/qubes-issues

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

NetwrokManager in ProxyVM #1052

Closed
Zrubi opened this Issue Jul 7, 2015 · 1 comment

Comments

Assignees
No one assigned
Labels
Projects
None yet
Milestone
  Release 3.1
2 participants
@Zrubi @marmarek
@Zrubi
Member

Zrubi commented Jul 7, 2015

Hi,
This issue has a long history - but haven't got enough attention to fix it jet :(

The current situation in Qubes R2 using Fedora 21 minimal (based) template
(however it seems just slightly related to the used template)

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.137.2.5 netmask 255.255.255.255 broadcast 10.255.255.255

diff -Nur route.txt route-NM.txt
--- route.txt 2015-07-07 06:52:37.038933000 +0000
+++ route-NM.txt 2015-07-07 06:54:10.602147000 +0000
@@ -1,4 +1,5 @@
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.137.2.1 0.0.0.0 UG 0 0 0 eth0
-10.137.2.1 0.0.0.0 255.255.255.255 UH 0 0 0 eth0
+0.0.0.0 10.137.2.1 0.0.0.0 UG 1024 0 0 eth0
+10.137.2.1 0.0.0.0 255.255.255.255 UH 1024 0 0 eth0

What we can see is the difference in default route in case of disabled/enabled NetwrokManager service. The second one has been set by the NetworkManager for some reason.

In case of enabled NetworkManager I found a related log entry:
Jul 07 07:11:10 NM-Test NetworkManager[686]: [1436253070.112245] [platform/nm-linux-platform.c:1722] add_object(): Netlink error adding 0.0.0.0/0 via 10.137.2.1 dev eth0 metric 1024 mss 0 src user: Unspecific failure

However the double default route is there - and causing problems in case of VPN plugins. Documented here:
https://www.qubes-os.org/doc/VPN/

The expected solution would be either:

  • let the NetworkManager setup the default gw, and do not set it by qubes scripts.
  • ask the NetworkManager to not try to setup a default gw.

@marmarek marmarek added bug C: core C: templates P: minor labels Oct 9, 2015

@marmarek marmarek added this to the Release 3.1 milestone Oct 9, 2015

@marmarek

This comment has been minimized.

Show comment
Hide comment
@marmarek

marmarek Nov 1, 2015

Member

I think we'll go with the first option:

  • let the NetworkManager setup the default gw, and do not set it by qubes scripts.

But as this is change in behavior, it's not going to be backported to R3.0. There you can always create a simple dispatcher script (/etc/NetworkManager/dispatcher.d) which would remove redundant route.
Member

marmarek commented Nov 1, 2015

I think we'll go with the first option:

  • let the NetworkManager setup the default gw, and do not set it by qubes scripts.

But as this is change in behavior, it's not going to be backported to R3.0. There you can always create a simple dispatcher script (/etc/NetworkManager/dispatcher.d) which would remove redundant route.

@marmarek marmarek closed this in marmarek/old-qubes-core-agent-linux@d23f3d8 Nov 13, 2015

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment