Question

Policy Manager Questions


Hello,

I am looking for good documentation and examples for the Policy Manger.

Specifically, I'm looking to create a policy for MTU settings beyond defaults. I want L2 interfaces to default to 9216 but I want L3 interfaces to default to 1500.

code:
cat /etc/network/ifupdown2/policy.d/mtu.json
{
"address": {"defaults": { "mtu": "9216" }
}
}

This works fine for globally setting everything to 9216 but I would like any "port" or "bond" to default to 9216 and any "interface" to default to 1500.

Can this be achieved with Policy Manager?

Thanks!

4 replies

Hello @polysulfide

Julien from the ifupdown2 team here. Thank you for taking the time and effort to reach out to us about your policy manager question.

Today such mechanism isn't available, it is not possible to filter attribute default based on OSI levels. To set up different MTU settings on different device you could use the "iface_defaults" attribute.

It works as followed:

code:
$ ip link show swp1 ; ip link show swp2
3: swp1: mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
link/ether 90:e2:ba:2c:b1:96 brd ff:ff:ff:ff:ff:ff
4: swp2: mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
link/ether 90:e2:ba:2c:b2:95 brd ff:ff:ff:ff:ff:ff
$ ifquery swp1 swp2 -r
auto swp1
iface swp1
mtu 1500

auto swp2
iface swp2
mtu 1500


$ cat /etc/network/ifupdown2/policy.d/address.json
{
"address": {
"iface_defaults": {
"swp1": {
"mtu": "4242"
},
"swp2": {
"mtu": "1234"
}
}
}
}
$ ifreload -a
$ ip link show swp1 ; ip link show swp2
3: swp1: mtu 4242 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
link/ether 90:e2:ba:2c:b1:96 brd ff:ff:ff:ff:ff:ff
4: swp2: mtu 1234 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
link/ether 90:e2:ba:2c:b2:95 brd ff:ff:ff:ff:ff:ff
$ ifquery swp1 swp2 -r
auto swp1
iface swp1
mtu 4242

auto swp2
iface swp2
mtu 1234

$


We know this requires you to manually add every device to the iface_defaults in the policy file. (maybe a script could generate the policy files with the correct MTU for l2/l3).

We will certainly discuss about adding such capability and evaluate this as a feature request and get back to you.

Since we don't host an official documentation (this is coming soon) you can find examples of policy files in the following directories (note that the user policies will override system policies)

/var/lib/ifupdown2/policy.d/ # system policy
/etc/network/ifupdown2/policy.d/ # user policy



-- Julien
Thank you Julien,

I don't see an advantage to a policy when I have to explicitly define each entity. I can just as easily specify the same settings per interface with NCLU or the interfaces file (either of which would be less typing).

I don't necessarily need OSI level intelligence but if I could match whether or not an IP address is assigned or even wild-card the option. vlan* or *-v0 or another thing that might be really useful is matching by alias tags?
Hello @polysulfide,

I agree with you that you: you still have to define MTU for each device with iface_defaults policy. The only advantage that I see in your case (since we don't support wild-card yet, more on this bellow) would be to use an additional script to generate the iface_defaults JSON by match the device names like you suggest.

The wild-card option for device name in iface_defaults could be a good solution too, I will discuss this with my team early next week and get back too you.

Thanks,
Julien.
Julien,

Thank you for reminding me that this is Linux and I can potentially write a script to apply MTU settings to any interface with an IP defined in the interfaces file. In that case manually modifying the policy may be safer and also lends itself to existing tools since its json.

Reply