Dear CentOS-Community,
we are facing the following issue:
A secondary ip address seems to be automatically added to a nic which causes several issues in our setup.
This server is equipped with four nics which are currently in use:
# nmcli con show NAME UUID TYPE DEVICE eno2 cb6fcb54-be52-4ab6-8324-88091a0ea1a0 ethernet eno2 eno4 dbd95c24-1ed7-4292-8dba-3934bd1476a0 ethernet eno4 eno1 1e382037-fec9-493d-a4f2-ace7d73a1e7b ethernet eno1 eno3 bea2db0f-d366-4f1b-bec8-4fbfb3c0b6d2 ethernet eno3 enp5s0f0 23f56b9f-4625-471e-9ce4-6fe7b8832310 ethernet -- enp5s0f1 f25b9a10-1584-4233-89dd-2dda7c774f0d ethernet --
From time to time, a secondary ip-address is assigned to an interface as show below:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 3: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 00:26:b9:78:87:d1 brd ff:ff:ff:ff:ff:ff inet 192.168.1.90/24 brd 192.168.1.255 scope global noprefixroute eno1 valid_lft forever preferred_lft forever inet6 fe80::226:b9ff:fe78:87d1/64 scope link valid_lft forever preferred_lft forever 4: eno2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 00:26:b9:78:87:d3 brd ff:ff:ff:ff:ff:ff inet 10.10.100.205/24 brd 10.10.100.255 scope global noprefixroute eno2 valid_lft forever preferred_lft forever inet 10.10.100.72/24 brd 10.10.100.255 scope global secondary dynamic eno2 valid_lft 56158sec preferred_lft 56158sec inet6 fe80::226:b9ff:fe78:87d3/64 scope link valid_lft forever preferred_lft forever 5: eno3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 00:26:b9:78:87:d5 brd ff:ff:ff:ff:ff:ff inet 192.168.4.11/24 brd 192.168.4.255 scope global noprefixroute eno3 valid_lft forever preferred_lft forever inet6 fe80::e98b:e064:50d2:535d/64 scope link noprefixroute valid_lft forever preferred_lft forever 6: eno4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 00:26:b9:78:87:d7 brd ff:ff:ff:ff:ff:ff inet 192.168.2.98/24 brd 192.168.2.255 scope global noprefixroute eno4 valid_lft forever preferred_lft forever inet *192.168.137.223/24* brd 192.168.137.255 scope global dynamic eno4 <<----- THIS IS UNWANTED valid_lft 604778sec preferred_lft 604778sec inet6 fe80::9257:5654:b211:8dea/64 scope link noprefixroute valid_lft forever preferred_lft forever 7: enp5s0f0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN group default qlen 1000 link/ether 00:15:17:59:96:44 brd ff:ff:ff:ff:ff:ff 8: enp5s0f1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN group default qlen 1000 link/ether 00:15:17:59:96:45 brd ff:ff:ff:ff:ff:ff 11: wwp0s29f7u1i4: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN group default qlen 1000 link/none
Furthermore, systemctl status NetworkManager says:
systemctl status NetworkManager ● NetworkManager.service - Network Manager Loaded: loaded (/usr/lib/systemd/system/NetworkManager.service; enabled; vendor preset: enabled) Active: active (running) since Mon 2020-09-21 17:25:21 CEST; 17h ago Docs: man:NetworkManager(8) Main PID: 1752062 (NetworkManager) Tasks: 3 (limit: 204496) Memory: 8.2M CGroup: /system.slice/NetworkManager.service └─1752062 /usr/sbin/NetworkManager --no-daemon
NetworkManager[1752062]: <info> [1600751941.1341] agent-manager: agent[0047d0145168a5f3,:1.4726/nmcli-connect/0]: agent registered NetworkManager[1752062]: <info> [1600751941.1360] device (eno4): Activation: starting connection 'eno4' (dbd95c24-1ed7-4292-8dba-3934bd1476a0) NetworkManager[1752062]: <info> [1600751941.1361] audit: op="connection-activate" uuid="dbd95c24-1ed7-4292-8dba-3934bd1476a0" name="eno4" pid=31215> NetworkManager[1752062]: <info> [1600751941.1363] device (eno4): state change: disconnected -> prepare (reason 'none', sys-iface-state: 'managed') NetworkManager[1752062]: <info> [1600751941.1371] device (eno4): state change: prepare -> config (reason 'none', sys-iface-state: 'managed') NetworkManager[1752062]: <info> [1600751941.1523] device (eno4): state change: config -> ip-config (reason 'none', sys-iface-state: 'managed') NetworkManager[1752062]: <info> [1600751941.1552] device (eno4): state change: ip-config -> ip-check (reason 'none', sys-iface-state: 'managed') NetworkManager[1752062]: <info> [1600751941.1582] device (eno4): state change: ip-check -> secondaries (reason 'none', sys-iface-state: 'managed') NetworkManager[1752062]: <info> [1600751941.1586] device (eno4): state change: secondaries -> activated (reason 'none', sys-iface-state: 'managed') NetworkManager[1752062]: <info> [1600751941.1637] device (eno4): Activation: successful, device activated.
This behaviour is really! unwanted. What is the reason for this behavior. Packages like
keepalived or ctdb are not installed on this machine.
Any help is appreciated how to figure out the reason for this behavior.
Thanks in advance.
Felix
Dear CentOS-Community,
we are facing the following issue:
A secondary ip address seems to be automatically added to a nic which causes several issues in our setup.
Hi,
Can you show as the config of eno4?
And can you diff the config of eno1 and eno4. Looks like there is a difference somewhere.
