Bug 1055181

Summary: dhclient-script removes routes if DHCP router is unreachable (Google Compute Engine)
Product: [Fedora] Fedora Reporter: Vaidas Jablonskis <jablonskis>
Component: dhcpAssignee: Jiri Popelka <jpopelka>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: high Docs Contact:
Priority: unspecified    
Version: 20CC: jpopelka, mattdm, skottler, thozza
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Unspecified   
Whiteboard:
Fixed In Version: dhcp-4.2.5-30.fc20 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-01-24 07:37:15 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Remove ping checking none

Description Vaidas Jablonskis 2014-01-19 12:12:07 UTC 
Description of problem:

I have been working on putting together a fedora 20 cloud image for Google Compute Engine (GCE), but ran into an issue with how dhclient-script works - took me quite some time to figure it out.

GCE does not allow ICMP ping to their DHCP routers and there is nothing we can do about that.

A healthy GCE network configuration looks like this (GCE CentOS6 instance output):
-------

[root@foo02 ~]# ip a s
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1460 qdisc pfifo_fast state UNKNOWN qlen 1000
    link/ether 42:01:0a:f0:88:bd brd ff:ff:ff:ff:ff:ff
    inet 10.240.136.189/32 brd 10.240.136.189 scope global eth0
    inet6 fe80::4001:aff:fef0:88bd/64 scope link 
       valid_lft forever preferred_lft forever

[root@foo02 ~]c

-------

dhclient-script tries to ping the router and if ping is unsuccessful it removes previously added routes, which means that cloud instance hangs there with broken network.

These are the lines: http://pkgs.fedoraproject.org/cgit/dhcp.git/tree/dhclient-script#n276


Version-Release number of selected component (if applicable):
dhclient-4.2.5-26.fc20.x86_64


How reproducible:
Always

Steps to Reproduce:
1. Drop ICMP echo requests to your dhcp-provided gateway address
2. service network restart


Actual results:
IP routing table is not properly configured:
# ip r s
169.254.0.0/16 dev eth0  scope link  metric 1002 


Expected results:
# ip r s
10.240.0.1 dev eth0  scope link 
169.254.0.0/16 dev eth0  scope link  metric 1002 
default via 10.240.0.1 dev eth0 


Additional info:

DHCP lease file looks like this:

lease {
  interface "eth0";
  fixed-address 10.240.200.162;
  option subnet-mask 255.255.255.255;
  option routers 10.240.0.1;
  option dhcp-lease-time 4294967295;
  option dhcp-message-type 5;
  option domain-name-servers 169.254.169.254;
  option dhcp-server-identifier 169.254.169.254;
  option interface-mtu 1460;
  option domain-search "c.feisty-vector-355.internal.", "656424467045.google.internal.", "google.internal.";
  option host-name "f6.c.feisty-vector-355.internal";
  option domain-name "c.feisty-vector-355.internal.";
  renew 5 2082/02/06 14:13:50;
  rebind 5 2133/02/20 22:39:19;
  expire 3 2150/02/25 17:27:57;
}
Comment 1 Vaidas Jablonskis 2014-01-19 21:01:02 UTC 
Created attachment 852483 [details]
Remove ping checking

This is a patch against http://pkgs.fedoraproject.org/cgit/dhcp.git/tag/?id=dhcp-4.2.5-29.fc20

I am not sure if this is the best way to solve this problem, but I think that it kind of doesn't make sense to check whether gateway address which is given by DHCP is alive.

I understand why this was changed to use ping instead of arping, but IMO neither of them are needed here.
Comment 2 Jiri Popelka 2014-01-21 09:53:14 UTC 
Yes, I agree. The checking has been there since the rewrite of dhclient-script made by previous maintainer and neither I quite understand the use-case.

Thanks.
Comment 3 Fedora Update System 2014-01-21 11:04:02 UTC 
dhcp-4.2.5-30.fc20 has been submitted as an update for Fedora 20.
https://admin.fedoraproject.org/updates/dhcp-4.2.5-30.fc20
Comment 4 Fedora Update System 2014-01-22 03:09:02 UTC 
Package dhcp-4.2.5-30.fc20:
* should fix your issue,
* was pushed to the Fedora 20 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing dhcp-4.2.5-30.fc20'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2014-1252/dhcp-4.2.5-30.fc20
then log in and leave karma (feedback).
Comment 5 Fedora Update System 2014-01-24 07:37:15 UTC 
dhcp-4.2.5-30.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.