Next: Servicios de red, Previous: Rotación del registro de mensajes, Up: Servicios [Contents][Index]
The (gnu services networking)
module provides services to configure
network interfaces and set up networking on your machine. Those services
provide different ways for you to set up your machine: by declaring a static
network configuration, by running a Dynamic Host Configuration Protocol
(DHCP) client, or by running daemons such as NetworkManager and Connman that
automate the whole process, automatically adapt to connectivity changes, and
provide a high-level user interface.
On a laptop, NetworkManager and Connman are by far the most convenient
options, which is why the default desktop services include NetworkManager
(see %desktop-services
). For a server, or for
a virtual machine or a container, static network configuration or a simple
DHCP client are often more appropriate.
This section describes the various network setup services available, starting with static network configuration.
This is the type for statically-configured network interfaces. Its value
must be a list of static-networking
records. Each of them declares a
set of addresses, routes, and links, as shown below.
Here is the simplest configuration, with only one network interface controller (NIC) and only IPv4 connectivity:
;; Static networking for one NIC, IPv4-only. (service static-networking-service-type (list (static-networking (addresses (list (network-address (device "eno1") (value "10.0.2.15/24")))) (routes (list (network-route (destination "default") (gateway "10.0.2.2")))) (name-servers '("10.0.2.3")))))
The snippet above can be added to the services
field of your
operating system configuration (see Uso de la configuración del sistema). It
will configure your machine to have 10.0.2.15 as its IP address, with a
24-bit netmask for the local network—meaning that any 10.0.2.x
address is on the local area network (LAN). Traffic to addresses outside
the local network is routed via 10.0.2.2. Host names are resolved by
sending domain name system (DNS) queries to 10.0.2.3.
This is the data type representing a static network configuration.
As an example, here is how you would declare the configuration of a machine
with a single network interface controller (NIC) available as eno1
,
and with one IPv4 and one IPv6 address:
;; Network configuration for one NIC, IPv4 + IPv6. (static-networking (addresses (list (network-address (device "eno1") (value "10.0.2.15/24")) (network-address (device "eno1") (value "2001:123:4567:101::1/64")))) (routes (list (network-route (destination "default") (gateway "10.0.2.2")) (network-route (destination "default") (gateway "2020:321:4567:42::1")))) (name-servers '("10.0.2.3")))
If you are familiar with the ip
command of the
iproute2
package found on Linux-based systems, the declaration above is equivalent
to typing:
ip address add 10.0.2.15/24 dev eno1 ip address add 2001:123:4567:101::1/64 dev eno1 ip route add default via inet 10.0.2.2 ip route add default via inet6 2020:321:4567:42::1
Run man 8 ip
for more info. Venerable GNU/Linux users will
certainly know how to do it with ifconfig
and route
, but
we’ll spare you that.
The available fields of this data type are as follows:
addresses
links
(default: '()
)routes
(default: '()
)The list of network-address
, network-link
, and
network-route
records for this network (see below).
name-servers
(default: '()
)The list of IP addresses (strings) of domain name servers. These IP addresses go to /etc/resolv.conf.
provision
(default: '(networking)
)If true, this should be a list of symbols for the Shepherd service corresponding to this network configuration.
requirement
(default '()
)The list of Shepherd services depended on.
This is the data type representing the IP address of a network interface.
device
The name of the network interface for this address—e.g., "eno1"
.
value
The actual IP address and network mask, in CIDR (Classless Inter-Domain Routing) notation, as a string.
For example, "10.0.2.15/24"
denotes IPv4 address 10.0.2.15 on a
24-bit sub-network—all 10.0.2.x addresses are on the same local
network.
ipv6?
Whether value
denotes an IPv6 address. By default this is
automatically determined.
This is the data type representing a network route.
destination
The route destination (a string), either an IP address and network mask or
"default"
to denote the default route.
source
(default: #f
)The route source.
device
(predeterminado: #f
)The device used for this route—e.g., "eno2"
.
ipv6?
(default: auto)Whether this is an IPv6 route. By default this is automatically determined
based on destination
or gateway
.
gateway
(default: #f
)IP address (a string) through which traffic is routed.
Data type for a network link (see Link in Guile-Netlink Manual). During startup, network links are employed to construct or modify existing or virtual ethernet links. These ethernet links can be identified by their name or mac-address. If there is a need to create virtual interface, name and type fields are required.
name
The name of the link—e.g., "v0p0"
(default: #f
).
type
A symbol denoting the type of the link—e.g., 'veth
(default:
#f
).
mac-address
The mac-address of the link—e.g., "98:11:22:33:44:55"
(default:
#f
).
arguments
List of arguments for this type of link.
