canonical
Set L3 method of unused NetworkManager managed interfaces
Bug report
There is an oddity which occurs when cloud-init is configured to use NetworkManager (instead of sysconfig) and a bonded interface is configured with an additional tagged VLAN on the bonded interface. This configuration causes an undesired behavior where the underlying untagged bond0 interface is active from an L3 ipv4/ipv6 perspective and requests an address via DHCP while bond0.123 is configured statically as outlined via an OpenStack network_data.json configuration.
Steps to reproduce the problem
Create an OpenStack node with the following network_data.json:
{
"links": [
{
"id": "ens1f0np0",
"name": "ens1f0np0",
"type": "phy",
"ethernet_mac_address": "xx:xx:xx:xx:xx:00",
"mtu": 9000
},
{
"id": "ens1f1np1",
"name": "ens1f1np1",
"type": "phy",
"ethernet_mac_address": "xx:xx:xx:xx:xx:01",
"mtu": 9000
},
{
"id": "bond0",
"name": "bond0",
"type": "bond",
"bond_links": [
"ens1f0np0", "ens1f1np1"
],
"mtu": 9000,
"ethernet_mac_address": "xx:xx:xx:xx:xx:00",
"bond_mode": "802.3ad",
"bond_xmit_hash_policy": "layer3+4",
"bond_miimon": 100
},
{
"id": "bond0.123",
"name": "bond0.123",
"type": "vlan",
"vlan_link": "bond0",
"vlan_id": 123,
"vlan_mac_address": "xx:xx:xx:xx:xx:00"
}
],
"networks": [
{
"id": "publicnet-ipv4",
"type": "ipv4",
"link": "bond0.123",
"ip_address": "x.x.x.x",
"netmask": "255.255.255.0",
"routes": [
{
"network": "0.0.0.0",
"netmask": "0.0.0.0",
"gateway": "x.x.x.1",
"services": [
{
"type": "dns",
"address": "1.1.1.1"
},
{
"type": "dns",
"address": "8.8.8.8"
}
]
}
],
"network_id": "00000000-0000-0000-0000-000000000000"
}
],
"services": [
]
}
cloud-init will write the following interface files for the NetworkManager controlled bond0 interfaces:
/etc/NetworkManager/system-connections/cloud-init-bond0.nmconnection
# Generated by cloud-init. Changes will be lost.
[connection]
id=cloud-init bond0
uuid=54317911-f840-516b-a10d-82cb4c1f075c
autoconnect-priority=120
type=bond
interface-name=bond0
[user]
org.freedesktop.NetworkManager.origin=cloud-init
[bond]
mode=802.3ad
miimon=100
xmit_hash_policy=layer3+4
/etc/NetworkManager/system-connections/cloud-init-bond0.123.nmconnection
# Generated by cloud-init. Changes will be lost.
[connection]
id=cloud-init bond0.123
uuid=d4411fab-2938-5f5a-adef-d9074937f11d
autoconnect-priority=120
type=vlan
interface-name=bond0.123
[user]
org.freedesktop.NetworkManager.origin=cloud-init
[vlan]
id=123
parent=54317911-f840-516b-a10d-82cb4c1f075c
[ipv4]
method=manual
may-fail=false
address1=x.x.x.x/24
route1=0.0.0.0/0,x.x.x.1
Because there are no explicit L3 ipv4/ipv6 sections in bond0.nmconnection, the untagged bond0 interface defaults to method=auto and requests an IPv4 address via DHCP. It just so happens that the physical network on which this server resides does respond to DHCP requests on the untagged VLAN so the server receives an address on the untagged VLAN which conflicts with the static configuration for the tagged VLAN specified via network_data.json.
Unfortunately, there is no provision to explicitly configure an interface as type: disabled in either the OpenStack network_data.json or cloud-init network data v1 schemas:
https://github.com/openstack/ironic/blob/8086167054193c94afef830ef9eccd820dd10a14/ironic/api/controllers/v1/network-data-schema.json#L272C1-L296C7
https://github.com/canonical/cloud-init/blob/e843f6a0c95f6137d4fa14f674e3126e09487abd/cloudinit/config/schemas/schema-network-config-v1.json#L479C1-L488C12
Perhaps there should be additional logic for certain types of interfaces to explicitly disable their L3 configuration?
Environment details
- Cloud-init version: 23.4-7.el9_4.0.1
- Operating System Distribution: Rocky 9
- Cloud provider, platform or installer type: OpenStack Caracal 2024.1
