RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1457242 - manually added IPv6 route is removed when NM is running
Summary: manually added IPv6 route is removed when NM is running
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: NetworkManager
Version: 7.4
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: rc
: ---
Assignee: Thomas Haller
QA Contact: Desktop QE
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-05-31 12:06 UTC by Jan Tluka
Modified: 2017-08-01 09:28 UTC (History)
10 users (show)

Fixed In Version: NetworkManager-1.8.0-6.el7
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-08-01 09:28:57 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)
NM log (138.69 KB, text/plain)
2017-05-31 12:06 UTC, Jan Tluka 		no flags Details
reproducer (1.50 KB, application/x-shellscript)
2017-05-31 12:09 UTC, Jan Tluka 		no flags Details
[patch] device: mark device as sys-iface-state=external when assuming connection (2.14 KB, patch)
2017-06-01 20:12 UTC, Thomas Haller 		no flags Details | Diff
View All


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2017:2299 0 normal SHIPPED_LIVE Moderate: NetworkManager and libnl3 security, bug fix and enhancement update 2017-08-01 12:40:28 UTC

Description Jan Tluka 2017-05-31 12:06:30 UTC 
Created attachment 1283745 [details]
NM log

Description of problem:

I attached a network interface to virtual guest running RHEL 7.4 and configure IPv6 address on the interface. When I add an IPv6 route that uses a host from the address's subnet it appears in the routing table for a while and after a second it's removed. I was able to create a simple reproducer that uses virtual guest (attached). When I disable NetworkManager the route stays in the routing table.

I see this after I updated NM from NetworkManager-1.8.0-0.4.rc3.el7 to NetworkManager-1.8.0-3.el7

I attached level=TRACE logs as well.


Version-Release number of selected component (if applicable):
NetworkManager-1.8.0-3.el7.x86_64
kernel-3.10.0-671.el7.x86_64

How reproducible:
100%

Steps to Reproduce:
1. run attached reproducer on a host with 7.4 guest
2.
3.

Actual results:
IPv6 route disappears after a while

Expected results:
IPv6 route does not disappear

Additional info:
Comment 2 Jan Tluka 2017-05-31 12:09:37 UTC 
Created attachment 1283746 [details]
reproducer

The attached reproducer provides 3 tests but only test #2 is relevant to this bug, the rest of tests is commented out.
Comment 3 Jan Tluka 2017-05-31 12:24:10 UTC 
Tested with RHEL-7.3 version of NM NetworkManager-1.4.0-12.el7 where I could not reproduce the issue. I'm keeping the Regression keyword.
Comment 4 Thomas Haller 2017-06-01 20:11:27 UTC 
The eth1 device appears to NetworkManager like a regular ethernet. That means, the device is managed (by default), and NM does what it always does:

  - disable address generation of IPv6 link-local address
  - set the device IFF_UP
  - reset sysctls. This involves toggeling
    /proc/sys/net/ipv6/conf/eth1/disable_ipv6, which would interfere badly with
    doing IP configuration on the interface.

This is inherently racy, and not much that can be done about it.
This however should only happen when the device shows up first (or NM is starting). You have to be fast to hit that race -- and that was not the problem.


Later, once you start configuring IP addresses, NM notices that somebody externally messes with the device, and it creates a in-memory connection to express the state on the interface. From that point on, NM should no longer touch the interface. There is a bug there, that needs fixing.
Comment 5 Thomas Haller 2017-06-01 20:12:51 UTC 
Created attachment 1284242 [details]
[patch] device: mark device as sys-iface-state=external when assuming connection

This should fix it...
Comment 6 Thomas Haller 2017-06-01 20:44:45 UTC 
Jan, any chance to re-test with scratch-build https://brewweb.engineering.redhat.com/brew/taskinfo?taskID=13326781
Comment 7 Beniamino Galvani 2017-06-05 14:56:05 UTC 
(In reply to Thomas Haller from comment #5)
> Created attachment 1284242 [details]
> [patch] device: mark device as sys-iface-state=external when assuming
> connection

Looks good to me.
Comment 8 Thomas Haller 2017-06-05 16:33:23 UTC 
merged upstream.

master: https://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?id=02e7476e9fd0f4248009ce8eaa7870ba05e2504e

nm-1-8: https://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?id=fcbcd1aa870ec5aa74c5c570ea08ffc52cffa63e
Comment 10 Jan Tluka 2017-06-06 15:04:55 UTC 
I tested on the same setup with fixed NetworkManager-1.8.0-6.el7 and I cannot reproduce this anymore.

I also ran the tests that were blocked by this issue and the bug is gone there as well: https://beaker.engineering.redhat.com/recipes/3916966#task56673909

Note that one of the failures in beaker job is a known issue.
Comment 11 errata-xmlrpc 2017-08-01 09:28:57 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2017:2299
Note You need to log in before you can comment on or make changes to this bug.