Endereço IP removido da interface de rede gerenciada por systemd-networkd

Navegue suas respostas
2

Eu gostaria que o systemd-networkd gerenciasse apenas propriedades específicas (nome do servidor DNS e domínios de pesquisa) da interface tun que é configurada pelo cliente OpenVPN (que atribui o endereço IP). Para conseguir isso, estou usando o seguinte arquivo de unidade de rede: 

[Match]
Name=ovpn

[Network]
DNS=10.0.0.1
Domains=lan

Nesta configuração, o cliente OpenVPN é iniciado, conecta-se a um servidor, atribui o endereço IP à interface tun, mas o endereço é quase imediatamente removido da interface. Isso pode ser visto no seguinte log: 

systemd-networkd[18414]: ovpn: MAC address not found for new device, continuing without
systemd-networkd[18414]: ovpn: Flags change: +MULTICAST +POINTOPOINT +NOARP
systemd-networkd[18414]: ovpn: Link 36 added
systemd-networkd[18414]: ovpn: link pending udev initialization...
systemd-networkd[18414]: ovpn: Saved original MTU: 1500
systemd-networkd[18414]: ovpn: Flags change: +UP +LOWER_UP +RUNNING
systemd-networkd[18414]: Sent message type=signal sender=n/a destination=n/a object=/org/freedesktop/network1/link/_336 interface=org.freedesktop.DBus.Properties member=PropertiesChanged cookie=21 reply_cookie=0 error=n/a
systemd-networkd[18414]: ovpn: Gained carrier
systemd-networkd[18414]: ovpn: Adding address: fe80::49c6:c30b:5f86:6622/64 (valid forever)
systemd-networkd[18414]: Sent message type=signal sender=n/a destination=n/a object=/org/freedesktop/network1/link/_336 interface=org.freedesktop.DBus.Properties member=PropertiesChanged cookie=22 reply_cookie=0 error=n/a
systemd-networkd[18414]: ovpn: Gained IPv6LL
systemd-networkd[18414]: ovpn: Adding address: 10.1.1.100/22 (valid forever)
systemd-networkd[18414]: Sent message type=signal sender=n/a destination=n/a object=/org/freedesktop/network1/link/_336 interface=org.freedesktop.DBus.Properties member=PropertiesChanged cookie=23 reply_cookie=0 error=n/a
systemd-networkd[18414]: ovpn: udev initialized link
systemd-networkd[18414]: ovpn: Link state is up-to-date
systemd-networkd[18414]: ovpn: found matching network '/etc/systemd/network/ovpn.network'
systemd-networkd[18414]: ovpn: Discovering IPv6 routers
systemd-networkd[18414]: NDISC: Started IPv6 Router Solicitation client
systemd-networkd[18414]: Sent message type=signal sender=n/a destination=n/a object=/org/freedesktop/network1/link/_336 interface=org.freedesktop.DBus.Properties member=PropertiesChanged cookie=24 reply_cookie=0 error=n/a
systemd-networkd[18414]: Sent message type=signal sender=n/a destination=n/a object=/org/freedesktop/network1/link/_336 interface=org.freedesktop.DBus.Properties member=PropertiesChanged cookie=25 reply_cookie=0 error=n/a
systemd-networkd[18414]: Sent message type=signal sender=n/a destination=n/a object=/org/freedesktop/network1/link/_336 interface=org.freedesktop.DBus.Properties member=PropertiesChanged cookie=26 reply_cookie=0 error=n/a
systemd-networkd[18414]: NDISC: Sent Router Solicitation
systemd-networkd[18414]: ovpn: Removing address: 10.1.1.100/22 (valid forever)

Por que o endereço IP foi removido?
Posso gerenciar apenas propriedades específicas da interface de rede usando systemd-networkd?

    
por Piotr Dobrogost 02.03.2017 / 22:19

1 resposta

1

Como zdzichu no #systemd o canal irc do Freenode descobriu o comportamento do networkd em relação ao estado do link (interface) não definido pelo próprio networkd foi estabelecido com commit intitulado networkd: link - solte a configuração estrangeira ao configurar o link com a seguinte mensagem de confirmação (ênfase minha):

This is a change in behavior:

Before we would never remove any state, only add to it, we now drop unwanted state from any link the moment we start managing it.

Note however, that we still will not remove any foreign state added at runtime, to avoid any feedback loops. However, we make no guarantees about coexisting with third-party tools that change the state of the links we manage.

No final, tentar definir as propriedades do link fora de networkd não é livre de raça. Abaixo está um exemplo da inicialização do sistema em que a sequência de eventos é diferente e o resultado final é que a interface mantém o endereço IP definido pelo cliente OpenVPN. 

systemd-networkd[1047]: ovpn: MAC address not found for new device, continuing without
systemd-networkd[1047]: ovpn: Flags change: +MULTICAST +POINTOPOINT +NOARP
systemd-networkd[1047]: ovpn: Link 4 added
systemd-networkd[1047]: ovpn: udev initialized link
systemd-networkd[1047]: ovpn: Saved original MTU: 1500
systemd-networkd[1047]: ovpn: Link state is up-to-date
systemd-networkd[1047]: ovpn: found matching network '/etc/systemd/network/ovpn.network'
systemd-networkd[1047]: Sent message type=signal sender=n/a destination=n/a object=/org/freedesktop/network1/link/_34 interface= (...)
systemd-networkd[1047]: ovpn: Bringing link up
systemd-networkd[1047]: ovpn: IPv6 enabled for interface: Success
systemd-networkd[1047]: Sent message type=signal sender=n/a destination=n/a object=/org/freedesktop/network1/link/_34 interface= (...)
systemd-networkd[1047]: Sent message type=signal sender=n/a destination=n/a object=/org/freedesktop/network1/link/_34 interface= (...)
systemd-networkd[1047]: ovpn: Flags change: +UP +LOWER_UP +RUNNING
systemd-networkd[1047]: Sent message type=signal sender=n/a destination=n/a object=/org/freedesktop/network1/link/_34 interface= (...)
systemd-networkd[1047]: ovpn: Gained carrier
systemd-networkd[1047]: Sent message type=signal sender=n/a destination=n/a object=/org/freedesktop/network1/link/_34 interface= (...)
systemd-networkd[1047]: Sent message type=signal sender=n/a destination=n/a object=/org/freedesktop/network1/link/_34 interface= (...)
systemd-networkd[1047]: ovpn: Adding address: fe80::ba0:a13:d13d:d438/64 (valid forever)
systemd-networkd[1047]: Sent message type=signal sender=n/a destination=n/a object=/org/freedesktop/network1/link/_34 interface= (...)
systemd-networkd[1047]: ovpn: Gained IPv6LL
systemd-networkd[1047]: ovpn: Discovering IPv6 routers
systemd-networkd[1047]: NDISC: Started IPv6 Router Solicitation client
systemd-networkd[1047]: NDISC: Sent Router Solicitation
systemd-networkd[1047]: ovpn: Adding address: 10.1.1.100/22 (valid forever)
    
por 06.03.2017 / 21:53

Tags

Fedora 25 Cinnamon presa no loop de login gráfico, tty login successful Feche e reinicie a tela - acaba sendo enganado!