| 2020-06-03 21:58:54 |
John Nielsen |
bug |
|
|
added bug |
| 2020-06-03 21:58:54 |
John Nielsen |
attachment added |
|
systemd-networkd log output with comments https://bugs.launchpad.net/bugs/1881972/+attachment/5380157/+files/nat-networkd-log.txt |
|
| 2020-06-03 22:00:59 |
John Nielsen |
description |
This is a serious regression with systemd-networkd that I ran in to while setting up a NAT router in AWS. The AWS AMI ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-amd64-server-20200131 with systemd-237-3ubuntu10.33 does NOT have the problem, but the next most recent AWS AMI ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-amd64-server-20200311 with systemd-including 237-3ubuntu10.39 does.
Also, a system booted from the (good) 20200131 AMI starts showing the problem after updating only systemd (to 237-3ubuntu10.41) and its direct dependencies (e.g. 'apt-get install systemd'). So I'm fairly confident that a change to the systemd package between 237-3ubuntu10.33 and 237-3ubuntu10.39 introduced the problem and it is still present.
On the NAT router I use three interfaces and have separate routing tables for admin and forwarded traffic. Things come up fine initially but every 30-60 minutes (DHCP lease renewal time?) one or more interfaces is reconfigured and most of the time systemd-networkd will crash and need to be restarted. Eventually the system becomes unreachable when the default crash loop backoff logic prevents the network service from being restarted at all. The log excerpt attached illustrates the crash loop.
Also including the netplan and networkd config files below.
# grep . /etc/netplan/*
/etc/netplan/50-cloud-init.yaml:# This file is generated from information provided by the datasource. Changes
/etc/netplan/50-cloud-init.yaml:# to it will not persist across an instance reboot. To disable cloud-init's
/etc/netplan/50-cloud-init.yaml:# network configuration capabilities, write a file
/etc/netplan/50-cloud-init.yaml:# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
/etc/netplan/50-cloud-init.yaml:# network: {config: disabled}
/etc/netplan/50-cloud-init.yaml:network:
/etc/netplan/50-cloud-init.yaml: version: 2
/etc/netplan/50-cloud-init.yaml: ethernets:
/etc/netplan/50-cloud-init.yaml: ens5:
/etc/netplan/50-cloud-init.yaml: dhcp4: true
/etc/netplan/50-cloud-init.yaml: match:
/etc/netplan/50-cloud-init.yaml: macaddress: xx:xx:xx:xx:xx:xx
/etc/netplan/50-cloud-init.yaml: set-name: ens5
/etc/netplan/99_config.yaml:network:
/etc/netplan/99_config.yaml: version: 2
/etc/netplan/99_config.yaml: renderer: networkd
/etc/netplan/99_config.yaml: ethernets:
/etc/netplan/99_config.yaml: ens6:
/etc/netplan/99_config.yaml: match:
/etc/netplan/99_config.yaml: macaddress: yy:yy:yy:yy:yy:yy
/etc/netplan/99_config.yaml: dhcp4: true
/etc/netplan/99_config.yaml: dhcp4-overrides:
/etc/netplan/99_config.yaml: use-routes: false
/etc/netplan/99_config.yaml: ens7:
/etc/netplan/99_config.yaml: match:
/etc/netplan/99_config.yaml: macaddress: zz:zz:zz:zz:zz:zz
/etc/netplan/99_config.yaml: mtu: 1500
/etc/netplan/99_config.yaml: dhcp4: true
/etc/netplan/99_config.yaml: dhcp4-overrides:
/etc/netplan/99_config.yaml: use-mtu: false
/etc/netplan/99_config.yaml: use-routes: false
# grep . /etc/networkd-dispatcher/*/*|sed -e "s/domo-nat/nat/g"
/etc/networkd-dispatcher/configured.d/nat:#!/bin/bash
/etc/networkd-dispatcher/configured.d/nat:# Do additional configuration for the inside and outside interfaces
/etc/networkd-dispatcher/configured.d/nat:# route table used for forwarded/routed/natted traffic
/etc/networkd-dispatcher/configured.d/nat:FWD_TABLE=99
/etc/networkd-dispatcher/configured.d/nat:if [ "${IFACE}" = "ens6" ]; then
/etc/networkd-dispatcher/configured.d/nat: # delete link-local route for inside in default table
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip route delete 10.0.3.0/24 2>/dev/null || true
/etc/networkd-dispatcher/configured.d/nat: # add link-local route for inside in table 99
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip route replace 10.0.3.0/24 dev ens6 scope link src 10.0.3.171 table ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: # add routes to VPC cidrs via inside gateway in table 99
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip route replace 10.0.0.0/16 via 10.0.3.1 table ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: # add rules to use table 99
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip rule add iif ens6 lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip rule add oif ens6 lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip rule add from 10.0.3.171/32 lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat:elif [ "${IFACE}" = "ens7" ]; then
/etc/networkd-dispatcher/configured.d/nat: # delete link-local route for outside in default table
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip route delete 10.0.2.0/24 2>/dev/null || true
/etc/networkd-dispatcher/configured.d/nat: # add link-local route for outside in table 99
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip route replace 10.0.2.0/24 dev ens7 scope link src 10.0.2.245 table ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: # add default route via outside gateway in table 99
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip route replace default via 10.0.2.1 table ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: # add rules to use table 99
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip rule add iif ens7 lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip rule add oif ens7 lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip rule add from 10.0.2.245/32 lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: # add rules to use the inet route for local traffic but only if it's not destined for an RFC1918 private range
/etc/networkd-dispatcher/configured.d/nat: # IMPORTANT: order matters; the priority of rules is reverse of the order in which they are added.
/etc/networkd-dispatcher/configured.d/nat: # so the default/fallback is added first and then the local overrides.
/etc/networkd-dispatcher/configured.d/nat: #/sbin/ip rule add iif lo lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: #ip rule add to 10.0.0.0/8 iif lo lookup main
/etc/networkd-dispatcher/configured.d/nat: #ip rule add to 172.16.0.0/12 iif lo lookup main
/etc/networkd-dispatcher/configured.d/nat: #ip rule add to 192.168.0.0/16 iif lo lookup main
/etc/networkd-dispatcher/configured.d/nat: # ensure the forward policy is accept
/etc/networkd-dispatcher/configured.d/nat: iptables -P FORWARD ACCEPT
/etc/networkd-dispatcher/configured.d/nat: # configure iptables to do NAT
/etc/networkd-dispatcher/configured.d/nat: /sbin/iptables -t nat -I POSTROUTING 1 -o ens7 -j SNAT --to-source 10.0.2.245
/etc/networkd-dispatcher/configured.d/nat: # clean up any other rules
/etc/networkd-dispatcher/configured.d/nat: while /sbin/iptables -t nat -D POSTROUTING 2 2>/dev/null; do :; done
/etc/networkd-dispatcher/configured.d/nat:fi
/etc/networkd-dispatcher/configuring.d/nat:#!/bin/bash
/etc/networkd-dispatcher/configuring.d/nat:# Tear down existing ip rules so they aren't duplicated
/etc/networkd-dispatcher/configuring.d/nat:if [ "${IFACE}" = "ens6" ]; then
/etc/networkd-dispatcher/configuring.d/nat: # flush any existing rules referenceing this interface
/etc/networkd-dispatcher/configuring.d/nat: OLDIFS="${IFS}"
/etc/networkd-dispatcher/configuring.d/nat: IFS="
/etc/networkd-dispatcher/configuring.d/nat:"
/etc/networkd-dispatcher/configuring.d/nat: for rule in `ip rule show|egrep "ens6|10.0.3.171" | cut -d: -f2-`; do
/etc/networkd-dispatcher/configuring.d/nat: IFS="${OLDIFS}"
/etc/networkd-dispatcher/configuring.d/nat: ip rule delete ${rule}
/etc/networkd-dispatcher/configuring.d/nat: done
/etc/networkd-dispatcher/configuring.d/nat: IFS="${OLDIFS}"
/etc/networkd-dispatcher/configuring.d/nat:elif [ "${IFACE}" = "ens7" ]; then
/etc/networkd-dispatcher/configuring.d/nat: # flush any existing rules referencing this interface
/etc/networkd-dispatcher/configuring.d/nat: OLDIFS="${IFS}"
/etc/networkd-dispatcher/configuring.d/nat: IFS="
/etc/networkd-dispatcher/configuring.d/nat:"
/etc/networkd-dispatcher/configuring.d/nat: for rule in `ip rule show|egrep "ens7|10.0.2.245|iif lo" | cut -d: -f2-`; do
/etc/networkd-dispatcher/configuring.d/nat: IFS="${OLDIFS}"
/etc/networkd-dispatcher/configuring.d/nat: ip rule delete ${rule}
/etc/networkd-dispatcher/configuring.d/nat: done
/etc/networkd-dispatcher/configuring.d/nat: IFS="${OLDIFS}"
/etc/networkd-dispatcher/configuring.d/nat:fi
ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: systemd 237-3ubuntu10.39
ProcVersionSignature: Ubuntu 4.15.0-1060.62-aws 4.15.18
Uname: Linux 4.15.0-1060-aws x86_64
ApportVersion: 2.20.9-0ubuntu7.11
Architecture: amd64
Date: Wed Jun 3 21:24:28 2020
Ec2AMI: ami-0238c6e72a7e906fc
Ec2AMIManifest: (unknown)
Ec2AvailabilityZone: us-east-1b
Ec2InstanceType: c5n.large
Ec2Kernel: unavailable
Ec2Ramdisk: unavailable
Lsusb: Error: command ['lsusb'] failed with exit code 1:
MachineType: Amazon EC2 c5n.large
ProcEnviron:
TERM=xterm-256color
PATH=(custom, no user)
LANG=C.UTF-8
SHELL=/bin/bash
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.15.0-1060-aws root=LABEL=cloudimg-rootfs ro console=tty1 console=ttyS0 nvme_core.io_timeout=4294967295
SourcePackage: systemd
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 10/16/2017
dmi.bios.vendor: Amazon EC2
dmi.bios.version: 1.0
dmi.board.asset.tag: i-0c058310742990713
dmi.board.vendor: Amazon EC2
dmi.chassis.asset.tag: Amazon EC2
dmi.chassis.type: 1
dmi.chassis.vendor: Amazon EC2
dmi.modalias: dmi:bvnAmazonEC2:bvr1.0:bd10/16/2017:svnAmazonEC2:pnc5n.large:pvr:rvnAmazonEC2:rn:rvr:cvnAmazonEC2:ct1:cvr:
dmi.product.name: c5n.large
dmi.sys.vendor: Amazon EC2 |
This is a serious regression with systemd-networkd that I ran in to while setting up a NAT router in AWS. The AWS AMI ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-amd64-server-20200131 with systemd-237-3ubuntu10.33 does NOT have the problem, but the next most recent AWS AMI ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-amd64-server-20200311 with systemd-including 237-3ubuntu10.39 does.
