Debian User Forums

[fitscher]

Dear people,
i have a problem where i can't get any further (due to my limited Linux knowledge). After the upgrade (apt upgrade, apt full-upgrade) from stretch to buster the unbound server did not answer DNS requests anymore. And after some troubleshooting i realized a second ip address on eno2 (lan) adapter.

Code: Select all

$ dig dnswl.org @192.168.1.1

Error message:

Code: Select all

;; reply from unexpected source: 192.168.1.173#53, expected 192.168.1.1#53

I got the unbound server running again by adding "interface-automatic: yes" to the configuration file /etc/unbound/unbound.conf.

Here is some additional information:

1.# netstat -lpn | grep 173

Code: Select all

udp 0 0 192.168.1.173:123 0.0.0.0:* 1751/ntpd

2. # ip adr

Code: Select all

ip addr
  1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
  2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether b0:5a:da:87:b1:2c brd ff:ff:ff:ff:ff:ff
    inet 172.16.1.2/16 brd 172.16.255.255 scope global noprefixroute eno1
       valid_lft forever preferred_lft forever
    inet6 fd00::3dbb:3020:1bbe:e6a8/64 scope global dynamic mngtmpaddr noprefixroute
       valid_lft 6715sec preferred_lft 3115sec
    inet6 fe80::b25a:daff:fe87:b12c/64 scope link
       valid_lft forever preferred_lft forever
  3: eno2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether b0:5a:da:87:b1:2d brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.1/24 brd 192.168.1.255 scope global eno2
       valid_lft forever preferred_lft forever
   inet 192.168.1.173/24 brd 192.168.1.255 scope global secondary noprefixroute eno2
       valid_lft forever preferred_lft forever
    inet6 fe80::b25a:daff:fe87:b12d/64 scope link
       valid_lft forever preferred_lft forever
  4: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 100
    link/none
    inet 10.8.0.1/24 brd 10.8.0.255 scope global tun0
       valid_lft forever preferred_lft forever
    inet6 fe80::9bb:c208:421b:f191/64 scope link stable-privacy
       valid_lft forever preferred_lft forever

3. ip addr show eno2

Code: Select all

3: eno2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether b0:5a:da:87:b1:2d brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.1/24 brd 192.168.1.255 scope global eno2
       valid_lft forever preferred_lft forever
    inet 192.168.1.173/24 brd 192.168.1.255 scope global secondary noprefixroute eno2
       valid_lft forever preferred_lft forever
    inet6 fe80::b25a:daff:fe87:b12d/64 scope link
       valid_lft forever preferred_lft forever

4. cat /etc/network/interfaces

Code: Select all

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eno1
allow-hotplug eno1
iface eno1 inet static
address 172.16.1.2
netmask 255.255.0.0
network 172.16.0.0
broadcast 172.16.255.255
gateway 172.16.1.1

auto eno2
allow-hotplug eno2
iface eno2 inet static
address 192.168.1.1
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.1.255


Does anybody have a tip for me on how to find out where the additional address (192.168.1.173) is generated? With journalctl -b, dmesg or syslog i can see an entry that this address is retrieved via dhcp.

Sometimes the network connections (ssh) to the server are hanging for a couple seconds.

thank you
kind regards thomas

[fitscher]

i have now blocked the mac address b0:5a:da:87:b1:2d of eno2 interface in /etc/dhcp/dhcpd.conf. So a private dummy address was assigned. But I still do not know where this dhcp request comes from?

# ip addr show eno2

Code: Select all

3: eno2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether b0:5a:da:87:b1:2d brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.1/24 brd 192.168.1.255 scope global eno2
       valid_lft forever preferred_lft forever
    inet 169.254.140.73/16 brd 169.254.255.255 scope global noprefixroute eno2
       valid_lft forever preferred_lft forever
    inet6 fe80::daa1:7841:deb3:9b8/64 scope link
       valid_lft forever preferred_lft forever
    inet6 fe80::b25a:daff:fe87:b12d/64 scope link
       valid_lft forever preferred_lft forever


[sickpig]

Additional ip shouldn't matter, what matters is what are you using as your dns ip? What is in your /etc/reoslv.conf? Why do you think dhcp is involved? And lastly what is the status of NetworkManager.service?

[fitscher]

Additional ip shouldn't matter, what matters is what are you using as your dns ip? What is in your /etc/reoslv.conf? Why do you think dhcp is involved? And lastly what is the status of NetworkManager.service?

thank you for your answer.

Additional ip shouldn't matter,

unfortunately it matters, see my remark about unbound dns server, DNS queries didn't work anymore and also other processes/daemons (ntpd, syncthing..) will hook to this additional ip.

what matters is what are you using as your dns ip?

i am using the ip address 192.168.1.1 as DNS, which is distributed to the clients via dhcp. It is the address of the servers lan interface on which unbound is listening.

What is in your /etc/reoslv.conf?

for unbound it is set to "manual mode" and i configured in /etc/systemd/resolved.conf.

