Systemd/networkd: Difference between revisions

(13 intermediate revisions by 9 users not shown)

Line 1:

[https://www.freedesktop.org/software/systemd/man/systemd-networkd.html systemd-networkd] is the network~~[[Category: Networking]]~~ configuration component of the [[systemd]][[Category:systemd]] software suite. It is well integrated into NixOS below {{Nixos:option|systemd.network}} and should be preferred over {{Nixos:option|networking.interfaces}} options for most use cases, since it receives far superior maintenance.

[https://www.freedesktop.org/software/systemd/man/systemd-networkd.html systemd-networkd] is the network configuration component of the [[systemd]][[Category:systemd]] software suite. It is well integrated into NixOS below {{Nixos:option|systemd.network}} and should be preferred over {{Nixos:option|networking.interfaces}} options for most use cases, since it receives far superior maintenance.

Configuration for networkd is split into three sections.

Line 28:

Line 29:

These use cases are better served by [[NetworkManager]] and its various frontends, that provides a better integrated user experience for various desktop systems.

{{Note|Both systemd-networkd and NetworkManager can exist in parallel on the same machine,

{{Note|Both systemd-networkd and NetworkManager can exist in parallel on the same machine, when they manage a distinct set of interfaces. If upstream connectivity is managed by NetworkManager (for example, NM handles wifi and networkd does VM networking), set {{Nixos:option|systemd.network.wait-online.enable}} to false so that boot isn't blocked on connectivity that networkd will never provide.}}

when they manage a distinct set of interfaces.}}

=== Enabling ===

Line 147:

Examples should be concise and give proper hints on how to achieve a reliably working <code>network-online.target</code>.

=== Interface Naming ===

The name of an interface can be changed based on different matches. This is useful for pretty names (e.g. wan, lan), but also if you want to make sure that your interface name never changes. This might be useful because even with predictable interface naming your interface name can change, for example when you add a new PCIe card and indexing changes, or due to kernel changes the way your mainboard gets interpreted changes.<syntaxhighlight lang="nix">

systemd.network.links."10-wan" = {

# Check systemd.link(5) for other matchers

matchConfig.Path = "pci-0000:09:00.0";

linkConfig.Name = "wan";

};

</syntaxhighlight>

=== DHCP/RA ===

Line 177:

Line 186:

matchConfig.Name = "enp1s0";

address = [

# configure addresses including subnet mask

"192.0.2.100/24"

"2001:DB8::2/64"

];

routes = [

# create default routes for both IPv6 and IPv4

{ ~~routeConfig.~~Gateway = "fe80::1"; }

{ Gateway = "fe80::1"; }

{ ~~routeConfig.~~Gateway = "192.0.2.1"; }

{ Gateway = "192.0.2.1"; }

# or when the gateway is not on the same network

~~{ routeConfig =~~ {

{

Gateway = "172.31.1.1";

GatewayOnLink = true;

}; }

}

];

# make the routes on this interface a dependency for network-online.target

Line 278:

Line 287:

# Configure the bridge for its desired function

"40-br0" = {

matchConfig.Name ="br0";

matchConfig.Name = "br0";

bridgeConfig = {};

# Disable address autoconfig ~~the bridge does not require~~ IP configuration

# Disable address autoconfig when no IP configuration is required

#networkConfig.LinkLocalAddressing = "no";

linkConfig = {

Line 292:

Line 301:

=== Bonding ===

''More details: [[Networking#Link aggregation]]''</div>

Given two hardlinks <code>enp2s0</code> and <code>enp3s0</code> create a virtual <code>bond0</code> interface using Dynamic LACP (802.3ad), hashing outgoing packets using a packet's layer 3/4 (network/transport layer in the OSI model) information.

Line 343:

Line 355:

"30-lan" = {

matchConfig.Name = "lan";

address = [

address = [ "2001:db8:1122:3344::1/64" ];

"2001:db8:1122:3344::1/64"

];

networkConfig = {

IPv6SendRA = true;

};

ipv6Prefixes = [ {

ipv6Prefixes = [

# Announce a static prefix

{

ipv6PrefixConfig.Prefix = "2001:db8:1122:3344::/64";

# Announce a static prefix

} ];

ipv6PrefixConfig.Prefix = "2001:db8:1122:3344::/64";

}

];

ipv6SendRAConfig = {

# Provide a DNS resolver

Line 359:

Line 371:

};

</syntaxhighlight>

Line 376:

Line 389:

* [https://gist.github.com/mweinelt/b78f7046145dbaeab4e42bf55663ef44 NixOS 22.11 VDSL Router (VLANs on top of Bonding, IPv6 Prefix-Delegation, pppd Integration)] by [https://github.com/mweinelt mweinelt]

* [https://github.com/philipwilk/nixos/blob/4fec9d73bfa7b1ecb490186522de38d25ee81e69/homelab/router/systemd.nix NixOS Unstable (25.04) Router (ipv4/ipv6 dual stack, dnssec+dnsovertls, NTP-rs)] by [https://github.com/philipwilk philipwilk]

[[Category:systemd]]

[[Category:Networking]]

