eth0 and eth1 trading places on every boot.
Ok - THIS is a bug in 9.3, thru and thru.
Practically every time my system boots (not often, but still) eth0 and
eth1 exchange their hardware assignments. Since one is connected to
the internet and the other to my intranet, this is a problem!
After talking to some people on another list, I hear that SuSE knew
about this during the beta and didn't fix it! Didn't they think
anyone would want to run a firewall on 9.3?
I've got part of a workaround (Thanks John Sivak)
# First "un-assign" the interfaces
/sbin/nameif -s foo0
Hi, I had this problem in 9.1, but I found that it can be easily fixed in Yast, by changing the configuration. If you go to the Network Card option (under Network Devices), instead of entering eth0 and eth1 in the Device column, enter the long name (e.g. eth-bus-pci-0000:01....) and associate that with the correct IP address. I associate the first device connected to the Internet with DHCP and the second one with an internal IP address (e.g. 192.168.1.2). When the machine starts, sometime the first device is used as eth0 and sometimes as eth1, but it does not matter because the interfaces are always used correctly (either with a DHCP address or with a fixed IP address). Best Regards Mario Pesce http://www.wisepenguin.com Michael W Cocke wrote:
Ok - THIS is a bug in 9.3, thru and thru.
Practically every time my system boots (not often, but still) eth0 and eth1 exchange their hardware assignments. Since one is connected to the internet and the other to my intranet, this is a problem!
After talking to some people on another list, I hear that SuSE knew about this during the beta and didn't fix it! Didn't they think anyone would want to run a firewall on 9.3?
I've got part of a workaround (Thanks John Sivak)
# First "un-assign" the interfaces /sbin/nameif -s foo0
/sbin/nameif -s foo1 # Now "re-assign" the interfaces /sbin/nameif -s eth0
/sbin/nameif -s eth1 But I'm having trouble figuring out exactly where to put it. nameif needs to be used before the interface is up, but putting the commands in boot.local or boot.localnet don't seem to work. Ditto for creating a new job (/etc/rc3.d/S06initiface), to run right behind S05network.
Any thoughts on the correct place to put this, or a different fix?
Mike-
-- Mornings: Evolution in action. Only the grumpy will survive. --
Please note - Due to the intense volume of spam, we have installed site-wide spam filters at catherders.com. If email from you bounces, try non-HTML, non-encoded, non-attachments.
nic configuration are in /etc/sysconfig/network/ifcfg-eth-* inside you must put persistent_name=someName the name you give to nics must be different from ethXX in my case I use intranet and internet. Next you can note that nic are identified or by they mac id or pci id so you can use getcfg to ask what is the current name of the nic for mac XXXX As you I lost a lot of time to resolv this situation (3 weeks), this is painful at the beginning to search the good information
On Thursday 28 April 2005 9:40 am, Michael W Cocke wrote:
Ok - THIS is a bug in 9.3, thru and thru. Not a bug. What you need to setup is known as 'persistent name' and is not SUSE specific. This happens in other distros also.
Practically every time my system boots (not often, but still) eth0 and eth1 exchange their hardware assignments. Since one is connected to the internet and the other to my intranet, this is a problem!
After talking to some people on another list, I hear that SuSE knew about this during the beta and didn't fix it! Didn't they think anyone would want to run a firewall on 9.3? If you check the list archives you'll find this has been known for far longer than that. I've changed my system even though it hasn't exhibited this behavior but I don't want it to either.
I've got part of a workaround (Thanks John Sivak) Search the archives for 'persistent name' or PERSISTENT_NAME and you'll get the answer: add it to /etc/sysconfig/network/ifcfg-eth-id-[mac address] and re-do any firewall info that relies on them, then restart network or reboot. DO NOT name them eth0, eth1, etc because it will NOT work. Call them external, internal, internet, intranet, fred, wilma, whatever.
Mike-
Stan
On Thu, 28 Apr 2005 10:08:52 -0500, you wrote:
On Thursday 28 April 2005 9:40 am, Michael W Cocke wrote:
Ok - THIS is a bug in 9.3, thru and thru. Not a bug. What you need to setup is known as 'persistent name' and is not SUSE specific. This happens in other distros also.
