[jira] [Created] (CLOUDSTACK-6485) [vpc] new private gateway network is registered wrong in network table

Wed, 23 Apr 2014 12:25:05 -0700 

Anton Opgenoort created CLOUDSTACK-6485:
-------------------------------------------

             Summary: [vpc] new private gateway network is registered wrong in 
network table
                 Key: CLOUDSTACK-6485
                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-6485
             Project: CloudStack
          Issue Type: Bug
      Security Level: Public (Anyone can view this level - this is the default.)
          Components: Virtual Router
    Affects Versions: 4.2.1, 4.3.0, 4.4.0, 4.3.1
            Reporter: Anton Opgenoort


When creating a private gateway for a VPC router on a network not yet known to 
Cloudstack, Cloudstack ‘documents’ this network in the networks table.
For normal guest networks, which should be associated with a single VPC, 
Cloudstack includes the VPC_ID in the database. The VPC_ID field is used to 
provision all networks and nics on a VPC router when it is created. Since this 
table is all about network provisioning it makes sense to ‘document’ the 
network cidr and gateway present in that nework. For guest tiers this usually 
is the VPC router itself, so the interface IP’s on a VPC router are the gateway 
IP’s found in the networks table.

Unfortunately the VPC_ID is also recorded for the private gateway network when 
it is first created. So the first VPC to be plugged on the private gateway 
network also has that same network associated as a guest network tier, instead 
of just a private gateway network.

This by itself will not quickly become a problem, because private gateways are 
first plugged on a running vpc router which is not likely to be recreated any 
time soon after that.
But as soon as this first ever VPC router on the private gateway network is 
recreated due to a destroy of the VPC Router, all associated networks are 
looked up in the networks table. 
Because the private gateway network is ‘documented’ with the actual upstream 
gateway used by the VPC router defintion, the VPC router provisions a NIC on 
the private gateway network using the IP address of the actual upstream gateway 
creating an IP conflict on the private gateway network, effectively breaking 
down the upstream gateway functionality for all attached private gateways of 
other vpc's.




--
This message was sent by Atlassian JIRA
(v6.2#6252)

Reply via email to