Last active
January 17, 2018 07:11
-
-
Save phoracek/4af4c02b14ae5003a7e6 to your computer and use it in GitHub Desktop.
ifcfg and brctl+dhclient routing differences
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # prepare veth pair and run dnsmasq | |
| ip link add name veth_l type veth peer name veth_r | |
| ip -4 addr add dev veth_l 240.0.0.1/24 | |
| ip link set dev veth_l up | |
| dnsmasq --dhcp-authoritative -p 0 --dhcp-range=240.0.0.10,240.0.0.100,2m \ | |
| --dhcp-option=3,240.0.0.254 --dhcp-option=6 -i veth_l -I lo -d \ | |
| --bind-dynamic --dhcp-range=fdb3:84e5:4ff4:55e3::a,fdb3:84e5:4ff4:55e3::64,2m |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [root@localhost repro]# route -n | |
| Kernel IP routing table | |
| Destination Gateway Genmask Flags Metric Ref Use Iface | |
| 0.0.0.0 192.168.122.1 0.0.0.0 UG 0 0 0 eth0 | |
| 169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0 | |
| 192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 | |
| [root@localhost repro]# bash -x prepare_veth.sh | |
| + ip link add name veth_l type veth peer name veth_r | |
| + ip -4 addr add dev veth_l 240.0.0.1/24 | |
| + ip link set dev veth_l up | |
| + dnsmasq --dhcp-authoritative -p 0 --dhcp-range=240.0.0.10,240.0.0.100,2m --dhcp-option=3,240.0.0.254 --dhcp-option=6 -i veth_l -I lo -d --bind-dynamic --dhcp-range=fdb3:84e5:4ff4:55e3::a,fdb3:84e5:4ff4:55e3::64,2m | |
| dnsmasq: started, version 2.66 DNS disabled | |
| dnsmasq: compile time options: IPv6 GNU-getopt DBus no-i18n IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset auth | |
| dnsmasq-dhcp: DHCP, IP range 240.0.0.10 -- 240.0.0.100, lease time 2m | |
| dnsmasq-dhcp: DHCPv6, IP range fdb3:84e5:4ff4:55e3::a -- fdb3:84e5:4ff4:55e3::64, lease time 2m | |
| dnsmasq-dhcp: DHCPDISCOVER(veth_l) 240.0.0.78 06:bf:73:1b:ae:47 | |
| dnsmasq-dhcp: DHCPOFFER(veth_l) 240.0.0.78 06:bf:73:1b:ae:47 | |
| dnsmasq-dhcp: DHCPREQUEST(veth_l) 240.0.0.78 06:bf:73:1b:ae:47 | |
| dnsmasq-dhcp: DHCPACK(veth_l) 240.0.0.78 06:bf:73:1b:ae:47 localhost | |
| [root@localhost repro]# bash -x setup_brctl.sh | |
| + brctl addbr br0 | |
| + brctl addif br0 veth_r | |
| + ip link set veth_r up | |
| + ip link set br0 up | |
| + dhclient -4 -H localhost -1 -q -pf /var/run/dhclient4-br0.pid -lf /var/lib/dhclient/dhclient--br0.lease br0 | |
| [root@localhost repro]# route -n | |
| Kernel IP routing table | |
| Destination Gateway Genmask Flags Metric Ref Use Iface | |
| 0.0.0.0 240.0.0.254 0.0.0.0 UG 0 0 0 br0 | |
| 169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0 | |
| 192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 | |
| 240.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 veth_l | |
| 240.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 br0 | |
| # Able to reach host, not able to reach internet |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [root@localhost repro]# route -n | |
| Kernel IP routing table | |
| Destination Gateway Genmask Flags Metric Ref Use Iface | |
| 0.0.0.0 192.168.122.1 0.0.0.0 UG 0 0 0 eth0 | |
| 169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0 | |
| 192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 | |
| [root@localhost repro]# bash -x prepare_veth.sh | |
| + ip link add name veth_l type veth peer name veth_r | |
| + ip -4 addr add dev veth_l 240.0.0.1/24 | |
| + ip link set dev veth_l up | |
| + dnsmasq --dhcp-authoritative -p 0 --dhcp-range=240.0.0.10,240.0.0.100,2m --dhcp-option=3,240.0.0.254 --dhcp-option=6 -i veth_l -I lo -d --bind-dynamic --dhcp-range=fdb3:84e5:4ff4:55e3::a,fdb3:84e5:4ff4:55e3::64,2m | |
