[ https://issues.apache.org/jira/browse/CLOUDSTACK-4573?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13791175#comment-13791175 ]
Abhinandan Prateek commented on CLOUDSTACK-4573: ------------------------------------------------ Alena, Anything remaining on this ticket, can this be resolved ? > Aquire IP address above domain limit in VPC > ------------------------------------------- > > Key: CLOUDSTACK-4573 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-4573 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) > Affects Versions: 4.1.1 > Reporter: Daan Hoogland > Assignee: Alena Prokharchyk > Priority: Critical > Labels: integration-test > Fix For: 4.2.1 > > > It is possible to aquire more public IP addresses than allowed according to > the domain limit, the steps are as followed: > user has a limit of 2 ips > domain has a limit of 5 ips > 1) create a VPC, this will aquire a public IP address for source nat > 2) create a network (not in the VPC) and aquire an IP address, we are now at > the max of two allowed public IP address > 3) create one or more networks on the VPC > 4) under IP addresses (VPC configuration) aquire IP address > We now have 3 IP addresses aquired, I tested more, I was allowed up to 7, at > which time there was no more free IP addresses available in cloudstack. > conclusion: the non VPC network is correctly adhering to the domain limit, > but the VPC is not, and IP addresses on the VPC are not counted for when > checking the domain limit. > Strange thing is though, that cloudstack is checking the IP limit during the > creation of a VPC, you cannot create a VPC when you have already reached your > IP limit. -- This message was sent by Atlassian JIRA (v6.1#6144)