Bug 1263612 - LXC starts before dhclient thus violating IP address assignment procedure
Summary: LXC starts before dhclient thus violating IP address assignment procedure
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: lxc
Version: 22
Hardware: Unspecified
OS: Linux
unspecified
medium
Target Milestone: ---
Assignee: Thomas Moschny
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-09-16 09:53 UTC by ra85551
Modified: 2015-11-12 00:21 UTC (History)
4 users (show)

Fixed In Version: lxc-1.1.4-2.fc23 lxc-1.1.4-2.fc22
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-11-01 02:31:07 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)
Patch to lxc service definition (367 bytes, text/plain)
2015-09-16 09:55 UTC, ra85551
no flags Details
Patch to lxc-net service definition (303 bytes, text/plain)
2015-09-16 09:55 UTC, ra85551
no flags Details

Description ra85551 2015-09-16 09:53:14 UTC
User-Agent:       Mozilla/5.0 (X11; Linux x86_64; rv:40.0) Gecko/20100101 Firefox/40.0
Build Identifier: 

If 'veth' interface type is used in particular container config, LXC would add an additional virtual network interface during container's startup. The interface would be given with random name like 'vethXXXXXX' and random MAC address like 'fe:xx:xx:xx:xx:xx'. If one set lxc.start.auto option to 1, the container would be initialized during system startup. However, due to wrong startup order defined in unit definition files, this happens prior to IP address configuration, and DHCP client would send to the DCHP server the fake MAC address mentioned above instead of NIC's MAC address. This may lead DHCP server to lease a wrong IP address based on fake MAC.

Reproducible: Always

Steps to Reproduce:
1. Assume your PC is connected to the network with DHCP server and PC NIC's MAC address is AA:BB:CC:DD:EE:FF.
2. Tell DHCP server to lease certain IP address (192.168.1.100) to the MAC mentioned above (AA:BB:CC:DD:EE:FF).
3. Install LXC, then set up an container with 'veth' network interface and add 'lxc.start.auto=1' option to enable autostart.
4. Reboot
Actual Results:  
The PC would be given an arbitrary IP address, not that one you set up in DHCP server's configuration (192.168.1.100).

Expected Results:  
The PC would be given IP address 192.168.1.100 - this is what you set up in DHCP server's configuration.

The bug can be fixed just by altering the order of LXC services startup. They must start just after network-online.target has been reached, not the network.target.

Comment 1 ra85551 2015-09-16 09:55:17 UTC
Created attachment 1073928 [details]
Patch to lxc service definition

Comment 2 ra85551 2015-09-16 09:55:55 UTC
Created attachment 1073929 [details]
Patch to lxc-net service definition

Comment 3 Fedora Update System 2015-10-21 16:06:53 UTC
lxc-1.1.4-2.fc22 has been submitted as an update to Fedora 22. https://bodhi.fedoraproject.org/updates/FEDORA-2015-211974138f

Comment 4 Fedora Update System 2015-10-21 16:06:54 UTC
lxc-1.1.4-2.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2015-9f8f4b182a

Comment 5 Fedora Update System 2015-10-24 12:09:30 UTC
lxc-1.1.4-2.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report.
If you want to test the update, you can install it with
$ su -c 'dnf --enablerepo=updates-testing update lxc'
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2015-9f8f4b182a

Comment 6 Fedora Update System 2015-10-26 18:30:05 UTC
lxc-1.1.4-2.fc22 has been pushed to the Fedora 22 testing repository. If problems still persist, please make note of it in this bug report.
If you want to test the update, you can install it with
$ su -c 'dnf --enablerepo=updates-testing update lxc'
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2015-211974138f

Comment 7 Fedora Update System 2015-11-01 02:30:58 UTC
lxc-1.1.4-2.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.

Comment 8 Fedora Update System 2015-11-12 00:21:09 UTC
lxc-1.1.4-2.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.