README.netconfig

#  README.netconfig
#
#  netconfig is part of the sysconfig package
#  authors: Michael Calmer <mc@novell.com>,
#           Milisav Radmanic <radmanic@novell.com>,
#           Marius Tomaschewski <mt@novell.com>
#


 * Network configuration tool (netconfig) *
=======================================================

    NOTE: This README file may not contain all or obsolete details!
    Please read the netconfig(8) manual page (man 8 netconfig) first.

The netconfig utility was written to handle netwok settings data, like
DNS, NIS, NTP from multiple sources as DHCP or PPP in the best way
possible.
This new script replaces the current "/sbin/modify_resolvconf" script!

The script itself is modular, so it is possible to extend or change its
functionality. Each module is responsible for a specific task.
The order in which the modules are called is defined in the sysconfig
variable NETCONFIG_MODULES_ORDER.

Static configuration values are written to sysconfig/network/config by
the yast-modules. Dhcp, ppp as well as the NetworkManager provide the
dynamic values directly to netconfig in a specified format.

Netconfig manages (stores or removes) the dynamic values and the netconfig
modules merge all these informations depending on a predefined policy
and apply the required changes, for instance write a configuration file,
restart a service and similar.

The prime objective here is: No process should alter the destination files
directly, but pass its information through netconfig.

Every module has a policy-variable in sysconfig/network/config which tells
the module how to merge single values. Which interfaces should get recognized
and which not or in which order and where it should use the static values.


Naming conventions:
-------------------

"static values":  values the user entered directly, e.g by a YaST module
"dynamic values": values delivered by dhcp or ppp (leases file) or the
                  NetworkManager


The policy-variables:
--------------------

The policy-variables, lists the interfaces which should get addressed
if a configuration for this interface is available. You can use "*"
and/or "?" to match multiple interfaces. E.g. "eth* ppp?" will target
first all ethX interfaces and than ppp0-ppp9 interfaces.
Additionally it has two predefined static values which indicate what
should happen with the static configuration values:

- STATIC            is the placeholder for the static values set by
                    yast-modules processed at the specific place in
                    the order. (You can also use "auto" as a short
                    for "STATIC *")

- STATIC_FALLBACK   defines, that dynamic values have priority, but
                    if no dynamic values are available the STATIC
                    ones are used

If the policy variable is empty, the configuration file will not be
changed by netconfig. This is useful if the user wants to keep the
sole control of the configuration file.

By default, the policy is set to the special value auto. This special
policy value is resolved by netconfig depending on the NETWORKMANAGER
("yes"/"no") variable:
- NETWORKMANAGER = no
        The auto policy value is resolved to a policy
                "STATIC *".

- NETWORKMANAGER = yes
        The auto policy value is resolved to a policy
                "STATIC_FALLBACK NetworkManager"
        causing to use the NetworkManager build-in merge policy
        with a fallback to the static settings defined in
        netconfig variables when the NetworkManager does not
        provide any dynamic settings.

        Note: The NetworkManager is not using any of the statically
              defined netconfig settings (any more). This is required
              to ensure a proper functionality of the NetworkManager.
              Please use the (k)nm connection editor to define your
              network settings for the NetworkManager!


The netconfig tool:
-------------------

The netconfig tool has three main commands:

* "modify" requires an interface dataset passed via STDIN (or file
           specified via -i option). If a configuration already exists,
           it will be replaced by the new one, otherwise it creates a
           new configuration. After this, it updates the managed files
           by calling the modules.

* "update" runs all the modules again. This is useful if the policy or
           the static configuration changed. (this should be called most
           of the time by yast-modules)

* "remove" removes an interface configuration defined by <service> and
           <interface> and runs the modules again to bring the
           configuration files up-to-date.

The data set which needs to be provided to "netconfig modify" is specified
as a simple key-value list compatible to the dhcpcd-leases format.
The keyword "INTERFACE" is mandatory. Here are examples of the currently
used key-value pairs:

INTERFACE='eth0'

The dns-resolver and dns-bind module recognizes the following keywords:
DNSDOMAIN='suse.de nue.novell.com'
DNSSERVERS='10.10.0.1 10.10.2.88'

The nis module recognizes the following keywords:
NISDOMAIN='novell.com'
NISSERVERS='149.44.160.146 149.44.160.50'

The ntp-runtime module recognizes the following keyword:
NTPSERVERS='149.44.160.50 149.44.160.54 149.44.160.1'

Additional netconfig options are:

options:                      mandatory for:
  -s|--service <service>      modify, remove (e.g. dhcpcd, dhclient, etc.)
  -i|--interface <interface>  remove         (e.g. eth0, ppp1, ...)
  -l|--lease-file <file name>                lease / input file name
  -F|--input-format <format>                 lease / input format (dhcpcd)
  -f|--force_replace                         force overwriting of config files,
                                             even when somebody changed them
                                             manually
  -v|--verbose                               print debug output


The Modules:
------------

currently the following modules are provided:


dns-resolver:
-----------

DNS configuration consists of:
    - domain search list
    - nameserver ip list

The following variables are in /etc/sysconfig/network/config:

    NETCONFIG_DNS_STATIC_SEARCHLIST=""
    NETCONFIG_DNS_STATIC_SERVERS=""

The policy variable is named:

    NETCONFIG_DNS_POLICY=""

The search list and nameservers are applied to /etc/resolv.conf.

Alternatively, the nameservers only may be applied as forwarders to the
configuration of a local nameserver. To identify such a configuration we
defined the variable:

   NETCONFIG_DNS_FORWARDER=""

It can have the values:

* "resolv" or empty: no local DNS server, write to /etc/resolv.conf
* "bind"   : A bind nameserver is used as forwarder. Only the searchlist is
             written to the /etc/resolv.conf; the nameserver are written to
             the /etc/named.d/forwarders.conf.
* "dnsmasq": A dnsmasq nameserver is used as forwarder. Only the searchlist
             is written to the /etc/resolv.conf; the nameserver are written
             to the /var/run/dnsmasq-forwarders.conf.


