1

I'm trying to create tun interface and to add address and peer to it via .netdev and .network files of systemd-networkd. I'm using Ubuntu 22.04.3 LTS and systemd 249.

I have two following configuration files:

/etc/systemd/network/991-tun1.netdev

[NetDev]
Name=tun1
Kind=tun

[Tun]
User=me

/etc/systemd/network/991-tun1.network

[Match]
Name=tun1

[Network]
Address=192.168.3.1/24
IPForward=yes

[Address]
Address=192.168.3.1/24
Peer=192.168.3.2/24

After reboot tun1 interface is created fine but it has no address.

me@host:~$ ip a
...
4: tun1: <NO-CARRIER,POINTOPOINT,MULTICAST,NOARP,UP> mtu 1500 qdisc fq_codel state DOWN group default qlen 500
    link/none

But if I use ifconfig then address is added as expected.

me@host:~$ sudo ifconfig tun1 192.168.3.1 pointopoint 192.168.3.2 netmask 255.255.255.0
me@host:~$ ip a
...
4: tun1: <NO-CARRIER,POINTOPOINT,MULTICAST,NOARP,UP> mtu 1500 qdisc fq_codel state DOWN group default qlen 500
    link/none 
    inet 192.168.3.1 peer 192.168.3.2/24 scope global tun1
       valid_lft forever preferred_lft forever

And I can see this in logs after reboot

me@host:~$ sudo journalctl --unit systemd-networkd -fe|grep tun1
...
systemd-networkd[513]: tun1: loaded tun
systemd-networkd[513]: tun1: Created
systemd-networkd[513]: tun1: netdev has index 4
systemd-networkd[513]: tun1: Permanent MAC address not found for new device, continuing without: Operation not supported
systemd-networkd[513]: tun1: Link 4 added
systemd-networkd[513]: tun1: Saved original MTU 1500 (min: 68, max: 65535)
systemd-networkd[513]: tun1: Flags change: +MULTICAST +POINTOPOINT +NOARP
systemd-networkd[513]: tun1: link pending udev initialization...
systemd-networkd[513]: tun1: udev initialized link
systemd-networkd[513]: tun1: State changed: pending -> initialized
systemd-networkd[513]: tun1: Link state is up-to-date
systemd-networkd[513]: tun1: found matching network '/etc/systemd/network/991-tun1.network'.
systemd-networkd[513]: tun1: State changed: initialized -> configuring
systemd-networkd[513]: Setting '/proc/sys/net/ipv6/conf/tun1/disable_ipv6' to '0'
systemd-networkd[513]: Setting '/proc/sys/net/ipv6/conf/tun1/use_tempaddr' to '0'
systemd-networkd[513]: Setting '/proc/sys/net/ipv6/conf/tun1/accept_ra' to '0'
systemd-networkd[513]: Setting '/proc/sys/net/ipv6/conf/tun1/proxy_ndp' to '0'
systemd-networkd[513]: Setting '/proc/sys/net/ipv4/conf/tun1/promote_secondaries' to '1'
systemd-networkd[513]: tun1: Requested to set IPv6LL address generation mode
systemd-networkd[513]: tun1: Requested to set master interface
systemd-networkd[513]: tun1: Requested to activate link
systemd-networkd[513]: tun1: Requesting address: 192.168.3.1/24 (valid forever, preferred forever), flags: n/a
systemd-networkd[513]: tun1: Requesting address: 192.168.3.1 peer 192.168.3.2/24 (valid forever, preferred forever), flags: n/a
systemd-networkd[513]: tun1: Setting addresses
systemd-networkd[513]: tun1: link_check_ready(): link layer is configuring.
systemd-networkd[513]: tun1: link_check_ready(): link layer is configuring.
systemd-networkd[513]: tun1: link_check_ready(): link layer is configuring.
systemd-networkd[513]: tun1: link_check_ready(): link layer is configuring.
systemd-networkd[513]: tun1: link_check_ready(): link layer is configuring.
systemd-networkd[513]: tun1: link_check_ready(): link layer is configuring.
systemd-networkd[513]: tun1: link_check_ready(): link layer is configuring.
systemd-networkd[513]: tun1: link_check_ready(): link layer is configuring.
systemd-networkd[513]: tun1: Setting IPv6LL address generation mode
systemd-networkd[513]: tun1: Setting master interface
systemd-networkd[513]: tun1: IPv6LL address generation mode set.
systemd-networkd[513]: tun1: master interface set.
systemd-networkd[513]: tun1: link_check_ready(): link is not activated.
systemd-networkd[513]: tun1: Bringing link up
systemd-networkd[513]: tun1: Flags change: +UP
systemd-networkd[513]: tun1: Link UP
systemd-networkd[513]: tun1: link_check_ready(): static addresses are not configured.

Why is address not being added to the tun1 interface by systemd-networkd and how to make it to add the address?

Improve this question
2
  • What's more important: why is there no userspace process associated with it? Do you know a tun device is useless without such process (eg: OpenVPN, QEMU, even OpenSSH or socat). Repeated link_check_ready() is because of NO-CARRIER which is because of the lack of such process.
    – A.B
    Commented Jan 28 at 21:39
  • 1
    @A.B I'm planning to use this tun device with ssh. I want the tun device to be created on the server by systemd-networkd with root privileges and to exist permanently. And then I want to be able to connect to that device from time to time with ssh -w as a regular user without root privileges.
    – Andrei
    Commented Jan 29 at 10:44

1 Answer 1

Reset to default
0

Systemd networkd (like NetworkManager) reacts to the carrier state and this affects configuring addresses on the interface.

For a TUN/TAP interface, the state will remain at NO-CARRIER until an userspace process (such as ssh -w ...) properly attaches to the interface: the virtual carrier state will then switch to detected. By default only then the following parts of the configuration (such as adding addresses) will be done by networkd.

To have it ignore the carrier state, these parameters should be added for the device:

[Network]
ConfigureWithoutCarrier=yes
IgnoreCarrierLoss=yes

In particular the description for ConfigureWithoutCarrier tells:

[...] Allows networkd to configure a specific link even if it has no carrier. [...]

The 2nd parameter (which might have defaulted to enabled when the first was enabled, so might not actually have been needed here), allows to stop and restart the userspace process attached to the TUN interface (such as ssh -w ...) without causing any changes in the settings.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .