dns-search rendered for ipv4 when no addresses configured

Bug #1786726 reported by Daniel Axtens on 2018-08-13
12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
netplan
Undecided
Unassigned
netplan.io (Ubuntu)
Undecided
Unassigned
Bionic
Undecided
Unassigned

Bug Description

[Impact]
Users configuring IPv6 static address with NetworkManager as a backend.

[Test cases]
1) Configure netplan for static addresses for IPv6, dns settings, but no IPv4 configuration:

    [...]
    ens8:
      accept-ra: false
      addresses: ['23:b0:87:58:65:f7:fb:8b/45', '63:94:73:e1:46:15:79:58/50']
      nameservers:
        addresses: ['f2:9d:bc:04:7b:87:ec:28']
        search: [lab, home]
      renderer: NetworkManager

2) Verify that no IPv4 configuration was added in NetworkManager:

  'nmcli'

3) Verify that warnings aren't in /var/log/syslog about invalid properties.

[Regression potential]
Possible regressions might include issues with setting DNS search domains or addresses for the nameservers. Any issues related to resolving addresses on such an IPv6 network, where the nameserver or search domains are incorrectly added.

---

In an IPv6 static setup with NetworkManager, such as the following:

    ens8:
      accept-ra: false
      addresses: ['23:b0:87:58:65:f7:fb:8b/45', '63:94:73:e1:46:15:79:58/50']
      nameservers:
        addresses: ['f2:9d:bc:04:7b:87:ec:28']
        search: [lab, home]
      renderer: NetworkManager

we see the following error in syslog:

NetworkManager[19666]: <warn> [1532665946.1502] keyfile: error loading connection from file /run/NetworkManager/system-connections/net
plan-ens8: invalid connection: ipv4.dns-search: this property is not allowed for 'method=link-local'

netplan renders an ipv4 dns search property, even though there is no configured ipv4 address. NetworkManager doesn't like this and it prevents the connection from being configured.

Daniel Axtens (daxtens) on 2018-09-18
Changed in netplan:
status: New → Fix Committed
Changed in netplan.io (Ubuntu):
status: New → Fix Released
Changed in netplan:
status: Fix Committed → Fix Released

netplan.io 0.40 in cosmic contains this fix.

description: updated

Hello Daniel, or anyone else affected,

Accepted netplan.io into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/netplan.io/0.40~18.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in netplan.io (Ubuntu Bionic):
status: New → Fix Committed
tags: added: verification-needed verification-needed-bionic
Łukasz Zemczak (sil2100) wrote :

Hello Daniel, or anyone else affected,

Accepted netplan.io into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/netplan.io/0.40.1~18.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Verification-done with netplan.io 0.40.1~18.04.1:

root@careful-tahr:/run/NetworkManager/system-connections# sudo apt install netplan.io
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following package was automatically installed and is no longer required:
  libfreetype6
Use 'sudo apt autoremove' to remove it.
The following additional packages will be installed:
  python3-netifaces
The following NEW packages will be installed:
  python3-netifaces
The following packages will be upgraded:
  netplan.io
1 upgraded, 1 newly installed, 0 to remove and 37 not upgraded.
Need to get 76.6 kB of archives.
After this operation, 64.5 kB of additional disk space will be used.
Do you want to continue? [Y/n]
Get:1 http://archive.ubuntu.com/ubuntu bionic/main amd64 python3-netifaces amd64 0.10.4-0.1build4 [12.8 kB]
Get:2 http://archive.ubuntu.com/ubuntu bionic-proposed/main amd64 netplan.io amd64 0.40.1~18.04.1 [63.8 kB]
Fetched 76.6 kB in 0s (164 kB/s)
Selecting previously unselected package python3-netifaces.
(Reading database ... 28984 files and directories currently installed.)
Preparing to unpack .../python3-netifaces_0.10.4-0.1build4_amd64.deb ...
Unpacking python3-netifaces (0.10.4-0.1build4) ...
Preparing to unpack .../netplan.io_0.40.1~18.04.1_amd64.deb ...
Unpacking netplan.io (0.40.1~18.04.1) over (0.36.3) ...
Setting up python3-netifaces (0.10.4-0.1build4) ...
Processing triggers for man-db (2.8.3-2) ...
Setting up netplan.io (0.40.1~18.04.1) ...
root@careful-tahr:/run/NetworkManager/system-connections# sudo netplan apply
root@careful-tahr:/run/NetworkManager/system-connections# ls
netplan-eth0
root@careful-tahr:/run/NetworkManager/system-connections# cat netplan-eth0
[connection]
id=netplan-eth0
type=ethernet
interface-name=eth0

