Page MenuHomeVyOS Platform

Creating sit tunnel fails with “Can not set “local” for tunnel sit tun1 at tunnel creation”
Confirmed, Requires assessmentPublicBUG

Description

The following config is what I used on my router to trigger this bug:

tunnel tun1 {
     6rd-prefix 2607:FA48:6ED8::/45
     6rd-relay-prefix 24.225.128.0/17
     address 2607:FA48:6ED8:8A50::1/60
     description "Videotron 6rd Tunnel"
     encapsulation sit
     firewall {
         in {
             ipv6-name WAN6_IN6
         }
         local {
             ipv6-name WAN6_LOCAL6
         }
     }
     local-ip 24.225.136.165
     mtu 1480
     multicast disable
     parameters {
         ip {
             ttl 255
         }
     }
     remote-ip 24.225.128.1
 }

Additionally, if I remove the local ip and commit, I will get a python stacktrace and a borked tunnel interface. If I commit again without changing anything, the tunnel is finally created but it still lacks a local ip.

Details

Difficulty level
Unknown (require assessment)
Version
1.3-rolling-202005051136
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)

Event Timeline

zsdc assigned this task to SrividyaA.Tue, Jul 14, 6:21 PM

The issue did not reproduce in the VyOS 1.3-rolling-202007140117 version. Also commit fails if the local-ip is missing

vyos@vyos# delete interfaces tunnel tun1 local-ip 'x.x.x.x'
[edit]
vyos@vyos# commit
[ interfaces tunnel tun1 ]
Can not remove "local", it is an mandatory option for tunnel sit tun1

interfaces tunnel tun1 failed
Commit failed
[edit]

Please share the python stack trace received as mentioned above and also the steps followed to recreate the problem.

starcraft66 added a comment.EditedMon, Jul 20, 12:55 AM

This happens when the system starts up:

Jul 19 20:41:55 235-gw Traceback (most recent call last):
Jul 19 20:41:55 235-gw   File "/usr/libexec/vyos/conf_mode/interfaces-tunnel.py", line 665, in <module>
Jul 19 20:41:55 235-gw     apply(c)
Jul 19 20:41:55 235-gw   File "/usr/libexec/vyos/conf_mode/interfaces-tunnel.py", line 616, in apply
Jul 19 20:41:55 235-gw     tunnel = kls(ifname, **config)
Jul 19 20:41:55 235-gw   File "/usr/lib/python3/dist-packages/vyos/ifconfig/tunnel.py", line 94, in __init__
Jul 19 20:41:55 235-gw     super().__init__(ifname, **config)
Jul 19 20:41:55 235-gw   File "/usr/lib/python3/dist-packages/vyos/ifconfig/interface.py", line 217, in __init__
Jul 19 20:41:55 235-gw     self._create()
Jul 19 20:41:55 235-gw   File "/usr/lib/python3/dist-packages/vyos/ifconfig/tunnel.py", line 333, in _create
Jul 19 20:41:55 235-gw     self.set_interface('state','down')
Jul 19 20:41:55 235-gw   File "/usr/lib/python3/dist-packages/vyos/ifconfig/tunnel.py", line 120, in set_interface
Jul 19 20:41:55 235-gw     self.change.format(**self.config), option, value))
Jul 19 20:41:55 235-gw   File "/usr/lib/python3/dist-packages/vyos/ifconfig/control.py", line 48, in _cmd
Jul 19 20:41:55 235-gw     return cmd(command, self.debug)
Jul 19 20:41:55 235-gw   File "/usr/lib/python3/dist-packages/vyos/util.py", line 155, in cmd
Jul 19 20:41:55 235-gw     raise OSError(code, feedback)
Jul 19 20:41:55 235-gw OSError: [Errno 255] failed to run command: ip tunnel cha tun1 state down
Jul 19 20:41:55 235-gw returned:
Jul 19 20:41:55 235-gw exit code: 255
Jul 19 20:41:55 235-gw noteworthy:
Jul 19 20:41:55 235-gw cmd 'ip tunnel cha tun1 state down'
Jul 19 20:41:55 235-gw returned (out):
Jul 19 20:41:55 235-gw returned (err):
Jul 19 20:41:55 235-gw Error: either "name" is duplicate, or "state" is a garbage.

