On Thu, 2017-12-28 at 15:00 +0100, Manuel Schölling wrote:
Hi, I am currently developing a wireguard VPN plugin [1] for NetworkManager. I am wondering how the device configuration works for VPN devices. You can get the IP settings using nm_connection_get_setting_ip4_config(). It is the VPN plugin's job to apply these settings, right? What I do not get, yet, is why does the plugin report these settings back to NM using nm_vpn_service_plugin_set_ip4_config()? NM already knows these settings - or is it just to confirm back to NM what settings were really applied? And how does it work for DHCP? Does NM start an DHCP client daemon for the device that was created or is it the plugin's job to run a DHCP client? Thanks! Manuel
Hi Manuel, AFAIK, none of the existing NM VPN plugins do DHCP on the link themself. Although that would be of course useful, for example with a openvpn+tap interface. E.g. https://bugzilla.gnome.org/show_bug.cgi?id=741487 I think re-implementing DHCP client functionality inside the VPN plugin would be a bad solution, because of the duplication of work. A better solution would be to extend the VPN API so that NM can do DHCP on such links. That is however quite some work (patches welcome ;-) ). I tend to think that VPN plugins are not as great as they should be. There are some advantages of having a plugin compared a native device- type in NetworkManager itself, but there are also downsides. Especially it adds complexity and code duplication. Moreover, the plugin API may be too limited/restricted, and it is a lot of effort to get simple things done. I personally, would not add a VPN plugin but a native device type in NetworkManager itself. For example like MACSec: https://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?id=1a24f528c8645148e9612adff34d6edf70fdbb34 Of course, this is not very helpful for you. Sorry for that. best, Thomas
Attachment:
signature.asc
Description: This is a digitally signed message part