 Hi everybody, today we have my DEF CAM and DEF CAM project IPCFG network configuration socks with WOTA birdhouse Let's enjoy this presentation Thank you Yes, so it says depth camp and depth conf which is also what's on the schedule Unfortunately, I didn't find as much time during depth conf. So maybe I should have changed the title But I decided that was just not worth it. So this is what I've been doing for most of depth camp I've been Neglecting other things that I promised all people to do because I thought this was really worth it And I'm hoping to convince you that I'm right with that. So we'll see I'll in this talk I'll first talk a bit about where I got the idea of doing something like this It's fairly long story. Well, I'll Keep it short, but it's a fairly long story. Then I'll give you a bit of a theory on how it's supposed to work How I thought this to do this Third point is a bit of status. How far did I get in? Implementing this and finally I'll reflect a bit on things that I think might jeopardize The project as I'm implementing it. I Don't expect many risks, but there are some and I'll Tell you which one was there if at any point during the presentation you have a question Please do not hesitate to ask me immediately because otherwise you might forget then that will be a shame. Thank you So a little bit of history. I've been thinking about this for quite some time In fact the first time I thought some about writing some network configuration tool And it was just a very vague idea that maybe I might want to do this someday was on my way to Helsinki for Depcon 5 Because I was with a borrowed laptop at the time and I hadn't done the configuration It was a lot of work and I was like, why do I have to do this manually? and so over the next few years I Gave it some thought, but I didn't actually do anything and then there was someone called Martin Kraft who I'm sure you all know Thinking about let's do something called netconf and I was like, yes That is fairly close to the what I had been thinking so I during the presentation at Fosdham where I introduced this idea of Implementing this I thought I gave him a few things that I thought were important If you review the video of that presentation, you will actually see me sitting there and making some notes And I thought this is good. I don't have to do anything anymore Unfortunately next year as you probably also know that didn't actually turn out to work because Martin gave up in 2008 the next year So that Revived my idea. I did first try to help him out with netconf in building a C version of that Python code But this is not very much a secret. I'm not a very much a fan of Python So I didn't get very far with that so in 2009 I started working on what I called IPC of G and the first version that I started writing then was well Could be described as a Turing machine of function pointers. I Here's some of you laugh if that is because you think it's a bad idea, but then I fully agree It was a very bad idea One of the main issues with it was that you couldn't easily extend it because it was impossible for any module to Discover what the structure of this Turing machine was a second problem with it was that it couldn't do it if down It could do if up you could bring the network up, but you couldn't bring it down again, which was a bit of a problem I tried to remedy that second problem with my first rewrite in 2010. It was around December. I think and I tried to Well, basically what I did there was add another function pointer But that didn't really solve the basic problem that you couldn't discover what the structure was so that only took about a month or two before I gave that up as well and I basically I totally gave up on the project until Sometime last year when I started working with puppet for a customer and I was like, yeah, this model actually works you have An abstract model which is built into a graph and it applies it to the system and it actually works And I was like, why don't we do something like that for network configuration? And I tried to talk myself out of it like yeah, it's not because of the workshop But that's gonna work for network configuration, but I couldn't really find a good argument why it couldn't work so I started playing with things and basically In June of this year I started doing a little bit of work and on the on the flights here and especially during depth camp I've done quite a lot of some work and I've gotten Well, not not do something that's ready, but I think it's something that has much promise Now, why do I think this is necessary to build yet another network configuration tool? There are many tools out there I if up down is one network manager is one wicked is one there are some others I will come to back to that on that in a minute But why is it important to do this is aren't they aren't there enough tools already? And I think the answer to that is no because none of them actually implements everything That's where configuration tools should do and I'm sorry to say that I think the winners implementation While not perfect is actually better than what we have anywhere in Linux So I listed a few things that the network configuration tool should do in my opinion And there are a fair number of things and the first of one is a boot time configuration Things like bring the network up at boot time before any user has logged in if up down is very good at that You configure some stuff and if up down will bring it up a second point is roaming configuration This is not useful service and desktops