[ https://issues.apache.org/jira/browse/CLOUDSTACK-6485?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15075934#comment-15075934 ]
ASF GitHub Bot commented on CLOUDSTACK-6485: -------------------------------------------- GitHub user remibergsma opened a pull request: https://github.com/apache/cloudstack/pull/1299 CLOUDSTACK-6485 prevent ip asignment of private gw iface Prevent ipaddress asignment of gateway to gateway-interface on vpc router by setting vpcid to null in network. This was fixed in 4.4 by 1f209ff226a24979cf3a43ce0c02e05c84dd4dc2, reimplemented for 4.7 You can merge this pull request into a Git repository by running: $ git pull https://github.com/remibergsma/cloudstack CLOUDSTACK-6485 Alternatively you can review and apply these changes as the patch at: https://github.com/apache/cloudstack/pull/1299.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #1299 ---- commit 2c07ce590d9763033aff2ee895915eefe8a16030 Author: Remi Bergsma <git...@remi.nl> Date: 2015-12-31T13:20:52Z CLOUDSTACK-6485 prevent ip asignment of private gw iface Prevent ipaddress asignment of gateway to gateway-interface on vpc router by setting vpcid to null in network Was fixed in 4.4 by 1f209ff226a24979cf3a43ce0c02e05c84dd4dc2 Reimplemented for 4.7 ---- > [vpc] new private gateway network is registered wrong in network table > ---------------------------------------------------------------------- > > Key: CLOUDSTACK-6485 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-6485 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) > Components: Virtual Router > Affects Versions: 4.2.1, 4.3.0, 4.4.0, 4.3.1 > Reporter: Anton Opgenoort > Assignee: Daan Hoogland > > When creating a private gateway for a VPC router on a network not yet known > to Cloudstack, Cloudstack ‘documents’ this network in the networks table. > For normal guest networks, which should be associated with a single VPC, > Cloudstack includes the VPC_ID in the database. The VPC_ID field is used to > provision all networks and nics on a VPC router when it is created. Since > this table is all about network provisioning it makes sense to ‘document’ the > network cidr and gateway present in that nework. For guest tiers this usually > is the VPC router itself, so the interface IP’s on a VPC router are the > gateway IP’s found in the networks table. > Unfortunately the VPC_ID is also recorded for the private gateway network > when it is first created. So the first VPC to be plugged on the private > gateway network also has that same network associated as a guest network > tier, instead of just a private gateway network. > This by itself will not quickly become a problem, because private gateways > are first plugged on a running vpc router which is not likely to be recreated > any time soon after that. > But as soon as this first ever VPC router on the private gateway network is > recreated due to a destroy of the VPC Router, all associated networks are > looked up in the networks table. > Because the private gateway network is ‘documented’ with the actual upstream > gateway used by the VPC router defintion, the VPC router provisions a NIC on > the private gateway network using the IP address of the actual upstream > gateway creating an IP conflict on the private gateway network, effectively > breaking down the upstream gateway functionality for all attached private > gateways of other vpc's. -- This message was sent by Atlassian JIRA (v6.3.4#6332)