Bug 1055181 - dhclient-script removes routes if DHCP router is unreachable (Google Compute Engine)
Summary: dhclient-script removes routes if DHCP router is unreachable (Google Compute ...
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: dhcp
Version: 20
Hardware: All
OS: Unspecified
unspecified
high
Target Milestone: ---
Assignee: Jiri Popelka
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-01-19 12:12 UTC by Vaidas Jablonskis
Modified: 2014-01-24 07:37 UTC (History)
4 users (show)

(edit)
Clone Of:
(edit)
Last Closed: 2014-01-24 07:37:15 UTC


Attachments (Terms of Use)
Remove ping checking (961 bytes, patch)
2014-01-19 21:01 UTC, Vaidas Jablonskis
no flags Details | Diff

Description Vaidas Jablonskis 2014-01-19 12:12:07 UTC
Description of problem:

I have been working on putting together a fedora 20 cloud image for Google Compute Engine (GCE), but ran into an issue with how dhclient-script works - took me quite some time to figure it out.

GCE does not allow ICMP ping to their DHCP routers and there is nothing we can do about that.

A healthy GCE network configuration looks like this (GCE CentOS6 instance output):
-------

[root@foo02 ~]# ip a s
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1460 qdisc pfifo_fast state UNKNOWN qlen 1000
    link/ether 42:01:0a:f0:88:bd brd ff:ff:ff:ff:ff:ff
    inet 10.240.136.189/32 brd 10.240.136.189 scope global eth0
    inet6 fe80::4001:aff:fef0:88bd/64 scope link 
       valid_lft forever preferred_lft forever

[root@foo02 ~]c

-------

dhclient-script tries to ping the router and if ping is unsuccessful it removes previously added routes, which means that cloud instance hangs there with broken network.

These are the lines: http://pkgs.fedoraproject.org/cgit/dhcp.git/tree/dhclient-script#n276


Version-Release number of selected component (if applicable):
dhclient-4.2.5-26.fc20.x86_64


How reproducible:
Always

Steps to Reproduce:
1. Drop ICMP echo requests to your dhcp-provided gateway address
2. service network restart


Actual results:
IP routing table is not properly configured:
# ip r s
169.254.0.0/16 dev eth0  scope link  metric 1002 


Expected results:
# ip r s
10.240.0.1 dev eth0  scope link 
169.254.0.0/16 dev eth0  scope link  metric 1002 
default via 10.240.0.1 dev eth0 


Additional info:

DHCP lease file looks like this:

lease {
  interface "eth0";
  fixed-address 10.240.200.162;
  option subnet-mask 255.255.255.255;
  option routers 10.240.0.1;
  option dhcp-lease-time 4294967295;
  option dhcp-message-type 5;
  option domain-name-servers 169.254.169.254;
  option dhcp-server-identifier 169.254.169.254;
  option interface-mtu 1460;
  option domain-search "c.feisty-vector-355.internal.", "656424467045.google.internal.", "google.internal.";
  option host-name "f6.c.feisty-vector-355.internal";
  option domain-name "c.feisty-vector-355.internal.";
  renew 5 2082/02/06 14:13:50;
  rebind 5 2133/02/20 22:39:19;
  expire 3 2150/02/25 17:27:57;
}

Comment 1 Vaidas Jablonskis 2014-01-19 21:01:02 UTC
Created attachment 852483 [details]
Remove ping checking

This is a patch against http://pkgs.fedoraproject.org/cgit/dhcp.git/tag/?id=dhcp-4.2.5-29.fc20

I am not sure if this is the best way to solve this problem, but I think that it kind of doesn't make sense to check whether gateway address which is given by DHCP is alive.

I understand why this was changed to use ping instead of arping, but IMO neither of them are needed here.

Comment 2 Jiri Popelka 2014-01-21 09:53:14 UTC
Yes, I agree. The checking has been there since the rewrite of dhclient-script made by previous maintainer and neither I quite understand the use-case.

Thanks.

Comment 3 Fedora Update System 2014-01-21 11:04:02 UTC
dhcp-4.2.5-30.fc20 has been submitted as an update for Fedora 20.
https://admin.fedoraproject.org/updates/dhcp-4.2.5-30.fc20

Comment 4 Fedora Update System 2014-01-22 03:09:02 UTC
Package dhcp-4.2.5-30.fc20:
* should fix your issue,
* was pushed to the Fedora 20 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing dhcp-4.2.5-30.fc20'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2014-1252/dhcp-4.2.5-30.fc20
then log in and leave karma (feedback).

Comment 5 Fedora Update System 2014-01-24 07:37:15 UTC
dhcp-4.2.5-30.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.