Code: Select all

[Resolve]
DNS=127.0.0.1
FallbackDNS=172.16.1.1
#Domains=
#LLMNR=yes
MulticastDNS=no
#DNSSEC=allow-downgrade
#DNSOverTLS=no
#Cache=yes
DNSStubListener=no
#ReadEtcHosts=yes
 

Why do you think dhcp is involved?

because it is in the logfile (syslog)

And lastly what is the status of NetworkManager.service?

Networkmanager is not running, it is a headless server

I wanted to notice again, that everything worked before the update. Actually i am just looking for a way to find out which process is starting this dhcp client again and again?
kind regards
Thomas

[reinob]

Does anybody have a tip for me on how to find out where the additional address (192.168.1.173) is generated? With journalctl -b, dmesg or syslog i can see an entry that this address is retrieved via dhcp.

Could you post the relevant log entries?

This would help in identifying which dhcp client (there are many possibilities) is doing that, so that you can disable/configure dhcp accordingly.

[fitscher]

Does anybody have a tip for me on how to find out where the additional address (192.168.1.173) is generated? With journalctl -b, dmesg or syslog i can see an entry that this address is retrieved via dhcp.

Could you post the relevant log entries?

This would help in identifying which dhcp client (there are many possibilities) is doing that, so that you can disable/configure dhcp accordingly.

thx

log entry:
Logs Entry at 2020-11-10 20:54:27
dhcpd
DHCPDISCOVER from b0:5a:da:87:b1:2d via eno2: network 192.168.1.0/24: no free leases

PRIORITY 3
SYSLOG_FACILITY 23
SYSLOG_IDENTIFIER dhcpd
SYSLOG_PID 929
SYSLOG_TIMESTAMP Nov 10 20:54:27
_BOOT_ID 8122d754ab1a4d99bca7781ae178a963
_CAP_EFFECTIVE 3fffffffff
_CMDLINE /usr/sbin/dhcpd -4 -q -cf /etc/dhcp/dhcpd.conf eno2
_COMM dhcpd
_EXE /usr/sbin/dhcpd
_GID 0
_HOSTNAME proliant
_MACHINE_IDe65a487a293f4dc5ac7ac7fac7ef12c5
_PID 929
_SOURCE_REALTIME_TIMESTAMP 1605038067675377
_SYSTEMD_CGROUP /system.slice/isc-dhcp-server.service
_SYSTEMD_INVOCATION_ID 85c3276f88d14c01b1caeedd857325ff
_SYSTEMD_SLICE system.slice
_SYSTEMD_UNIT isc-dhcp-server.service
_TRANSPORTsyslog
_UID 0
__CURSOR s=e4b6cfea91dc4a7bab8195c856abe6d4;i=b47;b=8122d754ab1a4d99bca7781ae178a963;m=2d9ef05bc;t=5b3c60bdff117;x=dbeb8f1c00735eb9
__MONOTONIC_TIMESTAMP 12246255036
__REALTIME_TIMESTAMP 1605038067675415

this log entry comes every minute

[fitscher]

thank you @reinob und sickpig for your help.

there was a dhcpcd.service enabled with systemd which was not enabled before the update???

# systemctl status dhcpcd.service

Code: Select all

● dhcpcd.service - DHCP Client Daemon
   Loaded: loaded (/lib/systemd/system/dhcpcd.service; enabled; vendor preset: enabled)
   Active: active (running) since Tue 2020-11-10 17:30:42 CET; 4h 8min ago
     Docs: man:dhcpcd(8)
  Process: 605 ExecStart=/usr/sbin/dhcpcd (code=exited, status=0/SUCCESS)
 Main PID: 686 (dhcpcd)
    Tasks: 1 (limit: 9830)
   Memory: 4.1M
   CGroup: /system.slice/dhcpcd.service
           └─686 /usr/sbin/dhcpcd

Nov 10 17:30:43 proliant dhcpcd[686]: eno1: Router Advertisement from fe80::5e49:79ff:fedd:a4c9
Nov 10 17:30:43 proliant dhcpcd[686]: eno1: adding address fd00::3dbb:3020:1bbe:e6a8/64
Nov 10 17:30:43 proliant dhcpcd[686]: eno1: adding route to fd00::/64
Nov 10 17:30:43 proliant dhcpcd[686]: eno1: soliciting a DHCPv6 lease
Nov 10 17:30:47 proliant dhcpcd[686]: eno2: probing for an IPv4LL address
Nov 10 17:30:47 proliant dhcpcd[686]: eno2: DHCP lease expired
Nov 10 17:30:47 proliant dhcpcd[686]: eno2: soliciting a DHCP lease
Nov 10 17:30:52 proliant dhcpcd[686]: eno2: using IPv4LL address 169.254.140.73
Nov 10 17:30:52 proliant dhcpcd[686]: eno2: adding route to 169.254.0.0/16
Nov 10 17:30:54 proliant dhcpcd[686]: eno2: no IPv6 Routers available


i disabled it and now it is ok again:

# ip addr show eno2

Code: Select all

3: eno2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether b0:5a:da:87:b1:2d brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.1/24 brd 192.168.1.255 scope global eno2
       valid_lft forever preferred_lft forever
    inet6 fe80::b25a:daff:fe87:b12d/64 scope link
       valid_lft forever preferred_lft forever

thank you again and have a nice day

regards thomas