nixos/release-notes: mention that dhcpcd stopped giving IPv4 addresses to bridges

[erictapen]

Motivation for this change

This is about an change from upstream dhcpcd. It is backwards incompatible as this locked me out of my box.

Ignore some virtual interfaces such as Tap and Bridge by default

This was my setup, when I upgraded from nixos-19.09 to nixos-20.03:

{ config, pkgs, ... }:{
  networking = {
    bridges.br0 = {
      interfaces = [ "enp2s0" "enp3s0" "enp4s0" ];
    };
    interfaces = {
      br0.useDHCP = true;
      enp2s0.useDHCP = false;
      enp3s0.useDHCP = false;
      enp4s0.useDHCP = false;
    };
  };
}

When I rebooted the system, I noticed that br0 doesn't get an IPv4 address anymore. The reason was, that dhcpcd didn't consider a bridge as an interface, that would get an address by default.

My solution was then to change my config to this:

{ config, pkgs, ... }:{
  networking = {
    bridges.br0 = {
      interfaces = [ "enp2s0" "enp3s0" "enp4s0" ];
    };
    dhcpcd.allowInterfaces = [
      "br0"
      # and all other interfaces where I had set useDHCP = true!
    ];
  };
}

As I explain in the commit message, I don't see an easy way to fix this edge case. The only thing that comes to my mind right now is that we could give out an error if someone wants to set useDHCP on a bridge?

Things done

Inform users of nixos-20.03, that their setup might break.

• Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS linux)
• Built on platform(s)
  • NixOS
  • macOS
  • other Linux distributions
• Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
• Tested compilation of all pkgs that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
• Tested execution of all binary files (usually in ./result/bin/)
• Determined the impact on package closure size (by running nix path-info -S before and after)
• Ensured that relevant documentation is up to date
• Fits CONTRIBUTING.md.

Pinging @edolstra @fpletz as they are the maintainer of dhcpcd.

[erictapen]

Also pinging @worldofpeace @disassembler as this might be important for the release? Sorry in advance if I overestimate this issue.

[nixos-discourse]

This pull request has been mentioned on NixOS Discourse. There might be relevant details there:

https://discourse.nixos.org/t/go-no-go-meeting-nixos-20-03-markhor/6495/11

[lheckemann]

Interfaces with useDHCP set should probably be added to allowInterfaces automatically… Do you see any issues with that? I fully agree that this should be sorted one way or another before the 20.03 release.

[rnhmjoj]

It seems pretty serious. I would put that note on top of the list.

[erictapen]

Interfaces with useDHCP set should probably be added to allowInterfaces automatically…

The problem is, once you use allowInterfaces, there is no implicit discovery of interfaces anymore. Everything has to be explicitly listed in allowInterfaces. See NixOS option and man 5 dhcpcd.conf for this:

     allowinterfaces pattern
             When discovering interfaces, the interface name must match pattern which is a space or comma
             separated list of patterns passed to fnmatch(3).  If the same interface is matched in
             denyinterfaces then it is still denied.

networking.interfaces.<name?>.useDHCP defaults to true, so a lot of people might have no config at all to use DHCP on their interfaces. I'm afraid this would break peoples setups more than it'd save them.

I think we should stick with informing people about the breakage in the release notes. Optionally we could throw an error if people had networking.interfaces.<name?>.useDHCP set on a bridge, as this makes never sense with the new dhcpcd version.

[nixos-discourse]

This pull request has been mentioned on NixOS Discourse. There might be relevant details there:

https://discourse.nixos.org/t/go-no-go-meeting-nixos-20-03-markhor/6495/16

[kyren]

I have this same setup, and as of my current nixpkgs version of b0c2858 it seems to work if you set networking.useDHCP = false; as the manpage of configuration.nix suggests.

Currently my configuration is something like this:

networking = {
  useDHCP = false;
  networkmanager.enable = false;

  bridges.br0.interfaces = [ "enp4s0" "enp6s0" ];
  interfaces.br0.useDHCP = true;
};

And this seems to work fine? Is this expected, or is there potentially something else different about my configuration that's making this work?

I'm not sure why this works, but if it does it seems easier to suggest changing the networking.useDHCP setting rather than networking.dhcpcd.allowInterfaces.

Edit: Just to be clear, I also experienced this bug after switching to 20.03 and I was also locked out of several machines, but after setting networking.useDHCP = false; and interfaces.br0.useDHCP = true; I started getting IPv4 addresses again.

[erictapen]

I have this same setup, and as of my current nixpkgs version of b0c2858 it seems to work if you set networking.useDHCP = false; as the manpage of configuration.nix suggests.

@kyren Thanks for the hint! The logic that configures an explicit list of interfaces if notworking.useDHCP = false is defined in modules/services/networking/dhcpcd.nix.

...it does it seems easier to suggest changing the networking.useDHCP setting rather than networking.dhcpcd.allowInterfaces.

I agree and will change the PR accordingly.

[erictapen]

I proposed an assertion in #84221. As this issue is already a blocker, I think #84221 should be also either marked as a blocker or else rejected, as the error message will be primarily useful to people doing the migration to 20.03.

[nixos-discourse]

This pull request has been mentioned on NixOS Discourse. There might be relevant details there:

https://discourse.nixos.org/t/go-no-go-meeting-nixos-20-03-markhor/6495/19

[worldofpeace]

Builds and renders fine for me.

[worldofpeace]

forward ported 788f572