Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-31182

regression in handling /proc/sys/net/ipv6/conf/default/use_tempaddr

    • None
    • Moderate
    • ZStream
    • 1
    • rhel-sst-network-management
    • ssg_networking
    • 3
    • False
    • Hide

      None

      Show
      None
    • No
    • NMT - RHEL-9.5 DTM 12
    • Approved Blocker
    • Hide

      Given a RHEL machine with NetworkManager running,

      When running the ipv6_ip6-default_privacy' NMCI tests,

      Then, no failure should be seen and the test should pass successfully.

      Given a RHEL system with NetworkManager holding a connection with `ipv6.ip6-privacy` unset,
      When user activated this connection,
      Then NetworkManager should use the global default from NetworkManager.conf and if not set, use `/proc/sys/net/ipv6/conf/default/use_tempaddr` as default value of this interface.

      Given a RHEL system with NetworkManager holding a connection with `ipv6.temp-preferred-lifetime` unset,
      When user activated this connection,
      Then NetworkManager should use the global default from NetworkManager.conf and if not set, use `/proc/sys/net/ipv6/conf/default/use_tempaddr` as default value of this interface.

      Given a RHEL system with NetworkManager holding a connection with `ipv6.temp-valid-lifetime` unset,
      When user activated this connection,
      Then NetworkManager should use the global default from NetworkManager.conf and if not set, use `/proc/sys/net/ipv6/conf/default/use_tempaddr` as default value of this interface.

      Definition of Done:

      • The implementation meets the acceptance criteria
      • Integration tests should be added to check that the new properties work
      • The code is part of a build attached to an errata
      • The fix is backported into RHEL-9.4

       

      AC and QE test alignment:

      This CI test: https://gitlab.freedesktop.org/NetworkManager/NetworkManager-ci/-/merge_requests/1681 has been added to ensure that the default
      value from /proc/sys/net/ipv6/conf/default has been applied by NetworkManager and passing.

      Show
      Given a RHEL machine with NetworkManager running, When running the ipv6_ip6-default_privacy' NMCI tests, Then, no failure should be seen and the test should pass successfully. Given a RHEL system with NetworkManager holding a connection with `ipv6.ip6-privacy` unset, When user activated this connection, Then NetworkManager should use the global default from NetworkManager.conf and if not set, use `/proc/sys/net/ipv6/conf/default/use_tempaddr` as default value of this interface. Given a RHEL system with NetworkManager holding a connection with `ipv6.temp-preferred-lifetime` unset, When user activated this connection, Then NetworkManager should use the global default from NetworkManager.conf and if not set, use `/proc/sys/net/ipv6/conf/default/use_tempaddr` as default value of this interface. Given a RHEL system with NetworkManager holding a connection with `ipv6.temp-valid-lifetime` unset, When user activated this connection, Then NetworkManager should use the global default from NetworkManager.conf and if not set, use `/proc/sys/net/ipv6/conf/default/use_tempaddr` as default value of this interface. Definition of Done: The implementation meets the acceptance criteria Integration tests should be added to check that the new properties work The code is part of a build attached to an errata The fix is backported into RHEL-9.4   AC and QE test alignment: This CI test: https://gitlab.freedesktop.org/NetworkManager/NetworkManager-ci/-/merge_requests/1681 has been added to ensure that the default value from /proc/sys/net/ipv6/conf/default has been applied by NetworkManager and passing.
    • None
    • None
    • Bug Fix
    • Hide
      .The value for `ipv6.ip6-privacy` no longer changes between connection activations

      Originally, when the global default value was not set for the `ipv6.ip6-privacy` parameter, its value reverted to the value from the `/proc/sys/net/ipv6/conf/default/use_tempaddr` file. A recent change to the NetworkManager source code caused it to incorrectly fall back to the value read from the `/proc/sys/net/ipv6/conf/IFNAME/use_tempaddr` file instead. As a consequence, IPv6 address generation changed, and the value for `ipv6.ip6-privacy` could change between connection activations. The problem has been fixed by reverting back to the original behavior. As a result, the value for `ipv6.ip6-privacy` does not change anymore between connection activations.
      Show
      .The value for `ipv6.ip6-privacy` no longer changes between connection activations Originally, when the global default value was not set for the `ipv6.ip6-privacy` parameter, its value reverted to the value from the `/proc/sys/net/ipv6/conf/default/use_tempaddr` file. A recent change to the NetworkManager source code caused it to incorrectly fall back to the value read from the `/proc/sys/net/ipv6/conf/IFNAME/use_tempaddr` file instead. As a consequence, IPv6 address generation changed, and the value for `ipv6.ip6-privacy` could change between connection activations. The problem has been fixed by reverting back to the original behavior. As a result, the value for `ipv6.ip6-privacy` does not change anymore between connection activations.
    • Done
    • None

      What were you trying to do that didn't work?

      we propagated the content of /proc/sys/net/ipv6/conf/default/use_tempaddr to
      /proc/sys/net/ipv6/conf/ethX/use_tempaddr but this was removed in https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/commit/797f3cafeece5162c5a59ebb35449b779a394dd5

      I am a bit worried that some customers might have used it and we might be breaking their configs in the future.

      So we need to document the new behavior heavily or bring back the original one.

      Please provide the package NVR for which the bug is seen:

      NetworkManager-1.47.3 (9.5 early version)

      How reproducible:

      always

      Steps to reproduce

      1. NMCI's ipv6_ip6-default_privacy test

      Expected results

      PASS

      Actual results

      FAIL

              ihuguet@redhat.com Inigo Huguet
              rhn-engineering-vbenes Vladimir Benes
              Network Management Team Network Management Team
              Vladimir Benes Vladimir Benes
              Jaroslav Klech Jaroslav Klech
              Votes:
              0 Vote for this issue
              Watchers:
              12 Start watching this issue

                Created:
                Updated:
                Resolved: