ljm42

Thank you for the feedback on the previous rc release, we have one more small set of updates to test before releasing 6.12.4. Highlights include: Resolved an issue with VMs on the macvtap interface not being able to connect to the Internet Additional IPv6 improvements The delay before auto-closing notifications is now configurable (see Settings/Notification Settings) Fix the custom network DHCP subnet options on the Settings/Docker Settings page If you are already on 6.12.4-rc18 this should be a simple update, no need to change any settings. If you are coming from an earlier release please see the 6.12.4-rc18 announce post for info on how to solve macvlan issues and other changes. Upgrade steps for this release As always, prior to upgrading, create a backup of your USB flash device: "Main/Flash/Flash Device Settings" - click "Flash Backup". Update all of your plugins. This is critical for the NVIDIA and Realtek plugins in particular. If the system is currently running 6.12.0 - 6.12.2, we're going to suggest that you stop the array at this point. If it gets stuck on "Retry unmounting shares", open a web terminal and type: umount /var/lib/docker The array should now stop successfully (This issue was resolved with 6.12.3) Go to Tools -> Update OS, change the Branch to "Next". If the update doesn't show, click "Check for Updates" Wait for the update to download and install If you have any plugins that install drivers (NVIDIA, Realtek, etc), wait for the notification that the new version of the driver has been downloaded. Reboot Known Issues Please see the 6.12.4-rc18 release notes Rolling Back Please see the 6.12.4-rc18 release notes Changes vs. 6.12.4-rc18 docker: add routing when shim or macvtap network is used docker: fix routing when "host access" is enabled docker: remove IPv6 from shim/vhost interface (some routers are incompatible) New notification option: auto-closure time New notification option: notification life time Set default notifications life time to 5 seconds network: print public ipv6 address network: shim interface gets MAC address of parent, no need to generate one Docker settings: fix subnet sizes CSS: set overflow-x to 'auto' Helptext: fix typo Linux kernel version 6.1.47

This release has a fix for macvlan call traces(!) along with other bug fixes, security patches, and one new feature. We'd like your feedback before releasing it as 6.12.4 This thread is perfect for quick questions or comments, but if you suspect there will be back and forth for your specific issue, please start a new topic. Be sure to include your diagnostics.zip. Upgrade steps for this release As always, prior to upgrading, create a backup of your USB flash device: "Main/Flash/Flash Device Settings" - click "Flash Backup". Update all of your plugins. This is critical for the NVIDIA and Realtek plugins in particular. If the system is currently running 6.12.0 - 6.12.2, we're going to suggest that you stop the array at this point. If it gets stuck on "Retry unmounting shares", open a web terminal and type: umount /var/lib/docker The array should now stop successfully (This issue was resolved with 6.12.3) Go to Tools -> Update OS, change the Branch to "Next". If the update doesn't show, click "Check for Updates" Wait for the update to download and install If you have any plugins that install drivers (NVIDIA, Realtek, etc), wait for the notification that the new version of the driver has been downloaded. Reboot Add Tools/System Drivers page This new page gives you visibility into the drivers available/in use on your system. 3rd party drivers installed by plugins (such as NVIDIA and Realtek) have an icon that links to the support page for that driver. And you can now add/modify/delete the modeprobe.d config file for any driver without having to find that file on your flash drive. Thanks to @SimonF for adding this functionality! Fix for macvlan call traces! The big news in this test release is that we believe we have resolved the macvlan issues that have been plaguing us recently! We'd appreciate your help confirming the changes. Huge thanks to @bonienl for tracking this down! The root of the problem is that macvlan used for custom Docker networks is unreliable when the parent interface is a bridge (like br0), it works best on a physical interface (like eth0). We believe this to be a longstanding kernel issue and have posted a bug report. If you are getting call traces related to macvlan, as a first step we'd recommend navigating to Settings/Docker, switch to advanced view, and change the "Docker custom network type" from macvlan to ipvlan. This is the default configuration that Unraid has shipped with since version 6.11.5 and should work for most systems. However, some users have reported issues with port forwarding from certain routers (Fritzbox) and reduced functionality with advanced network management tools (Ubiquity) when in ipvlan mode. For those users, in this rc we have a new method that reworks networking to avoid this. Simply tweak a few settings and your Docker containers, VMs, and WireGuard tunnels will automatically adjust to use them: Settings -> Network Settings -> eth0 -> Enable Bridging = No Settings -> Docker -> Host access to custom networks = Enabled Note: if you previously used the two-nic method for docker segregation, you'll also want to revert that: Settings -> Docker -> custom network on interface eth0 (i.e. make sure eth0 is configured for the custom network, not eth1) When you start the array, the host, VMs, and Docker containers will all be able to