The wikis are now using the new authentication system.
If you did not migrate your account yet, visit https://idp-portal-info.suse.com/

Network Management With Systemd

Jump to: navigation, search

Introduction

Systemd tools for networkd and resolved are used to configure network services.

Equipment

FRITZ!Box 7360

This router provides a DHCP and a DNS server: Handbuch FRITZ!Box 7360 (pdf)

Desktop Computer

3400G:~ # inxi -SMCDG
System:    Host: 3400G Kernel: 5.9.8-3.gea93937-default x86_64 bits: 64 Console: tty 1 Distro: openSUSE Tumbleweed 20201111 
Machine:   Type: Desktop Mobo: Gigabyte model: B450 AORUS ELITE v: x.x serial: N/A UEFI: American Megatrends v: F51 
           date: 12/18/2019 
CPU:       Topology: Quad Core model: AMD Ryzen 5 3400G with Radeon Vega Graphics bits: 64 type: MT MCP L2 cache: 2048 KiB 
           Speed: 1248 MHz min/max: 1400/3700 MHz Core speeds (MHz): 1: 1254 2: 1261 3: 1259 4: 1266 5: 1260 6: 1260 7: 1551 
           8: 1337 
Graphics:  Device-1: Advanced Micro Devices [AMD/ATI] Picasso driver: amdgpu v: kernel 
           Display: server: X.Org 1.20.9 driver: amdgpu unloaded: fbdev,modesetting,vesa resolution: 1920x1200~60Hz 
           OpenGL: renderer: AMD RAVEN (DRM 3.39.0 5.9.8-3.gea93937-default LLVM 11.0.0) v: 4.6 Mesa 20.2.1 
Drives:    Local Storage: total: 2.50 TiB used: 319.45 GiB (12.5%) 
           ID-1: /dev/sda vendor: Samsung model: SSD 850 EVO 250GB size: 232.89 GiB 
           ID-2: /dev/sdb vendor: Samsung model: SSD 850 EVO 500GB size: 465.76 GiB 
           ID-3: /dev/sdc vendor: Seagate model: ST2000DM001-1CH164 size: 1.82 TiB 
3400G:~ # 



Installation

Check Version installed:

3400G:~ # zypper se -is systemd-network 
Loading repository data...
Reading installed packages...

S | Name            | Type    | Version   | Arch   | Repository
--+-----------------+---------+-----------+--------+-----------------------
i | systemd-network | package | 246.6-2.1 | x86_64 | Haupt-Repository (OSS)
3400G:~ # 

Disable Network Services

3400G:~ # systemctl disable --now wicked NetworkManager
3400G:~ #

Disable Changes To DNS Through Netconfig

Yast2 sysconfig may be used. Verify:

3400G:~ # grep NETCONFIG_DNS_POLICY /etc/sysconfig/network/config 
NETCONFIG_DNS_POLICY=""
3400G:~ #

Configure Links

File names must end in '.network':

3400G:~ # ll /etc/systemd/network
total 8
-rw-r--r-- 1 root root 36 Nov  6 09:15 ether.network
-rw-r--r-- 1 root root 36 Nov  6 06:57 wlan.network
3400G:~ # 

Ethernet

3400G:~ # cat /etc/systemd/network/ether.network 
[Match]
Name=e*

[Network]
DHCP=yes
3400G:~ # 

Wlan

3400G:~ # cat /etc/systemd/network/wlan.network 
[Match]
Name=w*

[Network]
DHCP=yes
3400G:~ # 

Enable Network Service

3400G:~ # systemctl enable --now systemd-networkd 
3400G:~ # 

Query the status of network links

3400G:~ # networkctl 
IDX LINK   TYPE     OPERATIONAL SETUP      
  1 lo     loopback carrier     unmanaged  
  2 eno1   ether    no-carrier  configuring
  3 wlp7s0 wlan     routable    configured 

3 links listed.
3400G:~ # 

Enable Network Name Resolution

Resolve domain names, IPV4 and IPv6 addresses, DNS resource records, and services; introspect and reconfigure the DNS resolver

Check current setting of /etc/resolve.conf:

erlangen:~ # ll /etc/resolv.conf
lrwxrwxrwx 1 root root 30 Nov 27 07:54 /etc/resolv.conf -> /var/run/netconfig/resolv.conf
erlangen:~ # 

Save path and contents of target file (handy in case of undoing the changes).

