From 9ccc369ff30138b9c2cf3ed8faf28d8fe42f8377 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Fri, 7 Feb 2025 18:08:51 +0100 Subject: [PATCH] network: mark container/VM/namespace networks as not required for online + disable DHCP lease persistency These networks are not connections to upstream routers, but where we are ourselves are the upstream router, hence it doesn't make too much sense to require them to be up as default to determine if we are "online", because they lead "in the wrong direction". Also, disable DHCP lease persistency for these networks, since container/VM/namespaces are generally shortlived, and typically have no persistent identity. Moreover, the IP range we assign each VM/container connection is just too small to permit persistency, as otherwise we'll run out of leases way too quickly if VM/containers are restarted a bunch of times with different MAC addresses (which I ran into). I think these are better defaults, but of course these are only defaults. --- network/80-container-vb.network | 3 +++ network/80-container-ve.network | 6 ++++++ network/80-container-vz.network | 6 ++++++ network/80-namespace-ns.network | 6 ++++++ network/80-vm-vt.network | 6 ++++++ 5 files changed, 27 insertions(+) diff --git a/network/80-container-vb.network b/network/80-container-vb.network index 07a407208bb..162597d781a 100644 --- a/network/80-container-vb.network +++ b/network/80-container-vb.network @@ -14,6 +14,9 @@ Kind=veth Name=vb-* +[Link] +RequiredForOnline=no + [Network] KeepMaster=yes LinkLocalAddressing=no diff --git a/network/80-container-ve.network b/network/80-container-ve.network index 4cb15ca9578..69c534f4e1b 100644 --- a/network/80-container-ve.network +++ b/network/80-container-ve.network @@ -14,6 +14,9 @@ Kind=veth Name=ve-* +[Link] +RequiredForOnline=no + [Network] # Default to using a /28 prefix, giving up to 13 addresses per container. Address=0.0.0.0/28 @@ -24,3 +27,6 @@ LLDP=yes EmitLLDP=customer-bridge IPv6AcceptRA=no IPv6SendRA=yes + +[DHCPServer] +PersistLeases=no diff --git a/network/80-container-vz.network b/network/80-container-vz.network index fd7cc1a4c9e..2dc5d87e23b 100644 --- a/network/80-container-vz.network +++ b/network/80-container-vz.network @@ -13,6 +13,9 @@ Kind=bridge Name=vz-* +[Link] +RequiredForOnline=no + [Network] # Default to using a /24 prefix, giving up to 253 addresses per virtual network. Address=0.0.0.0/24 @@ -23,3 +26,6 @@ LLDP=yes EmitLLDP=customer-bridge IPv6AcceptRA=no IPv6SendRA=yes + +[DHCPServer] +PersistLeases=no diff --git a/network/80-namespace-ns.network b/network/80-namespace-ns.network index 9c945d47c93..cd1a819973e 100644 --- a/network/80-namespace-ns.network +++ b/network/80-namespace-ns.network @@ -14,6 +14,9 @@ Kind=veth Name=ns-* +[Link] +RequiredForOnline=no + [Network] # Default to using a /28 prefix, giving up to 13 addresses per namespace Address=0.0.0.0/28 @@ -24,3 +27,6 @@ LLDP=yes EmitLLDP=customer-bridge IPv6AcceptRA=no IPv6SendRA=yes + +[DHCPServer] +PersistLeases=no diff --git a/network/80-vm-vt.network b/network/80-vm-vt.network index 3bd36a6b10e..a7c0f770893 100644 --- a/network/80-vm-vt.network +++ b/network/80-vm-vt.network @@ -13,6 +13,9 @@ Kind=tun Name=vt-* +[Link] +RequiredForOnline=no + [Network] # Default to using a /28 prefix, giving up to 13 addresses per VM. Address=0.0.0.0/28 @@ -23,3 +26,6 @@ LLDP=yes EmitLLDP=customer-bridge IPv6AcceptRA=no IPv6SendRA=yes + +[DHCPServer] +PersistLeases=no -- 2.47.3