Difference between pages "Funtoo Linux Installation on ARM" and "Funtoo Linux Networking"

From Funtoo
(Difference between pages)
Jump to: navigation, search
(Enabling serial console access (optional))
 
(Tweaking Dhcpcd)
 
Line 1: Line 1:
Funtoo now provides [http://ftp.osuosl.org/pub/funtoo/funtoo-current/arm-32bit/ stage3 images] for arm platform. At this time are only armv6j_hardfp and armv7a_hardfp stages available. If you would like us to support other processors (see the list below), please fill a bug report on [http://bugs.funtoo.org].
+
<blockquote>This document explains how to configure your network settings by explaining the network configuration functionality available in Funtoo Linux. Also covered is <tt>dhcpcd 5.x</tt>, Wi-Fi (IEEE 802.11) configuration, and the OpenResolv framework.
 +
</blockquote>
  
 +
== Introduction ==
  
== List of ARM processor "flavors" ==
+
Funtoo Linux has its own core network configuration system that differs somewhat from upstream network configuration systems used in [http://www.gentoo.org Gentoo Linux] and [http://roy.marples.name/projects/openrc OpenRC].
* armv4l-unknown-linux-gnu (Rebel NetWinder, HP Armada and other devices having an ARMv4 processor, which is only capable of running the old ABI. Nevertheless it should work on newer CPUs)
+
* armv4tl-softfloat-linux-gnueabi (OpenMoko FreeRunner and other devices using an ARMv4T processor. Uses the new ARM EABI and software floating point by default)
+
* armv5tel-softfloat-linux-gnueabi (almost all ARM NAS, devices based on the Marvell Orion and Marvell Kirkwood, Marvell Sheevaplug, Marvell OpenRD, Guruplug, Dreamplug, QNAP TS109/TS209/TS409/TS119/TS219/TS419, Buffalo Linkstation/Kurobox PRO, HP mv2120, HP iPAQ, Linksys NSLU2 and other devices using an ARMv5TE processor. Uses the new ARM EABI and software floating point by default)
+
* armv6j-unknown-linux-gnueabi ([[Raspberry Pi]], Nokia N800/N810, Smart Q7, OMAP2-based devices and other multimedia devices using an ARMv6 CPU and VFP. Uses the new ARM EABI and hardware floating point by default)
+
* armv7a-unknown-linux-gnueabi (OMAP3-based devices(Beagleboard, IGEPv2, Devkit8000, AlwaysInnovating Touchbook, [[Nokia N900]]), OMAP4-based devices([[Pandaboard]]), Freescale i.MX515-based devices([[Efika MX]], Babbage Board, Lange Board…) Marvell Dove/Armada, Nvidia Tegra2-based devices(Toshiba AC100, Toshiba Folio), ST-Ericsson NOVA A9500-based devices(Snowball), Exynos 4412 ([[Odroid-X]], Odroid-Q, [[ODROID U2]]) and other devices using an ARMv7-A processor. Uses the new ARM EABI and generic(not NEON) hardware floating point by default
+
* armv7a-hardfloat-linux-gnueabi (The same as armv7a-unknown-linux-gnueabi, but this one uses hardfloat instead of softfp. Read more about it here: http://wiki.debian.org/ArmHardFloatPort)
+
  
== Default installation of Funtoo on your platform/board ==
+
In this document, I will explain the unique additions and changes to the Funtoo network configuration and show you how to use this system to configure your network.
This document is not a complete installation tutorial. Basic information about Funtoo Linux installation can be found on [[Funtoo Linux Installation]]. The goal of this document is to provide general information about installing Funtoo Linux on an ARM device, and highlight differences with a x86 installation.
+
  
The following notes are non-board specific. Other instructions can be found in the specific articles for the above mentioned devices.
+
I'll also explain how to use <tt>dhcpcd 5.x</tt> for managing network interfaces on DHCP-based networks, and will also cover OpenRC stacked runlevel configuration, ''Wi-Fi'' (IEEE 802.11) configuration, and the OpenResolv framework, which is enabled in Funtoo Linux by default.
  
=== Overview ===
+
== A Gentle Introduction to Funtoo Network Configuration ==
Most of the ARM boards come with a SD card slot, so you will need an empty SD card (4GB is enough to get you started), in most cases the boards are also equipped with debug port which can be used with USB-to-serial cables, if you have one, you can use it to login to the machine without the need of connecting keyboards or displays. You will need a network connection to be able to download stages, kernel and update your portage tree.
+
  
=== Kernel and bootloader setup ===
+
Before I get into the technical details of configuring your network, it's important to understand that Funtoo Linux has a number of different options available to you for network configuration, with more likely to be added in the future. Each approach is different and has its own strengths and weaknesses, and this is, in my opinion, a good thing.
Before you start you will need a kernel and a bootloader for your device. Some of the devices look for bootloader (in most cases U-Boot) on the SD along with the kernel.
+
  
More information about the kernel and bootloader can be found on pages specific for your device.
+
=== The Easy (Dynamic) Way ===
  
=== Installing Funtoo (overview) ===
+
When configuring your network, one option is to skip traditional network configuration and simply rely on DHCP. This is by far the simplest method of configuring your network. If you are on a wired network, no other steps are typically required beyond enabling a DHCP client, and Funtoo Linux includes <tt>dhcpcd 5.x</tt> by default.
  
The installation on these devices differs from the normal installation procedure of booting an installation environment and chrooting from there to your new root, and can be little bit easier, but in some cases tricky.
+
==== Network Manager, Wicd ====
  
Overview of the installation:
+
If you are going to use a third party package such as [[Network Manager]] or [[Wicd]] to manage your network then you do not need to configure DHCP at all. These packages configure DHCP for you. Simply emerge the package you want to use and start using it.
* Extract stage3 to the 2nd partition of the SD card
+
* Extract portage snapshot
+
* Setup fstab
+
* Setup root password
+
* Configure hostname and networking (optional, but recommended)
+
* Enable SSH access (optional, but recommended)
+
* Enable serial console access (optional, but recommended)
+
* Correct RTC "bug" with swclock
+
  
==== Installing the Stage 3 tarball ====
+
==== DHCP-Only Systems ====
  
ARM stage3 tarballs can be found on [http://ftp.osuosl.org/pub/funtoo/funtoo-current/arm-32bit/]. Use the subarchitecture that suits best your device.
+
If you are not planning to use a third-party package to manage your network interfaces, it is still extremely easy to set up DHCP networking, especially if you always use DHCP to connect to networks, which is common for desktops or laptops. In this scenario, we can simply enable <tt>dhcpcd</tt> to run at system startup. It will run in the background and automatically look for DHCP servers on all your network interfaces, and will attempt to lease an IP address from any DHCP servers found.  
  
