From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp10.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms5.migadu.com with LMTPS id qDDrMRU4O2M+LQAAbAwnHQ (envelope-from ) for ; Mon, 03 Oct 2022 21:29:25 +0200 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp10.migadu.com with LMTPS id cDEjMRU4O2NopgAAG6o9tA (envelope-from ) for ; Mon, 03 Oct 2022 21:29:25 +0200 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 3FA4E116FA for ; Mon, 3 Oct 2022 21:29:25 +0200 (CEST) Received: from localhost ([::1]:43194 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1ofR80-0007ob-BE for larch@yhetil.org; Mon, 03 Oct 2022 15:29:24 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:33702) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1ofR7P-0007mZ-N9 for guix-devel@gnu.org; Mon, 03 Oct 2022 15:28:49 -0400 Received: from mail.arctype.co ([138.68.9.245]:59207) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1ofR7N-0003DJ-4Z for guix-devel@gnu.org; Mon, 03 Oct 2022 15:28:47 -0400 Received: from authenticated-user (mail.arctype.co [138.68.9.245]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by mail.arctype.co (Postfix) with ESMTPSA id 29DB113B133; Mon, 3 Oct 2022 19:28:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=arctype.co; s=mail; t=1664825287; bh=Y3ghsdDUA97zLj8K1k3K15EnU5YMaWs27lyGFLFUPi8=; h=Date:From:To:Subject:In-Reply-To:References:From; b=Fdo6n0vXMxb3/UY53k1vx5J++nzERJNQVqGJ6d8R8gKZdzuSYuahwfaUw+QgIJmng RQVC7V4oKqqvjxVbQPfGOkKNn9cR4hUE8BBjG4NNwL2gjTTuI/tQDuLHUuEzKsWpZS HNXLgMqCAVvFSd6yzGg0/vo2g0tNjROPIW06QbGrOTUZe8I7pipVHZ7ibbwKxEz6bF 2NE/jjdk0DOlzdd9cavWa3W0+DZkj0iQi1TJf0gOkjBmRPjfSaYpcHPuBRexRq8n8A mrN3b+52jNleC58aXUIcsoQolHrThxdhG0NVPJEKdU/zw0/1NmiYZXWPDfshUSBvpE P6C+ckFcRo3Kw== Date: Mon, 03 Oct 2022 12:28:05 -0700 From: Ryan Sundberg To: guix-devel@gnu.org, Alexey Abramov Subject: Re: Advanced network configuration In-Reply-To: <875yh0sr5c.fsf@delta.lan> References: <875yh0sr5c.fsf@delta.lan> Message-ID: <125DBE5A-DD12-40E6-A5CB-DFF1F34D61BF@arctype.co> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary=----M8A5W77T4IRVVISF2CV3MYCE0ARX9M Content-Transfer-Encoding: 7bit Received-SPF: pass client-ip=138.68.9.245; envelope-from=ryan@arctype.co; helo=mail.arctype.co X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_FILL_THIS_FORM_SHORT=0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: "Guix-devel" X-Migadu-Flow: FLOW_IN X-Migadu-Country: US ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1664825365; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post:dkim-signature; bh=xD6W9I50DaFW3fOCRtPzGkLhVkn0DzLpasyovon/2WM=; b=LsbrNi45eHsK7iOeBV2jFFDYGLuYQXjJdBnO+srGwf86uUN8D9HE3MVyYJLwUtzH0CLYYG CHglQcPAiPVNt35IROcVgwKVUGZcbxjqZ4ew4lINQFBh/N8uZkGSIHU3IHDJ1+HMtYHYtV zskHvi52VMndR5mEKxkEJRZlTveOj4UZxyoB/jcGqCg7vJgDFKIRI1E43nAIZlyqAEc0Qf Pem45zjOIjFiWg59pE0j9Ghi8nTJTG1h4HLFl6S5o47FaltOVn7y8jcGgXMjrWFZNJLCjU U0SoIAVXaOUESDB7Z3BbcOzELo6GSVp0we4DRsr6Glv6kHszUqKKd3LwHZOvYw== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1664825365; a=rsa-sha256; cv=none; b=UReNJ4yzq6KZQNLaMy51NdpjJ6joFJByWrzujqNagAXXQAUhy80cTqIzxt/l97RqhwlpAq vpXX/fTRkhXvWO/+QrHR8M4AWSMxbiqEF64YwTbtxtR4HD3TPviPcl9BDO5HitpjNEyAFc SXX2O6vt4QaGC1yargJloGRjEGTKuvHRnsmMcyOhbDhj8hUwCZORkYJ020u8Rdwvy+4+5J sLuuVemPnbGlNfC+NgdFVe40F3DueZzmncSMy7eTzg1BrYFyyYU2rPXPA1q94eKNsUjFkb lwovElfIFdTT8PWxK/rX3SevL2P4XjQnquUPtCgJ1f8JKzqb5ttCRvnh+24lRQ== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=pass header.d=arctype.co header.s=mail header.b=Fdo6n0vX; dmarc=pass (policy=quarantine) header.from=arctype.co; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org" X-Migadu-Spam-Score: -8.66 Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=arctype.co header.s=mail header.b=Fdo6n0vX; dmarc=pass (policy=quarantine) header.from=arctype.co; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org" X-Migadu-Queue-Id: 3FA4E116FA X-Spam-Score: -8.66 X-Migadu-Scanner: scn0.migadu.com X-TUID: EwEDlDy2H2YQ ------M8A5W77T4IRVVISF2CV3MYCE0ARX9M Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hi Alexy, are you running netplan under Guix? I would find it useful to hav= e a