From Fedora Project Wiki
< Tools | NetworkManager
No edit summary |
(→Kernel) |
||
(4 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
== Kernel == | == Kernel == | ||
* NM | * NM doesn't get notified about router advertisements and flag changes → we ask kernel upon any received route | ||
* NM doesn't get notified about gateways when accept_ra_defrtr=0 | * NM doesn't get notified about gateways when accept_ra_defrtr=0 | ||
* Kernel doesn't cache RDNSS and DNSSL, so we have to send router solicitation on NetworkManager start | * Kernel doesn't cache RDNSS and DNSSL, so we have to send router solicitation on NetworkManager start | ||
* Kernel doesn't observe RDNSS and DNSSL expiration time, so we have to manually send router solicitations to renew it in some configurations | |||
* NM can't trigger kernel router solicitation | * NM can't trigger kernel router solicitation | ||
* Manually sent router solicitations give EADDRNOTAVAIL (link-local is there according to netlink) | * Manually sent router solicitations give EADDRNOTAVAIL (link-local is there according to netlink) | ||
* Kernel doesn't treat dhcpv6 replies as ESTABLISHED, this is worked around by firewalld | * Kernel doesn't treat dhcpv6 replies as ESTABLISHED, this is worked around by firewalld | ||
* Kernel autoconfigures link-local (and possibly also global) IPv6 addresses for bridge/bond members (I haven't tested this) | |||
== dnsmasq == | |||
NetworkManager can use dnsmasq for local DNS caching. | |||
NetworkManager.conf: | |||
<pre> | |||
[main] | |||
dns=dnsmasq | |||
</pre> | |||
== dnssec-trigger == | == dnssec-trigger == | ||
NetworkManager doesn't work well with dnssec-trigger as unbound DNS server will not | * NetworkManager doesn't work well with dnssec-trigger as unbound DNS server will not receive the list of recursive nameservers and will thus resolve using the global DNS systems. This is incompatible with VPNs with their own private DNS zones. | ||
resolve using the global DNS systems. This is incompatible with VPNs with their own private DNS zones. | * [https://bugzilla.redhat.com/show_bug.cgi?id=842455 dnssec-triggerd leaves broken /etc/resolv.conf on exit] | ||
== firewalld == | == firewalld == |
Latest revision as of 10:56, 25 July 2012
Kernel
- NM doesn't get notified about router advertisements and flag changes → we ask kernel upon any received route
- NM doesn't get notified about gateways when accept_ra_defrtr=0
- Kernel doesn't cache RDNSS and DNSSL, so we have to send router solicitation on NetworkManager start
- Kernel doesn't observe RDNSS and DNSSL expiration time, so we have to manually send router solicitations to renew it in some configurations
- NM can't trigger kernel router solicitation
- Manually sent router solicitations give EADDRNOTAVAIL (link-local is there according to netlink)
- Kernel doesn't treat dhcpv6 replies as ESTABLISHED, this is worked around by firewalld
- Kernel autoconfigures link-local (and possibly also global) IPv6 addresses for bridge/bond members (I haven't tested this)
dnsmasq
NetworkManager can use dnsmasq for local DNS caching.
NetworkManager.conf:
[main] dns=dnsmasq
dnssec-trigger
- NetworkManager doesn't work well with dnssec-trigger as unbound DNS server will not receive the list of recursive nameservers and will thus resolve using the global DNS systems. This is incompatible with VPNs with their own private DNS zones.
- dnssec-triggerd leaves broken /etc/resolv.conf on exit
firewalld
NetworkManager supports firewall zones for firewalld.