[ethernet]
wake-on-lan=0

[ipv4]
method=link-local

[ipv6]
method=auto
address1=23:b0:87:58:65:f7:fb:8b/45
address2=63:94:73:e1:46:15:79:58/50
dns=2001:4860:4860::8888;
dns-search=cyphermox.net;

I have checked that with an IPv6-only setup, no dns-search is rendered for ipv4 and NetworkManager no longer displays an error message in logs when failing to parse ipv4.dns-search for the 'link-local' method.

tags: added: verification-done-bionic
removed: verification-needed verification-needed-bionic
Brian Murray (brian-murray) wrote :

Hello Daniel, or anyone else affected,

Accepted netplan.io into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/netplan.io/0.40.1~18.04.2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

tags: added: verification-needed verification-needed-bionic
removed: verification-done-bionic

Verification done on bionic with netplan.io

I was able to confirm that in an IPv6-only scenario, netplan now does not render invalid dns-search for the IPv4 method.

root@working-guinea:~# cat /run/NetworkManager/system-connections/netplan-eth0
[connection]
id=netplan-eth0
type=ethernet
interface-name=eth0

[ethernet]
wake-on-lan=0

[ipv4]
method=link-local

[ipv6]
method=manual
address1=23:b0:87:58:65:f7:fb:8b/45
address2=63:94:73:e1:46:15:79:58/50
dns=f2:9d:bc:04:7b:87:ec:28;
dns-search=lab;home;
root@working-guinea:~# nmcli con
NAME UUID TYPE DEVICE
netplan-eth0 04d79829-8fbf-3091-8dac-4378e0daab6d ethernet eth0
root@working-guinea:~# nmcli con show id netplan-eth0 | grep ipv4
ipv4.method: link-local
ipv4.dns: --
ipv4.dns-search: --
ipv4.dns-options: ""
ipv4.dns-priority: 0
ipv4.addresses: --
ipv4.gateway: --
ipv4.routes: --
ipv4.route-metric: -1
ipv4.route-table: 0 (unspec)
ipv4.ignore-auto-routes: no
ipv4.ignore-auto-dns: no
ipv4.dhcp-client-id: --
ipv4.dhcp-timeout: 0 (default)
ipv4.dhcp-send-hostname: yes
ipv4.dhcp-hostname: --
ipv4.dhcp-fqdn: --
ipv4.never-default: no
ipv4.may-fail: yes
ipv4.dad-timeout: -1 (default)

tags: added: verification-done-bionic
removed: verification-needed verification-needed-bionic
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package netplan.io - 0.40.1~18.04.2

---------------
netplan.io (0.40.1~18.04.2) bionic; urgency=medium

  * Fix typo breaking rename on 'netplan apply'. (LP: #1770082)

netplan.io (0.40.1~18.04.1) bionic; urgency=medium

  * Backport netplan 0.40.1 to 18.04. (LP: #1793309)

netplan.io (0.40.1) cosmic; urgency=medium

  * tests/generate.py: use random.sample() instead of random.choices() to
    better support older pythons.
  * Deal gracefully with empty files on 'netplan apply' (LP: #1795343)

netplan.io (0.40) cosmic; urgency=medium

  * New upstream release:
    - networkd: route source is PreferredSource= not From=
    - Improve NetworkManager error reporting on unrenderable routes.
    - Don't render ipv4 dns-search unless we have an ipv4 address.
      (LP: #1786726)
    - Set permissive umask on networkd .network, .link and .netdev files
      (LP: #1736965, LP: #1768560)
    - Fix support for link-scope routes. (LP: #1747455)
    - Update man pages for deletion of replug code.
    - Spell Gratuitous ARP correctly and make it work. (LP: #1756701)
    - Many typo fixes for documentation. (LP: #1783940)
    - Various build system fixes.
    - Fix integration tests:
      - iproute2 output changes for link-scope routes
      - fix stability of networkd igmp-resend test
      - fix manual_addresses test now that networkd lists ~. domain
    - Deduplicate code for parsing interface options
    - Add support for optional-addresses.

netplan.io (0.39) cosmic; urgency=medium

  * New upstream release:
    - Allow link-local addresses to be configured. (LP: #1771704)
    - Forces bridges with no addresses to be brought online. (LP: #1736975)

netplan.io (0.38) cosmic; urgency=medium

  * New upstream release:
    - Write udev .rules files to /run/udev/rules.d to enforce interface
      renaming. (LP: #1770082)
    - Don't traceback for 'netplan ip leases' when iface is not managed or
      doesn't DHCP (LP: #1768823)
    - Fix duplicate "/" path separator in error messages (LP: #1771440)
    - Fix incorrect terminal reset in 'netplan try' on Ctrl-C. (LP: #1768798)
    - Updated doc entries: mtu, fix fwmark->mark, cleanup optional.
      (LP: #1768783)
    - Added documentation validation at build.
    - Added configuration example for multi-ip interfaces.
  * tests/integration.py: fix test_eth_and_bridge autopkg test harder.
  * debian/control:
    - Add iproute2 to Depends.
    - Add python3-netifaces to Depends, Build-Depends.