Mount the partition that will hold your rootfs of the SD card and extract the stage3 you have downloaded.
+
If this sounds like what you want to do, then add <tt>dhcpcd</tt> to your default runlevel as follows:
  
<console>
+
<console># ##i##rc-update add dhcpcd default</console>
# ##i##mkdir /mnt/SD_root
+
# ##i##mount /dev/sdcard-device-px /mnt/SD_root
+
</console>
+
  
Extract the stage3 (it may take a while).
+
To enable DHCP immediately, you would follow the previous command with an <tt>rc</tt> command, which would start the <tt>dhcpcd</tt> client you just added:
<console>
+
# ##i##tar xapf stage3-armv7a_hardfp-xxxx.tar.xz -C /mnt/SD_root
+
</console>
+
  
==== Extracting a portage snapshot ====
+
<console># ##i##rc</console>
  
Now, download the portage snapshot from [http://ftp.osuosl.org/pub/funtoo/funtoo-current/snapshots/], and extract it to your partition.
+
If you're on a wired network and have the necessary drivers in your kernel, then this should get you going. For wireless networks, more steps are required to utilize your wireless hardware to associate with an access point, which will be covered later in this document.  
  
<console>
+
===== Tweaking Dhcpcd =====
# ##i##tar xapf portage-latest.tar.xz -C /mnt/SD_root/usr
+
</console>
+
  
==== Setup fstab ====
+
For now, it's important to note that <tt>dhcpcd 5.x</tt> will manage ''all'' available network interfaces by default. If you want to run a DHCP client on ''all but one'' interface, or some other subset of interfaces, you can add the appropriate <tt>denyinterfaces</tt> or <tt>allowinterfaces</tt> [[glob pattern]] to <tt>/etc/dhcpcd.conf</tt>:
Edit the <tt>/mnt/SD_root/etc/fstab</tt> file to look like this:
+
  
 
{{File
 
{{File
|/mnt/SD_root/etc/fstab|<pre>
+
|/etc/dhcpcd.conf|<pre>
/dev/mmcblk0p1 /boot vfat noauto,noatime 1 2
+
# manage all interfaces but eth0 with dhcpcd
/dev/mmcblk0p2 / ext4 noatime 0 1
+
denyinterfaces eth0
 
</pre>}}
 
</pre>}}
  
Adjust the partition devices and types to suit your needs.
+
This can also be accomplished by modifying <tt>/etc/init.d/dhcpcd</tt> directly and adding <tt>-Z ''ifglob''</tt> or <tt>-z ''ifglob''</tt> (the equivalent command-line parameters) to <tt>command_args</tt>.
  
==== Setting the default root password ====
+
==== Using Funtoo Scripts for DHCP ====
  
{{fancywarning|Don't skip this step. This part differs from the standard installation procedure, as the root password must be set outside of a chroot environment. Skipping this step will result in an impossibility to login.}}
+
You can also use the Funtoo Linux networking scripts to start a DHCP client just on a specific interface. This approach is best if you are planning to also do some advanced bridging, bonding or VLAN configuration on your machine along with DHCP, since you will be using the Funtoo Linux networking scripts for that too.  
  
Normally, for setting the password, one has to be able to run passwd. However that's not possible in this case since an x86 system can't run ARM binaries. Therefore, it is needed to modify the file that contains the passwords (<tt>/etc/shadow</tt>) to set a default root password.
+
To use this variant approach, ''don't'' enable <tt>/etc/init.d/dhcpcd</tt> directly. Instead, use the Funtoo Linux <tt>dhcpcd</tt> template which will start dhcpcd on only one interface. Below, you will see the steps to do this. This is very similar to how we set up advanced network interfaces, which will be covered later in this documentation:
  
===== Clearing the root password =====
 
This will allow to login with a blank password for the root user.
 
 
<console>
 
<console>
# ##i##nano -w /mnt/SD_root/etc/shadow
+
# ##i##cd /etc/init.d
 +
# ##i##ln -s netif.tmpl netif.eth0
 +
# ##i##rc-update add netif.eth0 default
 +
# ##i##echo template=dhcpcd > /etc/conf.d/netif.eth0
 +
# ##i##rc
 
</console>
 
</console>
  
Modify the line beginning by "root" to match the following:
+
The last command, <tt>rc</tt>, causes <tt>netif.eth0</tt> to be started.
  
{{File
+
=== Server Network Configuration ===
|/mnt/SD_root/etc/shadow|<pre>
+
 
root::10770:0:::::
+
For servers and advanced networking scenarios, Funtoo Linux offers its own modular, template-based network configuration system. This system offers a lot of flexibility for configuring network interfaces, essentially serving as a &quot;network interface construction kit.&quot; This system can be used by itself, or even combined with <tt>dhcpcd</tt>, as shown in the previous section.
 +
 
 +
Here are the key components of the template-based network configuration system:
 +
 
 +
;<tt>/etc/init.d/netif.lo</tt>: An init script that configures the localhost interface. This script is always enabled and is part of the boot process.
 +
;<tt>/etc/netif.d</tt>: This is a directory that contains various network configuration templates. Each of these templates is focused on configuring a particular type of network interface, such as a general static IP-based interface, a bridge interface, a bond interface, etc.
 +
;<tt>/etc/init.d/netif.tmpl</tt>: This is the master init script for the template-based network configuration system. New interfaces are added to your system by creating '''symbolic links''' to this file in <tt>/etc/init.d</tt>.
 +
 
 +
So, if you wanted to use this system to configure <tt>eth0</tt> with a static IP address, you would create a <tt>netif.eth0</tt> symlink to <tt>netif.tmpl</tt> as follows:
 +
 
 +
<console># ##i##cd /etc/init.d
 +
# ##i##ln -s netif.tmpl netif.eth0</console>
 +
Then, you would create an <tt>/etc/conf.d/netif.eth0</tt> configuration file that would specify which template to use from the <tt>/etc/netif.d</tt> directory:
 +
 
 +
<pre>template=&quot;interface&quot;
 +
ipaddr=&quot;10.0.1.200/24&quot;
 +
gateway=&quot;10.0.1.1&quot;
 +
nameservers=&quot;10.0.1.1 10.0.1.2&quot;
 +
domain=&quot;funtoo.org&quot;</pre>
 +
 
 +
To complete our static IP network configuration we would need to:
 +
 
 +
<console># ##i##rc-update add netif.eth0 default</console>
 +
When configuring your own static network interface, one of <tt>ipaddr</tt> or <tt>ipaddrs</tt> is required and should specify the IP address(es) to configure for this interface, in &quot;a.b.c.d/netmask&quot; format. Optional parameters include <tt>gateway</tt>, which defines a default gateway for your entire network, and if set should specify the gateway's IP address. In addition, <tt>domain</tt> and <tt>nameservers</tt> (space-separated if more than one) can be used to specify DNS information for this interface.
 +
 
 +
=== Configuration Variables ===
 +
 
 +
==== Interface Variables ====
 +
 
 +
The <tt>ipaddr</tt> and <tt>ipaddrs</tt> variables are supported by the <tt>interface</tt> and <tt>bridge</tt> templates, and are used to specify a single or multiple  IPv4 or IPv6 address(es) for the interface. IP addresses should be specified in 'IP/netmask' format, such as <tt>10.0.0.1/24</tt>. Multiple IP addresses can be specified delimited by whitespace:
 +
 
 +
<pre>ipaddrs=&quot;10.0.0.1/24 10.0.0.2/24&quot;</pre>
 +
 
 +
===== Broadcast Address =====
 +
 
 +
By default, a broadcast address will be calculated based on the IP address and network mask. If you need to manually specify a broadcast address, use the following format for your IP address:
 +
 
