Bug 30816 - Support of VLAN, Bonding, Bridges
Support of VLAN, Bonding, Bridges
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: UMC - Basic settings
UCS 3.0
All Linux
: P4 enhancement (vote)
: UCS 3.2
Assigned To: Florian Best
Felix Botner
: interim-3
: 30883 30884 (view as bug list)
Depends on: 28670 30878 32792 33006 33091
Blocks: 31767 33131 33132
  Show dependency treegraph
 
Reported: 2013-03-18 17:15 CET by Florian Best
Modified: 2013-11-19 06:44 CET (History)
7 users (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Ticket number:
Bug group (optional): Release Goal
Max CVSS v3 score:


Attachments
Screenshot of DHCP query (12.92 KB, image/png)
2013-08-02 15:59 CEST, Alexander Kläser
Details
Fix 2,4,5 UNTESTED (2.89 KB, patch)
2013-10-07 20:31 CEST, Philipp Hahn
Details | Diff
Fix 1-11, UNTESTED (9.00 KB, patch)
2013-10-08 07:57 CEST, Philipp Hahn
Details | Diff
Fix 1-11v2, UNTESTED (10.95 KB, patch)
2013-10-08 08:00 CEST, Philipp Hahn
Details | Diff
Proposed fix 12-18 (7.16 KB, patch)
2013-10-08 20:21 CEST, Philipp Hahn
Details | Diff
Fix interface name regular expressions (1.93 KB, patch)
2013-11-05 15:16 CET, Philipp Hahn
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Florian Best univentionstaff 2013-03-18 17:15:36 CET
+++ This bug was initially created as a clone of Bug #28389 +++

Die Erweiterung aus Bug #26058 für Bridges, VLAN und Bonding kann derzeit nicht
per UMC konfiguriert werden.
Comment 1 Alexander Kläser univentionstaff 2013-03-22 16:35:42 CET
For this extension, a more suitable data representation (Bug 30878) will be implemented.
Comment 2 Stefan Gohmann univentionstaff 2013-04-03 07:55:23 CEST
*** Bug 29119 has been marked as a duplicate of this bug. ***
Comment 3 Alexander Kläser univentionstaff 2013-04-05 10:14:26 CEST
*** Bug 30883 has been marked as a duplicate of this bug. ***
Comment 4 Alexander Kläser univentionstaff 2013-04-05 10:15:04 CEST
(In reply to comment #3)
> *** Bug 30883 has been marked as a duplicate of this bug. ***

Also note the problem described in this bug.
Comment 5 Alexander Kläser univentionstaff 2013-04-05 10:21:19 CEST
*** Bug 30884 has been marked as a duplicate of this bug. ***
Comment 6 Florian Best univentionstaff 2013-07-02 09:46:29 CEST
Bridge, Bond and VLAN devices can now be configured in UMC System-Setup.
Comment 7 Florian Best univentionstaff 2013-07-12 09:15:46 CEST
*** Bug 29973 has been marked as a duplicate of this bug. ***
Comment 8 Dirk Wiesenthal univentionstaff 2013-07-31 12:57:14 CEST
The MultiInput of the IP addresses has max=1 meaning that it is difficult to add addresses (no "+"-Button). Or was it meant to be "unique"? Then MultiInput seems to be the wrong widget.

Also: When adding more than one IPv6 address in the MultiInput the scrollbar appears destroying the layout (at least in FF) because the "+"-Button is pushed to the next line.
Comment 9 Alexander Kläser univentionstaff 2013-07-31 13:02:27 CEST
(In reply to Dirk Wiesenthal from comment #8)
> The MultiInput of the IP addresses has max=1 meaning that it is difficult to
> add addresses (no "+"-Button). Or was it meant to be "unique"? Then
> MultiInput seems to be the wrong widget.

This is a limitation due to the UCR naming scheme and applies to bonds, bridges, and vlans (?).