Practically every time my system boots (not often, but still) eth0 and eth1 exchange their hardware assignments. Since one is connected to the internet and the other to my intranet, this is a problem!
After talking to some people on another list, I hear that SuSE knew about this during the beta and didn't fix it! Didn't they think anyone would want to run a firewall on 9.3? If you check the list archives you'll find this has been known for far longer than that. I've changed my system even though it hasn't exhibited this behavior but I don't want it to either.
I've got part of a workaround (Thanks John Sivak) Search the archives for 'persistent name' or PERSISTENT_NAME and you'll get the answer: add it to /etc/sysconfig/network/ifcfg-eth-id-[mac address] and re-do any firewall info that relies on them, then restart network or reboot. DO NOT name them eth0, eth1, etc because it will NOT work. Call them external, internal, internet, intranet, fred, wilma, whatever.
Mike-
Stan
Interesting - I've been using Suse on my firewall since 9.1 and I never encountered this problem before, nor did I have it with Redhat before that. Not saying you're not right, but that's a hell of a chain of cooincidences! Anyway, for the record, I figured out what I was missing and it works now. I did it differently. Mike- -- Mornings: Evolution in action. Only the grumpy will survive. -- Please note - Due to the intense volume of spam, we have installed site-wide spam filters at catherders.com. If email from you bounces, try non-HTML, non-encoded, non-attachments.
On Thursday 28 April 2005 11:33 am, Michael W Cocke wrote:
Interesting - I've been using Suse on my firewall since 9.1 and I never encountered this problem before, nor did I have it with Redhat before that. Not saying you're not right, but that's a hell of a chain of cooincidences!
Anyway, for the record, I figured out what I was missing and it works now. I did it differently.
Mike-
Thanks for not sharing your solution. The PERSISTENT_NAME solution is the one recommended by SUSE. What did you end up doing? Stan
On Thu, 28 Apr 2005 11:49:45 -0500, you wrote:
On Thursday 28 April 2005 11:33 am, Michael W Cocke wrote:
Interesting - I've been using Suse on my firewall since 9.1 and I never encountered this problem before, nor did I have it with Redhat before that. Not saying you're not right, but that's a hell of a chain of cooincidences!
Anyway, for the record, I figured out what I was missing and it works now. I did it differently.
Mike-
Thanks for not sharing your solution. The PERSISTENT_NAME solution is the one recommended by SUSE. What did you end up doing?
Stan
It's a bit long and since it's not the one SuSE recommends, I didn't post it so I could get flamed for a long post.... Go win.
From my wiki ----
For the archives, here's the finished workaround for using shorewall with SuSE 9.3 Put the following in /etc/rc.d/S07shorewall, right after start) and before exec /sbin/shorewall -f start (Mind the word wrap - there are blank lines between each command) echo "Stabilizing eth interface names" >/var/log/ifaceinit echo -n "Stabilizing eth interface names" echo "Before------------------------------" >>/var/log/ifaceinit /sbin/ifconfig >>/var/log/ifaceinit /sbin/ifconfig eth0 down >>/var/log/ifaceinit 2>>/var/log/ifaceinit /sbin/ifconfig eth1 down >>/var/log/ifaceinit 2>>/var/log/ifaceinit '# remember to insert YOUR MAC ADDRESSES - these are mine! /sbin/nameif foo0 00:40:05:7A:E0:84 >> /var/log/ifaceinit 2>>/var/log/ifaceinit /sbin/nameif foo1 00:09:5B:BD:A5:98 >> /var/log/ifaceinit 2>>/var/log/ifaceinit /sbin/nameif eth0 00:40:05:7A:E0:84 >> /var/log/ifaceinit 2>> /var/log/ifaceinit /sbin/nameif eth1 00:09:5B:BD:A5:98 >> /var/log/ifaceinit 2>> /var/log/ifaceinit /sbin/ifconfig eth0 up >>/var/log/ifaceinit 2>>/var/log/ifaceinit /sbin/ifconfig eth1 up >>/var/log/ifaceinit 2>>/var/log/ifaceinit echo "After----------------------------" >>/var/log/ifaceinit /sbin/ifconfig>>/var/log/ifaceinit '# assumes eth0 is your external interface - if it isn't, change this line! route add default eth0 '# put this here just to make me happy echo " - OK" sleep 10 ------------------------------------------------ Mike- -- Mornings: Evolution in action. Only the grumpy will survive. -- Please note - Due to the intense volume of spam, we have installed site-wide spam filters at catherders.com. If email from you bounces, try non-HTML, non-encoded, non-attachments.
