Re: [CentOS] nmcli: unwanted secondary ip-address
On Tue, 22 Sep 2020, Felix Kölzow wrote: A secondary ip address seems to be automatically added to a nic which causes several issues in our setup. # nmcli con show NAME UUID TYPE DEVICE eno4 dbd95c24-1ed7-4292-8dba-3934bd1476a0 ethernet eno4 6: eno4: mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 00:26:b9:78:87:d7 brd ff:ff:ff:ff:ff:ff inet 192.168.2.98/24 brd 192.168.2.255 scope global noprefixroute eno4 valid_lft forever preferred_lft forever inet *192.168.137.223/24* brd 192.168.137.255 scope global dynamic eno4 <<- THIS IS UNWANTED valid_lft 604778sec preferred_lft 604778sec inet6 fe80::9257:5654:b211:8dea/64 scope link noprefixroute valid_lft forever preferred_lft forever You failed to show the configuration of eno4's profile in Network Manager (nmcli con show eno4). You can use 'nmcli con edit' (or nmtui) to modify the profile to eliminate the assignment of the unwanted address -- if it is in automatic mode (which seems to be the case) then you may need to fix your DHCP server instead. If there is no chance that Network Manager is assigning the extra address then you will have to hunt around your system for the program or script that is doing so. /mark ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] nmcli: unwanted secondary ip-address
I'd just suspect some rogue dhclient running on the system. Check the process list for dhclient instances and their cmdlines. NetworkManager should not be running any dhclient for that interface with this config. -yoctozepto On Tue, Sep 22, 2020 at 3:38 PM Simon Matter wrote: > > Hi Felix > > > Dear Simon, > > > > every second IP-address is unwanted. We restarted eno4: > > > > nmcli con down eno4; nmcli con up eno4 > > > > and the second address vanishes. Then after a few ours, the second ip > > address reappears. > > That's really interesting. Doesn't NetworkManager also store other > settings in a different location, not the ifcfg files? I think it does so > and you may have to check there. > > Also, don't forget that there could be other tools running on the host > which fiddle with NetworkManager. > > That said, I usually don't use NetworkManager on my servers so I don't > really know much about it. > > Hope some NM experts can help you more. > > Regards, > Simon > > > > > > > This is the config-file of eno2: > > > > # cat ifcfg-eno2 > > TYPE=Ethernet > > PROXY_METHOD=none > > BROWSER_ONLY=no > > BOOTPROTO=none > > DEFROUTE=yes > > IPV4_FAILURE_FATAL=yes > > IPV6INIT=no > > IPV6_AUTOCONF=yes > > IPV6_DEFROUTE=yes > > IPV6_FAILURE_FATAL=no > > IPV6_ADDR_GEN_MODE=stable-privacy > > NAME=eno2 > > UUID=cb6fcb54-be52-4ab6-8324-88091a0ea1a0 > > DEVICE=eno2 > > ONBOOT=yes > > IPV6_PRIVACY=no > > IPADDR=10.10.100.205 > > PREFIX=24 > > GATEWAY=10.10.100.254 > > DNS1=10.10.100.1 > > DNS2=10.10.100.2 > > DOMAIN=ourDomain > > > > I am not aware of this setting: > > > > scope global secondary dynamic > > > > > > So maybe you are able to find it in the nmcli output: > > > > # nmcli con edit eno2 > > > > ===| nmcli interactive connection editor |=== > > > > Editing existing '802-3-ethernet' connection: 'eno2' > > > > > > nmcli> p > > === > > Connection profile details (eno2) > > === > > connection.id: eno2 > > connection.uuid: cb6fcb54-be52-4ab6-8324-88091a0ea1a0 > > connection.stable-id: -- > > connection.type:802-3-ethernet > > connection.interface-name: eno2 > > connection.autoconnect: yes > > connection.autoconnect-priority:0 > > connection.autoconnect-retries: -1 (default) > > connection.multi-connect: 0 (default) > > connection.auth-retries:-1 > > connection.timestamp: 1600780222 > > connection.read-only: no > > connection.permissions: -- > > connection.zone:-- > > connection.master: -- > > connection.slave-type: -- > > connection.autoconnect-slaves: -1 (default) > > connection.secondaries: -- > > connection.gateway-ping-timeout:0 > > connection.metered: unknown > > connection.lldp:default > > connection.mdns:-1 (default) > > connection.llmnr: -1 (default) > > connection.wait-device-timeout: -1 > > --- > > 802-3-ethernet.port:-- > > 802-3-ethernet.speed: 0 > > 802-3-ethernet.duplex: -- > > 802-3-ethernet.auto-negotiate: no > > 802-3-ethernet.mac-address: -- > > 802-3-ethernet.cloned-mac-address: -- > > 802-3-ethernet.generate-mac-address-mask:-- > > 802-3-ethernet.mac-address-blacklist: -- > > 802-3-ethernet.mtu: auto > > 802-3-ethernet.s390-subchannels:-- > > 802-3-ethernet.s390-nettype:-- > > 802-3-ethernet.s390-options:-- > > 802-3-ethernet.wake-on-lan: default > > 802-3-ethernet.wake-on-lan-password:-- > > --- > > ipv4.method:manual > > ipv4.dns: 10.10.100.1,10.10.100.2 > > ipv4.dns-search:ourDomain > > ipv4.dns-options: -- > > ipv4.dns-priority: 0 > > ipv4.addresses: 10.10.100.205/24 > > ipv4.gateway: 10.10.100.254 > > ipv4.routes:-- > > ipv4.route-metric: -1 > > ipv4.route-table: 0 (unspec) > > ipv4.routing-rules: -- > > ipv4.ignore-auto-routes:no > > ipv4.ignore-auto-dns: no > > ipv4.dhcp-client-id:-- > > ipv4.dhcp-iaid: -- > > ipv4.dhcp-timeout: 0 (default) > > ipv4.dhcp-send-hostname:yes > > ipv4.dhcp-hos
Re: [CentOS] nmcli: unwanted secondary ip-address
Hi Felix > Dear Simon, > > every second IP-address is unwanted. We restarted eno4: > > nmcli con down eno4; nmcli con up eno4 > > and the second address vanishes. Then after a few ours, the second ip > address reappears. That's really interesting. Doesn't NetworkManager also store other settings in a different location, not the ifcfg files? I think it does so and you may have to check there. Also, don't forget that there could be other tools running on the host which fiddle with NetworkManager. That said, I usually don't use NetworkManager on my servers so I don't really know much about it. Hope some NM experts can help you more. Regards, Simon > > > This is the config-file of eno2: > > # cat ifcfg-eno2 > TYPE=Ethernet > PROXY_METHOD=none > BROWSER_ONLY=no > BOOTPROTO=none > DEFROUTE=yes > IPV4_FAILURE_FATAL=yes > IPV6INIT=no > IPV6_AUTOCONF=yes > IPV6_DEFROUTE=yes > IPV6_FAILURE_FATAL=no > IPV6_ADDR_GEN_MODE=stable-privacy > NAME=eno2 > UUID=cb6fcb54-be52-4ab6-8324-88091a0ea1a0 > DEVICE=eno2 > ONBOOT=yes > IPV6_PRIVACY=no > IPADDR=10.10.100.205 > PREFIX=24 > GATEWAY=10.10.100.254 > DNS1=10.10.100.1 > DNS2=10.10.100.2 > DOMAIN=ourDomain > > I am not aware of this setting: > > scope global secondary dynamic > > > So maybe you are able to find it in the nmcli output: > > # nmcli con edit eno2 > > ===| nmcli interactive connection editor |=== > > Editing existing '802-3-ethernet' connection: 'eno2' > > > nmcli> p > === > Connection profile details (eno2) > === > connection.id: eno2 > connection.uuid: cb6fcb54-be52-4ab6-8324-88091a0ea1a0 > connection.stable-id: -- > connection.type: 802-3-ethernet > connection.interface-name: eno2 > connection.autoconnect: yes > connection.autoconnect-priority: 0 > connection.autoconnect-retries: -1 (default) > connection.multi-connect: 0 (default) > connection.auth-retries: -1 > connection.timestamp: 