service using a netplan config, bypassing the guile-based networking se= rvice for such advanced use cases as you mention=2E Sincerely, Ryan Sundberg Principal Software Engineer Arctype Corporation -------- Original Message -------- From: Alexey Abramov Sent: October 3, 2022 11:23:11 AM PDT To: guix-devel@gnu=2Eorg Subject: Advanced network configuration Hi Guix, I have a couple of questions regarding our current network configuration in Guix=2E With the latest changes to the static configuration, live is indeed, became easier, but I have to say that it is still insufficient to define a complete network configuration=2E Please check out the following (my) use cases: 1=2E I have servers with multiple network cards=2E Let's say, the manageme= nt one and production=2E both network cards have multiple interfaces, which I need to bond into 803=2E1ad mode=2E Management bond has a native vlan wher= e DHCP should be provided AND another vlan for the management traffic=2E The production interface (after bonding) has another set of VLANs for a different type of traffic as well=2E Currently, there is no way to define it without writing a custom service with the iproute2 utility=2E I was hacking on guile-netlink and did some progress with setting bonds=2E However current static configuration won't let me build it anyway=2E I have to not only 'link-add' and create a bond, but also amend existing interfaces by 'link-set' them as a slave to my newly created bond master for example=2E 2=2E Having a router with Guix at home=2E I have to run multiple services that provision 'networking' which is not allowed right now=2E The DHCP client service is greedy right now and binds to all available interfaces=2E I sent a [1] patch to solve this=2E However, I cannot define dhcp-client and static configuration at the same time anyway=2E These two examples lead me to the following questions: 1) To configure the network, I have been happily using netplan app (debain/ubuntu world)=2E The specification they use can be found here [2]=2E Here is an example: --8<---------------cut here---------------start------------->8--- network: bonds: bond0: interfaces: - eno0 - eno1 parameters: mode: 802=2E3ad bond2: interfaces: - enp0 - enp1 parameters: mode: 802=2E3ad ethernets: eno0: match: macaddress: xx:xx:xx:xx:xx:xx set-name: eno0 eno1: match: macaddress: xx:xx:xx:xx:xx:xx set-name: eno1 eno2: match: macaddress: xx:xx:xx:xx:xx:xx set-name: eno2 eno3: match: macaddress: xx:xx:xx:xx:xx:xx set-name: eno3 enp0: match: macaddress: xx:xx:xx:xx:xx:xx set-name: enp0 enp1: match: macaddress: xx:xx:xx:xx:xx:xx set-name: enp1 renderer: networkd version: 2 vlans: bond1=2E1055: addresses: - 10=2E0=2E0=2E1/24 routes: - to: XX=2EXX=2EXX=2EXX/21 via: 10=2Ex=2Ex=2Ex gateway4: 10=2E0=2E0=2E1 id: 1055 link: bond1 bond2=2E2055: addresses: - 10=2E8=2E0=2E1/24 id: 2055 link: bond2 bond2=2E3055: addresses: - 192=2E168=2E0=2E0/16 id: 3055 link: bond2 --8<---------------cut here---------------end--------------->8--- From=20the example above, you can see that I rename interfaces (i do know that udev can do it, but it is easier to do it here)=2E I build bonds and VLANs with their IPs=2E I also set routes and default gateway=2E Would someone be interested in that? I don't see any problems in implementing this with guile-netlink=2E This is basically my proposal on how we can improve our static network configuration=2E What do you think? 2) In Systemd world there is a notion of 'target' which is used for *grouping* units and *synchronization* points during the start-up=2E At this moment *I* need to have dhcp-client and static configuration=2E Seems like grouping is a key here=2E Were there any ideas/attempts to make it happen? Or what should I do?=20 Footnotes: [1] https://issues=2Eguix=2Egnu=2Eorg/58223 [2] https://netplan=2Eio/reference --=20 Alexey ------M8A5W77T4IRVVISF2CV3MYCE0ARX9M Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hi Alexy, are you running netplan under Guix? I wo= uld find it useful to have a service using a netplan config, bypassing the = guile-based networking service for such advanced use cases as you mention= =2E