Consider a scenario where a server equipped with a network interface which has multiple ports. These ports are connected to a switch, which supports link aggregation (also known as bonding or NIC teaming). The switch uses port channels to consolidate multiple physical interfaces into one logical interface to provide higher bandwidth, load balancing, and link redundancy. When a port is added to a LAG (or link aggregation group), it inherits the properties of the port-channel. Some of these properties are VLAN membership, trunk status, and so on.
VLAN (or virtual local area network) is a logical network that is isolated from other VLANs on the same physical network. This can be used to segregate traffic, improve security, and simplify network management.
With all that in mind let’s configure our static network for the server. We will bond two existing interfaces together using 802.3ad schema and on top of it, build a VLAN interface with id 1055. We assign a static ip to our new VLAN interface.
(static-networking
(links (list (network-link
(name "bond0")
(type 'bond)
(arguments '((mode . "802.3ad")
(miimon . 100)
(lacp-active . "on")
(lacp-rate . "fast"))))
(network-link
(mac-address "98:11:22:33:44:55")
(arguments '((master . "bond0"))))
(network-link
(mac-address "98:11:22:33:44:56")
(arguments '((master . "bond0"))))
(network-link
(name "bond0.1055")
(type 'vlan)
(arguments '((id . 1055)
(link . "bond0"))))))
(addresses (list (network-address
(value "192.168.1.4/24")
(device "bond0.1055")))))
This is the static-networking
record representing the “loopback
device”, lo
, for IP addresses 127.0.0.1 and ::1, and providing the
loopback
Shepherd service.
This is the static-networking
record representing network setup when
using QEMU’s user-mode network stack on eth0
(see Using the user
mode network stack in QEMU Documentation).
This is the type of services that run dhclient, the ISC Dynamic Host Configuration Protocol (DHCP) client.
Data type representing the configuration of the ISC DHCP client service.
package
(predeterminado: isc-dhcp
)The ISC DHCP client package to use.
interfaces
(default: 'all
)Either 'all
or the list of interface names that the ISC DHCP client
should listen on—e.g., '("eno1")
.
When set to 'all
, the ISC DHCP client listens on all the available
non-loopback interfaces that can be activated. Otherwise the ISC DHCP
client listens only on the specified interfaces.
config-file
(predeterminado: #f
)The configuration file for the ISC DHCP client.
version
(predeterminada: "4"
)The DHCP protocol version to use, as a string. Accepted values are
"4"
or "6"
for DHCPv4 or DHCPv6, respectively, as well as
"4o6"
, for DHCPv4 over DHCPv6 (as specified by RFC 7341).
shepherd-requirement
(default: '()
)shepherd-provision
(default: '(networking)
)This option can be used to provide a list of symbols naming Shepherd
services that this service will depend on, such as 'wpa-supplicant
or
'iwd
if you require authenticated access for encrypted WiFi or
Ethernet networks.
Likewise, shepherd-provision
is a list of Shepherd service names
(symbols) provided by this service. You might want to change the default
value if you intend to run several ISC DHCP clients, only one of which
provides the networking
Shepherd service.
Este es el tipo de servicio para el servicio
NetworkManager. El
valor para este tipo de servicio es un registro
network-manager-configuration
.
Este servicio es parte de %desktop-services
(see Servicios de escritorio).
Tipo de datos que representa la configuración de NetworkManager.
network-manager
(predeterminado: network-manager
)El paquete de NetworkManager usado.
shepherd-requirement
(default: '(wpa-supplicant)
)This option can be used to provide a list of symbols naming Shepherd
services that this service will depend on, such as 'wpa-supplicant
or
'iwd
if you require authenticated access for encrypted WiFi or
Ethernet networks.
dns
(predeterminado: "default"
)Modo de procesamiento para DNS, que afecta la manera en la que
NetworkManager usa el archivo de configuración resolv.conf
.
NetworkManager actualizará resolv.conf
para reflejar los servidores
de nombres proporcionados por las conexiones activas actualmente.
NetworkManager ejecutará dnsmasq
como una caché local del servicio de
nombres, mediante un reenvío condicional si se encuentra conectada a
una VPN, y actualiza posteriormente resolv.conf
para apuntar al
servidor de nombres local.
