[00:21] <sdhd-sascha> hey, if so, then - happy new year :-)
[00:27] <shibboleth> https://ubuntu.com/download/server
[00:28] <shibboleth> 18.04.3 did away with the old installer?
[00:28] <shibboleth> i should go with 18.04.2?
[00:32] <qman__> no, click the link for alternative installer
[02:57] <tomreyn> happy 2020!
[03:00] <tomreyn> yesterday, someone (non-paying) reported that they were unable to set up ubuntu advantage on 14.04 starting from http://ubuntu.com - they got stuck at the point where they had the "new UA" installed on their system but it failed connecting to the repository. with a timeout, whereas the user was able to browse https://esm.ubuntu.com/ (other than https://esm.ubuntu.com/ubuntu/pool/ ) fine.
[03:01] <tomreyn> so, in case anyone canonical-ly feels like reviewing this - it may be generally broken currently.
[03:02] <CodeMouse92> .ping
[03:03] <CodeMouse92> Can anyone help? My Ubuntu 16.04 server suddenly won't connect to the internet via ethernet. It WAS working, and then abruptly stopped doing so.
[03:03] <tomreyn> hmm, year 2020 bug?
[03:04] <tomreyn> anything on the logs?
[03:04] <CodeMouse92> Not really. But when it boots up, it takes something about 6 minutes waiting for the network card to wake up
[03:04] <CodeMouse92> It ain't midnight here yet tomreyn
[03:04] <CodeMouse92> `sudo lshw -class network` shows the network card has the logical name enp4s0, and says link=yes
[03:05] <tomreyn> i was only joking about "2020 bug" really
[03:05] <CodeMouse92> The router is even lighting up when the network cable is plugged in
[03:05] <CodeMouse92> kk
[03:05] <CodeMouse92>  /etc/network/interfaces has the enp4s0 IN it...
[03:06] <CodeMouse92> auto enp4s0 \n iface enp4s0 inet dhcp
[03:06] <tomreyn> and "ip link" and "ip addr" say?
[03:07] <CodeMouse92> ip link shows enp4s0 as the second device (after lo), and it says <BROADCAST,MULTICAST,UP,LOWER_UP>
[03:07] <CodeMouse92> state UP
[03:08] <CodeMouse92> ip addr shows it as well, and it has the same ipv6 after link/ether that ip link showed
[03:08] <tomreyn> that's the MAC
[03:09] <CodeMouse92> kk
[03:09] <tomreyn> are there no inet or inet6 lines for the interface on ip addr?
[03:09] <CodeMouse92> Also shows inet6 followed by another ipv6 addy
[03:09] <CodeMouse92> Sorry I can't pastebin, no net on the affected box :P
[03:10] <tomreyn> thats fine so far. did you expect it to have an ipv4 or ipv6 address?
[03:10] <tomreyn> and what does the ipv6 (inet6) address start with?
[03:11] <CodeMouse92> I'll check in just a sec, I'm grepping the system logs. I have an ungodly number of messages about this device, all from today...
[03:12] <CodeMouse92> kernal: [2644115.104543] IN=enp4s0 OUT= MAC:60:(redacted):00 SRC=104.(redacted):229 DST=192.168.1.11 LEN=60 TOS=0x00 PREC=0x00 TTL=45....
[03:12] <CodeMouse92> And then finally, this evening, I have DHCPDISCOVER on enp4s0 to 255.255.255.255 port 67 interval 18
[03:12] <CodeMouse92> And stuff along those lines
[03:13] <CodeMouse92> tomreyn: Okay, so the inet6 address starts with fe80::62a4...
[03:13] <tomreyn> those IN OUT lines are usually iptables policy violations.
[03:14] <tomreyn> fe80:... is like 127.0.0.1
[03:14] <tomreyn> so you really have nbo ip address assigned via dhcp
[03:14] <CodeMouse92> Okay, uhm...how in the hayseed do I fix this?
[03:14] <CodeMouse92> It was weird, too, because it just aborted smack in the middle of the day, no warning
[03:14] <CodeMouse92> s/aborted/stopped working/
[03:15] <tomreyn> is this in a data center, or a home / office building?
