2019-07-05 21:59:46 |
Dan Streetman |
bug |
|
|
added bug |
2019-07-05 22:07:00 |
Dan Streetman |
bug watch added |
|
https://github.com/systemd/systemd/issues/12969 |
|
2019-07-05 22:07:00 |
Dan Streetman |
bug task added |
|
systemd |
|
2019-07-05 22:10:25 |
Dan Streetman |
nominated for series |
|
Ubuntu Cosmic |
|
2019-07-05 22:10:25 |
Dan Streetman |
bug task added |
|
systemd (Ubuntu Cosmic) |
|
2019-07-05 22:10:25 |
Dan Streetman |
nominated for series |
|
Ubuntu Bionic |
|
2019-07-05 22:10:25 |
Dan Streetman |
bug task added |
|
systemd (Ubuntu Bionic) |
|
2019-07-05 22:10:25 |
Dan Streetman |
nominated for series |
|
Ubuntu Eoan |
|
2019-07-05 22:10:25 |
Dan Streetman |
bug task added |
|
systemd (Ubuntu Eoan) |
|
2019-07-05 22:10:25 |
Dan Streetman |
nominated for series |
|
Ubuntu Disco |
|
2019-07-05 22:10:25 |
Dan Streetman |
bug task added |
|
systemd (Ubuntu Disco) |
|
2019-07-05 22:10:32 |
Dan Streetman |
systemd (Ubuntu Eoan): assignee |
|
Dan Streetman (ddstreet) |
|
2019-07-05 22:10:34 |
Dan Streetman |
systemd (Ubuntu Eoan): importance |
Undecided |
Medium |
|
2019-07-05 22:10:36 |
Dan Streetman |
systemd (Ubuntu Eoan): status |
New |
In Progress |
|
2019-07-05 22:11:04 |
Dan Streetman |
bug |
|
|
added subscriber Chad Smith |
2019-07-08 14:17:14 |
Dan Streetman |
systemd (Ubuntu Disco): assignee |
|
Dan Streetman (ddstreet) |
|
2019-07-08 14:17:17 |
Dan Streetman |
systemd (Ubuntu Bionic): assignee |
|
Dan Streetman (ddstreet) |
|
2019-07-08 14:17:19 |
Dan Streetman |
systemd (Ubuntu Disco): importance |
Undecided |
Medium |
|
2019-07-08 14:17:22 |
Dan Streetman |
systemd (Ubuntu Cosmic): importance |
Undecided |
Medium |
|
2019-07-08 14:17:23 |
Dan Streetman |
systemd (Ubuntu Bionic): importance |
Undecided |
Medium |
|
2019-07-08 14:17:25 |
Dan Streetman |
systemd (Ubuntu Disco): status |
New |
In Progress |
|
2019-07-08 14:17:27 |
Dan Streetman |
systemd (Ubuntu Cosmic): status |
New |
In Progress |
|
2019-07-08 14:17:35 |
Dan Streetman |
systemd (Ubuntu Bionic): status |
New |
In Progress |
|
2019-07-08 14:17:42 |
Dan Streetman |
systemd (Ubuntu Cosmic): assignee |
|
Dan Streetman (ddstreet) |
|
2019-07-08 14:17:57 |
Dan Streetman |
tags |
|
ddstreet-next systemd |
|
2019-07-10 18:21:00 |
Joshua Powers |
bug |
|
|
added subscriber Joshua Powers |
2019-07-12 11:41:16 |
Bug Watch Updater |
systemd: status |
Unknown |
Fix Released |
|
2019-07-15 21:10:31 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~ddstreet/ubuntu/+source/systemd/+git/systemd/+merge/370152 |
|
2019-07-16 14:31:14 |
Ryan Harper |
bug |
|
|
added subscriber Ryan Harper |
2019-07-22 21:51:10 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~ddstreet/ubuntu/+source/systemd/+git/systemd/+merge/370455 |
|
2019-07-23 20:28:01 |
Dan Streetman |
systemd (Ubuntu Cosmic): status |
In Progress |
Won't Fix |
|
2019-07-23 20:28:43 |
Dan Streetman |
tags |
ddstreet-next systemd |
ddstreet-next sts sts-sponsor sts-sponsor-ddstreet systemd |
|
2019-07-23 21:39:38 |
Dan Streetman |
description |
[impact]
the systemd networkd dhcp4 client sets the prefsrc for the default route added when a dhcp server provides only the gateway; but if the dhcp server provides classless route(s), those are configured instead, and the prefsrc is not set for those.