communicate, and there should be no more call traces! Troubleshooting If your Docker containers with custom IPs aren't starting, edit them and change the "Network type" to "Custom: eth0". We attempted to do this automatically, but depending on how things were customized you might need to do it manually. If your VMs are having network issues, edit them and set the Network Source to "vhost0". Also, ensure there is a MAC address assigned. If your WireGuard tunnels won't start, make a dummy change to each tunnel and save. If you are having issues port forwarding to Docker containers (particularly on a Fritzbox) delete and recreate the port forward in your router. To get a little more technical... After upgrading to this release, if bridging remains enabled on eth0 then everything works as it used to. You can attempt to work around the call traces by disabling the custom Docker network, or using ipvlan instead of macvlan, or using the two-nic Docker segmentation method with containers on eth1. Starting with this release, when you disable bridging on eth0 we create a new macvtap network for Docker containers and VMs to use. It has a parent of eth0 instead of br0, which is how we avoid the call traces. A side benefit is that macvtap networks are reported to be faster than bridged networks, so you may see speed improvements when communicating with Docker containers and VMs. FYI: With bridging disabled for the main interface (eth0), then the Docker custom network type will be set to macvlan and hidden unless there are other interfaces on your system that have bridging enabled, in which case the legacy ipvlan option is available. To use the new fix being discussed here you'll want to keep that set to macvlan. Other Bug Fixes This release resolves corner cases in networking, Libvirt, Docker, WireGuard, NTP, NGINX, NFS and RPC. And includes an improvement to the VM Manager so it retains the VNC password during an update. And has a change to the shutdown process to allow the NUT plugin to shut the system down. A small change is that packages in /boot/extra are now treated more like packages installed by plugins, and the installation is logged to syslog rather than to the console. Known Issues Please see this page for information on crashes related to the i915 driver: https://docs.unraid.net/unraid-os/release-notes/6.12.0#known-issues If Docker containers have issues starting after a while, and you are running Plex, go to your Plex Docker container settings, switch to advanced view, and add this to the Extra Params --no-healthcheck This thread is perfect for quick questions or comments, but if you suspect there will be back and forth for your specific issue, please start a new topic. Be sure to include your diagnostics.zip. Rolling Back Before rolling back to an earlier version, it is important to first change this back to yes: Settings -> Network Settings -> eth0 -> Enable Bridging = Yes And then start the array (along with the Docker and VM services) to update your Docker containers, VMs, and WireGuard tunnels back to their previous settings which should work in older releases. Once in the older version, confirm these settings are correct for your setup: Settings -> Docker -> Host access to custom networks Settings -> Docker -> Docker custom network type Changes vs. 6.12.3 Networking New vhost network for both containers and VMs. When bridging enabled: Create shim interface which is attached to bridge interface Copy parent address to shim interface with lower metric to allow host access More specific routes are no longer created When bridging disabled: Copy parent address to vhost interface with lower metric to allow host access Bug fixes and improvements create_network_ini: fixed dhcp hook improved IP address collection diagnostics: Add previous Unraid version to diagnostics version txt file. Add ntp.conf, sshd.config, and servers.conf (with anonymized URLs) anonymize IP addresses libvirt, nginx, nfs, rpc: changed running process detection nfsclient: start negotiation with v4, turn off atime modification rc.6: leave /usr and /lib mounted during shutdown rc.docker: create same IPv6 network for containers and services add more logging when stopping dockerd rc.inet1: do not use promiscuous mode for bridging add persistent option to dhcpcd rc.library: interfaces always listed in the same order, fix show ipv6 rc.libvirt: remove 'itco' watchdog from XML if present rc.local: annotate auto-generated /etc/modprobe.d/zfs.conf file rc.services: add logging exclude WireGuard "VPN tunneled access for docker" tunnels from services exclude WireGuard tunnels for ntp (code optimization) webgui: Update monitor_nchan Feedback: refactor feedback script Shares and Pools: show "Minimum free space" as absolute number instead of percentage Pools: minimum free space: only enabled when array is stopped VM Manager: Retain VNC password during update. VM Manager: Remove downloaded '.vv' files. Dashboard: hide ZFS bar when no ZFS is used Network settings: fix DNS settings sometimes disappear Translations: trim key and value in language files add System Drivers page Linux kernel version 6.1.46 (CVE-2023-20593) CONFIG_SCSI_MPI3MR: Broadcom MPI3 Storage Controller Device Driver Base Distro btrfs-progs: 6.3.3 curl: version 8.2.0 (CVE-2023-32001) kernel-firmware: version 20230724_59fbffa krb5: version 1.19.2 (CVE-2023-36054) openssh: version 9.3p2 (CVE-2023-38408) openssl: version 1.1.1v (CVE-2023-3817 CVE-2023-3446) samba: version 4.17.10 (CVE-2023-3496 CVE-2022-2127 CVE-2023-34968 CVE-2023-3496 CVE-2023-3347)