To get things running, I need to ssh in over ipv4 and run

configure
load
commit

I then end up with a broken tunnel:

tun1@NONE: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1480 qdisc noqueue state UNKNOWN group default qlen 1000
link/sit 0.0.0.0 peer 24.225.128.1

I must then manually fix the tunnel with

sudo ip tunnel change tun1 local 24.225.136.165

Even after restart of the server, the local ip does reflect in the in the interface tunnel status.
I could see that your OS version is 1.3-rolling-202005051136, could you please check in the latest version.

7: tun0@NONE: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1472 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000

**link/sit 192.168.255.100 peer 216.66.84.46**
alias HE.NET IPv6 Tunnel

vyos@vyos:~$ show version

Version: VyOS 1.3-rolling-202007200117
Release Train: equuleus

vyos@vyos:~$ show system uptime
20:31:48 up 38 min, 1 user, load average: 0.00, 0.00, 0.00

pasik added a subscriber: pasik.Tue, Jul 21, 1:13 PM

@SrividyaA I just upgraded to the latest rolling image (1.3-rolling-202007311330) and I can still reproduce the exact same issue with the config above. Here's output from show log.

Jul 31 14:06:59 235-gw netplugd[999]: sit0: ignoring event
Jul 31 14:06:59 235-gw systemd-udevd[4512]: link_config: autonegotiation is unset or enabled, the speed and duplex are not writable.
Jul 31 14:06:59 235-gw kernel: sit: IPv6, IPv4 and MPLS over IPv4 tunneling driver
Jul 31 14:06:59 235-gw netplugd[999]: tun1: ignoring event
Jul 31 14:06:59 235-gw systemd-udevd[4511]: link_config: autonegotiation is unset or enabled, the speed and duplex are not writable.
Jul 31 14:07:00 235-gw dhclient-script-vyos[4865]: Deleting nameservers with tag "dhcp-eth2" via vyos-hostsd-client
Jul 31 14:07:00 235-gw python3[4858]: Report Time:      2020-07-31 14:07:00
Jul 31 14:07:00 235-gw python3[4858]: Image Version:    VyOS 1.3-rolling-202007311330
Jul 31 14:07:00 235-gw python3[4858]: Release Train:    equuleus
Jul 31 14:07:00 235-gw python3[4858]: Built by:         autobuild@vyos.net
Jul 31 14:07:00 235-gw python3[4858]: Built on:         Fri 31 Jul 2020 13:30 UTC
Jul 31 14:07:00 235-gw python3[4858]: Build UUID:       c5dcd109-bd2d-44fa-8d69-f82d03d0ee53
Jul 31 14:07:00 235-gw python3[4858]: Build Commit ID:  09eedb0dccf687
Jul 31 14:07:00 235-gw Architecture[4858]:     x86_64
Jul 31 14:07:00 235-gw python3[4858]: Boot via:         installed image
Jul 31 14:07:00 235-gw python3[4858]: System type:      bare metal
Jul 31 14:07:00 235-gw python3[4858]: Hardware vendor:  HP
Jul 31 14:07:00 235-gw python3[4858]: Hardware model:   HP t730 Thin Client
Jul 31 14:07:00 235-gw python3[4858]: Hardware S/N:     MXL7012LCP
Jul 31 14:07:00 235-gw python3[4858]: Hardware UUID:    cc998d0e-4016-23fe-22b1-38596af292cf
Jul 31 14:07:00 235-gw python3[4858]: Traceback (most recent call last):
Jul 31 14:07:00 235-gw python3[4858]:   File "/usr/libexec/vyos/conf_mode/interfaces-tunnel.py", line 715, in <module>
Jul 31 14:07:00 235-gw python3[4858]:     apply(c)
Jul 31 14:07:00 235-gw python3[4858]:   File "/usr/libexec/vyos/conf_mode/interfaces-tunnel.py", line 665, in apply
Jul 31 14:07:00 235-gw python3[4858]:     tunnel = kls(ifname, **config)
Jul 31 14:07:00 235-gw python3[4858]:   File "/usr/lib/python3/dist-packages/vyos/ifconfig/tunnel.py", line 94, in __init__
Jul 31 14:07:00 235-gw python3[4858]:     super().__init__(ifname, **config)
Jul 31 14:07:00 235-gw python3[4858]:   File "/usr/lib/python3/dist-packages/vyos/ifconfig/interface.py", line 237, in __init__
Jul 31 14:07:00 235-gw python3[4858]:     self._create()
Jul 31 14:07:00 235-gw python3[4858]:   File "/usr/lib/python3/dist-packages/vyos/ifconfig/tunnel.py", line 333, in _create
Jul 31 14:07:00 235-gw python3[4858]:     self.set_interface('state','down')
Jul 31 14:07:00 235-gw python3[4858]:   File "/usr/lib/python3/dist-packages/vyos/ifconfig/tunnel.py", line 120, in set_interface
Jul 31 14:07:00 235-gw python3[4858]:     self.change.format(**self.config), option, value))
Jul 31 14:07:00 235-gw python3[4858]:   File "/usr/lib/python3/dist-packages/vyos/ifconfig/control.py", line 51, in _cmd
Jul 31 14:07:00 235-gw python3[4858]:     return cmd(command, self.debug)
Jul 31 14:07:00 235-gw python3[4858]:   File "/usr/lib/python3/dist-packages/vyos/util.py", line 179, in cmd
Jul 31 14:07:00 235-gw python3[4858]:     raise OSError(code, feedback)
Jul 31 14:07:00 235-gw OSError[4858]: [Errno 255] failed to run command: ip tunnel cha tun1 state down
Jul 31 14:07:00 235-gw returned[4858]:
Jul 31 14:07:00 235-gw python3[4858]: exit code: 255
Jul 31 14:07:00 235-gw noteworthy[4858]:
Jul 31 14:07:00 235-gw python3[4858]: cmd 'ip tunnel cha tun1 state down'
Jul 31 14:07:00 235-gw python3[4858]: returned (out):
Jul 31 14:07:00 235-gw python3[4858]: returned (err):
Jul 31 14:07:00 235-gw Error[4858]: either "name" is duplicate, or "state" is a garbage.
zsdc changed the task status from Open to Confirmed.Mon, Aug 3, 7:12 PM
zsdc added a subscriber: zsdc.