> Also: When adding more than one IPv6 address in the MultiInput the scrollbar
> appears destroying the layout (at least in FF) because the "+"-Button is
> pushed to the next line.
Comment 10 Alexander Kläser univentionstaff 2013-08-02 15:59:37 CEST
Created attachment 5352 [details]
Screenshot of DHCP query

The "set" button should be "default" in the DHPC query dialog.
Comment 11 Alexander Kläser univentionstaff 2013-08-02 16:01:23 CEST
(In reply to Alexander Kläser from comment #5)
> *** Bug 30884 has been marked as a duplicate of this bug. ***

After querying a DHCP address and pressing "set" (see attachment 5352 [details]), neither nameserver nor gateway are updated.
Comment 12 Dirk Wiesenthal univentionstaff 2013-08-14 13:34:17 CEST
Removing an interface is not supported:

  Netzwerkgeräte: Ungültiger Gerätename: 'eth0.2'
Comment 13 Dirk Wiesenthal univentionstaff 2013-08-14 14:15:50 CEST
interfaces/primary can be set multiple times. I think it is only sent to the backend once, but the frontend allows to specify it multiple times in the first place. I think this should be fixed (setting it somewhere unsets it on other interfaces).
Comment 14 Dirk Wiesenthal univentionstaff 2013-08-20 13:04:56 CEST
If setting an IPv6 address but not setting an identifier, the following message is shown in German "Jedes IPv6 Gerät muss einen Bezeichnet haben" (typo).

Plus: This message is shown after the wizard is closed. But closing should be prevented in this case.
Comment 15 Dirk Wiesenthal univentionstaff 2013-08-21 14:34:49 CEST
After setting IPv6 on eth0 and reloading system setup, the IPv6 configuration does not show up in the grid. When opening eth0 only the address and the identifier is set, the prefix is not.

setup/load: interfaces.eth0.ip6[0][1] === ""

But ucr get interfaces/eth0/ipv6/default/prefix => 80
I also have a virtual LAN: ucr get interfaces/eth0.2/ipv6/default/prefix => 80 - may this have anything to do with it?
Comment 16 Florian Best univentionstaff 2013-08-27 11:57:53 CEST
(In reply to Alexander Kläser from comment #4)
> (In reply to comment #3)
> > *** Bug 30883 has been marked as a duplicate of this bug. ***
> 
> Also note the problem described in this bug.
This was caused by a invalid regex, fixed a long time ago ;) (i also have a 1 line patch for this if needed)



(In reply to Alexander Kläser from comment #9)
> (In reply to Dirk Wiesenthal from comment #8)
> > The MultiInput of the IP addresses has max=1 meaning that it is difficult to
> > add addresses (no "+"-Button). Or was it meant to be "unique"? Then
> > MultiInput seems to be the wrong widget.
> 
> This is a limitation due to the UCR naming scheme and applies to bonds,
> bridges, and vlans (?).
Yes, plus Bug #32384

(In reply to Alexander Kläser from comment #10)
> Created attachment 5352 [details]
> Screenshot of DHCP query
> 
> The "set" button should be "default" in the DHPC query dialog.
Done

(In reply to Alexander Kläser from comment #11)
> (In reply to Alexander Kläser from comment #5)
> > *** Bug 30884 has been marked as a duplicate of this bug. ***
> 
> After querying a DHCP address and pressing "set" (see attachment 5352 [details]
> [details]), neither nameserver nor gateway are updated.
fixed, the gateway and nameserver will be updated when saving the interface.

(In reply to Dirk Wiesenthal from comment #12)
> Removing an interface is not supported:
> 
>   Netzwerkgeräte: Ungültiger Gerätename: 'eth0.2'
Yes, only occurred when removing an VLAN device.

(In reply to Dirk Wiesenthal from comment #13)
> interfaces/primary can be set multiple times. I think it is only sent to the
> backend once, but the frontend allows to specify it multiple times in the
> first place. I think this should be fixed (setting it somewhere unsets it on
> other interfaces).
Oh yes, the value was not properly updated in the grid module store → multiple devices have been displayed as primary interface.


