Comment # 34
on bug 1171770
from Martin Weiss
FYI - one more update from my testing, today!
Before running skuba:
/proc/sys/net/ipv4/conf/eth0/forwarding 1
/proc/sys/net/ipv4/conf/lo/forwarding 1
After running skuba
SERVER=caasp-master-01; skuba node bootstrap $SERVER --sudo --target
$SERVER.suse --user caaspadm -v5 2>&1|tee $SERVER.log
After waiting a while (until cilium pod is started):
/proc/sys/net/ipv4/conf/eth0/forwarding 1
/proc/sys/net/ipv4/conf/lo/forwarding 0
--> I can reproduce this!
In "dmesg" I can see this:
[ 3399.078642] bridge: filtering via arp/ip/ip6tables is no longer available by
default. Update your scripts to load br_netfilter if you need this.
[ 3399.082625] Bridge firewalling registered
[ 3401.275015] ip_tables: (C) 2000-2006 Netfilter Core Team
[ 3401.294485] nf_conntrack version 0.5.0 (16384 buckets, 65536 max)
[ 3457.871676] systemd-logind[1038]: Session 4 logged out. Waiting for
processes to exit.
[ 3457.872918] systemd-logind[1038]: Removed session 4.
[ 3471.942169] IPVS: Registered protocols (TCP, UDP, SCTP, AH, ESP)
[ 3471.942482] IPVS: Connection hash table configured (size=4096,
memory=64Kbytes)
[ 3471.946626] IPVS: ipvs loaded.
[ 3471.957053] IPVS: [rr] scheduler registered.
[ 3471.971445] IPVS: [wrr] scheduler registered.
[ 3471.975453] IPVS: [sh] scheduler registered.
[ 3506.795122] systemd-udevd[3355]: link_config: autonegotiation is unset or
enabled, the speed and duplex are not writable.
[ 3506.795417] systemd-udevd[3355]: Could not generate persistent MAC address
for cilium_net: No such file or directory
[ 3506.795802] systemd-udevd[3354]: link_config: autonegotiation is unset or
enabled, the speed and duplex are not writable.
[ 3506.795877] systemd-udevd[3354]: Could not generate persistent MAC address
for cilium_host: No such file or directory
[ 3506.959424] systemd-udevd[3408]: link_config: autonegotiation is unset or
enabled, the speed and duplex are not writable.
[ 3506.959477] systemd-udevd[3408]: Could not generate persistent MAC address
for cilium_vxlan: No such file or directory
[ 3507.160426] NET: Registered protocol family 38
[ 3507.644490] ip6_tables: (C) 2000-2006 Netfilter Core Team
[ 3509.733778] systemd-udevd[4335]: link_config: autonegotiation is unset or
enabled, the speed and duplex are not writable.
[ 3509.733853] systemd-udevd[4335]: Could not generate persistent MAC address
for cilium_health: No such file or directory
[ 3509.734029] systemd-udevd[4334]: link_config: autonegotiation is unset or
enabled, the speed and duplex are not writable.
[ 3509.734092] systemd-udevd[4334]: Could not generate persistent MAC address
for cilium: No such file or directory
[ 3510.068095] eth0: renamed from tmpf7777
[ 3510.124475] eth0: renamed from tmpeda4d
[ 3510.166106] eth0: renamed from tmpa871d
[ 3510.234471] eth0: renamed from tmpb7d55
[ 3510.345385] eth0: renamed from tmp64312
[ 3510.395190] eth0: renamed from tmp08aba
[ 3510.526060] eth0: renamed from tmp2a58d
[ 3510.770431] eth0: renamed from tmp98ddd
[ 3510.798858] eth0: renamed from tmpdb501
[ 3510.862749] eth0: renamed from tmpb2d90
[ 3510.931801] lxc306256f2dd85: Caught tx_queue_len zero misconfig
[ 3510.932639] lxc0881c895a035: Caught tx_queue_len zero misconfig
[ 3510.942956] cilium_health: Caught tx_queue_len zero misconfig
[ 3511.001898] lxcb73fb2c63181: Caught tx_queue_len zero misconfig
[ 3512.559132] lxcf6ec013fd3a7: Caught tx_queue_len zero misconfig
[ 3512.673046] lxcf68a5fd8bb9c: Caught tx_queue_len zero misconfig
[ 3512.765450] lxc715ae4d9099a: Caught tx_queue_len zero misconfig
[ 3513.019281] lxcc06f8ca4995d: Caught tx_queue_len zero misconfig
[ 3513.318023] lxc8afc51443d8f: Caught tx_queue_len zero misconfig
[ 3513.373336] lxc13b8308cd8b8: Caught tx_queue_len zero misconfig
[ 3513.639782] lxccce1476273fa: Caught tx_queue_len zero misconfig
[ 3516.457765] audit: type=1305 audit(1591093421.441:1070): audit_pid=0 old=918
auid=4294967295 ses=4294967295 res=1
[ 3516.503810] audit: type=1305 audit(1591093421.489:1071): audit_enabled=1
old=1 auid=4294967295 ses=4294967295 res=1
[ 3531.766783] systemd-journald[3599]: Received SIGTERM from PID 1 (systemd).
[ 3532.168956] systemd-udevd: 50 output lines suppressed due to ratelimiting
[ 3534.288116] Netfilter messages via NETLINK v0.30.
[ 3534.303469] ctnetlink v0.93: registering with nfnetlink.
--> probably cilium does "something" with the interfaces causing the setting
for "forwarding" to change?
It seems that a "reboot" or a "systemctl restart network" BEFORE doing the
skuba bootstrap "prevents this problem from happening"!
Could it be that systemd or wicked or something in the network stack "still
remembers that forwarding was 0 at the point in time the network was started"
and that the cilium process of generating the network environment for the
overlay network somehow causes this "old in memory setting" to come back?