Bug 1910165 - DHCP to static lease script doesn't handle multiple addresses
Summary: DHCP to static lease script doesn't handle multiple addresses
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Machine Config Operator
Version: 4.7
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: ---
: 4.7.0
Assignee: Ben Nemec
QA Contact: Victor Voronkov
URL:
Whiteboard:
Depends On: 1914250
Blocks:
TreeView+ depends on / blocked
 
Reported: 2020-12-22 22:35 UTC by Ben Nemec
Modified: 2021-02-24 15:48 UTC (History)
0 users

Fixed In Version:
Doc Type: No Doc Update
Doc Text:
Clone Of:
Environment:
Last Closed: 2021-02-24 15:48:02 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift machine-config-operator pull 2312 0 None closed Bug 1910165: [baremetal] Correctly handle multiple ipv6 addresses on interface 2021-01-25 10:53:36 UTC
Red Hat Product Errata RHSA-2020:5633 0 None None None 2021-02-24 15:48:56 UTC

Description Ben Nemec 2020-12-22 22:35:31 UTC
Description of problem: In general, nodes are expected to have only one address, but in some environments, particularly ipv6, it is possible for multiple addresses to be present on an interface. The specific case where this has come up is when a node gets both a DHCPv6 and a SLAAC address. When this happens, the dispatcher script for statically configuring infinite DHCP leases fails to correctly process the lease time because it gets two values and only expects one. As a result, it will always configure the DHCP address statically, which is not desirable.

We need to make sure we only look at the lease time of the address received from DHCP and ignore any others. I believe we should also only statically configure the DHCP address, as any SLAAC addresses will take care of themselves.

Comment 2 Victor Voronkov 2021-01-24 06:32:48 UTC
Verified on 4.7.0-0.nightly-2021-01-22-063949

After deployment with IPv6 DHCP + SLAAC finished, nodes method for IPv6 was auto, as expected.

SLAAC address was applied - fd2e:6f44:5dd8:0:fe62:78da:fd19:17c1/64

br-ex: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
    link/ether 52:54:00:53:03:70 brd ff:ff:ff:ff:ff:ff
    inet6 fd2e:6f44:5dd8::129/128 scope global dynamic noprefixroute 
       valid_lft 2482sec preferred_lft 2482sec
    inet6 fd2e:6f44:5dd8:0:fe62:78da:fd19:17c1/64 scope global dynamic noprefixroute 
       valid_lft 86398sec preferred_lft 14398sec
    inet6 fe80::7073:6591:ebba:2a6d/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever

After updating lease time to 0 (infinite) nodes were converted to static IPv6, SLAAC IPv6 applied no more

br-ex: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
    link/ether 52:54:00:53:03:70 brd ff:ff:ff:ff:ff:ff
    inet6 fd2e:6f44:5dd8::129/128 scope global noprefixroute 
       valid_lft forever preferred_lft forever
    inet6 fe80::7073:6591:ebba:2a6d/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever

[core@master-0-0 ~]$ nmcli con show ovs-if-br-ex | grep method
ipv6.method:                            manual

Comment 5 errata-xmlrpc 2021-02-24 15:48:02 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:5633


Note You need to log in before you can comment on or make changes to this bug.