Skip to content

Allow setting dad-timeout for nmcli #10843

New issue
New issue
Open
#10844
Open
Allow setting dad-timeout for nmcli#10843
#10844
Labels
featureThis issue/PR relates to a feature requestmodulemodulepluginsplugin (any type)
@userlerueda

Description

@userlerueda
userlerueda
opened on Sep 20, 2025

Summary

Add support for setting ipv4.dad-timeout and ipv6.dad-timeout parameters in the community.general.nmcli module to enable duplicate address detection configuration.

Issue Type

Feature Idea

Component Name

nmcli

Additional Information

This feature would allow users to configure NetworkManager's duplicate address detection (DAD) timeout values directly through Ansible, which is essential for preventing IP address conflicts in automated network configurations.

Why it's needed:

Duplicate address detection is a critical network safety feature that prevents IP conflicts
The default DAD timeout is -1 (disabled) for IPv4, leaving networks vulnerable to address conflicts
Currently, users must resort to raw nmcli commands or shell modules to set these parameters, breaking Ansible's idempotency model
This is particularly important in automated infrastructure provisioning where IP conflicts can cause service outages

Use cases:

Automated server provisioning where static IP assignment must be conflict-free
Container orchestration platforms requiring guaranteed unique IP addresses
Network automation in enterprise environments with strict IP management policies
Recovery scenarios where services must fail-fast on network conflicts rather than silently accepting duplicate IPs

What it would solve:

Eliminates the need for workarounds using raw nmcli commands
Provides proper idempotency for DAD configuration
Enables comprehensive network configuration through a single Ansible task
Improves network reliability by making conflict detection configurable in automation workflows

Proposed parameters:

dad_timeout4: Integer value in milliseconds for IPv4 DAD timeout (maps to ipv4.dad-timeout)
dad_timeout6: Integer value in milliseconds for IPv6 DAD timeout (maps to ipv6.dad-timeout)

- name: Configure connection with duplicate address detection
  community.general.nmcli:
    conn_name: ens192
    type: ethernet
    ip4: 192.168.1.100/24
    state: present
    dad_timeout4: 3000  # Enable IPv4 DAD with 3-second timeout
    may_fail4: false

Code of Conduct

  • I agree to follow the Ansible Code of Conduct

Metadata

Metadata

Assignees

No one assigned

    Labels

    featureThis issue/PR relates to a feature requestmodulemodulepluginsplugin (any type)

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions