| View previous topic :: View next topic |
| Author |
Message |
drokmed
n00b
Joined: 03 Aug 2022
Posts: 13
|
 Posted: Wed Aug 03, 2022 3:05 pm Post subject: [SOLVED] how do I prevent 169.254 link-local addresses |
 |
|
Hi everyone, my first post here. Enjoying learning gentoo so far.
I'm new to gentoo, netifrc and the /etc/conf.d/net file. I'm used to the manual way /etc/network/interfaces, and also the systemd-networkd way. Now that I'm learning gentoo, want to learn netifrc too.
Trying the netifrc way now, stumped on one problem.
Installed Gentoo on a 4-port ethernet router. Linked each ethernet interface to /etc/init.d/net.lo, and built /etc/conf.d/net file.
I defined one ip for each interface, but the system is adding a 2nd address, 169.254.x.x, link-local, don't want it. How to I prevent it?
| Code: | user@vnopn /etc/conf.d $ cat /etc/conf.d/net
# disable iproute2 messing with interfaces
modules="!iproute2"
# set dns domain name
dns_domain_lo="localnet"
# set ip
config_eth0="dhcp"
config_eth1="172.16.34.1/24"
config_eth2="172.16.35.1/24"
config_eth3="172.16.36.1/24"
user@vnopn /etc/conf.d $ netstat -nr
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth2
172.16.34.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
172.16.35.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
user@vnopn /etc/conf.d $ route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default pi.hole 0.0.0.0 UG 1002 0 0 eth0
link-local 0.0.0.0 255.255.0.0 U 1003 0 0 eth1
link-local 0.0.0.0 255.255.0.0 U 1004 0 0 eth2
172.16.34.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
172.16.35.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2
192.168.1.0 0.0.0.0 255.255.255.0 U 1002 0 0 eth0
user@vnopn /etc/conf.d $ ll /etc/init.d/net*
lrwxrwxrwx 1 root root 6 Aug 1 16:25 /etc/init.d/net.eth0 -> net.lo*
lrwxrwxrwx 1 root root 6 Aug 2 17:47 /etc/init.d/net.eth1 -> net.lo*
lrwxrwxrwx 1 root root 6 Aug 2 17:47 /etc/init.d/net.eth2 -> net.lo*
lrwxrwxrwx 1 root root 6 Aug 2 17:47 /etc/init.d/net.eth3 -> net.lo*
-rwxr-xr-x 1 root root 19861 Aug 2 13:12 /etc/init.d/net.lo*
-rwxr-xr-x 1 root root 2071 Jul 17 10:22 /etc/init.d/netmount*
-rwxr-xr-x 1 root root 2278 Jul 17 10:22 /etc/init.d/net-online*
user@vnopn /etc/conf.d $ |
Thanks for reading.
_________________
UNIX since the 70's, Linux since the 90's, Debian since 2005 (Sarge)
Last edited by drokmed on Wed Aug 03, 2022 4:05 pm; edited 1 time in total |
|
| Back to top |
|
 |
grknight
Retired Dev
Joined: 20 Feb 2015
Posts: 2005
|
| Posted: Wed Aug 03, 2022 3:21 pm Post subject: Re: how do I prevent 169.254 link-local addresses |
|
|
| drokmed wrote: | I defined one ip for each interface, but the system is adding a 2nd address, 169.254.x.x, link-local, don't want it. How to I prevent it?
| Code: | user@vnopn /etc/conf.d $ cat /etc/conf.d/net
# disable iproute2 messing with interfaces
modules="!iproute2"
|
|
Is there a reason iproute2 is disabled? It is the preferred way to configure interfaces in Linux. The older tools are deprecated but still work for the most part.
Please also show the result of rc-status -a as other services may be assigning addresses.
