Skip to content

Commit

Permalink
Doc: Updating IP address assignment examples
Browse files Browse the repository at this point in the history 
Improved "show interfaces" information is now
reflected in IP address examples
- source info added
- IPv6 addresses shown

Also added an example with IPv6 privacy for stateless autoconfig
  • Loading branch information
@jovatn
jovatn committed Sep 22, 2023
1 parent 2431089 commit aae0414
Showing 1 changed file with 169 additions and 103 deletions.
272 changes: 169 additions & 103 deletions doc/networking.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -99,153 +99,219 @@ Multiple address assignment methods are available:

DHCP address method is only available for *LAN* interfaces (ethernet, virtual ethernet (veth), bridge, etc.)

#### Examples
### IPv6 Address Assignment

Multiple address assignment methods are available:

| **Type** | **Yang Model** | **Description** |
|:---------------- |:-------------- |:------------------------------------------------------------------------------------------------------------------------------------------------- |
| static | ietf-ip | Static assignment of IPv6 address, e.g., *2001:db8:0:1::1/64* |
| link-local | ietf-ip[^2] | (RFC4862) Auto-configured link-local IPv6 address (*fe80::0* prefix + interface identifier, e.g., *fe80::ccd2:82ff:fe52:728b/64*) |
| global auto-conf | ietf-ip | (RFC4862) Auto-configured (stateless) global IPv6 address (prefix from router + interface identifier, e.g., *2001:db8:0:1:ccd2:82ff:fe52:728b/64* |

Both for *link-local* and *global auto-configuration*, it is possible
to auto-configure using a random suffix instead of the interface
identifier.


### Examples

![Switch example (eth0 and lo)](img/ip-address-example-switch.svg)

root@example:/> show interfaces
INTERFACE STATE PROTOCOL/ADDRESS SOURCE
lo up 00:00:00:00:00:00 unknown
127.0.0.1/8

eth0 up 02:00:00:00:00:00 unknown
root@example:/>
root@infix-00-00-00:/> show interfaces
INTERFACE PROTOCOL STATE DATA
eth0 ethernet UP 02:00:00:00:00:00
ipv6 fe80::ff:fe00:0/64 (link-layer)
lo ethernet UP 00:00:00:00:00:00
ipv4 127.0.0.1/8 (static)
ipv6 ::1/128 (static)
root@infix-00-00-00:/>

##### Static IP and link-local IP addresses
To illustrate IP address configuration, the examples below uses a
switch with a single Ethernet interface (eth0) and a loopback
interface (lo). As shown above, these examples assume *eth0* has an
IPv6 link-local address and *lo* has static IPv4 and IPv6 addresses by
default.

#### Static and link-local IPv4 addresses

![Setting static IPv4 (and link-local IPv4)](img/ip-address-example-ipv4-static.svg)

root@example:/> configure
root@example:/config/> edit interfaces interface eth0 ipv4
root@example:/config/interfaces/interface/eth0/ipv4/> set address 10.0.1.1 prefix-length 24
root@example:/config/interfaces/interface/eth0/ipv4/> set autoconf enabled true
root@example:/config/interfaces/interface/eth0/ipv4/> leave
root@example:/> show interfaces
INTERFACE STATE PROTOCOL/ADDRESS SOURCE
lo up 00:00:00:00:00:00 unknown
127.0.0.1/8

eth0 up 02:00:00:00:00:00 unknown
169.254.1.3/16
10.0.1.1/24

root@example:/>

##### Use of DHCP for address assignment

![Using DHCP for address assignment](img/ip-address-example-ipv4-dhcp.svg)
root@infix-example:/config/interfaces/interface/eth0/ipv4/> diff
+interfaces {
+ interface eth0 {
+ ipv4 {
+ address 10.0.1.1 {
+ prefix-length 24;
+ }
+ autoconf {
+ enabled true;
+ }
+ }
+ }
+}
root@infix-example:/config/interfaces/interface/eth0/ipv4/> leave
root@infix-example:/> show interfaces
INTERFACE PROTOCOL STATE DATA
eth0 ethernet UP 02:00:00:00:00:00
ipv4 10.0.1.1/24 (static)
ipv6 fe80::ff:fe00:0/64 (link-layer)
lo ethernet UP 00:00:00:00:00:00
ipv4 127.0.0.1/8 (static)
ipv6 ::1/128 (static)
root@infix-example:/> show interfaces
INTERFACE PROTOCOL STATE DATA
eth0 ethernet UP 02:00:00:00:00:00
ipv4 169.254.1.3/16 (random)
ipv4 10.0.1.1/24 (static)
ipv6 fe80::ff:fe00:0/64 (link-layer)
lo ethernet UP 00:00:00:00:00:00
ipv4 127.0.0.1/8 (static)
ipv6 ::1/128 (static)
root@infix-example:/>

As shown, the link-local IPv4 address is configured with `set autconf
enabled true`. The resulting address (169.254.1.3/16) is of type
*random* ([IETF ip-yang][ietf-ip-yang]).

