networking.interfaces.<name>.ipv4.routes makes network-addresses-<name>.service fail on boot

[pinpox]

Describe the bug

Using this configuration to add a static route results in a failed unit during boot and no route created. Restarting the systemd unit succeeds and creates the route as intended, the problem seems to be that network-addresses-enp0s20f0u4u1u1.service does not wait until the network connection is ready.

  networking.interfaces.enp0s20f0u4u1u1.ipv4.routes = [{
  address = "10.88.88.0";
  prefixLength = 24;
  via = "192.168.2.1";
  options = { metric = "0"; };
  }];

» sudo systemctl list-units --failed
  UNIT                                      LOAD   ACTIVE SUB    DESCRIPTION
● network-addresses-enp0s20f0u4u1u1.service loaded failed failed Address configuration of enp0s20f0u4u1u1

×  journalctl -fu network-addresses-enp0s20f0u4u1u1.service.
-- Boot 32cae321f4dd427a9d6a244f768ce21e --
Feb 28 15:51:15 ahorn systemd[1]: Starting Address configuration of enp0s20f0u4u1u1...
Feb 28 15:51:15 ahorn network-addresses-enp0s20f0u4u1u1-start[1315]: adding route 10.88.88.0/24... 'ip route add 10.88.88.0/24 metric 0  via 192.168.2.1 dev enp0s20f0u4u1u1' failed: Error: Nexthop has invalid gateway.
Feb 28 15:51:15 ahorn systemd[1]: network-addresses-enp0s20f0u4u1u1.service: Main process exited, code=exited, status=1/FAILURE
Feb 28 15:51:15 ahorn systemd[1]: network-addresses-enp0s20f0u4u1u1.service: Failed with result 'exit-code'.
Feb 28 15:51:15 ahorn systemd[1]: Failed to start Address configuration of enp0s20f0u4u1u1.

Routes before and after restarting the sytemd unit:

×  route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.2.1     0.0.0.0         UG    100    0        0 enp0s20f0u4u1u1
0.0.0.0         192.168.2.1     0.0.0.0         UG    600    0        0 wlp61s0
10.240.0.0      0.0.0.0         255.240.0.0     U     0      0        0 tinc.retiolum
172.17.0.0      0.0.0.0         255.255.0.0     U     0      0        0 docker0
172.18.0.0      0.0.0.0         255.255.0.0     U     0      0        0 br-ed7415dc9645
172.19.0.0      0.0.0.0         255.255.0.0     U     0      0        0 br-c97153b7a14e
192.168.2.0     0.0.0.0         255.255.255.0   U     100    0        0 enp0s20f0u4u1u1
192.168.2.0     0.0.0.0         255.255.255.0   U     600    0        0 wlp61s0
192.168.7.0     0.0.0.0         255.255.255.0   U     0      0        0 wg0
192.168.56.0    0.0.0.0         255.255.255.0   U     0      0        0 vboxnet0

~
×  systemctl restart network-addresses-enp0s20f0u4u1u1.service

~
×  route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.2.1     0.0.0.0         UG    100    0        0 enp0s20f0u4u1u1
0.0.0.0         192.168.2.1     0.0.0.0         UG    600    0        0 wlp61s0
10.88.88.0      192.168.2.1     255.255.255.0   UG    0      0        0 enp0s20f0u4u1u1
10.240.0.0      0.0.0.0         255.240.0.0     U     0      0        0 tinc.retiolum
172.17.0.0      0.0.0.0         255.255.0.0     U     0      0        0 docker0
172.18.0.0      0.0.0.0         255.255.0.0     U     0      0        0 br-ed7415dc9645
172.19.0.0      0.0.0.0         255.255.0.0     U     0      0        0 br-c97153b7a14e
192.168.2.0     0.0.0.0         255.255.255.0   U     100    0        0 enp0s20f0u4u1u1
192.168.2.0     0.0.0.0         255.255.255.0   U     600    0        0 wlp61s0
192.168.7.0     0.0.0.0         255.255.255.0   U     0      0        0 wg0
192.168.56.0    0.0.0.0         255.255.255.0   U     0      0        0 vboxnet0

The issue can be fixed/worked around by adding:

systemd.services.network-addresses-enp0s20f0u4u1u1 = { after = [ "dhcpcd.service" ]; };

Steps To Reproduce

Steps to reproduce the behavior:

1. Add config snipped above to configuration.nix
2. rebuild system
3. reboot
4. route -n

Expected behavior

Route is added and systemd unit does not require manual restart.

Notify maintainers

@witchof0x20 @Luflosi @symphorien @Artturin @pennae @MayNiklas

Metadata

[user@system:~]$ nix-shell -p nix-info --run "nix-info -m"
 - system: `"x86_64-linux"`
 - host os: `Linux 5.10.101, NixOS, 22.05 (Quokka)`
 - multi-user?: `yes`
 - sandbox: `yes`
 - version: `nix-env (Nix) 2.6.1`
 - channels(root): `""`
 - channels(pinpox): `"home-manager"`
 - nixpkgs: `/nix/store/d9wpzgyjlpw1424kw2lyilah6690fnk3-source`

[MayNiklas]

I‘m able to reproduce this issue. A workaround for me was to add a dependency for dhcpcd to the service.

systemd.services.network-addresses-ens192 = {
   after = [ "dhcpcd.service" ];
}

I guess there should be a better workaround - haven’t found the time yet!

[pennae]

the network config system is currently not well set up to have static configuration (like your route) depend on dynamic configuration (like gateways taken from dhcp). this may be a configuration that's possible with networkd, but with the scripted setup you're probably best off adding a fragment to networking.dhcpcd.runHook that adds your route when the interface is fully configured

[pinpox]

I can't judge if there is something to do here then. Maybe this should be documented or checked for in the service then? Maybe someone with more network stuff experience has a second opinion?

[ipochto]

Is adding sleep 2s && into the service script will be correct? *Faced the same problem in the network-setup-start. Adding sleep solved the problem, but not sure if it's correct way.