Normally this is ok, but if the dhcp client system has other address(es) configured on the interface using dhcp, then the src for packets sent through a classless/static route might not be the same as the address provided by the dhcp server.
If the gateway/router provided in the dhcp classless/static route(s) only allows traffic from the address provided to the dhcp client, then traffic from the dhcp client may be dropped by the gateway/router.
[test case]
set up a dhcp server system (e.g. ubuntu with dnsmasq installed and configured) and a dhcp client system. For example on the dhcp server, use this dnsmasq config:
interface=ens8
bind-interfaces
domain=test,10.10.0.0/24
dhcp-option=42,10.10.0.1
dhcp-range=test,10.10.0.10,10.10.0.100,1h
On the dhcp client system, use networkd config such as:
$ cat /etc/systemd/network/80-ens8.network
[Match]
Name=ens8
[Network]
DHCP=ipv4
LinkLocalAddressing=ipv6
Address=10.10.0.5/24
Reboot the client, or restart networkd, and it should result in:
$ ip -4 a show ens8
3: ens8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
inet 10.10.0.5/24 brd 10.10.0.255 scope global ens8
valid_lft forever preferred_lft forever
inet 10.10.0.75/24 brd 10.10.0.255 scope global secondary dynamic ens8
valid_lft 3580sec preferred_lft 3580sec
$ ip r
default via 10.10.0.1 dev ens8 proto dhcp src 10.10.0.75 metric 1024
10.10.0.0/24 dev ens8 proto kernel scope link src 10.10.0.5
10.10.0.1 dev ens8 proto dhcp scope link src 10.10.0.75 metric 1024
Note that, because networkd completes the static ip configuration before the dhcp reply is returned and processed, the static address is used for the subnet-local routing. But for global routing through the gateway, the dhcp-provided address is used:
$ ip r get 1.1.1.1
1.1.1.1 via 10.10.0.1 dev ens8 src 10.10.0.75 uid 1000
Now on the server, add a classless route:
dhcp-option=121,0.0.0.0/0,10.10.0.1
and restart dnsmasq on the server. Then on the client, reboot. It should now have:
$ ip -4 a show ens8
3: ens8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
inet 10.10.0.5/24 brd 10.10.0.255 scope global ens8
valid_lft forever preferred_lft forever
inet 10.10.0.75/24 brd 10.10.0.255 scope global secondary dynamic ens8
valid_lft 3585sec preferred_lft 3585sec
$ ip r
default via 10.10.0.1 dev ens8 proto dhcp metric 1024
10.10.0.0/24 dev ens8 proto kernel scope link src 10.10.0.5
Now, the global route will use the static address, not the dhcp-provided address:
$ ip r get 1.1.1.1
1.1.1.1 via 10.10.0.1 dev ens8 src 10.10.0.5 uid 1000
If the router, 10.10.0.1, only will forward traffic sent from the dhcp address it provided, 10.10.0.75, then this configuration will result in the client being unable to reach anything through the router, because all its packets will have a source address of 10.10.0.5, which the router would drop/reject.
[regression potential]
this only affects dhcp routes provided by a dhcp server using the 'static' or 'classless' route dhcp options. Since this behavior is currently the default when a system doesn't add static address(es) to interfaces that also get dhcp addresses, this is likely not a change in behavior for the vast majority of systems. And any systems that do add static address(es) would usually be able to route through a gateway from either the dhcp-provided, or static, address. So the regression potential for this change should be low.
[other info]
TBD |
[impact]
the systemd networkd dhcp4 client sets the prefsrc for the default route added when a dhcp server provides only the gateway; but if the dhcp server provides classless route(s), those are configured instead, and the prefsrc is not set for those.
Normally this is ok, but if the dhcp client system has other address(es) configured on the interface using dhcp, then the src for packets sent through a classless/static route might not be the same as the address provided by the dhcp server.
If the gateway/router provided in the dhcp classless/static route(s) only allows traffic from the address provided to the dhcp client, then traffic from the dhcp client may be dropped by the gateway/router.
