From 484e43659641b4c9a5fd39b5bfea2531043757e7 Mon Sep 17 00:00:00 2001
From: Vlastimil Holer <vholer@opennebula.io>
Date: Wed, 22 Sep 2021 16:15:42 +0200
Subject: [PATCH] F #227, #86: Workaround sporadic IPv6 SLAAC privacy address
 on Ubuntus

---
 src/etc/one-context.d/loc-10-network          |  1 -
 .../loc-10-network.d/netcfg-interfaces        | 21 ++++++++++++++++---
 2 files changed, 18 insertions(+), 4 deletions(-)

diff --git a/src/etc/one-context.d/loc-10-network b/src/etc/one-context.d/loc-10-network
index 73c951a..600102b 100755
--- a/src/etc/one-context.d/loc-10-network
+++ b/src/etc/one-context.d/loc-10-network
@@ -155,7 +155,6 @@ case "$action" in
     reconfigure)
         configure_network
         reload_network
-        # wait_online
         ;;
     *)
         echo "ERROR [!]: Unknown ACTION: ${action}" >&2
diff --git a/src/etc/one-context.d/loc-10-network.d/netcfg-interfaces b/src/etc/one-context.d/loc-10-network.d/netcfg-interfaces
index fd13bf7..90667f5 100644
--- a/src/etc/one-context.d/loc-10-network.d/netcfg-interfaces
+++ b/src/etc/one-context.d/loc-10-network.d/netcfg-interfaces
@@ -69,7 +69,8 @@ stop_network()
             for _iface in $_ifaces; do
                 if [ "${_iface}" != 'lo' ] ; then
                     /sbin/ifdown "${_iface}"
-                    /sbin/ip addr flush dev "${_iface}"
+                    /sbin/ip link set dev "${_iface}" down || true
+                    /sbin/ip addr flush dev "${_iface}" || true
                 fi
             done
             ;;
@@ -181,6 +182,8 @@ gen_dhcp_conf()
                 ;;
         esac
     fi
+
+    echo ""
 }
 
 gen_alias_conf()
@@ -250,9 +253,10 @@ EOT
         esac
     fi
 
+    echo ""
+
     if [ -n "${ip6_ula}" ]; then
         cat <<EOT
-
 iface ${dev} inet6 static
   address ${ip6_ula}
   netmask 64
@@ -279,8 +283,15 @@ gen_dhcp6_conf()
             echo "  pre-up echo 0 > /proc/sys/net/ipv6/conf/${dev}/use_tempaddr"
             ;;
         debian|ubuntu|devuan)
-            echo "  privext 0" # this might not be effective in "dhcp" mode
+            # Privext might not be effective in "dhcp" mode, so we better
+            # directly configure also sysctl parameters. Also, there might
+            # be a race condition between activating IPv4 and IPv6 part of
+            # interface if IPv4 is dhcp. As a aresult, IPv6 SLAAC privacy
+            # address might appear. So, for safety we better drop any global
+            # IPv6 addresses as part of pre-up.
+            echo "  privext 0"
             echo "  pre-up echo 0 > /proc/sys/net/ipv6/conf/${dev}/use_tempaddr"
+            echo "  pre-up ip -6 addr flush dev ${dev} scope global || /bin/true"
 
             if [ -n "${mtu}" ]; then
                 # Ignores "mtu x", IPv6-only interfaces would not be configured
@@ -292,6 +303,8 @@ gen_dhcp6_conf()
             exit 1
             ;;
     esac
+
+    echo ""
 }
 
 gen_alias6_conf()
@@ -313,6 +326,8 @@ EOT
             ;;
     esac
 
+    echo ""
+
     if [ -n "${ip6_ula}" ]; then
         cat <<EOT