Sincerely,

Ryan Sund= berg
Principal Software Engineer
Arctype Corporation

From: Alexey Abramov <levenson@mmer=2Eorg>
Sent: October 3, 2022 11:23:11 AM PDT
To: guix-devel@gnu=2Eorg
Subject: Advanced network configuration

Hi Guix,

I have a couple of ques=
tions regarding our current network configuration
in Guix=2E With the la=
test changes to the static configuration, live is
indeed, became easier,=
 but I have to say that it is still insufficient
to define a complete ne=
twork configuration=2E

Please check out the following (my) use cases=
:

1=2E I have servers with multiple network cards=2E Let's say, the =
management
one and production=2E both network cards have multiple interf=
aces, which I
need to bond into 803=2E1ad mode=2E Management bond has a =
native vlan where
DHCP should be provided AND another vlan for the manag=
ement traffic=2E The
production interface (after bonding) has another se=
t of VLANs for a
different type of traffic as well=2E Currently, there i=
s no way to define
it without writing a custom service with the iproute2=
 utility=2E

I was hacking on guile-netlink and did some progress wit=
h setting
bonds=2E However current static configuration won't let me bui=
ld it
anyway=2E I have to not only 'link-add' and create a bond, but als=
o amend
existing interfaces by 'link-set' them as a slave to my newly cr=
eated
bond master for example=2E

2=2E Having a router with Guix a=
t home=2E I have to run multiple services
that provision 'networking' wh=
ich is not allowed right now=2E The DHCP
client service is greedy right =
now and binds to all available
interfaces=2E I sent a [1] patch to solve=
 this=2E However, I cannot define
dhcp-client and static configuration a=
t the same time anyway=2E

These two examples lead me to the followin=
g questions:

1) To configure the network, I have been happily using =
netplan app
(debain/ubuntu world)=2E The specification they use can be f=
ound here
[2]=2E Here is an example:

--8<---------------cut he=
re---------------start------------->8---
network:
  bonds:
    =
bond0:
      interfaces:
        - eno0
        - eno1
      pa=
rameters:
        mode: 802=2E3ad
    bond2:
      interfaces:
=
        - enp0
        - enp1
      parameters:
        mode: 802=
=2E3ad
  ethernets:
    eno0:
      match:
        macaddress: =
xx:xx:xx:xx:xx:xx
      set-name: eno0
    eno1:
      match:
 =
       macaddress: xx:xx:xx:xx:xx:xx
      set-name: eno1
    eno2:      match:
        macaddress: xx:xx:xx:xx:xx:xx
      set-name: =
eno2
    eno3:
      match:
        macaddress: xx:xx:xx:xx:xx:xx<=
br>      set-name: eno3
    enp0:
      match:
        macaddress:=
 xx:xx:xx:xx:xx:xx
      set-name: enp0
    enp1:
      match:
=
        macaddress: xx:xx:xx:xx:xx:xx
      set-name: enp1
  renderer=
: networkd
  version: 2
  vlans:
    bond1=2E1055:
      addres=
ses:
        - 10=2E0=2E0=2E1/24
      routes:
        - to: XX=2E=
XX=2EXX=2EXX/21
          via: 10=2Ex=2Ex=2Ex
      gateway4: 10=2E0=
=2E0=2E1
      id: 1055
      link: bond1
    bond2=2E2055:
   =
   addresses:
        - 10=2E8=2E0=2E1/24
      id: 2055
      lin=
k: bond2
    bond2=2E3055:
      addresses:
        - 192=2E168=2E=
0=2E0/16
      id: 3055
      link: bond2
--8<---------------cu=
t here---------------end--------------->8---

From the example abo=
ve, you can see that I rename interfaces (i do know
that udev can do it,=
 but it is easier to do it here)=2E I build bonds and
VLANs with their I=
Ps=2E I also set routes and default gateway=2E Would
someone be interest=
ed in that? I don't see any problems in implementing
this with guile-net=
link=2E This is basically my proposal on how we can
improve our static n=
etwork configuration=2E What do you think?

2) In Systemd world there=
 is a notion of 'target' which is used for
*grouping* units and *synchro=
nization* points during the start-up=2E

At this moment *I* need to h=
ave dhcp-client and static
configuration=2E Seems like grouping is a key=
 here=2E Were there any
ideas/attempts to make it happen? Or what should=
 I do? 

Footnotes:
[1]  https://issues=2Eguix=2Egnu=2Eorg/58223

[2]  https://netplan=2Eio/reference
<=
br>
-- 
Alexey
------M8A5W77T4IRVVISF2CV3MYCE0ARX9M--