Bug 2082682 - [RFE] support a ipv6.addr-gen-mode knob in the global config [NEEDINFO]
Summary: [RFE] support a ipv6.addr-gen-mode knob in the global config
Keywords:
Status: VERIFIED
Alias: None
Product: Red Hat Enterprise Linux 8
Classification: Red Hat
Component: NetworkManager
Version: 8.6
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Thomas Haller
QA Contact: Matej Berezny
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2022-05-06 18:27 UTC by Dusty Mabe
Modified: 2022-08-02 14:38 UTC (History)
12 users (show)

Fixed In Version: NetworkManager-1.39.10-1.el8
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Type: Bug
Target Upstream Version:
fpalin: needinfo? (thaller)


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker RHELPLAN-121298 0 None None None 2022-05-06 18:30:58 UTC
freedesktop.org Gitlab NetworkManager NetworkManager-ci merge_requests 1125 0 None opened ipv6: added tests for add-gen-mode both in gconfig & with --offline option 2022-07-31 18:23:48 UTC

Description Dusty Mabe 2022-05-06 18:27:59 UTC
Description of problem:

In *CoreOS we have seen complaints because in some cloud environments the wrong ipv6 address is shown to the user (the environment is expecting eui64 for address autoconfiguration). This is arguably a bug in the environment, but there are other reasons for wanting to disable `stable-privacy` mode globally for an instance or even at a vendor level (i.e. the Fedora CoreOS OpenStack image).

context: https://github.com/coreos/fedora-coreos-tracker/issues/907

Could we add support for configuring this in the global config?



Additional info:

This ticket came out of a meeting I had with some of the NetworkManager team members. It was requested I open a new ticket for the feature request.

A previous ticket describing a similar feature request is at 
https://bugzilla.redhat.com/show_bug.cgi?id=1743161

Comment 2 Dusty Mabe 2022-05-06 18:36:04 UTC
This is linked in the github issue but worth mentioning here:
https://docs.openstack.org/neutron/wallaby/admin/config-ipv6.html#configuring-interfaces-of-the-guest

Comment 4 Thomas Haller 2022-05-09 14:31:34 UTC
potential solution, on discussion here:
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1213

Comment 5 Thomas Haller 2022-06-29 06:22:30 UTC
addr-gen-mode is not configurable via global connection defaults.

See upstream commit https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/commit/e6a33c04ebe1ac84e31628911e25bdfd7534dd3c

Comment 6 Dusty Mabe 2022-06-29 14:54:47 UTC
Thomas,

Did you mean to say "addr-gen-mode is NOW configurable via global connection defaults"?

Comment 7 Thomas Haller 2022-06-29 18:31:28 UTC
(In reply to Dusty Mabe from comment #6)
> Thomas,
> 
> Did you mean to say "addr-gen-mode is NOW configurable via global connection
> defaults"?

yes.


  /etc/NetworkManager/conf.d/95-my.conf

with

  [connection-95-my]
  ipv6.addr-gen-mode=0

should work (0 is "eui64") -- if `nmcli connection show "$PROFILE"` either prints

  ipv6.addr-gen-mode=default
  ipv6.addr-gen-mode=default-or-eui64

(only in those two cases the fallback to the default happens)


-- of course, if you create a profile with D-Bus/nmcli it will default to "default", and if you omit the key from keyfile it will default to "default-or-eui64".


With a sufficiently recent nmcli that supports --offline, also test:

  $ nmcli --offline connection add type ethernet ipv6.addr-gen-mode 0

Comment 8 Thomas Haller 2022-06-29 18:35:51 UTC
> "is NOW configurable"

"NOW" being upstream `main` branch.

Btw, we have copr repos from upstream here: https://copr.fedorainfracloud.org/coprs/networkmanager/


Note You need to log in before you can comment on or make changes to this bug.