 +
<pre>
 +
ipaddrs="10.0.0.1/24;broadcast=10.0.1.255 10.0.0.2/24"
 
</pre>
 
</pre>
  
{{fancywarning|After initial login, remember to change the root password using the passwd command.}}
+
===== Not Specifying An Address =====
  
===== Choosing a root password (alternative) =====
+
Note that in some cases, you may choose to '''not''' specify <tt>ipaddr</tt> or <tt>ipaddrs</tt> for a <tt>bridge</tt> template. That is allowed. If you don't want to specify an IP address for a regular interface, you can choose to use the <tt>interface</tt> template without an IP address specified in the config, or use the <tt>interface-noip</tt> template instead, for the sake of clarity.
 +
 
 +
===== Viewing All Configured IP Addresses =====
 +
 
 +
Also note that if you specify multiple IPv4 addresses, <tt>ifconfig</tt> will only show the first IP address. To view all IP addresses associated with the interface, use the <tt>ip addr show</tt> command.
 +
 
 +
=== General Variables ===
 +
 
 +
The following variables are enabled by default for all network scripts, and if specified will trigger a corresponding configuration action:
 +
 
 +
;<tt>nameservers</tt>: Set DNS nameservers using OpenResolv. Specify multiple IPv4 or IPv6 nameservers like this: &quot;1.2.3.4 1.2.3.5 1.2.3.6&quot;. Please note that OpenResolv treats <tt>127.0.0.1</tt> specially, and it indicates that you are running a local name resolver like <tt>dnsmasq</tt> or <tt>bind</tt>. OpenResolv will ignore all other name servers specified alongside <tt>127.0.0.1</tt>. See <tt>man resolvconf</tt> and <tt>man resolvconf.conf</tt> for additional setup information.
 +
;<tt>search</tt>: Set DNS search information using OpenResolv.
 +
;<tt>domain</tt>: Set DNS domain using OpenResolv.
 +
;<tt>gateway</tt>: Define a default IPv4 gateway on this interface.
 +
;<tt>gateway6</tt>: Define a default IPv6 gateway on this interface.
 +
;<tt>route</tt>: Specify a semi-colon delimited list of IPv4 routes to apply when this interface is brought up. Will be appended to <tt>ip -4 route add</tt>.
 +
;<tt>route6</tt>: Specify a semi-colon delimited list of IPv6 routes to apply when this interface is brought up. Will be appended to <tt>ip -6 route add</tt>.
 +
;<tt>mtu</tt>: Set Maximum Transmit Unit for the interface
 +
 
 +
 
 +
 
 +
==== VLAN Variables ====
 +
 
 +
VLAN support is enabled by default for all network configuration scripts. If a network script has a name in the format <tt>netif.ethX.Y</tt>, then it is assumed to be a VLAN interface referencing trunk <tt>ethX</tt> and VLAN ID <tt>Y</tt>. If you desire a custom name for your VLAN interface, you can name your interface whatever you'd like and specify the following variables in your interface config:
 +
 
 +
;<tt>trunk</tt>: VLAN trunk interface, e.g. &quot;eth0&quot;
 +
;<tt>vlan</tt>: VLAN id, e.g. &quot;32&quot;
 +
 
 +
==== Bridge / Tap Variables ====
 +
 
 +
The following variables for configuring a functional bridge interface with optional tap interfaces:
 +
 
 +
;<tt>slaves</tt>: Set slave interfaces of this interface (for bridges, etc.) All slaves will automatically be depended upon, and will also automatically have their <tt>mtu</tt> set to that of the current interface, if an <tt>mtu</tt> is specified for the current interface. This setting is required for the <tt>bond</tt> template and optional for the <tt>bridge</tt> template.
 +
;<tt>stp</tt>: Enables Spanning Tree Protocol on a bridge interface like this &quot;stp=on&quot;
 +
;<tt>forwarding</tt>: Enables forwarding on a bridge interface by calling sysctl; as this interface does not exist when sysctl is called by init, we do it here. If this is disabled, your bridge will not forward traffic back out onto the network. useage: &quot;forwarding=1&quot;
 +
;<tt>mac_addr</tt>: Sets a MAC address on a tap interface. This is usefull for avoiding layer2 address collisions when using large numbers of TUN interfaces (KVM, openVPN, ect)
 +
 
 +
=== OpenResolv and resolv.conf ===
 +
 
 +
OpenResolv will be used to set DNS information provided by the <tt>nameservers</tt>, <tt>domain</tt> and <tt>search</tt> variables when an interface is brought up. The OpenResolv framework will add entries to <tt>/etc/resolv.conf</tt>, and will also handle removing these entries when the interface is brought down. This way, <tt>/etc/resolv.conf</tt> should always contain current information and should not need to be manually edited by the system administrator. <tt>dhcpcd</tt> will use OpenResolv for updating system DNS information as well.
 +
 
 +
=== Network-Dependent Services ===
 +
 
 +
One important difference between Gentoo Linux and Funtoo Linux is that, in Funtoo Linux, network-dependent services only strictly depend on <tt>netif.lo</tt>. This means that if another network service requires an interface to be up, such as <tt>samba</tt> requiring <tt>eth0</tt>, then the system administrator must specify this relationship by adding the following line to <tt>/etc/conf.d/samba</tt>:
 +
 
 +
<pre>rc_need=&quot;netif.eth0&quot;</pre>
 +
This will have the effect of ensuring that <tt>netif.eth0</tt> is started prior to <tt>samba</tt> and that <tt>samba</tt> is stopped prior to stopping <tt>netif.eth0</tt>.
 +
 
 +
Many network services, especially those that listen on all network intefaces, don't need an <tt>rc_need</tt> line in order to function properly. Avoiding the use of <tt>rc_need</tt> when required will optimize boot times and allow more network services to remain available when network interfaces are brought up and down by the system administrator.
 +
 
 +
 
 +
=== Multiple Network Configurations ===
 +
 
 +
For information on how to have multiple, independent network configurations, please see [[Stacked Runlevels]].
 +
 
 +
=== Alternate Configs ===
 +
If you need to run the same service with different configuration parameters depending upon runlevel, then you'll be happy to know that you can specify runlevel-specific conf.d files by appending a <tt>.
 +
&lt;runlevel&gt;</tt> suffix. In this particular example, we could imagine a situation where we had two child runlevels named <tt>home</tt> and <tt>work</tt>:
 +
 
 +
<pre>/etc/conf.d/netif.eth0.home
 +
/etc/conf.d/netif.eth0.work</pre>Note that this feature works for all init scripts, not just network configuration scripts.
 +
 
 +
=== Interface Renaming ===
 +
 
 +
Funtoo network scripts now support interface renaming, so you can create an interface called <tt>lan</tt> if you would like. To do this, simply specify the MAC address of the interface you would like to rename using the <tt>macaddr</tt> variable:
 +
<pre>macaddr=&quot;00:15:17:19:b6:a3&quot;</pre>If this MAC address is part of the <tt>netif.lan</tt> configuration file, then when this interface starts, whatever interface currently has the MAC address of 00:15:17:19:b6:a3 (i.e. <tt>eth5</tt>) will be renamed to <tt>lan</tt> prior to the interface being brought up, and will show up in <tt>ifconfig</tt> and <tt>ip</tt> commands as being an interface named <tt>lan</tt>.
 +
 
 +
=== Basic VLAN Configuration ===
 +
 
 +
The standard <tt>interface</tt> template supports VLANs. To use VLAN support, first ensure that your kernel was compiled with VLAN support (the module name is <tt>8021q</tt>) :
  
First, generate a password. The output of this command will be used to modify the shadow file.
 