Would also be curious to see the output of ip address command. |
|
| Back to top |
|
|
drokmed
n00b
Joined: 03 Aug 2022
Posts: 13
|
| Posted: Wed Aug 03, 2022 3:32 pm Post subject: Re: how do I prevent 169.254 link-local addresses |
|
|
Hi, and thanks for the response.
| grknight wrote: | | drokmed wrote: | I defined one ip for each interface, but the system is adding a 2nd address, 169.254.x.x, link-local, don't want it. How to I prevent it?
| Code: | user@vnopn /etc/conf.d $ cat /etc/conf.d/net
# disable iproute2 messing with interfaces
modules="!iproute2"
|
|
Is there a reason iproute2 is disabled? It is the preferred way to configure interfaces in Linux. The older tools are deprecated but still work for the most part. |
Honestly, I was guessing, hoping that might prevent the 169.254 addresses. Was experimenting, trying to figure out what was causing it.
| Quote: | Please also show the result of rc-status -a as other services may be assigning addresses.
Would also be curious to see the output of ip address command. |
| Code: |
user@vnopn /etc/conf.d $ rc-status -a
Runlevel: boot
hwclock [ started ]
hostname [ started ]
modules [ started ]
sysctl [ started ]
fsck [ started ]
root [ started ]
mtab [ started ]
swap [ started ]
localmount [ started ]
bootmisc [ started ]
termencoding [ started ]
save-termencoding [ started ]
systemd-tmpfiles-setup [ started ]
urandom [ started ]
keymaps [ started ]
save-keymaps [ started ]
procfs [ started ]
binfmt [ started ]
loopback [ started ]
Runlevel: sysinit
devfs [ started ]
sysfs [ started ]
cgroups [ started ]
udev [ started ]
kmod-static-nodes [ started ]
systemd-tmpfiles-setup-dev [ started ]
dmesg [ started ]
udev-trigger [ started ]
Runlevel: nonetwork
local [ started ]
Runlevel: shutdown
killprocs [ stopped ]
savecache [ stopped ]
mount-ro [ stopped ]
Runlevel: default
chronyd [ started ]
sysklogd [ started ]
cronie [ started ]
dhcpcd [ started ]
net.eth0 [ started ]
net.eth1 [ started ]
net.eth2 [ started ]
netmount [ started ]
sshd [ started ]
local [ started ]
Dynamic Runlevel: hotplugged
Dynamic Runlevel: needed/wanted
Dynamic Runlevel: manual
|
| Code: |
user@vnopn /usr/share/doc/netifrc-0.7.3 $ ip address
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:e2:69:51:69:db brd ff:ff:ff:ff:ff:ff
altname enp1s0
inet 192.168.1.148/24 brd 192.168.1.255 scope global dynamic noprefixroute eth0
valid_lft 414sec preferred_lft 339sec
inet6 fe80::daf1:848c:4a06:1aa1/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:e2:69:51:69:dc brd ff:ff:ff:ff:ff:ff
altname enp2s0
inet 172.16.34.1/24 brd 172.16.34.255 scope global eth1
valid_lft forever preferred_lft forever
inet 169.254.57.145/16 brd 169.254.255.255 scope global noprefixroute eth1
valid_lft forever preferred_lft forever
inet6 fe80::6ed8:fe2d:472d:be8a/64 scope link
valid_lft forever preferred_lft forever
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:e2:69:51:69:dd brd ff:ff:ff:ff:ff:ff
altname enp3s0
inet 172.16.35.1/24 brd 172.16.35.255 scope global eth2
valid_lft forever preferred_lft forever
inet 169.254.44.133/16 brd 169.254.255.255 scope global noprefixroute eth2
valid_lft forever preferred_lft forever
inet6 fe80::9e9:c19d:da91:d5e2/64 scope link
valid_lft forever preferred_lft forever
5: eth3: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN group default qlen 1000
link/ether 00:e2:69:51:69:de brd ff:ff:ff:ff:ff:ff
altname enp4s0
|
Thanks
_________________
UNIX since the 70's, Linux since the 90's, Debian since 2005 (Sarge) |
|
| Back to top |
|
|
drokmed
n00b
Joined: 03 Aug 2022
Posts: 13
|
| Posted: Wed Aug 03, 2022 3:49 pm Post subject: |
|
|
Commented out the line disabling the iproute2 module, and rebooted. No change.