(In reply to Dirk Wiesenthal from comment #14)
> If setting an IPv6 address but not setting an identifier, the following
> message is shown in German "Jedes IPv6 Gerät muss einen Bezeichnet haben"
> (typo).
2 Typos have been fixed.

> Plus: This message is shown after the wizard is closed. But closing should
> be prevented in this case.
Closing is now prevented.


(In reply to Dirk Wiesenthal from comment #15)
> After setting IPv6 on eth0 and reloading system setup, the IPv6
> configuration does not show up in the grid. When opening eth0 only the
> address and the identifier is set, the prefix is not.
> 
> setup/load: interfaces.eth0.ip6[0][1] === ""
> 
> But ucr get interfaces/eth0/ipv6/default/prefix => 80
> I also have a virtual LAN: ucr get interfaces/eth0.2/ipv6/default/prefix =>
> 80 - may this have anything to do with it?
fixed, was only a python bug, had nothing to do with the vlan device.

QA can happen when Bug #28670 is finished.
Comment 17 Philipp Hahn univentionstaff 2013-09-02 10:01:04 CEST
Please make the following changes in the UMC dialog:
"Virtual device ID" → "VLAN ID"
"Parent device" → "Parent interface"
"Name of new device" → "Name of new bridge/bonding interface"
"UCR options" → "Additional interface options"
Comment 18 Philipp Hahn univentionstaff 2013-09-02 16:34:02 CEST
1. /var/cache/univention-system-setup/profile is created 0700, white it is not an executable script.


2. The explicit order=X UCRVs are missing to guarantee the proper dependency chain: ethX < bondY < (brZ|vlanW)+
# grep ^. /var/cache/univention-system-setup/profile | sort
interfaces/bond0/ipv6/acceptRA="false"
interfaces/bond0/options/0="bond-primary eth0"
interfaces/bond0/options/1="bond-slaves eth0 eth1"
interfaces/bond0/options/2="bond-mode 1"
interfaces/bond0/options/3="miimon 100"
interfaces/bond0/start="false"
interfaces/br0.2/address="10.200.17.31"
interfaces/br0.2/broadcast="10.200.17.255"
interfaces/br0.2/ipv6/acceptRA="false"
interfaces/br0.2/netmask="255.255.255.0"
interfaces/br0.2/network="10.200.17.0"
interfaces/br0.2/start="false"
interfaces/br0/address="10.200.17.30"
interfaces/br0/broadcast="10.200.17.255"
interfaces/br0/ipv6/acceptRA="false"
interfaces/br0/netmask="255.255.255.0"
interfaces/br0/network="10.200.17.0"
interfaces/br0/options/0="bridge_ports bond0"
interfaces/br0/options/1="bridge_fd 0"
interfaces/br0/start="false"
interfaces/eth0/address=""
interfaces/eth0/broadcast=""
interfaces/eth0/netmask=""
interfaces/eth0/network=""
interfaces/eth0/start="false"
interfaces/eth1/start="false"
interfaces/primary="br0"

# grep ^[^#] /etc/network/interfaces
auto lo
iface lo inet loopback
auto br0
iface br0 inet static
        address 10.200.17.30
        netmask 255.255.255.0
        network 10.200.17.0
        broadcast 10.200.17.255
        gateway 10.200.17.1
auto br0.2
iface br0.2 inet static
        address 10.200.17.31
        netmask 255.255.255.0
        network 10.200.17.0
        broadcast 10.200.17.255
auto eth0
iface eth0 inet static
        address 10.200.17.30
        netmask 255.255.255.0
        network 10.200.17.0
        broadcast 10.200.17.255
Since the Bug #28670 is still mending, the output above is incorrect.