Regards, Simon
This server is equipped with four nics which are currently in use:
# nmcli con show NAME UUID TYPE DEVICE eno2 cb6fcb54-be52-4ab6-8324-88091a0ea1a0 ethernet eno2 eno4 dbd95c24-1ed7-4292-8dba-3934bd1476a0 ethernet eno4 eno1 1e382037-fec9-493d-a4f2-ace7d73a1e7b ethernet eno1 eno3 bea2db0f-d366-4f1b-bec8-4fbfb3c0b6d2 ethernet eno3 enp5s0f0 23f56b9f-4625-471e-9ce4-6fe7b8832310 ethernet -- enp5s0f1 f25b9a10-1584-4233-89dd-2dda7c774f0d ethernet --
From time to time, a secondary ip-address is assigned to an interface as show below:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 3: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 00:26:b9:78:87:d1 brd ff:ff:ff:ff:ff:ff inet 192.168.1.90/24 brd 192.168.1.255 scope global noprefixroute eno1 valid_lft forever preferred_lft forever inet6 fe80::226:b9ff:fe78:87d1/64 scope link valid_lft forever preferred_lft forever 4: eno2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 00:26:b9:78:87:d3 brd ff:ff:ff:ff:ff:ff inet 10.10.100.205/24 brd 10.10.100.255 scope global noprefixroute eno2 valid_lft forever preferred_lft forever inet 10.10.100.72/24 brd 10.10.100.255 scope global secondary dynamic eno2 valid_lft 56158sec preferred_lft 56158sec inet6 fe80::226:b9ff:fe78:87d3/64 scope link valid_lft forever preferred_lft forever 5: eno3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 00:26:b9:78:87:d5 brd ff:ff:ff:ff:ff:ff inet 192.168.4.11/24 brd 192.168.4.255 scope global noprefixroute eno3 valid_lft forever preferred_lft forever inet6 fe80::e98b:e064:50d2:535d/64 scope link noprefixroute valid_lft forever preferred_lft forever 6: eno4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 00:26:b9:78:87:d7 brd ff:ff:ff:ff:ff:ff inet 192.168.2.98/24 brd 192.168.2.255 scope global noprefixroute eno4 valid_lft forever preferred_lft forever inet *192.168.137.223/24* brd 192.168.137.255 scope global dynamic eno4 <<----- THIS IS UNWANTED valid_lft 604778sec preferred_lft 604778sec inet6 fe80::9257:5654:b211:8dea/64 scope link noprefixroute valid_lft forever preferred_lft forever 7: enp5s0f0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN group default qlen 1000 link/ether 00:15:17:59:96:44 brd ff:ff:ff:ff:ff:ff 8: enp5s0f1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN group default qlen 1000 link/ether 00:15:17:59:96:45 brd ff:ff:ff:ff:ff:ff 11: wwp0s29f7u1i4: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN group default qlen 1000 link/none
Furthermore, systemctl status NetworkManager says:
systemctl status NetworkManager ● NetworkManager.service - Network Manager Loaded: loaded (/usr/lib/systemd/system/NetworkManager.service; enabled; vendor preset: enabled) Active: active (running) since Mon 2020-09-21 17:25:21 CEST; 17h ago Docs: man:NetworkManager(8) Main PID: 1752062 (NetworkManager) Tasks: 3 (limit: 204496) Memory: 8.2M CGroup: /system.slice/NetworkManager.service └─1752062 /usr/sbin/NetworkManager --no-daemon
NetworkManager[1752062]: <info> [1600751941.1341] agent-manager: agent[0047d0145168a5f3,:1.4726/nmcli-connect/0]: agent registered NetworkManager[1752062]: <info> [1600751941.1360] device (eno4): Activation: starting connection 'eno4' (dbd95c24-1ed7-4292-8dba-3934bd1476a0) NetworkManager[1752062]: <info> [1600751941.1361] audit: op="connection-activate" uuid="dbd95c24-1ed7-4292-8dba-3934bd1476a0" name="eno4" pid=31215> NetworkManager[1752062]: <info> [1600751941.1363] device (eno4): state change: disconnected -> prepare (reason 'none', sys-iface-state: 'managed') NetworkManager[1752062]: <info> [1600751941.1371] device (eno4): state change: prepare -> config (reason 'none', sys-iface-state: 'managed') NetworkManager[1752062]: <info> [1600751941.1523] device (eno4): state change: config -> ip-config (reason 'none', sys-iface-state: 'managed') NetworkManager[1752062]: <info> [1600751941.1552] device (eno4): state change: ip-config -> ip-check (reason 'none', sys-iface-state: 'managed') NetworkManager[1752062]: <info> [1600751941.1582] device (eno4): state change: ip-check -> secondaries (reason 'none', sys-iface-state: 'managed') NetworkManager[1752062]: <info> [1600751941.1586] device (eno4): state change: secondaries -> activated (reason 'none', sys-iface-state: 'managed') NetworkManager[1752062]: <info> [1600751941.1637] device (eno4): Activation: successful, device activated.
This behaviour is really! unwanted. What is the reason for this behavior. Packages like
keepalived or ctdb are not installed on this machine.
Any help is appreciated how to figure out the reason for this behavior.
Thanks in advance.
Felix
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Dear Simon,
And can you diff the config of eno1 and eno4.
