Marius Tomaschewski changed bug 963241
What Removed Added
CC   suse.dev@fea.st
Flags needinfo?(mt@suse.com) needinfo?(suse.dev@fea.st)

Comment # 4 on bug 963241 from 
(In reply to sd fs from comment #2)
> Found in in
> 
>  /etc/sysconfig/network/ifcfg.template
> 	...
> 	## Type:    integer(0:)
> 	## Default: 
> 	#
> 	# This option sets the ethernet address ageing time, in seconds. After
> <time> 
> 	# seconds of not having seen a frame coming from a certain address, the
> bridge 
> 	# will delete that address from the forwarding database. Setting ageing
> time 
> 	# to zero makes all entries permanent.
> 	#
> 	BRIDGE_AGEINGTIME=
> 	...
> 
> I never set it in /etc/sysconfig/network/ifcfg-br0, so not sure when/how it
> was set.

Apparently some tool did it then -- would be not the first time...

Default in wicked is to not set this parameter (unless explicitly
specified in the ifcfg file) and 0 is definitely a special value.

> Anyway wicked apparently doesn't think it's a valid setting.

It is not even wicked: the kernel rejects it... and as far as I see,
it does this when somebody plays with namespaces / user is running
wickedd [=root] does not have admin capabilities in a namespace.

        if (!ns_capable(dev_net(br->dev)->user_ns, CAP_NET_ADMIN))
                return -EPERM;

/usr/src/linux-4.1.13-5/net/bridge $ grep ageing_time *
br_device.c:    br->ageing_time = 300 * HZ;
br_fdb.c:    return br->topology_change ? br->forward_delay : br->ageing_time;
br_fdb.c:    unsigned long next_timer = jiffies + br->ageing_time;
br_fdb.c:                fe->ageing_timer_value =
jiffies_delta_to_clock_t(jiffies - f->updated);

The kernel is using this setting for a fdb "cleanup timer" and for
"hold time" on topology changes.

# cat ifcfg-br1
STARTMODE=auto
BOOTPROT=none
BRIDGE=yes
BRIDGE_STP=off
BRIDGE_AGEINGTIME='0'
BRIDGE_PORTS='nic1'
# time wicked ifup br1
br1             up

real    0m0.068s
user    0m0.016s
sys    0m0.008s
# cat /sys/class/net/br1/bridge/stp_state 
0
# cat /sys/class/net/br1/bridge/ageing_time 
0

# wicked ifdown br1
# ls -1 /sys/class/net/br1
ls: cannot access /sys/class/net/br1: No such file or directory
# vi ifcfg-br1
# cat ifcfg-br1
STARTMODE=auto
BOOTPROT=none
BRIDGE=yes
BRIDGE_STP=on
BRIDGE_AGEINGTIME='0'
BRIDGE_PORTS='nic1'
# time wicked ifup br1
br1             up

real    0m19.088s
user    0m0.020s
sys    0m0.000s
# cat /sys/class/net/br1/bridge/ageing_time 
0
# cat /sys/class/net/br1/bridge/stp_state 
1
# cat /etc/SuSE-release 
openSUSE 42.1 (x86_64)
VERSION = 42.1
CODENAME = Malachite
# /etc/SuSE-release is deprecated and will be removed in the future, use
/etc/os-release instead
# uname -a
Linux xanthos 4.1.13-5-default #1 SMP PREEMPT Thu Nov 26 16:35:17 UTC 2015
(49475c3) x86_64 x86_64 x86_64 GNU/Linux

> So changing
> 
>  /etc/sysconfig/network/ifcfg-br0
> -	BRIDGE_AGEINGTIME='0'
> +	#BRIDGE_AGEINGTIME='0'
> 
> then after reboot have networking over the bridge back!

OK, then there is at least a workaround. Generally, I'd setup the bridge
either with the lowest permitted IEEE 802.1D(-1998 or 2004) STP settings:
   BRIDGE_STP=on
   BRIDGE_MAXAGE=6
   BRIDGE_HELLOTIME=1
   BRIDGE_FORWARDDELAY=4
to not cause delays for up to 50sec for STP or
   BRIDGE_STP=off
   BRIDGE_FORWARDDELAY=0

See http://www.tldp.org/HOWTO/BRIDGE-STP-HOWTO/advanced-bridge.html#STP

and BRIDGE_PORTS as needed.

> I don't know if there's a bug in wicked or a 'bug' in the .template.

Hmm...  As visible above, I can't reproduce it on my leap installation,
so there seems be something else tweaking in between here. Question is:
how to reproduce it.

(In reply to sd fs from comment #0)
> I need to set up a bridge on it.  My config is
> 
>  cat /etc/sysconfig/network/ifcfg-br0
[...]
> 	IPV6INIT='no'
> 	IPV6_AUTOCONF='no'

BTW: There is no IPV6INIT or IPV6_AUTOCONF variable defined and never were
(in "green" ifcfg flavor). See "man sysctl.conf" and "man ifsysctl" and:
https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt

[...]
> Anyway this is what the log does show
> 	[   96.204002] systemd[1361]: Executing: /usr/sbin/wickedd --systemd
> --foreground
> 	[  186.224578] systemd[1]: wickedd.service start operation timed out.
> Terminating.
> 	[  186.224943] systemd[1]: wickedd.service changed start -> final-sigterm
> 	[  186.226155] systemd[1]: Received SIGCHLD from PID 1361 (wickedd).
> 	[  186.226236] systemd[1]: Child 1361 (wickedd) died (code=killed,
> status=15/TERM)
> 	[  186.226334] systemd[1]: Child 1361 belongs to wickedd.service
[...]

Here, is some IMO much more important problem to investigate: wickedd
start issue. I don't think it is because of the bridge parameter.

Can you set WICKED_DEBUG="all" in /etc/sysconfig/network/config together
with systemd debug [as you already have], boot trying to run into such
issue and attach the full journal dump using:
   "journalctl -b --short-precise > journal.txt"

See also https://en.opensuse.org/openSUSE:Bugreport_wicked

To avoid, that it is about some already fixed bug, please try out also
the RPMs from:

http://download.opensuse.org/repositories/network:/wicked:/master/openSUSE_Leap_42.1/

which will be released ASAP.

You are receiving this mail because: