Author Topic: Using DHCP on Internet/WAN port causes Gateway and VPN problems  (Read 1736 times)

nickpiggott

  • Zen Apprentice
  • *
  • Posts: 23
  • Karma: +8/-0
    • View Profile
Using DHCP on Internet/WAN port causes Gateway and VPN problems
« on: January 22, 2018, 08:49:11 am »
Environment
Zentyal 5.0.10
Ubuntu 16.04.3 LTS
Zentyal server has networking (5.0.9), DNS (5.0.3) and OpenVPN (5.0.1) components enabled

eth0 is connected to a router provided by my ISP. The ISP recommends using DHCP to acquire IP address, gateway and DNS servers.
eth1 is connected to my LAN, configured to use a static address

I configure eth0 to use DHCP and marked as External(WAN).

Summary
The way that DHCP is handled creates unpredictable behaviour in other modules - gateway is configured late, and VPN cannot determine the IP addresses of the interface - for an indeterminate period of time after reboot.

Gateway Problems
At initial setup, prior to enabling zentyal-networking, dhclient acquires IP address, gateway and DNS servers and writes these into the IP routing tables (and /etc/resolv.conf for the DNS servers). I can access the internet.

Enabling zentyal-networking causes the pre/post scripts at /etc/dhcp/dhclient-enter|exit-scripts.d to be executed. These scripts remove the default gateway and DNS servers. This causes loss of access to the Internet, as there is no default gateway configured, and the only DNS server in /etc/resolve.conf is 127.0.0.1

In the User Interface, there is no default gateway shown on the Network>Gateways page.

At some "indeterminate" time later, the default gateway is re-configured and Internet access comes back. The gateway appears in Network>Gateways as dhcp-gw-eth0.

The DNS servers are not added to Zentyal. I have to manually add them to DNS>Forwarders

VPN Problems
I have a VPN server configured. If I set the server to listen on <All Ports>, it starts correctly. If I set the server to listen to eth0, it will fail to start, with an error

Code: [Select]
VPN server bridge couldn&#39;t be configured, no IP address found for interface eth0 at VPN server bridge couldn&#39;t be configured, no IP address found for interface eth0 at /usr/share/perl5/EBox/Module/Service.pm line 964
At some indeterminate time after rebooting, this error will stop happening and the server will start.

Questions
  • Does anyone else see this behaviour?
  • Is there anything I can do to make handling of gateways / interface addresses more reliable?
  • Should the DNS servers be automatically added to DNS>Forwarders?

fjldurodie

  • Zen Apprentice
  • *
  • Posts: 13
  • Karma: +1/-0
    • View Profile
Re: Using DHCP on Internet/WAN port causes Gateway and VPN problems
« Reply #1 on: March 27, 2019, 06:47:24 pm »
This is an old thread but for the sake of possibly helping others:

I've had the issue of not being able to connect to the internet twice after an update/reboot of Zentyal 5.0

It is a quite confusing issue as I could ping the external x.y.z.1 (my ip being x.y.z.w) as well as the broadcast address given by ifconfig replacing the 255 by 1 BUT I could not ping 8.8.8.8 or 1.1.1.1. So it appears as if the Zentyal is able to go externally but only in a limited manner (how this is possible I don't realy understand).

I don't remember exactly what I did the first time (possible a year or more ago) but I vaguely remembered something not being set right after the update/reboot.

This time with the insight of your post I tried to restart the network service with:

Code: [Select]
$ sudo /etc/init.d/networking restart
which worked and indeed now showed the "dhcp-gw-eth0" in the Network > Gateways > Gateways and Proxy > Gateways List which was empty before.