Existing tools for network interface configuration have several shortcomings when applied to network switches. These include the lack of ability to handle interface dependencies, incremental updates to interface configuration without disruption, and interface configuration validation. The lack of such functionality increases operational burden. We introduce ifupdown2, a new network interface manager for Cumulus Linux.

ifupdown2 solves these problems through an implementation based on dependency graphs. This article briefly describes network interface configuration on Linux, the problems that arise when configuring a network switch and how ifupdown2 solves these problems and increases operational efficiencies overall.

Background

The Linux kernel understands two types of network interfaces: physical and logical. Physical interfaces represent real hardware and are owned by the device driver that manages the device. Example of physical interfaces include switch ports. Logical or virtual interfaces are created and managed by the kernel. Examples of logical interfaces include bonds, bridges, VLAN interfaces etc. Linux network interfaces are often stacked i.e they exhibit a master slave dependency relationship. Example of stacked network interfaces includes bridge and its ports.

The Linux kernel provides APIs to configure network interfaces. Existing native Linux tools like brctl, iproute2 use one or more of the kernel APIs to configure network interfaces.

Most Linux distributions (such as Debian) provide their own network interface managers. Network interface managers operate either above the native Linux tools or use the kernel API directly to provide a unified way to configure all types of network interfaces. Debian’s native network interface manager is ifupdown. Cumulus Linux is a Debian based distribution for network switches.

Challenges

As data center have grown, the complexity of configuration of network switches has grown. Some of the challenges caused by the complexity include network interface dependency, incremental updates, and configuration specification.

  • Network Interface Configuration dependency: Linux network interfaces are often stacked which causes dependency relationships between the stacked network interfaces. Most tools on Linux do not handle this, putting the burden on the network administrator to manually order his configuration sequence.
  • Service disruption: Network switches often need incremental updates to interface attributes. Most existing tools do not provide the ability to incrementally add/delete configuration on the network interface without having to tear down and re-configure the network interface, causing a service disruption.
  • Configuration complexity: The existing network interface configuration formats on Linux are non standard and differ from distribution to distribution. As network interface configuration complexity and scale increases, the configuration file size increases and there is often repetition of configuration, resulting in configurations that are hard to manage easily. The format would benefit from a concise, repeatable interface definition standard. In addition, most automation/orchestration tools prefer a standard format (XML/JSON) for network interface specification.
  • Network interface configuration validation: With interface configuration at scale comes the requirement for querying and validating running interface configuration for debuggability and operational efficiency.

Architecture/Implementation

ifupdown2 attempts to solve the limitations of existing network interface configuration tools. It is a rewrite of Debian’s ifupdown in python. It retains the pluggable/extensible architecture of ifupdown and uses existing Linux native network interface configuration tools to configure interfaces. It maintains backward compatibility with ifupdown.

  • Handles network interface configuration dependencies: The ifupdown2 implementation uses directed acyclic graph to represent network interface dependency in a stacked network interface configuration. This allows it to resolve dependencies by ordering configuration steps using a topological sort of the the directed acyclic graph of network interfaces. This takes the burden of ordering network interface configuration away from the user thus reducing chances of errors.
  • Minimizes service disruption: ifupdown2 provides a method to query running state of a network interface and identify the differences between running configuration and a user specified configuration. This enabled it to applying pending/incremental updates to interface configuration. Interfaces do not need to be torn down and restarted. This allows for a no down time re-configuring of the interface.
  • Simplified configuration description: ifupdown2 uses an enhanced network interface configuration file. The enhancements make the file concise by reducing repetition of sections. Applications of the enhanced network configuration description language include configuration templatization. ifupdown2 supports interface configuration templates for cookie cutter configurations seen in large scale datacenter deployments today. ifupdown2 also provides a JSON interface to the network interface configuration. This makes it easy to intergrate ifupdown2 with automation/orchestration tools.
  • Network interface configuration validation: ifupdown2 provides options to the user to query and validate running interface configuration with user provided config thus providing the ability to detect and debug problems with interface configuration.

ifupdown2

Conclusion

ifupdown2 simplifies a network administrators tasks by providing a solution to the problems of interface dependency, incremental updates and complex configuration.
See resources below for ifupdown2 in action.

Resources

ifupdown2 on github

ifupdown2 documentation on github

Cumulus Linux ships with ifupdown2 in releases 2.1 or greater

Cumulus ifupdown2 user documentation

Cumulus KB article comparing ifupdown and ifupdown2