Con esta configuración puede compartir su conexión de red. Por ejemplo,
cuando desee compartir su conexión de red a otro equipo a través de un cable
Ethernet, puede abrir nm-connection-editor
y configurar el método
de la conexión cableada para IPv4 y IPv6 “Compartida con otros equipos” y
restablecer la conexión (o reiniciar).
También puede configurar una conexión anfitrión-invitado a las
máquinas virtuales de QEMU (see Instalación de Guix en una máquina virtual). Con una
conexión anfitrión-invitado puede, por ejemplo, acceder a un servidor web
que se ejecute en la máquina virtual (see Servicios Web) desde un
navegador web en su sistema anfitrión, o conectarse a la máquina virtual a
través de SSH (see openssh-service-type
). Para configurar una conexión
anfitrión-invitado, ejecute esta orden una única vez:
nmcli connection add type tun \ connection.interface-name tap0 \ tun.mode tap tun.owner $(id -u) \ ipv4.method shared \ ipv4.addresses 172.28.112.1/24
Cada vez que arranque su máquina virtual de QEMU (see Ejecución de Guix en una máquina virtual), proporcione -nic tap,ifname=tap0,script=no,downscript=no a
qemu-system-...
.
NetworkManager no modificará resolv.conf
.
vpn-plugins
(predeterminados: '()
)Esta es la lista de módulos disponibles para redes privadas virtuales
(VPN). Un ejemplo es el paquete network-manager-openvpn
, que permite
a NetworkManager la gestión de redes VPN a través de OpenVPN.
Este es el tipo de servicio para la ejecución de Connman, un gestor de conexiones de red.
Su valor debe ser un registro connman-configuration
como en este
ejemplo:
(service connman-service-type
(connman-configuration
(disable-vpn? #t)))
Véase a continuación más detalles sobre connman-configuration
.
Tipo de datos que representa la configuración de connman.
connman
(predeterminado: connman)El paquete connman usado.
shepherd-requirement
(default: '()
)This option can be used to provide a list of symbols naming Shepherd
services that this service will depend on, such as 'wpa-supplicant
or
'iwd
if you require authenticated access for encrypted WiFi or
Ethernet networks.
disable-vpn?
(predeterminado: #f
)Cuando es verdadero, desactiva el módulo vpn de connman.
general-configuration
(default: (connman-general-configuration)
)Configuration serialized to main.conf and passed as --config
to connmand
.
Available connman-general-configuration
fields are:
input-request-timeout
(type: maybe-number)Set input request timeout. Default is 120 seconds. The request for inputs like passphrase will timeout after certain amount of time. Use this setting to increase the value in case of different user interface designs.
browser-launch-timeout
(type: maybe-number)Set browser launch timeout. Default is 300 seconds. The request for launching a browser for portal pages will timeout after certain amount of time. Use this setting to increase the value in case of different user interface designs.
background-scanning?
(type: maybe-boolean)Enable background scanning. Default is true. If wifi is disconnected, the
background scanning will follow a simple back off mechanism from 3s up to 5
minutes. Then, it will stay in 5 minutes unless user specifically asks for
scanning through a D-Bus call. If so, the mechanism will start again from
3s. This feature activates also the background scanning while being
connected, which is required for roaming on wifi. When
background-scanning?
is false, ConnMan will not perform any scan
regardless of wifi is connected or not, unless it is requested by the user
through a D-Bus call.
use-gateways-as-timeservers?
(type: maybe-boolean)Assume that service gateways also function as timeservers. Default is false.
fallback-timeservers
(type: maybe-list)List of Fallback timeservers. These timeservers are used for NTP sync when
there are no timeservers set by the user or by the service, and when
use-gateways-as-timeservers?
is #f
. These can contain a mixed
combination of fully qualified domain names, IPv4 and IPv6 addresses.
fallback-nameservers
(type: maybe-list)List of fallback nameservers appended to the list of nameservers given by the service. The nameserver entries must be in numeric format, host names are ignored.
default-auto-connect-technologies
(type: maybe-list)List of technologies that are marked autoconnectable by default. The
default value for this entry when empty is "ethernet"
, "wifi"
,
"cellular"
. Services that are automatically connected must have been
set up and saved to storage beforehand.
default-favourite-technologies
(type: maybe-list)List of technologies that are marked favorite by default. The default value
for this entry when empty is "ethernet"
. Connects to services from
this technology even if not setup and saved to storage.
always-connected-technologies
(type: maybe-list)List of technologies which are always connected regardless of
preferred-technologies setting (auto-connect?