3. Bonding-interfaces should be tested for "bond-slaves" (and not "bond-primary"), see /etc/network/if-pre-up.d/ifenslave


4. Valid interface names are  r"[^/ \t\n\r\f]{1,16}" except "." and ".."

Patch for some issues available
Comment 19 Philipp Hahn univentionstaff 2013-09-04 16:20:42 CEST
(In reply to Philipp Hahn from comment #18)
> # grep ^. /var/cache/univention-system-setup/profile | sort
> interfaces/bond0/start="false"
> interfaces/br0.2/start="false"
> interfaces/br0/start="false"
> interfaces/eth0/start="false"
> interfaces/eth1/start="false"

At least to top-level interfaces must be started (br0, br0.2).
I know that I had problems with explicitly started interfaces when mixing bonding, bridging and vlans, but that might have been caused by missing the explicit order. Therefore I currently would recommend to always set start=true for any configured interface and also specify the order, so "ifup -a" does explicitly bring up all interfaces in the correct order.
Comment 20 Florian Best univentionstaff 2013-09-09 15:52:52 CEST
(In reply to Philipp Hahn from comment #18)
> 1. /var/cache/univention-system-setup/profile is created 0700, white it is
> not an executable script.
fixed

> 2. The explicit order=X UCRVs are missing to guarantee the proper dependency
> chain: ethX < bondY < (brZ|vlanW)+
…
Should be fine!? On my installation all interfaces had start=true.

> 3. Bonding-interfaces should be tested for "bond-slaves" (and not
> "bond-primary"), see /etc/network/if-pre-up.d/ifenslave
Yes, fixed.

> 4. Valid interface names are  r"[^/ \t\n\r\f]{1,16}" except "." and ".."
Your suggestion has been implemented.

> Patch for some issues available
thank you ;)
Comment 21 Florian Best univentionstaff 2013-09-09 15:54:08 CEST
(In reply to Philipp Hahn from comment #17)
> Please make the following changes in the UMC dialog:
> "Virtual device ID" → "VLAN ID"
> "Parent device" → "Parent interface"
> "Name of new device" → "Name of new bridge/bonding interface"
> "UCR options" → "Additional interface options"
Ok
univention-system-setup (7.0.34-1)
Comment 22 Philipp Hahn univentionstaff 2013-09-13 10:15:46 CEST
1. The generated profile is incomplete and wrong (sorted by hand for easier reading):

> interfaces/eth0/address=""
> interfaces/eth0/broadcast=""
> interfaces/eth0/netmask=""
> interfaces/eth0/network=""

Why no type, start, acceptRA, order?

> interfaces/eth1/ipv6/acceptRA="false"
> interfaces/eth1/start="false"

Why only those two?

> interfaces/bond0/ipv6/acceptRA="false"
> interfaces/bond0/options/0="bond-slaves eth0 eth1"
> interfaces/bond0/options/1="bond-mode 1"
> interfaces/bond0/options/2="bond-primary eth0"
> interfaces/bond0/options/3="miimon 100"
> interfaces/bond0/start="false"

Missing order

> interfaces/br0/address="10.200.17.30"
> interfaces/br0/broadcast="10.200.17.255"
> interfaces/br0/ipv6/acceptRA="false"
> interfaces/br0/netmask="255.255.255.0"
> interfaces/br0/network="10.200.17.0"
> interfaces/br0/options/0="bridge_ports bond0"
> interfaces/br0/options/1="bridge_fd 0"
> interfaces/br0/start="false"

Missing order
start=true must be set.

> interfaces/br0.2/address="10.200.17.31"
> interfaces/br0.2/broadcast="10.200.17.255"
> interfaces/br0.2/ipv6/acceptRA="false"
> interfaces/br0.2/netmask="255.255.255.0"
> interfaces/br0.2/network="10.200.17.0"
> interfaces/br0.2/start="false"

Missing order
start=true must be set.

> interfaces/primary=""

Since setting the primary interface is a global configuration, it should be best moved from the individual interface configurations to the global network page, where for example the gateway and DNS servers is configured.



