On 06/26/2016 06:44 PM, Ed Greshko wrote:
>
>
> On 06/27/16 08:51, Sam Varshavchik wrote:
>> Not sure if this is known changed behavior in F24, but:
>>
>> For the longest time I had /etc/sysconfig/network-scripts/eno2 specify:
>>
>> TYPE=Ethernet
>> BOOTPROTO=none
>> DEFROUTE=yes
>> IPV4_FAILURE_FATAL=no
>> IPV6INIT=yes
>> IPV6_AUTOCONF=yes
>> IPV6_DEFROUTE=yes
>> IPV6_FAILURE_FATAL=no
>> NAME=wan0
>> UUID=71e6ac4b-c693-4c20-aa0d-e1a63b7373fe
>> ONBOOT=yes
>> IPADDR1=216.254.115.102
>> PREFIX1=24
>> IPADDR2=216.27.136.223
>> PREFIX2=24
>> HWADDR=0C:C4:7A:32:C1:83
>> IPADDR=216.254.115.190
>> GATEWAY=216.254.115.1
>> PREFIX=24
>> IPV6_PEERDNS=yes
>> IPV6_PEERROUTES=yes
>>
>> This host has three IP addresses, and up until now the default IP address for outgoing
>> IP traffic was always 216.254.115.190, specified by IPADDR.
>>
>> It appears that, right now, all of my outbound traffic now appears to come from one of
>> the other IP addresses, 216.254.115.102.
>
> Maybe try reordering what is in your /etc/sysconfig/network-scripts/eno2 file?
>
> Currently IPADDR=216.254.115.190 is last. Maybe move it, and associated parameters, above
> IPADDR1?
>
> Just a shot in the dark....
I tend to agree. If you look at the output of the "ip addr" output,
you'll notice that the .190 address is listed as "global secondary", so
it is now the secondary IP address for the NIC in that subnet, and
that's probably because it came after the .102 specification. I believe
the script just looks for "IPADDR.+" in the config file. It doesn't
reorder things based on the ordinal (or lack thereof), it just uses them
as they're seen.
>> This is true even if the outgoing socket explicitly binds to 216.254.115.190:
>>
>> Sending mail to gmail, with an explicit bind(), strace shows:
>>
>> 13232 bind(5, {sa_family=AF_INET6, sin6_port=htons(0), inet_pton(AF_INET6,
>> "::ffff:216.254.115.190", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, 28) = 0
>> 13232 fcntl(5, F_SETFL, O_RDONLY|O_NONBLOCK) = 0
>> 13232 getsockopt(5, SOL_SOCKET, SO_TYPE, [1], [4]) = 0
>> 13232 connect(5, {sa_family=AF_INET6, sin6_port=htons(25), inet_pton(AF_INET6,
>> "::ffff:173.194.206.26", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, 28) = -1
>> EINPROGRESS (Operation now in progress)
>> 13232 select(6, NULL, [5], NULL, {60, 0}) = 1 (out [5], left {59, 975901})
>> 13232 getsockopt(5, SOL_SOCKET, SO_ERROR, [0], [4]) = 0
>> 13232 getsockname(5, {sa_family=AF_INET6, sin6_port=htons(41394), inet_pton(AF_INET6,
>> "::ffff:216.254.115.190", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, [28]) = 0
>> 13232 select(6, [5], [], NULL, {300, 0}) = 1 (in [5], left {299, 975360})
>> 13232 read(5, "220 mx.google.com ESMTP 92si8123707qkx.29 - gsmtp\r\n", 512) = 51
>>
>> Gmail still shows 216.254.115.102 as the received-from IP address. I note that
>> getsockname() insists that the socket is 216.254.115.190
>>
>> This host is using masquerading, with firewalld. I suspect that this is firewalld's doing.
>>
>> ip addr's output:
>>
>> 2: eno2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen
>> 1000
>> link/ether 0c:c4:7a:32:c1:83 brd ff:ff:ff:ff:ff:ff
>> inet 216.27.136.223/24 brd 216.27.136.255 scope global eno2
>> valid_lft forever preferred_lft forever
>> inet 216.254.115.102/24 brd 216.254.115.255 scope global eno2
>> valid_lft forever preferred_lft forever
>> inet 216.254.115.190/24 brd 216.254.115.255 scope global secondary eno2
>> valid_lft forever preferred_lft forever
>> inet6 fe80::ec4:7aff:fe32:c183/64 scope link
>> valid_lft forever preferred_lft forever
>>
>> Anyone knows what could be the reason for this, I'd like to have 216.254.115.190 as the
>> default externally-visible IP address.
>>
>>
>>
>>
>> --
>> users mailing list
>> users@xxxxxxxxxxxxxxxxxxxxxxx
>> To unsubscribe or change subscription options:
>> https://lists.fedoraproject.org/admin/lists/users@xxxxxxxxxxxxxxxxxxxxxxx
>> Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
>> Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
>> Have a question? Ask away: http://ask.fedoraproject.org
>
>
>
>
> --
> users mailing list
> users@xxxxxxxxxxxxxxxxxxxxxxx
> To unsubscribe or change subscription options:
> https://lists.fedoraproject.org/admin/lists/users@xxxxxxxxxxxxxxxxxxxxxxx
> Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
> Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
> Have a question? Ask away: http://ask.fedoraproject.org
>
--
----------------------------------------------------------------------
- Rick Stevens, Systems Engineer, AllDigital ricks@xxxxxxxxxxxxxx -
- AIM/Skype: therps2 ICQ: 226437340 Yahoo: origrps2 -
- -
- First Law of Work: -
- If you can't get it done in the first 24 hours, work nights. -
----------------------------------------------------------------------
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://lists.fedoraproject.org/admin/lists/users@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