1600780222 > connection.read-only: no > connection.permissions: -- > connection.zone: -- > connection.master: -- > connection.slave-type: -- > connection.autoconnect-slaves: -1 (default) > connection.secondaries: -- > connection.gateway-ping-timeout: 0 > connection.metered: unknown > connection.lldp: default > connection.mdns: -1 (default) > connection.llmnr: -1 (default) > connection.wait-device-timeout: -1 > --- > 802-3-ethernet.port: -- > 802-3-ethernet.speed: 0 > 802-3-ethernet.duplex: -- > 802-3-ethernet.auto-negotiate: no > 802-3-ethernet.mac-address: -- > 802-3-ethernet.cloned-mac-address: -- > 802-3-ethernet.generate-mac-address-mask:-- > 802-3-ethernet.mac-address-blacklist: -- > 802-3-ethernet.mtu: auto > 802-3-ethernet.s390-subchannels: -- > 802-3-ethernet.s390-nettype: -- > 802-3-ethernet.s390-options: -- > 802-3-ethernet.wake-on-lan: default > 802-3-ethernet.wake-on-lan-password: -- > --- > ipv4.method: manual > ipv4.dns: 10.10.100.1,10.10.100.2 > ipv4.dns-search: ourDomain > ipv4.dns-options: -- > ipv4.dns-priority: 0 > ipv4.addresses: 10.10.100.205/24 > ipv4.gateway: 10.10.100.254 > ipv4.routes: -- > ipv4.route-metric: -1 > ipv4.route-table: 0 (unspec) > ipv4.routing-rules: -- > ipv4.ignore-auto-routes: no > ipv4.ignore-auto-dns: no > ipv4.dhcp-client-id: -- > ipv4.dhcp-iaid: -- > ipv4.dhcp-timeout: 0 (default) > ipv4.dhcp-send-hostname: yes > ipv4.dhcp-hostname: -- > ipv4.dhcp-fqdn: -- > ipv4.dhcp-hostname-flags: 0x0 (none) > ipv4.never-default: no > ipv4.may-fail: no > ipv4.dad-timeout: -1 (default) > --- > ipv6.method: ignore > ipv6.dns: -- > ipv6.dns-search: -- > ipv6.dns-options:
Re: [CentOS] nmcli: unwanted secondary ip-address
Dear Simon, every second IP-address is unwanted. We restarted eno4: nmcli con down eno4; nmcli con up eno4 and the second address vanishes. Then after a few ours, the second ip address reappears. This is the config-file of eno2: # cat ifcfg-eno2 TYPE=Ethernet PROXY_METHOD=none BROWSER_ONLY=no BOOTPROTO=none DEFROUTE=yes IPV4_FAILURE_FATAL=yes IPV6INIT=no IPV6_AUTOCONF=yes IPV6_DEFROUTE=yes IPV6_FAILURE_FATAL=no IPV6_ADDR_GEN_MODE=stable-privacy NAME=eno2 UUID=cb6fcb54-be52-4ab6-8324-88091a0ea1a0 DEVICE=eno2 ONBOOT=yes IPV6_PRIVACY=no IPADDR=10.10.100.205 PREFIX=24 GATEWAY=10.10.100.254 DNS1=10.10.100.1 DNS2=10.10.100.2 DOMAIN=ourDomain I am not aware of this setting: scope global secondary dynamic So maybe you are able to find it in the nmcli output: # nmcli con edit eno2 ===| nmcli interactive connection editor |=== Editing existing '802-3-ethernet' connection: 'eno2' nmcli> p === Connection profile details (eno2) === connection.id: eno2 connection.uuid: cb6fcb54-be52-4ab6-8324-88091a0ea1a0 connection.stable-id: -- connection.type: 802-3-ethernet connection.interface-name: eno2 connection.autoconnect: yes connection.autoconnect-priority: 0 connection.autoconnect-retries: -1 (default) connection.multi-connect: 0 (default) connection.auth-retries: -1 connection.timestamp: 1600780222 connection.read-only: no connection.permissions: -- connection.zone: -- connection.master: -- connection.slave-type: -- connection.autoconnect-slaves: -1 (default) connection.secondaries: -- connection.gateway-ping-timeout: 0 connection.metered: unknown connection.lldp: default connection.mdns: -1 (default) connection.llmnr: -1 (default) connection.wait-device-timeout: -1 --- 802-3-ethernet.port: -- 802-3-ethernet.speed: 0 802-3-ethernet.duplex: -- 802-3-ethernet.auto-negotiate: no 802-3-ethernet.mac-address: -- 