Ubuntu 20.04: when adding bridge via netplan, bridged interface remains routable, routing entries duplicated

OS: Ubuntu 20.04.3, all the latest updates installed.

I am trying to create a bridge interface, to enslave current (eno1)

Netplan configuration:

# This is the network config written by 'subiquity'
network:
  version: 2
  renderer: networkd

  ethernets:
    eno1:
      dhcp4: false
      dhcp6: false

  bridges:
    br0:
      interfaces: [eno1]
      addresses: [10.20.0.21/24]
      gateway4: 10.20.0.1
      nameservers:
        search: [example.com]
        addresses: [10.20.0.1,10.20.0.10]
      dhcp4: false
      dhcp6: false

When I run "netplan try", I see:

** (generate:2332): WARNING **: 12:54:41.673: Problem encountered while validatingdefault route consistency.Please set up multiple routing tables and use `routing-policy` instead.
Error: Conflicting default route declarations for IPv4 (table: main, metric: default), first declared in br0 but also in eno1

If I reboot the system, the results are as follows:

$ route

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         10.20.0.1       0.0.0.0         UG    0      0        0 br0
default         10.20.0.1       0.0.0.0         UG    0      0        0 eno1
10.20.0.0        0.0.0.0        255.255.255.0   U     0      0        0 br0
10.20.0.0        0.0.0.0        255.255.255.0   U     0      0        0 eno1

The system remains usable, but the configuration is obviously abnormal.

$ networkctl

networkctl 
IDX LINK TYPE     OPERATIONAL SETUP     
  1 lo   loopback carrier     unmanaged 
  2 eno1 ether    routable    configured
  3 br0  bridge   routable    configured

$ ip addr show

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0 state UP group default qlen 1000
    link/ether 18:c0:4d:63:da:da brd ff:ff:ff:ff:ff:ff
    inet 10.20.0.21/24 brd 10.1.0.255 scope global eno1
       valid_lft forever preferred_lft forever
3: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 18:c0:4d:63:da:da brd ff:ff:ff:ff:ff:ff
    inet 10.20.0.21/24 brd 10.1.0.255 scope global br0
       valid_lft forever preferred_lft forever
    inet6 fe80::700e:94ff:fea6:fc98/64 scope link 
       valid_lft forever preferred_lft forever

How do I make eno1 enslaved and prevent it from creating duplicates of routing entries/IP address?

Update of January 21: There are no other configuration files under /etc/netplan

@KonstantinBoyandin - There simply isn't enough information on your system provided here to come to any conclusion. That said, here's an educated guess as to what you have encountered:

IIRC a default install of 20.04 will be using NetworkManager already. This means out of the box, NetworkManager will most likely have already configured eno1 and created that default route you observed:

default         10.20.0.1       0.0.0.0         UG    0      0        0 eno1

There is nothing preventing you from attempting to use both NetworkManager and systemd-networkd - I can't think of a reason to do that, but there's nothing stopping it. I've leveraged this to avoid having to deal with NetworkManager when setting up wireguard interfaces on systems that are already running NetworkManager. When doing so, you must be aware that these tools can interact with each other, for instance, what happens if the physical Ethernet adapter managed by NetworkManager goes down? A virtual interface that relies on that physical one might fail, might not... depends on the configuration of the virtual adapter external to NetworkManager.

When you switched the renderer to NetworkManager, at that point everything started working because now you were using netplan to configure NetworkManager as the sole service for network configuration, preventing any "cross-configuration".

For anyone else encountering this issue, there are a couple of ways to solve this, you can either stop NetworkManager from configuring the interfaces you want to configure with a different renderer, or just disable NetworkManager entirely. My preference is to switch to netplan with systemd-networkd and disable NetworkManager on servers, while on desktop Linux I leave NetworkManager and leverage other networking services only when required.

On a typical Ubuntu 20.04 server, here's how to use netplan and avoid the conflict in the OP:

1. Provision server (install Ubuntu, etc.)
2. Create desired netplan config
3. Edit /etc/network/interfaces and comment out any sections that apply to the interface you configured in netplan:

# The primary network interface
# auto eno1
# iface eno1 inet dhcp

4. Restart (or stop) NetworkManager: sudo systemctl <restart|stop> NetworkManager.service
5. Test your netplan configuration: sudo netplan try
6. If everything looks correct and is working, hit Enter as prompted

(Optional)

• Disable NetworkManager: sudo systemctl disable NetworkManager.service

(Note)

• While it should be obvious, the above assumes that you have either local console access, or that your SSH connection is not dependent on the interface you are configuring, as you could be disconnected and thus unable to complete configuration.

Workaround of January 22, 2022:

It looks like netplan and/or networkd are currently too buggy to support the mentioned configuration without duplicating IPs/routes.

The solution was to switch back to NetworkManager.

1. In netplan's .yaml make sure you replace the renderer line with

   renderer: NetworkManager
   

2. Make sure you enable network management interfaces in /etc/NetworkManager/NetworkManager.conf (the affected section provided below)

   [ifupdown]
   managed=true
   

3. Define which interface types get filtered in etc/NetworkManager/conf.d/10-globally-managed-devices.conf:

   [keyfile]
   
   unmanaged-devices=*,except:type:wifi,except:type:wwan,except:type:ethernet
   

   Note: Make sure that file /usr/lib/NetworkManager/conf.d/10-globally-managed-devices.conf is empty (zero-sized).

4. Restart NetworkManager, or better, reboot the system:

   sudo systemctl restart network-manager
   

   Note: one might need to disable auto-start for wired connection in Settings>Network, in case GUI mode is used, to disable constant NetworkManager complaining about being unable to activate the corresponding connection.