Debian: avoid misconfigured interfaces on up/down script errors #312
Conversation
In Debian, if you bring up dual-stack interfaces, the pre/post-up/down scripts are run on the configuration of each stack. I.e. if you bring up the IPv4 config on an interface, the ifupdown scripts launch scripts in the post-up directory. These scripts are common for IPv4 and IPv6 in current version of puppet-network. At the moment IPv6 is not yet configured, but IPv6 commands are called - and fail. If an IPv6 command (e.g. `ip -6 route add`) is the last one in the post-up script, the overall post-up script fails. When the post-up script fails when bringing up the IPv4 configuration, ifupdown no longer attempts to bring up the IPv6 configuration on that interface and leaves the interface misconfigured (IPv4 is configured, IPv6 is not). This situation can be avoided by adding the `exit 0` command at the very end of the script files. It is okay if the IPv6 commands in the common script fail when only IPv4 is brought up, as ifupdown will re-run them after IPv6 is brought up.
| @@ -10,3 +10,5 @@ if [ "$IFACE" = "<%= @interface -%>" ] || [ "$IFACE" = "--all" ]; then | |||
| fi | |||
| <%- end -%> | |||
| fi | |||
| # non-zero exit code causes ifupdown to leave the interface partly configured, which may result in connectivity loss | |||
There was a problem hiding this comment.
Similarly to the above I'd prefer to add a parameter to the route define like $clean_exit_on_failure , undef by default. to allow users to decide the intended behaviour, then , possibly, in the define code set a variable like $real_clean_exit_on_failure than, in case the parameter is not set tries to do the sanest thing (ie set to true if ipv4 is not configured but ipv6 is) and then, if this $real_clean_exit_on_failure is true, then add the above 2 lines otherwise template remains as before
| @@ -10,3 +10,5 @@ if [ "$IFACE" = "<%= @interface -%>" ] || [ "$IFACE" = "--all" ]; then | |||
| fi | |||
| <%- end -%> | |||
| fi | |||
| # non-zero exit code causes ifupdown to leave the interface partly configured, which may result in connectivity loss | |||
|
@zajdee thank you very much for the PR, I have added some comments to have changes on the files (and relevant network restarts) only when user wants, or in conditions which can't work, would you add these to the PR? |
In Debian, if you bring up dual-stack interfaces, the pre/post-up/down
scripts are run on the configuration of each stack. I.e. if you bring up
the IPv4 config on an interface, the ifupdown scripts launch scripts in
the post-up directory. These scripts are common for IPv4 and IPv6 in current
version of puppet-network. At the moment IPv6 is not yet configured, but
IPv6 commands are called - and fail. If an IPv6 command (e.g.
ip -6 route add)is the last one in the post-up script, the overall post-up script fails.
When the post-up script fails when bringing up the IPv4 configuration,
ifupdown no longer attempts to bring up the IPv6 configuration on that
interface and leaves the interface misconfigured (IPv4 is configured,
IPv6 is not).
This situation can be avoided by adding the
exit 0command at the veryend of the script files. It is okay if the IPv6 commands in the common script
fail when only IPv4 is brought up, as ifupdown will re-run them after
IPv6 is brought up.
Before submitting your PR
puppet-linton your code and ensure it's compliantAfter submitting your PR