#t
). The
default value is empty and this feature is disabled unless explicitly
enabled.
preferred-technologies
(type: maybe-list)List of preferred technologies from the most preferred one to the least preferred one. Services of the listed technology type will be tried one by one in the order given, until one of them gets connected or they are all tried. A service of a preferred technology type in state ’ready’ will get the default route when compared to another preferred type further down the list with state ’ready’ or with a non-preferred type; a service of a preferred technology type in state ’online’ will get the default route when compared to either a non-preferred type or a preferred type further down in the list.
network-interface-blacklist
(type: maybe-list)List of blacklisted network interfaces. Found interfaces will be compared
to the list and will not be handled by ConnMan, if their first characters
match any of the list entries. Default value is "vmnet"
,
"vboxnet"
, "virbr"
, "ifb"
.
allow-hostname-updates?
(type: maybe-boolean)Allow ConnMan to change the system hostname. This can happen for example if
we receive DHCP hostname option. Default value is #t
.
allow-domainname-updates?
(type: maybe-boolean)Allow connman to change the system domainname. This can happen for example
if we receive DHCP domainname option. Default value is #t
.
single-connected-technology?
(type: maybe-boolean)Keep only a single connected technology at any time. When a new service is
connected by the user or a better one is found according to
preferred-technologies, the new service is kept connected and all the other
previously connected services are disconnected. With this setting it does
not matter whether the previously connected services are in ’online’ or
’ready’ states, the newly connected service is the only one that will be
kept connected. A service connected by the user will be used until going
out of network coverage. With this setting enabled applications will notice
more network breaks than normal. Note this options can’t be used with
VPNs. Default value is #f
.
tethering-technologies
(type: maybe-list)List of technologies that are allowed to enable tethering. The default
value is "wifi"
, "bluetooth"
, "gadget"
. Only those
technologies listed here are used for tethering. If one wants to tether
ethernet, then add "ethernet"
in the list. Note that if ethernet
tethering is enabled, then a DHCP server is started on all ethernet
interfaces. Tethered ethernet should never be connected to corporate or
home network as it will disrupt normal operation of these networks. Due to
this ethernet is not tethered by default. Do not activate ethernet
tethering unless you really know what you are doing.
persistent-tethering-mode?
(type: maybe-boolean)Restore earlier tethering status when returning from offline mode,
re-enabling a technology, and after restarts and reboots. Default value is
#f
.
enable-6to4?
(type: maybe-boolean)Automatically enable anycast 6to4 if possible. This is not recommended, as
the use of 6to4 will generally lead to a severe degradation of connection
quality. See RFC6343. Default value is #f
(as recommended by
RFC6343 section 4.1).
vendor-class-id
(type: maybe-string)Set DHCP option 60 (Vendor Class ID) to the given string. This option can be used by DHCP servers to identify specific clients without having to rely on MAC address ranges, etc.
enable-online-check?
(type: maybe-boolean)Enable or disable use of HTTP GET as an online status check. When a service
is in a READY state, and is selected as default, ConnMan will issue an HTTP
GET request to verify that end-to-end connectivity is successful. Only then
the service will be transitioned to ONLINE state. If this setting is false,
the default service will remain in READY state. Default value is #t
.
online-check-ipv4-url
(type: maybe-string)IPv4 URL used during the online status check. Please refer to the README for more detailed information. Default value is http://ipv4.connman.net/online/status.html.
online-check-ipv6-url
(type: maybe-string)IPv6 URL used during the online status check. Please refer to the README for more detailed information. Default value is http://ipv6.connman.net/online/status.html.
online-check-initial-interval
(type: maybe-number)Range of intervals between two online check requests. Please refer to the README for more detailed information. Default value is ‘1’.
online-check-max-interval
(type: maybe-number)Range of intervals between two online check requests. Please refer to the README for more detailed information. Default value is ‘1’.
enable-online-to-ready-transition?
(type: maybe-boolean)WARNING: This is an experimental feature. In addition to
enable-online-check
setting, enable or disable use of HTTP GET to
detect the loss of end-to-end connectivity. If this setting is #f
,
when the default service transitions to ONLINE state, the HTTP GET request
is no more called until next cycle, initiated by a transition of the default
service to DISCONNECT state. If this setting is #t
, the HTTP GET
request keeps being called to guarantee that end-to-end connectivity is
still successful. If not, the default service will transition to READY
state, enabling another service to become the default one, in replacement.
