanup the code and carefully refactor a bit.

From TODO file:

• Autoipv6 Support [in the kernel + daemon directly]
  • Kernel netlink events are received in the daemon
  • Currently “autoip” code feels responsible for IP addresses which were provided by dhcpv6 and causes some confusion/conflicts/error messages [DHCPv4/v6 does not write leases].
  • RDNSS support (nameservers via autoconf): receiving it from kernel is implemented, but currently never used (not written to resolv.conf)

From TODO file:
wicked-nanny:

• policy daemon (provides NM like functionality)
• Discover how to deal with it / interview Olaf about ;-) I've looked at it, but have not much idea about / never really tried to effectively use it until now.
  Required to support multiple wlan networks per interface and ifplugd sets?

From TODO file:

• multipath routes nexthop routes over multiple links/gateways + weight

From TODO file:

network/ifsysctl

• Currently no ifsysctl(5) support in the converter at all

From TODO file:

network/ifndpproxy

• Currently no ifndp-proxy(5) support in the converter at all [virtualization@ISP != bridged(eth0), “routed” VM IP from same network as the IP assigned to eth0 interface]

From TODO file:

• support global (non-interface) routes

From TODO file:

network/dhcp

• Handle more global dhcp options? I don't see the need now except of SET_HOSTNAME (IMO crap). Currently parsed DHCLIENT_* options are:
  HOSTNAME_OPTION, CLIENT_ID, VENDOR_CLASS_ID, WAIT_AT_BOOT, LEASE_TIME.

From TODO file:

• bug: sometimes wpa supplicant just stops scanning

From TODO file:

• verification for infiniband required [client-id/DUID differs]

From TODO file:

• Add a naming service to identify a PCI hotplug device by its enclosure.

From TODO file:

firewall

• Integrate SuSEfirewall2 as firewall extension script
• Currently there is an empty wicked extension script called with “up” and “down” similar as in ifup case [which has also “lock/unlock” batch stuff to save some CPU).
  • just call SuSEfirewall2 from the extension hook.
• There are also another things in the schema, but seems to be “how we could make more” examples only.
  • Cleanup/Remove the additional examples from firewall schema for now

From TODO file:

• verification for infiniband required [client-id/DUID differs]

From TODO file:

• Fix to use reetrant function variants. Most other code (yast2, libvirt, …) are threaded; the use of some functions or own nonreetrant helper-functions (like ni_sockaddr_print) breaks the use of libwicked to implement e.g. libvirt driver or the use in yast2.

From TODO file:

• fix save-state code

From TODO file:

• dhcpv6 support
  • It is an initial implementation, not all features complete & enabled yet: currently requesting (and delivering back to wickedd) only non-temporary address and a very minimalistic set of options. Add/enable some important, DHCPv6 specific options and deliver to wicked. The dhcp client <-> server exchange is implemented in most cases, but then data gets discarded.
  • Code reading the netlink info from kernel is already there, but I've not finished it / events data is not processed at the moment: Finish “auto” mode to follow router-advertisment [network admin suggestion] and “info-only” mode [just options, no address needed for tahi?].

From TODO file:

• bug: linkUp on an interface that's up never returns the event callback.

From TODO file:

sysctl: Implemented are: disable_ipv6, autoconf, forwarding, accept_redirects, use_tempaddr. Support more: for IPv6, there are more useful to e.g. to catch corner cases, e.g.: accept_ra, proxy-ndp, ...

From TODO file:

• write addrconf leases to a file

From TODO file:

• use „confirm“ on start [requires persistent state/lease] and when mandatory the link goes away and comes back

From TODO file:

Add support for PXE BOOTIF kernel parameter selected interface [Required by Adrian / build-system worker VMs; using udev rules does not work there!]

From TODO file:

• Add biosdevname support [allow to use without udev rules renames]

From TODO file:
ethtool: Most are implemented (offload gso,gro,ufo,tso, …), but not all. Verify: Some (e.g. lro with netxen NIC) can be set after link is up only.

From TODO file:

• write lease/state to disk [currently in memory only, discarded on restart]

From TODO file:

• hotplugging: there are some parts/mechanisms, status unknown. as wickedd does not read and execute interface configs itself, I suppose this has to be addressed (ifup supports physical interfaces & bonding slaves).

