RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1971527 - Static route on latest AWS RHEL 8.4 AMI not taking affect using nmcli
Summary: Static route on latest AWS RHEL 8.4 AMI not taking affect using nmcli
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 8
Classification: Red Hat
Component: NetworkManager
Version: 8.4
Hardware: Unspecified
OS: Unspecified
high
unspecified
Target Milestone: beta
: ---
Assignee: Thomas Haller
QA Contact: Frank Liang
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2021-06-14 09:30 UTC by pagoswam
Modified: 2021-11-25 02:31 UTC (History)
12 users (show)

Fixed In Version: NetworkManager-1.32.2-1.el8
Doc Type: No Doc Update
Doc Text:
Clone Of:
Environment:
Last Closed: 2021-11-09 19:30:32 UTC
Type: Bug
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github liangxiao1/os-tests/blob/dba621751bc4c97355f213c8750990e55adb9a31/os_tests/tests/test_network_test.py#L357 0 None None None 2021-11-25 02:31:19 UTC
Red Hat Product Errata RHSA-2021:4361 0 None None None 2021-11-09 19:31:12 UTC
freedesktop.org Gitlab NetworkManager NetworkManager merge_requests 893 0 None opened [th/cloud-setup-preserve-ip-from-profile] cloud-setup: preserve IPv4 addresses/routes/rules from profile 2021-06-22 14:24:11 UTC

Comment 1 Thomas Haller 2021-06-14 15:22:07 UTC
on AWS images, there is nm-cloud-setup running that reconfigures the network.


Does

  systemctl disable nm-cloud-setup.service
  systemctl disable nm-cloud-setup.timer

help?

Comment 2 AWS-BLR 2021-06-15 08:12:06 UTC
The above suggestion to disable nm-cloud-setup is working. I am posting my replication results in RHEL 8.4 AMI here. I launched an instance with RHEL 8.4 AMI with 2 network interfaces attached

        # ip a
	1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
	    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
	    inet 127.0.0.1/8 scope host lo
	       valid_lft forever preferred_lft forever
	    inet6 ::1/128 scope host
	       valid_lft forever preferred_lft forever
	2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9001 qdisc fq_codel state UP group default qlen 1000
	    link/ether 0a:6b:6a:73:8e:0c brd ff:ff:ff:ff:ff:ff
	    inet 172.31.45.194/20 brd 172.31.47.255 scope global noprefixroute eth0
	       valid_lft forever preferred_lft forever
	3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9001 qdisc fq_codel state UP group default qlen 1000
	    link/ether 0a:49:e2:8c:9f:b2 brd ff:ff:ff:ff:ff:ff
	    inet 172.31.32.249/20 brd 172.31.47.255 scope global noprefixroute eth1
	       valid_lft forever preferred_lft forever
	    inet6 fe80::4787:47f3:14c0:4d20/64 scope link noprefixroute
	       valid_lft forever preferred_lft forever


	# ip r
	default via 172.31.32.1 dev eth0 proto dhcp metric 100
	default via 172.31.32.1 dev eth1 proto dhcp metric 101
	172.31.32.0/20 dev eth0 proto kernel scope link src 172.31.45.194 metric 100
	172.31.32.0/20 dev eth1 proto kernel scope link src 172.31.32.249 metric 101

	# nmcli connection show
	NAME                UUID                                  TYPE      DEVICE
	System eth0         5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03  ethernet  eth0
	Wired connection 1  2736fb27-69b3-3307-8e57-f0fef05a7638  ethernet  eth1
	ens3                02cc87e6-dc7c-4c9e-a530-f908611c7f5e  ethernet  --

	# sudo systemctl disable nm-cloud-setup.service
	Removed /etc/systemd/system/NetworkManager.service.wants/nm-cloud-setup.service.


	# sudo systemctl disable nm-cloud-setup.timer
	Removed /etc/systemd/system/timers.target.wants/nm-cloud-setup.timer.


	# nmcli connection modify "Wired connection 1" +ipv4.routes "10.20.38.0/24 172.31.32.1"

	# nmcli connection up "Wired connection 1"
	Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/3)

	# ip r
	default via 172.31.32.1 dev eth0 proto dhcp metric 100
	default via 172.31.32.1 dev eth1 proto dhcp metric 101
	10.20.38.0/24 via 172.31.32.1 dev eth1 proto static metric 101		<---- The Route is successfully added
	172.31.32.0/20 dev eth0 proto kernel scope link src 172.31.45.194 metric 100
	172.31.32.0/20 dev eth1 proto kernel scope link src 172.31.32.249 metric 101

Comment 4 Thomas Haller 2021-06-15 16:47:51 UTC
> However, I wonder whether both the services were introduced in RHEL8.4 AMIs since customer did not face the issue in RHEL8.3 AMI.

Yes, this is new in RHEL-8.4 AMI.



This happens here: https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/654bb92a6968d9cee03b0c70d7797b057734e2a3/src/nm-cloud-setup/main.c#L349
I guess, nm-cloud-setup should merge the routes/addresses/rules from the profile too, before adding the automatically added ones. That would make sense.

Comment 7 Thomas Haller 2021-06-16 15:12:22 UTC
nm-cloud-setup is supposed to configure networking in a cloud environment automatically.

When a user has special requirements (like configuing manual routes), then they are already in a position where they explicitly reconfigure the networking. In such a case it is completely OK to disable nm-cloud-setup, if the provided automatism doesn't do what the user wants.

Still,

- The out of the box behavior should be better, which I think https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/893 should improve. This change probably will land in rhel-8.6, but likely won't land in rhel-8.5 (do 8.5 Z stream releases result in new AMI images to be generated?). Anyway, while the patch probably would help with this particular case, it's not possible that the automatic behavior is optimal for everybody.

I am not familiar how cloud images are provided to AWS. Could you please ask your question to the cloud-team?

- I am not aware which KB articles exist (if any). In general, this is something that should be well documented. It should also be documented that it is fully OK to disable nm-cloud-setup and configure whatever special requirements the user has. I wouldn't call that a "workaround". `man nm-cloud-setup` ([1]) should also explain it, but if something is unclear there, we'd like to improve the manual. 


[1] https://networkmanager.pages.freedesktop.org/NetworkManager/NetworkManager/nm-cloud-setup.html

Comment 8 Thomas Haller 2021-06-23 07:30:50 UTC
> This change probably will land in rhel-8.6, but likely won't land in rhel-8.5 (do 8.5 Z stream releases result in new AMI images to be generated?).

Sorry, I confused the release numbers :(

https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/893 likely will make it into rhel-8.5, but not 8.4 (or 8.4.z).

Comment 10 Thomas Haller 2021-06-30 06:06:44 UTC
fixed on upstream nm-1-32 branch (https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/893).

Comment 16 errata-xmlrpc 2021-11-09 19:30:32 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: NetworkManager security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2021:4361


Note You need to log in before you can comment on or make changes to this bug.