Default value is #f
.
auto-connect-roaming-services?
(type: maybe-boolean)Automatically connect roaming services. This is not recommended unless you
know you won’t have any billing problem. Default value is #f
.
address-conflict-detection?
(type: maybe-boolean)Enable or disable the implementation of IPv4 address conflict detection
according to RFC5227. ConnMan will send probe ARP packets to see if an IPv4
address is already in use before assigning the address to an interface. If
an address conflict occurs for a statically configured address, an IPv4LL
address will be chosen instead (according to RFC3927). If an address
conflict occurs for an address offered via DHCP, ConnMan sends a DHCP
DECLINE once and for the second conflict resorts to finding an IPv4LL
address. Default value is #f
.
localtime
(type: maybe-string)Path to localtime file. Defaults to /etc/localtime.
regulatory-domain-follows-timezone?
(type: maybe-boolean)Enable regulatory domain to be changed along timezone changes. With this
option set to true each time the timezone changes the first present ISO3166
country code is read from /usr/share/zoneinfo/zone1970.tab and set as
regulatory domain value. Default value is #f
.
resolv-conf
(type: maybe-string)Path to resolv.conf file. If the file does not exist, but intermediate directories exist, it will be created. If this option is not set, it tries to write into /var/run/connman/resolv.conf if it fails (/var/run/connman does not exist or is not writeable). If you do not want to update resolv.conf, you can set /dev/null.
Este es el tipo de servicio para la ejecución de WPA supplicant, un daemon de identificación necesario para la identificación en redes WiFi o ethernet cifradas.
Tipo de datos que representa la configuración de WPA Supplicant.
Toma los siguientes parámetros:
wpa-supplicant
(predeterminado: wpa-supplicant
)El paquete de WPA Supplicant usado.
requirement
(predeterminados: '(user-processes loopback syslogd)
Lista de servicios que deben iniciarse antes del arranque de WPA Supplicant.
dbus?
(predeterminado: #t
)Si se escuchan o no peticiones en D-Bus.
pid-file
(predeterminado: "/var/run/wpa_supplicant.pid"
)Dónde se almacena el archivo con el PID.
interface
(predeterminado: #f
)En caso de proporcionarse un valor, debe especificar el nombre de la interfaz de red que WPA supplicant controlará.
config-file
(predeterminado: #f
)Archivo de configuración opcional usado.
extra-options
(predeterminadas: '()
)Lista de parámetros adicionales a pasar al daemon en la línea de órdenes.
Some networking devices such as modems require special care, and this is what the services below focus on.
This is the service type for the
ModemManager service.
The value for this service type is a modem-manager-configuration
record.
Este servicio es parte de %desktop-services
(see Servicios de escritorio).
Tipo de datos que representa la configuración de ModemManager.
modem-manager
(predeterminado: modem-manager
)El paquete de ModemManager usado.
This is the service type for the
USB_ModeSwitch service.
The value for this service type is a usb-modeswitch-configuration
record.
Cuando se conectan, algunos modem USB (y otros dispositivos USB) se presentan inicialmente como medios de almacenamiento de sólo-lectura y no como un modem. Deben cambiar de modo antes de poder usarse. El tipo de servicio USB_ModeSwitch instala reglas de udev para cambiar automáticamente de modo cuando se conecten estos dispositivos.
Este servicio es parte de %desktop-services
(see Servicios de escritorio).
Tipo de datos que representa la configuración de USB_ModeSwitch.
usb-modeswitch
(predeterminado: usb-modeswitch
)El paquete USB_ModeSwitch que proporciona los binarios para el cambio de modo.
usb-modeswitch-data
(predeterminado: usb-modeswitch-data
)El paquete que proporciona los datos de dispositivos y las reglas de udev usadas por USB_ModeSwitch.
config-file
(predeterminado: #~(string-append #$usb-modeswitch:dispatcher "/etc/usb_modeswitch.conf")
)Archivo de configuración usado para el gestor de eventos (dispatcher) de
USB_ModeSwitch. De manera predeterminada se usa el archivo que viene con
USB_ModeSwitch, que deshabilita el registro en /var/log junto a otras
configuraciones. Si se proporciona #f
no se usa ningún archivo de
configuración.
Next: Servicios de red, Previous: Rotación del registro de mensajes, Up: Servicios [Contents][Index]