On Wed, 2018-05-30 at 07:16 +0000, [email protected] wrote: > Hi, > > I'm configuring a network namespace during bootup to be connected to > the real world via a bridge. > > physical <-> bridge <-> veth_outside <-> veth_inside > > The bridge and the veth_inside are configured to retrieve IPv4 > configuration via DHCP. > The problem is, that the bridge gets it's MAC address either from > pyhsical or from veth_outside, except that, everthing is working > fine. > > My approach: > I create the veth peer via "ip link" then I add the physical and the > veth_outside to the bridge profile via > "nmcli con add type bridge-slave" ... > > Then I modify the bridge profile adding the cloned-mac-address, and > then I call "nmcli con up" on the bridge profile. > In my opinion, this is the order it should be, right? But the bridge > still uses either the mac address of the physical adapter or the one > of the veth_outside, > depening on the sort order.
Hi, It's not clear what you are doing. In general, you create one (or more) connection profiles with the settings you want. Profiles are persisted, so you usually create them only once, and from then on, you just activate/deactivate it. -- contrary to `ip link add`, which is lost after reboot. How did you create the profiles in detail? Is the right profile active? (nmcli device) Does the active profile have the right cloned-mac-address setting? (nmcli con show $NAME) If that looks alright, it would be good look at the logfile, with level=TRACE level enabled. See https://cgit.freedesktop.org/NetworkManager/NetworkManager/tree/contrib/fedora/rpm/NetworkManager.conf for hints. best, Thomas > I wanted to change the bridge profile on disk, to have it configured > before anything happens. > My hope was, that it just doesn't work because I'm to late with my > network namespace script. > > Cheers, > Thilo > > > > > > > It is set after systemd network-pre.target and > > > NetworkManager.service, but before network.target. > > > I add the slaves to the bridge-connection and then I modify the > > > connection to include the 802-3-ethernet.cloned-mac-address > > > property. > > > After that I bring the connection up. > > > > > > Is that the correct order / moment during boot-up? Or shouldn't > > > that > > > be a problem, anyway? > > > > I don't understand what you are doing. > > > > In NetworkManager, you commonly configure connection (profiles), > > and > > then activate them. > > > > You first set ethernet.cloned-mac-address in the profile, before > > activating it. The systemd target does not matter here. > > > > If you modify a profile that is already active, you need to re- > > activate > > it for the changes to take effect. This means, call `nmcli > > connection > > up "$PROFILE"` after modifying a profile. > > > > > > > Do you have other ideas what I can try? Can I set the cloned-mac- > > > address property permanent in a /etc/sysconfig/network- > > > script/ifcfg- > > > XXXX file? > > > > Sure, you can edit profiles on disk. Note that must be followed by > > `nmcli connection reload` for the changes to be picked up. And if > > the > > profile is currently active, you also will need to re-activate the > > profile too. > > > > However, there is little reason to ever edit files on disk. Just > > use > > > > nmcli connection modify "$PROFILE" ethernet.cloned-mac-address > > "$VALUE" > > > > > > > > best, > > Thomas > > > > > > > > > > Cheers, > > > Thilo > > > > > > > > > Am Mittwoch, den 23.05.2018, 15:23 +0200 schrieb Thomas Haller: > > > > On Wed, 2018-05-23 at 15:08 +0200, Thomas Haller wrote: > > > > > On Wed, 2018-05-23 at 07:16 +0000, [email protected] > > > > > .com > > > > > wrote: > > > > > > Hi! > > > > > > > > > > > > I want to connect a real ethernet adapter and a virtual > > > > > > ethernet > > > > > > adapter to a > > > > > > bridge. The bridge itself is configured to ask a dhcp for > > > > > > an ip > > > > > > address. > > > > > > > > > > > > The problem is, that I can't tell the bridge to always use > > > > > > the > > > > > > mac > > > > > > address of > > > > > > the real ethernet adapter. Rather than it is more or less > > > > > > luck > > > > > > which > > > > > > one's mac > > > > > > address the bridge uses. Mostly the address of the virtual > > > > > > adapter > > > > > > which is not > > > > > > hardcoded and will be generated at every boot (which is ok, > > > > > > I > > > > > > don't > > > > > > want to > > > > > > hardcode this). > > > > > > > > > > > > Is it possible to define which slave provides the mac addr > > > > > > for > > > > > > the > > > > > > bridge? > > > > > > The first slave which is enslaved? The last slave? > > > > > > Or can I set a property in the slaves or bridges settings? > > > > > > Do I need to retrieve the mac addr of the real adapter and > > > > > > assign > > > > > > it > > > > > > via a > > > > > > script to the bridge? > > > > > > > > > > > > > > > > Hi, > > > > > > > > > > > > > > > Which version of NetworkManager is this? > > > > > > > > > > I think if you configure connection.autoconnect-slaves=yes on > > > > > the > > > > > master, activating the master will re-activate the slaves in > > > > > a > > > > > defined > > > > > order. With this, the slaves probably should be all > > > > > connection.autoconnect=no. > > > > > > > > > > Then, you may also configure connection.autoconnect-priority > > > > > on > > > > > the > > > > > slaves, to ensure that the order is as you wish. > > > > > > > > > > That should work, but I don't think we test this > > > > > sufficiently. > > > > > Hope > > > > > it's not broken :) > > > > > > > > Hi, > > > > > > > > Beniamino just informed me, that this might not work. > > > > > > > > For bond and team devices, kernel chooses as MAC address the > > > > MAC > > > > address of the slave that connects first (unless explicitly > > > > configured). > > > > > > > > For bridge devices, apparently kernel chooses the MAC address > > > > of > > > > the > > > > slaves, by sorting the MAC addresses like numbers. This means, > > > > if > > > > you > > > > first activate a slave with numerically higher MAC address, > > > > then a > > > > second slave with a lower MAC address, the MAC address of the > > > > bridge > > > > master changes. The order in which slaves are enslaved does not > > > > matter. > > > > > > > > As workaround: > > > > > > > > - ensure that the slave's MAC addresses are in a way, that > > > > kernel > > > > will > > > > pic the right one. Possibly configuring ethernet.cloned-mac- > > > > adddress on > > > > the slaves. > > > > > > > > - just explicitly configure a MAC address on the bridge master, > > > > with > > > > ethernet.cloned-mac-address. > > > > > > > > > > > > best, > > > > Thomas
signature.asc
Description: This is a digitally signed message part
_______________________________________________ networkmanager-list mailing list [email protected] https://mail.gnome.org/mailman/listinfo/networkmanager-list