802-3-ethernet.cloned-mac-address: -- 802-3-ethernet.generate-mac-address-mask:-- 802-3-ethernet.mac-address-blacklist: -- 802-3-ethernet.mtu: auto 802-3-ethernet.s390-subchannels: -- 802-3-ethernet.s390-nettype: -- 802-3-ethernet.s390-options: -- 802-3-ethernet.wake-on-lan: default 802-3-ethernet.wake-on-lan-password: -- --- ipv4.method: manual ipv4.dns: 10.10.100.1,10.10.100.2 ipv4.dns-search: ourDomain ipv4.dns-options: -- ipv4.dns-priority: 0 ipv4.addresses: 10.10.100.205/24 ipv4.gateway: 10.10.100.254 ipv4.routes: -- ipv4.route-metric: -1 ipv4.route-table: 0 (unspec) ipv4.routing-rules: -- ipv4.ignore-auto-routes: no ipv4.ignore-auto-dns: no ipv4.dhcp-client-id: -- ipv4.dhcp-iaid: -- ipv4.dhcp-timeout: 0 (default) ipv4.dhcp-send-hostname: yes ipv4.dhcp-hostname: -- ipv4.dhcp-fqdn: -- ipv4.dhcp-hostname-flags: 0x0 (none) ipv4.never-default: no ipv4.may-fail: no ipv4.dad-timeout: -1 (default) --- ipv6.method: ignore ipv6.dns: -- ipv6.dns-search: -- ipv6.dns-options: -- ipv6.dns-priority: 0 ipv6.addresses: -- ipv6.gateway: -- ipv6.routes: -- ipv6.route-metric: -1 ipv6.route-table: 0 (unspec) ipv6.routing-rules: -- ipv6.ignore-auto-routes: no ipv6.ignore-auto-dns: no ipv6.never-default: no ipv6.may-fail: yes ipv6.ip6-privacy: 0 (disabled) ipv6.addr-gen-mode: stable-privacy ipv6.ra-timeout: 0 (default) ipv6.dhcp-duid:
Re: [CentOS] nmcli: unwanted secondary ip-address
> Dear Simon, > > >> And can you diff the config of eno1 and eno4. > > # pwd > /etc/sysconfig/network-scripts Okay, nothing to find here. What about eno2, you also have two IP addresses there and even in the same subnet, is this wanted or not? Can the second address of eno2 be found in the ifcfg file? Both eno2 and eno4 have "scope global secondary dynamic" with the second address and it doesn't seem to come from the base configuration. Simon > > # diff -u ifcfg-eno1 ifcfg-eno4 > --- ifcfg-eno1 2020-09-21 17:23:25.576672703 +0200 > +++ ifcfg-eno4 2020-09-22 07:18:43.160532532 +0200 > @@ -3,15 +3,20 @@ > BROWSER_ONLY=no > BOOTPROTO=none > DEFROUTE=no > -IPV4_FAILURE_FATAL=yes > -IPV6INIT=no > -IPV6_AUTOCONF=no > +IPV4_FAILURE_FATAL=no > +IPV6INIT=yes > +IPV6_AUTOCONF=yes > IPV6_DEFROUTE=no > IPV6_FAILURE_FATAL=no > IPV6_ADDR_GEN_MODE=stable-privacy > -NAME=eno1 > -UUID=1e382037-fec9-493d-a4f2-ace7d73a1e7b > -DEVICE=eno1 > +NAME=eno4 > +UUID=dbd95c24-1ed7-4292-8dba-3934bd1476a0 > +DEVICE=eno4 > ONBOOT=yes > -IPADDR=192.168.1.90 > +IPADDR=192.168.2.98 > PREFIX=24 > +DNS1=10.10.100.1 > +DNS2=10.10.100.2 > +#DNS3=8.8.8.8 > +PEERDNS=no > +PEERROUTES=no > >> Can you show the config of eno4? > > # cat ifcfg-eno4 > TYPE=Ethernet > PROXY_METHOD=none > BROWSER_ONLY=no > BOOTPROTO=none > DEFROUTE=no > IPV4_FAILURE_FATAL=no > IPV6INIT=yes > IPV6_AUTOCONF=yes > IPV6_DEFROUTE=no > IPV6_FAILURE_FATAL=no > IPV6_ADDR_GEN_MODE=stable-privacy > NAME=eno4 > UUID=dbd95c24-1ed7-4292-8dba-3934bd1476a0 > DEVICE=eno4 > ONBOOT=yes > IPADDR=192.168.2.98 > PREFIX=24 > DNS1=10.10.100.1 > DNS2=10.10.100.2 > #DNS3=8.8.8.8 > PEERDNS=no > PEERROUTES=no > > Regards, > > Felix > > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos > ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] nmcli: unwanted secondary ip-address