#### Use of DHCP for IPv4 address assignment

![Using DHCP for IPv4 address assignment](img/ip-address-example-ipv4-dhcp.svg)

root@example:/> configure
root@example:/config/> edit dhcp-client
root@example:/config/dhcp-client/> set client-if eth0
root@example:/config/dhcp-client/> set enabled true
root@example:/config/dhcp-client/> leave
root@example:/> show interfaces
INTERFACE STATE PROTOCOL/ADDRESS SOURCE
lo up 00:00:00:00:00:00 unknown
127.0.0.1/8

eth0 up 02:00:00:00:00:00 unknown
10.1.2.100/24

root@example:/>

### IPv6 Address Assignment
INTERFACE PROTOCOL STATE DATA
eth0 ethernet UP 02:00:00:00:00:00
ipv4 10.1.2.100/24 (dhcp)
ipv6 fe80::ff:fe00:0/64 (link-layer)
lo ethernet UP 00:00:00:00:00:00
ipv4 127.0.0.1/8 (static)
ipv6 ::1/128 (static)

Multiple address assignment methods are available:

| **Type** | **Yang Model** | **Description** |
|:---------------- |:-------------- |:------------------------------------------------------------------------------------------------------------------------------------------------- |
| static | ietf-ip | Static assignment of IPv6 address, e.g., *2001:db8:0:1::1/64* |
| link-local | ietf-ip[^2] | (RFC4862) Auto-configured link-local IPv6 address (*fe80::0* prefix + interface identifier, e.g., *fe80::ccd2:82ff:fe52:728b/64*) |
| global auto-conf | ietf-ip | (RFC4862) Auto-configured (stateless) global IPv6 address (prefix from router + interface identifier, e.g., *2001:db8:0:1:ccd2:82ff:fe52:728b/64* |
root@example:/>

#### Examples
The resulting address (10.1.2.100/24) is of type *dhcp*.

![Switch example (eth0 and lo)](img/ip-address-example-switch.svg)

root@example:/> show ip
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UP group iface qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 02:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
inet6 fe80::ff:fe00:0/64 scope link
valid_lft forever preferred_lft forever
root@example:/>

##### Disabling IPv6 link-local address(es)
#### Disabling IPv6 link-local address(es)

The only way to disable IPv6 link-local addresses is by disabling IPv6 on the interface.
The (only) way to disable IPv6 link-local addresses is by disabling IPv6 on the interface.

```(disabling
root@example:/> configure
root@example:/config/> edit interfaces interface eth0 ipv6
root@example:/config/interfaces/interface/eth0/ipv6/> set enabled false
root@example:/config/interfaces/interface/eth0/ipv6/> leave
root@example:/> show ip
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UP group iface qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 02:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
root@example:/> show interfaces
INTERFACE PROTOCOL STATE DATA
eth0 ethernet UP 02:00:00:00:00:00
lo ethernet UP 00:00:00:00:00:00
ipv4 127.0.0.1/8 (static)
ipv6 ::1/128 (static)
root@example:/>
```

##### Static IPv6 address
#### Static IPv6 address

![Setting static IPv6](img/ip-address-example-ipv6-static.svg)

root@example:/> configure
root@example:/config/> edit interfaces interface eth0 ipv6
root@example:/config/interfaces/interface/eth0/ipv6/> set address 2001:db8::1 prefix-length 64
root@example:/config/interfaces/interface/eth0/ipv6/> leave
root@example:/> show ip
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UP group iface qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 02:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
inet6 2001:db8::1/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::ff:fe00:0/64 scope link
valid_lft forever preferred_lft forever
root@example:/> show interfaces
INTERFACE PROTOCOL STATE DATA
eth0 ethernet UP 02:00:00:00:00:00
ipv6 2001:db8::1/64 (static)
ipv6 fe80::ff:fe00:0/64 (link-layer)
lo ethernet UP 00:00:00:00:00:00
ipv4 127.0.0.1/8 (static)
ipv6 ::1/128 (static)
root@example:/>

##### Stateless Autoconfiguration of Global IPv6 Address
#### Stateless Auto-configuration of Global IPv6 Address

![Auto-configuration of global IPv6](img/ip-address-example-ipv6-auto-global.svg)

