Bug #17187

IPv6 address cannot be blank for CR providing IPv4 plus domain with forward DNS

Added by Dis McCarthy 4 months ago. Updated 4 months ago.

Status:Closed
Priority:High
Assigned To:Timo Goebel
Category:Host creation
Target version:-
Difficulty: Bugzilla link:
Found in release:1.13.1 Pull request:https://github.com/theforeman/foreman/pull/3988
Story points-
Velocity based estimate-
Release1.13.2Release relationshipAuto

Description

When creating a host (using EC2) it insists that the ipv6 address must be filled in.

This is preventing us from building new hosts, as we have no ipv6 support. (Even if ::1 is used, it fails when trying to add the DNS records.)

There are no ipv6 subnets configured and retrying with the blank address results in the same error.

foreman-ipv6-2.png (13.6 KB) Preview Dis McCarthy, 11/02/2016 10:49 AM

foreman-ipv6-1.png (43.9 KB) Preview Dis McCarthy, 11/02/2016 10:49 AM

foreman-ipv6.png (32.9 KB) Preview Dis McCarthy, 11/02/2016 01:07 PM

Foreman-ipv6-2 Foreman-ipv6-1 Foreman-ipv6

Related issues

Related to Foreman - Feature #14664: Add IPv6 Subnet to Host, Hostgroup and Nic Models Closed 04/15/2016
Related to Foreman - Bug #17071: IPv6 address incorrectly required with EUI-64 when mac is... Closed 10/24/2016
Duplicated by Foreman - Bug #17276: Creating new host to be deployed on EC2 fails no lack of ... Duplicate 11/08/2016

Associated revisions

Revision f77f6b91
Added by Timo Goebel 4 months ago

fixes #17187 - v6 ip not required when cr provides v4

History

#1 Updated by Dominic Cleal 4 months ago

  • Release set to 1.13.2

What is the value of token_duration in Settings? If zero, try specifying a non-zero value (the default).

Edit: actually, that may not be the issue - if a domain with forward DNS is configured, it would probably trigger the same condition, requiring an IPv6 address.

I think #17071 may contain a fix for this, it improves how IP address validations are skipped when a compute resource provides one of the IPs (e.g. it'd properly skip IPv6 address validation when EC2 provides an IPv4 address).

#2 Updated by Dominic Cleal 4 months ago

  • Related to Feature #14664: Add IPv6 Subnet to Host, Hostgroup and Nic Models added

#3 Updated by Dominic Cleal 4 months ago

  • Related to Bug #17071: IPv6 address incorrectly required with EUI-64 when mac is provided by compute resource added

#4 Updated by Dis McCarthy 4 months ago

Token duration is set to 360.

#5 Updated by Dominic Cleal 4 months ago

Is a domain set on the interface with a forward DNS proxy set? (I assume so, since you mention DNS in passing.)

#6 Updated by Dis McCarthy 4 months ago

Dominic Cleal wrote:

Is a domain set on the interface with a forward DNS proxy set? (I assume so, since you mention DNS in passing.)

Yes. We're doing forward/reverse management in ipv4 (with freeipa, which for this purpose can be treated as bind9 with a bunch of wrappers)

#7 Updated by Dominic Cleal 4 months ago

  • Subject changed from IPV6 address cannot be blank to IPv6 address cannot be blank for CR providing IPv4 plus domain with forward DNS
  • Category changed from Unattended installations to Host creation

#8 Updated by Dis McCarthy 4 months ago

Just as an additional datapoint, attached is the error when using ::1 for ipv6

Proxy logs (1.11.4-1) show:

E, [2016-11-02T16:55:33.236719 #5470] ERROR -- : unrecognized 'type' parameter: AAAA

#9 Updated by Timo Goebel 4 months ago

  • Assigned To set to Timo Goebel

Dis McCarthy wrote:

Proxy logs (1.11.4-1) show:

You should definitely update your smart proxy to 1.13. Smart Proxy 1.11 is not fully compatible with Foreman 1.13.

As a temporary workaround, you can replace this (in /usr/share/foreman/app/models/nic/base.rb) with "return false"
https://github.com/theforeman/foreman/blob/1.13-stable/app/models/nic/base.rb#L166

Dominic, I'll send a pr with a patch so that we can include a fix in 1.13.2 . #17071 seems a little to big to backport.

#10 Updated by The Foreman Bot 4 months ago

  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/foreman/pull/3988 added

#11 Updated by Dis McCarthy 4 months ago

That replacement worked.

Thanks!

#12 Updated by Timo Goebel 4 months ago

Dis McCarthy wrote:

That replacement worked.

Thanks!

Great, would you mind testing the actual patch for this?

wget -O /tmp/17187.patch https://github.com/theforeman/foreman/pull/3988.patch
cd /usr/share/foreman
patch -p1 < /tmp/17187.patch
systemctl restart httpd.service

patch will be unable to find the unit test file, you can safely skip this patch.
Of course, you'll need to revert the hotfix first.

#13 Updated by Timo Goebel 4 months ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100

#14 Updated by Dominic Cleal 3 months ago

  • Duplicated by Bug #17276: Creating new host to be deployed on EC2 fails no lack of IPv6 Interface added

Also available in: Atom PDF