[systemd-devel] Bouncing interface once chrony is synced

Ian Pilcher arequipeno at gmail.com
Wed Jul 5 15:29:21 UTC 2017 

I am using CentOS 7 (systemd 219) on a Banana Pi as my residential
firewall/gateway.  The Banana Pi does not have a persistent clock, so
it has no idea what the time is until it is able to sync via NTP.  Thus,
the initial DHCP leases that the BPi receives have incorrect expiration/
renewal times (since the system can't sync via NTP before it has an IP
address - chicken and egg).

My first attempt to address this was to add a drop-in to
chrony-wait.service that bounces the WAN interface.

   /etc/systemd/system/chrony-wait.service.d/bounce-wan.conf:

     # Bounce the WAN interface once time is synced, ensuring that
     # DHCP leases have proper expiration/refresh times.

     [Service]
     ExecStartPost=/usr/sbin/ifdown eth0.256
     ExecStartPost=/usr/sbin/ifup eth0.256

This does bounce the interface at boot time:

   Dec 31 18:00:18 firewall.penurio.us systemd[1]: Starting Wait for 
chrony to synchronize system clock...
   Jul 04 13:05:07 firewall.penurio.us dhclient[1336]: DHCPDISCOVER on 
eth0.256 to 255.255.255.255 port 67 interval 8 (xid=0x38c8bfa7)
   Jul 04 13:05:07 firewall.penurio.us dhclient[1336]: DHCPREQUEST on 
eth0.256 to 255.255.255.255 port 67 (xid=0x38c8bfa7)
   Jul 04 13:05:07 firewall.penurio.us dhclient[1336]: DHCPOFFER from 
70.119.128.1
   Jul 04 13:05:07 firewall.penurio.us dhclient[1336]: DHCPACK from 
70.119.128.1 (xid=0x38c8bfa7)
   Jul 04 13:05:10 firewall.penurio.us dhclient[1336]: bound to 
70.119.136.2 -- renewal in 23274 seconds.
   Jul 04 13:05:11 firewall.penurio.us dhclient[1431]: PRC: Previous 
lease is devoid of active addresses.  Re-initializing.
   Jul 04 13:05:11 firewall.penurio.us dhclient[1431]: XMT: Solicit on 
eth0.256, interval 1010ms.
   Jul 04 13:05:11 firewall.penurio.us dhclient[1431]: RCV: Advertise 
message on eth0.256 from fe80::201:5cff:fe77:bc46.
   Jul 04 13:05:11 firewall.penurio.us dhclient[1431]: XMT: Request on 
eth0.256, interval 940ms.
   Jul 04 13:05:11 firewall.penurio.us dhclient[1431]: RCV: Advertise 
message on eth0.256 from fe80::201:5cff:fe77:bc46.
   Jul 04 13:05:11 firewall.penurio.us dhclient[1431]: Packet received, 
but nothing done with it.
   Jul 04 13:05:11 firewall.penurio.us dhclient[1431]: RCV: Reply 
message on eth0.256 from fe80::201:5cff:fe77:bc46.
   Jul 04 13:05:20 firewall.penurio.us systemd[1]: Started Wait for 
chrony to synchronize system clock.

Unfortunately, the expected dhclient processes are not running, so the
addresses are never renewed.  I suspect that systemd may be killing
them, because chrony-wait is a oneshot service.

Can anyone suggest a way to achieve this?

-- 
========================================================================
Ian Pilcher                                         arequipeno at gmail.com
-------- "I grew up before Mark Zuckerberg invented friendship" --------
========================================================================

More information about the systemd-devel mailing list