Michael W Cocke wrote:
On Thu, 28 Apr 2005 11:49:45 -0500, you wrote:
On Thursday 28 April 2005 11:33 am, Michael W Cocke wrote:
Interesting - I've been using Suse on my firewall since 9.1 and I never encountered this problem before, nor did I have it with Redhat before that. Not saying you're not right, but that's a hell of a chain of cooincidences!
Anyway, for the record, I figured out what I was missing and it works now. I did it differently.
Mike-
Thanks for not sharing your solution. The PERSISTENT_NAME solution is the one recommended by SUSE. What did you end up doing?
Stan
It's a bit long and since it's not the one SuSE recommends, I didn't post it so I could get flamed for a long post.... Go win.
From my wiki ----
For the archives, here's the finished workaround for using shorewall with SuSE 9.3
Put the following in /etc/rc.d/S07shorewall, right after start) and before exec /sbin/shorewall -f start
(Mind the word wrap - there are blank lines between each command)
echo "Stabilizing eth interface names" >/var/log/ifaceinit
echo -n "Stabilizing eth interface names"
echo "Before------------------------------" >>/var/log/ifaceinit
/sbin/ifconfig >>/var/log/ifaceinit
/sbin/ifconfig eth0 down >>/var/log/ifaceinit 2>>/var/log/ifaceinit
/sbin/ifconfig eth1 down >>/var/log/ifaceinit 2>>/var/log/ifaceinit
'# remember to insert YOUR MAC ADDRESSES - these are mine!
/sbin/nameif foo0 00:40:05:7A:E0:84 >> /var/log/ifaceinit 2>>/var/log/ifaceinit
/sbin/nameif foo1 00:09:5B:BD:A5:98 >> /var/log/ifaceinit 2>>/var/log/ifaceinit
/sbin/nameif eth0 00:40:05:7A:E0:84 >> /var/log/ifaceinit 2>> /var/log/ifaceinit
/sbin/nameif eth1 00:09:5B:BD:A5:98 >> /var/log/ifaceinit 2>> /var/log/ifaceinit
/sbin/ifconfig eth0 up >>/var/log/ifaceinit 2>>/var/log/ifaceinit
/sbin/ifconfig eth1 up >>/var/log/ifaceinit 2>>/var/log/ifaceinit
echo "After----------------------------" >>/var/log/ifaceinit
/sbin/ifconfig>>/var/log/ifaceinit
'# assumes eth0 is your external interface - if it isn't, change this line!
route add default eth0
'# put this here just to make me happy
echo " - OK"
sleep 10
------------------------------------------------
Mike-
-- Mornings: Evolution in action. Only the grumpy will survive. --
Please note - Due to the intense volume of spam, we have installed site-wide spam filters at catherders.com. If email from you bounces, try non-HTML, non-encoded, non-attachments.
My workaround is to use the address thingy (192.?.?.?) to configure samba with swat at the interface section under global. Seems to work. Chris :)
On Thu, 28 Apr 2005 08:15:42 +1000, you wrote:
Michael W Cocke wrote:
On Thu, 28 Apr 2005 11:49:45 -0500, you wrote:
On Thursday 28 April 2005 11:33 am, Michael W Cocke wrote:
Interesting - I've been using Suse on my firewall since 9.1 and I never encountered this problem before, nor did I have it with Redhat before that. Not saying you're not right, but that's a hell of a chain of cooincidences!
Anyway, for the record, I figured out what I was missing and it works now. I did it differently.
Mike-
Thanks for not sharing your solution. The PERSISTENT_NAME solution is the one recommended by SUSE. What did you end up doing?
Stan
It's a bit long and since it's not the one SuSE recommends, I didn't post it so I could get flamed for a long post.... Go win.
