Home / server / Questions / 1083315
In Process
gcb
Asked: 2021-11-12 16:49:00 +0800 CST

lost network interface to systemd-networkd. What is going on?

  • 772

I have a systemd host with 4 ethernet ports.

one port is reserved for isolated containers. It is set as:

# /etc/systemd/network/20-eth3-reserved.network
[Match]
Name=eth3
[Link]
Unmanaged=yes

I also set aliases for the ports, each on its link file, e.g.

# /etc/systemd/network/12-alias-eth3.link
[Match]
MACAddress=42:42:42:42:42:03
[Link]
Name=eth3

I would later use the unmanaged interface in a systemd-nspawn container with

# /etc/systemd/nspawn/container1.nspawn
...
[Network]
Private=yes
VirtualEthernet=no
Interface=eth3

At some point (Sept) it was working fine. But a few months ago, the interface with unmanaged setting just vanishes from the system.

nspawn fails to bring up the container saying the interface was not found.

ip link shows no eth3, nor the mac address.

lshw weirdly shows all managed ports, but DO NOT list the macaddress (serial field) for the disabled one.

dmesg shows all ports just fine, and list the correct mac address of them all, including disabled one. Later on, it also show the alias being applied!

[Wed Nov 10 11:44:31 2021] igb 0000:03:00.3 eth3: renamed from enps0f4

So systemd does see the device just fine even after the problem started.

networkclt shows all managed ports plus lo as unmanaged. But no sign of eth3.

I don't mind finding the solution to this if there's a better way to 'reserve' a physical interface to be used with nspawn instead of Unmanaged=yes

linux-networking systemd-networkd

1 Answers

  1. this would all be too funny if it wasn't a sad highlight of the state systemd still is.

    The VM wasn't up, or it was and i was trying to start it up again?, regardless of the case machinectl list showed no container up.

    The only reason I could find for the interface, which was seen by the kernel, to disappear, was that it was moved to another namespace and that only should happen when nspawn assign the interface to a running container.

    But there was no container up, and no way to debug/investigate what happened to it, or to force releases.

    And sadly networkctl has even less knowledge of namespaces and cgroups than legacy ps do. If the interface is attached somewhere, it is as good as gone.

    In the end I could not figure out what was happening, but a system update and reboot resolved the issue for now.

    • 0