 
<console>
 
<console>
# ##i##openssl passwd -1
+
# ##i##grep CONFIG_VLAN /usr/src/linux/.config
or
+
CONFIG_VLAN_8021Q=m
# ##i##python -c "import crypt, getpass, pwd; print crypt.crypt('password', '\$6\$SALTsalt\$')"
+
CONFIG_VLAN_8021Q_GVRP=y
 
</console>
 
</console>
  
Then, edit the shadow file and use the output of the last command to replace "YOUR_PASSWORD_MD5".
+
Then, configure the trunk interface using the <tt>interface-noip</tt> template. Assuming <tt>eth1</tt> is trunked, you would create the file <tt>/etc/conf.d/netif.eth1</tt> with the following contents:
 +
 
 +
<pre>template=&quot;interface-noip&quot;</pre>
 +
 
 +
Then, create a network interface symlink for the trunk and add it to your default runlevel:
  
 
<console>
 
<console>
# ##i##nano -w /mnt/SD_root/etc/shadow
+
# ##i##cd /etc/init.d
 +
# ##i##ln -s netif.tmpl netif.eth1
 +
# ##i##rc-update add netif.eth1 default
 
</console>
 
</console>
  
{{File
+
Now, assuming you wanted to configure a VLAN of 32, you would create a config file named <tt>/etc/conf.d/netif.eth1.32</tt> that looks something like this:
|/mnt/SD_root/etc/shadow|<pre>
+
 
root:YOUR_PASSWORD_MD5:14698:0:::::
+
<pre>
</pre>}}
+
template=&quot;interface&quot;
 +
ipaddr=&quot;1.2.3.4/24&quot;
 +
gateway=&quot;1.2.3.1&quot;# etc...
 +
</pre>
 +
 
 +
Then, create a VLAN network interface symlink and add it to your default runlevel:
 +
 
 +
<console>
 +
# ##i##cd /etc/init.d
 +
# ##i##ln -s netif.tmpl netif.eth1.32
 +
# ##i##rc-update add netif.eth1.32 default
 +
</console>
 +
 
 +
The Funtoo network configuration scripts will automatically recognize the filename <tt>netif.eth1.32</tt> as being VLAN 32 of trunk interface <tt>netif.eth1</tt>.
 +
 
 +
When the VLAN interface is brought up, it will be named <tt>eth1.32</tt>.
 +
 
 +
=== Custom VLAN Names ===
 +
 
 +
However, sometimes you may want to turn off automatic file-based VLAN naming and give your VLAN interface a custom name, such as <tt>mgmt</tt>. To do this, you would set up the trunk interface in the exact same way as described above, but instead of creating a <tt>netif.eth1.32</tt> interface, you would create a <tt>netif.mgmt</tt> interface, and specify <tt>vlan</tt> and <tt>trunk</tt> in the <tt>/etc/conf.d/netif.mgmt</tt> config file, as follows:
 +
 
 +
<pre>template=&quot;interface&quot;
 +
vlan=&quot;32&quot;
 +
trunk=&quot;eth1&quot;
 +
ipaddr=&quot;1.2.3.4/24&quot;
 +
gateway=&quot;1.2.3.1&quot;
 +
# etc...</pre>
 +
When you specify <tt>trunk</tt> and <tt>vlan</tt> in the interface config file, filename-based auto-detecting of VLAN ID and trunk is disabled. Both <tt>trunk</tt> and <tt>vlan</tt> must be specified -- you can't specify just one.
  
==== Setup hostname and networking ====
+
Then you would simply create a VLAN network interface symlink for <tt>netif.mgmt</tt>:
  
Please read the [[Funtoo Linux Networking]] to configure your network.
+
<console># ##i##cd /etc/init.d
 +
# ##i##ln -s netif.tmpl netif.mgmt
 +
# ##i##rc-update add netif.mgmt default</console>
 +
When the VLAN interface is brought up, it will be named <tt>mgmt</tt>.
  
 +
=== Bonding Configuration ===
  
==== Using swclock ====
+
Bonding allows you to aggregate multiple network interfaces into a single logical network interface, allowing for benefits in throughput as well as resiliency in the case that an individual interface may go down. This example shows how you would create a bonding interface (<tt>mybond</tt>) with a simple static ip setup, containing two slave devices (<tt>eth0</tt> and <tt>eth1</tt>).
One of the problems some of the devices have, is that they don't have a battery to save the clock time. To mitigate this, on Funtoo we have an option in our init system called swclock which sets the date of the system upon boot from a last modified date of a file.
+
  
 +
First, ensure that your kernel is configured to support bonding (the module name is <tt>bonding</tt>) :
  
First, add swclock to the boot runlevel.
 
 
<console>
 
<console>
# ##i##ln -sf /etc/init.d/swclock /mnt/SD_root/etc/runlevels/boot
+
$ ##i##grep CONFIG_BONDING /usr/src/linux/.config
 +
CONFIG_BONDING=m
 
</console>
 
</console>
  
Then, remove hwclock from the startup because it sets the date from the RTC, which is 2000-01-01 upon startup and overrides swclock's date.
+
You'l want to ensure that CONFIG_BONDING is set to "m" or "y". You can find this kernel configuration option tucked under "Device Drivers" -> "Network Device Support" -> "Bonding driver support".
 +
Be sure that ifenslave is emerged:
 +
 
 
<console>
 
<console>
# ##i##rm /mnt/SD_root/etc/runlevels/boot/hwclock
+
emerge ifenslave
 
</console>
 
</console>
 +
Once bonding is enabled in the kernel, you will need to choose at least two devices to bond together. These will be set up as "slave" interfaces with no IP address.
  
swclock uses the <tt>/lib/rc/cache/shutdowntime</tt> modification time to set the date, therefore we update it to have the current date and time.
 
