Univention Bugzilla – Bug 17413
installation with /32 netmask fails
Last modified: 2010-08-31 13:22:10 CEST
When installing an UCS 2.3 DC Master with a /32 netmask (our scenario is having a VM at a hoster who requires us to use Proxy ARP, but there are also hosters genuinely giving out these via their DHCP, such as Strato) the installation fails. The first issue is that a default gateway cannot be created, since obviously it is not reachable. This can be fixed by using something like: # ip r add 1.2.3.4/32 dev eth0 # set 1.2.3.4 to “directly connected” # route add default gw 1.2.3.4 # now default gateway can be reached However, later, univention-run-join-scripts fails (bind, ldap-server and bind-proxy). There is an error in univention-ipcalc (“pointer” is never set, and an exception is thrown later when it is referenced), but even working around that (pointer=[]) the join fails, since the system is apparently not coping with the situation well. Temporarily using a different netmask (such as /30) lets the join scripts run successfully – although we don’t know yet if we’re going to run into more problems later… Could you please fix UCS to work with /32 netmasks? Optimally, univention-system-setup-net would even create the pointopoint route to the default gateway on the interface if it detects that the default gateway is not reachable via the configured network and netmask (this does not only affect /32 netmask’d setups).
I can confirm this issue. I'm not sure what to do in same cases, for example we can not create a dns reverse zone. Which services do you need on this UCS system? DNS, DHCP, Samba, Nagios, ...
Until now it is only an evaluation setup for a customer and we only need groupware features (Kolab). So, I had to fix some settings after setup, like adding the Kolab-Śervice to the UCS-Master and add Groupwareoptions manually to the testusers, even I have created them with the Groupware-template. Also the univention-run-join-scripts had to be run an I think I had to manually set the /etc/machine.secret.
With UCS 2.4 we should check if a fix is easy to implement. Othewise the installer should avoid a /32 netmask.
Changes necessary in several packages. I hope that is all. univention-config-registry/interfaces (UCR template): If eth0 netmask is 255.255.255.255, no default gateway ist set (no changes here), but a point to point route to the gateway up ip route add 10.200.7.1/32 dev eth0 up route add default gw 10.200.7.1 in /etc/network/interface (e.g. for booting the system with a proper route to the gateway) univention-config-registry/interfaces.py: This modules creates the point to point route if the ucr variables gateway or interfaces/eth0/netmask are changed on the running system. univention-ipcalc/univention-ipcalc: Returns a 24 reverse zone name if a 32 netmask is given ("32 reverse" zone is not valid) -> univention-ipcalc --netmask 255.255.255.255 --ip 10.200.7.2 \ --output reverse --calcdns 10.200.7 That is the name we use for the reverse zone. univention-ldap/10univention-ldap-server.inst: Now the script uses reverse instead of network output from univention-ipcalc for adding/editing reverse zone univention-system-setup/usr/lib/univention-system-setup/scripts/net/10interfaces: Now the script uses reverse instead of network output from univention-ipcalc for adding/editing reverse zone univention-installer/scripts/06_network.sh: Sets point to point route if netmask is 255.255.255.255 for installation.
Changes are working for new installation. The default route is set in /etc/network/interfaces if local IP address is set as gateway. If using univention-system-setup on a running system, changes will be set correctly. Changelog entry committed - verified fixed
UCS 2.4 wurde veröffentlicht. Sollte der hier beschriebene Bug mit einer neueren Version von UCS erneut auftreten, so sollte der Bug dupliziert werden: "Clone This Bug".