Issue
On boot, Linux instances can get its IPv6 address, but after lease expires, it is possible to lose the address.
Solution
The Stupid but workable way
Use a oneshot systemd service to add a static address to the interface.
[Unit]
Description=ensure static IPv6 address
After=network.target
[Service]
Type=oneshot
ExecStart=-/usr/sbin/ip -6 addr add 2603:c024:4506:d46f:c7ad:ddf2:a87b:89dc dev enp0s3
ProtectHome=yes
[Install]
WantedBy=multi-user.target
[Unit]
Description=Run ensure-ipv6-addr daily and on boot
[Timer]
OnBootSec=15min
OnUnitActiveSec=1d
[Install]
WantedBy=timers.target
The hard way and iSCSI Networking
iSCSI boot volumes use the 169.254.0.2/32 address and block volumes use the 169.254.2.0/24 network.
The default kernel cmdline on Oracle Linux 9 contains netroot=iscsi:169.254.0.2:::1:iqn.2015-02.oracle.boot:uefi
, which enables DHCP during early boot.
From journald
logs, we can see that the connection is refused on our instance.
dracut-initqueue[950]: iscsiadm: cannot make connection to 169.254.0.2: Connection refused
dracut-initqueue[950]: iscsiadm: cannot make connection to 169.254.0.2: Connection refused
dracut-initqueue[950]: iscsiadm: connection login retries (reopen_max) 5 exceeded
dracut-initqueue[950]: iscsiadm: Could not perform SendTargets discovery: iSCSI PDU timed out
dracut-initqueue[887]: Warning: Target discovery to 169.254.0.2:3260 failed with status 0
The reason is that the attachement type (Boot volume type) is Paravirtualized, but in this case, IOPS performance is worse than iSCSI attachments. The benefit is that netroot
from the cmdline can be removed, and that the VM supports live migration for best availability.
For a configuration in /etc/NetworkManager/system-connections
to be effective, it must not overlap with configurations in /etc/sysconfig/network-scripts
according to default config precedence on Oracle Linux 9, and NetworkManager should not be activated when running from the initial ramdisk.
A workaround for the latter is to configure allowed-connections
for the device, see https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/commit/bace14fe1f374db26e49e4e7d61d2fbfce4241cc.
By removing netroot
from the cmdline, we can regain control of NetworkManager configuration, and set a static IP with nmtui
.
The formal way
A workaround was implemented in systemd for this issue.
Also note that we need to have dhcpv6-client
in the list of services for the public zone if we are using firewalld. This can be checked with firewall-cmd --list-all
, and added with the following commands.
sudo firewall-cmd --add-service=dhcpv6-client --permanent
sudo firewall-cmd --reload