 
<console>
 
<console>
# ##i##touch /mnt/SD_root/lib/rc/cache/shutdowntime
+
# ##i##cd /etc/init.d/
 +
# ##i##ln -s netif.tmpl netif.eth0
 +
# ##i##ln -s netif.tmpl netif.eth1
 
</console>
 
</console>
  
Although this doesn't fix the issue, at least helps to set a sane date and time.
+
Then, configure the slave interfaces by creating <tt>/etc/conf.d/netif.eth0</tt> and <tt>/etc/conf.d/netif.eth1</tt> with the following contents:
Note: Consider using NTP, documented on the next chapter
+
  
 +
<pre>
 +
template="interface-noip"
 +
</pre>
  
==== Enabling SSH access (optional) ====
+
Now, we will create the bond interface and make <tt>netif.eth0</tt> and <tt>netif.eth1</tt> slaves of this interface. Note that our bond interface can have any name. To demonstrate this, we will give it the name of "mybond" below:
Adding sshd to the default runlevel will enable access to the device using ssh (if network has been configured).
+
  
 
<console>
 
<console>
# ##i##ln -sf /etc/init.d/sshd /mnt/SD_root/etc/runlevels/default
+
# ##i##ln -s netif.tmpl netif.mybond
 +
# ##i##rc-update add netif.mybond default
 
</console>
 
</console>
  
If no network has been configured yet, it might be a good idea to add dhcpcd in the default runlevel as well.
+
Now we can configure "mybond" using its configuration file <tt>/etc/conf.d/netif.mybond</tt>, just as we would a regular interface, except that we specify <tt>slaves</tt>:
 +
 
 +
<pre>
 +
template="bond"
 +
ipaddr="10.0.1.200/24"
 +
gateway="10.0.1.1"
 +
nameservers="10.0.1.1 10.0.1.2"
 +
domain="funtoo.org"
 +
slaves="netif.eth0 netif.eth1"
 +
</pre>
 +
 
 +
In a bonded configuration, it is common to set the MTU to the maximum possible value supported by hardware to maximize throughput. In order to do this, simply set the MTU option in <tt>/etc/conf.d/netif.mybond</tt> to the maximum value supported by your hardware. The network scripts will ensure that this MTU setting is applied to all slave interfaces:
 +
 
 +
<pre>
 +
mtu=9000
 +
</pre>
 +
 
 +
=== Bridge Configuration ===
 +
 
 +
When hosting virtual machines, it can be convenient to use a bridge setup. This example shows how you would create a bridge (br0) with a simple static ip setup, containing two slave devices (eth0, tap0).
 +
 
 +
First, ensure that your kernel is configured to support bridging (the module name is <tt>bridge</tt>) :
  
 
<console>
 
<console>
# ##i##ln -sf /etc/init.d/dhcpcd /mnt/SD_root/etc/runlevels/default
+
$ ##i##grep CONFIG_BRIDGE /usr/src/linux/.config
 +
CONFIG_BRIDGE=m
 +
CONFIG_BRIDGE_IGMP_SNOOPING=y
 
</console>
 
</console>
  
==== Enabling serial console access (optional) ====
+
Second, make sure you have the required software installed:
By default the ttyS0 port is configured at 9600 bps. However, almost all of the ARM devices run the serial port at 115200 bps. Also, the port device names differ (ttyO2 for Pandaboard, ttySAC1 for Odroid-X ...). So edit your /etc/inittab file:
+
  
 
<console>
 
<console>
# ##i##nano -w /mnt/SD_root/etc/inittab
+
# ##i##emerge -av bridge-utils usermode-utilities
 
</console>
 
</console>
  
(For example for Pandaboard: )
+
Then, create the necessary symlinks for the interfaces and add them to your default runlevel :
  
{{File
 
|/etc/SD_root/etc/inittab|<pre>
 
s0:12345:respawn:/sbin/agetty 115200 ttyO2 vt100
 
</pre>}}
 
 
=== Finishing the installation and booting up the new system ===
 
Let's unmount the SD card.
 
 
<console>
 
<console>
# ##i##umount /mnt/SD_root
+
# ##i##cd /etc/init.d/
 +
# ##i##ln -s netif.tmpl netif.eth0
 +
# ##i##ln -s netif.tmpl netif.br0
 +
# ##i##ln -s netif.tmpl netif.tap0
 +
# ##i##rc-update add netif.br0 default
 +
# ##i##rc-update add netif.tap0 default
 
</console>
 
</console>
  
Once you have the card ready, put it into your device, and you should be able to boot it. If you have a debug port you will be able to see the boot process using minicom or similar program on another PC connected with the debug cable.
+
Then, configure the slave interface <tt>/etc/conf.d/netif.eth0</tt> :
 +
 
 +
<pre>
 +
template="interface-noip"
 +
</pre>
 +
 
 +
Then, configure the slave interface <tt>/etc/conf.d/netif.tap0</tt> - note you only require group OR user, not both :
 +
 
 +
<pre>
 +
template="tap"
 +
group="kvm"
 +
user="kvm"
 +
mac_addr="10:20:30:40:50:66"
 +
</pre>
 +
 
 +
... and the bridge interface <tt>/etc/conf.d/netif.br0</tt> :
 +
 
 +
<pre>
 +
template="bridge"
 +
ipaddr="10.0.1.200/24"
 +
gateway="10.0.1.1"
 +
nameservers="10.0.1.1 10.0.1.2"
 +
domain="funtoo.org"
 +
slaves="netif.eth0 netif.tap0"
 +
stp="on"
 +
forwarding=1
 +
</pre>
 +
 
 +
If you are using dhcpcd, you should ensure that it does not attempt to configure <tt>eth0</tt> or <tt>br0</tt> by adding the following to <tt>/etc/dhcpcd.conf</tt> :
 +
 
 +
<pre>
 +
# don't attempt to pull an ip address for br0 or its slave device
 +
denyinterfaces eth0 br0
 +
</pre>
 +
 
 +
=== More Complex Network Configuration ===
 +
 
 +
If the standard templates don't work for your needs, simply create a new template -- I recommend starting from the <tt>interface</tt> template for most things:
 +
 
 +
<console># ##i##cd /etc/netif.d
 +
# ##i##cp interface custom</console>
 +
You can now call whatever commands you need to <tt>/etc/netif.d/custom</tt>. The following shell functions can be defined in a network script:
 +
 
 +
==== netif_create ====
 +
 
 +
In <tt>netif_create</tt>, you should call any commands to create the interface if it does not yet exist.
 +
 
 +
==== netif_depend ====
 +
 
 +
In <tt>netif_depend</tt>, you can define dependencies, using the functions <tt>need</tt> and <tt>use</tt>.
 +
 
 +
==== netif_pre_up ====
 +
 
 +
In <tt>netif_pre_up</tt>, you can define network configuration actions to perform prior to bringing the interface up. You can also ensure certain variables are specified by calling <tt>require var1 [var2...]</tt> here.
 +
 
 +
==== netif_post_up====
 +
 
 +
In <tt>netif_post_up</tt>, you can define network configuration actions to perform after bringing the interface up.
 +
 
 +
==== netif_pre_down ====
 +
 
 +
In <tt>netif_pre_down</tt>, you can define network configuration actions to perform prior to bringing the interface down.
 +
 
 +
==== netif_post_down ====
 +
 
 +
In <tt>netif_post_down</tt>, you can define network configuration actions to perform after bringing the interface down.
 +
 
 +
==== netif_destroy ====
 +
 
 +
In <tt>netif_destroy</tt>, you can call any commands necessary to destroy/delete the interface if it is dynamic in nature (tun/tap, etc.)
 +
 
 +
==== How It Works ====
 +
 
 +
You do not specify a function for actually bringing up the interface, because the template-based system does this for you. The template-based system also performs all normal actions required to bring an interface down, so you only need to specify atypical actions that must be performed - such as removing child interfaces or destroying a bridge using <tt>brctl</tt>.
 +
 
 +
When you create your own network configuration template, the following capabilities are available for use automatically, as long as the appropriate variables are set in the <tt>/etc/conf.d/netif.&lt;ifname&gt;</tt> file, without requiring any explicit steps on your part:
 +
 
