Ubuntu
netplan.io package

[SRU] NetworkManager parser: ip-tunnel connections fail

Bug #1962297 reported by Lukas Märdian
16
This bug affects 2 people
Affects Status Importance Assigned to Milestone
netplan.io (Ubuntu)
Fix Released
Undecided
Unassigned
Focal
Fix Released
Undecided
Unassigned
Impish
Won't Fix
Undecided
Unassigned
Jammy
Fix Released
Undecided
Unassigned

Bug Description

[Impact]

 * NetworkManager snap (using the netplan backend) fails to add "ip-tunnel" connections.

 * ip-tunnel connections are needed in UC20 via the NetworkManager netplan integration

 * This upload includes an upload commit that uses netplan's "passthrough" mode to handle ip-tunnel connections, so all settings can be stored correctly.

[Test Plan]

Using NetworkManager with the netplan backend integration (e.g. network-manager snap from the 20/stable channel) one can launch "nmtui" and then:
- Proceed to edit -> add new connection
- Select "IP tunnel"
- enter a profile name e.g. "IP tunnel connection 1"
- enter a device e.g. "gre10"
- select mode "GRE"
- enter local IP e.g. "10.20.20.1"
- enter remote IP e.g. "10.20.20.2"
- Press "OK" to save the connection

This should NOT yield the following error message, but return successfully:

"Unable to add new connection: failure adding connection: keyfile writer produces an invalid connection: cannot access file: No such file or directory"

- run "netplan get nm-devices" to confirm the connection was created successfully, using passthrough configuration
- run "nmcli c show" to confirm the new connection has been picked up by NM, too

[Where problems could occur]

 * This upload touches netplan's NetworkManager keyfile parser code. So if something is broken this could impact the NetworkManager netplan backend integration.

[Other Info]

 * Additionally we will run and verify the usual autopkgtests once the package got accepted into -proposed

Revision history for this message
Lukas Märdian (slyon) wrote :

This fix is included in upstream netplan 0.104, so Fix released in Jammy already.

Changed in netplan.io (Ubuntu Jammy):
status: New → Fix Released
Revision history for this message
Lukas Märdian (slyon) wrote (last edit ):

This fix is only relevant on core20/core22 (i.e. Focal/Jammy), as this is the only place where the NetworkManager (snap) is enabled to use the netplan backend. Therefore I'm marking it WONTFIX on Impish.

Changed in netplan.io (Ubuntu Impish):
status: New → Won't Fix
Revision history for this message
Łukasz Zemczak (sil2100) wrote : Please test proposed package

Hello Lukas, or anyone else affected,

Accepted netplan.io into focal-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/netplan.io/0.103-0ubuntu5~20.04.6 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-focal to verification-done-focal. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-focal. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in netplan.io (Ubuntu Focal):
status: New → Fix Committed
tags: added: verification-needed verification-needed-focal
Revision history for this message
Lukas Märdian (slyon) wrote :

Hi Łukasz, thank you for accepting this upload into focal-proposed!

I've tested netplan 0.103-0ubuntu5~20.04.6 and can confirm it fixes the bug described above. autopkgtest ran successful on all arches and I've executed the manual testing as described above.

# apt list *netplan*
Listing... Done
libnetplan-dev/focal-proposed,now 0.103-0ubuntu5~20.04.6 amd64 [installed]
libnetplan0/focal-proposed,now 0.103-0ubuntu5~20.04.6 amd64 [installed,automatic]
netplan.io/focal-proposed,now 0.103-0ubuntu5~20.04.6 amd64 [installed]

Autopkgtests:
https://git.launchpad.net/~slyon/+git/files/plain/LP1962297/focal-amd64.log
https://git.launchpad.net/~slyon/+git/files/plain/LP1962297/focal-arm64.log
https://git.launchpad.net/~slyon/+git/files/plain/LP1962297/focal-armhf.log
https://git.launchpad.net/~slyon/+git/files/plain/LP1962297/focal-ppc64el.log
https://git.launchpad.net/~slyon/+git/files/plain/LP1962297/focal-s390x.log

# nmtui ...

# netplan get nm-devices
NM-eeac5950-49dc-4da5-aa96-9ec769ecf366:
  networkmanager:
    name: IP tunnel connection 1
    passthrough:
      connection.interface-name: gre20
      connection.type: ip-tunnel
      ip-tunnel.local: 10.20.20.1
      ip-tunnel.mode: '2'
      ip-tunnel.remote: 10.20.20.2
      ipv4.method: auto
      ipv6.addr-gen-mode: stable-privacy
      ipv6.method: auto
    uuid: eeac5950-49dc-4da5-aa96-9ec769ecf366
  renderer: NetworkManager

# nmcli c show
NAME UUID TYPE DEVICE
mybr1 aebc6947-d6ad-4074-8946-105c50998a73 bridge nm-bridge
IP tunnel connection 1 eeac5950-49dc-4da5-aa96-9ec769ecf366 ip-tunnel --
netplan-eth1 8bf25856-ca0b-388e-823c-b898666ab9d2 ethernet --

# nmcli c show eeac5950-49dc-4da5-aa96-9ec769ecf366 | grep ip-tunnel
connection.type: ip-tunnel
ip-tunnel.mode: gre
ip-tunnel.parent: --
ip-tunnel.local: 10.20.20.1
ip-tunnel.remote: 10.20.20.2
ip-tunnel.ttl: 0
ip-tunnel.tos: 0
ip-tunnel.path-mtu-discovery: yes
ip-tunnel.input-key: --
ip-tunnel.output-key: --
ip-tunnel.encapsulation-limit: 0
ip-tunnel.flow-label: 0
ip-tunnel.mtu: 0
ip-tunnel.flags: 0x0 (none)

tags: added: verification-done-focal
removed: verification-needed-focal
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package netplan.io - 0.103-0ubuntu5~20.04.6

---------------
netplan.io (0.103-0ubuntu5~20.04.6) focal; urgency=medium

  * Do not write unvalidated YAML, fixing NM ip-tunnel handling (LP: #1962297)
    d/p/0018-keyfile-do-not-try-to-write-out-unvalidated-YAML-LP-.patch

 -- Lukas Märdian <email address hidden> Fri, 25 Feb 2022 10:03:12 +0100

Changed in netplan.io (Ubuntu Focal):
status: Fix Committed → Fix Released
Revision history for this message
Łukasz Zemczak (sil2100) wrote : Update Released

The verification of the Stable Release Update for netplan.io has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.