[CentOS] CentOS 7, NetworkMangler, and ipv6

Thu Dec 10 21:19:33 UTC 2015
m.roth at 5-cent.us <m.roth at 5-cent.us>

Yamaban wrote:
> On Thu, 10 Dec 2015 16:00, m.roth at ... wrote:
>
>> We've started having a problem with a CentOS 7 server. It looses its
>> IPv6 address, if I understand this issue correctly. We can get in,
>> if we do ssh -4, though.
>>
>> In the logs, I'm seeing this about twice an hour:
>> <warn>  (pid 98466) unhandled DHCP event for interface ens3f0
>>
>> Now, in googling, I get very few hits putting quotes around "unhanded
>> dhcp
>> exception" - in fact, the only one I found that seemed to talk about it
>> was from someone's slackware box, where there was some sort of
>> configuration, perhaps similar to ifcfg-<if>, and they were telling that
>> person to remove it, because it conflicted with what Networkmanager was
>> trying to do, leaving it in a confused state.
>>
> My first thought upon reading this was:
> Well, let's block / drop the irritating packets via firewall / iptables.
>
> Is the source of these packets allowed to contact your box at all?

Yes. Btw, this is a box in a datacenter, hardwired. It's getting its IP,
both 4 and 6 via dhcp from another of our servers in that rack.

>   - No : then block it fully, ipv4 and ipv6
>   - Yes: block all dhcpv4 / dhcpv6 / radv traffic to and from this source.
>     or even more aggressive: first block this box, second only open the
>     minimum required ports to that box.
>
> IMHO, Networkmanager(and its underlaying helpers) should be much more
> carefull in handling Router / DHCP stuff.
> It's biggest niggle for me is a missing white- and black-list for
> (dis-)allowed routers / dhcp-servers.
>
> Is this the "Right(tm)" thing to do? Dunno, but that would be my
> gut-telling.

The other admin I work with was working on it, and it seems to be good.
However, since he restarted the network, I do find this in the logs:
Dec 10 16:06:01 <server> dhclient[96610]: PRC: Renewing lease on ens3f0.
Dec 10 16:06:01 <server> dhclient[96610]: XMT: Renew on ens3f0, interval
10900ms.
Dec 10 16:06:01 <server> dhclient[96610]: RCV: Reply message on ens3f0
from fe80:::
222:64ff:fef6:d30c.
Dec 10 16:06:01 <server> dhclient[96610]: IA_NA status code NoBinding:
"Who are you? Do I know you?"
Dec 10 16:06:01 <server> dhclient[96610]: XMT: Request on ens3f0, interval
910ms.
Dec 10 16:06:01 <server> dhclient[96610]: RCV: Reply message on ens3f0
from fe80:::<addr>
Dec 10 16:06:01 <server> dhclient[96610]: IA_NA status code Success:
"Assigned fixx ed address."
Dec 10 16:06:01 <server> NetworkManager[96668]: <warn>  (pid 96610)
unhandled DHCP event for interface ens3f0

Oh, yes, not sure who the 222: address is, but the one I've replaced with
<addr> is not merely a valid one, it's the server running dibbler.

So, I'm not sure what the "unhandled DHCP event is.

      mark