| Code: | user@vnopn ~ $ cat /etc/conf.d/net
# disable iproute2 messing with interfaces
# modules="!iproute2"
# set dns domain name
# dns_domain_lo="localnet"
# set ip
config_eth0="dhcp"
config_eth1="172.16.34.1/24"
config_eth2="172.16.35.1/24"
config_eth3="172.16.36.1/24"
user@vnopn ~ $ route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default pi.hole 0.0.0.0 UG 1002 0 0 eth0
link-local 0.0.0.0 255.255.0.0 U 1003 0 0 eth1
link-local 0.0.0.0 255.255.0.0 U 1004 0 0 eth2
172.16.34.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
172.16.35.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2
192.168.1.0 0.0.0.0 255.255.255.0 U 1002 0 0 eth0
user@vnopn ~ $ |
_________________
UNIX since the 70's, Linux since the 90's, Debian since 2005 (Sarge) |
|
| Back to top |
|
|
drokmed
n00b
Joined: 03 Aug 2022
Posts: 13
|
| Posted: Wed Aug 03, 2022 3:51 pm Post subject: |
|
|
| Code: | user@vnopn ~ $ ip route show default all
default via 192.168.1.1 dev eth0 proto dhcp src 192.168.1.148 metric 1002
169.254.0.0/16 dev eth1 scope link src 169.254.57.145 metric 1003
169.254.0.0/16 dev eth2 scope link src 169.254.44.133 metric 1004
172.16.34.0/24 dev eth1 proto kernel scope link src 172.16.34.1
172.16.35.0/24 dev eth2 proto kernel scope link src 172.16.35.1
192.168.1.0/24 dev eth0 proto dhcp scope link src 192.168.1.148 metric 1002
user@vnopn ~ $ |
Something is assigning those 169.254.x.x addresses. I have no idea what it is.
_________________
UNIX since the 70's, Linux since the 90's, Debian since 2005 (Sarge) |
|
| Back to top |
|
|
grknight
Retired Dev
Joined: 20 Feb 2015
Posts: 2005
|
| Posted: Wed Aug 03, 2022 3:53 pm Post subject: Re: how do I prevent 169.254 link-local addresses |
|
|
| drokmed wrote: |
| Code: |
user@vnopn /etc/conf.d $ rc-status -a
Runlevel: default
dhcpcd [ started ]
net.eth0 [ started ]
net.eth1 [ started ]
net.eth2 [ started ]
|
|
Here is your problem. You are starting both dhcpcd (as an interface manager) and netifrc as well.
Remove dhcpcd from here as that is what is assigning the RFC 3927 IPv4LL address on interfaces that do not see an DHCP server.
netifrc will start its own dhcpcd interface instance to manage net.eth0 by your configuration. This can cause issues in the current service configuration. |
|
| Back to top |
|
|
drokmed
n00b
Joined: 03 Aug 2022
Posts: 13
|
| Posted: Wed Aug 03, 2022 3:58 pm Post subject: |
|
|
This is a fresh install, following the gentoo handbook.
I did install podman, and it works in host mode just fine. It defined a bridge, but has not yet activated it. I don't use bridges in podman, but here is the config file for it:
| Code: | user@vnopn ~ $ podman network inspect podman
[
{
"name": "podman",
"id": "2f259bab93aaaaa2542ba43ef33eb990d0999ee1b9924b557b7be53c0b7a1bb9",
"driver": "bridge",
"network_interface": "cni-podman0",
"created": "2022-08-03T08:53:54.314275168-07:00",
"subnets": [
{
"subnet": "10.88.0.0/16",
"gateway": "10.88.0.1"
}
],
"ipv6_enabled": false,
"internal": false,
"dns_enabled": false,
"ipam_options": {
"driver": "host-local"
}
}
]
user@vnopn ~ $ |
As you can see, the podman will use address 10.88.0.1 when activated, so that's not it.