# pwd /etc/sysconfig/network-scripts
# diff -u ifcfg-eno1 ifcfg-eno4 --- ifcfg-eno1 2020-09-21 17:23:25.576672703 +0200 +++ ifcfg-eno4 2020-09-22 07:18:43.160532532 +0200 @@ -3,15 +3,20 @@ BROWSER_ONLY=no BOOTPROTO=none DEFROUTE=no -IPV4_FAILURE_FATAL=yes -IPV6INIT=no -IPV6_AUTOCONF=no +IPV4_FAILURE_FATAL=no +IPV6INIT=yes +IPV6_AUTOCONF=yes IPV6_DEFROUTE=no IPV6_FAILURE_FATAL=no IPV6_ADDR_GEN_MODE=stable-privacy -NAME=eno1 -UUID=1e382037-fec9-493d-a4f2-ace7d73a1e7b -DEVICE=eno1 +NAME=eno4 +UUID=dbd95c24-1ed7-4292-8dba-3934bd1476a0 +DEVICE=eno4 ONBOOT=yes -IPADDR=192.168.1.90 +IPADDR=192.168.2.98 PREFIX=24 +DNS1=10.10.100.1 +DNS2=10.10.100.2 +#DNS3=8.8.8.8 +PEERDNS=no +PEERROUTES=no
Can you show the config of eno4?
# cat ifcfg-eno4 TYPE=Ethernet PROXY_METHOD=none BROWSER_ONLY=no BOOTPROTO=none DEFROUTE=no IPV4_FAILURE_FATAL=no IPV6INIT=yes IPV6_AUTOCONF=yes IPV6_DEFROUTE=no IPV6_FAILURE_FATAL=no IPV6_ADDR_GEN_MODE=stable-privacy NAME=eno4 UUID=dbd95c24-1ed7-4292-8dba-3934bd1476a0 DEVICE=eno4 ONBOOT=yes IPADDR=192.168.2.98 PREFIX=24 DNS1=10.10.100.1 DNS2=10.10.100.2 #DNS3=8.8.8.8 PEERDNS=no PEERROUTES=no
Regards,
Felix
Dear Simon,
And can you diff the config of eno1 and eno4.
# pwd /etc/sysconfig/network-scripts
Okay, nothing to find here.
What about eno2, you also have two IP addresses there and even in the same subnet, is this wanted or not? Can the second address of eno2 be found in the ifcfg file?
Both eno2 and eno4 have "scope global secondary dynamic" with the second address and it doesn't seem to come from the base configuration.
Simon
# diff -u ifcfg-eno1 ifcfg-eno4 --- ifcfg-eno1 2020-09-21 17:23:25.576672703 +0200 +++ ifcfg-eno4 2020-09-22 07:18:43.160532532 +0200 @@ -3,15 +3,20 @@ BROWSER_ONLY=no BOOTPROTO=none DEFROUTE=no -IPV4_FAILURE_FATAL=yes -IPV6INIT=no -IPV6_AUTOCONF=no +IPV4_FAILURE_FATAL=no +IPV6INIT=yes +IPV6_AUTOCONF=yes IPV6_DEFROUTE=no IPV6_FAILURE_FATAL=no IPV6_ADDR_GEN_MODE=stable-privacy -NAME=eno1 -UUID=1e382037-fec9-493d-a4f2-ace7d73a1e7b -DEVICE=eno1 +NAME=eno4 +UUID=dbd95c24-1ed7-4292-8dba-3934bd1476a0 +DEVICE=eno4 ONBOOT=yes -IPADDR=192.168.1.90 +IPADDR=192.168.2.98 PREFIX=24 +DNS1=10.10.100.1 +DNS2=10.10.100.2 +#DNS3=8.8.8.8 +PEERDNS=no +PEERROUTES=no
Can you show the config of eno4?
# cat ifcfg-eno4 TYPE=Ethernet PROXY_METHOD=none BROWSER_ONLY=no BOOTPROTO=none DEFROUTE=no IPV4_FAILURE_FATAL=no IPV6INIT=yes IPV6_AUTOCONF=yes IPV6_DEFROUTE=no IPV6_FAILURE_FATAL=no IPV6_ADDR_GEN_MODE=stable-privacy NAME=eno4 UUID=dbd95c24-1ed7-4292-8dba-3934bd1476a0 DEVICE=eno4 ONBOOT=yes IPADDR=192.168.2.98 PREFIX=24 DNS1=10.10.100.1 DNS2=10.10.100.2 #DNS3=8.8.8.8 PEERDNS=no PEERROUTES=no
Regards,
Felix
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Dear Simon,
every second IP-address is unwanted. We restarted eno4:
nmcli con down eno4; nmcli con up eno4
and the second address vanishes. Then after a few ours, the second ip address reappears.
