[CentOS] nmcli: unwanted secondary ip-address

Tue Sep 22 13:37:55 UTC 2020
Simon Matter <simon.matter at invoca.ch>

Hi Felix

> Dear Simon,
>
> every second IP-address is unwanted. We restarted  eno4:
>
> nmcli con down eno4; nmcli con up eno4
>
> and the second address vanishes. Then after a few ours, the second ip
> address reappears.

That's really interesting. Doesn't NetworkManager also store other
settings in a different location, not the ifcfg files? I think it does so
and you may have to check there.

Also, don't forget that there could be other tools running on the host
which fiddle with NetworkManager.

That said, I usually don't use NetworkManager on my servers so I don't
really know much about it.

Hope some NM experts can help you more.

Regards,
Simon

>
>
> This is the config-file of eno2:
>
> # cat ifcfg-eno2
> TYPE=Ethernet
> PROXY_METHOD=none
> BROWSER_ONLY=no
> BOOTPROTO=none
> DEFROUTE=yes
> IPV4_FAILURE_FATAL=yes
> IPV6INIT=no
> IPV6_AUTOCONF=yes
> IPV6_DEFROUTE=yes
> IPV6_FAILURE_FATAL=no
> IPV6_ADDR_GEN_MODE=stable-privacy
> NAME=eno2
> UUID=cb6fcb54-be52-4ab6-8324-88091a0ea1a0
> DEVICE=eno2
> ONBOOT=yes
> IPV6_PRIVACY=no
> IPADDR=10.10.100.205
> PREFIX=24
> GATEWAY=10.10.100.254
> DNS1=10.10.100.1
> DNS2=10.10.100.2
> DOMAIN=ourDomain
>
> I am not aware of this setting:
>
> scope global secondary dynamic
>
>
> So maybe you are able to find it in the nmcli output:
>
> # nmcli con edit eno2
>
> ===| nmcli interactive connection editor |===
>
> Editing existing '802-3-ethernet' connection: 'eno2'
>
>
> nmcli> p
> ===============================================================================
>                         Connection profile details (eno2)
> ===============================================================================
> connection.id:                          eno2
> connection.uuid: cb6fcb54-be52-4ab6-8324-88091a0ea1a0
> connection.stable-id:                   --
> connection.type:                        802-3-ethernet
> connection.interface-name:              eno2
> connection.autoconnect:                 yes
> connection.autoconnect-priority:        0
> connection.autoconnect-retries:         -1 (default)
> connection.multi-connect:               0 (default)
> connection.auth-retries:                -1
> connection.timestamp:                   1600780222
> connection.read-only:                   no
> connection.permissions:                 --
> connection.zone:                        --
> connection.master:                      --
> connection.slave-type:                  --
> connection.autoconnect-slaves:          -1 (default)
> connection.secondaries:                 --
> connection.gateway-ping-timeout:        0
> connection.metered:                     unknown
> connection.lldp:                        default
> connection.mdns:                        -1 (default)
> connection.llmnr:                       -1 (default)
> connection.wait-device-timeout:         -1
> -------------------------------------------------------------------------------
> 802-3-ethernet.port:                    --
> 802-3-ethernet.speed:                   0
> 802-3-ethernet.duplex:                  --
> 802-3-ethernet.auto-negotiate:          no
> 802-3-ethernet.mac-address:             --
> 802-3-ethernet.cloned-mac-address:      --
> 802-3-ethernet.generate-mac-address-mask:--
> 802-3-ethernet.mac-address-blacklist:   --
> 802-3-ethernet.mtu:                     auto
> 802-3-ethernet.s390-subchannels:        --
> 802-3-ethernet.s390-nettype:            --
> 802-3-ethernet.s390-options:            --
> 802-3-ethernet.wake-on-lan:             default
> 802-3-ethernet.wake-on-lan-password:    --
> -------------------------------------------------------------------------------
> ipv4.method:                            manual
> ipv4.dns: 10.10.100.1,10.10.100.2
> ipv4.dns-search:                        ourDomain
> ipv4.dns-options:                       --
> ipv4.dns-priority:                      0
> ipv4.addresses:                         10.10.100.205/24
> ipv4.gateway:                           10.10.100.254
> ipv4.routes:                            --
> ipv4.route-metric:                      -1
> ipv4.route-table:                       0 (unspec)
> ipv4.routing-rules:                     --
> ipv4.ignore-auto-routes:                no
> ipv4.ignore-auto-dns:                   no
> ipv4.dhcp-client-id:                    --