[03:15] <CodeMouse92> Home
[03:16] <tomreyn> did you reboot the router, yet?
[03:16] <CodeMouse92> I have router access. Actually, using the same network connection :P
[03:16] <CodeMouse92> Yes
[03:16] <tomreyn> did you reboot the server, yet?
[03:16] <CodeMouse92> Twice
[03:16] <tomreyn> i'm assuming the router does dhcp, right?
[03:16] <CodeMouse92> It's supposed to
[03:17] <tomreyn> sudo dhclient enp4s0
[03:17] <CodeMouse92> It's thinking
[03:17] <tomreyn> add -d
[03:17] <tomreyn> ctrl-c and add -d
[03:17] <CodeMouse92> okay
[03:17] <CodeMouse92> Yeah, there's that DHCPDISCOVER on enp4s0 to 255.255.255.255 port 67 interval (whatever)
[03:18] <CodeMouse92> Listening on LPF/enp4s0/60:a4:4c:5b:ac:91
[03:18] <CodeMouse92> Sending on LPF/enp4s0/60:a4:4c:5b:ac:91
[03:18] <CodeMouse92> Sending on Socket/fallback
[03:18] <CodeMouse92> And then those DHCPDISCOVER messages, over and over and over
[03:18] <tomreyn> run    tail -f /var/log/syslog     in a separate tty or temrinal window
[03:19] <CodeMouse92> Okay, it's spitting
[03:19] <CodeMouse92> "DHCPDISCOVER on..." message
[03:19] <CodeMouse92> And then...
[03:19] <tomreyn> do you see more of these IN=... OUT= ... messages there?
[03:19] <tomreyn> on the syslog tail, that is
[03:19] <CodeMouse92> UFW AUDIT IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1
[03:20] <tomreyn> so dhclient failed, or is still trying?
[03:20] <CodeMouse92> Still trying
[03:21] <tomreyn> can you ctrl-c dhclient, disable ufw, try again?
[03:21] <CodeMouse92> Sure
[03:21] <tomreyn> before you restart dhclient press enter on the log tail a couple times
[03:21] <CodeMouse92> Well, it already spewed
[03:21] <tomreyn> just so you'll know where the new logs dhclient causes start
[03:22] <tomreyn> what is it spewing on syslog?
[03:22] <CodeMouse92> It will do one DHCPDISCOVER, and then a huge mess of IN=lo OUT= MAC=00:00....:08:00 SRC=127.0.0.1 DEST=127.0.0.1
[03:22] <CodeMouse92> Like, two dozen per
[03:22] <tomreyn> so ufw is still effective
[03:23] <CodeMouse92> I have fail2ban involved
[03:23] <CodeMouse92> Is that going to mess?
[03:23] <tomreyn> maybe
[03:23] <tomreyn> stop it, too
[03:23] <tomreyn> and check remaining rules with iptables -L
[03:24] <tomreyn> --flush if there are leftovers
[03:24] <CodeMouse92> I still have some DOCKER-... rules and some UFW-... rules
[03:25] <CodeMouse92> But they all say 0 references
[03:25] <tomreyn> is this a docker guest, or host?
[03:25] <CodeMouse92> Guest
[03:25] <CodeMouse92> Er
[03:25] <CodeMouse92> NO
[03:25] <CodeMouse92> DOcker host. I'm running docker within it.
[03:26] <CodeMouse92> I went ahead and did `systemctl stop docker` too
[03:26] <tomreyn> ok, so are the docker rules gone now?
[03:26] <CodeMouse92> No
[03:26] <CodeMouse92> Nor are the UFW rules
[03:26] <CodeMouse92> Weirdly
[03:27] <CodeMouse92> But...trying to dhcp again, fwiw, I don't get the in/out lines anymore
[03:27] <CodeMouse92> What's further, it just mumbled something about link up....but it's still doing DHCPDISCOVER
[03:27] <tomreyn> good. but still no ip address is assigned?
[03:27] <CodeMouse92> No, it's still milling about
[03:27] <tomreyn> and iptables -L is now empty?