    Example:
    --------

    Static config in /etc/sysconfig/network/config:

    NETCONFIG_DNS_POLICY="STATIC *"    # == "auto"
    NETCONFIG_DNS_FORWARDER="resolv"

    NETCONFIG_DNS_STATIC_SEARCHLIST="domain1 domain2"
    NETCONFIG_DNS_STATIC_SERVERS="2001:cafe::1 10.0.0.1"

        Resulting /etc/resolv.conf:
            search domain1 domain2
            nameserver 2001:cafe::1
            nameserver 10.0.0.1

    If a dynamic interface comes up (e.g. DHCP) with the values

        DNSDOMAIN='domain2 domain3'
        DNSSERVERS='10.10.0.1 10.10.2.88'

    The result will be:

        search domain1 domain2 domain3
        nameserver 2001:cafe::1
        nameserver 10.0.0.1
        nameserver 10.10.0.1

    [ 10.10.2.88 will not appear, because you can provide only 3 nameserver
      in resolv.conf ]


    If you change the NETCONFIG_DNS_POLICY variable to "eth* STATIC"
    the resulting resolv.conf looks like this:

        search domain2 domain3 domain1
        nameserver 10.10.0.1
        nameserver 10.10.2.88
        nameserver 2001:cafe::1


nis:
----

NIS configuration consists of:
    - A list of domains with a list of server ip's for each domain

The following variables are defined in /etc/sysconfig/network/config:

    NETCONFIG_NIS_STATIC_DOMAIN[_<number>]=""
    NETCONFIG_NIS_STATIC_SERVERS[_<number>]=""

The values are applied to /etc/yp.conf . If the configuration changed
the nis module reloads ypbind.


The policy variable is named:

    NETCONFIG_NIS_POLICY=""

A special variable for this module is:

    NETCONFIG_NIS_SETDOMAINNAME=""

It is a replacement for DHCLIENT_SET_DOMAINNAME in
/etc/sysconfig/network/dhcp.
Valid values are "no", "yes" or an interface name, e.g. eth0

- "no"         : netconfig do not set the domainname
- "yes"        : netconfig set the domainname with the first first
                 interface which provide such a value.
- "<interface>": netconfig sets the domainname only when provided by
                 the specified interface.


    Example:
    --------

        Static config in /etc/sysconfig/network/config:

        NETCONFIG_NIS_POLICY="STATIC *"

            # first domain contains implicit _0 suffix:
            NETCONFIG_NIS_STATIC_DOMAIN="defaultdomain"
            NETCONFIG_NIS_STATIC_SERVERS="10.0.0.1 10.0.0.2"
            # in case there is another domain:
            NETCONFIG_NIS_STATIC_DOMAIN_1="anotherdomain"
            NETCONFIG_NIS_STATIC_SERVERS_1="10.1.0.1 10.1.0.2"


        Resulting /etc/yp.conf:
            domain defaultdomain server 10.0.0.1
            domain defaultdomain server 10.0.0.2
            domain anotherdomain server 10.1.0.1
            domain anotherdomain server 10.1.0.2

    yp.conf knows other configuration values which are also possible
    to configure:

    NETCONFIG_NIS_STATIC_DOMAIN="defaultdomain"
    NETCONFIG_NIS_STATIC_SERVERS="broadcast"

    result in:

        domain defaultdomain broadcast

    NETCONFIG_NIS_STATIC_DOMAIN="defaultdomain"
    NETCONFIG_NIS_STATIC_SERVERS="slp"

    result in:

        domain defaultdomain slp


    NETCONFIG_NIS_STATIC_DOMAIN=""
    NETCONFIG_NIS_STATIC_SERVERS="10.1.0.1"

    result in:

        ypserver 10.1.0.1

    NETCONFIG_NIS_STATIC_DOMAIN="broadcast"
    NETCONFIG_NIS_STATIC_SERVERS=""

    result in:

        broadcast

    The behavior if a new interface comes up is like described for DNS
    with the difference, that no values are dropped. yp.conf has no limit.


ntp-runtime:
------------

NTP configuration consists of:
    - A list of time server IP-addresses

The ntp handling is a little bit different. This module cannot manage the
complete ntp.conf. But ntp provides a feature which is called
"runtime configuration" which is used by this module.
This sets us in the convenient position that the yast2-ntp module
can still change /etc/ntp.conf and this module stores additional
timeservers at a different place.

But to be compatible to other modules we defined also a variable in
/etc/sysconfig/network/config including a policy.

    NETCONFIG_NTP_STATIC_SERVERS="

The values are applied to /var/run/ntp/servers-netconfig . If the
configuration changed meanwhile, ntp will be restarted (using try-restart).

The policy variable is named:

    NETCONFIG_NTP_POLICY=""


    Example:
    --------

        Static config in /etc/sysconfig/network/config:
            NETCONFIG_NTP_STATIC_SERVERS="10.0.0.1 10.1.0.1"

        Resulting /var/run/ntp/servers-netconfig:
                RUNTIME_SERVERS="10.0.0.1 10.1.0.1"

        The module script executes "rcntp try-restart" to apply the actual
        ntp configuration at runtime.

        FIXME: The init script should be extended to append the list of
        timeservers from /var/run/ntp/servers to the list of the servers
        maybe defined by the user in /etc/ntp.conf directly when it is
        executing the initial ntptimeset action.
        Further, when given (e.g. by ppp) the init script should also
        use the "iburst" option for the runtime servers.