Just to make this a bit clearer. A short how-to to reproduce the bug in 1.3-rolling-202008031114 with empty config:

set firewall ipv6-name WAN6_IN6
set firewall ipv6-name WAN6_LOCAL6
set interfaces tunnel tun1 6rd-prefix '2607:FA48:6ED8::/45'
set interfaces tunnel tun1 6rd-relay-prefix '24.225.128.0/17'
set interfaces tunnel tun1 address '2607:FA48:6ED8:8A50::1/60'
set interfaces tunnel tun1 description 'Videotron 6rd Tunnel'
set interfaces tunnel tun1 encapsulation 'sit'
set interfaces tunnel tun1 firewall in ipv6-name 'WAN6_IN6'
set interfaces tunnel tun1 firewall local ipv6-name 'WAN6_LOCAL6'
set interfaces tunnel tun1 mtu '1480'
set interfaces tunnel tun1 multicast 'disable'
set interfaces tunnel tun1 parameters ip ttl '255'
set interfaces tunnel tun1 remote-ip '24.225.128.1'
set interfaces tunnel tun1 local-ip '24.225.136.165'
commit

leads to the error:

Can not set "local" for tunnel sit tun1 at tunnel creation

and the same but without the local-ip option leads to the Python traceback.

So, it is necessary to:

  1. check if a local-ip option really cannot be used in this case and an error message is used in an appropriate place.
  2. check if this type of configuration can be used without a local-ip, and fix tunnel creating if this is true.