This is the config-file of eno2:
# cat ifcfg-eno2 TYPE=Ethernet PROXY_METHOD=none BROWSER_ONLY=no BOOTPROTO=none DEFROUTE=yes IPV4_FAILURE_FATAL=yes IPV6INIT=no IPV6_AUTOCONF=yes IPV6_DEFROUTE=yes IPV6_FAILURE_FATAL=no IPV6_ADDR_GEN_MODE=stable-privacy NAME=eno2 UUID=cb6fcb54-be52-4ab6-8324-88091a0ea1a0 DEVICE=eno2 ONBOOT=yes IPV6_PRIVACY=no IPADDR=10.10.100.205 PREFIX=24 GATEWAY=10.10.100.254 DNS1=10.10.100.1 DNS2=10.10.100.2 DOMAIN=ourDomain
I am not aware of this setting:
scope global secondary dynamic
So maybe you are able to find it in the nmcli output:
# nmcli con edit eno2
===| nmcli interactive connection editor |===
Editing existing '802-3-ethernet' connection: 'eno2'
nmcli> p =============================================================================== Connection profile details (eno2) =============================================================================== connection.id: eno2 connection.uuid: cb6fcb54-be52-4ab6-8324-88091a0ea1a0 connection.stable-id: -- connection.type: 802-3-ethernet connection.interface-name: eno2 connection.autoconnect: yes connection.autoconnect-priority: 0 connection.autoconnect-retries: -1 (default) connection.multi-connect: 0 (default) connection.auth-retries: -1 connection.timestamp: 1600780222 connection.read-only: no connection.permissions: -- connection.zone: -- connection.master: -- connection.slave-type: -- connection.autoconnect-slaves: -1 (default) connection.secondaries: -- connection.gateway-ping-timeout: 0 connection.metered: unknown connection.lldp: default connection.mdns: -1 (default) connection.llmnr: -1 (default) connection.wait-device-timeout: -1 ------------------------------------------------------------------------------- 802-3-ethernet.port: -- 802-3-ethernet.speed: 0 802-3-ethernet.duplex: -- 802-3-ethernet.auto-negotiate: no 802-3-ethernet.mac-address: -- 802-3-ethernet.cloned-mac-address: -- 802-3-ethernet.generate-mac-address-mask:-- 802-3-ethernet.mac-address-blacklist: -- 802-3-ethernet.mtu: auto 802-3-ethernet.s390-subchannels: -- 802-3-ethernet.s390-nettype: -- 802-3-ethernet.s390-options: -- 802-3-ethernet.wake-on-lan: default 802-3-ethernet.wake-on-lan-password: -- ------------------------------------------------------------------------------- ipv4.method: manual ipv4.dns: 10.10.100.1,10.10.100.2 ipv4.dns-search: ourDomain ipv4.dns-options: -- ipv4.dns-priority: 0 ipv4.addresses: 10.10.100.205/24 ipv4.gateway: 10.10.100.254 ipv4.routes: -- ipv4.route-metric: -1 ipv4.route-table: 0 (unspec) ipv4.routing-rules: -- ipv4.ignore-auto-routes: no ipv4.ignore-auto-dns: no ipv4.dhcp-client-id: -- ipv4.dhcp-iaid: -- ipv4.dhcp-timeout: 0 (default) ipv4.dhcp-send-hostname: yes ipv4.dhcp-hostname: -- ipv4.dhcp-fqdn: -- ipv4.dhcp-hostname-flags: 0x0 (none) ipv4.never-default: no ipv4.may-fail: no ipv4.dad-timeout: -1 (default) ------------------------------------------------------------------------------- ipv6.method: ignore ipv6.dns: -- ipv6.dns-search: -- ipv6.dns-options: -- ipv6.dns-priority: 0 ipv6.addresses: -- ipv6.gateway: -- ipv6.routes: -- ipv6.route-metric: -1 ipv6.route-table: 0 (unspec) ipv6.routing-rules: -- ipv6.ignore-auto-routes: no ipv6.ignore-auto-dns: no ipv6.never-default: no ipv6.may-fail: yes ipv6.ip6-privacy: 0 (disabled) ipv6.addr-gen-mode: stable-privacy ipv6.ra-timeout: 0 (default) ipv6.dhcp-duid: -- ipv6.dhcp-iaid: -- ipv6.dhcp-timeout: 0 (default) ipv6.dhcp-send-hostname: yes ipv6.dhcp-hostname: -- ipv6.dhcp-hostname-flags: 0x0 (none) ipv6.token: -- ------------------------------------------------------------------------------- proxy.method: none proxy.browser-only: no proxy.pac-url: -- proxy.pac-script: -- ------------------------------------------------------------------------------- nmcli>
Felix
On 22/09/2020 14:35, Simon Matter wrote:
Dear Simon,
And can you diff the config of eno1 and eno4.
# pwd /etc/sysconfig/network-scripts
Okay, nothing to find here.
What about eno2, you also have two IP addresses there and even in the same subnet, is this wanted or not? Can the second address of eno2 be found in the ifcfg file?
Both eno2 and eno4 have "scope global secondary dynamic" with the second address and it doesn't seem to come from the base configuration.
Simon
# diff -u ifcfg-eno1 ifcfg-eno4 --- ifcfg-eno1 2020-09-21 17:23:25.576672703 +0200 +++ ifcfg-eno4 2020-09-22 07:18:43.160532532 +0200 @@ -3,15 +3,20 @@ BROWSER_ONLY=no BOOTPROTO=none DEFROUTE=no -IPV4_FAILURE_FATAL=yes -IPV6INIT=no -IPV6_AUTOCONF=no +IPV4_FAILURE_FATAL=no +IPV6INIT=yes +IPV6_AUTOCONF=yes IPV6_DEFROUTE=no IPV6_FAILURE_FATAL=no IPV6_ADDR_GEN_MODE=stable-privacy -NAME=eno1 -UUID=1e382037-fec9-493d-a4f2-ace7d73a1e7b -DEVICE=eno1 +NAME=eno4 +UUID=dbd95c24-1ed7-4292-8dba-3934bd1476a0 +DEVICE=eno4 ONBOOT=yes -IPADDR=192.168.1.90 +IPADDR=192.168.2.98 PREFIX=24 +DNS1=10.10.100.1 +DNS2=10.10.100.2 +#DNS3=8.8.8.8 +PEERDNS=no +PEERROUTES=no
Can you show the config of eno4?
# cat ifcfg-eno4 TYPE=Ethernet PROXY_METHOD=none BROWSER_ONLY=no BOOTPROTO=none DEFROUTE=no IPV4_FAILURE_FATAL=no IPV6INIT=yes IPV6_AUTOCONF=yes IPV6_DEFROUTE=no IPV6_FAILURE_FATAL=no IPV6_ADDR_GEN_MODE=stable-privacy NAME=eno4 UUID=dbd95c24-1ed7-4292-8dba-3934bd1476a0 DEVICE=eno4 ONBOOT=yes IPADDR=192.168.2.98 PREFIX=24 DNS1=10.10.100.1 DNS2=10.10.100.2 #DNS3=8.8.8.8 PEERDNS=no PEERROUTES=no
Regards,
Felix
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Hi Felix
Dear Simon,
every second IP-address is unwanted. We restarted eno4:
nmcli con down eno4; nmcli con up eno4
and the second address vanishes. Then after a few ours, the second ip address reappears.
