systemd fails to setup static routes at boot when using DHCP
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| | netplan |
Undecided
|
Unassigned | ||
| | systemd (Ubuntu) |
Medium
|
Unassigned | ||
| | Bionic |
Medium
|
Dan Streetman | ||
| | Disco |
Medium
|
Dan Streetman | ||
| | Eoan |
Medium
|
Unassigned | ||
Bug Description
[impact]
a systemd-networkd configuration that uses ipv4 dhcp but ignores the dhcp-provided route, and instead sets up a static route, and also does not include a static ipv4 address, fails to actually create the static route.
This is due to networkd attempting to set up the static route before the dhcp ipv4 address is assigned, and the kernel does not allow creation of the route before setting up corresponding ipv4 address.
this results in a network that does have the dhcp-provided ipv4 address, but is missing both its dhcp-provided route (because networkd is configured to ignore it) and the static route (because networkd was not able to create it).
[test case]
(remove or unconfigure netplan, so it will not conflict with this manual networkd configuration)
create a networkd config file, e.g.:
$ cat /etc/systemd/
[Match]
Name=eth0
[Network]
DHCP=ipv4
[Route]
Destination=
Gateway=10.202.51.1
[DHCP]
UseRoutes=false
then *reboot* the system, and check that the static route was not applied:
$ ip r
10.202.51.0/24 dev eth0 proto kernel scope link src 10.202.51.254
note that because networkd does not remove ipv4 addresses that it manages (including dhcpv4 addresses), restarting networkd after the initial boot
will correctly create the static route, e.g.:
ubuntu@
10.202.51.0/24 dev eth0 proto kernel scope link src 10.202.51.254
ubuntu@
ubuntu@
10.0.0.0/8 via 10.202.51.1 dev eth0 proto static
10.202.51.0/24 dev eth0 proto kernel scope link src 10.202.51.254
[regression potential]
adjusting how networkd works always carries the risk of breaking networking.
TBD detailed regression potential after analyzing fix.
[other info]
original description:
--
Consider the following setup:
network:
version: 2
renderer: networkd
ethernets:
ens4:
dhcp-
dhcp4: yes
dhcp4-
use-dns: no
use-ntp: no
use-routes: no
routes:
- to: 10.0.0.0/8
via: 10.50.0.1
optional: true
Thus I only need to get the IP address by DHCP, then add some static routes. This setup doesn't work. Apparently `routes` keyword only works when using static addresses.
My config:
network:
version: 2
renderer: networkd
ethernets:
ens3:
match:
macaddress: <removed>
dhcp4: true
dhcp4-
use-routes: false
routes:
- to: 10.212.132.0/24
table: 1
scope: link
- to: 0.0.0.0/0
via: 10.212.132.1
table: 1
routing-
- to: 0.0.0.0/0
from: 10.212.132.0/24
table: 1
ens9:
match:
macaddress: <removed>
dhcp4: true
dhcp4-
use-routes: false
routes:
- to: 10.212.134.0/25
table: 2
scope: link
- to: 0.0.0.0/0
via: 10.212.134.1
table: 2
routing-
- to: 0.0.0.0/0
from: 10.212.134.0/25
table: 2
The two routing tables will not have the static routes added.
Since netplan only does writing configuration to be consumed by the backends like systemd, this would actually be a systemd bug; reassigning.
I thought that worked though, in some setups, especially with use-routes: false as it was being done in the config above.
Nevertheless, it needs investigation. I expect we could see the routes are being installed, then ripped out after systemd-networkd gets an address from DHCP.
| Changed in netplan: | |
| status: | New → Invalid |
| Changed in systemd (Ubuntu): | |
| importance: | Undecided → High |
Hi. I did som further investigation here, and I think I've figured out what happens in networkd here.
Aug 21 10:54:45 nettest1 systemd-
Aug 21 10:54:46 nettest1 systemd-
Aug 21 10:54:46 nettest1 systemd-
Aug 21 10:54:46 nettest1 systemd-
Aug 21 10:54:46 nettest1 systemd-
Aug 21 10:54:46 nettest1 systemd-
Aug 21 10:54:46 nettest1 systemd-
Aug 21 10:54:46 nettest1 systemd-
Aug 21 10:54:46 nettest1 systemd-
Aug 21 10:54:46 nettest1 systemd-
Aug 21 10:54:46 nettest1 systemd-
Basically it seems like networkd does the following on "netplan apply":
1) Remove every address
2) Add routes - which of course will fail with "network is unreachable" because the interfaces don't have an address yet
3) Adding the addresses
| description: | updated |
| summary: |
- Netplan ignores static routes when using DHCP + systemd fails to setup static routes at boot when using DHCP |
| Changed in systemd (Ubuntu Eoan): | |
| status: | New → Fix Released |
| importance: | High → Medium |
| Changed in systemd (Ubuntu Bionic): | |
| importance: | Undecided → Medium |
| status: | New → In Progress |
| assignee: | nobody → Dan Streetman (ddstreet) |
| Changed in systemd (Ubuntu Disco): | |
| importance: | Undecided → Medium |
| status: | New → In Progress |
| assignee: | nobody → Dan Streetman (ddstreet) |
| Dan Streetman (ddstreet) wrote : | #5 |
@pedersen-larserik, @zagarin, can either of you could test your netplan config on 19.10 (Eoan) to verify things work for you there?