> ipv4.dhcp-iaid:                         --
> ipv4.dhcp-timeout:                      0 (default)
> ipv4.dhcp-send-hostname:                yes
> ipv4.dhcp-hostname:                     --
> ipv4.dhcp-fqdn:                         --
> ipv4.dhcp-hostname-flags:               0x0 (none)
> ipv4.never-default:                     no
> ipv4.may-fail:                          no
> ipv4.dad-timeout:                       -1 (default)
> -------------------------------------------------------------------------------
> ipv6.method:                            ignore
> ipv6.dns:                               --
> ipv6.dns-search:                        --
> ipv6.dns-options:                       --
> ipv6.dns-priority:                      0
> ipv6.addresses:                         --
> ipv6.gateway:                           --
> ipv6.routes:                            --
> ipv6.route-metric:                      -1
> ipv6.route-table:                       0 (unspec)
> ipv6.routing-rules:                     --
> ipv6.ignore-auto-routes:                no
> ipv6.ignore-auto-dns:                   no
> ipv6.never-default:                     no
> ipv6.may-fail:                          yes
> ipv6.ip6-privacy:                       0 (disabled)
> ipv6.addr-gen-mode:                     stable-privacy
> ipv6.ra-timeout:                        0 (default)
> ipv6.dhcp-duid:                         --
> ipv6.dhcp-iaid:                         --
> ipv6.dhcp-timeout:                      0 (default)
> ipv6.dhcp-send-hostname:                yes
> ipv6.dhcp-hostname:                     --
> ipv6.dhcp-hostname-flags:               0x0 (none)
> ipv6.token:                             --
> -------------------------------------------------------------------------------
> proxy.method:                           none
> proxy.browser-only:                     no
> proxy.pac-url:                          --
> proxy.pac-script:                       --
> -------------------------------------------------------------------------------
> nmcli>
>
>
> Felix
>
> On 22/09/2020 14:35, Simon Matter wrote:
>>> Dear Simon,
>>>
>>>
>>>> And can you diff the config of eno1 and eno4.
>>> # pwd
>>> /etc/sysconfig/network-scripts
>> Okay, nothing to find here.
>>
>> What about eno2, you also have two IP addresses there and even in the
>> same
>> subnet, is this wanted or not? Can the second address of eno2 be found
>> in
>> the ifcfg file?
>>
>> Both eno2 and eno4 have "scope global secondary dynamic" with the
>> second
>> address and it doesn't seem to come from the base configuration.
>>
>> Simon
>>
>>> # diff -u ifcfg-eno1 ifcfg-eno4
>>> --- ifcfg-eno1    2020-09-21 17:23:25.576672703 +0200
>>> +++ ifcfg-eno4    2020-09-22 07:18:43.160532532 +0200
>>> @@ -3,15 +3,20 @@
>>>    BROWSER_ONLY=no
>>>    BOOTPROTO=none
>>>    DEFROUTE=no
>>> -IPV4_FAILURE_FATAL=yes
>>> -IPV6INIT=no
>>> -IPV6_AUTOCONF=no
>>> +IPV4_FAILURE_FATAL=no
>>> +IPV6INIT=yes
>>> +IPV6_AUTOCONF=yes
>>>    IPV6_DEFROUTE=no
>>>    IPV6_FAILURE_FATAL=no
>>>    IPV6_ADDR_GEN_MODE=stable-privacy
>>> -NAME=eno1
>>> -UUID=1e382037-fec9-493d-a4f2-ace7d73a1e7b
>>> -DEVICE=eno1
>>> +NAME=eno4
>>> +UUID=dbd95c24-1ed7-4292-8dba-3934bd1476a0
>>> +DEVICE=eno4
>>>    ONBOOT=yes
>>> -IPADDR=192.168.1.90
>>> +IPADDR=192.168.2.98
>>>    PREFIX=24
>>> +DNS1=10.10.100.1
>>> +DNS2=10.10.100.2
>>> +#DNS3=8.8.8.8
>>> +PEERDNS=no
>>> +PEERROUTES=no
>>>
>>>> Can you show  the config of eno4?
>>> # cat  ifcfg-eno4
>>> TYPE=Ethernet
>>> PROXY_METHOD=none
>>> BROWSER_ONLY=no
>>> BOOTPROTO=none
>>> DEFROUTE=no
>>> IPV4_FAILURE_FATAL=no
>>> IPV6INIT=yes
>>> IPV6_AUTOCONF=yes
>>> IPV6_DEFROUTE=no
>>> IPV6_FAILURE_FATAL=no
>>> IPV6_ADDR_GEN_MODE=stable-privacy
>>> NAME=eno4
>>> UUID=dbd95c24-1ed7-4292-8dba-3934bd1476a0
>>> DEVICE=eno4
>>> ONBOOT=yes
>>> IPADDR=192.168.2.98
>>> PREFIX=24
>>> DNS1=10.10.100.1
>>> DNS2=10.10.100.2
>>> #DNS3=8.8.8.8
>>> PEERDNS=no
>>> PEERROUTES=no
>>>
>>> Regards,
>>>
>>> Felix
>>>
>>> _______________________________________________
>>> CentOS mailing list
>>> CentOS at centos.org
>>> https://lists.centos.org/mailman/listinfo/centos
>>>
>>
>> _______________________________________________
>> CentOS mailing list
>> CentOS at centos.org
>> https://lists.centos.org/mailman/listinfo/centos
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> https://lists.centos.org/mailman/listinfo/centos
>