That's really interesting. Doesn't NetworkManager also store other settings in a different location, not the ifcfg files? I think it does so and you may have to check there.
Also, don't forget that there could be other tools running on the host which fiddle with NetworkManager.
That said, I usually don't use NetworkManager on my servers so I don't really know much about it.
Hope some NM experts can help you more.
Regards, Simon
This is the config-file of eno2:
# cat ifcfg-eno2 TYPE=Ethernet PROXY_METHOD=none BROWSER_ONLY=no BOOTPROTO=none DEFROUTE=yes IPV4_FAILURE_FATAL=yes IPV6INIT=no IPV6_AUTOCONF=yes IPV6_DEFROUTE=yes IPV6_FAILURE_FATAL=no IPV6_ADDR_GEN_MODE=stable-privacy NAME=eno2 UUID=cb6fcb54-be52-4ab6-8324-88091a0ea1a0 DEVICE=eno2 ONBOOT=yes IPV6_PRIVACY=no IPADDR=10.10.100.205 PREFIX=24 GATEWAY=10.10.100.254 DNS1=10.10.100.1 DNS2=10.10.100.2 DOMAIN=ourDomain
I am not aware of this setting:
scope global secondary dynamic
So maybe you are able to find it in the nmcli output:
# nmcli con edit eno2
===| nmcli interactive connection editor |===
Editing existing '802-3-ethernet' connection: 'eno2'
nmcli> p
Connection profile details (eno2)
connection.id: eno2 connection.uuid: cb6fcb54-be52-4ab6-8324-88091a0ea1a0 connection.stable-id: -- connection.type: 802-3-ethernet connection.interface-name: eno2 connection.autoconnect: yes connection.autoconnect-priority: 0 connection.autoconnect-retries: -1 (default) connection.multi-connect: 0 (default) connection.auth-retries: -1 connection.timestamp: 1600780222 connection.read-only: no connection.permissions: -- connection.zone: -- connection.master: -- connection.slave-type: -- connection.autoconnect-slaves: -1 (default) connection.secondaries: -- connection.gateway-ping-timeout: 0 connection.metered: unknown connection.lldp: default connection.mdns: -1 (default) connection.llmnr: -1 (default) connection.wait-device-timeout: -1
802-3-ethernet.port: -- 802-3-ethernet.speed: 0 802-3-ethernet.duplex: -- 802-3-ethernet.auto-negotiate: no 802-3-ethernet.mac-address: -- 802-3-ethernet.cloned-mac-address: -- 802-3-ethernet.generate-mac-address-mask:-- 802-3-ethernet.mac-address-blacklist: -- 802-3-ethernet.mtu: auto 802-3-ethernet.s390-subchannels: -- 802-3-ethernet.s390-nettype: -- 802-3-ethernet.s390-options: -- 802-3-ethernet.wake-on-lan: default 802-3-ethernet.wake-on-lan-password: --
ipv4.method: manual ipv4.dns: 10.10.100.1,10.10.100.2 ipv4.dns-search: ourDomain ipv4.dns-options: -- ipv4.dns-priority: 0 ipv4.addresses: 10.10.100.205/24 ipv4.gateway: 10.10.100.254 ipv4.routes: -- ipv4.route-metric: -1 ipv4.route-table: 0 (unspec) ipv4.routing-rules: -- ipv4.ignore-auto-routes: no ipv4.ignore-auto-dns: no ipv4.dhcp-client-id: -- ipv4.dhcp-iaid: -- ipv4.dhcp-timeout: 0 (default) ipv4.dhcp-send-hostname: yes ipv4.dhcp-hostname: -- ipv4.dhcp-fqdn: -- ipv4.dhcp-hostname-flags: 0x0 (none) ipv4.never-default: no ipv4.may-fail: no ipv4.dad-timeout: -1 (default)
ipv6.method: ignore ipv6.dns: -- ipv6.dns-search: -- ipv6.dns-options: -- ipv6.dns-priority: 0 ipv6.addresses: -- ipv6.gateway: -- ipv6.routes: -- ipv6.route-metric: -1 ipv6.route-table: 0 (unspec) ipv6.routing-rules: -- ipv6.ignore-auto-routes: no ipv6.ignore-auto-dns: no ipv6.never-default: no ipv6.may-fail: yes ipv6.ip6-privacy: 0 (disabled) ipv6.addr-gen-mode: stable-privacy ipv6.ra-timeout: 0 (default) ipv6.dhcp-duid: -- ipv6.dhcp-iaid: -- ipv6.dhcp-timeout: 0 (default) ipv6.dhcp-send-hostname: yes ipv6.dhcp-hostname: -- ipv6.dhcp-hostname-flags: 0x0 (none) ipv6.token: --
proxy.method: none proxy.browser-only: no proxy.pac-url: -- proxy.pac-script: --
nmcli>
Felix
On 22/09/2020 14:35, Simon Matter wrote:
Dear Simon,
And can you diff the config of eno1 and eno4.
# pwd /etc/sysconfig/network-scripts
Okay, nothing to find here.
What about eno2, you also have two IP addresses there and even in the same subnet, is this wanted or not? Can the second address of eno2 be found in the ifcfg file?
Both eno2 and eno4 have "scope global secondary dynamic" with the second address and it doesn't seem to come from the base configuration.