Dear Simon, And can you diff the config of eno1 and eno4. # pwd /etc/sysconfig/network-scripts # diff -u ifcfg-eno1 ifcfg-eno4 --- ifcfg-eno1 2020-09-21 17:23:25.576672703 +0200 +++ ifcfg-eno4 2020-09-22 07:18:43.160532532 +0200 @@ -3,15 +3,20 @@ BROWSER_ONLY=no BOOTPROTO=none DEFROUTE=no -IPV4_FAILURE_FATAL=yes -IPV6INIT=no -IPV6_AUTOCONF=no +IPV4_FAILURE_FATAL=no +IPV6INIT=yes +IPV6_AUTOCONF=yes IPV6_DEFROUTE=no IPV6_FAILURE_FATAL=no IPV6_ADDR_GEN_MODE=stable-privacy -NAME=eno1 -UUID=1e382037-fec9-493d-a4f2-ace7d73a1e7b -DEVICE=eno1 +NAME=eno4 +UUID=dbd95c24-1ed7-4292-8dba-3934bd1476a0 +DEVICE=eno4 ONBOOT=yes -IPADDR=192.168.1.90 +IPADDR=192.168.2.98 PREFIX=24 +DNS1=10.10.100.1 +DNS2=10.10.100.2 +#DNS3=8.8.8.8 +PEERDNS=no +PEERROUTES=no Can you show the config of eno4? # cat ifcfg-eno4 TYPE=Ethernet PROXY_METHOD=none BROWSER_ONLY=no BOOTPROTO=none DEFROUTE=no IPV4_FAILURE_FATAL=no IPV6INIT=yes IPV6_AUTOCONF=yes IPV6_DEFROUTE=no IPV6_FAILURE_FATAL=no IPV6_ADDR_GEN_MODE=stable-privacy NAME=eno4 UUID=dbd95c24-1ed7-4292-8dba-3934bd1476a0 DEVICE=eno4 ONBOOT=yes IPADDR=192.168.2.98 PREFIX=24 DNS1=10.10.100.1 DNS2=10.10.100.2 #DNS3=8.8.8.8 PEERDNS=no PEERROUTES=no Regards, Felix ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] nmcli: unwanted secondary ip-address
> Dear CentOS-Community, > > we are facing the following issue: > > A secondary ip address seems to be automatically added to a nic which > causes several issues in our setup. Hi, Can you show as the config of eno4? And can you diff the config of eno1 and eno4. Looks like there is a difference somewhere. Regards, Simon > > > This server is equipped with four nics which are currently in use: > > # nmcli con show > NAME UUID TYPE DEVICE > eno2 cb6fcb54-be52-4ab6-8324-88091a0ea1a0 ethernet eno2 > eno4 dbd95c24-1ed7-4292-8dba-3934bd1476a0 ethernet eno4 > eno1 1e382037-fec9-493d-a4f2-ace7d73a1e7b ethernet eno1 > eno3 bea2db0f-d366-4f1b-bec8-4fbfb3c0b6d2 ethernet eno3 > enp5s0f0 23f56b9f-4625-471e-9ce4-6fe7b8832310 ethernet -- > enp5s0f1 f25b9a10-1584-4233-89dd-2dda7c774f0d ethernet -- > > > From time to time, a secondary ip-address is assigned to an interface > as show below: > > > 1: lo: mtu 65536 qdisc noqueue state UNKNOWN > group default qlen 1000 > link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 > inet 127.0.0.1/8 scope host lo > valid_lft forever preferred_lft forever > inet6 ::1/128 scope host > valid_lft forever preferred_lft forever > 3: eno1: mtu 1500 qdisc mq state UP > group default qlen 1000 > link/ether 00:26:b9:78:87:d1 brd ff:ff:ff:ff:ff:ff > inet 192.168.1.90/24 brd 192.168.1.255 scope global noprefixroute > eno1 > valid_lft forever preferred_lft forever > inet6 fe80::226:b9ff:fe78:87d1/64 scope link > valid_lft forever preferred_lft forever > 4: eno2: mtu 1500 qdisc mq state UP > group default qlen 1000 > link/ether 00:26:b9:78:87:d3 brd ff:ff:ff:ff:ff:ff > inet 10.10.100.205/24 brd 10.10.100.255 scope global noprefixroute > eno2 > valid_lft forever preferred_lft forever > inet 10.10.100.72/24 brd 10.10.100.255 scope global secondary > dynamic eno2 > valid_lft 56158sec preferred_lft 56158sec > inet6 fe80::226:b9ff:fe78:87d3/64 scope link > valid_lft forever preferred_lft forever > 5: eno3: mtu 1500 qdisc mq state UP > group default qlen 1000 > link/ether 00:26:b9:78:87:d5 brd ff:ff:ff:ff:ff:ff > inet 192.168.4.11/24 brd 192.168.4.255 scope global noprefixroute > eno3 > valid_lft forever preferred_lft forever > inet6 fe80::e98b:e064:50d2:535d/64 scope link noprefixroute > valid_lft forever preferred_lft forever > 6: eno4: mtu 1500 qdisc mq state UP > group default qlen 1000 > link/ether 00:26:b9:78:87:d7 brd ff:ff:ff:ff:ff:ff > inet 192.168.2.98/24 brd 192.168.2.255 scope global noprefixroute > eno4 > valid_lft forever preferred_lft forever > inet *192.168.137.223/24* brd 