I'm guess it must be something to do with netifrc and /etc/conf.d/net file. If I switch to manual mode, I suspect the problem will go away, but I'd like to learn the netifrc way.
_________________
UNIX since the 70's, Linux since the 90's, Debian since 2005 (Sarge) |
|
| Back to top |
|
|
drokmed
n00b
Joined: 03 Aug 2022
Posts: 13
|
| Posted: Wed Aug 03, 2022 4:05 pm Post subject: Re: how do I prevent 169.254 link-local addresses |
|
|
SUCCESS!
That was it. I deselected dhcpcd in emerge, and deleted startup script.
@grknight THANK YOU VERY MUCH!!!!!!
| grknight wrote: | | drokmed wrote: |
| Code: |
user@vnopn /etc/conf.d $ rc-status -a
Runlevel: default
dhcpcd [ started ]
net.eth0 [ started ]
net.eth1 [ started ]
net.eth2 [ started ]
|
|
Here is your problem. You are starting both dhcpcd (as an interface manager) and netifrc as well.
Remove dhcpcd from here as that is what is assigning the RFC 3927 IPv4LL address on interfaces that do not see an DHCP server.
netifrc will start its own dhcpcd interface instance to manage net.eth0 by your configuration. This can cause issues in the current service configuration. |
_________________
UNIX since the 70's, Linux since the 90's, Debian since 2005 (Sarge) |
|
| Back to top |
|
|
grknight
Retired Dev
Joined: 20 Feb 2015
Posts: 2005
|
| Posted: Wed Aug 03, 2022 4:07 pm Post subject: Re: how do I prevent 169.254 link-local addresses |
|
|
| drokmed wrote: | SUCCESS!
That was it. I deselected dhcpcd in emerge, and deleted startup script.
|
dhcpcd is still necessary, but don't start it as a service using rc-update. |
|
| Back to top |
|
|
drokmed
n00b
Joined: 03 Aug 2022
Posts: 13
|
| Posted: Wed Aug 03, 2022 4:24 pm Post subject: Re: how do I prevent 169.254 link-local addresses |
|
|
| grknight wrote: | | drokmed wrote: | SUCCESS!
That was it. I deselected dhcpcd in emerge, and deleted startup script.
|
dhcpcd is still necessary, but don't start it as a service using rc-update. |
Actually, I was wondering about that. My next question would've been: does netifrc have it's own built-in dhcp client? I guess the answer is no.
Re-selected dhcpcd, but did not add it to startup services. Rebooted. Everything looks good.
Now to read the /etc/conf.d/net example file again. It's different from what I'm used to. No man pages, and not finding much documentation for it. I'll keep looking.
Cheers
_________________
UNIX since the 70's, Linux since the 90's, Debian since 2005 (Sarge) |
|
| Back to top |
|
|
grknight
Retired Dev
Joined: 20 Feb 2015
Posts: 2005
|
| Posted: Wed Aug 03, 2022 4:32 pm Post subject: Re: how do I prevent 169.254 link-local addresses |
|
|
| drokmed wrote: | | Now to read the /etc/conf.d/net example file again. It's different from what I'm used to. No man pages, and not finding much documentation for it. I'll keep looking. |
The documentation is at https://wiki.gentoo.org/wiki/Netifrc
The full, real example file is found at /usr/share/doc/netifrc-*/net.example.bz2 |
|
| Back to top |
|
|
drokmed
n00b
Joined: 03 Aug 2022
Posts: 13
|
| Posted: Wed Aug 03, 2022 4:38 pm Post subject: Re: how do I prevent 169.254 link-local addresses |
|
|
| grknight wrote: | | drokmed wrote: | | Now to read the /etc/conf.d/net example file again. It's different from what I'm used to. No man pages, and not finding much documentation for it. I'll keep looking. |
The documentation is at https://wiki.gentoo.org/wiki/Netifrc
The full, real example file is found at /usr/share/doc/netifrc-*/net.example.bz2 |
Thanks!
_________________
UNIX since the 70's, Linux since the 90's, Debian since 2005 (Sarge) |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