Simon
# diff -u ifcfg-eno1 ifcfg-eno4 --- ifcfg-eno1 2020-09-21 17:23:25.576672703 +0200 +++ ifcfg-eno4 2020-09-22 07:18:43.160532532 +0200 @@ -3,15 +3,20 @@ BROWSER_ONLY=no BOOTPROTO=none DEFROUTE=no -IPV4_FAILURE_FATAL=yes -IPV6INIT=no -IPV6_AUTOCONF=no +IPV4_FAILURE_FATAL=no +IPV6INIT=yes +IPV6_AUTOCONF=yes IPV6_DEFROUTE=no IPV6_FAILURE_FATAL=no IPV6_ADDR_GEN_MODE=stable-privacy -NAME=eno1 -UUID=1e382037-fec9-493d-a4f2-ace7d73a1e7b -DEVICE=eno1 +NAME=eno4 +UUID=dbd95c24-1ed7-4292-8dba-3934bd1476a0 +DEVICE=eno4 ONBOOT=yes -IPADDR=192.168.1.90 +IPADDR=192.168.2.98 PREFIX=24 +DNS1=10.10.100.1 +DNS2=10.10.100.2 +#DNS3=8.8.8.8 +PEERDNS=no +PEERROUTES=no
Can you show the config of eno4?
# cat ifcfg-eno4 TYPE=Ethernet PROXY_METHOD=none BROWSER_ONLY=no BOOTPROTO=none DEFROUTE=no IPV4_FAILURE_FATAL=no IPV6INIT=yes IPV6_AUTOCONF=yes IPV6_DEFROUTE=no IPV6_FAILURE_FATAL=no IPV6_ADDR_GEN_MODE=stable-privacy NAME=eno4 UUID=dbd95c24-1ed7-4292-8dba-3934bd1476a0 DEVICE=eno4 ONBOOT=yes IPADDR=192.168.2.98 PREFIX=24 DNS1=10.10.100.1 DNS2=10.10.100.2 #DNS3=8.8.8.8 PEERDNS=no PEERROUTES=no
Regards,
Felix
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
I'd just suspect some rogue dhclient running on the system. Check the process list for dhclient instances and their cmdlines. NetworkManager should not be running any dhclient for that interface with this config.
-yoctozepto
On Tue, Sep 22, 2020 at 3:38 PM Simon Matter simon.matter@invoca.ch wrote:
Hi Felix
Dear Simon,
every second IP-address is unwanted. We restarted eno4:
nmcli con down eno4; nmcli con up eno4
and the second address vanishes. Then after a few ours, the second ip address reappears.
That's really interesting. Doesn't NetworkManager also store other settings in a different location, not the ifcfg files? I think it does so and you may have to check there.
Also, don't forget that there could be other tools running on the host which fiddle with NetworkManager.
That said, I usually don't use NetworkManager on my servers so I don't really know much about it.
Hope some NM experts can help you more.
Regards, Simon
This is the config-file of eno2:
# cat ifcfg-eno2 TYPE=Ethernet PROXY_METHOD=none BROWSER_ONLY=no BOOTPROTO=none DEFROUTE=yes IPV4_FAILURE_FATAL=yes IPV6INIT=no IPV6_AUTOCONF=yes IPV6_DEFROUTE=yes IPV6_FAILURE_FATAL=no IPV6_ADDR_GEN_MODE=stable-privacy NAME=eno2 UUID=cb6fcb54-be52-4ab6-8324-88091a0ea1a0 DEVICE=eno2 ONBOOT=yes IPV6_PRIVACY=no IPADDR=10.10.100.205 PREFIX=24 GATEWAY=10.10.100.254 DNS1=10.10.100.1 DNS2=10.10.100.2 DOMAIN=ourDomain
I am not aware of this setting:
scope global secondary dynamic
So maybe you are able to find it in the nmcli output:
# nmcli con edit eno2
===| nmcli interactive connection editor |===
Editing existing '802-3-ethernet' connection: 'eno2'
nmcli> p
Connection profile details (eno2)
=============================================================================== connection.id: eno2 connection.uuid: cb6fcb54-be52-4ab6-8324-88091a0ea1a0 connection.stable-id: -- connection.type: 802-3-ethernet connection.interface-name: eno2 connection.autoconnect: yes connection.autoconnect-priority: 0 connection.autoconnect-retries: -1 (default) connection.multi-connect: 0 (default) connection.auth-retries: -1 connection.timestamp: 1600780222 connection.read-only: no connection.permissions: -- connection.zone: -- connection.master: -- connection.slave-type: -- connection.autoconnect-slaves: -1 (default) connection.secondaries: -- connection.gateway-ping-timeout: 0 connection.metered: unknown connection.lldp: default connection.mdns: -1 (default) connection.llmnr: -1 (default) connection.wait-device-timeout: -1
802-3-ethernet.port: -- 802-3-ethernet.speed: 0 802-3-ethernet.duplex: -- 802-3-ethernet.auto-negotiate: no 802-3-ethernet.mac-address: -- 802-3-ethernet.cloned-mac-address: -- 802-3-ethernet.generate-mac-address-mask:-- 802-3-ethernet.mac-address-blacklist: -- 802-3-ethernet.mtu: auto 802-3-ethernet.s390-subchannels: -- 802-3-ethernet.s390-nettype: -- 802-3-ethernet.s390-options: -- 802-3-ethernet.wake-on-lan: default 802-3-ethernet.wake-on-lan-password: --