 +
* DNS configuration using <tt>domain</tt> and <tt>nameservers</tt> config settings. OpenResolv is used automatically.
 +
* VLAN configuration using auto-naming (<tt>netif.ethX.Y</tt>) or via custom naming with <tt>trunk</tt> and <tt>vlan</tt> config settings.
 +
* Default IPv4 gateway and route configuration using the <tt>gateway</tt> and <tt>route</tt> settings.
 +
* Default IPv6 gateway and route configuration using the <tt>gateway6</tt> and <tt>route6</tt> settings.
 +
* MTU configuration using the <tt>mtu</tt> setting.
 +
* Auto-depend (and auto-MTU configuration) of slave interfaces specified using <tt>slaves</tt> setting.
 +
* Renaming of existing network interface (specify MAC address using <tt>macaddr</tt> setting).
 +
 
 +
To take advantage of this functionality, simply enable the appropriate variables.
 +
 
 +
All other necessary network configuration and dependency behavior should be defined using the <tt>netif_</tt>-prefix functions described above.
 +
 
 +
== Wireless Configuration ==
 +
 
 +
The recommended approach for setting up Wi-Fi under Funtoo Linux is to use NetworkManager. Steps are provided in the [[Funtoo Linux Installation#Wi-Fi|Wi-Fi section of the Funtoo Linux Installation Guide]].
 +
 
 +
== Other Network Configurations ==
 +
 
 +
If you have a network configuration template that might be useful to others, please post it to the [http://groups.google.com/group/funtoo-dev funtoo-dev mailing list] so we can review it and possibly incorporate it into Funtoo.
 +
 
 +
== License ==
 +
 
 +
Funtoo Linux networking scripts are released under the following license:
 +
 
 +
{{BSD2 Funtoo|src=http://github.com/funtoo/corenetwork}}
  
 
[[Category:HOWTO]]
 
[[Category:HOWTO]]
[[Category:ARM]]
+
[[Category:Projects]]
 +
[[Category:Networking]]
 +
[[Category:Install]]
 +
[[Category:Funtoo features]]

Revision as of 17:49, 28 January 2014

This document explains how to configure your network settings by explaining the network configuration functionality available in Funtoo Linux. Also covered is dhcpcd 5.x, Wi-Fi (IEEE 802.11) configuration, and the OpenResolv framework.

Contents

Introduction

Funtoo Linux has its own core network configuration system that differs somewhat from upstream network configuration systems used in Gentoo Linux and OpenRC.

In this document, I will explain the unique additions and changes to the Funtoo network configuration and show you how to use this system to configure your network.

I'll also explain how to use dhcpcd 5.x for managing network interfaces on DHCP-based networks, and will also cover OpenRC stacked runlevel configuration, Wi-Fi (IEEE 802.11) configuration, and the OpenResolv framework, which is enabled in Funtoo Linux by default.

A Gentle Introduction to Funtoo Network Configuration

Before I get into the technical details of configuring your network, it's important to understand that Funtoo Linux has a number of different options available to you for network configuration, with more likely to be added in the future. Each approach is different and has its own strengths and weaknesses, and this is, in my opinion, a good thing.

The Easy (Dynamic) Way

When configuring your network, one option is to skip traditional network configuration and simply rely on DHCP. This is by far the simplest method of configuring your network. If you are on a wired network, no other steps are typically required beyond enabling a DHCP client, and Funtoo Linux includes dhcpcd 5.x by default.

Network Manager, Wicd

If you are going to use a third party package such as Network Manager or Wicd to manage your network then you do not need to configure DHCP at all. These packages configure DHCP for you. Simply emerge the package you want to use and start using it.

DHCP-Only Systems

If you are not planning to use a third-party package to manage your network interfaces, it is still extremely easy to set up DHCP networking, especially if you always use DHCP to connect to networks, which is common for desktops or laptops. In this scenario, we can simply enable dhcpcd to run at system startup. It will run in the background and automatically look for DHCP servers on all your network interfaces, and will attempt to lease an IP address from any DHCP servers found.

If this sounds like what you want to do, then add dhcpcd to your default runlevel as follows:

# rc-update add dhcpcd default

To enable DHCP immediately, you would follow the previous command with an rc command, which would start the dhcpcd client you just added:

# rc

If you're on a wired network and have the necessary drivers in your kernel, then this should get you going. For wireless networks, more steps are required to utilize your wireless hardware to associate with an access point, which will be covered later in this document.

Tweaking Dhcpcd

For now, it's important to note that dhcpcd 5.x will manage all available network interfaces by default. If you want to run a DHCP client on all but one interface, or some other subset of interfaces, you can add the appropriate denyinterfaces or allowinterfaces glob pattern to /etc/dhcpcd.conf:

# manage all interfaces but eth0 with dhcpcd
denyinterfaces eth0

This can also be accomplished by modifying /etc/init.d/dhcpcd directly and adding -Z ifglob or -z ifglob (the equivalent command-line parameters) to command_args.

Using Funtoo Scripts for DHCP

You can also use the Funtoo Linux networking scripts to start a DHCP client just on a specific interface. This approach is best if you are planning to also do some advanced bridging, bonding or VLAN configuration on your machine along with DHCP, since you will be using the Funtoo Linux networking scripts for that too.

To use this variant approach, don't enable /etc/init.d/dhcpcd directly. Instead, use the Funtoo Linux dhcpcd template which will start dhcpcd on only one interface. Below, you will see the steps to do this. This is very similar to how we set up advanced network interfaces, which will be covered later in this documentation:

# cd /etc/init.d
# ln -s netif.tmpl netif.eth0
# rc-update add netif.eth0 default
# echo template=dhcpcd > /etc/conf.d/netif.eth0
# rc

The last command, rc, causes netif.eth0 to be started.

Server Network Configuration

For servers and advanced networking scenarios, Funtoo Linux offers its own modular, template-based network configuration system. This system offers a lot of flexibility for configuring network interfaces, essentially serving as a "network interface construction kit." This system can be used by itself, or even combined with dhcpcd, as shown in the previous section.

Here are the key components of the template-based network configuration system:

/etc/init.d/netif.lo
An init script that configures the localhost interface. This script is always enabled and is part of the boot process.
/etc/netif.d
This is a directory that contains various network configuration templates. Each of these templates is focused on configuring a particular type of network interface, such as a general static IP-based interface, a bridge interface, a bond interface, etc.
/etc/init.d/netif.tmpl
This is the master init script for the template-based network configuration system. New interfaces are added to your system by creating symbolic links to this file in /etc/init.d.

So, if you wanted to use this system to configure eth0 with a static IP address, you would create a netif.eth0 symlink to netif.tmpl as follows:

# cd /etc/init.d
# ln -s netif.tmpl netif.eth0

Then, you would create an /etc/conf.d/netif.eth0 configuration file that would specify which template to use from the /etc/netif.d directory:

template="interface"
ipaddr="10.0.1.200/24"
gateway="10.0.1.1"
nameservers="10.0.1.1 10.0.1.2"
domain="funtoo.org"

To complete our static IP network configuration we would need to:

# rc-update add netif.eth0 default

When configuring your own static network interface, one of ipaddr or ipaddrs is required and should specify the IP address(es) to configure for this interface, in "a.b.c.d/netmask" format. Optional parameters include gateway, which defines a default gateway for your entire network, and if set should specify the gateway's IP address. In addition, domain and nameservers (space-separated if more than one) can be used to specify DNS information for this interface.