Also, a system booted from the (good) 20200131 AMI starts showing the problem after updating only systemd (to 237-3ubuntu10.41) and its direct dependencies (e.g. 'apt-get install systemd'). So I'm fairly confident that a change to the systemd package between 237-3ubuntu10.33 and 237-3ubuntu10.39 introduced the problem and it is still present.
On the NAT router I use three interfaces and have separate routing tables for admin and forwarded traffic. Things come up fine initially but every 30-60 minutes (DHCP lease renewal time?) one or more interfaces is reconfigured and most of the time systemd-networkd will crash and need to be restarted. Eventually the system becomes unreachable when the default crash loop backoff logic prevents the network service from being restarted at all. The log excerpt attached illustrates the crash loop.
Also including the netplan and networkd config files below.
# grep . /etc/netplan/*
/etc/netplan/50-cloud-init.yaml:# This file is generated from information provided by the datasource. Changes
/etc/netplan/50-cloud-init.yaml:# to it will not persist across an instance reboot. To disable cloud-init's
/etc/netplan/50-cloud-init.yaml:# network configuration capabilities, write a file
/etc/netplan/50-cloud-init.yaml:# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
/etc/netplan/50-cloud-init.yaml:# network: {config: disabled}
/etc/netplan/50-cloud-init.yaml:network:
/etc/netplan/50-cloud-init.yaml: version: 2
/etc/netplan/50-cloud-init.yaml: ethernets:
/etc/netplan/50-cloud-init.yaml: ens5:
/etc/netplan/50-cloud-init.yaml: dhcp4: true
/etc/netplan/50-cloud-init.yaml: match:
/etc/netplan/50-cloud-init.yaml: macaddress: xx:xx:xx:xx:xx:xx
/etc/netplan/50-cloud-init.yaml: set-name: ens5
/etc/netplan/99_config.yaml:network:
/etc/netplan/99_config.yaml: version: 2
/etc/netplan/99_config.yaml: renderer: networkd
/etc/netplan/99_config.yaml: ethernets:
/etc/netplan/99_config.yaml: ens6:
/etc/netplan/99_config.yaml: match:
/etc/netplan/99_config.yaml: macaddress: yy:yy:yy:yy:yy:yy
/etc/netplan/99_config.yaml: dhcp4: true
/etc/netplan/99_config.yaml: dhcp4-overrides:
/etc/netplan/99_config.yaml: use-routes: false
/etc/netplan/99_config.yaml: ens7:
/etc/netplan/99_config.yaml: match:
/etc/netplan/99_config.yaml: macaddress: zz:zz:zz:zz:zz:zz
/etc/netplan/99_config.yaml: mtu: 1500
/etc/netplan/99_config.yaml: dhcp4: true
/etc/netplan/99_config.yaml: dhcp4-overrides:
/etc/netplan/99_config.yaml: use-mtu: false
/etc/netplan/99_config.yaml: use-routes: false
# grep . /etc/networkd-dispatcher/*/*
/etc/networkd-dispatcher/configured.d/nat:#!/bin/bash
/etc/networkd-dispatcher/configured.d/nat:# Do additional configuration for the inside and outside interfaces
/etc/networkd-dispatcher/configured.d/nat:# route table used for forwarded/routed/natted traffic
/etc/networkd-dispatcher/configured.d/nat:FWD_TABLE=99
/etc/networkd-dispatcher/configured.d/nat:if [ "${IFACE}" = "ens6" ]; then
/etc/networkd-dispatcher/configured.d/nat: # delete link-local route for inside in default table
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip route delete 10.0.3.0/24 2>/dev/null || true
/etc/networkd-dispatcher/configured.d/nat: # add link-local route for inside in table 99
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip route replace 10.0.3.0/24 dev ens6 scope link src 10.0.3.171 table ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: # add routes to VPC cidrs via inside gateway in table 99
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip route replace 10.0.0.0/16 via 10.0.3.1 table ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: # add rules to use table 99
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip rule add iif ens6 lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip rule add oif ens6 lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip rule add from 10.0.3.171/32 lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat:elif [ "${IFACE}" = "ens7" ]; then
/etc/networkd-dispatcher/configured.d/nat: # delete link-local route for outside in default table
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip route delete 10.0.2.0/24 2>/dev/null || true
/etc/networkd-dispatcher/configured.d/nat: # add link-local route for outside in table 99
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip route replace 10.0.2.0/24 dev ens7 scope link src 10.0.2.245 table ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: # add default route via outside gateway in table 99
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip route replace default via 10.0.2.1 table ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: # add rules to use table 99
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip rule add iif ens7 lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip rule add oif ens7 lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip rule add from 10.0.2.245/32 lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: # add rules to use the inet route for local traffic but only if it's not destined for an RFC1918 private range
/etc/networkd-dispatcher/configured.d/nat: # IMPORTANT: order matters; the priority of rules is reverse of the order in which they are added.
/etc/networkd-dispatcher/configured.d/nat: # so the default/fallback is added first and then the local overrides.