ipv4.method: manual ipv4.dns: 10.10.100.1,10.10.100.2 ipv4.dns-search: ourDomain ipv4.dns-options: -- ipv4.dns-priority: 0 ipv4.addresses: 10.10.100.205/24 ipv4.gateway: 10.10.100.254 ipv4.routes: -- ipv4.route-metric: -1 ipv4.route-table: 0 (unspec) ipv4.routing-rules: -- ipv4.ignore-auto-routes: no ipv4.ignore-auto-dns: no ipv4.dhcp-client-id: -- ipv4.dhcp-iaid: -- ipv4.dhcp-timeout: 0 (default) ipv4.dhcp-send-hostname: yes ipv4.dhcp-hostname: -- ipv4.dhcp-fqdn: -- ipv4.dhcp-hostname-flags: 0x0 (none) ipv4.never-default: no ipv4.may-fail: no ipv4.dad-timeout: -1 (default)
ipv6.method: ignore ipv6.dns: -- ipv6.dns-search: -- ipv6.dns-options: -- ipv6.dns-priority: 0 ipv6.addresses: -- ipv6.gateway: -- ipv6.routes: -- ipv6.route-metric: -1 ipv6.route-table: 0 (unspec) ipv6.routing-rules: -- ipv6.ignore-auto-routes: no ipv6.ignore-auto-dns: no ipv6.never-default: no ipv6.may-fail: yes ipv6.ip6-privacy: 0 (disabled) ipv6.addr-gen-mode: stable-privacy ipv6.ra-timeout: 0 (default) ipv6.dhcp-duid: -- ipv6.dhcp-iaid: -- ipv6.dhcp-timeout: 0 (default) ipv6.dhcp-send-hostname: yes ipv6.dhcp-hostname: -- ipv6.dhcp-hostname-flags: 0x0 (none) ipv6.token: --
proxy.method: none proxy.browser-only: no proxy.pac-url: -- proxy.pac-script: --
nmcli>
Felix
On 22/09/2020 14:35, Simon Matter wrote:
Dear Simon,
And can you diff the config of eno1 and eno4.
# pwd /etc/sysconfig/network-scripts
Okay, nothing to find here.
What about eno2, you also have two IP addresses there and even in the same subnet, is this wanted or not? Can the second address of eno2 be found in the ifcfg file?
Both eno2 and eno4 have "scope global secondary dynamic" with the second address and it doesn't seem to come from the base configuration.
Simon
# diff -u ifcfg-eno1 ifcfg-eno4 --- ifcfg-eno1 2020-09-21 17:23:25.576672703 +0200 +++ ifcfg-eno4 2020-09-22 07:18:43.160532532 +0200 @@ -3,15 +3,20 @@ BROWSER_ONLY=no BOOTPROTO=none DEFROUTE=no -IPV4_FAILURE_FATAL=yes -IPV6INIT=no -IPV6_AUTOCONF=no +IPV4_FAILURE_FATAL=no +IPV6INIT=yes +IPV6_AUTOCONF=yes IPV6_DEFROUTE=no IPV6_FAILURE_FATAL=no IPV6_ADDR_GEN_MODE=stable-privacy -NAME=eno1 -UUID=1e382037-fec9-493d-a4f2-ace7d73a1e7b -DEVICE=eno1 +NAME=eno4 +UUID=dbd95c24-1ed7-4292-8dba-3934bd1476a0 +DEVICE=eno4 ONBOOT=yes -IPADDR=192.168.1.90 +IPADDR=192.168.2.98 PREFIX=24 +DNS1=10.10.100.1 +DNS2=10.10.100.2 +#DNS3=8.8.8.8 +PEERDNS=no +PEERROUTES=no
Can you show the config of eno4?
# cat ifcfg-eno4 TYPE=Ethernet PROXY_METHOD=none BROWSER_ONLY=no BOOTPROTO=none DEFROUTE=no IPV4_FAILURE_FATAL=no IPV6INIT=yes IPV6_AUTOCONF=yes IPV6_DEFROUTE=no IPV6_FAILURE_FATAL=no IPV6_ADDR_GEN_MODE=stable-privacy NAME=eno4 UUID=dbd95c24-1ed7-4292-8dba-3934bd1476a0 DEVICE=eno4 ONBOOT=yes IPADDR=192.168.2.98 PREFIX=24 DNS1=10.10.100.1 DNS2=10.10.100.2 #DNS3=8.8.8.8 PEERDNS=no PEERROUTES=no
Regards,
Felix
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
On Tue, 22 Sep 2020, Felix Kölzow wrote:
A secondary ip address seems to be automatically added to a nic which causes several issues in our setup.
# nmcli con show NAME UUID TYPE DEVICE eno4 dbd95c24-1ed7-4292-8dba-3934bd1476a0 ethernet eno4
6: eno4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 00:26:b9:78:87:d7 brd ff:ff:ff:ff:ff:ff inet 192.168.2.98/24 brd 192.168.2.255 scope global noprefixroute eno4 valid_lft forever preferred_lft forever inet *192.168.137.223/24* brd 192.168.137.255 scope global dynamic eno4 <<----- THIS IS UNWANTED valid_lft 604778sec preferred_lft 604778sec inet6 fe80::9257:5654:b211:8dea/64 scope link noprefixroute valid_lft forever preferred_lft forever
You failed to show the configuration of eno4's profile in Network Manager (nmcli con show eno4). You can use 'nmcli con edit' (or nmtui) to modify the profile to eliminate the assignment of the unwanted address -- if it is in automatic mode (which seems to be the case) then you may need to fix your DHCP server instead. If there is no chance that Network Manager is assigning the extra address then you will have to hunt around your system for the program or script that is doing so.
/mark
Dear Mark,
thanks for the additional hints.
On 22/09/2020 17:26, Mark Milhollan wrote:
On Tue, 22 Sep 2020, Felix Kölzow wrote:
A secondary ip address seems to be automatically added to a nic which causes several issues in our setup.