2. Currently all interfaces can be removed (good). If then a bonding interface is configured, saving fails with "ethX is missing". They must currently be added manually. While doing so, they can be configured for IP, which is wrong.
This must be either blocked or the interfaces should be added/cleared automatically as soon as they're used in a bond.
Comment 23 Florian Best univentionstaff 2013-09-13 12:53:02 CEST
(In reply to Philipp Hahn from comment #22)
> 1. The generated profile is incomplete and wrong (sorted by hand for easier
> reading):
The was due to a missing call to the method which prepares the interfaces for saving.

> Since setting the primary interface is a global configuration, it should be
> best moved from the individual interface configurations to the global
> network page, where for example the gateway and DNS servers is configured.
Done

> 2. Currently all interfaces can be removed (good). If then a bonding
> interface is configured, saving fails with "ethX is missing". They must
> currently be added manually. While doing so, they can be configured for IP,
> which is wrong.
> This must be either blocked or the interfaces should be added/cleared
> automatically as soon as they're used in a bond.
Missing interfaces are now added.

The /fallback/ variables are also removed now.

univention-system-setup (7.0.41-1) 
* Bug #30816: rename device to interface
* Bug #30816: display the primary network interface selection as ComboBox
* Bug #30816: create missing bond/bridge sub interfaces automatically in the
grid
* Bug #30816: prepare the consistency of interfaces before writing the
profile
* Bug #30816: fix some little typos
Comment 24 Moritz Muehlenhoff univentionstaff 2013-10-01 14:49:46 CEST
The setup dialogue for bondings contains a multivalue field "UCR options". That name should be changed to "Additional bonding options". 

That these options are internally stored in UCR is a detail that should not be exposed to the end user, it only causes confusion.
Comment 25 Florian Best univentionstaff 2013-10-01 15:46:10 CEST
(In reply to Moritz Muehlenhoff from comment #24)
> The setup dialogue for bondings contains a multivalue field "UCR options".
> That name should be changed to "Additional bonding options". 
> 
> That these options are internally stored in UCR is a detail that should not
> be exposed to the end user, it only causes confusion.
fixed. univention-system-setup (7.0.45-1)
Comment 26 Philipp Hahn univentionstaff 2013-10-07 10:01:26 CEST
Currently in appliance_mode the current IP-configuration is kept when the interfaces are restarted to not dis-connect the browser session.
When VLANs, Bridges and Bonds are created, IP-addressed can and sometimes must be transferred to other interfaces, which requires the configuration to be flushed. This breaks the appliance mode.

Therefore when in appliance mode, only re-configuring (existing and un-configured) ethX-interfaces should be allowed, but no creation of VLANs / Bridges / Bonds. If required by the user, they can be configured in a 2nd step after appliance mode has finished.
Comment 27 Florian Best univentionstaff 2013-10-07 11:41:22 CEST
(In reply to Philipp Hahn from comment #26)
> Currently in appliance_mode the current IP-configuration is kept when the
> interfaces are restarted to not dis-connect the browser session.
> When VLANs, Bridges and Bonds are created, IP-addressed can and sometimes
> must be transferred to other interfaces, which requires the configuration to
> be flushed. This breaks the appliance mode.
> 
> Therefore when in appliance mode, only re-configuring (existing and
> un-configured) ethX-interfaces should be allowed, but no creation of VLANs /
> Bridges / Bonds. If required by the user, they can be configured in a 2nd
> step after appliance mode has finished.

svn44808
univention-system-setup (7.0.47-1)
  * Bug #30816: Remove possibility to create Bond, Bridge, VLAN interfaces
       in appliance mode
Comment 28 Philipp Hahn univentionstaff 2013-10-07 20:30:37 CEST
The following issues have been identified:

1. At least the bond blow a bridge must have "start=true" to function.
AFAIK we should set "start=true" for all used interfaces, since the UMC frontend also sets "order" correctly.