/etc/networkd-dispatcher/configured.d/nat: #/sbin/ip rule add iif lo lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: #ip rule add to 10.0.0.0/8 iif lo lookup main
/etc/networkd-dispatcher/configured.d/nat: #ip rule add to 172.16.0.0/12 iif lo lookup main
/etc/networkd-dispatcher/configured.d/nat: #ip rule add to 192.168.0.0/16 iif lo lookup main
/etc/networkd-dispatcher/configured.d/nat: # ensure the forward policy is accept
/etc/networkd-dispatcher/configured.d/nat: iptables -P FORWARD ACCEPT
/etc/networkd-dispatcher/configured.d/nat: # configure iptables to do NAT
/etc/networkd-dispatcher/configured.d/nat: /sbin/iptables -t nat -I POSTROUTING 1 -o ens7 -j SNAT --to-source 10.0.2.245
/etc/networkd-dispatcher/configured.d/nat: # clean up any other rules
/etc/networkd-dispatcher/configured.d/nat: while /sbin/iptables -t nat -D POSTROUTING 2 2>/dev/null; do :; done
/etc/networkd-dispatcher/configured.d/nat:fi
/etc/networkd-dispatcher/configuring.d/nat:#!/bin/bash
/etc/networkd-dispatcher/configuring.d/nat:# Tear down existing ip rules so they aren't duplicated
/etc/networkd-dispatcher/configuring.d/nat:if [ "${IFACE}" = "ens6" ]; then
/etc/networkd-dispatcher/configuring.d/nat: # flush any existing rules referenceing this interface
/etc/networkd-dispatcher/configuring.d/nat: OLDIFS="${IFS}"
/etc/networkd-dispatcher/configuring.d/nat: IFS="
/etc/networkd-dispatcher/configuring.d/nat:"
/etc/networkd-dispatcher/configuring.d/nat: for rule in `ip rule show|egrep "ens6|10.0.3.171" | cut -d: -f2-`; do
/etc/networkd-dispatcher/configuring.d/nat: IFS="${OLDIFS}"
/etc/networkd-dispatcher/configuring.d/nat: ip rule delete ${rule}
/etc/networkd-dispatcher/configuring.d/nat: done
/etc/networkd-dispatcher/configuring.d/nat: IFS="${OLDIFS}"
/etc/networkd-dispatcher/configuring.d/nat:elif [ "${IFACE}" = "ens7" ]; then
/etc/networkd-dispatcher/configuring.d/nat: # flush any existing rules referencing this interface
/etc/networkd-dispatcher/configuring.d/nat: OLDIFS="${IFS}"
/etc/networkd-dispatcher/configuring.d/nat: IFS="
/etc/networkd-dispatcher/configuring.d/nat:"
/etc/networkd-dispatcher/configuring.d/nat: for rule in `ip rule show|egrep "ens7|10.0.2.245|iif lo" | cut -d: -f2-`; do
/etc/networkd-dispatcher/configuring.d/nat: IFS="${OLDIFS}"
/etc/networkd-dispatcher/configuring.d/nat: ip rule delete ${rule}
/etc/networkd-dispatcher/configuring.d/nat: done
/etc/networkd-dispatcher/configuring.d/nat: IFS="${OLDIFS}"
/etc/networkd-dispatcher/configuring.d/nat:fi
ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: systemd 237-3ubuntu10.39
ProcVersionSignature: Ubuntu 4.15.0-1060.62-aws 4.15.18
Uname: Linux 4.15.0-1060-aws x86_64
ApportVersion: 2.20.9-0ubuntu7.11
Architecture: amd64
Date: Wed Jun 3 21:24:28 2020
Ec2AMI: ami-0238c6e72a7e906fc
Ec2AMIManifest: (unknown)
Ec2AvailabilityZone: us-east-1b
Ec2InstanceType: c5n.large
Ec2Kernel: unavailable
Ec2Ramdisk: unavailable
Lsusb: Error: command ['lsusb'] failed with exit code 1:
MachineType: Amazon EC2 c5n.large
ProcEnviron:
TERM=xterm-256color
PATH=(custom, no user)
LANG=C.UTF-8
SHELL=/bin/bash
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.15.0-1060-aws root=LABEL=cloudimg-rootfs ro console=tty1 console=ttyS0 nvme_core.io_timeout=4294967295
SourcePackage: systemd
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 10/16/2017
dmi.bios.vendor: Amazon EC2
dmi.bios.version: 1.0
dmi.board.asset.tag: i-0c058310742990713
dmi.board.vendor: Amazon EC2
dmi.chassis.asset.tag: Amazon EC2
dmi.chassis.type: 1
dmi.chassis.vendor: Amazon EC2
dmi.modalias: dmi:bvnAmazonEC2:bvr1.0:bd10/16/2017:svnAmazonEC2:pnc5n.large:pvr:rvnAmazonEC2:rn:rvr:cvnAmazonEC2:ct1:cvr:
dmi.product.name: c5n.large
dmi.sys.vendor: Amazon EC2 |
|
| 2020-06-03 22:59:38 |
Dan Streetman |
systemd (Ubuntu): status |
New |
Incomplete |
|
| 2020-06-03 22:59:42 |
Dan Streetman |
bug |
|
|
added subscriber Dan Streetman |
| 2020-06-16 19:58:47 |
John Nielsen |
attachment added |
|
core dump file https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1881972/+attachment/5384495/+files/core.systemd-network.100.578e8b2c2e1a43afbd27211be1a4f531.28819.1592336182000000.lz4 |
|
| 2020-06-16 20:14:39 |
John Nielsen |
systemd (Ubuntu): status |
Incomplete |
New |
|
| 2020-06-16 22:06:14 |
Dan Streetman |
nominated for series |
|
Ubuntu Bionic |
|
| 2020-06-16 22:06:14 |
Dan Streetman |
bug task added |
|
systemd (Ubuntu Bionic) |
|
| 2020-06-16 22:06:21 |
Dan Streetman |
systemd (Ubuntu): status |
New |
Fix Released |
|
| 2020-06-16 22:06:26 |
Dan Streetman |
systemd (Ubuntu Bionic): assignee |
|
Dan Streetman (ddstreet) |
|
| 2020-06-16 22:06:29 |
Dan Streetman |
systemd (Ubuntu Bionic): importance |
Undecided |
Medium |
|
| 2020-06-16 22:06:32 |
Dan Streetman |
systemd (Ubuntu Bionic): status |
New |
In Progress |
|
| 2020-07-02 20:55:25 |
Dan Streetman |
description |
This is a serious regression with systemd-networkd that I ran in to while setting up a NAT router in AWS. The AWS AMI ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-amd64-server-20200131 with systemd-237-3ubuntu10.33 does NOT have the problem, but the next most recent AWS AMI ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-amd64-server-20200311 with systemd-including 237-3ubuntu10.39 does.
Also, a system booted from the (good) 20200131 AMI starts showing the problem after updating only systemd (to 237-3ubuntu10.41) and its direct dependencies (e.g. 'apt-get install systemd'). So I'm fairly confident that a change to the systemd package between 237-3ubuntu10.33 and 237-3ubuntu10.39 introduced the problem and it is still present.
On the NAT router I use three interfaces and have separate routing tables for admin and forwarded traffic. Things come up fine initially but every 30-60 minutes (DHCP lease renewal time?) one or more interfaces is reconfigured and most of the time systemd-networkd will crash and need to be restarted. Eventually the system becomes unreachable when the default crash loop backoff logic prevents the network service from being restarted at all. The log excerpt attached illustrates the crash loop.
Also including the netplan and networkd config files below.
# grep . /etc/netplan/*
/etc/netplan/50-cloud-init.yaml:# This file is generated from information provided by the datasource. Changes
/etc/netplan/50-cloud-init.yaml:# to it will not persist across an instance reboot. To disable cloud-init's
/etc/netplan/50-cloud-init.yaml:# network configuration capabilities, write a file
/etc/netplan/50-cloud-init.yaml:# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
/etc/netplan/50-cloud-init.yaml:# network: {config: disabled}
/etc/netplan/50-cloud-init.yaml:network:
/etc/netplan/50-cloud-init.yaml: version: 2
/etc/netplan/50-cloud-init.yaml: ethernets:
/etc/netplan/50-cloud-init.yaml: ens5:
/etc/netplan/50-cloud-init.yaml: dhcp4: true
/etc/netplan/50-cloud-init.yaml: match:
/etc/netplan/50-cloud-init.yaml: macaddress: xx:xx:xx:xx:xx:xx
/etc/netplan/50-cloud-init.yaml: set-name: ens5
/etc/netplan/99_config.yaml:network:
/etc/netplan/99_config.yaml: version: 2
/etc/netplan/99_config.yaml: renderer: networkd
/etc/netplan/99_config.yaml: ethernets:
/etc/netplan/99_config.yaml: ens6:
/etc/netplan/99_config.yaml: match:
/etc/netplan/99_config.yaml: macaddress: yy:yy:yy:yy:yy:yy
/etc/netplan/99_config.yaml: dhcp4: true
/etc/netplan/99_config.yaml: dhcp4-overrides:
/etc/netplan/99_config.yaml: use-routes: false
/etc/netplan/99_config.yaml: ens7:
/etc/netplan/99_config.yaml: match:
/etc/netplan/99_config.yaml: macaddress: zz:zz:zz:zz:zz:zz
/etc/netplan/99_config.yaml: mtu: 1500
/etc/netplan/99_config.yaml: dhcp4: true
/etc/netplan/99_config.yaml: dhcp4-overrides:
/etc/netplan/99_config.yaml: use-mtu: false
/etc/netplan/99_config.yaml: use-routes: false
# grep . /etc/networkd-dispatcher/*/*
/etc/networkd-dispatcher/configured.d/nat:#!/bin/bash
/etc/networkd-dispatcher/configured.d/nat:# Do additional configuration for the inside and outside interfaces
/etc/networkd-dispatcher/configured.d/nat:# route table used for forwarded/routed/natted traffic
/etc/networkd-dispatcher/configured.d/nat:FWD_TABLE=99
/etc/networkd-dispatcher/configured.d/nat:if [ "${IFACE}" = "ens6" ]; then
/etc/networkd-dispatcher/configured.d/nat: # delete link-local route for inside in default table
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip route delete 10.0.3.0/24 2>/dev/null || true
/etc/networkd-dispatcher/configured.d/nat: # add link-local route for inside in table 99
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip route replace 10.0.3.0/24 dev ens6 scope link src 10.0.3.171 table ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: # add routes to VPC cidrs via inside gateway in table 99
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip route replace 10.0.0.0/16 via 10.0.3.1 table ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: # add rules to use table 99
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip rule add iif ens6 lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip rule add oif ens6 lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip rule add from 10.0.3.171/32 lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat:elif [ "${IFACE}" = "ens7" ]; then
/etc/networkd-dispatcher/configured.d/nat: # delete link-local route for outside in default table
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip route delete 10.0.2.0/24 2>/dev/null || true
/etc/networkd-dispatcher/configured.d/nat: # add link-local route for outside in table 99
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip route replace 10.0.2.0/24 dev ens7 scope link src 10.0.2.245 table ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: # add default route via outside gateway in table 99
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip route replace default via 10.0.2.1 table ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: # add rules to use table 99
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip rule add iif ens7 lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip rule add oif ens7 lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip rule add from 10.0.2.245/32 lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: # add rules to use the inet route for local traffic but only if it's not destined for an RFC1918 private range
/etc/networkd-dispatcher/configured.d/nat: # IMPORTANT: order matters; the priority of rules is reverse of the order in which they are added.