@@ Line 1: / Line 1: @@
+{{Systemd/breadcrumb}}
 {{DISPLAYTITLE:systemd-networkd}}
-[https://www.freedesktop.org/software/systemd/man/systemd-networkd.html systemd-networkd] is the network[[Category: Networking]] configuration component of the [[systemd]][[Category:systemd]] software suite. It is well integrated into NixOS below {{Nixos:option|systemd.network}} and should be preferred over {{Nixos:option|networking.interfaces}} options for most use cases, since it receives far superior maintenance.
+[https://www.freedesktop.org/software/systemd/man/systemd-networkd.html systemd-networkd] is the network configuration component of the [[systemd]][[Category:systemd]] software suite. It is well integrated into NixOS below {{Nixos:option|systemd.network}} and should be preferred over {{Nixos:option|networking.interfaces}} options for most use cases, since it receives far superior maintenance.
 Configuration for networkd is split into three sections.
@@ Line 28: / Line 29: @@
 These use cases are better served by [[NetworkManager]] and its various frontends, that provides a better integrated user experience for various desktop systems.
-{{Note|Both systemd-networkd and NetworkManager can exist in parallel on the same machine,
+{{Note|Both systemd-networkd and NetworkManager can exist in parallel on the same machine, when they manage a distinct set of interfaces. If upstream connectivity is managed by NetworkManager (for example, NM handles wifi and networkd does VM networking), set {{Nixos:option|systemd.network.wait-online.enable}} to false so that boot isn't blocked on connectivity that networkd will never provide.}}
-when they manage a distinct set of interfaces.}}
 === Enabling ===
@@ Line 147: / Line 147: @@
 Examples should be concise and give proper hints on how to achieve a reliably working <code>network-online.target</code>.
+=== Interface Naming ===
+The name of an interface can be changed based on different matches. This is useful for pretty names (e.g. wan, lan), but also if you want to make sure that your interface name never changes. This might be useful because even with predictable interface naming your interface name can change, for example when you add a new PCIe card and indexing changes, or due to kernel changes the way your mainboard gets interpreted changes.<syntaxhighlight lang="nix">
+  systemd.network.links."10-wan" = {
+    # Check systemd.link(5) for other matchers
+    matchConfig.Path = "pci-0000:09:00.0";
+    linkConfig.Name = "wan";
+  };
+</syntaxhighlight>
 === DHCP/RA ===
@@ Line 177: / Line 186: @@
      matchConfig.Name = "enp1s0";
      address = [
-        # configure addresses including subnet mask
+      # configure addresses including subnet mask
-        "192.0.2.100/24"
+      "192.0.2.100/24"
-        "2001:DB8::2/64"
+      "2001:DB8::2/64"
      ];
      routes = [
        # create default routes for both IPv6 and IPv4
-       { routeConfig.Gateway = "fe80::1"; }
+       { Gateway = "fe80::1"; }
-       { routeConfig.Gateway = "192.0.2.1"; }
+       { Gateway = "192.0.2.1"; }
        # or when the gateway is not on the same network
-       { routeConfig = {
+       {
          Gateway = "172.31.1.1";
          GatewayOnLink = true;
-       }; }
+       }
      ];
      # make the routes on this interface a dependency for network-online.target
@@ Line 278: / Line 287: @@
        # Configure the bridge for its desired function
        "40-br0" = {
-         matchConfig.Name ="br0";
+         matchConfig.Name = "br0";
          bridgeConfig = {};
-         # Disable address autoconfig the bridge does not require IP configuration
+         # Disable address autoconfig when no IP configuration is required
          #networkConfig.LinkLocalAddressing = "no";
          linkConfig = {
@@ Line 292: / Line 301: @@
 === Bonding ===
+<div style="margin-left: 2em; margin-bottom:1em">
+''More details: [[Networking#Link aggregation]]''</div>
 Given two hardlinks <code>enp2s0</code> and <code>enp3s0</code> create a virtual <code>bond0</code> interface using Dynamic LACP (802.3ad), hashing outgoing packets using a packet's layer 3/4 (network/transport layer in the OSI model) information.
@@ Line 343: / Line 355: @@
        "30-lan" = {
          matchConfig.Name = "lan";
-         address = [
+         address = [ "2001:db8:1122:3344::1/64" ];
-          "2001:db8:1122:3344::1/64"
-        ];
          networkConfig = {
            IPv6SendRA = true;
          };
-         ipv6Prefixes = [ {
+         ipv6Prefixes = [
-          # Announce a static prefix
+          {
-          ipv6PrefixConfig.Prefix = "2001:db8:1122:3344::/64";
+            # Announce a static prefix
-         } ];
+            ipv6PrefixConfig.Prefix = "2001:db8:1122:3344::/64";
+          }
+         ];
          ipv6SendRAConfig = {
            # Provide a DNS resolver
@@ Line 359: / Line 371: @@
          };
        };
+    };
    };
 </syntaxhighlight>
@@ Line 376: / Line 389: @@
 * [https://gist.github.com/mweinelt/b78f7046145dbaeab4e42bf55663ef44 NixOS 22.11 VDSL Router (VLANs on top of Bonding, IPv6 Prefix-Delegation, pppd Integration)] by [https://github.com/mweinelt mweinelt]
+* [https://github.com/philipwilk/nixos/blob/4fec9d73bfa7b1ecb490186522de38d25ee81e69/homelab/router/systemd.nix NixOS Unstable (25.04) Router (ipv4/ipv6 dual stack, dnssec+dnsovertls, NTP-rs)] by [https://github.com/philipwilk philipwilk]
+[[Category:systemd]]
+[[Category:Networking]]