like the first one, but it's more useful laptops It can be used on service and desktops, but it's not really what they focus on Roman configuration is something very useful for a system like a laptop that is changed from network one network Do another all the time and would need quite some user input to to be changed Network matcher wicket are examples of software that do that really good a Network configuration tool might have to deal with just one link or might have to do with more than one link a Server typically a router typically will have to have to deal with at least two links A laptop usually doesn't have to do that unless it's my laptop in which case it fairly often has to do that when I Oh Yeah, well somebody on IRC notices that he didn't know marketing abandoned not come well He did actually so he told me so in person. Um, so basically Yeah, single multiple network configuration links is Is something that the network tool may have to deal with if your router you have at least two network links If you have a laptop you probably don't I Sometimes configure a second link because I'm installing a server and I want to do some DHP there and and if I use something something Interactive like a network manager it brings the other link helpfully down because I have second thing there, which is not very useful But I think it shouldn't stop there once a tool has done has brought the network link up It there's more things involved in that I give a few examples here a proxy server for your web browser An SMTP smart host for Middle-user agents that talk directly to an SMTP smart host an online status in An instant instant messenger application. These are just a few examples of things that may need to change in the user environment If you're using if you've done that's not gonna happen if you're using network manager that can happen a network manager can actually Notify some applications that it's there, but it's usually somewhat optional And finally some manual configuration a tool should deal with that properly with manual configuration What I mean is things like you manually say IP address add Something to this interface If I do this and I've got network manager or wicket running then they will helpfully Remove it again because that's not active and we don't need that If you use if up down that works if it down will ignore what you did and it will ignore it so much That if you say bring all my network down that bit is still up because it doesn't know about I think both are failure cases both should be handled more properly than is currently the case so Given a little overview of what I think is involved in that configuration Yeah, go ahead sorry two other things occurred to me with that list one is VPN right yes and Virtual machines, so especially if you've got a host that has Like a dom zero host in Zen terminology with multiple Good point reach interfaces right those types of things to me that is It's on a different level than what I was thinking about But yes, those are also things that a network tool should do and I'm happy to say that my Framework should allow to do such things Although the current code isn't able to do that yet, but that's a different matter So is there a perfect network management tool? Well, I've named the number here. This is not just an arbitrary arbitrary number These are all tools that I've used myself at some point in the past Some of them like network manager has been several years ago, and I don't know much about it anymore But I've actually used all these so if I'm down is good at like I said boot time configuration But it doesn't actually do much more than More than that if you if you Don't have a network interface there, which is configured. It will just ignore it also a shutdown time Which may be a bad thing network manager doesn't do boot up time, which makes it useless for people like me who use Pam Kerberos because It only gives you network once you are logged in so if your Pam module needs network to lock in you can't use it Wicked fixes that but otherwise has the same issue as network manager and it only does one network link it Disables all the network links if you have them it will automatically say oh, there's another one. So we don't need this one anymore And then there's guess that and where am I guess that and where am I both have fully programmable Configuration files of our formats guess that is an extension to if I'm down Which will dynamically change your network configuration based on where you are on what hosts it see sees which makes it somewhat more Dynamic but at a cost of making it significantly harder to configure and It doesn't actually allow you to dynamically add things by just using a GUI. It's all configuration file where am I is Has some features that guess not has but one important feature it misses is that it has bad Interaction with if I'm down so it will break your network in all sorts of interesting ways if you use that Not wisely So is there a perfect network management tool in my opinion not really they all have their flaws they all have their strengths But as it is right now you have to use one tool on this kind of system the other tool on that kind of system Which makes it well you need to remember extra things that you wouldn't have to remember if we could just use one tool for everything so with that Out of the way, I Think I should explain how it works in detail. I've given a little insight on that But how does it work if in detail is fairly well not too complex, but really how Basically how do all network