From TODO file:

• dhcpv4 support
  • write lease/state to disk [currently in memory only]

From TODO file:

network/config

• Handle NETCONFIG_* variables somehow
  • Netconfig is currently used by all software to update dns/nis config in the system and add ntp servers to ntpd, that is by ifup(ibft,dhcp,ppp), NetworkManager, openvpn, … avahi [at least if configured].
  • All the variables, especially NETCONFIG_DNS_* and NETCONFIG_*_POLICY are used by yast2 and all sort of modules like yast2-network, yast2-{nis,dhcp,dns} which rely on them / the settings netconfig is applying [e.g. resolv + bind forwarders].
  • Netconfig(8) supports applying of static/static-asfallback and dynamic nis,ntp,dns settings it receives from dhcp/ppp/NM/avahi/VPN software and applying them to system configuration files (/etc/yp.conf, nisdomain, ntpd at runtime) according t destinations as /etc/resolv.conf and/or dnsmasq/bind [forwarder] and provides provides “priority” / “ranking” support , so e.g. nameserver provided by VPN are written to the front of resolv.conf list, before the settings provided by DHCP [same interface as VPN] and when enabled, also from avahi, but as fallback only.
• Handle other global options? I don't see any now.

From TODO file:

• LLDP and DCBX:
  • Basic LLDP code is there, as well as DCBX TLV encoding/decoding
  • Above all, this needs testing
  • There should be a global setting for enabling/disabling LLDP tx and rx.
  • When a NIC does not support DCB, we spit out an ugly error message. We should not do this
  • When receiving a DCBX message, we currently update the operating params, but never write them back to the kernel.

From TODO file:

• handle SIGTERM/SIGINT: bring down addrconf services, restore resolv.conf etc.

From TODO file:

• Support for IBFT / ISCSI, FcoE, NFS, ...
  - Reading/using iBFT firmware as config is incomplete. fw parsing is implemented (shell/extension script) and contains config generation from firmware already, but is incomplete and IMO never tested; no support for e.g. iBFT dns servers yet.
  - Some mechanisms for “nfsroot” are there, IMO untested/incomplete
  - Provide solution for remote-device shutdown order problem:
  There is an shutdown order problem, especially with remotedevices, which are using e.g. LVM which is used also by local disks as well. Current “ifup solution” is that the ISCSI / FcoE scripts are putting interfaces into “nfsroot” mode “on the fly” until shutdown and overriding any STARTMODE setting in the ifcfg configs. This causes to: start the dhcp clients in “persistent” mode, that is never remove any IP address from interface and reject to set link down.

From TODO file:

• Make interface selection less messy (unify all the --boot-* and --skip-* options and provide one generic expression mechanism)

From TODO file:

• Autoipv4 / Zeroconf support
  • Implemented, status unknown (=“+autoip” in ifup)

From TODO file:

• Bug #657402: fix broadcast vs. unicast: dhcp renew is broadcasted [has to be unicast to server] are dropped on gateways/relays [e.g. isco routers], when the server is behind a router. Further, AFAIR other requests were not correctly addressed, too.

From TODO file:

• when a wlan device changes association, tell dhcp about it so that it can request a new lease

From TODO file:

• try to request (renew) iBFT provided address in iBFT-dhcp mode, but do newer remove it from the interface, even dhcp server suggests other one as this could break mouted iSCSI volumes.

From TODO file:

• Allow wicked to request event notification when the resolver changes, or when a host becomes reachable?

From TODO file:

• Cleanup and document [--help] all options in [e.g. wicked client]

From TODO file:

if-{up,down].d

• What about all the “ifup” hooks installed by another software (e.g. samba-client with its MODIFY_SMB_CONF, xen, ...)? I don't think it makes sense to try to call as they are; it would not work because:
  • sysconfig scripts/funcions are not available/installed,
  • different dhcp client in use, … ifup state is not available
  • perhaps they're not needed at all, e.g. samba-client hook needs to be adopted, xen too.

From TODO file:

• support ppp: have a deviceNew method that associates a pppN and use deviceChange to bring up pppd.

From TODO file:

• ifcfg config file converter

  • Enable the use of the converter by default [by explicit config, … anyhow], so it works out of the box using ifcfg files
  • Currently there are two calls needed:
    • wicked convert --format suse --output /some/path/bond0.xml /etc/sysconfig/network/ifcfg-bond0
    • wicked ifup --ifconfig /some/path/bond0.xml bond0

  Update:

  • wicked ifup compat:/etc/sysconfig/network was recently added

From TODO file:

• Wicked implements matching by other references than name, AFAIR by mac and by pci bus id currently [as alternative to udev rules]. How complete is the current “match” implementation [e.g. s390 specific things]?

From TODO file:

• ifplugd: we could support this in the wicked client using some element.

  For each interface marked this way, wicked would background itself, and monitor linkUp/linkDown events.