[test case]
set up a dhcp server system (e.g. ubuntu with dnsmasq installed and configured) and a dhcp client system. For example on the dhcp server, use this dnsmasq config:
interface=ens8
bind-interfaces
domain=test,10.10.0.0/24
dhcp-option=42,10.10.0.1
dhcp-range=test,10.10.0.10,10.10.0.100,1h
On the dhcp client system, use networkd config such as:
$ cat /etc/systemd/network/80-ens8.network
[Match]
Name=ens8
[Network]
DHCP=ipv4
LinkLocalAddressing=ipv6
Address=10.10.0.5/24
Reboot the client, or restart networkd, and it should result in:
$ ip -4 a show ens8
3: ens8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
inet 10.10.0.5/24 brd 10.10.0.255 scope global ens8
valid_lft forever preferred_lft forever
inet 10.10.0.75/24 brd 10.10.0.255 scope global secondary dynamic ens8
valid_lft 3580sec preferred_lft 3580sec
$ ip r
default via 10.10.0.1 dev ens8 proto dhcp src 10.10.0.75 metric 1024
10.10.0.0/24 dev ens8 proto kernel scope link src 10.10.0.5
10.10.0.1 dev ens8 proto dhcp scope link src 10.10.0.75 metric 1024
Note that, because networkd completes the static ip configuration before the dhcp reply is returned and processed, the static address is used for the subnet-local routing. But for global routing through the gateway, the dhcp-provided address is used:
$ ip r get 1.1.1.1
1.1.1.1 via 10.10.0.1 dev ens8 src 10.10.0.75 uid 1000
Now on the server, add a classless route:
dhcp-option=121,0.0.0.0/0,10.10.0.1
and restart dnsmasq on the server. Then on the client, reboot. It should now have:
$ ip -4 a show ens8
3: ens8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
inet 10.10.0.5/24 brd 10.10.0.255 scope global ens8
valid_lft forever preferred_lft forever
inet 10.10.0.75/24 brd 10.10.0.255 scope global secondary dynamic ens8
valid_lft 3585sec preferred_lft 3585sec
$ ip r
default via 10.10.0.1 dev ens8 proto dhcp metric 1024
10.10.0.0/24 dev ens8 proto kernel scope link src 10.10.0.5
Now, the global route will use the static address, not the dhcp-provided address:
$ ip r get 1.1.1.1
1.1.1.1 via 10.10.0.1 dev ens8 src 10.10.0.5 uid 1000
If the router, 10.10.0.1, only will forward traffic sent from the dhcp address it provided, 10.10.0.75, then this configuration will result in the client being unable to reach anything through the router, because all its packets will have a source address of 10.10.0.5, which the router would drop/reject.
[regression potential]
this only affects dhcp routes provided by a dhcp server using the 'static' or 'classless' route dhcp options. Since this behavior is currently the default when a system doesn't add static address(es) to interfaces that also get dhcp addresses, this is likely not a change in behavior for the vast majority of systems. And any systems that do add static address(es) would usually be able to route through a gateway from either the dhcp-provided, or static, address. So the regression potential for this change should be low.
[other info]
Note that systemd in Eoan is being upgraded to upstream 242, so I am not adding this to Eoan now, as I don't want to disturb the merge. If needed after the merge, I'll add to Eoan. |
|
2019-07-25 16:17:59 |
Łukasz Zemczak |
systemd (Ubuntu Disco): status |
In Progress |
Fix Committed |
|
2019-07-25 16:18:01 |
Łukasz Zemczak |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
2019-07-25 16:18:05 |
Łukasz Zemczak |
bug |
|
|
added subscriber SRU Verification |
2019-07-25 16:18:09 |
Łukasz Zemczak |
tags |
ddstreet-next sts sts-sponsor sts-sponsor-ddstreet systemd |
ddstreet-next sts sts-sponsor sts-sponsor-ddstreet systemd verification-needed verification-needed-disco |
|
2019-07-25 21:25:49 |
Łukasz Zemczak |
systemd (Ubuntu Bionic): status |
In Progress |
Fix Committed |
|
2019-07-25 21:26:16 |
Łukasz Zemczak |
tags |
ddstreet-next sts sts-sponsor sts-sponsor-ddstreet systemd verification-needed verification-needed-disco |
ddstreet-next sts sts-sponsor sts-sponsor-ddstreet systemd verification-needed verification-needed-bionic verification-needed-disco |