configuration tools work? They all Pretty much do the same thing at first They will probe the system for what the current configuration is this probing may involve reading something from the kernel Or it may involve as in the case of if I'm down reading something from the state file, but they will all Check what the current system say state is then they will decide what to do Is this bring open network interface doing nothing or bringing it down again? That depends on what the user asked and what the configuration file says But they need to make some decision and finally make an actual change I'm Probing is fairly simple. You just ask something from some data from the kernel and you know what you need to do Doing the actual change is also fairly simple. You Write some data back to the kernel and the kernel will magically alter your network configuration stuff The hard part is actually making the decision and there are some strategies involved I mean some available strategies that you can use to make that decision first decision is well, you just do what the config file say or In other words, you don't actually make a decision because if the config file is wrong, then your network is broken That's what if up down does if you have a Stanza there that says bring ETH0 up and you don't have a cable plugged in your ETH0 Then if up down at boot time will just sit there for half a minute or longer until it decides that well There's probably not a DHCP server on this on this non-existing network Which is not fair use You cannot also do something like network manager or Wicked which basically has hard-coded rules about the network It's fairly dynamic in that if you enter something it will respond on that but the rules used for deciding what to do With the user input and with the system the state that is available. Those rules really are fairly hard-coded It's impossible to say I want to add something else to this if it's not really pre-programmed into network managers The third option is programmer Programmable config files such as guestnet and where am I where basically all the Decision-making is left to the user and the programs themselves don't actually have to do much about decision-making That's all they hold all of their strengths and downsides But my question really is why don't we do try to do all of them in one system? you can have a Configuration file that allows you to say Don't do anything beyond what's here You can have defaults that will kick in if you don't have any configuration file currently if you don't have a configuration file for If I've done what it will do is simply nothing you won't get any networking. I think good tool should try Not too hard, but try to some extent to get some working networking by default configuration How I see this is if you have a link on a network interface it should by default try to DHP of that link So you at least have some Some attempts at it at a nest working And for really advanced users having a programmer config file could also be useful. I Don't see why we can't do all three at the same time and that's actually what I'm trying to do So how does IPC FG work behind the scenes? And this is where it gets slightly technical I See Ben saying not just probe but also monitor. Yes, of course, and that's also something that I should do. This is Also reading the kernel state. So how does IPC FG work? It starts by building a directed graph For those of you not familiar with that term graph theory is a fairly extensive subset of Mathematics in which you basically have a system built on nodes, which are states and Edges, which are transitions So I thought why not build a network graph Directed graph of the network state and have any note in this graph can mean a particular state And I've got a number of examples here of what these states could could be for instance We could have a note representing the state that eth0 has been brought up and we don't know what state W1 zero is in because we haven't checked yet or Because the check is running anything like that a Second note could be eth0 is up And we don't actually care about W1 zero that means may mean we may have or we may not have checked But if there is a change in W1 zero, we're not going to change anything because we're still in our note As described by this by this thing So there's a little difference between the two first and I think it's fairly very Important there is an interact connection coming from somewhere from some node is a third one and one that I think could be a good default If we try to reach that as a default Configuration in IPCFG you have a fairly useful network configuration at boot up Without trying to break the system completely For a server the fourth note could be useful eth0 and eth1 both Are fully configured and have a route and now we can do some load balancing over or two or bonding or I don't know what But this could be a useful network state for a server Or finally we could have something saying eth0 has a static IP address configured and everything else is down In this case, we would not allow that balance here to come up if it does come up We would bring it down immediately again Final of the next points are the edges. Yeah, go ahead. Maybe the microphone So it's something that comes to my mind immediately when you say these are the states is that the amount of states You will have to take into account will be huge like a manageable. Yeah, I gave some examples here Yes, if I do implement it this way, it would be huge I'm not entirely sure that I will in fact