!tCyGickeVqkHsYjWnh:nixos.org

NixOS Networking

905 Members
Declaratively manage your switching, routing, wireless, tunneling and more.263 Servers

Load older messages

SenderMessageTime
26 Jun 2025
@adam:robins.wtfadamcstephensnetworkConfig.Bridge should yes. but I've not seen/used linkConfig.Unmanaged. Why did you add that?13:30:25
@matthewcroughan:defenestrate.itmatthewcroughan @ 39c3 (DECT 94667 or 97340 or 67192)Ah, copy paste from somewhere 13:30:38
@matthewcroughan:defenestrate.itmatthewcroughan @ 39c3 (DECT 94667 or 97340 or 67192)https://discourse.nixos.org/t/setup-networking-between-multiple-vms/44910/213:30:44
@matthewcroughan:defenestrate.itmatthewcroughan @ 39c3 (DECT 94667 or 97340 or 67192)I looked here first 13:30:47
@matthewcroughan:defenestrate.itmatthewcroughan @ 39c3 (DECT 94667 or 97340 or 67192)I'll remove it and see what happens 13:30:50
@adam:robins.wtfadamcstephens

When "yes", no attempts are made to bring up or configure matching links, equivalent to when there are no matching network files. Defaults to "no".

13:30:54
@adam:robins.wtfadamcstephensthat seems undesirable13:30:59
@adam:robins.wtfadamcstephensI'd encourage reading the docs on the options you're setting :)13:31:52
@matthewcroughan:defenestrate.itmatthewcroughan @ 39c3 (DECT 94667 or 97340 or 67192)In any case, removing that line didn't change the behavior 13:32:35
@matthewcroughan:defenestrate.itmatthewcroughan @ 39c3 (DECT 94667 or 97340 or 67192) 
  systemd.network = {
    networks = {
      "10-eth-priority" = {
        matchConfig.Name = "enp196s0";
        DHCP = "yes";
        dhcpV4Config.RouteMetric = 1023;
        dhcpV6Config.RouteMetric = 1023;
      };
      "30-enp196s0" = {
        matchConfig.Name ="enp196s0";
        linkConfig.RequiredForOnline = "enslaved";
        networkConfig = {
          Bridge = "br0";
        };
      };
      "40-tap0" = {
        matchConfig.Name ="tap0";
        bridgeConfig = {   };
        linkConfig.RequiredForOnline = "enslaved";
        networkConfig = {
          Bridge = "br0";
        };
      };
      "40-br0" = {
        matchConfig.Name = "br0";
        bridgeConfig = {};
        linkConfig = {
          RequiredForOnline = "carrier";
        };
      };
    };
    netdevs = {
      "20-tap0" = {
       enable = true;
        netdevConfig = {
          Kind = "tap";
          Name = "tap0";
        };
      };
      "20-br0" = {
        enable = true;
        netdevConfig = {
          Kind = "bridge";
          Name = "br0";
        };
      };
    };
  };
13:33:02
@matthewcroughan:defenestrate.itmatthewcroughan @ 39c3 (DECT 94667 or 97340 or 67192)Is there some state in the network stack that can only be fixed by rebooting now?13:34:00
@adam:robins.wtfadamcstephensthere can be changes that are easiest fixed by rebooting, yes.13:34:58
@matthewcroughan:defenestrate.itmatthewcroughan @ 39c3 (DECT 94667 or 97340 or 67192)Nope, a reboot did not change this state13:40:26
@matthewcroughan:defenestrate.itmatthewcroughan @ 39c3 (DECT 94667 or 97340 or 67192)enp196s0 is still not attached to the bridge in the above config13:40:34
@matthewcroughan:defenestrate.itmatthewcroughan @ 39c3 (DECT 94667 or 97340 or 67192) bridge link still only shows tap0 13:40:52
@antifuchs:asf.computerantifuchsWhy are you dhcp’ing on the bridge participant interface instead of the bridge itself? That can’t result in a working config (this is unrelated, but also a problem)13:55:07
@antifuchs:asf.computerantifuchsAnyway I recall something like this happened on one of my machine, I’ll go take a look13:56:07
@adam:robins.wtfadamcstephensi don't think it's a violation to put the IP on the individual interface, but it is preferable to put it on the bridge for sure14:03:42
@matthewcroughan:defenestrate.itmatthewcroughan @ 39c3 (DECT 94667 or 97340 or 67192)Is there a way to set promiscuous mode via networkd?14:06:29
@matthewcroughan:defenestrate.itmatthewcroughan @ 39c3 (DECT 94667 or 97340 or 67192) Or do I have to make a systemd service to run ip link set dev foo promisc on 14:06:57
@zeromute:matrix.org@zeromute:matrix.org left the room.14:20:52
@antifuchs:asf.computerantifuchshm, my issue was rooted in the interface not being identifiable by the matchConfig I gave (have switched to mac address matching now). That shouldn't affect you if the interface name you are matching corresponds correctly14:24:32
@adam:robins.wtfadamcstephens you can use networkctl status <if> to see which networkd files it's matching 14:25:20
27 Jun 2025
@redstone-menace:matrix.orgR̴̨͕͇͍̞̮̐̅͆̌̀̉̐͋̈́̃̀͒́̎̅̚̚̚͠͝Ĕ̵̡̛͖͖̟̙̫̱͈̘̞̭͍͍͑̌̄͑̓̋̓̀̈̏̈́͊̇͊͆̉͂̏̀̃̚͘͝͝ͅͅD̶̡̢͔̱̖̮͙͉̘̺͓͍̩̮͈͍͗̃̀̏͌͘͜ͅŚ̸̬̭̯̬͙͇͓̬̩̳̤͚͓̤̩̺͉͖̉͛̓̿̎͊̿̆́̐͂̇͌̄̇̓͘ͅͅT̴̞̫̘̝͇͔̟̪̪̦͂̔̎̀̎ͅŎ̷̡̬̹̪͈̭̣͈̭̭͉̦̖̝̘̪͖͔̥̦̘̻̳Ṋ̶̛̫͈̳̘͚̜̔̋͆̅̈́͊̑͊̉̌̈́̾͑̈́̚ͅË̸̡̨̨̛͇̜̖͔͖̻̟̗̠̙͓̘̗̥͉͇̜͑͆͊͑͑̀̓͒͜͝͝ changed their display name from Redstone to R̴̨͕͇͍̞̮̐̅͆̌̀̉̐͋̈́̃̀͒́̎̅̚̚̚͠͝Ĕ̵̡̛͖͖̟̙̫̱͈̘̞̭͍͍͑̌̄͑̓̋̓̀̈̏̈́͊̇͊͆̉͂̏̀̃̚͘͝͝ͅͅD̶̡̢͔̱̖̮͙͉̘̺͓͍̩̮͈͍͗̃̀̏͌͘͜ͅŚ̸̬̭̯̬͙͇͓̬̩̳̤͚͓̤̩̺͉͖̉͛̓̿̎͊̿̆́̐͂̇͌̄̇̓͘ͅͅT̴̞̫̘̝͇͔̟̪̪̦͂̔̎̀̎ͅŎ̷̡̬̹̪͈̭̣͈̭̭͉̦̖̝̘̪͖͔̥̦̘̻̳Ṋ̶̛̫͈̳̘͚̜̔̋͆̅̈́͊̑͊̉̌̈́̾͑̈́̚ͅË̸̡̨̨̛͇̜̖͔͖̻̟̗̠̙͓̘̗̥͉͇̜͑͆͊͑͑̀̓͒͜͝͝.00:55:56
@zhaofeng:zhaofeng.liZhaofeng LiKea 3.0 😮 https://gitlab.isc.org/isc-projects/kea/-/wikis/Release-Notes/release-notes-3.0.006:41:33
@zhaofeng:zhaofeng.liZhaofeng Li

tl;dr:

Build system: Meson
Native HTTP/TLS support: The DHCPv4, DHCPv6, and DHCP-DDNS daemons now have native support for API sockets over HTTP and TLS (HTTP), without the need to use the Control Agent (CA).
Classification: Class tags: Option class-tagging allows an option value to be conditionally applied to the response based on the client's class membership. The effect is similar to using an if-block in ISC DHCP to conditionally include options at a given scope. [...] We have added the ability to choose from multiple occurrences of the same option based on class-tagging.
IPv6-only preferred: Kea now supports v6-only-preferred mode, as described in RFC8925, more precisely. [...] Until recently, however, Kea sent back the option and assigned the IPv4 address at the same time; this is now fixed.
Usability: Kea now prints options with binary data in a human-readable form whenever possible
Build system improvements: Kea now compiles properly with Boost 1.87

06:41:38
@zhaofeng:zhaofeng.liZhaofeng Li *

tl;dr:

  • Build system: Meson
  • Native HTTP/TLS support: The DHCPv4, DHCPv6, and DHCP-DDNS daemons now have native support for API sockets over HTTP and TLS (HTTP), without the need to use the Control Agent (CA).
  • Classification: Class tags: Option class-tagging allows an option value to be conditionally applied to the response based on the client's class membership. The effect is similar to using an if-block in ISC DHCP to conditionally include options at a given scope. [...] We have added the ability to choose from multiple occurrences of the same option based on class-tagging.
  • IPv6-only preferred: Kea now supports v6-only-preferred mode, as described in RFC8925, more precisely. [...] Until recently, however, Kea sent back the option and assigned the IPv4 address at the same time; this is now fixed.
  • Usability: Kea now prints options with binary data in a human-readable form whenever possible
  • Build system improvements: Kea now compiles properly with Boost 1.87
06:42:08
@tom:dragar.deTomInsbesondere das sie v6-only-prefered gefixt haben ist ja mal eine gute Nachricht :)06:51:53
@tom:dragar.deTom* Especially that they've fixed v6-only-preferred is good. :)08:49:01
@hexa:lossy.networkhexathis is on my todo list, but the 2.6.3 update is still broken https://github.com/NixOS/nixpkgs/pull/41187509:36:27

Show newer messages

Back to Room ListRoom Version: 6