[03:27] <CodeMouse92> It is now
[03:27] <CodeMouse92> *not
[03:27] <CodeMouse92> NOT
 --flush if there are leftovers
[03:28] <CodeMouse92> I already did. Three times
[03:28] <tomreyn> so whats left?
[03:28] <CodeMouse92> sudo iptables --flush
[03:28] <CodeMouse92> The same. DOCKER and ufw rules
[03:28] <CodeMouse92> 0 references
[03:30] <tomreyn> do you have ACCEPTs for dpt:domain and bootps for udp and tcp in INPUT?
[03:30] <CodeMouse92> How would I check?
[03:30] <tomreyn> iptables -L
[03:30] <CodeMouse92> Chain INPUT (policy ACCEPT)
[03:30] <CodeMouse92> target        prot opt source        destination
[03:30] <CodeMouse92> Chain FORWARD (policy ACCEPT)
[03:30] <CodeMouse92> target        prot opt source        destination
[03:31] <CodeMouse92> Chain OUTPUT (policy ACCEPT)
[03:31] <CodeMouse92> target        prot opt source        destination
[03:31] <CodeMouse92> And then...
[03:31] <CodeMouse92> Chain DOCKER (0 references)
[03:31] <CodeMouse92> target        prot opt source        destination
[03:31] <CodeMouse92> That identical format is repeated for...
[03:32] <CodeMouse92> DOCKER-ISOLATION-STAGE-1, DOCKER-ISOLATION-STAGE-2, DOCKER-USER
[03:32] <CodeMouse92> And over a dozen "ufw-..." rules
[03:32] <tomreyn> but 0 references for all of those, right?
[03:32] <CodeMouse92> Yes
[03:33] <tomreyn> hmm, do you have another NIC and ethernet wire? i'd try cross testing those next.
[03:34] <tomreyn> do you have other computers on the same network which can successfully get an iup address via dhcp now?
[03:34] <CodeMouse92> I'm on one of them ;)
[03:34] <CodeMouse92> I have another ethernet wire, but no other network card
[03:34] <tomreyn> and this computer you're IRC'ing from got its ip address assigned after the server lost connectivity?
[03:35] <CodeMouse92> Yes
[03:35] <CodeMouse92> BTW, the local network addresses are hardcoded. For example, this is always 192.168.1.4, and the server is always 192.168.1.11
[03:35] <tomreyn> does the router list connected devices, and devices it has handed ip addresses out to via dhcp?
[03:35] <CodeMouse92> It should
[03:35] <CodeMouse92> It's weird, it shows Ethernet 1 (where the server connects) as being up and connected
[03:37] <CodeMouse92> The router says Connected DHCP 98.144.168.105 for the whole network
[03:37] <tomreyn> are those ip addresses hard coded on the systems or do you mean that the router will always assign the same ip address via dhcp?
[03:37] <CodeMouse92> Yeah
[03:37] <tomreyn> "Connected DHCP 98.144.168.105" would refer to the routers' WAN connection
[03:38] <CodeMouse92> Except it shows that specifically under Ethernet
[03:38] <tomreyn> so towards the internet
[03:38] <tomreyn> well, silly router, i guess
[03:39] <CodeMouse92> Okay, yeah, there's something spooky here
[03:39] <tomreyn> the ip address is of charter communications, which i assume will be your ISP
[03:39] <CodeMouse92> On a whim, I just fired up a different machine
[03:40] <CodeMouse92> One that is connected via ethernet, NOT via wifi like this machine
[03:40] <CodeMouse92> NO NET
[03:40] <CodeMouse92> Same issue
[03:41] <tomreyn> so i guess your routers' dhcp server is broken. if this device is serviced by your ISP, you could get support from them.
[03:41] <CodeMouse92> Crap.
[03:41] <CodeMouse92> Okay, well, at least it ain't UBuntu
[03:41] <tomreyn> i need to leave for now. good luck!
[03:41] <CodeMouse92> I've reenabled UFW and Docker
[03:41] <CodeMouse92> and Fail2ban
[03:41] <CodeMouse92> Thanks!
[03:42] <tomreyn> yw