Implement all possible states it will depend on what the user wrote as configuration if the user doesn't actually define any configuration similar to this one And we probably won't have such a note in the graph The system will only have but I'll come to that back to that in a bit system will only have nodes That are actually useful to reach states that are wanted So if there is no state that is wanted which depends on on that note on that second note Then we don't see it in the system So yes, otherwise is the graph would get unmanageably large and I'm trying to avoid that. Yeah, Gunnar Thanks. Well, yeah, just adding to is that you may have too many states thinking about servers running virtual machines where each virtual machine has a Tune interface to I mean that that can lead to really too many possible states and interfaces Yeah, it's possible. It's something to be thought about But like I said, we I'm certainly trying to to reduce the number of available states But I do think it's useful to have this kind of stuff. Anyway edges would be transitions as that So an edge would not have any Ability to to check whether it is in the current state. It would just simply know my previous state would be something like that and my next state will be something like that and I Need to Perform these few system calls to make sure the edges transition. So that's just basically making the changes so the algorithm of changing the network configuration in this Model with then be first we mark the current state We check we ask every note Are you currently in your state and we find the note which says yes? I am in I am active, but I have no Edges pointing out of me that pointy notes, which are also active that note is assumed to be the current state Then we mark candidate wanted states Wanted states So candidate were not states that are states that are Desirable either through configuration or through defaults as a state we want to go to and they are scored by default States with higher bandwidth would get a higher score than skate states with lower bandwidth So we score them. We order them We find the shortest path from the current state to the wanted states by using the extra shortest path And then finally we just walk the path leading to the highest court state. Go ahead for me another short remark and when you say the bound with us as a Aftermarker for the edge There is you might like to take into account stuff like for example In certain situations, I don't want to use this interface because yeah, I said by default the bandwidth would Have an influence on the score, but the plan would of course be that you could influence that score from the configuration file Of course. Yeah, sure so finally you would then make a change and Yeah, apply your changes by walking the path through the to the graph So that's a big outline of how the system would work What I haven't said is to do this shortest path is The the edges would Have an estimate function so they can say well, I think it's likely or unlikely that I will be able to to To be transitioned that I will be able to to walk there. It can also say it is impossible I know that it will not be possible to do that And this will be used to decide whether or not we will be able to reach a note on the other side of that path So if we also if we do actually try to walk a path and we find that's even though We thought we might have been able to transition over an edge that we find that this isn't actually possible We will then try to recalculate what the the best way out of there is If we find after transitioning all the paths that we don't end up at one of our wanted states The plan is that the current state at the beginning of the process is also marked as a wanted state with with the lowest priority So if we don't manage to end up at a useful state, we just refer it back to the original state again Which might mean that your network is Fiddly for a while, but eventually it should still work again Right status aka when I've had why how now we're going to win Um What if I implemented I've implemented the full graph I've implemented default nodes Implementation and default edge implementation. I have implemented the path mapping So we can actually walk the path of the graph. I've done some non-default notes on Linux Am I detection? I mean it can detect that we have a cable plugged into a network and decide whether or not to walk that path. I Have spent I think two and a half days writing a parser for each C network interface that thing is a bitch to parse, but it works I have written a domain specific language for defining defaults. I can actually show you that to you Except that this will be unreadable so I'm not gonna do that Yeah, so it's basically it's fairly simple. It just decides that this explains that for note with this name You need to use that implementation If you want to insensit that you need to have a note with that name and to get in there You have to use this edge or that edge and blah blah blah And I've written a very basic amount line interface, but that still needs a whole lot of work. It's really not ready yet What's not ready? many many many many node and edge implementations and I Have written a few basic ones just to prove that I think will be possible But before this can actually be useful. We need to have nodes for IPv6 Static IP addresses we need to have notes for the HEP. We need to have notes for auto detection Auto configuration. We need to have notes for legacy IP aka IPv4 We need to have notes for the HPV4 and well, we need to have