Skip to content

Add dad-timeout feature for nmcli #10844

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Add dad-timeout feature for nmcli #10844

wants to merge 2 commits into from

Conversation

userlerueda
Copy link

@userlerueda userlerueda commented Sep 20, 2025
edited
Loading

SUMMARY

Add support for setting IPv4 and IPv6 duplicate address detection (DAD) timeout parameters in the community.general.nmcli module. This enables users to configure NetworkManager's ipv4.dad-timeout and ipv6.dad-timeout settings directly through Ansible, providing better control over network configuration and preventing IP address conflicts in automated environments.

This feature adds two new parameters:

  • dad_timeout4: Integer value in milliseconds for IPv4 DAD timeout
  • dad_timeout6: Integer value in milliseconds for IPv6 DAD timeout

Fixes #10843

ISSUE TYPE
  • Feature Pull Request
COMPONENT NAME

nmcli

ADDITIONAL INFORMATION

Background:
Duplicate address detection is a critical network safety feature that prevents IP conflicts. The default DAD timeout is -1 (disabled) for IPv4, leaving networks vulnerable to address conflicts. Currently, users must resort to raw nmcli commands or shell modules to set these parameters, breaking Ansible's idempotency model.

Use Cases:

  • Automated server provisioning where static IP assignment must be conflict-free
  • Container orchestration platforms requiring guaranteed unique IP addresses
  • Network automation in enterprise environments with strict IP management policies
  • Recovery scenarios where services must fail-fast on network conflicts

Implementation Details:

  • Added dad_timeout4 and dad_timeout6 parameters to module argument specification
  • Added corresponding instance variables in the Nmcli class constructor
  • Mapped parameters to NetworkManager properties ipv4.dad-timeout and ipv6.dad-timeout
  • Added parameters to the integer type validation list
  • Updated module documentation with parameter descriptions and usage example
  • Created changelog fragment following project conventions

Example Usage:

- name: Configure connection with duplicate address detection
  community.general.nmcli:
    conn_name: ens192
    type: ethernet
    ip4: 192.168.1.100/24
    state: present
    dad_timeout4: 3000  # Enable IPv4 DAD with 3-second timeout
    may_fail4: false

@ansibullbot
Copy link
Collaborator

cc @alcamie101
click here for bot help

@ansibullbot ansibullbot added feature This issue/PR relates to a feature request module module new_contributor Help guide this first time contributor plugins plugin (any type) needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR labels Sep 20, 2025
@felixfontein felixfontein added check-before-release PR will be looked at again shortly before release and merged if possible. backport-11 Automatically create a backport for the stable-10 branch labels Sep 20, 2025
felixfontein
felixfontein reviewed Sep 23, 2025
View reviewed changes
Copy link
Collaborator

@felixfontein felixfontein left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for your contribution! Please note that you have to adjust the unit tests to avoid the failure. Also please note that this is a new feature, so you should add a small test for it as well to the unit tests. Thanks!

changelogs/fragments/10844-nmcli-dad-timeout-support.yml
@@ -0,0 +1,2 @@
minor_changes:
- nmcli - add support for duplicate address detection (DAD) timeout configuration via new parameters ``dad_timeout4`` and ``dad_timeout6`` which map to the ``ipv4.dad-timeout`` and ``ipv6.dad-timeout`` NetworkManager properties (https://github.com/ansible-collections/community.general/pull/XXXX). No newline at end of file
Copy link
Collaborator

@felixfontein felixfontein Sep 23, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
- nmcli - add support for duplicate address detection (DAD) timeout configuration via new parameters ``dad_timeout4`` and ``dad_timeout6`` which map to the ``ipv4.dad-timeout`` and ``ipv6.dad-timeout`` NetworkManager properties (https://github.com/ansible-collections/community.general/pull/XXXX).
- nmcli - add support for duplicate address detection (DAD) timeout configuration via new parameters ``dad_timeout4`` and ``dad_timeout6`` which map to the ``ipv4.dad-timeout`` and ``ipv6.dad-timeout`` NetworkManager properties (https://github.com/ansible-collections/community.general/issues/10843, https://github.com/ansible-collections/community.general/pull/10844).

plugins/modules/nmcli.py
- Maps to the C(ipv4.dad-timeout) NetworkManager property.
- This helps prevent IP address conflicts by detecting duplicate addresses before assignment.
type: int
version_added: 10.1.0
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
version_added: 10.1.0
version_added: 11.4.0

same below

@ansibullbot ansibullbot added the stale_ci CI is older than 7 days, rerun before merging label Oct 1, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@felixfontein felixfontein felixfontein left review comments

Assignees
No one assigned
Labels
backport-11 Automatically create a backport for the stable-10 branch check-before-release PR will be looked at again shortly before release and merged if possible. feature This issue/PR relates to a feature request module module needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR new_contributor Help guide this first time contributor plugins plugin (any type) stale_ci CI is older than 7 days, rerun before merging
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Allow setting dad-timeout for nmcli
3 participants
@userlerueda @ansibullbot @felixfontein