Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ifupdown : bookworm - bridge interfaces are down at boot #2370

Open
prahal opened this issue Jun 21, 2023 · 2 comments
Open

ifupdown : bookworm - bridge interfaces are down at boot #2370

prahal opened this issue Jun 21, 2023 · 2 comments

Comments

@prahal
Copy link
Contributor

prahal commented Jun 21, 2023
edited
Loading

The bridge interfaces are broken with debops [email protected] on bookworm.

systemd 252.6-1
ifupdown 0.8.41

Current [email protected] from debops ifupdown:

  • on dhcp server:
systemd[1]: Started [email protected] - Bring network interface up for br1.
systemd[1]: Stopping [email protected] - Bring network interface up for br1...
ifdown[2085]: ifdown: waiting for lock on /run/network/ifstate.br1
sh[2133]: resolvconf: Error: Run lock held by another process for longer than 10 seconds
systemd[1]: [email protected]: Main process exited, code=exited, status=1/FAILURE
sh[2249]: Waiting for DAD... Done
sh[2305]: resolvconf: Error: Run lock held by another process for longer than 10 seconds
ifdown[2412]: resolvconf: Error: Run lock held by another process for longer than 10 seconds
ifdown[2473]: resolvconf: Error: Run lock held by another process for longer than 10 seconds
ifdown[2562]: Cannot find device "br1"
ifdown[2566]: Device "br1" does not exist.
ifdown[2570]: Cannot find device "br1"
systemd[1]: [email protected]: Failed with result 'exit-code'.
systemd[1]: Stopped [email protected] - Bring network interface up for br1.
  • on dhcp client:
systemd[1]: Started [email protected] - Bring network interface up for br0.
systemd[1]: Stopping [email protected] - Bring network interface up for br0...
ifdown[877]: ifdown: waiting for lock on /run/network/ifstate.br0
dhclient[888]: Internet Systems Consortium DHCP Client 4.4.3-P1
sh[888]: Internet Systems Consortium DHCP Client 4.4.3-P1
sh[888]: Copyright 2004-2022 Internet Systems Consortium.
sh[888]: All rights reserved.
sh[888]: For info, please visit https://www.isc.org/software/dhcp/
dhclient[888]: Copyright 2004-2022 Internet Systems Consortium.
dhclient[888]: All rights reserved.
dhclient[888]: For info, please visit https://www.isc.org/software/dhcp/
dhclient[888]: 
dhclient[888]: Listening on LPF/br0/9a:1a:61:e9:a3:8b
sh[888]: Listening on LPF/br0/9a:1a:61:e9:a3:8b
sh[888]: Sending on   LPF/br0/9a:1a:61:e9:a3:8b
sh[888]: Sending on   Socket/fallback
sh[888]: DHCPDISCOVER on br0 to 255.255.255.255 port 67 interval 5
dhclient[888]: Sending on   LPF/br0/9a:1a:61:e9:a3:8b
dhclient[888]: Sending on   Socket/fallback
dhclient[888]: DHCPDISCOVER on br0 to 255.255.255.255 port 67 interval 5
dhclient[888]: DHCPOFFER of 192.168.10.134 from 192.168.10.41
sh[888]: DHCPOFFER of 192.168.10.134 from 192.168.10.41
sh[888]: DHCPREQUEST for 192.168.10.134 on br0 to 255.255.255.255 port 67
dhclient[888]: DHCPREQUEST for 192.168.10.134 on br0 to 255.255.255.255 port 67
sh[888]: DHCPACK of 192.168.10.134 from 192.168.10.41
dhclient[888]: DHCPACK of 192.168.10.134 from 192.168.10.41
dhclient[888]: bound to 192.168.10.134 -- renewal in 27 seconds.
sh[888]: bound to 192.168.10.134 -- renewal in 27 seconds.
sh[950]: net.ipv6.conf.br0.accept_ra = 2
sh[994]: net.ipv6.conf.br0.accept_ra = 2
systemd[1]: [email protected]: Main process exited, code=exited, status=1/FAILURE
dhclient[1015]: Killed old client process
ifdown[1015]: Killed old client process
dhclient[1015]: Internet Systems Consortium DHCP Client 4.4.3-P1
ifdown[1015]: Internet Systems Consortium DHCP Client 4.4.3-P1
ifdown[1015]: Copyright 2004-2022 Internet Systems Consortium.
ifdown[1015]: All rights reserved.
ifdown[1015]: For info, please visit https://www.isc.org/software/dhcp/
dhclient[1015]: Copyright 2004-2022 Internet Systems Consortium.
dhclient[1015]: All rights reserved.
dhclient[1015]: For info, please visit https://www.isc.org/software/dhcp/
dhclient[1015]: 
dhclient[1015]: Listening on LPF/br0/9a:1a:61:e9:a3:8b
ifdown[1015]: Listening on LPF/br0/9a:1a:61:e9:a3:8b
ifdown[1015]: Sending on   LPF/br0/9a:1a:61:e9:a3:8b
ifdown[1015]: Sending on   Socket/fallback
dhclient[1015]: Sending on   LPF/br0/9a:1a:61:e9:a3:8b
dhclient[1015]: Sending on   Socket/fallback
dhclient[1015]: DHCPRELEASE of 192.168.10.134 on br0 to 192.168.10.41 port 67
ifdown[1015]: DHCPRELEASE of 192.168.10.134 on br0 to 192.168.10.41 port 67
ifdown[1065]: Device "br0" does not exist.
ifdown[1069]: Cannot find device "br0"
systemd[1]: [email protected]: Failed with result 'exit-code'.
systemd[1]: Stopped [email protected] - Bring network interface up for br0.