loads and loads of notes and edges So that's something I will be working on once the basic framework is completely ready, which is almost there But not entirely I need to have a native configuration file format It's as work interfaces has the inherent implement limitation that it is written for if up down and It can't do you can't describe more in there than you can do with you have down and I want to be able to do more with you have Down so I need to separate file format By the way, this is approximately in the order that I am planning to implement it The third one is a feature that I've been thinking about and I think would be fairly useful Which I call IPCFG record The idea would be if you call that Then IPCFG would dump a config file representing the current state of a network of the network configuration So you could then write that config file to some file and then after reboot You could just say IPCFG with that config file and just apply the network state So it's still so it's back to what it was before I reboot it And I think that could be very useful After that, I'm thinking about doing a demon mode in which the system would detect changes and automatically Dynamically reconfigure the system as network manager would do and of course the user tool user level tool to talk to the demon Finally some risks things that I think might be problematic also known as What could jeopardize this first of all? It's implemented in D because I think D is a very interesting language. It has some features that Other languages don't have yet. It's still it's not a scripting language It's it's a compiled language so you can actually wouldn't do it, but there are a few minor issues with the for instance currently The compilers don't exist for non x86 architectures. This is being worked on. Well, sorry compilers exist But the standard library doesn't exist the reason for that is that D has recently seen some Architectural changes and the old D1 library is available for all Debian architectures except the hurt I believe but Whereas the new D2 languages currently only available for x86 architectures like I said, it's being worked on I expect this to be ready by by wheezy plus one so that shouldn't be an issue But I mean I'm not working on it. So it might still be a problem There is currently no ABI in D for shared libraries. That is deep Programs can open shared libraries, but they have to use the C ABI to do that This makes it somewhat harder to you to create plugins For this system using only decode which is something that I would like to support But currently that's not possible again. This is something that's being worked on Third point is some current complicate complication programs with GDC GDC is the Decompiler based on the GNU compiler collection. So it uses GCC as a back-end or the GCC back-end But uses the same front as front-end as DMD, which is the original D implementation, but DMD itself is is proprietary. So it's not in Debian There's some bugs in GDC feed 4.6, which is the first version of GDC which supports D2 So yeah, I think I've filed a few bugs on that, but it's not it's not there yet There's also something called LDC, which is the The same front-end again, but uses the LLVM back-end But that currently is only at D1 so the D2 recent change isn't hasn't reached LDC in Debian yet And then yeah, there's some Issues with template usage and I've actually invoked the OM killer a few times by just compiling a single D file which used a fairly extensive template system These are issues that may or may not be fixed by Weezy plus one. The last one isn't really an issue for Debian itself because I do not intend to upload anything that depends on non-free software into Debian Not even into concept. So if this issue isn't fixed, I mean if the compiler issues aren't fixed It's going to have to wait But at any rate this could be an issue by for implementing it. Well second point obviously I could turn out of time I don't know about that, but if any one of you is interested in this That's where the code is and help is certainly welcome It will also contain it also contains these slides by the way So if you're interested then you can just get them from the get your positive And finally yeah, there might be some issues that I haven't noticed yet that I have I mean it's really not there's still a fairly Young project and there might still be some obstacles down the road that I have that I don't know about yet But that will be all I think Right and that's the end of my presentation. Are there any further questions about system? Yes, Daniel. Go ahead Yeah, I think this is Interesting area that has to be pursued I've used network manager I've also had quite a few machines where I've removed network manager for sure most people have and the current one And it is helpful for the laptop I do use it on my laptop and Someone gave me a USB key You know in another country A couple of times and I've just been able to plug it in and start using it So network manager does have some convenience right and it would be nice to have that sort of convenience in other solutions But I've also seen some very obscure problems created by the network manager for example I've tried installing their ganglia monitor some monitoring agent on some machines Right, you know find that it would run but after you reboot the machine it would not be running and Eventually, I had a look and it was network manager The IP address wasn't there when that particular monitoring agent was starting up and so it wouldn't run It's been patched