Networking and firewall settings failing badly after reboot

Many important networking and firewall settings are lost after a VPS reboot due to /etc/network/interfaces being overwritten by the hypervisor (KVM in my case, a "bare metal" hypervisor). I believe this is a known problem (or possibly a feature, intended to ensure communication with the server) and I understand why this would be difficult to avoid. In particular, on my VPS I find I lose dns-nameservers, the inet6 gateway, and all but the default inet6 address. Also the firewall is disabled because the iptables-restore line is lost.

The real problem comes when trying to fix those settings. In webmin 1.782 running on Ubuntu 14.04 LTS, the Networking > Network Configuration > Routing and Gateways configuration for inet6, the DNS servers setting and the Linux Firewall > Activate at boot setting seem to be accepted but they don't seem to "stick" or have any effect on /etc/network/interfaces. In other words after refreshing the screen they're back to their old values.

I did eventually manage to restore the settings from a webmin backup (although I didn't realise it for a while, because of an old bug where the restore operation reports "0 files changed" even though it has in fact been successful).

I'd rate this a "Major" problem because the loss of DNS resolution, inet6 connectivity and firewall functionality are potentially severe problems despite (perhaps also because) they are not immediately obvious.

Status: 
Active

Comments

Is this a VM that is managed by Cloudmin? Because it doesn't touch /etc/network/interfaces unless you explicitly change an IP or other setting on the Network Interfaces page.

philmck's picture
Submitted by philmck on Sun, 01/17/2016 - 09:02

I discovered that /etc/mtab is also overwritten by KVM on reboot, which causes a similar problem by quietly enabling disk quotas (which subsequently caused my backups to fail).

The solution seems to be to go to Disk and Network Filesystems, select the root filesystem and set "Use quotas?" to No. If it's set using Webmin > System > Disk Quotas it doesn't stick.

By the way, the Webmin "raid" module seems to have a circular dependency with the "fdisk" module which means it's impossible to install either of them one at a time using Webmin modules > Install module (unless the "Ignore dependencies?" option is checked). Probably fdisk doesn't need to depend on raid.

KVM itself shouldn't be modifying /etc/fstab either, unless you are using a VM image that does something odd on startup.

Which image did you use the create these KVM instances?

philmck's picture
Submitted by philmck on Tue, 01/19/2016 - 13:06

I've confirmed with the host that KVM shouldn't be overwriting anything.

The image it was created from was Ubuntu 14.04 LTS 64-bit server as supplied by www.transip.eu when the VPS was created around October 2014.

In searching for others with the same problem I found the repository at https://sourceforge.net/p/webadmin/bugs - would it be better to track this there?

philmck's picture
Submitted by philmck on Tue, 01/19/2016 - 13:07

Just seen your earlier question - no, it's not managed by cloudmin.

You should try creating a new VM (from a Cloudmin-provided image) and see if it has the same issue. This overwriting may be happening due to some bootup script from inside the VM.

philmck's picture
Submitted by philmck on Wed, 01/20/2016 - 20:59

I think it would cost me money to set up a Cloudmin VM and I'm trying to avoid that but I'll give it a go if necessary. It should work with a standard "clean" Ubuntu install and the Virtualmin install.sh script though, shouldn't it?

The VPS hosting company are empthatic that it's not their fault - the supplied image is standard Ubuntu and KVM overwrites no files.

I've tried it in a VMware workstation and it seems OK if the instance is rebooted cleanly, but files are overwritten if there is a forced shutdown (similar to a power failure). I can't find any documentation on the expected behaviour in this situation or what scripts are executed on startup - the docs just say to edit settings in /etc/network/interfaces but I know there's more going on than that.

I'm not sure what could be causing this then, as there is nothing in Virtualmin that would change /etc/fstab or network settings on reboot.