192.168.137.255 scope global dynamic > eno4 <<- THIS IS UNWANTED > valid_lft 604778sec preferred_lft 604778sec > inet6 fe80::9257:5654:b211:8dea/64 scope link noprefixroute > valid_lft forever preferred_lft forever > 7: enp5s0f0: mtu 1500 qdisc fq_codel > state DOWN group default qlen 1000 > link/ether 00:15:17:59:96:44 brd ff:ff:ff:ff:ff:ff > 8: enp5s0f1: mtu 1500 qdisc fq_codel > state DOWN group default qlen 1000 > link/ether 00:15:17:59:96:45 brd ff:ff:ff:ff:ff:ff > 11: wwp0s29f7u1i4: mtu 1500 qdisc noop > state DOWN group default qlen 1000 > link/none > > > Furthermore, systemctl status NetworkManager says: > > systemctl status NetworkManager > ● NetworkManager.service - Network Manager > Loaded: loaded (/usr/lib/systemd/system/NetworkManager.service; > enabled; vendor preset: enabled) > Active: active (running) since Mon 2020-09-21 17:25:21 CEST; 17h ago > Docs: man:NetworkManager(8) > Main PID: 1752062 (NetworkManager) > Tasks: 3 (limit: 204496) > Memory: 8.2M > CGroup: /system.slice/NetworkManager.service > └─1752062 /usr/sbin/NetworkManager --no-daemon > > NetworkManager[1752062]: [1600751941.1341] agent-manager: > agent[0047d0145168a5f3,:1.4726/nmcli-connect/0]: agent registered > NetworkManager[1752062]: [1600751941.1360] device (eno4): > Activation: starting connection 'eno4' > (dbd95c24-1ed7-4292-8dba-3934bd1476a0) > NetworkManager[1752062]: [1600751941.1361] audit: > op="connection-activate" uuid="dbd95c24-1ed7-4292-8dba-3934bd1476a0" > name="eno4" pid=31215> > NetworkManager[1752062]: [1600751941.1363] device (eno4): state > change: disconnected -> prepare (reason 'none', sys-iface-state: > 'managed') > NetworkManager[1752062]: [1600751941.1371] device (eno4): state > change: prepare -> config (reason 'none', sys-iface-state: 'managed') > NetworkManager[1752062]: [1600751941.1523] device (eno4): state > change: config -> ip-config (reason 'none', sys-iface-state: 'managed') > NetworkManager[1752062]: [1600751941.1552] device (eno4): state > change: ip-config -> ip-check (reason 'none', sys-iface-state: 'managed') > NetworkManager[1752062]: [1600751941.1582] de
[CentOS] nmcli: unwanted secondary ip-address
Dear CentOS-Community, we are facing the following issue: A secondary ip address seems to be automatically added to a nic which causes several issues in our setup. This server is equipped with four nics which are currently in use: # nmcli con show NAME UUID TYPE DEVICE eno2 cb6fcb54-be52-4ab6-8324-88091a0ea1a0 ethernet eno2 eno4 dbd95c24-1ed7-4292-8dba-3934bd1476a0 ethernet eno4 eno1 1e382037-fec9-493d-a4f2-ace7d73a1e7b ethernet eno1 eno3 bea2db0f-d366-4f1b-bec8-4fbfb3c0b6d2 ethernet eno3 enp5s0f0 23f56b9f-4625-471e-9ce4-6fe7b8832310 ethernet -- enp5s0f1 f25b9a10-1584-4233-89dd-2dda7c774f0d ethernet -- From time to time, a secondary ip-address is assigned to an interface as show below: 1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 3: eno1: mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 00:26:b9:78:87:d1 brd ff:ff:ff:ff:ff:ff inet 192.168.1.90/24 brd 192.168.1.255 scope global noprefixroute eno1 valid_lft forever preferred_lft forever inet6 fe80::226:b9ff:fe78:87d1/64 scope link valid_lft forever preferred_lft forever 4: eno2: mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 00:26:b9:78:87:d3 brd ff:ff:ff:ff:ff:ff inet 10.10.100.205/24 brd 10.10.100.255 scope global noprefixroute eno2 valid_lft forever preferred_lft forever inet 10.10.100.72/24 brd 10.10.100.255 scope global secondary dynamic eno2 valid_lft 