# nmcli con show NAME UUID TYPE DEVICE eno4 dbd95c24-1ed7-4292-8dba-3934bd1476a0 ethernet eno4
6: eno4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 00:26:b9:78:87:d7 brd ff:ff:ff:ff:ff:ff inet 192.168.2.98/24 brd 192.168.2.255 scope global noprefixroute eno4 valid_lft forever preferred_lft forever inet *192.168.137.223/24* brd 192.168.137.255 scope global dynamic eno4 <<----- THIS IS UNWANTED valid_lft 604778sec preferred_lft 604778sec inet6 fe80::9257:5654:b211:8dea/64 scope link noprefixroute valid_lft forever preferred_lft forever
You failed to show the configuration of eno4's profile in Network Manager (nmcli con show eno4). You can use 'nmcli con edit' (or nmtui) to modify the profile to eliminate the assignment of the unwanted address -- if it is in automatic mode (which seems to be the case) then you may need to fix your DHCP server instead. If there is no chance that Network Manager is assigning the extra address then you will have to hunt around your system for the program or script that is doing so.
/mark
You failed to show the configuration of eno4's profile in Network Manager (nmcli con show eno4).
Yes, indeed, it was missing. The method is set to manual (additional marked), see below.
# nmcli con edit eno4
===| nmcli interactive connection editor |===
nmcli> p =============================================================================== Connection profile details (eno4) =============================================================================== connection.id: eno4 connection.uuid: dbd95c24-1ed7-4292-8dba-3934bd1476a0 connection.stable-id: -- connection.type: 802-3-ethernet connection.interface-name: eno4 connection.autoconnect: yes connection.autoconnect-priority: 0 connection.autoconnect-retries: -1 (default) connection.multi-connect: 0 (default) connection.auth-retries: -1 connection.timestamp: 1600932622 connection.read-only: no connection.permissions: -- connection.zone: -- connection.master: -- connection.slave-type: -- connection.autoconnect-slaves: -1 (default) connection.secondaries: -- connection.gateway-ping-timeout: 0 connection.metered: unknown connection.lldp: default connection.mdns: -1 (default) connection.llmnr: -1 (default) connection.wait-device-timeout: -1 ------------------------------------------------------------------------------- 802-3-ethernet.port: -- 802-3-ethernet.speed: 0 802-3-ethernet.duplex: -- 802-3-ethernet.auto-negotiate: no 802-3-ethernet.mac-address: -- 802-3-ethernet.cloned-mac-address: -- 802-3-ethernet.generate-mac-address-mask:-- 802-3-ethernet.mac-address-blacklist: -- 802-3-ethernet.mtu: auto 802-3-ethernet.s390-subchannels: -- 802-3-ethernet.s390-nettype: -- 802-3-ethernet.s390-options: -- 802-3-ethernet.wake-on-lan: default 802-3-ethernet.wake-on-lan-password: -- ------------------------------------------------------------------------------- ipv4.method: manual######## <<<--------------- IS SET TO MANUAL ipv4.dns: 10.10.100.1,10.10.100.2 ipv4.dns-search: -- ipv4.dns-options: -- ipv4.dns-priority: 0 ipv4.addresses: 192.168.2.98/24 ipv4.gateway: -- ipv4.routes: -- ipv4.route-metric: -1 ipv4.route-table: 0 (unspec) ipv4.routing-rules: -- ipv4.ignore-auto-routes: yes ipv4.ignore-auto-dns: yes ipv4.dhcp-client-id: -- ipv4.dhcp-iaid: -- ipv4.dhcp-timeout: 0 (default) ipv4.dhcp-send-hostname: yes ipv4.dhcp-hostname: -- ipv4.dhcp-fqdn: -- ipv4.dhcp-hostname-flags: 0x0 (none) ipv4.never-default: yes ipv4.may-fail: yes ipv4.dad-timeout: -1 (default) ------------------------------------------------------------------------------- ipv6.method: auto ipv6.dns: -- ipv6.dns-search: -- ipv6.dns-options: -- ipv6.dns-priority: 0 ipv6.addresses: -- ipv6.gateway: -- ipv6.routes: -- ipv6.route-metric: -1 ipv6.route-table: 0 (unspec) ipv6.routing-rules: -- ipv6.ignore-auto-routes: no ipv6.ignore-auto-dns: no ipv6.never-default: yes ipv6.may-fail: yes ipv6.ip6-privacy: -1 (unknown) ipv6.addr-gen-mode: stable-privacy ipv6.ra-timeout: 0 (default) ipv6.dhcp-duid: -- ipv6.dhcp-iaid: -- ipv6.dhcp-timeout: 0 (default) ipv6.dhcp-send-hostname: yes ipv6.dhcp-hostname: -- ipv6.dhcp-hostname-flags: 0x0 (none) ipv6.token: -- ------------------------------------------------------------------------------- proxy.method: none proxy.browser-only: no proxy.pac-url: -- proxy.pac-script: -- -------------------------------------------------------------------------------
Actually, we fixed it by killing the dhcclient and and reconnecting (nmcli con down ... and nmcli con up ... ).
We are using similar configs and everything is done by using the nmcli, but we are not facing similar issues there.
So at this point, I really would like to understand that behaviour.
If you have any ideas, feel free to share.
Regards,
Felix
Actually, we fixed it by killing the dhcclient and and reconnecting (nmcli con down ... and nmcli con up ... ).
We are using similar configs and everything is done by using the nmcli, but we are not facing similar issues there.
So at this point, I really would like to understand that behaviour.
Why is there a dhcclient running at all if you have manual settings? What has started dhcclient?
Simon