From my wiki ----
For the archives, here's the finished workaround for using shorewall with SuSE 9.3
Put the following in /etc/rc.d/S07shorewall, right after start) and before exec /sbin/shorewall -f start
(Mind the word wrap - there are blank lines between each command)
echo "Stabilizing eth interface names" >/var/log/ifaceinit
echo -n "Stabilizing eth interface names"
echo "Before------------------------------" >>/var/log/ifaceinit
/sbin/ifconfig >>/var/log/ifaceinit
/sbin/ifconfig eth0 down >>/var/log/ifaceinit 2>>/var/log/ifaceinit
/sbin/ifconfig eth1 down >>/var/log/ifaceinit 2>>/var/log/ifaceinit
'# remember to insert YOUR MAC ADDRESSES - these are mine!
/sbin/nameif foo0 00:40:05:7A:E0:84 >> /var/log/ifaceinit 2>>/var/log/ifaceinit
/sbin/nameif foo1 00:09:5B:BD:A5:98 >> /var/log/ifaceinit 2>>/var/log/ifaceinit
/sbin/nameif eth0 00:40:05:7A:E0:84 >> /var/log/ifaceinit 2>> /var/log/ifaceinit
/sbin/nameif eth1 00:09:5B:BD:A5:98 >> /var/log/ifaceinit 2>> /var/log/ifaceinit
/sbin/ifconfig eth0 up >>/var/log/ifaceinit 2>>/var/log/ifaceinit
/sbin/ifconfig eth1 up >>/var/log/ifaceinit 2>>/var/log/ifaceinit
echo "After----------------------------" >>/var/log/ifaceinit
/sbin/ifconfig>>/var/log/ifaceinit
'# assumes eth0 is your external interface - if it isn't, change this line!
route add default eth0
'# put this here just to make me happy
echo " - OK"
sleep 10
------------------------------------------------
Mike-
-- Mornings: Evolution in action. Only the grumpy will survive. --
Please note - Due to the intense volume of spam, we have installed site-wide spam filters at catherders.com. If email from you bounces, try non-HTML, non-encoded, non-attachments.
My workaround is to use the address thingy (192.?.?.?) to configure samba with swat at the interface section under global. Seems to work. Chris :)
The situation has nothing to do with Samba or swat, it's a matter of getting the correct IP address assigned to the correct hardware on a system with multiple network cards. SuSE 9.3 changes the assignments randomly on almost every boot, while 9.1 and 9.2 (and redhat 9) did the hardware assignments consistantly for years. I predict that I'm not the last person to bitch about this, and I know for certain that I'm not the first. I like SuSE and now that I've got this worked around everything is cool, but this was a class A stupid design decision by SuSE. Mike- -- Mornings: Evolution in action. Only the grumpy will survive. -- Please note - Due to the intense volume of spam, we have installed site-wide spam filters at catherders.com. If email from you bounces, try non-HTML, non-encoded, non-attachments.
the ip of the hardware don't change, the name ethXX change, I use Shorewall this another approach to solve the problem I set variable to designate the interfaces in /etc/shorewall/params : NET_INT=`getcfg-interface "eth-bus-pci-0000:02:01.0"` NET_EXT=`getcfg-interface "eth-bus-pci-0000:03:0d.0"` and in all shorewall files configuration I use $NET_INT and $NET_EXT and all is working, even if the name if an interface change, the file param set the variables with the good interface name
On Friday 29 April 2005 05:49, Michael W Cocke wrote: [snip]
The situation has nothing to do with Samba or swat, it's a matter of getting the correct IP address assigned to the correct hardware on a system with multiple network cards. SuSE 9.3 changes the assignments randomly on almost every boot, while 9.1 and 9.2 (and redhat 9) did the hardware assignments consistantly for years. I predict that I'm not the last person to bitch about this, and I know for certain that I'm not the first.
I like SuSE and now that I've got this worked around everything is cool, but this was a class A stupid design decision by SuSE.
Hello Mike, this is *not* a SuSE design. This is Linux. It didn't happen before so much because the boot process happened a little differently. There is a lot of effort going on to get Linux booting faster, and it does boot faster, a lot faster, indeed. Just now it seems to be that whoever is finishing his setup faster wins, and gets eth0. Use the method described on this list to get it the way you need. Once you understood it it is really not that difficult, just a little annoying. And I'm sure that the next SuSE version will have Yast taking care of such situations better. Regards, Matt
participants (6)
-
Aldrik KLEBER -
Chris -
Mario Pesce -
Matt T. -
Michael W Cocke -
Stan Glasoe