56158sec preferred_lft 56158sec inet6 fe80::226:b9ff:fe78:87d3/64 scope link valid_lft forever preferred_lft forever 5: eno3: mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 00:26:b9:78:87:d5 brd ff:ff:ff:ff:ff:ff inet 192.168.4.11/24 brd 192.168.4.255 scope global noprefixroute eno3 valid_lft forever preferred_lft forever inet6 fe80::e98b:e064:50d2:535d/64 scope link noprefixroute valid_lft forever preferred_lft forever 6: eno4: mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 00:26:b9:78:87:d7 brd ff:ff:ff:ff:ff:ff inet 192.168.2.98/24 brd 192.168.2.255 scope global noprefixroute eno4 valid_lft forever preferred_lft forever inet *192.168.137.223/24* brd 192.168.137.255 scope global dynamic eno4 <<- THIS IS UNWANTED valid_lft 604778sec preferred_lft 604778sec inet6 fe80::9257:5654:b211:8dea/64 scope link noprefixroute valid_lft forever preferred_lft forever 7: enp5s0f0: mtu 1500 qdisc fq_codel state DOWN group default qlen 1000 link/ether 00:15:17:59:96:44 brd ff:ff:ff:ff:ff:ff 8: enp5s0f1: mtu 1500 qdisc fq_codel state DOWN group default qlen 1000 link/ether 00:15:17:59:96:45 brd ff:ff:ff:ff:ff:ff 11: wwp0s29f7u1i4: mtu 1500 qdisc noop state DOWN group default qlen 1000 link/none Furthermore, systemctl status NetworkManager says: systemctl status NetworkManager ● NetworkManager.service - Network Manager Loaded: loaded (/usr/lib/systemd/system/NetworkManager.service; enabled; vendor preset: enabled) Active: active (running) since Mon 2020-09-21 17:25:21 CEST; 17h ago Docs: man:NetworkManager(8) Main PID: 1752062 (NetworkManager) Tasks: 3 (limit: 204496) Memory: 8.2M CGroup: /system.slice/NetworkManager.service └─1752062 /usr/sbin/NetworkManager --no-daemon NetworkManager[1752062]: [1600751941.1341] agent-manager: agent[0047d0145168a5f3,:1.4726/nmcli-connect/0]: agent registered NetworkManager[1752062]: [1600751941.1360] device (eno4): Activation: starting connection 'eno4' (dbd95c24-1ed7-4292-8dba-3934bd1476a0) NetworkManager[1752062]: [1600751941.1361] audit: op="connection-activate" uuid="dbd95c24-1ed7-4292-8dba-3934bd1476a0" name="eno4" pid=31215> NetworkManager[1752062]: [1600751941.1363] device (eno4): state change: disconnected -> prepare (reason 'none', sys-iface-state: 'managed') NetworkManager[1752062]: [1600751941.1371] device (eno4): state change: prepare -> config (reason 'none', sys-iface-state: 'managed') NetworkManager[1752062]: [1600751941.1523] device (eno4): state change: config -> ip-config (reason 'none', sys-iface-state: 'managed') NetworkManager[1752062]: [1600751941.1552] device (eno4): state change: ip-config -> ip-check (reason 'none', sys-iface-state: 'managed') NetworkManager[1752062]: [1600751941.1582] device (eno4): state change: ip-check -> secondaries (reason 'none', sys-iface-state: 'managed') NetworkManager[1752062]: [1600751941.1586] device (eno4): state change: secondaries -> activated (reason 'none', sys-iface-state: 'managed') NetworkManager[1752062]: [1600751941.1637] device (eno4): Activation: successful, device activated. This behaviour is really! unwanted. What is the reason for t
[CentOS] Login failure with Secure Boot
Hi all, I have a laptop in UEFI mode running CentOS 8.2. All works fine but when I enable Secure Boot, login via gdm is no longer possible. Console login is ok. I found some related discussions over on Ubuntu forums, suggesting that this could be related to 3rd-party kernel modules, such as nvidia. This laptop has only Intel builtin graphics, and every single module installed is part of the CentOS distribution. This is from a file /tmp/xses-.XX (random 6-char string) xrdb: Can't open display '' xmodmap: unable to open display '' Failed to import environment: Process org.freedesktop.systemd1 exited with status 1 /usr/bin/xmbind: Can't open display Unable to init server: Could not connect: Connection refused Something is different in the way Xorg is started. In this situation, the first part of the Xorg log file (under ~/.local) is a dump of X command line options. use: X [:] [options] -a # ... -ac ... ... ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] A Request to Add module to CentOS Linux (3.10.0-1127.18.2.el7.x86_64) 7 (Core)
Hi Phil, I can confirm our initial testing shows its all working! Thanks, feels like such an understatement of gratitude! :D Cheers Dan On Wed, Sep 16, 2020 at 1:12 AM Johnny Hughes wrote: > On 9/15/20 8:09 AM, Phil Perry wrote: > > On 15/09/2020 05:28, Dedoep wrote: > >> Hi Phil, > >> > >> Not sure if you've had time to look at this? As mentioned middleware, > >> like > >> docker-ce, is preventing us from moving to el8. > >> > >> Thanks > >> Dan > >> > > > > Hi Dan, > > > > I've succeeded in backporting mac802154_hwsim for you as a standalone > > kmod package for el7. I've updated your request here: > > > > https://elrepo.org/bugs/view.php?id=1035 > > > > Phil > > > > > >> On Fri, Sep 11, 2020 at 10:33 PM Dedoep wrote: > >> > >>> Hi Phil, ok that's great thanks. > >>> I have a colleague working through vroc/fake raid issues we're having > >>> when using kernel-ml-5.8.6-2.el7.elrepo.x86_64.rpm by switching to > linux > >>> soft raid. Also we dont have a supported docker-ce for el8 yet. > >>> > >>> On Fri, Sep 11, 2020 at 9:10 PM Phil Perry wrote: > >>> > On 11/09/2020 07:59, Dedoep wrote: > > Hello John & Frank, > > > > We have tried both Centos8 and > > installing kernel-ml-5.8.6-2.el7.elrepo.x86_64.rpm but both options > > are > too > > "bleeding" edge for our other middleware that still require the > Centos > > 7 3.10.0-1127.18.2.el7.x86_64. Hence the request. > > > > Thanks > > > > I have tried backporting the module to el7 for you as requested at > elrepo, but it is not trivial and so far I've not been able to get the > code to compile cleanly. I'll see if I can have another look at it > this > weekend, but I'm not overly hopeful given the age of the el7 kernel. > > As others have said, it's never going to appear in the CentOS kernel > as > it's not present in upstream in RHEL7. > > Regards, > > Phil > > Thanks for your efforts Phil. Great job. > > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos > ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] iptables & voip
On Mon, Sep 21, 2020 at 7:54 PM Gregory P. Ennis wrote: > > Everyone, > > I would like to use our gateway linux machine to give bandwidth preference to > voip udp > packets. Can anyone point me to a tutorial about the use of voip and > iptables? Arch Linux wiki has nice explanations and examples: https://wiki.archlinux.org/index.php/Advanced_traffic_control > I usually prefer to use iptables instead of firewalld. iptables is more > intuitive, and > easier to understand. Well, iptables is "closer to the metal", for traffic shaping you would probably need to use raw rules in firewalld so, in fact, iptables anyway. Depending on your setup complexity and preference you might not need iptables either and just use tc alone. > Thanks much!!! > > Greg Ennis > > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos