gador/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nixos/networking-interfaces: clean up networking.sits

Browse Source 
This change rework a bit the documentation on networking.sits to explain
what they actually are. In fact, there are three different protocols
being collectively called "SIT", which itself is a nonstandard term.
This commit is contained in:
rnhmjoj
2025-06-15 16:55:28 +02:00
parent 1a8c90128b
commit 716634530e
3 changed files with 65 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
nixos/modules/tasks/network-interfaces-scripted.nix
View File

@@ -627,7 +627,7 @@ let
deps = deviceDependency v.dev; deps = deviceDependency v.dev;
in in
{ {
description = "6-to-4 Tunnel Interface ${n}"; description = "IPv6 in IPv4 Tunnel Interface ${n}";
wantedBy = [ wantedBy = [
"network-setup.service" "network-setup.service"
(subsystemDevice n) (subsystemDevice n)
@@ -641,18 +641,19 @@ let
script = '' script = ''
# Remove Dead Interfaces # Remove Dead Interfaces
ip link show dev "${n}" >/dev/null 2>&1 && ip link delete dev "${n}" ip link show dev "${n}" >/dev/null 2>&1 && ip link delete dev "${n}"
ip link add name "${n}" type sit \ ip link add name "${n}" type sit ${
${optionalString (v.remote != null) "remote \"${v.remote}\""} \ formatIpArgs {
${optionalString (v.local != null) "local \"${v.local}\""} \ inherit (v)
${optionalString (v.ttl != null) "ttl ${toString v.ttl}"} \ remote
${optionalString (v.dev != null) "dev \"${v.dev}\""} \ local
${optionalString (v.encapsulation != null) ttl
"encap ${v.encapsulation.type} encap-dport ${toString v.encapsulation.port} ${ dev
optionalString ( ;
v.encapsulation.sourcePort != null encap = if v.encapsulation.type == "6in4" then null else v.encapsulation.type;
) "encap-sport ${toString v.encapsulation.sourcePort}" encap-dport = v.encapsulation.port;
}" encap-sport = v.encapsulation.sourcePort;
} }
}
ip link set dev "${n}" up ip link set dev "${n}" up
''; '';
postStop = '' postStop = ''

2
nixos/modules/tasks/network-interfaces-systemd.nix
View File

@@ -438,7 +438,7 @@ in
// (optionalAttrs (sit.ttl != null) { // (optionalAttrs (sit.ttl != null) {
TTL = sit.ttl; TTL = sit.ttl;
}) })
// (optionalAttrs (sit.encapsulation != null) ( // (optionalAttrs (sit.encapsulation.type != "6in4") (
{ {
FooOverUDP = true; FooOverUDP = true;
Encapsulation = if sit.encapsulation.type == "fou" then "FooOverUDP" else "GenericUDPEncapsulation"; Encapsulation = if sit.encapsulation.type == "fou" then "FooOverUDP" else "GenericUDPEncapsulation";

74
nixos/modules/tasks/network-interfaces.nix
View File

@@ -19,7 +19,8 @@ let
hasSits = cfg.sits != { }; hasSits = cfg.sits != { };
hasGres = cfg.greTunnels != { }; hasGres = cfg.greTunnels != { };
hasBonds = cfg.bonds != { }; hasBonds = cfg.bonds != { };
hasFous = cfg.fooOverUDP != { } || filterAttrs (_: s: s.encapsulation != null) cfg.sits != { }; hasFous =
cfg.fooOverUDP != { } || filterAttrs (_: s: s.encapsulation.type != "6in4") cfg.sits != { };
slaves = slaves =
concatMap (i: i.interfaces) (attrValues cfg.bonds) concatMap (i: i.interfaces) (attrValues cfg.bonds)
@@ -1153,7 +1154,8 @@ in
} }
''; '';
description = '' description = ''
This option allows you to define 6-to-4 interfaces which should be automatically created. This option allows you to define interfaces encapsulating IPv6
packets within IPv4 packets; which should be automatically created.
''; '';
type = type =
with types; with types;
@@ -1197,50 +1199,76 @@ in
''; '';
}; };
encapsulation = encapsulation = mkOption {
with types; type = types.nullOr (
mkOption { types.submodule {
type = nullOr (submodule {
options = { options = {
type = mkOption { type = mkOption {
type = enum [ type = types.enum [
"6in4"
"fou" "fou"
"gue" "gue"
]; ];
default = "6in4";
description = '' description = ''
Selects encapsulation type. See Select the encapsulation type:
{manpage}`ip-link(8)` for details.
- `6in4`: the IPv6 packets are encapsulated using the
6in4 protocol (formerly known as SIT, RFC 4213);
- `gue`: the IPv6 packets are encapsulated in UDP packets
using the Generic UDP Encapsulation (GUE) scheme;
- `foo`: the IPv6 packets are encapsulated in UDP packets
using the Foo over UDP (FOU) scheme.
''; '';
}; };
port = mkOption { port = mkOption {
type = port; type = types.nullOr types.port;
default = null;
example = 9001; example = 9001;
description = '' description = ''
Destination port for encapsulated packets. Destination port when using UDP encapsulation.
''; '';
}; };
sourcePort = mkOption { sourcePort = mkOption {
type = nullOr types.port; type = types.nullOr types.port;
default = null; default = null;
example = 9002; example = 9002;
description = '' description = ''
Source port for encapsulated packets. Will be chosen automatically by Source port when using UDP encapsulation.
the kernel if unset. Will be chosen automatically by the kernel if unset.
''; '';
}; };
}; };
}); }
default = null; );
example = { apply =
type = "fou"; x:
port = 9001; if x == null then
}; lib.warn
description = '' ''
Configures encapsulation in UDP packets. The option networking.sits.*.encapsulation no longer accepts `null`
''; as a valid value. To fix this warning simply remove this definition.
''
{
type = "6in4";
port = null;
sourcePort = null;
}
else
x;
default = { };
example = {
type = "fou";
port = 9001;
}; };
description = ''
Configures the type of encapsulation.
'';
};
}; };