 -- Mathieu Trudel-Lapierre <email address hidden> Mon, 22 Oct 2018 15:02:30 -0400

Changed in netplan.io (Ubuntu Bionic):
status: Fix Committed → Fix Released

The verification of the Stable Release Update for netplan.io has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Steve Langasek (vorlon) on 2018-11-08
Changed in netplan.io (Ubuntu Bionic):
status: Fix Released → Fix Committed

Hello Daniel, or anyone else affected,

Accepted netplan.io into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/netplan.io/0.40.1~18.04.3 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

tags: added: verification-needed verification-needed-bionic
removed: verification-done-bionic

Resetting the tags to verification-done as per the discussion in https://bugs.launchpad.net/netplan/+bug/1770082/comments/95.

The SRU had been rolled back due to a regression that needed to be fixed, but we still consider the previous verification to be valid.

tags: added: verification-done-bionic
removed: verification-needed verification-needed-bionic
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package netplan.io - 0.40.1~18.04.3

---------------
netplan.io (0.40.1~18.04.3) bionic; urgency=medium

  * Fix idempotency in renaming: bond members should be exempt from rename, as
    they may all share a single MAC for the bond device. (LP: #1802322)
  * tests/integration.py: add test designed to catch the above regression.

netplan.io (0.40.1~18.04.2) bionic; urgency=medium

  * Fix typo breaking rename on 'netplan apply'. (LP: #1770082)

netplan.io (0.40.1~18.04.1) bionic; urgency=medium

  * Backport netplan 0.40.1 to 18.04. (LP: #1793309)

netplan.io (0.40.1) cosmic; urgency=medium

  * tests/generate.py: use random.sample() instead of random.choices() to
    better support older pythons.
  * Deal gracefully with empty files on 'netplan apply' (LP: #1795343)

netplan.io (0.40) cosmic; urgency=medium

  * New upstream release:
    - networkd: route source is PreferredSource= not From=
    - Improve NetworkManager error reporting on unrenderable routes.
    - Don't render ipv4 dns-search unless we have an ipv4 address.
      (LP: #1786726)
    - Set permissive umask on networkd .network, .link and .netdev files
      (LP: #1736965, LP: #1768560)
    - Fix support for link-scope routes. (LP: #1747455)
    - Update man pages for deletion of replug code.
    - Spell Gratuitous ARP correctly and make it work. (LP: #1756701)
    - Many typo fixes for documentation. (LP: #1783940)
    - Various build system fixes.
    - Fix integration tests:
      - iproute2 output changes for link-scope routes
      - fix stability of networkd igmp-resend test
      - fix manual_addresses test now that networkd lists ~. domain
    - Deduplicate code for parsing interface options
    - Add support for optional-addresses.

netplan.io (0.39) cosmic; urgency=medium

  * New upstream release:
    - Allow link-local addresses to be configured. (LP: #1771704)
    - Forces bridges with no addresses to be brought online. (LP: #1736975)

netplan.io (0.38) cosmic; urgency=medium

  * New upstream release:
    - Write udev .rules files to /run/udev/rules.d to enforce interface
      renaming. (LP: #1770082)
    - Don't traceback for 'netplan ip leases' when iface is not managed or
      doesn't DHCP (LP: #1768823)
    - Fix duplicate "/" path separator in error messages (LP: #1771440)
    - Fix incorrect terminal reset in 'netplan try' on Ctrl-C. (LP: #1768798)
    - Updated doc entries: mtu, fix fwmark->mark, cleanup optional.
      (LP: #1768783)
    - Added documentation validation at build.
    - Added configuration example for multi-ip interfaces.
  * tests/integration.py: fix test_eth_and_bridge autopkg test harder.
  * debian/control:
    - Add iproute2 to Depends.
    - Add python3-netifaces to Depends, Build-Depends.

 -- Mathieu Trudel-Lapierre <email address hidden> Wed, 21 Nov 2018 14:42:59 -0500

Changed in netplan.io (Ubuntu Bionic):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers