Add network RoutingPolicyRules at OpenBMC Networkd

Sat Oct 14 00:17:45 AEDT 2023

Thank you Alexander for responding. As Paul mentioned rightly in another 
reply, this problem is seen with IPv4 only.

But when a system with two physical interfaces is shipped, i think it is 
expected that they should come up with link-local IP by default. So we 
should find a best way to solve this problem.

On 13-10-2023 16:48, Alexander Amelkin wrote:
>
> There is waaaay too many problems that we have with “multiple 
> interfaces using link-local addresses” per se.
>
Yes actually.
>
> They are outlined in 
> https://datatracker.ietf.org/doc/html/rfc3927#section-3 but no 
> solutions are actually provided there.
>
> When, in addition to that, you connect those multiple interfaces to 
> the same physical network segment, you add another
>
> bunch of problems on top that are discussed here:
>
> https://serverfault.com/questions/415304/multiple-physical-interfaces-with-ips-on-the-same-subnet
>
We tried these settings and this did not cover all the usecases as we 
expected. ( Static & DHCP and combination of both at the 2 interfaces)
>
>
> With your proposal, as I understand it, you may be solving one part of 
> the “scoped addresses” problem here, but the rest remains.
>
> I may be missing some use-cases, but I gather link-local addresses are 
> primarily needed for discovery of newly installed OpenBMC
>
> machines before they are properly integrated into a DHCP-based or 
> statically configure network. Taking that into account, in my
>
> humble opinion, the best way would be to have link-local addressing 
> enabled for just eth0.
>
Yes, currently the problem workaround is to enable the link-local only 
on eth0.

> I also believe that in production environments the BMC shall not be 
> connected to the same network segment using multiple interfaces.
>
> If that is needed for failover, then we should think about adding the 
> bridging and bonding support instead.
>
Do you have more details on this please?
>
> WBR, Alexander Amelkin
>
> P.S. I also believe that it is VERY wrong that we still allow setting 
> per-interface gateways as BMC is not a router device and doesn’t (and 
> shouldn’t) allow for configuring policy routing or any routing whatsoever.
>
I believe this was done purposefully some years ago. @Ravi please share 
the details if you have the history.

Thanks &regards,
Sunitha
>
> *From:*openbmc <openbmc-bounces+a.amelkin=yadro.com at lists.ozlabs.org> 
> *On Behalf Of *raviteja bailapudi
> *Sent:* Wednesday, October 11, 2023 11:27 AM
> *To:* OpenBMC Maillist <openbmc at lists.ozlabs.org>; Ratan Gupta 
> <ratankgupta31 at gmail.com>; wak at google.com; Sunitha Harish 
> <sunithaharish04 at gmail.com>; johnathanx.mantey at intel.com
> *Subject:* Add network RoutingPolicyRules at OpenBMC Networkd
>
> «Внимание! Данное письмо от внешнего адресата!»
>
> Hi Team
>
> We have noticed network routing issues when the same subnet IP 
> addresses configured on both eth0 and eth1 ethernet interfaces, this 
> issue applies to all types of addresses like static, DHCP and 
> LinkLocal address configuration.
>
> Currently IPv4 LinkLocal addressing is enabled on both interfaces, so 
> both interfaces come up with the same subnet Link local IP addresses 
> (169.254.x.y), but only one link local address will be reachable due 
> to these same subnet routes on both interfaces.
>
> Here is the systemd issue 
> https://github.com/systemd/systemd/issues/28814 
> <https://github.com/systemd/systemd/issues/28814>
> I have discussed in the systemd community and explored systemd's 
> RoutingPolicyRules configuration as suggested by the systemd community 
> and it works.
>
> To solve this problem we are proposing to make changes in 
> phosphor-networkd to configure/populate systemd-networkd 
> RoutingPolicyRule for each IP address configured on each interface, 
> there is no user intervention or user interface changes needed. 
> phosphor-networkd internally takes care of updating the 
> systemd-networkd configuration as required
>
> Here is the example of additional systemd configuration required for 
> each IP address configured on the interface.
> Example:
> [Route]
> PreferredSource=169.254.202.113
> Destination=169.254.202.113/16 <http://169.254.202.113/16>
> Table=11
> [Route]
> Gateway=169.254.0.0
> Table=11
> [RoutingPolicyRule]
> Table=11
> To=169.254.202.113/16 <http://169.254.202.113/16>
> [RoutingPolicyRule]
> Table=11
> From=169.254.202.113/16 <http://169.254.202.113/16>
>
> Please share your views on the same.
>
> Regards,
>
> Raviteja
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ozlabs.org/pipermail/openbmc/attachments/20231013/af40a693/attachment.htm>