/etc/networkd-dispatcher/configured.d/nat: # so the default/fallback is added first and then the local overrides.
/etc/networkd-dispatcher/configured.d/nat: #/sbin/ip rule add iif lo lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: #ip rule add to 10.0.0.0/8 iif lo lookup main
/etc/networkd-dispatcher/configured.d/nat: #ip rule add to 172.16.0.0/12 iif lo lookup main
/etc/networkd-dispatcher/configured.d/nat: #ip rule add to 192.168.0.0/16 iif lo lookup main
/etc/networkd-dispatcher/configured.d/nat: # ensure the forward policy is accept
/etc/networkd-dispatcher/configured.d/nat: iptables -P FORWARD ACCEPT
/etc/networkd-dispatcher/configured.d/nat: # configure iptables to do NAT
/etc/networkd-dispatcher/configured.d/nat: /sbin/iptables -t nat -I POSTROUTING 1 -o ens7 -j SNAT --to-source 10.0.2.245
/etc/networkd-dispatcher/configured.d/nat: # clean up any other rules
/etc/networkd-dispatcher/configured.d/nat: while /sbin/iptables -t nat -D POSTROUTING 2 2>/dev/null; do :; done
/etc/networkd-dispatcher/configured.d/nat:fi
/etc/networkd-dispatcher/configuring.d/nat:#!/bin/bash
/etc/networkd-dispatcher/configuring.d/nat:# Tear down existing ip rules so they aren't duplicated
/etc/networkd-dispatcher/configuring.d/nat:if [ "${IFACE}" = "ens6" ]; then
/etc/networkd-dispatcher/configuring.d/nat: # flush any existing rules referenceing this interface
/etc/networkd-dispatcher/configuring.d/nat: OLDIFS="${IFS}"
/etc/networkd-dispatcher/configuring.d/nat: IFS="
/etc/networkd-dispatcher/configuring.d/nat:"
/etc/networkd-dispatcher/configuring.d/nat: for rule in `ip rule show|egrep "ens6|10.0.3.171" | cut -d: -f2-`; do
/etc/networkd-dispatcher/configuring.d/nat: IFS="${OLDIFS}"
/etc/networkd-dispatcher/configuring.d/nat: ip rule delete ${rule}
/etc/networkd-dispatcher/configuring.d/nat: done
/etc/networkd-dispatcher/configuring.d/nat: IFS="${OLDIFS}"
/etc/networkd-dispatcher/configuring.d/nat:elif [ "${IFACE}" = "ens7" ]; then
/etc/networkd-dispatcher/configuring.d/nat: # flush any existing rules referencing this interface
/etc/networkd-dispatcher/configuring.d/nat: OLDIFS="${IFS}"
/etc/networkd-dispatcher/configuring.d/nat: IFS="
/etc/networkd-dispatcher/configuring.d/nat:"
/etc/networkd-dispatcher/configuring.d/nat: for rule in `ip rule show|egrep "ens7|10.0.2.245|iif lo" | cut -d: -f2-`; do
/etc/networkd-dispatcher/configuring.d/nat: IFS="${OLDIFS}"
/etc/networkd-dispatcher/configuring.d/nat: ip rule delete ${rule}
/etc/networkd-dispatcher/configuring.d/nat: done
/etc/networkd-dispatcher/configuring.d/nat: IFS="${OLDIFS}"
/etc/networkd-dispatcher/configuring.d/nat:fi
ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: systemd 237-3ubuntu10.39
ProcVersionSignature: Ubuntu 4.15.0-1060.62-aws 4.15.18
Uname: Linux 4.15.0-1060-aws x86_64
ApportVersion: 2.20.9-0ubuntu7.11
Architecture: amd64
Date: Wed Jun 3 21:24:28 2020
Ec2AMI: ami-0238c6e72a7e906fc
Ec2AMIManifest: (unknown)
Ec2AvailabilityZone: us-east-1b
Ec2InstanceType: c5n.large
Ec2Kernel: unavailable
Ec2Ramdisk: unavailable
Lsusb: Error: command ['lsusb'] failed with exit code 1:
MachineType: Amazon EC2 c5n.large
ProcEnviron:
TERM=xterm-256color
PATH=(custom, no user)
LANG=C.UTF-8
SHELL=/bin/bash
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.15.0-1060-aws root=LABEL=cloudimg-rootfs ro console=tty1 console=ttyS0 nvme_core.io_timeout=4294967295
SourcePackage: systemd
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 10/16/2017
dmi.bios.vendor: Amazon EC2
dmi.bios.version: 1.0
dmi.board.asset.tag: i-0c058310742990713
dmi.board.vendor: Amazon EC2
dmi.chassis.asset.tag: Amazon EC2
dmi.chassis.type: 1
dmi.chassis.vendor: Amazon EC2
dmi.modalias: dmi:bvnAmazonEC2:bvr1.0:bd10/16/2017:svnAmazonEC2:pnc5n.large:pvr:rvnAmazonEC2:rn:rvr:cvnAmazonEC2:ct1:cvr:
dmi.product.name: c5n.large
dmi.sys.vendor: Amazon EC2 |
[impact]
systemd-networkd double-free causes crash under some circumstances, such as adding/removing ip rules
[test case]
see original description
[regression potential]
this strdup's strings during addition of routing policy rules, so any regression would likely occur when adding/modifying/removing ip rules, possibly including networkd segfault or failure to add/remove/modify ip rules.
[scope]
this is needed for bionic.
this is fixed by upstream commit eeab051b28ba6e1b4a56d369d4c6bf7cfa71947c which is included starting in v240, so this is already included in Focal and later.
I did not research what original commit introduced the problem, but the reporter indicates this did not happen for Xenial so it's unlikely this is a problem in Xenial or earlier.
[original description]
This is a serious regression with systemd-networkd that I ran in to while setting up a NAT router in AWS. The AWS AMI ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-amd64-server-20200131 with systemd-237-3ubuntu10.33 does NOT have the problem, but the next most recent AWS AMI ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-amd64-server-20200311 with systemd-including 237-3ubuntu10.39 does.
Also, a system booted from the (good) 20200131 AMI starts showing the problem after updating only systemd (to 237-3ubuntu10.41) and its direct dependencies (e.g. 'apt-get install systemd'). So I'm fairly confident that a change to the systemd package between 237-3ubuntu10.33 and 237-3ubuntu10.39 introduced the problem and it is still present.