Configuration Variables

Interface Variables

The ipaddr and ipaddrs variables are supported by the interface and bridge templates, and are used to specify a single or multiple IPv4 or IPv6 address(es) for the interface. IP addresses should be specified in 'IP/netmask' format, such as 10.0.0.1/24. Multiple IP addresses can be specified delimited by whitespace:

ipaddrs="10.0.0.1/24 10.0.0.2/24"
Broadcast Address

By default, a broadcast address will be calculated based on the IP address and network mask. If you need to manually specify a broadcast address, use the following format for your IP address:

ipaddrs="10.0.0.1/24;broadcast=10.0.1.255 10.0.0.2/24"
Not Specifying An Address

Note that in some cases, you may choose to not specify ipaddr or ipaddrs for a bridge template. That is allowed. If you don't want to specify an IP address for a regular interface, you can choose to use the interface template without an IP address specified in the config, or use the interface-noip template instead, for the sake of clarity.

Viewing All Configured IP Addresses

Also note that if you specify multiple IPv4 addresses, ifconfig will only show the first IP address. To view all IP addresses associated with the interface, use the ip addr show command.

General Variables

The following variables are enabled by default for all network scripts, and if specified will trigger a corresponding configuration action:

nameservers
Set DNS nameservers using OpenResolv. Specify multiple IPv4 or IPv6 nameservers like this: "1.2.3.4 1.2.3.5 1.2.3.6". Please note that OpenResolv treats 127.0.0.1 specially, and it indicates that you are running a local name resolver like dnsmasq or bind. OpenResolv will ignore all other name servers specified alongside 127.0.0.1. See man resolvconf and man resolvconf.conf for additional setup information.
search
Set DNS search information using OpenResolv.
domain
Set DNS domain using OpenResolv.
gateway
Define a default IPv4 gateway on this interface.
gateway6
Define a default IPv6 gateway on this interface.
route
Specify a semi-colon delimited list of IPv4 routes to apply when this interface is brought up. Will be appended to ip -4 route add.
route6
Specify a semi-colon delimited list of IPv6 routes to apply when this interface is brought up. Will be appended to ip -6 route add.
mtu
Set Maximum Transmit Unit for the interface


VLAN Variables

VLAN support is enabled by default for all network configuration scripts. If a network script has a name in the format netif.ethX.Y, then it is assumed to be a VLAN interface referencing trunk ethX and VLAN ID Y. If you desire a custom name for your VLAN interface, you can name your interface whatever you'd like and specify the following variables in your interface config:

trunk
VLAN trunk interface, e.g. "eth0"
vlan
VLAN id, e.g. "32"

Bridge / Tap Variables

The following variables for configuring a functional bridge interface with optional tap interfaces:

slaves
Set slave interfaces of this interface (for bridges, etc.) All slaves will automatically be depended upon, and will also automatically have their mtu set to that of the current interface, if an mtu is specified for the current interface. This setting is required for the bond template and optional for the bridge template.
stp
Enables Spanning Tree Protocol on a bridge interface like this "stp=on"
forwarding
Enables forwarding on a bridge interface by calling sysctl; as this interface does not exist when sysctl is called by init, we do it here. If this is disabled, your bridge will not forward traffic back out onto the network. useage: "forwarding=1"
mac_addr
Sets a MAC address on a tap interface. This is usefull for avoiding layer2 address collisions when using large numbers of TUN interfaces (KVM, openVPN, ect)

OpenResolv and resolv.conf

OpenResolv will be used to set DNS information provided by the nameservers, domain and search variables when an interface is brought up. The OpenResolv framework will add entries to /etc/resolv.conf, and will also handle removing these entries when the interface is brought down. This way, /etc/resolv.conf should always contain current information and should not need to be manually edited by the system administrator. dhcpcd will use OpenResolv for updating system DNS information as well.

Network-Dependent Services

One important difference between Gentoo Linux and Funtoo Linux is that, in Funtoo Linux, network-dependent services only strictly depend on netif.lo. This means that if another network service requires an interface to be up, such as samba requiring eth0, then the system administrator must specify this relationship by adding the following line to /etc/conf.d/samba:

rc_need="netif.eth0"

This will have the effect of ensuring that netif.eth0 is started prior to samba and that samba is stopped prior to stopping netif.eth0.

Many network services, especially those that listen on all network intefaces, don't need an rc_need line in order to function properly. Avoiding the use of rc_need when required will optimize boot times and allow more network services to remain available when network interfaces are brought up and down by the system administrator.


Multiple Network Configurations

For information on how to have multiple, independent network configurations, please see Stacked Runlevels.

Alternate Configs

If you need to run the same service with different configuration parameters depending upon runlevel, then you'll be happy to know that you can specify runlevel-specific conf.d files by appending a . <runlevel> suffix. In this particular example, we could imagine a situation where we had two child runlevels named home and work:

/etc/conf.d/netif.eth0.home
/etc/conf.d/netif.eth0.work
Note that this feature works for all init scripts, not just network configuration scripts.

Interface Renaming

Funtoo network scripts now support interface renaming, so you can create an interface called lan if you would like. To do this, simply specify the MAC address of the interface you would like to rename using the macaddr variable:

macaddr="00:15:17:19:b6:a3"
If this MAC address is part of the netif.lan configuration file, then when this interface starts, whatever interface currently has the MAC address of 00:15:17:19:b6:a3 (i.e. eth5) will be renamed to lan prior to the interface being brought up, and will show up in ifconfig and ip commands as being an interface named lan.

Basic VLAN Configuration

The standard interface template supports VLANs. To use VLAN support, first ensure that your kernel was compiled with VLAN support (the module name is 8021q) :

# grep CONFIG_VLAN /usr/src/linux/.config
CONFIG_VLAN_8021Q=m
CONFIG_VLAN_8021Q_GVRP=y

Then, configure the trunk interface using the interface-noip template. Assuming eth1 is trunked, you would create the file /etc/conf.d/netif.eth1 with the following contents:

template="interface-noip"

Then, create a network interface symlink for the trunk and add it to your default runlevel:

# cd /etc/init.d
# ln -s netif.tmpl netif.eth1
# rc-update add netif.eth1 default

Now, assuming you wanted to configure a VLAN of 32, you would create a config file named /etc/conf.d/netif.eth1.32 that looks something like this:

template="interface"
ipaddr="1.2.3.4/24"
gateway="1.2.3.1"# etc...

Then, create a VLAN network interface symlink and add it to your default runlevel:

# cd /etc/init.d
# ln -s netif.tmpl netif.eth1.32
# rc-update add netif.eth1.32 default

The Funtoo network configuration scripts will automatically recognize the filename netif.eth1.32 as being VLAN 32 of trunk interface netif.eth1.

When the VLAN interface is brought up, it will be named eth1.32.

Custom VLAN Names

However, sometimes you may want to turn off automatic file-based VLAN naming and give your VLAN interface a custom name, such as mgmt. To do this, you would set up the trunk interface in the exact same way as described above, but instead of creating a netif.eth1.32 interface, you would create a netif.mgmt interface, and specify vlan and trunk in the /etc/conf.d/netif.mgmt config file, as follows:

template="interface"
vlan="32"
trunk="eth1"
ipaddr="1.2.3.4/24"
gateway="1.2.3.1"
# etc...

