Bug 1263612 - LXC starts before dhclient thus violating IP address assignment procedure
LXC starts before dhclient thus violating IP address assignment procedure
Status: CLOSED ERRATA
Product: Fedora
Classification: Fedora
Component: lxc (Show other bugs)
22
Unspecified Linux
unspecified Severity medium
: ---
: ---
Assigned To: Thomas Moschny
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2015-09-16 05:53 EDT by ra85551
Modified: 2015-11-11 19:21 EST (History)
4 users (show)

See Also:
Fixed In Version: lxc-1.1.4-2.fc23 lxc-1.1.4-2.fc22
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-10-31 22:31:07 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Patch to lxc service definition (367 bytes, text/plain)
2015-09-16 05:55 EDT, ra85551
no flags Details
Patch to lxc-net service definition (303 bytes, text/plain)
2015-09-16 05:55 EDT, ra85551
no flags Details

  None (edit)
Description ra85551 2015-09-16 05:53:14 EDT
User-Agent:       Mozilla/5.0 (X11; Linux x86_64; rv:40.0) Gecko/20100101 Firefox/40.0
Build Identifier: 

If 'veth' interface type is used in particular container config, LXC would add an additional virtual network interface during container's startup. The interface would be given with random name like 'vethXXXXXX' and random MAC address like 'fe:xx:xx:xx:xx:xx'. If one set lxc.start.auto option to 1, the container would be initialized during system startup. However, due to wrong startup order defined in unit definition files, this happens prior to IP address configuration, and DHCP client would send to the DCHP server the fake MAC address mentioned above instead of NIC's MAC address. This may lead DHCP server to lease a wrong IP address based on fake MAC.

Reproducible: Always

Steps to Reproduce:
1. Assume your PC is connected to the network with DHCP server and PC NIC's MAC address is AA:BB:CC:DD:EE:FF.
2. Tell DHCP server to lease certain IP address (192.168.1.100) to the MAC mentioned above (AA:BB:CC:DD:EE:FF).
3. Install LXC, then set up an container with 'veth' network interface and add 'lxc.start.auto=1' option to enable autostart.
4. Reboot
Actual Results:  
The PC would be given an arbitrary IP address, not that one you set up in DHCP server's configuration (192.168.1.100).

Expected Results:  
The PC would be given IP address 192.168.1.100 - this is what you set up in DHCP server's configuration.

The bug can be fixed just by altering the order of LXC services startup. They must start just after network-online.target has been reached, not the network.target.
Comment 1 ra85551 2015-09-16 05:55:17 EDT
Created attachment 1073928 [details]
Patch to lxc service definition
Comment 2 ra85551 2015-09-16 05:55:55 EDT
Created attachment 1073929 [details]
Patch to lxc-net service definition
Comment 3 Fedora Update System 2015-10-21 12:06:53 EDT
lxc-1.1.4-2.fc22 has been submitted as an update to Fedora 22. https://bodhi.fedoraproject.org/updates/FEDORA-2015-211974138f
Comment 4 Fedora Update System 2015-10-21 12:06:54 EDT
lxc-1.1.4-2.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2015-9f8f4b182a
Comment 5 Fedora Update System 2015-10-24 08:09:30 EDT
lxc-1.1.4-2.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report.
If you want to test the update, you can install it with
$ su -c 'dnf --enablerepo=updates-testing update lxc'
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2015-9f8f4b182a
Comment 6 Fedora Update System 2015-10-26 14:30:05 EDT
lxc-1.1.4-2.fc22 has been pushed to the Fedora 22 testing repository. If problems still persist, please make note of it in this bug report.
If you want to test the update, you can install it with
$ su -c 'dnf --enablerepo=updates-testing update lxc'
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2015-211974138f
Comment 7 Fedora Update System 2015-10-31 22:30:58 EDT
lxc-1.1.4-2.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.
Comment 8 Fedora Update System 2015-11-11 19:21:09 EST
lxc-1.1.4-2.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.