@ddstreet It seems to work as expected in Eoan!
netplan.io 0.98-0ubuntu1
| Dan Streetman (ddstreet) wrote : | #7 |
> @ddstreet It seems to work as expected in Eoan!
excellent! now I need to figure out (again) which upstream commit fixes this, as I know I found it before but apparently forgot to include the info in this bug...
| Dan Streetman (ddstreet) wrote : | #8 |
as disco is EOL next week, marking this won't fix for disco.
| Changed in systemd (Ubuntu Disco): | |
| status: | In Progress → Won't Fix |
Hello Alexey, or anyone else affected,
Accepted systemd into bionic-proposed. The package will build now and be available at https:/
Please help us by testing this new package. See https:/
If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-
Further information regarding the verification process can be found at https:/
N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.
| Changed in systemd (Ubuntu Bionic): | |
| status: | In Progress → Fix Committed |
| tags: | added: verification-needed verification-needed-bionic |
| Ubuntu SRU Bot (ubuntu-sru-bot) wrote : Autopkgtest regression report (systemd/237-3ubuntu10.34) | #10 |
All autopkgtests for the newly accepted systemd (237-3ubuntu10.34) for bionic have finished running.
The following regressions have been reported in tests triggered by the package:
php7.2/
openssh/
dovecot/
gvfs/1.
Please visit the excuses page listed below and investigate the failures, proceeding afterwards as per the StableReleaseUp
https:/
[1] https:/
Thank you!
| Changed in systemd (Ubuntu Bionic): | |
| status: | Fix Committed → In Progress |
Hello Alexey, or anyone else affected,
Accepted systemd into bionic-proposed. The package will build now and be available at https:/
Please help us by testing this new package. See https:/
If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-
Further information regarding the verification process can be found at https:/
N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.
| Changed in systemd (Ubuntu Bionic): | |
| status: | In Progress → Fix Committed |
| Ubuntu SRU Bot (ubuntu-sru-bot) wrote : Autopkgtest regression report (systemd/237-3ubuntu10.39) | #12 |
All autopkgtests for the newly accepted systemd (237-3ubuntu10.39) for bionic have finished running.
The following regressions have been reported in tests triggered by the package:
php7.2/
gvfs/1.
lxc/3.0.
systemd/
netplan.
Please visit the excuses page listed below and investigate the failures, proceeding afterwards as per the StableReleaseUp
https:/
[1] https:/
Thank you!
| Dan Streetman (ddstreet) wrote : | #13 |
verified on bionic
ubuntu@
ii systemd 237-3ubuntu10.39 amd64 system and service manager
ubuntu@
10.0.0.0/8 via 192.168.122.1 dev ens3 proto static
192.168.122.0/24 dev ens3 proto kernel scope link src 192.168.122.35
| tags: |
added: verification-done verification-done-bionic removed: verification-needed verification-needed-bionic |
The verification of the Stable Release Update for systemd has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.
| Launchpad Janitor (janitor) wrote : | #15 |
This bug was fixed in the package systemd - 237-3ubuntu10.39
---------------
systemd (237-3ubuntu10.39) bionic; urgency=medium
[ Dariusz Gadomski ]
* d/p/lp1762391/
d/p/
d/p/
d/p/
d/p/
d/p/
d/p/
d/p/
- Restore call to pam_setcred (LP: #1762391)
[ Ioanna Alifieraki ]
* d/p/lp1860548/
d/p/
- use snprintf instead of xsprintf (LP: #1860548)
[ Dan Streetman ]
* d/p/lp1833193-
- Update lft when static addr was cfg by dhcp (LP: #1833193)
* d/p/lp1849261/
d/p/
- Only trigger OnFailure= if Restart= is not in effect (LP: #1849261)
* d/p/lp1671951-
- set ipv6 mtu at correct time (LP: #1671951)
* d/p/lp1845909/
d/p/
d/p/
d/p/
d/p/
d/p/
d/p/
d/p/
- if LinkLocalAddres
* d/p/lp1859862-
- enable ipv6 when needed (LP: #1859862)
* d/p/lp1836695-
- (re)add static routes after getting dhcp4 addr (LP: #1836695)
* d/t/storage:
- fix buggy test (LP: #1831459)
- without scsi_debug, skip test (LP: #1847816)
-- Dan Streetman <email address hidden> Thu, 06 Feb 2020 10:00:49 -0500
| Changed in systemd (Ubuntu Bionic): | |
| status: | Fix Committed → Fix Released |
I am also having this issue.
netplan.io: 0.97-0ubuntu1~