On the NAT router I use three interfaces and have separate routing tables for admin and forwarded traffic. Things come up fine initially but every 30-60 minutes (DHCP lease renewal time?) one or more interfaces is reconfigured and most of the time systemd-networkd will crash and need to be restarted. Eventually the system becomes unreachable when the default crash loop backoff logic prevents the network service from being restarted at all. The log excerpt attached illustrates the crash loop.
Also including the netplan and networkd config files below.
# grep . /etc/netplan/*
/etc/netplan/50-cloud-init.yaml:# This file is generated from information provided by the datasource. Changes
/etc/netplan/50-cloud-init.yaml:# to it will not persist across an instance reboot. To disable cloud-init's
/etc/netplan/50-cloud-init.yaml:# network configuration capabilities, write a file
/etc/netplan/50-cloud-init.yaml:# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
/etc/netplan/50-cloud-init.yaml:# network: {config: disabled}
/etc/netplan/50-cloud-init.yaml:network:
/etc/netplan/50-cloud-init.yaml: version: 2
/etc/netplan/50-cloud-init.yaml: ethernets:
/etc/netplan/50-cloud-init.yaml: ens5:
/etc/netplan/50-cloud-init.yaml: dhcp4: true
/etc/netplan/50-cloud-init.yaml: match:
/etc/netplan/50-cloud-init.yaml: macaddress: xx:xx:xx:xx:xx:xx
/etc/netplan/50-cloud-init.yaml: set-name: ens5
/etc/netplan/99_config.yaml:network:
/etc/netplan/99_config.yaml: version: 2
/etc/netplan/99_config.yaml: renderer: networkd
/etc/netplan/99_config.yaml: ethernets:
/etc/netplan/99_config.yaml: ens6:
/etc/netplan/99_config.yaml: match:
/etc/netplan/99_config.yaml: macaddress: yy:yy:yy:yy:yy:yy
/etc/netplan/99_config.yaml: dhcp4: true
/etc/netplan/99_config.yaml: dhcp4-overrides:
/etc/netplan/99_config.yaml: use-routes: false
/etc/netplan/99_config.yaml: ens7:
/etc/netplan/99_config.yaml: match:
/etc/netplan/99_config.yaml: macaddress: zz:zz:zz:zz:zz:zz
/etc/netplan/99_config.yaml: mtu: 1500
/etc/netplan/99_config.yaml: dhcp4: true
/etc/netplan/99_config.yaml: dhcp4-overrides:
/etc/netplan/99_config.yaml: use-mtu: false
/etc/netplan/99_config.yaml: use-routes: false
# grep . /etc/networkd-dispatcher/*/*
/etc/networkd-dispatcher/configured.d/nat:#!/bin/bash
/etc/networkd-dispatcher/configured.d/nat:# Do additional configuration for the inside and outside interfaces
/etc/networkd-dispatcher/configured.d/nat:# route table used for forwarded/routed/natted traffic
/etc/networkd-dispatcher/configured.d/nat:FWD_TABLE=99
/etc/networkd-dispatcher/configured.d/nat:if [ "${IFACE}" = "ens6" ]; then
/etc/networkd-dispatcher/configured.d/nat: # delete link-local route for inside in default table
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip route delete 10.0.3.0/24 2>/dev/null || true
/etc/networkd-dispatcher/configured.d/nat: # add link-local route for inside in table 99
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip route replace 10.0.3.0/24 dev ens6 scope link src 10.0.3.171 table ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: # add routes to VPC cidrs via inside gateway in table 99
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip route replace 10.0.0.0/16 via 10.0.3.1 table ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: # add rules to use table 99
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip rule add iif ens6 lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip rule add oif ens6 lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip rule add from 10.0.3.171/32 lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat:elif [ "${IFACE}" = "ens7" ]; then
/etc/networkd-dispatcher/configured.d/nat: # delete link-local route for outside in default table
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip route delete 10.0.2.0/24 2>/dev/null || true
/etc/networkd-dispatcher/configured.d/nat: # add link-local route for outside in table 99
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip route replace 10.0.2.0/24 dev ens7 scope link src 10.0.2.245 table ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: # add default route via outside gateway in table 99
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip route replace default via 10.0.2.1 table ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: # add rules to use table 99
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip rule add iif ens7 lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip rule add oif ens7 lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip rule add from 10.0.2.245/32 lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: # add rules to use the inet route for local traffic but only if it's not destined for an RFC1918 private range
/etc/networkd-dispatcher/configured.d/nat: # IMPORTANT: order matters; the priority of rules is reverse of the order in which they are added.
/etc/networkd-dispatcher/configured.d/nat: # so the default/fallback is added first and then the local overrides.
/etc/networkd-dispatcher/configured.d/nat: #/sbin/ip rule add iif lo lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: #ip rule add to 10.0.0.0/8 iif lo lookup main
/etc/networkd-dispatcher/configured.d/nat: #ip rule add to 172.16.0.0/12 iif lo lookup main
/etc/networkd-dispatcher/configured.d/nat: #ip rule add to 192.168.0.0/16 iif lo lookup main
/etc/networkd-dispatcher/configured.d/nat: # ensure the forward policy is accept
/etc/networkd-dispatcher/configured.d/nat: iptables -P FORWARD ACCEPT
/etc/networkd-dispatcher/configured.d/nat: # configure iptables to do NAT
/etc/networkd-dispatcher/configured.d/nat: /sbin/iptables -t nat -I POSTROUTING 1 -o ens7 -j SNAT --to-source 10.0.2.245
/etc/networkd-dispatcher/configured.d/nat: # clean up any other rules
/etc/networkd-dispatcher/configured.d/nat: while /sbin/iptables -t nat -D POSTROUTING 2 2>/dev/null; do :; done
/etc/networkd-dispatcher/configured.d/nat:fi
/etc/networkd-dispatcher/configuring.d/nat:#!/bin/bash
/etc/networkd-dispatcher/configuring.d/nat:# Tear down existing ip rules so they aren't duplicated
/etc/networkd-dispatcher/configuring.d/nat:if [ "${IFACE}" = "ens6" ]; then
/etc/networkd-dispatcher/configuring.d/nat: # flush any existing rules referenceing this interface
/etc/networkd-dispatcher/configuring.d/nat: OLDIFS="${IFS}"
/etc/networkd-dispatcher/configuring.d/nat: IFS="
/etc/networkd-dispatcher/configuring.d/nat:"
/etc/networkd-dispatcher/configuring.d/nat: for rule in `ip rule show|egrep "ens6|10.0.3.171" | cut -d: -f2-`; do
/etc/networkd-dispatcher/configuring.d/nat: IFS="${OLDIFS}"
/etc/networkd-dispatcher/configuring.d/nat: ip rule delete ${rule}
/etc/networkd-dispatcher/configuring.d/nat: done
/etc/networkd-dispatcher/configuring.d/nat: IFS="${OLDIFS}"
/etc/networkd-dispatcher/configuring.d/nat:elif [ "${IFACE}" = "ens7" ]; then
/etc/networkd-dispatcher/configuring.d/nat: # flush any existing rules referencing this interface
/etc/networkd-dispatcher/configuring.d/nat: OLDIFS="${IFS}"
/etc/networkd-dispatcher/configuring.d/nat: IFS="
/etc/networkd-dispatcher/configuring.d/nat:"
/etc/networkd-dispatcher/configuring.d/nat: for rule in `ip rule show|egrep "ens7|10.0.2.245|iif lo" | cut -d: -f2-`; do
/etc/networkd-dispatcher/configuring.d/nat: IFS="${OLDIFS}"
/etc/networkd-dispatcher/configuring.d/nat: ip rule delete ${rule}
/etc/networkd-dispatcher/configuring.d/nat: done
/etc/networkd-dispatcher/configuring.d/nat: IFS="${OLDIFS}"
/etc/networkd-dispatcher/configuring.d/nat:fi
ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: systemd 237-3ubuntu10.39
ProcVersionSignature: Ubuntu 4.15.0-1060.62-aws 4.15.18
Uname: Linux 4.15.0-1060-aws x86_64
ApportVersion: 2.20.9-0ubuntu7.11
Architecture: amd64
Date: Wed Jun 3 21:24:28 2020
Ec2AMI: ami-0238c6e72a7e906fc
Ec2AMIManifest: (unknown)
Ec2AvailabilityZone: us-east-1b
Ec2InstanceType: c5n.large
Ec2Kernel: unavailable
Ec2Ramdisk: unavailable
Lsusb: Error: command ['lsusb'] failed with exit code 1:
MachineType: Amazon EC2 c5n.large
ProcEnviron:
TERM=xterm-256color
PATH=(custom, no user)
LANG=C.UTF-8
SHELL=/bin/bash
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.15.0-1060-aws root=LABEL=cloudimg-rootfs ro console=tty1 console=ttyS0 nvme_core.io_timeout=4294967295
SourcePackage: systemd
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 10/16/2017
dmi.bios.vendor: Amazon EC2
dmi.bios.version: 1.0
dmi.board.asset.tag: i-0c058310742990713
dmi.board.vendor: Amazon EC2
dmi.chassis.asset.tag: Amazon EC2
dmi.chassis.type: 1
dmi.chassis.vendor: Amazon EC2
dmi.modalias: dmi:bvnAmazonEC2:bvr1.0:bd10/16/2017:svnAmazonEC2:pnc5n.large:pvr:rvnAmazonEC2:rn:rvr:cvnAmazonEC2:ct1:cvr:
dmi.product.name: c5n.large
dmi.sys.vendor: Amazon EC2 |
|
| 2020-07-08 17:31:02 |
John Nielsen |
attachment added |
|
core.systemd-network.100.df33bbaec4134b45aaabe8b3fca7dade.714.1594228621000000.lz4 https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1881972/+attachment/5390826/+files/core.systemd-network.100.df33bbaec4134b45aaabe8b3fca7dade.714.1594228621000000.lz4 |
|
| 2020-07-29 18:39:40 |
Steve Langasek |
systemd (Ubuntu Bionic): status |
In Progress |
Incomplete |
|
| 2020-07-29 18:57:00 |
Steve Langasek |
bug |
|
|
added subscriber Steve Langasek |
| 2020-07-29 19:48:43 |
John Nielsen |
description |
[impact]
systemd-networkd double-free causes crash under some circumstances, such as adding/removing ip rules
[test case]
see original description
[regression potential]
this strdup's strings during addition of routing policy rules, so any regression would likely occur when adding/modifying/removing ip rules, possibly including networkd segfault or failure to add/remove/modify ip rules.
[scope]
this is needed for bionic.
this is fixed by upstream commit eeab051b28ba6e1b4a56d369d4c6bf7cfa71947c which is included starting in v240, so this is already included in Focal and later.
I did not research what original commit introduced the problem, but the reporter indicates this did not happen for Xenial so it's unlikely this is a problem in Xenial or earlier.
[original description]
This is a serious regression with systemd-networkd that I ran in to while setting up a NAT router in AWS. The AWS AMI ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-amd64-server-20200131 with systemd-237-3ubuntu10.33 does NOT have the problem, but the next most recent AWS AMI ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-amd64-server-20200311 with systemd-including 237-3ubuntu10.39 does.
Also, a system booted from the (good) 20200131 AMI starts showing the problem after updating only systemd (to 237-3ubuntu10.41) and its direct dependencies (e.g. 'apt-get install systemd'). So I'm fairly confident that a change to the systemd package between 237-3ubuntu10.33 and 237-3ubuntu10.39 introduced the problem and it is still present.
On the NAT router I use three interfaces and have separate routing tables for admin and forwarded traffic. Things come up fine initially but every 30-60 minutes (DHCP lease renewal time?) one or more interfaces is reconfigured and most of the time systemd-networkd will crash and need to be restarted. Eventually the system becomes unreachable when the default crash loop backoff logic prevents the network service from being restarted at all. The log excerpt attached illustrates the crash loop.
Also including the netplan and networkd config files below.
# grep . /etc/netplan/*
/etc/netplan/50-cloud-init.yaml:# This file is generated from information provided by the datasource. Changes
/etc/netplan/50-cloud-init.yaml:# to it will not persist across an instance reboot. To disable cloud-init's
/etc/netplan/50-cloud-init.yaml:# network configuration capabilities, write a file
/etc/netplan/50-cloud-init.yaml:# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
/etc/netplan/50-cloud-init.yaml:# network: {config: disabled}
/etc/netplan/50-cloud-init.yaml:network:
/etc/netplan/50-cloud-init.yaml: version: 2
/etc/netplan/50-cloud-init.yaml: ethernets:
/etc/netplan/50-cloud-init.yaml: ens5:
/etc/netplan/50-cloud-init.yaml: dhcp4: true
/etc/netplan/50-cloud-init.yaml: match:
/etc/netplan/50-cloud-init.yaml: macaddress: xx:xx:xx:xx:xx:xx
/etc/netplan/50-cloud-init.yaml: set-name: ens5
/etc/netplan/99_config.yaml:network:
/etc/netplan/99_config.yaml: version: 2
/etc/netplan/99_config.yaml: renderer: networkd
/etc/netplan/99_config.yaml: ethernets:
/etc/netplan/99_config.yaml: ens6:
/etc/netplan/99_config.yaml: match:
/etc/netplan/99_config.yaml: macaddress: yy:yy:yy:yy:yy:yy
/etc/netplan/99_config.yaml: dhcp4: true
/etc/netplan/99_config.yaml: dhcp4-overrides:
/etc/netplan/99_config.yaml: use-routes: false
/etc/netplan/99_config.yaml: ens7:
/etc/netplan/99_config.yaml: match:
/etc/netplan/99_config.yaml: macaddress: zz:zz:zz:zz:zz:zz
/etc/netplan/99_config.yaml: mtu: 1500
/etc/netplan/99_config.yaml: dhcp4: true
/etc/netplan/99_config.yaml: dhcp4-overrides:
/etc/netplan/99_config.yaml: use-mtu: false
/etc/netplan/99_config.yaml: use-routes: false
# grep . /etc/networkd-dispatcher/*/*
/etc/networkd-dispatcher/configured.d/nat:#!/bin/bash
/etc/networkd-dispatcher/configured.d/nat:# Do additional configuration for the inside and outside interfaces
/etc/networkd-dispatcher/configured.d/nat:# route table used for forwarded/routed/natted traffic
/etc/networkd-dispatcher/configured.d/nat:FWD_TABLE=99
/etc/networkd-dispatcher/configured.d/nat:if [ "${IFACE}" = "ens6" ]; then
/etc/networkd-dispatcher/configured.d/nat: # delete link-local route for inside in default table
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip route delete 10.0.3.0/24 2>/dev/null || true
/etc/networkd-dispatcher/configured.d/nat: # add link-local route for inside in table 99
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip route replace 10.0.3.0/24 dev ens6 scope link src 10.0.3.171 table ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: # add routes to VPC cidrs via inside gateway in table 99
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip route replace 10.0.0.0/16 via 10.0.3.1 table ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: # add rules to use table 99
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip rule add iif ens6 lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip rule add oif ens6 lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip rule add from 10.0.3.171/32 lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat:elif [ "${IFACE}" = "ens7" ]; then
/etc/networkd-dispatcher/configured.d/nat: # delete link-local route for outside in default table
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip route delete 10.0.2.0/24 2>/dev/null || true
/etc/networkd-dispatcher/configured.d/nat: # add link-local route for outside in table 99
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip route replace 10.0.2.0/24 dev ens7 scope link src 10.0.2.245 table ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: # add default route via outside gateway in table 99
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip route replace default via 10.0.2.1 table ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: # add rules to use table 99
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip rule add iif ens7 lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip rule add oif ens7 lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip rule add from 10.0.2.245/32 lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: # add rules to use the inet route for local traffic but only if it's not destined for an RFC1918 private range
/etc/networkd-dispatcher/configured.d/nat: # IMPORTANT: order matters; the priority of rules is reverse of the order in which they are added.
/etc/networkd-dispatcher/configured.d/nat: # so the default/fallback is added first and then the local overrides.