Make sure /etc/resolve.conf is managed by resolved:

3400G:~ # ln -sf /run/systemd/resolve/resolv.conf /etc/
3400G:~ # systemctl enable --now systemd-resolved
3400G:~ # 

Query The Status Of Resolver

3400G:~ # resolvectl
Global
       LLMNR setting: yes                 
MulticastDNS setting: yes                 
  DNSOverTLS setting: no                  
      DNSSEC setting: allow-downgrade     
    DNSSEC supported: yes                 
Fallback DNS Servers: 1.1.1.1             
                      8.8.8.8             
                      1.0.0.1             
                      8.8.4.4             
                      2606:4700:4700::1111
                      2001:4860:4860::8888
                      2606:4700:4700::1001
                      2001:4860:4860::8844

Link 2 (eno1)
      Current Scopes: none           
DefaultRoute setting: no             
       LLMNR setting: yes            
MulticastDNS setting: no             
  DNSOverTLS setting: no             
      DNSSEC setting: allow-downgrade
    DNSSEC supported: yes            

Link 3 (wlp7s0)
      Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6
DefaultRoute setting: yes                      
       LLMNR setting: yes                      
MulticastDNS setting: no                       
  DNSOverTLS setting: no                       
      DNSSEC setting: allow-downgrade          
    DNSSEC supported: yes                      
  Current DNS Server: 192.168.178.1            
         DNS Servers: 192.168.178.1            
                      xxxx:xxxx:xxxx:xxxx:xxxx:xxxx .... 
3400G:~ #

Wpa Supplicant

Wi-Fi Protected Access client and IEEE 802.1X supplicant

The current vendor version uses dbus and suffers from ordering problems. Thus the following system version has been devised and tested:

3400G:~ # systemctl cat wpa_supplicant@.service 
# /etc/systemd/system/wpa_supplicant@.service
[Unit]
Description=WPA Supplicant daemon (interface %i)
Requires=sys-subsystem-net-devices-%i.device
After=sys-subsystem-net-devices-%i.device

[Service]
Type=simple
ExecStart=/usr/sbin/wpa_supplicant -i%i -c /etc/wpa_supplicant/wpa_supplicant.conf -u -t -f /var/log/wpa_supplicant.log

[Install]
WantedBy=multi-user.target
3400G:~ #

Enable the service:

3400G:~ # systemctl enable --now wpa_supplicant@wlp7s0.service
Created symlink /etc/systemd/system/multi-user.target.wants/wpa_supplicant@wlp7s0.service → /etc/systemd/system/wpa_supplicant@.service.
3400G:~ # systemctl status wpa_supplicant@wlp7s0.service
● wpa_supplicant@wlp7s0.service - WPA Supplicant daemon (interface wlp7s0)
     Loaded: loaded (/etc/systemd/system/wpa_supplicant@.service; enabled; vendor preset: disabled)
     Active: active (running) since Sun 2020-11-15 05:46:26 CET; 26s ago
   Main PID: 12459 (wpa_supplicant)
      Tasks: 1 (limit: 4915)
     CGroup: /system.slice/system-wpa_supplicant.slice/wpa_supplicant@wlp7s0.service
             └─12459 /usr/sbin/wpa_supplicant -iwlp7s0 -c /etc/wpa_supplicant/wpa_supplicant.conf -u -t -f /var/log/wpa_supplicant.log

Nov 15 05:46:26 3400G systemd[1]: Started WPA Supplicant daemon (interface wlp7s0).
3400G:~ # 


Troubleshooting

FRITZ!Box

Resetting both the DHCP and the DNS server helps in clearing leases and cached information

Networkd/Resolved

Enable debugging by uncommenting:

3400G:~ # cat /etc/systemd/system/systemd-networkd.service.d/override.conf
[Service]
#Environment=SYSTEMD_LOG_LEVEL=debug
3400G:~ # 

Undoing Changes

See: I think I broke my internet