Bug 256767

Summary: ifconfig(8) NOAUTO and rc.conf(5): untimely configuration (up) of a network interface when it should be down
Product: Base System Reporter: Graham Perrin <grahamperrin>
Component: binAssignee: Hiroki Sato <hrs>
Status: Open ---    
Severity: Affects Only Me CC: hrs, mason
Priority: --- Keywords: needs-qa
Version: CURRENT   
Hardware: Any   
OS: Any   
URL: https://www.freebsd.org/cgi/man.cgi?query=gif&sektion=4&manpath=FreeBSD+14.0-current
Attachments:
Description Flags
Screen recording: wlan0 properly down, then brought up; gif0 unexpectedly up, then taken down
none
This patch appears to preserve NOAUTO behaviour. none

Description Graham Perrin freebsd_committer freebsd_triage 2021-06-22 08:48:59 UTC 
Created attachment 225988 [details]
Screen recording: wlan0 properly down, then brought up; gif0 unexpectedly up, then taken down

man 5 rc.conf

> …
> If the ifconfig_⟨interface⟩ contains the keyword “NOAUTO”
> then the interface will not be configured at boot or by
> /etc/pccard_ether when network_interfaces is set to “AUTO”.
> …

With ifconfig_gif0_ipv6 set to include NOAUTO before a restart of the operating system, the interface was unexpectedly up following a restart. 

Relevant lines from the attached screen recording: 

% grep ifconfig_wlan0 /etc/rc.conf
ifconfig_wlan0="WPA SYNCDHCP NOAUTO"
% grep ifconfig_gif /etc/rc.conf | grep -v \# | cut -c 1-26,66-100
ifconfig_gif0_ipv6="inet6  prefixlen 128 NOAUTO"
% 

Showing the ups and downs: gkrellm
<https://www.freshports.org/sysutils/gkrellm2>
Comment 1 Kubilay Kocak freebsd_committer freebsd_triage 2021-06-26 02:08:06 UTC 
(In reply to Graham Perrin from comment #0)

Can you provide a minimal rc.conf configuration and minimal steps to reproduce?
Comment 2 Graham Perrin freebsd_committer freebsd_triage 2021-06-26 05:46:10 UTC 
(In reply to Kubilay Kocak from comment #1)

Adapted from <https://forums.FreeBSD.org/threads/80878/post-517622> (without disclosing full addresses): 


cloned_interfaces="gif0"
create_args_gif0="tunnel 192.168.1.10 address.from.tunnel.provider mtu 1480"
ifconfig_gif0_ipv6="inet6 ⋯:⋯:⋯:⋯::2 ⋯:⋯:⋯:⋯::1 prefixlen 128"
ipv6_defaultrouter="⋯:⋯:⋯:⋯::1"


IPv6 via Hurricane Electric's Free IPv6 Tunnel Broker Service
<https://subatomicsolutions.org/8-freebsd/10-ipv6-via-hurricane-electric-s-free-ipv6-tunnel-broker-service>

HTH, if not please let me know. Thanks.
Comment 3 Graham Perrin freebsd_committer freebsd_triage 2021-06-26 05:48:04 UTC 
(In reply to Graham Perrin from comment #2)

> Adapted

I forgot to adapt (to include the NOAUTO). Sorry. 

Here: 

cloned_interfaces="gif0"
create_args_gif0="tunnel 192.168.1.10 address.from.tunnel.provider mtu 1480"
ifconfig_gif0_ipv6="inet6 ⋯:⋯:⋯:⋯::2 ⋯:⋯:⋯:⋯::1 prefixlen 128 NOAUTO"
ipv6_defaultrouter="⋯:⋯:⋯:⋯::1"
Comment 4 Mason Loring Bliss freebsd_triage 2021-08-24 18:57:56 UTC 
I see a very similar issue.

rc.conf:

    ifconfig_em0="NOAUTO DHCP"
    wlans_iwn0="wlan0"
    ifconfig_wlan0="NOAUTO WPA DHCP"

When I log into an X session, one of the things that happens is barrierc 
launches as a user process, and it sits in a window looping over failures 
because there is (correctly) no network. But then I notice it connecting, 
with ifconfig showing me a configured em0.

Racing the system for a test, I logged in and quickly said 'ifconfig' in a 
terminal, and saw no configured interfaces, but I then quickly said 'ps ax 
| grep dhc' and saw:

84491  -  R    0:00.01 /bin/sh /etc/rc.d/dhclient quietstart em0 (env)

...and shortly thereafter em0 was connected. And then, a bit later:

$ ps ax | grep dhc
13818  -  ICs  0:00.00 dhclient: em0 (dhclient)
89207  -  Is   0:00.00 dhclient: system.syslog (dhclient)
91789  -  Is   0:00.00 dhclient: em0 [priv] (dhclient)
58103 11  S+   0:00.00 grep dhc