2. VLANs on bridges do not word, since /etc/network/if-pre-up.d/vlan does not know how to handle "br*". Here interfaces/brX.Y/options/$Z="vlan-raw-device brX" is needed. (See "man 5 vlan-interfaces"). We should always add this, as the use can name the bridges/bonds/vlans as she likes. (*)

3. For my IP-configured bridge "br0", which also has a VLAN-2 "br0.2" on top, the type for the bridge is wrongly set to "manual". Correct is "interfaces/br0/type=address".

4. The "bond_primary" option is only valid for active-backup mode. (*)

5. VLAN-ID <= 4095, 4096 is one to many. (*)

(*) patch available
Comment 29 Philipp Hahn univentionstaff 2013-10-07 20:31:46 CEST
Created attachment 5496 [details]
Fix 2,4,5 UNTESTED
Comment 30 Philipp Hahn univentionstaff 2013-10-08 07:32:42 CEST
(In reply to Philipp Hahn from comment #28)
> 1. At least the bond b[+e+]low a bridge must have "start=true" to function.
> 2. VLANs on bridges do not wor[d→k], since /etc/network/if-pre-up.d/vlan does
> 3. ... "interfaces/br0/type=[address→static]".
> 5. VLAN-ID <= 4095, 4096 is one to[+o+] many. (*)
Comment 31 Philipp Hahn univentionstaff 2013-10-08 07:57:13 CEST
Created attachment 5498 [details]
Fix 1-11, UNTESTED

6. 'dynamic' is an alias for 'dhcp', which could be still used in UCR.
7. "self.type=None" is the initial value. Simplify code.
8. IMHO 169.254. should not automatically enable DHCP.
9. Be Unicode future proof.
10. Refacture extra_options processing to common implementation.
11. German translation update
Comment 32 Philipp Hahn univentionstaff 2013-10-08 08:00:03 CEST
Created attachment 5499 [details]
Fix 1-11v2, UNTESTED

Fix German translation errors.
Comment 33 Philipp Hahn univentionstaff 2013-10-08 20:21:54 CEST
Created attachment 5509 [details]
Proposed fix 12-18

12. Fix regular expression to allow additional '_' in names.
13. Remove unused "orgValues" from pre_save()
14. Remove broken handling for "interfaces/primary" from network, since it is already handled by util.py
15. Fix _removedDevice() to only remove settings belonging to the specific interface; it was removing ALL interfaces
16. Match regular expression only once
17. Remove obvious comment
18. Use "set() - set()" instead of "set().difference(set())"
Comment 34 Philipp Hahn univentionstaff 2013-10-09 07:06:42 CEST
FYI: While debugging the removal issue I noticed that univention-system-setup/umc/python/setup/network.py#Interfaces.get_ucr_diff() seems to be unused and could be removed.
Comment 35 Florian Best univentionstaff 2013-10-09 08:52:02 CEST
Thank you, the patch has been applied with slighly changes (ucr.iterkeys() does not work ;))

Interfaces.get_ucr_diff() has been removed.
Comment 36 Florian Best univentionstaff 2013-10-10 15:28:08 CEST
works until here…
Comment 37 Felix Botner univentionstaff 2013-10-25 12:19:59 CEST
even if i do not change anything, system setup wants to reconfigure my network

Die folgenden Änderungen werden auf das System übertragen:

    Netzwerkgeräte:
        eth0.2 (Virtuelles LAN): Statisch: 10.200.7.56/24
        eth0 (Ethernet): Statisch: 10.200.7.50/24

Bitte bestätigen Sie, dass diese Änderungen auf das System übertragen werden. Dies kann einige Zeit in Anspruch nehmen.