| dnsmasq: started, version 2.66 DNS disabled | |
| dnsmasq: compile time options: IPv6 GNU-getopt DBus no-i18n IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset auth | |
| dnsmasq-dhcp: DHCP, IP range 240.0.0.10 -- 240.0.0.100, lease time 2m | |
| dnsmasq-dhcp: DHCPv6, IP range fdb3:84e5:4ff4:55e3::a -- fdb3:84e5:4ff4:55e3::64, lease time 2m | |
| dnsmasq-dhcp: DHCPDISCOVER(veth_l) 240.0.0.78 ba:ea:76:7d:28:44 | |
| dnsmasq-dhcp: DHCPOFFER(veth_l) 240.0.0.78 ba:ea:76:7d:28:44 | |
| dnsmasq-dhcp: DHCPREQUEST(veth_l) 240.0.0.78 ba:ea:76:7d:28:44 | |
| dnsmasq-dhcp: DHCPACK(veth_l) 240.0.0.78 ba:ea:76:7d:28:44 localhost | |
| [root@localhost repro]# bash -x setup_ifcfg.sh | |
| + echo 'DEVICE=br0 | |
| TYPE=Bridge | |
| DELAY=0 | |
| STP=off | |
| ONBOOT=yes | |
| BOOTPROTO=dhcp | |
| DEFROUTE=no | |
| NM_CONTROLLED=no | |
| IPV6INIT=no | |
| HOTPLUG=no' | |
| + echo 'DEVICE=veth_r | |
| BRIDGE=br0 | |
| ONBOOT=yes | |
| NM_CONTROLLED=no | |
| IPV6INIT=no' | |
| + ifdown br0 | |
| + ifdown veth_r | |
| bridge br0 does not exist! | |
| + ifup veth_r | |
| + ifup br0 | |
| Determining IP information for br0... done. | |
| [root@localhost repro]# route -n | |
| Kernel IP routing table | |
| Destination Gateway Genmask Flags Metric Ref Use Iface | |
| 0.0.0.0 192.168.122.1 0.0.0.0 UG 0 0 0 eth0 | |
| 169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0 | |
| 169.254.0.0 0.0.0.0 255.255.0.0 U 1378 0 0 br0 | |
| 192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 | |
| 240.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 veth_l | |
| 240.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 br0 | |
| [root@localhost repro]# ps aux | grep dhclient | grep br0 | |
| root 30553 0.0 0.7 103740 13080 ? Ss 05:43 0:00 /sbin/dhclient -H localhost -1 -q -lf /var/lib/dhclient/dhclient--br.lease -pf /var/run/dhclient-br0.pid br0 | |
| # Internet is reachable | |
| # With DEFROUTE=yes, we lost internet connectivity (but routing table is not the same like with brctl): | |
| [root@localhost repro]# route -n | |
| Kernel IP routing table | |
| Destination Gateway Genmask Flags Metric Ref Use Iface | |
| 0.0.0.0 240.0.0.254 0.0.0.0 UG 0 0 0 br0 | |
| 169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0 | |
| 169.254.0.0 0.0.0.0 255.255.0.0 U 1390 0 0 br0 | |
| 192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 | |
| 240.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 veth_l | |
| 240.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 br0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # create bridged network with brctl and run dhclient | |
| brctl addbr br0 | |
| brctl addif br0 veth_r | |
| ip link set veth_r up | |
| ip link set br0 up | |
| dhclient -4 -H localhost -1 -q -pf /var/run/dhclient4-br0.pid -lf \ | |
| /var/lib/dhclient/dhclient--br0.lease br0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| echo 'DEVICE=br0 | |
| TYPE=Bridge | |
| DELAY=0 | |
| STP=off | |
| ONBOOT=yes | |
| BOOTPROTO=dhcp | |
| DEFROUTE=no | |
| NM_CONTROLLED=no | |
| IPV6INIT=no | |
| HOTPLUG=no' > /etc/sysconfig/network-scripts/ifcfg-br0 | |
| echo 'DEVICE=veth_r | |
| BRIDGE=br0 | |
| ONBOOT=yes | |
| NM_CONTROLLED=no | |
| IPV6INIT=no' > /etc/sysconfig/network-scripts/ifcfg-veth_r | |
| ifdown br0 | |
| ifdown veth_r | |
| ifup veth_r | |
| ifup br0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ip l del veth_r | |
| ip l del br0 | |
| rm -f /etc/sysconfig/network-scripts/ifcfg-veth_r | |
| rm -f /etc/sysconfig/network-scripts/ifcfg-br0 | |
| service network restart | |
| ifup eth0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment