Why I'm considering some use of NetworkManager (and I probably have to)

May 12, 2022

I'm not a fan of NetworkManager on my desktops (although I think there are machines where it's good), but recently I tweeted:

I wonder how well I could get NetworkManager to co-exist with systemd-networkd, so that NM handles the few things networkd is bad at (eg OpenVPN, PPPoE) and networkd handles everything normal.

My home desktop has roughly three types of networks. First, there are networks (the local ethernet, my Wireguard tunnel, and now my libvirt virtual networks) that are configured through well supported mechanisms like networkd. Second, there is my PPPoE DSL connection, which is still using the deprecated and someday to be removed ifup. Finally, there are networks that I don't even have because they're too difficult to set up by hand, such as an OpenVPN connection to our VPN server (which I might use as a backup to my Wireguard tunnel if my office desktop is down).

At some point, I'm going to need a replacement for ifup to drive my PPPoE DSL connection, and I would rather not build that myself. Networkd doesn't handle PPPoE connections and may never do so, so the only other real choice seems to be NetworkManager. However, I don't want to hand all of my networking over to NetworkManager; instead, I would like my existing 'good' networking to keep coexisting with NetworkManager. My good networking would keep on as it is, while NM would handle PPPoE and allow me to finally set up things like OpenVPN connections. I'd have to start using nmcli commands to manage some things, but in practice my PPPoE DSL link is supposed to be up all of the time and I'd only use other NM-managed things in an emergency.

(I know that NetworkManager can set up working PPPoE DSL for me, because I did it once long ago and as far as I know that configuration still works. Although I admit I haven't used it for years. The actual PPPoE DSL configuration file on my laptop in /etc/NetworkManager/system-connections also looks pleasantly simple and straightforward, although since it has a UUID I suspect I can't just copy it over to my desktop.)

It's possible to make NetworkManager ignore devices entirely (also), and I've set this up on both my home and my work desktops for all of the connections I definitely don't want NM touching, as something between preparation and a precaution. I've also told NetworkManager not to touch resolv.conf, because I'll manage all of that myself by hand.

(In theory I could try to make systemd-resolved work by manually or semi-automatically configuring DNS servers, domains, and so on in it. In practice it has some mandatory behaviors I don't want, and I have a setup that works fine as long as I have some VPN connection to work. If I'm completely VPN-less, it's easy to fix. I could even script this, since unbound-control can add and remove forward zones on the fly.)


Comments on this page:

A couple of other projects in this space that may be of interest:

https://github.com/ifupdown-ng/ifupdown-ng

https://ifstate.net/

Written on 12 May 2022.
« Traditionally there are fewer steps in setting up a static website
The cause of an odd DNF/RPM error about conflicting files »

Page tools: View Source, View Normal, Add Comment.
Search:
Login: Password:
Atom Syndication: Recent Comments.

Last modified: Thu May 12 22:42:01 2022
This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.