[jira] [Commented] (CLOUDSTACK-8699) Extra acquired public ip is assigned to wrong eth device

[Nicolas SCHWARTW (JIRA)]

    [ 
https://issues.apache.org/jira/browse/CLOUDSTACK-8699?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16032808#comment-16032808
 ] 

Nicolas SCHWARTW commented on CLOUDSTACK-8699:
----------------------------------------------

I'm currently running CloudStack 4.9.2 with ubuntu 16.04 for the server node 
and 14.04 for the manager.
The bug is still there and the IP is bound to the eth interface corresponding 
to the private interface that need to do static NAT or port forwarding instead 
of the public one.

Best regards

> Extra acquired public ip is assigned to wrong eth device
> --------------------------------------------------------
>
>                 Key: CLOUDSTACK-8699
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-8699
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the 
> default.) 
>          Components: Virtual Router
>    Affects Versions: 4.4.4
>         Environment: KVM on CentOS
>            Reporter: Remi Bergsma
>
> When the public network of a zone is untagged, an extra public ip address is 
> bound to the wrong interface (eth2 instead of eth1).
> Example:
> root@r-44137-VM:~# ip a
> 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN 
>     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
>     inet 127.0.0.1/8 scope host lo
> 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP 
> qlen 1000
>     link/ether 0e:00:a9:fe:01:eb brd ff:ff:ff:ff:ff:ff
>     inet 169.254.1.235/16 brd 169.254.255.255 scope global eth0
> 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP 
> qlen 1000
>     link/ether 06:46:32:00:00:8d brd ff:ff:ff:ff:ff:ff
>     inet xx.22.37.143/25 brd 85.222.237.255 scope global eth1
> 4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP 
> qlen 1000
>     link/ether 02:00:51:27:00:02 brd ff:ff:ff:ff:ff:ff
>     inet 10.0.0.1/24 brd 10.0.0.255 scope global eth2
>     inet xx.22.37.145/25 brd 85.222.237.255 scope global eth2
> Obviously, this does not work.
> # MGT server
> 2015-07-31 13:08:12,330 DEBUG [agent.manager.ClusteredAgentAttache] 
> (API-Job-Executor-98:ctx-cbf1e352 job-799791 ctx-58cb236f) Seq 
> 437-2425751349292433542: Forwarding Seq 437-2425751349292433542:  { Cmd , 
> MgmtId: 345052433506, via: 
> 437(mccxpod01-hv03.mccxpod01.mccx-shared-2.mccx.mcinfra.net), Ver: v1, Flags: 
> 100001, 
> [{"com.cloud.agent.api.routing.SetPortForwardingRulesVpcCommand":{"rules":[{"dstIp":"10.0.0.61","dstPortRange":[22,22],"id":54859,"srcIp":"xx.22.37.145","protocol":"tcp","srcPortRange":[22,22],"revoked":false,"alreadyAdded":false,"purpose":"PortForwarding","defaultEgressPolicy":false}],"accessDetails":{"zone.network.type":"Advanced","router.name":"r-44137-VM","router.ip":"169.254.1.235","router.guest.ip":"10.0.0.1"},"wait":0}}]
>  } to 345052433504
> 2015-07-31 13:08:12,457 DEBUG [agent.transport.Request] 
> (AgentManager-Handler-58:null) Seq 437-2425751349292433542: Processing:  { 
> Ans: , MgmtId: 345052433506, via: 437, Ver: v1, Flags: 0, 
> [{"com.cloud.agent.api.Answer":{"result":true,"details":"","wait":0}}] }
> 2015-07-31 13:08:12,457 DEBUG [agent.transport.Request] 
> (API-Job-Executor-98:ctx-cbf1e352 job-799791 ctx-58cb236f) Seq 
> 437-2425751349292433542: Received:  { Ans: , MgmtId: 345052433506, via: 437, 
> Ver: v1, Flags: 0, { Answer } }
> # AGENT
> 2015-07-31 13:08:12,203 DEBUG [cloud.agent.Agent] 
> (agentRequest-Handler-4:null) Request:Seq 437-2425751349292433541:  { Cmd , 
> MgmtId: 345052433506, via: 437, Ver: v1, Flags: 100001, 
> [{"com.cloud.agent.api.rout
> ing.IpAssocVpcCommand":{"ipAddresses":[{"accountId":625,"publicIp":"xx.22.37.145","sourceNat":false,"add":true,"oneToOneNat":false,"firstIP":false,"broadcastUri":"vlan://untagged","vlanGateway":"xx.22.37.1
> 29","vlanNetmask":"255.255.255.128","vifMacAddress":"06:46:32:00:00:8d","networkRate":-1,"trafficType":"Public","networkName":"pubbr0","newNic":false}],"accessDetails":{"router.guest.ip":"xx.22.37.143","zone
> .network.type":"Advanced","router.ip":"169.254.1.235","router.name":"r-44137-VM"},"wait":0}}]
>  }
> 2015-07-31 13:08:12,204 DEBUG [cloud.agent.Agent] 
> (agentRequest-Handler-4:null) Processing command: 
> com.cloud.agent.api.routing.IpAssocVpcCommand
> 2015-07-31 13:08:12,206 DEBUG [kvm.resource.LibvirtComputingResource] 
> (agentRequest-Handler-4:null) Executing: 
> /usr/share/cloudstack-common/scripts/network/domr/router_proxy.sh 
> vpc_ipassoc.sh 169.254.1.235  -A
>   -l xx.22.37.145 -c eth2 -g xx.22.37.129 -m 25 -n xx.22.37.128
> As you see, the vpc_assoc.sh script is instructed to use the wrong eth 
> interface.
> See also:
> core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java
> api/src/com/cloud/agent/api/to/IpAddressTO.java



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)