Bug 484574

Summary:	sys-apps/systemd-206-r3 - cannot setup bridged interface
Product:	Gentoo Linux	Reporter:	Juergen Rose <rose>
Component:	[OLD] Core system	Assignee:	Gentoo systemd Team <systemd>
Status:	RESOLVED INVALID
Severity:	normal
Priority:	Normal
Version:	unspecified
Hardware:	All
OS:	Linux
Whiteboard:
Package list:		Runtime testing required:	---

Description Juergen Rose 2013-09-11 13:26:40 UTC

After booting with systemd networks with static ip does not work immediately. I found a template for a /etc/systemd/system/network.service with a simple eth0 interface in the web, which I could modify for my needs. I also found an example for a bridged interface at http://www.oops.co.at/en/publications/kvm-setting-up-network-bridging-with-systemd-on-gentoo or https://groups.google.com/forum/#!topic/linux.gentoo.user/FBTk08Qe4pk. But both examples are using /usr/bin/tunctl which is not available on my system. Searching in the web for "gentoo tunctl" points to http://gpo.zugaina.org/net-misc/tunctl/Bugs. But even adding the zugaina overlay does not help to install tunctl.

Before installing systemd I could configure bridged network interface without additional packages. Do I really need with systemd the tunctl package? And if yes, where can I find it?

It would be really nice, if there would be some example network.service scripts contained in the gentoo systemd package.

Comment 1 Juergen Rose 2013-09-11 13:47:09 UTC

OK, I found that a tunctl is contained in usermode-utilities-20070815-r3. Is this the right tunctl, I should use?

Comment 2 Mike Gilbert gentoo-dev

2013-09-11 14:27:11 UTC

systemd does not provide any built-in method for configuring networking. The idea is that a separate package should provide network setup.

Personally I use net-misc/netctl. Once installed, there is a simple example for bridging in /etc/netctl/examples/bridge.

Comment 3 Pacho Ramos gentoo-dev

2013-09-11 14:28:43 UTC

You have some alternatives listed in:
http://wiki.gentoo.org/wiki/Systemd#Native_services

Comment 4 Juergen Rose 2013-09-12 13:51:22 UTC

(In reply to Mike Gilbert from comment #2)
> systemd does not provide any built-in method for configuring networking. The
> idea is that a separate package should provide network setup.
> 
> Personally I use net-misc/netctl. Once installed, there is a simple example
> for bridging in /etc/netctl/examples/bridge.

I will give netctl a chance. But maybe there is also a solution for my current way. I use the following /etc/systemd/system/network.service:

root@lynx:/root(3)# cat /etc/systemd/system/network.service 
[Unit]
Description=network bridge for virtualbox
After=network.target

[Service]
Type=oneshot
RemainAfterExit=yes

EnvironmentFile=/etc/conf.d/network_systemd

ExecStart=/sbin/brctl addbr ${bridge_name}
ExecStart=/bin/echo "user=$user  tap_name=$tap_name"
ExecStart=/usr/bin/tunctl -b -u ${user} -t ${tap_name}
ExecStart=/bin/ifconfig ${bridge_name} ${address} netmask ${netmask} up
ExecStart=/bin/ifconfig ${interface} up
ExecStart=/bin/ifconfig ${tap_name} up 0.0.0.0 promisc
ExecStart=/sbin/brctl addif ${bridge_name} ${tap_name} ${interface}
ExecStart=/sbin/sysctl net.ipv4.conf.${bridge_name}.forwarding=1
ExecStart=/sbin/iptables -t nat -A POSTROUTING -o ${interface} -j MASQUERADE
ExecStart=/bin/ip route add default via ${gateway}

ExecStop=/bin/ip route del default via ${gateway}
ExecStop=/sbin/sysctl net.ipv4.conf.${bridge_name}.forwarding=0
ExecStop=/bin/ifconfig ${tap_name} down
ExecStop=/sbin/brctl delif ${bridge_name} ${tap_name}
ExecStop=/usr/bin/tunctl -d ${tap_name}
ExecStop=/bin/ifconfig ${bridge_name} down
ExecStop=/bin/ifconfig ${interface} down
ExecStop=/sbin/brctl delbr ${bridge_name}
ExecStop=/sbin/iptables -t nat -D POSTROUTING -o ${interface} -j MASQUERADE

[Install]
WantedBy=multi-user.target


"systemctl restart network" fails with:

root@lynx:/root(4)# systemctl restart network
Job for network.service failed. See 'systemctl status network.service' and 'journalctl -xn' for details.
root@lynx:/root(5)# systemctl status network
network.service - network bridge for virtualbox
   Loaded: loaded (/etc/systemd/system/network.service; enabled)
   Active: failed (Result: exit-code) since Thu 2013-09-12 15:49:12 CEST; 48s ago
  Process: 2174 ExecStart=/sbin/iptables -t nat -A POSTROUTING -o ${interface} -j MASQUERADE (code=exited, status=3)
  Process: 2172 ExecStart=/sbin/sysctl net.ipv4.conf.${bridge_name}.forwarding=1 (code=exited, status=0/SUCCESS)
  Process: 2170 ExecStart=/sbin/brctl addif ${bridge_name} ${tap_name} ${interface} (code=exited, status=0/SUCCESS)
  Process: 2168 ExecStart=/bin/ifconfig ${tap_name} up 0.0.0.0 promisc (code=exited, status=0/SUCCESS)
  Process: 2150 ExecStart=/bin/ifconfig ${interface} up (code=exited, status=0/SUCCESS)
  Process: 2140 ExecStart=/bin/ifconfig ${bridge_name} ${address} netmask ${netmask} up (code=exited, status=0/SUCCESS)
  Process: 2133 ExecStart=/usr/bin/tunctl -b -u ${user} -t ${tap_name} (code=exited, status=0/SUCCESS)
  Process: 2123 ExecStart=/bin/echo user=$user  tap_name=$tap_name (code=exited, status=0/SUCCESS)
  Process: 3799 ExecStart=/sbin/brctl addbr ${bridge_name} (code=exited, status=1/FAILURE)
 Main PID: 3799 (code=exited, status=1/FAILURE)

Sep 12 15:49:12 lynx systemd[1]: network.service: main process exited, code=exited, status=1/FAILURE
Sep 12 15:49:12 lynx systemd[1]: Failed to start network bridge for virtualbox.
Sep 12 15:49:12 lynx systemd[1]: Unit network.service entered failed state.

Comment 5 Mike Gilbert gentoo-dev

2013-09-12 17:21:39 UTC

Sorry, we're not going to use bugzilla as a support forum.

If you read the output, it looks like the iptables command is failing. I would start there.

Comment 6 Juergen Rose 2013-09-12 18:29:34 UTC

(In reply to Mike Gilbert from comment #5)
> Sorry, we're not going to use bugzilla as a support forum.
> 
> If you read the output, it looks like the iptables command is failing. I
> would start there.

Sorry for asking to much here. I want still only post the solution. After activating CONFIG_NF_NAT_IPV4=m and CONFIG_NF_NAT_IPV6=m bridged networking seems to work.