When you specify trunk and vlan in the interface config file, filename-based auto-detecting of VLAN ID and trunk is disabled. Both trunk and vlan must be specified -- you can't specify just one.

Then you would simply create a VLAN network interface symlink for netif.mgmt:

# cd /etc/init.d
# ln -s netif.tmpl netif.mgmt
# rc-update add netif.mgmt default

When the VLAN interface is brought up, it will be named mgmt.

Bonding Configuration

Bonding allows you to aggregate multiple network interfaces into a single logical network interface, allowing for benefits in throughput as well as resiliency in the case that an individual interface may go down. This example shows how you would create a bonding interface (mybond) with a simple static ip setup, containing two slave devices (eth0 and eth1).

First, ensure that your kernel is configured to support bonding (the module name is bonding) :

$ grep CONFIG_BONDING /usr/src/linux/.config
CONFIG_BONDING=m

You'l want to ensure that CONFIG_BONDING is set to "m" or "y". You can find this kernel configuration option tucked under "Device Drivers" -> "Network Device Support" -> "Bonding driver support". Be sure that ifenslave is emerged:

emerge ifenslave

Once bonding is enabled in the kernel, you will need to choose at least two devices to bond together. These will be set up as "slave" interfaces with no IP address.

# cd /etc/init.d/
# ln -s netif.tmpl netif.eth0
# ln -s netif.tmpl netif.eth1

Then, configure the slave interfaces by creating /etc/conf.d/netif.eth0 and /etc/conf.d/netif.eth1 with the following contents:

template="interface-noip"

Now, we will create the bond interface and make netif.eth0 and netif.eth1 slaves of this interface. Note that our bond interface can have any name. To demonstrate this, we will give it the name of "mybond" below:

# ln -s netif.tmpl netif.mybond
# rc-update add netif.mybond default

Now we can configure "mybond" using its configuration file /etc/conf.d/netif.mybond, just as we would a regular interface, except that we specify slaves:

template="bond"
ipaddr="10.0.1.200/24"
gateway="10.0.1.1"
nameservers="10.0.1.1 10.0.1.2"
domain="funtoo.org"
slaves="netif.eth0 netif.eth1"

In a bonded configuration, it is common to set the MTU to the maximum possible value supported by hardware to maximize throughput. In order to do this, simply set the MTU option in /etc/conf.d/netif.mybond to the maximum value supported by your hardware. The network scripts will ensure that this MTU setting is applied to all slave interfaces:

mtu=9000

Bridge Configuration

When hosting virtual machines, it can be convenient to use a bridge setup. This example shows how you would create a bridge (br0) with a simple static ip setup, containing two slave devices (eth0, tap0).

First, ensure that your kernel is configured to support bridging (the module name is bridge) :

$ grep CONFIG_BRIDGE /usr/src/linux/.config
CONFIG_BRIDGE=m
CONFIG_BRIDGE_IGMP_SNOOPING=y

Second, make sure you have the required software installed:

# emerge -av bridge-utils usermode-utilities

Then, create the necessary symlinks for the interfaces and add them to your default runlevel :

# cd /etc/init.d/
# ln -s netif.tmpl netif.eth0
# ln -s netif.tmpl netif.br0
# ln -s netif.tmpl netif.tap0
# rc-update add netif.br0 default
# rc-update add netif.tap0 default

Then, configure the slave interface /etc/conf.d/netif.eth0 :

template="interface-noip"

Then, configure the slave interface /etc/conf.d/netif.tap0 - note you only require group OR user, not both :

template="tap"
group="kvm" 
user="kvm"
mac_addr="10:20:30:40:50:66"

... and the bridge interface /etc/conf.d/netif.br0 :

template="bridge"
ipaddr="10.0.1.200/24"
gateway="10.0.1.1"
nameservers="10.0.1.1 10.0.1.2"
domain="funtoo.org"
slaves="netif.eth0 netif.tap0"
stp="on"
forwarding=1

If you are using dhcpcd, you should ensure that it does not attempt to configure eth0 or br0 by adding the following to /etc/dhcpcd.conf :

# don't attempt to pull an ip address for br0 or its slave device
denyinterfaces eth0 br0

More Complex Network Configuration

If the standard templates don't work for your needs, simply create a new template -- I recommend starting from the interface template for most things:

# cd /etc/netif.d
# cp interface custom

You can now call whatever commands you need to /etc/netif.d/custom. The following shell functions can be defined in a network script:

netif_create

In netif_create, you should call any commands to create the interface if it does not yet exist.

netif_depend

In netif_depend, you can define dependencies, using the functions need and use.

netif_pre_up

In netif_pre_up, you can define network configuration actions to perform prior to bringing the interface up. You can also ensure certain variables are specified by calling require var1 [var2...] here.

netif_post_up

In netif_post_up, you can define network configuration actions to perform after bringing the interface up.

netif_pre_down

In netif_pre_down, you can define network configuration actions to perform prior to bringing the interface down.

netif_post_down

In netif_post_down, you can define network configuration actions to perform after bringing the interface down.

netif_destroy

In netif_destroy, you can call any commands necessary to destroy/delete the interface if it is dynamic in nature (tun/tap, etc.)

How It Works

You do not specify a function for actually bringing up the interface, because the template-based system does this for you. The template-based system also performs all normal actions required to bring an interface down, so you only need to specify atypical actions that must be performed - such as removing child interfaces or destroying a bridge using brctl.

When you create your own network configuration template, the following capabilities are available for use automatically, as long as the appropriate variables are set in the /etc/conf.d/netif.<ifname> file, without requiring any explicit steps on your part:

  • DNS configuration using domain and nameservers config settings. OpenResolv is used automatically.
  • VLAN configuration using auto-naming (netif.ethX.Y) or via custom naming with trunk and vlan config settings.
  • Default IPv4 gateway and route configuration using the gateway and route settings.
  • Default IPv6 gateway and route configuration using the gateway6 and route6 settings.
  • MTU configuration using the mtu setting.
  • Auto-depend (and auto-MTU configuration) of slave interfaces specified using slaves setting.
  • Renaming of existing network interface (specify MAC address using macaddr setting).

To take advantage of this functionality, simply enable the appropriate variables.

All other necessary network configuration and dependency behavior should be defined using the netif_-prefix functions described above.

Wireless Configuration

The recommended approach for setting up Wi-Fi under Funtoo Linux is to use NetworkManager. Steps are provided in the Wi-Fi section of the Funtoo Linux Installation Guide.

Other Network Configurations

If you have a network configuration template that might be useful to others, please post it to the funtoo-dev mailing list so we can review it and possibly incorporate it into Funtoo.

License

Funtoo Linux networking scripts are released under the following license:


BSD 2-Clause Funtoo License

This work is free software. Source code is available.

Copyright 2009-2011 Funtoo Technologies. You can redistribute and/or modify it under the terms of the 2-clause BSD license. Alternatively you may (at your option) use any other license that has been publicly approved for use with this program by Funtoo Technologies (or its successors, if any.)