since a ganglia now works with network manager, but I'm sure there are other Packages that suffer the same way and people pulling their hair out trying to work out why And so these are some of the things to think about one other thing that occurred to me looking at that particular problem is having the I'm not sure what the term is for this, but for having some sort of a funny IP address like a On any on some sort of funny interface that doesn't really do anything But just having some stupid IP address there that's enough for other things to start off So in in this system like I said an active node is a node that is active and has no Parents that are also active, but it is detected by going from the lowest node and working your route So we find a note that is not active and we don't have a cable plugged in there would be a note That is not active and would be somewhere in between and then we wouldn't go further So we wouldn't actually reach that point if we don't have a network cable plugged in or the node is brought down In software, but it doesn't have an IP address. We wouldn't detect that so I don't think that would be an issue So so your model of transitioning between the nodes. Yeah, would actually drive The other in its scripts like the order in which they're executed Okay, no, it would you would run if up dash a and it would then transition the nodes internally It wouldn't start altering scripts by itself. At least not at this point. I might Eventually come up with some extension that does that if that's wondered, but it's not the plant feature at this point Let's put it that way. I do say just said a question about on IRC yes, Ben. I am using lip netlink. I am using netlink to do this. I'm absolutely not using IO controls I am however, not very happy with Libanel Because it's well, it's got a few words it uses a cache to use to talk to the Local kernel because I don't know you might run out of bandwidth to your local kernel or something It's a bit strange, but I'm absolutely planning on using not use on not using our controls at least not our Linux Maybe on the freebies D that could be different. You know, go ahead. So do you plan to? Understand or have people write plugins in D to understand every possible type of network interface or do you plan to have some kind of Scripting system you integrate with like we have lots of like bridges which enslave stuff and I find I find that Network interfaces that are different from each other still share some properties abridging interface It's still a friend interface that can be brought up or down It it has slave interfaces. So that's something that a regular interface doesn't have but it still has it The ability to have an IP address still has the ability so those parts don't need to be rewritten Those part don't but the the differences come in between. So that's right. For example, I Plug in the cable and then I actually want the bridge to be coming up right on the HCP Maybe on that interface rather than the interface or so what's the The system would have defaults, but if you have a config file that says on this interface When it's brought up just create that other interface Then that's what would happen. It wouldn't you would be able to disable the default of the HP being of that interface That's the plan. Yes, but then do you need an implementation in IPC FG for all this kind of weird what you would what you would have is How does what would work in the graph is the Maybe let's go back to this other slide Right, so you would have notes that say we have thank you We have interface eth0 and we have interface eth1 You would have a note saying I need to create interface bonds here because we're bonding Which would depend on we have intro eth0 and we have eth1 with a link Once that is active then you would have a note above that saying we need to DHP on this interface Etc. So eth0 eth1 would need to be up before bonds here can be brought up Unless you're doing that the load balancing thing in which case one of them would be enough But so so you wouldn't get the HP on the on the one into how I'm going to do is the question in this specific case would be Where is the logic to bond the two together like in AFAP? Down right now. We have basically scripts that Right, so that logic that logic would be in that particular note, which or in the edges going to the notes From eth0 and eth1 So we need a de-implementation that understand that bridging and yeah, yeah Yeah, but it would only need to understand the bridging specific bit. Do you want to ask something Phil or no, okay? Okay, never mind That answer your question. Okay. Good. Anything else? Let's see blah blah blah Sorry, yeah, there's some discussion on ISE which I was trying to read But it doesn't look like there's an actual filing actual question in there. So Nothing else Yeah, Rene. Go ahead. Just wanted to point out that in case you haven't seen it, there is some work on a library that to you to access IP root tools, but not the tools, but just An access that is similar to IP root for libraries I think it's called the lipanel which you're talking about and I'm actually using it Okay, I think it was a different one. I don't remember the name But it might it might be a different one in that case I would be interested if so if you can write that down and figure out where it was and let me know That's good. If it's lipanel. I'm already using it all trying to anyway Anything else? No more questions? No, nothing on ISE Right, then I will thank you for your attention and see you later