(just opened the basic settings and clicked "save changes")
Comment 38 Florian Best univentionstaff 2013-10-25 15:21:55 CEST
(In reply to Felix Botner from comment #37)
> even if i do not change anything, system setup wants to reconfigure my
> network
> 
> Die folgenden Änderungen werden auf das System übertragen:
> 
>     Netzwerkgeräte:
>         eth0.2 (Virtuelles LAN): Statisch: 10.200.7.56/24
>         eth0 (Ethernet): Statisch: 10.200.7.50/24
> 
> Bitte bestätigen Sie, dass diese Änderungen auf das System übertragen
> werden. Dies kann einige Zeit in Anspruch nehmen.
> 
> (just opened the basic settings and clicked "save changes")

fixed, was caused by primary flag…
package not built yes.
Comment 39 Philipp Hahn univentionstaff 2013-10-29 16:24:13 CET
OK: Ethernet
OK: Bridge
OK: VLAN
OK: Bonding
OK: VLAN<Bridge
OK: Bridge<VLAN
OK: Bridge<VLAN^2<Bridge
OK: Bonding<Bridge<VLAN
OK: interfaces/primary, interfaces/*/{start,order}
FIXED: ChangeLog → r45685

FYI: Bug #32890 css missing
FYI: Bug #32995 gateway validation
FYI: Bug #32815 IP validation
FYI: Configuring an interface for both VLAN and native is currently not possible.

TODO: univention-virtual-machine-manager-node-kvm
With uvmm-node-Xen/Kvm doing the ethX/pethX shuffle, this breaks the UMC logic: It detects the renamed physical interface 'pethX' and generates a profile for that instead of the 'ethX' wich "ifup" will see before the dance is done.
Therefore the uvmm-node-* packages will set a new UCRV umc/modules/setup/network=false, which should disable the full UMC network page and show a link to <http://docs.univention.de/computers-3.2.html#uvmm> instead explaining the situation.

TBD: Appliance mode
Comment 40 Florian Best univentionstaff 2013-10-30 11:17:59 CET
First version had been implemented. Waiting for Bug #33006 that UCR variable changes.
Comment 41 Florian Best univentionstaff 2013-11-01 10:39:08 CET
(In reply to Florian Best from comment #40)
> First version had been implemented. Waiting for Bug #33006 that UCR variable
> changes.
Ok, fully implemented now.
Comment 42 Felix Botner univentionstaff 2013-11-04 16:58:00 CET
OK - adding/modifing/deleting interfaces/bond/vlan/...
OK - XEN, KVM
OK - Appl mode
OK - changelog
Comment 43 Philipp Hahn univentionstaff 2013-11-05 15:16:59 CET
Created attachment 5568 [details]
Fix interface name regular expressions

I can't create a bridge named "dhcppt", which is flagged as invalid. I'm required to add a trailing "0".
A bridge and bonding interface can be named arbitrarily.

> re = /^(?![.]{1,2}$)[^/ \t\n\r\f]{1,15}$/;
/^(?![.]{1,2}$)[^/ \t\n\r\f]{1,15}$/
> re.test('')
false
> re.test('.')
false
> re.test('..')
false
> re.test('...')
true
> re.test('....................................')
false
> re.test('eth0')
true
> re.test('.eth0')
true
Comment 44 Philipp Hahn univentionstaff 2013-11-05 16:03:43 CET
On a VM server the TUN/TAP interfaces are not filtered out:
$ umc-command -U Administrator -P univention setup/net/interfaces
...
  RESULT   : ['vnet0', 'vnet2', 'vnet1', 'eth0', 'eth1']

