From 06f724af00035686528d716e54d0f0842377b5ef Mon Sep 17 00:00:00 2001 From: Mihai Chiorean Date: Fri, 10 Oct 2025 13:08:09 -0700 Subject: [PATCH 1/2] Fix USB gadget DHCP conflict with macOS Internet Connection Sharing MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Resolves EDG-295 **Problem:** When macOS Internet Connection Sharing (ICS) is enabled, both the Mac and EdgeOS device try to run DHCP servers on the USB interface, causing: - DHCP conflicts and network failures - Only IPv6 connectivity after toggling ICS - Unpredictable behavior when ICS is disabled/re-enabled **Solution:** Replace the device's DHCP server with a DHCP client + link-local fallback: - **DHCP client mode:** Accepts IP from Mac ICS when available - **Link-local fallback:** Auto-configures 169.254.x.x when no DHCP server - **IPv6 link-local:** Always available (fe80::...) **Benefits:** 1. **Works with Mac ICS enabled:** - Device gets DHCP address (192.168.2.x from Mac) - Internet sharing works through Mac - Proper DNS and routing 2. **Works with Mac ICS disabled:** - Both host and device auto-configure link-local - Connection still works via 169.254.x.x - No DHCP timeouts or delays 3. **Works with mDNS:** - Device always accessible via edgeos-.local - Link-local addresses advertised via mDNS - Works on both IPv4 and IPv6 **Testing:** - ✅ Mac ICS enabled: Device gets 192.168.2.6, internet works - ✅ Mac ICS disabled: Both use link-local, SSH works - ✅ IPv6 link-local: Always accessible via fe80::...%interface - ✅ mDNS discovery: Works in all configurations --- .../usb-gadget/files/10-usb0.network | 39 +++++++------------ 1 file changed, 15 insertions(+), 24 deletions(-) diff --git a/meta-edgeos/recipes-core/usb-gadget/files/10-usb0.network b/meta-edgeos/recipes-core/usb-gadget/files/10-usb0.network index 8bf3357..1b64786 100644 --- a/meta-edgeos/recipes-core/usb-gadget/files/10-usb0.network +++ b/meta-edgeos/recipes-core/usb-gadget/files/10-usb0.network @@ -1,33 +1,24 @@ #/etc/systemd/network/10-usb0.network +# USB gadget network configuration +# +# Strategy: DHCP client with link-local fallback +# - If host runs DHCP server (e.g., macOS ICS): get IP via DHCP +# - If no DHCP server: auto-configure link-local (169.254.x.x) +# - Always available via IPv6 link-local (fe80::...) +# +# This avoids DHCP server conflicts with macOS Internet Connection Sharing +# while maintaining connectivity in all scenarios. [Match] Name=usb0 [Network] -Address=192.168.7.1/24 -DHCPServer=yes -ConfigureWithoutCarrier=yes -# Enable IPv6 link-local addressing +# Request DHCP address from host +DHCP=yes +# Fallback to link-local if no DHCP server responds LinkLocalAddressing=yes +ConfigureWithoutCarrier=yes + +# IPv6 link-local configuration IPv6LinkLocalAddressGenerationMode=eui64 -IPv6DuplicateAddressDetection=both IPv6AcceptRA=yes -IPv6SendRA=yes - -[DHCPServer] -PoolOffset=2 -PoolSize=1 -# Optional extras: -# EmitRouter=yes -# DNS=192.168.7.1 -# EmitDNS=yes - -[IPv6SendRA] -# Low priority to allow macOS ICS to take precedence -RouterPreference=low -# Short lifetime for quick adaptation to network changes -RouterLifetimeSec=30 -# Don't advertise as gateway or DNS -EmitDNS=no -Managed=no -OtherInformation=no From f5a1e42dfc9e2d0adec003d7fdfbfdbf92962819 Mon Sep 17 00:00:00 2001 From: Mihai Chiorean Date: Wed, 3 Dec 2025 10:28:12 -0800 Subject: [PATCH 2/2] Enable systemd-resolved for proper container DNS resolution Container DNS was broken because /etc/resolv.conf pointed to 127.0.0.53 (systemd-resolved stub), which doesn't work in containers. This enables systemd-resolved and configures it to create /run/systemd/resolve/resolv.conf with actual upstream DNS servers. **Changes:** - Enable 'resolved' in systemd PACKAGECONFIG (alongside existing networkd) - Auto-enable systemd-resolved.service at boot - Configure resolved with fallback DNS (8.8.8.8, 1.1.1.1) - Disable LLMNR (not needed) - Enable MulticastDNS for .local domains (Avahi compatibility) **How it works:** 1. systemd-resolved runs and listens on 127.0.0.53 2. Creates /run/systemd/resolve/resolv.conf with real DNS servers 3. wendy-agent mounts this file into containers (from PR #173) 4. Containers get working DNS without stub resolver issues **Benefits:** - Containers can resolve DNS properly - Works with modern systemd-resolved systems - Fallback DNS ensures reliability - Compatible with existing mDNS/Avahi setup Related: WDY-570 --- .../recipes-core/systemd/systemd_%.bbappend | 32 +++++++++++++++++-- 1 file changed, 30 insertions(+), 2 deletions(-) diff --git a/meta-edgeos/recipes-core/systemd/systemd_%.bbappend b/meta-edgeos/recipes-core/systemd/systemd_%.bbappend index 9f843ec..7e422d2 100644 --- a/meta-edgeos/recipes-core/systemd/systemd_%.bbappend +++ b/meta-edgeos/recipes-core/systemd/systemd_%.bbappend @@ -1,8 +1,30 @@ inherit journal-persist -# make sure the systemd recipe builds the networkd subpackage -PACKAGECONFIG:append = " networkd" +# make sure the systemd recipe builds the networkd and resolved subpackages +# resolved is needed for proper DNS resolution in containers +PACKAGECONFIG:append = " networkd resolved" + +# Configure systemd-resolved for proper DNS in containers +do_install:append() { + # Enable systemd-resolved service + install -d ${D}${sysconfdir}/systemd/system/multi-user.target.wants + ln -sf ${systemd_system_unitdir}/systemd-resolved.service \ + ${D}${sysconfdir}/systemd/system/multi-user.target.wants/systemd-resolved.service + + # Configure resolved to create /run/systemd/resolve/resolv.conf + # This file contains actual DNS servers (not the 127.0.0.53 stub) + install -d ${D}${sysconfdir}/systemd/resolved.conf.d + cat > ${D}${sysconfdir}/systemd/resolved.conf.d/10-edgeos.conf << 'EOF' +[Resolve] +# Use this for fallback DNS if no other DNS is available +FallbackDNS=8.8.8.8 1.1.1.1 +# Don't use LLMNR (Link-Local Multicast Name Resolution) +LLMNR=no +# Use mDNS for .local domains (Avahi compatibility) +MulticastDNS=yes +EOF +} # systemd persistent log # Install the drop-in and tmpfiles rule ONLY when this feature is enabled. @@ -23,6 +45,12 @@ d /var/log/journal 2755 root systemd-journal - - EOF } +# Ship systemd-resolved configuration +FILES:${PN}:append = " \ + ${sysconfdir}/systemd/system/multi-user.target.wants/systemd-resolved.service \ + ${sysconfdir}/systemd/resolved.conf.d/10-edgeos.conf \ + " + # systemd persistent log # Only ship these files when the feature is enabled. FILES:${PN}:append:journal_persist-on = " \