|
2019-08-02 16:23:12 |
Chad Smith |
attachment added |
|
azure-secondary-nic-validation-bionic-disco-eoan.log https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1835581/+attachment/5280521/+files/azure-secondary-nic-validation-bionic-disco-eoan.log |
|
2019-08-02 16:25:03 |
Chad Smith |
attachment added |
|
azure-secondary-nic-validation-bionic-disco-eoan.log https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1835581/+attachment/5280522/+files/azure-secondary-nic-validation-bionic-disco-eoan.log |
|
2019-08-02 20:44:53 |
Launchpad Janitor |
merge proposal unlinked |
https://code.launchpad.net/~ddstreet/ubuntu/+source/systemd/+git/systemd/+merge/370455 |
|
|
2019-08-02 20:46:49 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~ddstreet/ubuntu/+source/systemd/+git/systemd/+merge/370455 |
|
2019-08-05 20:55:01 |
Jorge Niedbalski |
tags |
ddstreet-next sts sts-sponsor sts-sponsor-ddstreet systemd verification-needed verification-needed-bionic verification-needed-disco |
ddstreet-next sts sts-sponsor sts-sponsor-ddstreet systemd verification-done verification-done-bionic verification-done-disco |
|
2019-08-06 16:16:30 |
Dan Streetman |
systemd (Ubuntu Eoan): status |
In Progress |
Fix Committed |
|
2019-08-06 17:27:43 |
Dan Streetman |
tags |
ddstreet-next sts sts-sponsor sts-sponsor-ddstreet systemd verification-done verification-done-bionic verification-done-disco |
sts sts-sponsor systemd verification-done verification-done-bionic verification-done-disco |
|
2019-08-06 18:36:25 |
Launchpad Janitor |
systemd (Ubuntu Bionic): status |
Fix Committed |
Fix Released |
|
2019-08-06 18:36:50 |
Brian Murray |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
2019-08-07 10:03:07 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~fourdollars/ubuntu/+source/systemd/+git/systemd/+merge/370808 |
|
2019-08-07 20:18:27 |
Launchpad Janitor |
systemd (Ubuntu Disco): status |
Fix Committed |
Fix Released |
|
2019-08-21 19:39:32 |
Dan Streetman |
systemd (Ubuntu Eoan): status |
Fix Committed |
In Progress |
|
2019-08-22 14:55:02 |
Dimitri John Ledkov |
systemd (Ubuntu Eoan): status |
In Progress |
Fix Committed |
|
2019-08-26 23:40:43 |
Launchpad Janitor |
systemd (Ubuntu Eoan): status |
Fix Committed |
Fix Released |
|
2019-10-08 09:41:31 |
thinktwo |
bug |
|
|
added subscriber thinktwo |
2019-10-17 19:59:23 |
Dan Streetman |
systemd (Ubuntu Eoan): status |
Fix Released |
In Progress |
|
2019-10-17 20:14:34 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~ddstreet/ubuntu/+source/systemd/+git/systemd/+merge/374312 |
|
2019-10-17 20:58:15 |
Dan Streetman |
tags |
sts sts-sponsor systemd verification-done verification-done-bionic verification-done-disco |
ddstreet eoan sts sts-sponsor systemd verification-done verification-done-bionic verification-done-disco |
|
2019-11-07 13:30:35 |
Łukasz Zemczak |
systemd (Ubuntu Eoan): status |
In Progress |
Fix Committed |
|
2019-11-07 13:30:37 |
Łukasz Zemczak |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
2019-11-07 13:30:42 |
Łukasz Zemczak |
tags |
ddstreet eoan sts sts-sponsor systemd verification-done verification-done-bionic verification-done-disco |
ddstreet eoan sts sts-sponsor systemd verification-done-bionic verification-done-disco verification-needed verification-needed-eoan |
|
2019-11-13 21:45:36 |
Dan Streetman |
tags |
ddstreet eoan sts sts-sponsor systemd verification-done-bionic verification-done-disco verification-needed verification-needed-eoan |
ddstreet eoan sts sts-sponsor systemd verification-done verification-done-bionic verification-done-disco verification-done-eoan |
|
2019-11-25 10:55:23 |
Launchpad Janitor |
systemd (Ubuntu Eoan): status |
Fix Committed |
Fix Released |
|
2019-12-11 22:57:00 |
Dan Streetman |
systemd (Ubuntu): status |
In Progress |
Fix Released |
|
2020-03-27 08:55:01 |
Johnson Shi |
bug |
|
|
added subscriber Johnson Shi |