# cd /sys/class/net;diff -ur -x device -x subsystem -x power -x queues -x statistics eth0/ vnet0/ | grep -v ^diff
diff: eth0//brport/flush: Keine Berechtigung
diff: vnet0//brport/flush: Keine Berechtigung
--- eth0//addr_assign_type      2013-11-05 15:52:57.663721325 +0100
+++ vnet0//addr_assign_type     2013-11-05 15:52:57.667721381 +0100
@@ -1 +1 @@
-0
+3
--- eth0//address       2013-11-05 09:32:45.425664331 +0100
+++ vnet0//address      2013-11-05 11:10:19.032518091 +0100
@@ -1 +1 @@
-bc:ae:c5:07:cc:5c
+fe:54:00:0e:2c:7a
--- eth0//brport/designated_port        2013-11-05 15:15:22.824131805 +0100
+++ vnet0//brport/designated_port       2013-11-05 15:54:34.473113929 +0100
@@ -1 +1 @@
-32769
+32770
--- eth0//brport/path_cost      2013-11-05 15:15:22.824131805 +0100
+++ vnet0//brport/path_cost     2013-11-05 15:54:34.473113929 +0100
@@ -1 +1 @@
-4
+100
--- eth0//brport/port_id        2013-11-05 15:15:22.824131805 +0100
+++ vnet0//brport/port_id       2013-11-05 15:54:34.473113929 +0100
@@ -1 +1 @@
-0x8001
+0x8002
--- eth0//brport/port_no        2013-11-05 15:15:22.824131805 +0100
+++ vnet0//brport/port_no       2013-11-05 15:54:34.473113929 +0100
@@ -1 +1 @@
-0x1
+0x2
Nur in vnet0/: group.
--- eth0//ifindex       2013-11-05 09:33:17.472007247 +0100
+++ vnet0//ifindex      2013-11-05 11:10:19.032518091 +0100
@@ -1 +1 @@
-2
+6
--- eth0//iflink        2013-11-05 15:52:57.663721325 +0100
+++ vnet0//iflink       2013-11-05 15:52:57.667721381 +0100
@@ -1 +1 @@
-2
+6
--- eth0//operstate     2013-11-05 15:52:57.663721325 +0100
+++ vnet0//operstate    2013-11-05 15:52:57.667721381 +0100
@@ -1 +1 @@
-up
+unknown
Nur in vnet0/: owner.
--- eth0//speed 2013-11-05 15:52:57.663721325 +0100
+++ vnet0//speed        2013-11-05 15:52:57.667721381 +0100
@@ -1 +1 @@
-1000
+10
Nur in vnet0/: tun_flags.
--- eth0//tx_queue_len  2013-11-05 15:52:57.663721325 +0100
+++ vnet0//tx_queue_len 2013-11-05 15:52:57.667721381 +0100
@@ -1 +1 @@
-1000
+500
--- eth0//uevent        2013-11-05 09:32:35.552000257 +0100
+++ vnet0//uevent       2013-11-05 11:10:19.028518034 +0100
@@ -1,2 +1,2 @@
-INTERFACE=eth0
-IFINDEX=2
+INTERFACE=vnet0
+IFINDEX=6

As tun/tap files are highly dynamic and thus not configurable through the static "/etc/network/interfaces", I would filter out those interfaces having "/sys/class/net/$IFACE/tun_flags".

index 81e54a5..64075bd 100644
--- ucs-3.2-0/base/univention-system-setup/umc/python/setup/util.py
+++ ucs-3.2-0/base/univention-system-setup/umc/python/setup/util.py
@@ -489,8 +489,8 @@ def detect_interfaces():
 		# filter out lo, etc. interfaces
 		if open(os.path.join(pathname, 'type'), 'r').read().strip() not in ('1', '2', '3', '4', '5', '6', '7', '8', '15', '19'):
 			continue
-		# filter out bridge, bond devices
-		if any(os.path.exists(os.path.join(pathname, path)) for path in ('bridge', 'bonding')):
+		# filter out bridge, bond, tun/tap interfaces
+		if any(os.path.exists(os.path.join(pathname, path)) for path in ('bridge', 'bonding', 'tun_flags')):
 			continue
 		# filter out vlan devices
 		if '.' in dirname:
Comment 45 Stefan Gohmann univentionstaff 2013-11-19 06:44:22 CET
UCS 3.2 has been released:
 http://docs.univention.de/release-notes-3.2-en.html
 http://docs.univention.de/release-notes-3.2-de.html

If this error occurs again, please use "Clone This Bug".