Concatenation of prefix advertised by router (here 2001:db8:0:1::0/64)
and interface identifier.
Stateless address auto-configuration of global addresses is enabled by
default. The address is formed by concatenating the network prefix
advertised by the router (here 2001:db8:0:1::0/64) and the interface
identifier. The resulting address is of type *other*.

root@infix-example:/> show interfaces
INTERFACE PROTOCOL STATE DATA
eth0 ethernet UP 02:00:00:00:00:00
ipv6 2001:db8:0:1:0:ff:fe00:0/64 (other)
ipv6 fe80::ff:fe00:0/64 (link-layer)
lo ethernet UP 00:00:00:00:00:00
ipv4 127.0.0.1/8 (static)
ipv6 ::1/128 (static)
root@infix-example:/>

Disabling auto-configuration of global IPv6 addresses can be done as shown
below.

root@infix-00-00-00:/> configure
root@infix-00-00-00:/config/> edit interfaces interface eth0 ipv6
root@infix-00-00-00:/config/interfaces/interface/eth0/ipv6/> set autoconf create-global-addresses false
root@infix-00-00-00:/config/interfaces/interface/eth0/ipv6/> leave
root@infix-00-00-00:/> show interfaces
INTERFACE PROTOCOL STATE DATA
eth0 ethernet UP 02:00:00:00:00:00
ipv6 fe80::ff:fe00:0/64 (link-layer)
lo ethernet UP 00:00:00:00:00:00
ipv4 127.0.0.1/8 (static)
ipv6 ::1/128 (static)
root@infix-00-00-00:/>

#### Random Link Identifiers for IPv6 Stateless Autoconfiguration

root@example:/> configure
root@example:/config/> edit interfaces interface eth0 ipv6
root@example:/config/interfaces/interface/eth0/ipv6/> set address 2001:db8::1 prefix-length 64
root@example:/config/interfaces/interface/eth0/ipv6/> leave
root@example:/> show ip
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UP group iface qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 02:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
inet6 2001:db8:0:1:0:ff:fe00:0/64 scope global dynamic mngtmpaddr
valid_lft 86398sec preferred_lft 14398sec
inet6 fe80::ff:fe00:0/64 scope link
valid_lft forever preferred_lft forever
root@example:/>
![Auto-configuration of global IPv6](img/ip-address-example-ipv6-auto-global.svg)

By default, the auto-configured link-local and global IPv6 addresses
are formed from a link-identifier based on the MAC address.

root@infix-example:/> show interfaces
INTERFACE PROTOCOL STATE DATA
eth0 ethernet UP 02:00:00:00:00:00
ipv6 2001:db8:0:1:0:ff:fe00:0/64 (other)
ipv6 fe80::ff:fe00:0/64 (link-layer)
lo ethernet UP 00:00:00:00:00:00
ipv4 127.0.0.1/8 (static)
ipv6 ::1/128 (static)
root@infix-example:/>

To avoid revealing identity information in the IPv6 address, it is
possible to specify use of a random identifier ([ietf-ip][ietf-ip-yang] YANG and [RFC8981][ietf-ipv6-privacy]).

root@infix-example:/> configure
root@infix-example:/config/> edit interfaces interface eth0 ipv6
root@infix-example:/config/interfaces/interface/eth0/ipv6/> set autoconf create-temporary-addresses true
root@infix-example:/config/interfaces/interface/eth0/ipv6/> leave
root@infix-example:/> show interfaces
INTERFACE PROTOCOL STATE DATA
eth0 ethernet UP 02:00:00:00:00:00
ipv6 2001:db8:0:1:fba2:f413:dd22:13ad/64 (other)
ipv6 fe80::b886:6849:18dc:19ef/64 (random)
lo ethernet UP 00:00:00:00:00:00
ipv4 127.0.0.1/8 (static)
ipv6 ::1/128 (static)
root@infix-example:/>

The link-local address has changed type to *random*.

[ietf-ip-yang]: https://www.rfc-editor.org/rfc/rfc8344.html
[ietf-ipv6-privacy]: https://www.rfc-editor.org/rfc/rfc8981.html

[^1]: Please note, link aggregates are not yet supported in Infix.
Link-local IPv6 addresses are implicitly enabled when enabling IPv6. IPv6 can be enabled/disabled per interface in *ietf-ip* YANG model.
[^2]: Link-local IPv6 addresses are implicitly enabled when enabling IPv6. IPv6 can be enabled/disabled per interface in [ietf-ip][ietf-ip-yang] YANG model.


0 comments on commit aae0414

Please sign in to comment.