Updated Branches: refs/heads/master 0b60c0d3c -> e37a82375
Summary: Fix rp_filter for VPC router Detail: VPC router was being treated like normal VR, which was an issue because normally the VR has an eth0,1,2 which are isolated, linklocal, and public networks respectively. rp_filter is turned on for eth0,1 and off for 2 (hardcoded). VPC however comes up with eth0,1 as public, linklocal, and no other interfaces until new isolated networks are added, so the process doesn't work. This change turns on rp_filter as new isolated networks are added to the VR. BUG-ID: CLOUDSTACK-938 Bugfix-for: 4.0.2 Signed-off-by: Marcus Sorensen <[email protected]> 1358451991 -0700 Project: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/commit/e37a8237 Tree: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/tree/e37a8237 Diff: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/diff/e37a8237 Branch: refs/heads/master Commit: e37a82375c1dd7631f37de1ed1b336f524d08c62 Parents: 0b60c0d Author: Marcus Sorensen <[email protected]> Authored: Thu Jan 17 12:46:31 2013 -0700 Committer: Marcus Sorensen <[email protected]> Committed: Thu Jan 17 12:51:38 2013 -0700 ---------------------------------------------------------------------- .../debian/config/etc/init.d/cloud-early-config | 2 +- .../debian/config/opt/cloud/bin/vpc_guestnw.sh | 1 + 2 files changed, 2 insertions(+), 1 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/e37a8237/patches/systemvm/debian/config/etc/init.d/cloud-early-config ---------------------------------------------------------------------- diff --git a/patches/systemvm/debian/config/etc/init.d/cloud-early-config b/patches/systemvm/debian/config/etc/init.d/cloud-early-config index fe536cb..285a92f 100755 --- a/patches/systemvm/debian/config/etc/init.d/cloud-early-config +++ b/patches/systemvm/debian/config/etc/init.d/cloud-early-config @@ -660,7 +660,7 @@ EOF enable_svc dnsmasq 1 enable_svc haproxy 1 enable_svc cloud 0 - disable_rpfilter_domR + disable_rpfilter enable_fwding 1 cp /etc/iptables/iptables-vpcrouter /etc/iptables/rules setup_sshd $ETH0_IP "eth0" http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/e37a8237/patches/systemvm/debian/config/opt/cloud/bin/vpc_guestnw.sh ---------------------------------------------------------------------- diff --git a/patches/systemvm/debian/config/opt/cloud/bin/vpc_guestnw.sh b/patches/systemvm/debian/config/opt/cloud/bin/vpc_guestnw.sh index d20ed5a..c909cf7 100755 --- a/patches/systemvm/debian/config/opt/cloud/bin/vpc_guestnw.sh +++ b/patches/systemvm/debian/config/opt/cloud/bin/vpc_guestnw.sh @@ -134,6 +134,7 @@ create_guest_network() { sudo ip addr add dev $dev $ip/$mask brd + sudo ip link set $dev up sudo arping -c 3 -I $dev -A -U -s $ip $ip + echo 1 > /proc/sys/net/ipv4/conf/$dev/rp_filter # restore mark from connection mark local tableName="Table_$dev" sudo ip route add $subnet/$mask dev $dev table $tableName proto static