I have yet to dig into what's launching the dhclient.
Comment 5 Mason Loring Bliss freebsd_triage 2021-08-24 18:58:38 UTC 
Random additional note: NOAUTO worked as expected under 12.
Comment 6 Mason Loring Bliss freebsd_triage 2021-08-25 22:11:07 UTC 
I have more detail. My X environment fires up barriec inside a new screen
session. I can sit there and watch it try to connect for ages. If I say
'ifconfig' to look at what's configured, that seems to trigger something.
It'll come back showing the interface down, but a dhclient fires up and
configured em0. I assume this means devd is taking action somehow, and will
try to track this further. (IP/MAC obscured)

$ date
Wed Aug 25 18:06:44 EDT 2021
$ ps ax | grep dhclient
82286 11  S+   0:00.00 grep dhclient
$ ifconfig
em0: flags=8822<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=481249b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,LRO,WOL_MAGIC,VLAN_HWFILTER,NOMAP>
        ether 00:11:22:33:44:55
        media: Ethernet autoselect (1000baseT <full-duplex>)
        status: active
        nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2
        inet 127.0.0.1 netmask 0xff000000
        groups: lo
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
$ ps ax | grep dhclient
29602  -  SCs  0:00.00 dhclient: em0 (dhclient)
95364  -  Ss   0:00.00 dhclient: system.syslog (dhclient)
98418  -  Ss   0:00.00 dhclient: em0 [priv] (dhclient)
36147 11  S+   0:00.00 grep dhclient
$ ifconfig
em0: flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=481249b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,LRO,WOL_MAGIC,VLAN_HWFILTER,NOMAP>
        ether 00:11:22:33:44:55
        inet 192.168.0.5 netmask 0xffffff00 broadcast 192.168.0.255
        media: Ethernet autoselect (1000baseT <full-duplex>)
        status: active
        nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2
        inet 127.0.0.1 netmask 0xff000000
        groups: lo
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
Comment 7 Mason Loring Bliss freebsd_triage 2021-08-25 22:16:59 UTC 
This:

    nc -U /var/run/devd.pipe

shows nothing until I type 'ifconfig', at which I see:

    # nc -U /var/run/devd.pipe 
    !system=IFNET subsystem=em0 type=LINK_UP
    !system=IFNET subsystem=em0 type=LINK_DOWN
    !system=IFNET subsystem=em0 type=LINK_UP

...and this kicks off dhclient. Digging into the rules next to see why.
Comment 8 Mason Loring Bliss freebsd_triage 2021-08-25 22:20:20 UTC 
From /etc/devd.conf:

#
# Try to start dhclient on Ethernet-like interfaces when the link comes
# up.  Only devices that are configured to support DHCP will actually
# run it.  No link down rule exists because dhclient automatically exits
# when the link goes down.
#
notify 0 {
        match "system"          "IFNET";
        match "type"            "LINK_UP";
        media-type              "ethernet";
        action "service dhclient quietstart $subsystem";
};

#
# Like Ethernet devices, but separate because 802.11 require spawning
# wlan(4) interface.
#
attach 0 {
        device-name "$wifi-driver-regex";
        action "/etc/pccard_ether $device-name startchildren";
};
detach 0 {
        device-name "$wifi-driver-regex";
        action "/etc/pccard_ether $device-name stopchildren";
};
notify 0 {
        match "system"          "IFNET";
        match "type"            "LINK_UP";
        media-type              "802.11";
        action "service dhclient quietstart $subsystem";
};
Comment 9 Mason Loring Bliss freebsd_triage 2021-08-25 22:22:04 UTC 
Next: Need to figure out a clean way to honor NOAUTO.

There might be additional implications to Graham's variant where he sees
open networks connected.

Graham: Do you allow for open networks in your wpa_supplicant.conf?
Comment 10 Mason Loring Bliss freebsd_triage 2021-08-25 23:00:45 UTC 
Ugly and too many characters, but I'm thinking of something like:

        action "sysrc -e ifconfig_$subsystem | grep -qv NOAUTO && service dhclient quietstart $subsystem";
Comment 11 Graham Perrin freebsd_committer freebsd_triage 2021-08-26 01:20:22 UTC 
(In reply to Mason Loring Bliss from comment #9)

> Do you allow for open networks in your wpa_supplicant.conf?

No. 

Please see bug 256957
Comment 12 Mason Loring Bliss freebsd_triage 2021-08-26 02:03:02 UTC 
Created attachment 227436 [details]
This patch appears to preserve NOAUTO behaviour.

This patch appears to preserve NOAUTO behaviour. I want to verify that the 
code that parses devd.conf is happy with the line continuation, although we 
see that style earlier in the file.

In network.subr the check is as follows:

autoif()
{
        local _tmpargs _arg
        _tmpargs=`_ifconfig_getargs $1`

        for _arg in $_tmpargs; do
                case $_arg in
                [Nn][Oo][Aa][Uu][Tt][Oo])
                        return 1
                        ;;
                esac
        done

        return 0
}

As yet untested: What does sysrc do if an entry is simply missing?
Comment 13 Mason Loring Bliss freebsd_triage 2021-08-26 18:06:20 UTC 
I'm wondering if netif is depending on devd now, as if I specify "NOAUTO" I
can't start my NIC with 'service netif start em0' any more. I can say 
'dhclient em0' but netif just won't do it, and the only thing I've changed
is this devd.conf handling. I'm a little baffled.