/etc/networkd-dispatcher/configured.d/nat: #/sbin/ip rule add iif lo lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: #ip rule add to 10.0.0.0/8 iif lo lookup main
/etc/networkd-dispatcher/configured.d/nat: #ip rule add to 172.16.0.0/12 iif lo lookup main
/etc/networkd-dispatcher/configured.d/nat: #ip rule add to 192.168.0.0/16 iif lo lookup main
/etc/networkd-dispatcher/configured.d/nat: # ensure the forward policy is accept
/etc/networkd-dispatcher/configured.d/nat: iptables -P FORWARD ACCEPT
/etc/networkd-dispatcher/configured.d/nat: # configure iptables to do NAT
/etc/networkd-dispatcher/configured.d/nat: /sbin/iptables -t nat -I POSTROUTING 1 -o ens7 -j SNAT --to-source 10.0.2.245
/etc/networkd-dispatcher/configured.d/nat: # clean up any other rules
/etc/networkd-dispatcher/configured.d/nat: while /sbin/iptables -t nat -D POSTROUTING 2 2>/dev/null; do :; done
/etc/networkd-dispatcher/configured.d/nat:fi
/etc/networkd-dispatcher/configuring.d/nat:#!/bin/bash
/etc/networkd-dispatcher/configuring.d/nat:# Tear down existing ip rules so they aren't duplicated
/etc/networkd-dispatcher/configuring.d/nat:if [ "${IFACE}" = "ens6" ]; then
/etc/networkd-dispatcher/configuring.d/nat: # flush any existing rules referenceing this interface
/etc/networkd-dispatcher/configuring.d/nat: OLDIFS="${IFS}"
/etc/networkd-dispatcher/configuring.d/nat: IFS="
/etc/networkd-dispatcher/configuring.d/nat:"
/etc/networkd-dispatcher/configuring.d/nat: for rule in `ip rule show|egrep "ens6|10.0.3.171" | cut -d: -f2-`; do
/etc/networkd-dispatcher/configuring.d/nat: IFS="${OLDIFS}"
/etc/networkd-dispatcher/configuring.d/nat: ip rule delete ${rule}
/etc/networkd-dispatcher/configuring.d/nat: done
/etc/networkd-dispatcher/configuring.d/nat: IFS="${OLDIFS}"
/etc/networkd-dispatcher/configuring.d/nat:elif [ "${IFACE}" = "ens7" ]; then
/etc/networkd-dispatcher/configuring.d/nat: # flush any existing rules referencing this interface
/etc/networkd-dispatcher/configuring.d/nat: OLDIFS="${IFS}"
/etc/networkd-dispatcher/configuring.d/nat: IFS="
/etc/networkd-dispatcher/configuring.d/nat:"
/etc/networkd-dispatcher/configuring.d/nat: for rule in `ip rule show|egrep "ens7|10.0.2.245|iif lo" | cut -d: -f2-`; do
/etc/networkd-dispatcher/configuring.d/nat: IFS="${OLDIFS}"
/etc/networkd-dispatcher/configuring.d/nat: ip rule delete ${rule}
/etc/networkd-dispatcher/configuring.d/nat: done
/etc/networkd-dispatcher/configuring.d/nat: IFS="${OLDIFS}"
/etc/networkd-dispatcher/configuring.d/nat:fi
ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: systemd 237-3ubuntu10.39
ProcVersionSignature: Ubuntu 4.15.0-1060.62-aws 4.15.18
Uname: Linux 4.15.0-1060-aws x86_64
ApportVersion: 2.20.9-0ubuntu7.11
Architecture: amd64
Date: Wed Jun 3 21:24:28 2020
Ec2AMI: ami-0238c6e72a7e906fc
Ec2AMIManifest: (unknown)
Ec2AvailabilityZone: us-east-1b
Ec2InstanceType: c5n.large
Ec2Kernel: unavailable
Ec2Ramdisk: unavailable
Lsusb: Error: command ['lsusb'] failed with exit code 1:
MachineType: Amazon EC2 c5n.large
ProcEnviron:
TERM=xterm-256color
PATH=(custom, no user)
LANG=C.UTF-8
SHELL=/bin/bash
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.15.0-1060-aws root=LABEL=cloudimg-rootfs ro console=tty1 console=ttyS0 nvme_core.io_timeout=4294967295
SourcePackage: systemd
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 10/16/2017
dmi.bios.vendor: Amazon EC2
dmi.bios.version: 1.0
dmi.board.asset.tag: i-0c058310742990713
dmi.board.vendor: Amazon EC2
dmi.chassis.asset.tag: Amazon EC2
dmi.chassis.type: 1
dmi.chassis.vendor: Amazon EC2
dmi.modalias: dmi:bvnAmazonEC2:bvr1.0:bd10/16/2017:svnAmazonEC2:pnc5n.large:pvr:rvnAmazonEC2:rn:rvr:cvnAmazonEC2:ct1:cvr:
dmi.product.name: c5n.large
dmi.sys.vendor: Amazon EC2 |
[impact]
systemd-networkd double-free causes crash under some circumstances, such as adding/removing ip rules
[test case]
Use networkd-dispatcher events to add and remove IP rules. The example scripts below are contrived (and by themselves likely to break access to a machine) but would be adequate to trigger the bug. Put scripts like these in place, reboot or run "netplan apply", and then leave the machine running for a few DHCP renewal cycles.
=== /etc/networkd-dispatcher/configured.d/test.sh ===
#!/bin/bash
/sbin/ip rule add iif lo lookup 99
/sbin/ip rule add to 10.0.0.0/8 iif lo lookup main
=== END ===
=== /etc/networkd-dispatcher/configuring.d/test.sh ===
#!/bin/bash
# Tear down existing ip rules so they aren't duplicated
OLDIFS="${IFS}"
IFS="
"
for rule in `ip rule show|grep "iif lo" | cut -d: -f2-`; do
IFS="${OLDIFS}"
ip rule delete ${rule}
done
IFS="${OLDIFS}"
=== END ===
[regression potential]
this strdup's strings during addition of routing policy rules, so any regression would likely occur when adding/modifying/removing ip rules, possibly including networkd segfault or failure to add/remove/modify ip rules.
[scope]
this is needed for bionic.
this is fixed by upstream commit eeab051b28ba6e1b4a56d369d4c6bf7cfa71947c which is included starting in v240, so this is already included in Focal and later.
I did not research what original commit introduced the problem, but the reporter indicates this did not happen for Xenial so it's unlikely this is a problem in Xenial or earlier.
[original description]
This is a serious regression with systemd-networkd that I ran in to while setting up a NAT router in AWS. The AWS AMI ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-amd64-server-20200131 with systemd-237-3ubuntu10.33 does NOT have the problem, but the next most recent AWS AMI ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-amd64-server-20200311 with systemd-including 237-3ubuntu10.39 does.
Also, a system booted from the (good) 20200131 AMI starts showing the problem after updating only systemd (to 237-3ubuntu10.41) and its direct dependencies (e.g. 'apt-get install systemd'). So I'm fairly confident that a change to the systemd package between 237-3ubuntu10.33 and 237-3ubuntu10.39 introduced the problem and it is still present.
On the NAT router I use three interfaces and have separate routing tables for admin and forwarded traffic. Things come up fine initially but every 30-60 minutes (DHCP lease renewal time?) one or more interfaces is reconfigured and most of the time systemd-networkd will crash and need to be restarted. Eventually the system becomes unreachable when the default crash loop backoff logic prevents the network service from being restarted at all. The log excerpt attached illustrates the crash loop.
Also including the netplan and networkd config files below.