The issue can be reproduced after boot by first deleting the bridge interface with brctl delbr <bridge iface>.

If I remove from [email protected] BindsTo=sys-subsystem-net-devices-%i.device then the bridge loads fine at boot (note I also added an After=sys-subsystem-net-devices-%i.device in [email protected]):

  • dhcp server:
systemd[1]: Started [email protected] - Bring network interface up for br1.
sh[2228]: resolvconf: Error: Run lock held by another process for longer than 10 seconds
sh[2361]: Waiting for DAD... Done
sh[2559]: br1=br1
  • dhcp client:
systemd[1]: Started [email protected] - Bring network interface up for br0.
dhclient[893]: Internet Systems Consortium DHCP Client 4.4.3-P1
sh[893]: Internet Systems Consortium DHCP Client 4.4.3-P1
sh[893]: Copyright 2004-2022 Internet Systems Consortium.
sh[893]: All rights reserved.
sh[893]: For info, please visit https://www.isc.org/software/dhcp/
dhclient[893]: Copyright 2004-2022 Internet Systems Consortium.
dhclient[893]: All rights reserved.
dhclient[893]: For info, please visit https://www.isc.org/software/dhcp/
dhclient[893]: 
dhclient[893]: Listening on LPF/br0/9a:1a:61:e9:a3:8b
sh[893]: Listening on LPF/br0/9a:1a:61:e9:a3:8b
sh[893]: Sending on   LPF/br0/9a:1a:61:e9:a3:8b
sh[893]: Sending on   Socket/fallback
dhclient[893]: Sending on   LPF/br0/9a:1a:61:e9:a3:8b
sh[893]: DHCPDISCOVER on br0 to 255.255.255.255 port 67 interval 5
sh[893]: DHCPOFFER of 192.168.10.17 from 192.168.10.1
sh[893]: DHCPREQUEST for 192.168.10.17 on br0 to 255.255.255.255 port 67
dhclient[893]: Sending on   Socket/fallback
dhclient[893]: DHCPDISCOVER on br0 to 255.255.255.255 port 67 interval 5
dhclient[893]: DHCPOFFER of 192.168.10.17 from 192.168.10.1
dhclient[893]: DHCPREQUEST for 192.168.10.17 on br0 to 255.255.255.255 port 67
dhclient[893]: DHCPACK of 192.168.10.17 from 192.168.10.1
sh[893]: DHCPACK of 192.168.10.17 from 192.168.10.1
dhclient[893]: bound to 192.168.10.17 -- renewal in 40130 seconds.
sh[893]: bound to 192.168.10.17 -- renewal in 40130 seconds.
sh[985]: net.ipv6.conf.br0.accept_ra = 2
sh[1027]: net.ipv6.conf.br0.accept_ra = 2
sh[1037]: br0=br0
dhclient[893]: DHCPREQUEST for 192.168.10.17 on br0 to 192.168.10.1 port 67
dhclient[893]: DHCPACK of 192.168.10.17 from 192.168.10.1
dhclient[893]: bound to 192.168.10.17 -- renewal in 33401 seconds.

Somehow the br1 device is created on ifdown and is ifdown does not delete it. So later attempt to start [email protected] succeed:

systemd[1]: Started [email protected] - Bring network interface up for br1.
sh[8627]: Waiting for DAD... Done
sh[8724]: br1=br1

though this is a side effect.

The systemd behavior with regards to BindsTo is correct to me per:
systemd/systemd#4733 (comment) "BindsTo= just means: whatever happens, don't permit A running if it has BindsTo=B and B isn't running. "
except maybe it should not even run stop if start ExecStart never ran.

I wonder how to proceed. We want BindsTo at least for non-virtual interfaces like bridges. You mentioned in https://www.reddit.com/r/debian/comments/7nw98g/comment/ds57s74/ "stick to ifupdown and [email protected] but configure virtual network interfaces as needed in udev beforehand. I'm not sure how this should be done properly, maybe with aid of .device units that define these devices on boot. But this involves more moving parts and I didn't really check if that solution is viable."
I don't think one can create an interface with udev without binding it to a physical interface event (add, change, remove). So to me udev cannot help to create this bridge device before running iface@ service.
We could ask the systemd projects devs how they envision this bridge device creation (or if they have other ideas to cope with this issue).

Also, we may be able to create the bridge with brctl addbr <bridge iface> (I cannot seem to find how to do this with the newer bridge tool. But I cannot find how to get which interfaces are bridges before the bridge is created from ifupdown (ifquery). Thus I cannot tell which bridge interfaces to create via brctl.
@prahal prahal mentioned this issue Oct 18, 2023
Merged
@stefangweichinger
Copy link
Contributor

I also hit this issue. Checking for workarounds now (in your postings).

@prahal
Copy link
Contributor Author

prahal commented Dec 15, 2023

@stefangweichinger #2441 should do the trick (RFC as I don't know if it is the proper fix but at least it works now)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@prahal @stefangweichinger