RE: Add network RoutingPolicyRules at OpenBMC Networkd

[Alexander Amelkin <a.amelkin@yadro.com>]

[-- Attachment #1: Type: text/plain, Size: 3549 bytes --]

There is waaaay too many problems that we have with “multiple interfaces using link-local addresses” per se.
They are outlined in https://datatracker.ietf.org/doc/html/rfc3927#section-3 but no solutions are actually provided there.
When, in addition to that, you connect those multiple interfaces to the same physical network segment, you add another
bunch of problems on top that are discussed here:
https://serverfault.com/questions/415304/multiple-physical-interfaces-with-ips-on-the-same-subnet

With your proposal, as I understand it, you may be solving one part of the “scoped addresses” problem here, but the rest remains.

I may be missing some use-cases, but I gather link-local addresses are primarily needed for discovery of newly installed OpenBMC
machines before they are properly integrated into a DHCP-based or statically configure network. Taking that into account, in my
humble opinion, the best way would be to have link-local addressing enabled for just eth0.

I also believe that in production environments the BMC shall not be connected to the same network segment using multiple interfaces.
If that is needed for failover, then we should think about adding the bridging and bonding support instead.

WBR, Alexander Amelkin

P.S. I also believe that it is VERY wrong that we still allow setting per-interface gateways as BMC is not a router device and doesn’t (and shouldn’t) allow for configuring policy routing or any routing whatsoever.

From: openbmc <openbmc-bounces+a.amelkin=yadro.com@lists.ozlabs.org> On Behalf Of raviteja bailapudi
Sent: Wednesday, October 11, 2023 11:27 AM
To: OpenBMC Maillist <openbmc@lists.ozlabs.org>; Ratan Gupta <ratankgupta31@gmail.com>; wak@google.com; Sunitha Harish <sunithaharish04@gmail.com>; johnathanx.mantey@intel.com
Subject: Add network RoutingPolicyRules at OpenBMC Networkd


«Внимание! Данное письмо от внешнего адресата!»
Hi Team

We have noticed network routing issues when the same subnet IP addresses configured on both eth0 and eth1 ethernet interfaces, this issue applies to all types of addresses like static, DHCP and LinkLocal address configuration.

Currently IPv4 LinkLocal addressing is enabled on both interfaces, so both interfaces come up with the same subnet Link local IP addresses (169.254.x.y), but only one link local address will be reachable due to these same subnet routes on both interfaces.

Here is the systemd issue https://github.com/systemd/systemd/issues/28814
I have discussed in the systemd community and explored systemd's RoutingPolicyRules configuration as suggested by the systemd community and it works.

To solve this problem we are proposing to make changes in phosphor-networkd to configure/populate systemd-networkd RoutingPolicyRule for each IP address configured on each interface, there is no user intervention or user interface changes needed. phosphor-networkd internally takes care of updating the systemd-networkd configuration as required

Here is the example of additional systemd configuration required for each IP address configured on the interface.
Example:
[Route]
PreferredSource=169.254.202.113
Destination=169.254.202.113/16<http://169.254.202.113/16>
Table=11
[Route]
Gateway=169.254.0.0
Table=11
[RoutingPolicyRule]
Table=11
To=169.254.202.113/16<http://169.254.202.113/16>
[RoutingPolicyRule]
Table=11
From=169.254.202.113/16<http://169.254.202.113/16>

Please share your views on the same.

Regards,
Raviteja

[-- Attachment #2: Type: text/html, Size: 8356 bytes --]