# grep . /etc/netplan/*
/etc/netplan/50-cloud-init.yaml:# This file is generated from information provided by the datasource. Changes
/etc/netplan/50-cloud-init.yaml:# to it will not persist across an instance reboot. To disable cloud-init's
/etc/netplan/50-cloud-init.yaml:# network configuration capabilities, write a file
/etc/netplan/50-cloud-init.yaml:# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
/etc/netplan/50-cloud-init.yaml:# network: {config: disabled}
/etc/netplan/50-cloud-init.yaml:network:
/etc/netplan/50-cloud-init.yaml: version: 2
/etc/netplan/50-cloud-init.yaml: ethernets:
/etc/netplan/50-cloud-init.yaml: ens5:
/etc/netplan/50-cloud-init.yaml: dhcp4: true
/etc/netplan/50-cloud-init.yaml: match:
/etc/netplan/50-cloud-init.yaml: macaddress: xx:xx:xx:xx:xx:xx
/etc/netplan/50-cloud-init.yaml: set-name: ens5
/etc/netplan/99_config.yaml:network:
/etc/netplan/99_config.yaml: version: 2
/etc/netplan/99_config.yaml: renderer: networkd
/etc/netplan/99_config.yaml: ethernets:
/etc/netplan/99_config.yaml: ens6:
/etc/netplan/99_config.yaml: match:
/etc/netplan/99_config.yaml: macaddress: yy:yy:yy:yy:yy:yy
/etc/netplan/99_config.yaml: dhcp4: true
/etc/netplan/99_config.yaml: dhcp4-overrides:
/etc/netplan/99_config.yaml: use-routes: false
/etc/netplan/99_config.yaml: ens7:
/etc/netplan/99_config.yaml: match:
/etc/netplan/99_config.yaml: macaddress: zz:zz:zz:zz:zz:zz
/etc/netplan/99_config.yaml: mtu: 1500
/etc/netplan/99_config.yaml: dhcp4: true
/etc/netplan/99_config.yaml: dhcp4-overrides:
/etc/netplan/99_config.yaml: use-mtu: false
/etc/netplan/99_config.yaml: use-routes: false
# grep . /etc/networkd-dispatcher/*/*
/etc/networkd-dispatcher/configured.d/nat:#!/bin/bash
/etc/networkd-dispatcher/configured.d/nat:# Do additional configuration for the inside and outside interfaces
/etc/networkd-dispatcher/configured.d/nat:# route table used for forwarded/routed/natted traffic
/etc/networkd-dispatcher/configured.d/nat:FWD_TABLE=99
/etc/networkd-dispatcher/configured.d/nat:if [ "${IFACE}" = "ens6" ]; then
/etc/networkd-dispatcher/configured.d/nat: # delete link-local route for inside in default table
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip route delete 10.0.3.0/24 2>/dev/null || true
/etc/networkd-dispatcher/configured.d/nat: # add link-local route for inside in table 99
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip route replace 10.0.3.0/24 dev ens6 scope link src 10.0.3.171 table ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: # add routes to VPC cidrs via inside gateway in table 99
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip route replace 10.0.0.0/16 via 10.0.3.1 table ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: # add rules to use table 99
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip rule add iif ens6 lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip rule add oif ens6 lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip rule add from 10.0.3.171/32 lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat:elif [ "${IFACE}" = "ens7" ]; then
/etc/networkd-dispatcher/configured.d/nat: # delete link-local route for outside in default table
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip route delete 10.0.2.0/24 2>/dev/null || true
/etc/networkd-dispatcher/configured.d/nat: # add link-local route for outside in table 99
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip route replace 10.0.2.0/24 dev ens7 scope link src 10.0.2.245 table ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: # add default route via outside gateway in table 99
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip route replace default via 10.0.2.1 table ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: # add rules to use table 99
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip rule add iif ens7 lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip rule add oif ens7 lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: /sbin/ip rule add from 10.0.2.245/32 lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: # add rules to use the inet route for local traffic but only if it's not destined for an RFC1918 private range
/etc/networkd-dispatcher/configured.d/nat: # IMPORTANT: order matters; the priority of rules is reverse of the order in which they are added.
/etc/networkd-dispatcher/configured.d/nat: # so the default/fallback is added first and then the local overrides.
/etc/networkd-dispatcher/configured.d/nat: #/sbin/ip rule add iif lo lookup ${FWD_TABLE}
/etc/networkd-dispatcher/configured.d/nat: #ip rule add to 10.0.0.0/8 iif lo lookup main
/etc/networkd-dispatcher/configured.d/nat: #ip rule add to 172.16.0.0/12 iif lo lookup main
/etc/networkd-dispatcher/configured.d/nat: #ip rule add to 192.168.0.0/16 iif lo lookup main
/etc/networkd-dispatcher/configured.d/nat: # ensure the forward policy is accept
/etc/networkd-dispatcher/configured.d/nat: iptables -P FORWARD ACCEPT
/etc/networkd-dispatcher/configured.d/nat: # configure iptables to do NAT
/etc/networkd-dispatcher/configured.d/nat: /sbin/iptables -t nat -I POSTROUTING 1 -o ens7 -j SNAT --to-source 10.0.2.245
/etc/networkd-dispatcher/configured.d/nat: # clean up any other rules
/etc/networkd-dispatcher/configured.d/nat: while /sbin/iptables -t nat -D POSTROUTING 2 2>/dev/null; do :; done
/etc/networkd-dispatcher/configured.d/nat:fi
/etc/networkd-dispatcher/configuring.d/nat:#!/bin/bash
/etc/networkd-dispatcher/configuring.d/nat:# Tear down existing ip rules so they aren't duplicated
/etc/networkd-dispatcher/configuring.d/nat:if [ "${IFACE}" = "ens6" ]; then
/etc/networkd-dispatcher/configuring.d/nat: # flush any existing rules referenceing this interface
/etc/networkd-dispatcher/configuring.d/nat: OLDIFS="${IFS}"
/etc/networkd-dispatcher/configuring.d/nat: IFS="
/etc/networkd-dispatcher/configuring.d/nat:"
/etc/networkd-dispatcher/configuring.d/nat: for rule in `ip rule show|egrep "ens6|10.0.3.171" | cut -d: -f2-`; do
/etc/networkd-dispatcher/configuring.d/nat: IFS="${OLDIFS}"
/etc/networkd-dispatcher/configuring.d/nat: ip rule delete ${rule}
/etc/networkd-dispatcher/configuring.d/nat: done
/etc/networkd-dispatcher/configuring.d/nat: IFS="${OLDIFS}"
/etc/networkd-dispatcher/configuring.d/nat:elif [ "${IFACE}" = "ens7" ]; then
/etc/networkd-dispatcher/configuring.d/nat: # flush any existing rules referencing this interface
/etc/networkd-dispatcher/configuring.d/nat: OLDIFS="${IFS}"
/etc/networkd-dispatcher/configuring.d/nat: IFS="
/etc/networkd-dispatcher/configuring.d/nat:"
/etc/networkd-dispatcher/configuring.d/nat: for rule in `ip rule show|egrep "ens7|10.0.2.245|iif lo" | cut -d: -f2-`; do
/etc/networkd-dispatcher/configuring.d/nat: IFS="${OLDIFS}"
/etc/networkd-dispatcher/configuring.d/nat: ip rule delete ${rule}
/etc/networkd-dispatcher/configuring.d/nat: done
/etc/networkd-dispatcher/configuring.d/nat: IFS="${OLDIFS}"
/etc/networkd-dispatcher/configuring.d/nat:fi
ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: systemd 237-3ubuntu10.39
ProcVersionSignature: Ubuntu 4.15.0-1060.62-aws 4.15.18
Uname: Linux 4.15.0-1060-aws x86_64
ApportVersion: 2.20.9-0ubuntu7.11
Architecture: amd64
Date: Wed Jun 3 21:24:28 2020
Ec2AMI: ami-0238c6e72a7e906fc
Ec2AMIManifest: (unknown)
Ec2AvailabilityZone: us-east-1b
Ec2InstanceType: c5n.large
Ec2Kernel: unavailable
Ec2Ramdisk: unavailable
Lsusb: Error: command ['lsusb'] failed with exit code 1:
MachineType: Amazon EC2 c5n.large
ProcEnviron:
TERM=xterm-256color
PATH=(custom, no user)
LANG=C.UTF-8
SHELL=/bin/bash
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.15.0-1060-aws root=LABEL=cloudimg-rootfs ro console=tty1 console=ttyS0 nvme_core.io_timeout=4294967295
SourcePackage: systemd
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 10/16/2017
dmi.bios.vendor: Amazon EC2
dmi.bios.version: 1.0
dmi.board.asset.tag: i-0c058310742990713
dmi.board.vendor: Amazon EC2
dmi.chassis.asset.tag: Amazon EC2
dmi.chassis.type: 1
dmi.chassis.vendor: Amazon EC2
dmi.modalias: dmi:bvnAmazonEC2:bvr1.0:bd10/16/2017:svnAmazonEC2:pnc5n.large:pvr:rvnAmazonEC2:rn:rvr:cvnAmazonEC2:ct1:cvr:
dmi.product.name: c5n.large
dmi.sys.vendor: Amazon EC2 |
|
| 2020-07-29 20:00:13 |
Dan Streetman |
systemd (Ubuntu Bionic): status |
Incomplete |
In Progress |
|
| 2020-07-30 13:04:42 |
Łukasz Zemczak |
systemd (Ubuntu Bionic): status |
In Progress |
Fix Committed |
|
| 2020-07-30 13:04:44 |
Łukasz Zemczak |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
| 2020-07-30 13:04:46 |
Łukasz Zemczak |
bug |
|
|
added subscriber SRU Verification |
| 2020-07-30 13:04:49 |
Łukasz Zemczak |
tags |
amd64 apport-bug bionic ec2-images |
amd64 apport-bug bionic ec2-images verification-needed verification-needed-bionic |
|
| 2020-07-30 18:06:44 |
Dan Streetman |
tags |
amd64 apport-bug bionic ec2-images verification-needed verification-needed-bionic |
amd64 apport-bug bionic ec2-images verification-done verification-done-bionic |
|
| 2020-08-05 12:34:39 |
Launchpad Janitor |
systemd (Ubuntu Bionic): status |
Fix Committed |
Fix Released |
|
| 2020-08-05 12:34:55 |
Łukasz Zemczak |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
