Contemporary network configuration for linux - ifupdown-ng
0 likes280 views
The document presents ifupdown-ng, a network configuration tool for Linux designed to address the limitations of existing solutions, particularly in complex environments. It highlights the motivations behind its development, including the need for modern features, compatibility with older systems, and ease of extension. The tool aims to serve as a drop-in replacement with features like static addressing and event-driven device management while being implemented in C for performance and flexibility.
Contemporary network configuration for linux - ifupdown-ng
- 1. Contemporary network con guration for Linux ifupdown-ng Aaron A. Glenn, Maximilian Wilhelm 1 / 18
- 2. Agenda 1. Who's who 2. Why something new? 3. What we built 2 / 18
- 3. Who's who Aaron A. Glenn Network Janitor & Internetworking Curmudgeon Ask me about Re-programmable Networks Managing Director, Predicted Paths BV & Network Service Associates Contact @networkservice / @aag@bsd.network aag@bgp.beer 3 / 18
- 4. Who's who Maximilian Wilhelm Senior Landscape Architect OpenSource Hacker Fanboy of (Debian) Linux IPv6 Occupation: By day: Senior Infrastructure Architect, Uni Paderborn By night: Infrastructure Archmage, Freifunk Hochstift In between: Freelance Solution Architect for hire Member of technical advisory board - Network Services Association Contact @BarbarossaTM max@sdn.clinic 4 / 18
- 5. Who's who Why? Field Experience Leads to Strong Opinions NSP customer has uncommon financial and logistical constraints 3300 site opportunity Initial 45 sites are intentionally in "most difficult" (network) environment Two vendors and six months have not led to any definition of success Given: MIPS64 devices Ancient Linux kernel Need: Linux 5.4+ handle complex configuration scenarios avoid dependency on Python/golang/Rust/etc. 5 / 18
- 6. Who's who Why? Strong Opinions Lead to New Code New Opportunities Alpine Linux project looking to modernize network configuration 'Complex' configurations are quite common! Q: "where else might this be useful?" New Thoughts Disaggregated networking = Linux "what if..." 6 / 18
- 7. Who's who Why? Network Services Linux Linux distribution for networking devices Based on Alpine Linux MUSL, no glibc Flexible contemporary network configuration required Came with ifupdown1 Not state of the art 7 / 18
- 8. Who's who Why? Status quo - what's out there iproute2 ifupdown ifupdown1 ifupdown2 netplan NetworkManager systemd-networkd RedHat universe etc. 8 / 18
- 9. Who's who Why? Status quo - ifupdown universe Two mostly compatible suites ifupdown1 Used in Debian (plus derivates) for decades Used in Alpine for years (as part of busybox) Written in C Monolithic Can be extended through /etc/network/if-X.d ifupdown2 Used in Cumulus Linux Available for Debian (plus derivates) Written in Python Modular, easy to extend 9 / 18
- 10. Who's who Why? What we wanted Compatible with ifupdown1/2 Support for contemporary features Easy to extend Small footprint 10 / 18
- 11. Who's who Why? What we built 11 / 18
- 12. Who's who Why? ifupdown-ng Vision Intended as a drop-in replacement for ifupdown1 and ifupdown2 installations Today: Alpine and Debian primary supported environments Feature parity with ifupdown1 Dependency resolution Extensible through executors Meaningful documentation Included in Alpine 3.13 and NSL 1 Planned: Support for other Linux distributions and *BSD Checking and reloading network configuration Native executors using netlink 12 / 18
- 13. Who's who Why? ifupdown-ng Architecture Core: Written in C Config parser Compatibility layer Dependency resolution Executors: Written in whatever you like (up to now: shell) create, set up, tear down links, tunnels, ... configure IPs 13 / 18
- 14. Who's who Why? ifupdown-ng Features As of today: static addresses (incl. pointopoint) B.A.T.M.A.N. adv. bonding / LAGs (vlan-aware) bridges DHCP ethtool dummy PPP tunnels (GRE, GRETAP, IP*, ...) vEth VRFs VXLAN Wireguard 14 / 18
- 15. Who's who Why? ifupdown-ng Outlook Features: Checking running config against configuration on disk Reloading network configuration (with minimum impact) Phase-wise execution Native executors (C, netlink) Support for static routes + PBR rules on interfaces Support: Automated integration tests Become a native Debian package 15 / 18
- 16. Who's who Why? ifupdown-ng Visions Managing WIFI interfaces iface wlan0 wpa-ssid TwistedAir wpa-psk muchsecure ifmond daemon Listens to netlink events Network device added/removed Cable plugged in or unplugged Reacts to netlink events by (de)configuring interfaces as appropriate Like udev, but for networking -> Event-driven network management without blocking init 16 / 18
- 17. Who's who Why? ifupdown-ng Links Code: https://github.com/ifupdown-ng/ifupdown-ng/ Discussion: #ifupdown-ng at irc.as7007.net 17 / 18