Note: This bug is displayed in read-only format because
the product is no longer active in Red Hat Bugzilla.
RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Description of problem:
NetworkManager takes over an unmanaged dummy interface when IP address is set on it. When a user removes this address (via `ip address del`), NetworkManager sets it back. That is unexpected since the interface was never set as managed.
Version-Release number of selected component (if applicable):
CentOS Linux release 7.4.1708 (Core)
NetworkManager-1.8.0-11.el7_4.x86_64
How reproducible:
Always
Steps to Reproduce:
# ip link add dummy_4 type dummy
# nmcli dev | grep dummy_4
dummy_4 dummy unmanaged --
# ip link set up dev dummy_4
# nmcli dev | grep dummy_4
dummy_4 dummy unmanaged --
# ip address add 2001:99::1/64 dev dummy_4
# nmcli dev | grep dummy_4
dummy_4 dummy connected dummy_4
# nmcli con | grep dummy_4
dummy_4 d0385cac-0b7d-488a-8f12-8e2fd7e2a9ce dummy dummy_4
Actual results:
Unmanaged interface becomes managed.
Expected results:
Interface remains unmanaged until explicitly added to NetworkManager.
when you add a software-device (like dummy, bridge, bond) outside of NM, NM recognizes that it was added outside of NetworkManager. As long as it has no IP addresses, NM marks it as unmanaged.
Once you externally up the interface, and add IP addresses, NM will generate an external connection to represent that something is active on the device. That does not involve touching the device or interfering with it.
When you remove the IP address, NM will cleanup the generated connection, and mark the device as unmanaged again.
To avoid that, configure the device as explicitly unmanaged by one of the various means:
- ENV{NM_UNMANAGED}="1" in udev
- device*.managed = `man NetworkManager.conf`
- nmcli device set "$DEV" managed no (this way does not persist across
reboot, but across restart of the service)
- NM_CONTROLLED=no in an ifcfg file
- keyfile.unmanaged-devices in `man NetworkManager.conf` (deprecated)
Unless you do that, NM behaves as explained above.
Does that cause a problem for you?
Yay, sorry, my reproducer does not reflect the problem. It looks like NM does set the IP back. Here is a new reproducer. With NM running, it fails in a second (found ipv6 address after ipv6 del). With NM stopped, it runs without an error.
#!/usr/bin/bash
DUMMY=dummy_111
function set_up {
ip l add $DUMMY type dummy
ip l set up dev $DUMMY
}
function tear_down {
ip l del $DUMMY
}
function test_add_del_addr {
tear_down
set_up
ip a add 192.168.212.212/24 dev $DUMMY
ip a | grep -q '192.168.212.212/24' || { echo missing ipv4 address after ipv4 add; exit 1; }
ip a add 2002:99::1/64 dev $DUMMY
ip a | grep -q '192.168.212.212/24' || { echo missing ipv4 address after ipv6 add; exit 1; }
ip a | grep -q '2002:99' || { echo missing ipv6 address after ipv6 add; exit 1; }
ip a del 2002:99::1/64 dev $DUMMY
ip a | grep -q '192.168.212.212/24' || { echo missing ipv4 address after ipv6 del; exit 1; }
ip a | grep -q '2002:99' && { echo found ipv6 address after ipv6 del; exit 1; }
ip a del 192.168.212.212/24 dev $DUMMY
ip a | grep -q '192.168.212.212/24' && { echo found ipv4 address after ipv4 del; exit 1; }
ip a | grep -q '2002:99' && { echo found ipv6 address after ipv4 del; exit 1; }
}
for i in `seq 1 100` :; do
test_add_del_addr
done
Comment 4Beniamino Galvani
2017-11-16 09:02:53 UTC
Created attachment 1353316[details]
device: start managing external devices on reapply
In the next commit we will modify ipX_config_merge_and_apply to never
touch external devices. When a "reapply" call is issued on an external
device we are no longer simply tracking its state but we are actively
managing it and so its sys-iface-state must be promoted to managed.
Comment 5Beniamino Galvani
2017-11-16 09:03:10 UTC
Created attachment 1353317[details]
device: don't touch external devices
If a device is 'external' (which means that NM generated an in-memory
connection to only to track the device state) we should not change its
IP configuration.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.
https://access.redhat.com/errata/RHBA-2018:0778