Blog blog("Baptiste Wicht"); (Posts about Network)

Linux tip: Force systemd networkd to wait for DHCP

Baptiste Wicht — Wed, 01 Oct 2014 18:18:55 GMT

Recently, I started using systemd-networkd to manage my network. It works really good for static address configuration, but I experienced some problem with DHCP. There is DHCP client support integrated into systemd, so I wanted to use this instead of using another DHCP client.

(If you are not familiar with systemd-networkd, you can have a look at the last section of this article)

The problem with that is that services are not waiting for DHCP leases to be obtained. Most services (sshd for instance), are waiting for network.target, however, network.target does not wait for the DHCP lease to be obtained from the server. If you configured ssh on a specific IP and this IP is obtained with DHCP, it will fail at startup. The same is true for NFS mounts for instance.

Force services to wait for the network to be configured

The solution is to make services like sshd waits for network-online.target instead of network.target. There is a simple way in systemd to override default service files. For a X.service, systemd will also parse all the /etc/systemd/X.service.d/*.conf files.

For instance, to make sshd be started only after DHCP is finished

/etc/systemd/system/sshd.service.d/network.conf:

[Unit]
Wants=network-online.target
After=network-online.target

However, by default, network-online.target does not wait for anything. You'll have to enable another service to make it work:

systemctl enable systemd-networkd-wait-online

And another note, at least on Gentoo, I had to use systemd-216 for it to work:

emerge -a "=sys-apps/systemd-216"

And after this, it worked like a charm at startup.

Force NFS mounts to wait for the network

There is no service file for nfs mounts, but there is a target remote-fs.target that groups the remote file systems mounts. You can override its configuration in the same as a service:

/etc/systemd/system/remote-fs.target.d/network.conf:

[Unit]
Wants=network-online.target
After=network-online.target

Conclusion

Here we are, I hope this tip will be useful to some of you ;)

Appendix. Configure interface with DHCP with systemd

To configure an interface with DHCP, you have to create a .network file in /etc/systemd/network/. For instance, here is my /etc/systemd/network/local.network file:

[Match]
Name=enp3s0

[Network]
DHCP=v4

and you have to enable systemd-networkd:

systemctl enable systemd-networkd

ZyXEL GS1910-24 Managed Gigabit Switch Review

Baptiste Wicht — Fri, 12 Jul 2013 06:38:17 GMT

A short time ago, I decided to install servers in a rack at my home. Although working very well, my 3Com managed was too much noisy for being at home. That is why I decided to change it for fanless switch. After some research, I finally chose a ZyXEL GS1910-24. It is a web-manageable gigabit switch. I chose the 24 ports version. This version has also 4 SFPs that replace 4 normal ports if enabled. I don't think I will ever need the SFPs, but it is nice to know that there are here if necessary. This switch has a lot of cool features, it supports IPV6, QoS, VLANs, filtering, RADIUS and so on.

The package

The package does not contains a lot of things, but does contain the essential:

The switch itself
A power code
Rack mounting brackets and screws
Manuals

Here is a picture on the package:

The switch is really small, twice narrower than my 3Com switch and more than twice lighter.

Nothing special to say about the package, it is neatly done and has everything that is necessary.

Installation

The installation inside a rack is really easy. Each bracket is mounted with 4 screws onto the switch and then two screws are holding each bracket into place in the rack. Here is a picture of the rack:

Once you put the power cord, it directly starts up and everything already works fine. The state of each port is represented by a led. Orange indicates a 100Mbit/s connection while green indicates 1Gbit/s connection.

The switch does not make a single noise and does not vibrate, it is really good

Configuration

The easiest way to configure the switch is to use the web configurator. By default, the switch IP is 192.168.1.1. As my router had the same IP, I had to disable it temporarily before changing the IP of the switch.

The web configuration is very complete, you can change absolutely everything from here. You have also access to a lot of monitoring tools from here. The most useful being of course the port monitoring interface:

I recommend changing the default IP address and the server password as first things on the switch.

I won't make the list of everything that is configurable on this switch, but the list is pretty impressive.

Conclusion

I'm really impressed by this switch. The switch is highly configurable and seems to perfectly fit my need. I would totally recommend this switch for rack installation at home. You can also totally use it as a desktop switch if you needs for a big switch on your desktop too

Home Server Adventure - Step 1

Baptiste Wicht — Mon, 08 Jul 2013 07:02:05 GMT

For years now, I've almost always had a server running at home. First it was an old desktop computer and then it was a QNAP NAS. The problem with the QNAP is that it is not fast at all and not as flexible as I would like it to be. Moreover, I was also running a Teamspeak server on my desktop for when my friends and I were playing together. So I decided to first install a simple server to replace my teamspeak server and I would services of my NAS with my new server. But this time, I decided to go for the complete option: A 19" rack :)

Hardware

So I bought all I needed to install my 19" rack at home. I bought everything already used on auctions on Ricardo/Anibis (Switzerland Ebay equivalents) and Ebay. Here is what I got:

A 19" inch rack with 40 HE of the mark GURTNER + SCHNIEPP AG
A old Dell Poweredge 1850 server
A 8-ports Compaq KVM switch
A monitor/keyboard console for administrating the servers
A 3Com managed Gigabit switch

I got that for less than 500$. It is probably possible to get a similar configuration for less than that in the United States.

Here are some pictures (sorry for the poor quality):

For now, it is kind of empty. I will also put my NAS and my internet provider router in the rack in the future.

A this time, the cables are not very good organized, I will try to purchase some guides to make that look better and I will also try to find a rack PDU to distribute power without cables everywhere.

I also need to find two 120mm fans for the top of my case to improve air circulation. Very quiet 120mm can be found, so noise won't be a problem I think.

In the future, I also plan to find an UPS, but they are very expensive, so I will continue looking at auctions for them. The problem being that the battery should not be too old.

Software

Of course, I've installed Gentoo on the server. At first, I wanted to install a Gentoo Hardened distribution with Selinux, but it turned out that it was too much of a hassle. After more than 10 hours of trying to make it work, I started again and in less than two hours my Gentoo installation was working. I will probably try again in the future, at least to harden the server and I hope it will go with less problems. The server is of course gui-less, only console access is more than sufficient.

For now on, I have only a Teamspeak server and a Mumble server installed on the server, but I plan to add new services on it, Sabnzb for instance.

I also installed iptables to add some layer of protection, even if I don't think that it is necessary in my case.

Finally, I used dyndns to map my public ip to a domain name to make it easier to reach. For now, I haven't installed an update client, but I plan to try ddclient.

Problems

I made some mistake when choosing the components for my installation. First of all, they are too noisy. The server and the switch are a real problem. They are both made for professional installations. Generally 1U server have very small fans (40mm generally) which are very noisy. So I decided to upgrade my configurations with two changes:

I will buy a fanless switch, probably unmanaged. They are plenty of very good fanless switches, even managed one for a reasonable price. I will try to first find a used one on auction, but I may consider buying a new one, as there exists some for about a hundred dollars.
I will replace the Dell server with a custom server. I found some very good cases made by Norco. I'll buy a Micro ATX motherboard and install my old computer configuration (the one I had before) on it. It won't cost too much I think, although much more than the 30$ Dell server I have now ;)

The other problem being that the Dell server is too deep for my rack, so I can't close the back part as you can see on the pictures, but replacing it with the Norco case will solve the problem :)

Conclusion

It might sound crazy to have a complete rack at home, but I thing that it is a great way to experience with servers and network. It is also quite practical if you plan to have several servers.

I plan to post some posts on the subject on the future, so I hope that it interests some people.