Return-Path: X-Original-To: apmail-cloudstack-issues-archive@www.apache.org Delivered-To: apmail-cloudstack-issues-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id DCC19FD84 for ; Fri, 3 May 2013 10:24:22 +0000 (UTC) Received: (qmail 39716 invoked by uid 500); 3 May 2013 10:24:22 -0000 Delivered-To: apmail-cloudstack-issues-archive@cloudstack.apache.org Received: (qmail 39534 invoked by uid 500); 3 May 2013 10:24:17 -0000 Mailing-List: contact issues-help@cloudstack.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cloudstack.apache.org Delivered-To: mailing list issues@cloudstack.apache.org Received: (qmail 39485 invoked by uid 500); 3 May 2013 10:24:16 -0000 Delivered-To: apmail-incubator-cloudstack-issues@incubator.apache.org Received: (qmail 39454 invoked by uid 99); 3 May 2013 10:24:16 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 03 May 2013 10:24:16 +0000 Date: Fri, 3 May 2013 10:24:15 +0000 (UTC) From: "Abhinav Roy (JIRA)" To: cloudstack-issues@incubator.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Closed] (CLOUDSTACK-2088) [Dedicated Resources : Public IP Addresses per tenant]Guest Network in a project acquires IPs at random even from the IP ranges which are dedicated to other accounts MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/CLOUDSTACK-2088?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Abhinav Roy closed CLOUDSTACK-2088. ----------------------------------- Closing the bug after verifying the fix with the latest build > [Dedicated Resources : Public IP Addresses per tenant]Guest Network in a project acquires IPs at random even from the IP ranges which are dedicated to other accounts > --------------------------------------------------------------------------------------------------------------------------------------------------------------------- > > Key: CLOUDSTACK-2088 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-2088 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the default.) > Components: Projects > Affects Versions: 4.2.0 > Reporter: Abhinav Roy > Assignee: Likitha Shetty > Fix For: 4.2.0 > > > Steps : > =============================== > 1. Deploy an advanced networking setup and create an account A1 > 2. Now login as user of account A1 and create a project P1. > 3. Browse in to the project view, create a guest network and acquire IPs > Expected behaviour : > =============================== > 1. The project should acquire IPs from the system pool unless some IP range is dedicated specifically to that project account. > Observed behaviour : > =============================== > 1. The project network acquires IPs at random from any available range, it even acquires IPs from the ranges which are dedicated to some other account. > Example : > ------------------------------------------------------------- > Consider a IP range whose vlan_db_id is 4 > mysql> SELECT * FROM cloud.vlan where id=4; > +----+--------------------------------------+----------+--------------+---------------+-----------------------------+----------------+----------------+------------+---------------------+-------------+----------+-----------+ > | id | uuid | vlan_id | vlan_gateway | vlan_netmask | description | vlan_type | data_center_id | network_id | physical_network_id | ip6_gateway | ip6_cidr | ip6_range | > +----+--------------------------------------+----------+--------------+---------------+-----------------------------+----------------+----------------+------------+---------------------+-------------+----------+-----------+ > | 4 | 1edd2349-8183-4ac2-b1a0-47d5a7309070 | untagged | 10.102.192.1 | 255.255.252.0 | 10.102.195.37-10.102.195.40 | VirtualNetwork | 1 | 200 | 200 | NULL | NULL | NULL | > +----+--------------------------------------+----------+--------------+---------------+-----------------------------+----------------+----------------+------------+---------------------+-------------+----------+-----------+ > 2 rows in set (0.00 sec) > Now look in the account_vlan_map table and see to which account this range is mapped to > +----+------------+------------+ > | id | account_id | vlan_db_id | > +----+------------+------------+ > | 27 | 7 | 4 | > +----+------------+------------+ > Again when we see in the user_ip_addresses table we find that some other account (no. 9 the project account) has been allocated the IPs which are dedicated to account 7 > mysql> SELECT * FROM cloud.user_ip_address where account_id=9; > +----+--------------------------------------+------------+-----------+-------------------+----------------+------------+---------------------+------------+----------------+-------+-----------+-------------+-------------------+------------+---------------------+-----------+--------+-----------+ > | id | uuid | account_id | domain_id | public_ip_address | data_center_id | source_nat | allocated | vlan_db_id | one_to_one_nat | vm_id | state | mac_address | source_network_id | network_id | physical_network_id | is_system | vpc_id | dnat_vmip | > +----+--------------------------------------+------------+-----------+-------------------+----------------+------------+---------------------+------------+----------------+-------+-----------+-------------+-------------------+------------+---------------------+-----------+--------+-----------+ > | 15 | c34390a3-ce8c-4976-8fe9-c52a56422f24 | 9 | 4 | 10.102.195.34 | 1 | 1 | 2013-04-18 07:33:33 | 3 | 0 | NULL | Allocated | 25 | 200 | 211 | 200 | 0 | NULL | NULL | > | 16 | 1e25de1f-b51b-4a4d-8c93-203a3780a2ac | 9 | 4 | 10.102.195.35 | 1 | 0 | 2013-04-18 07:33:53 | 3 | 0 | NULL | Allocated | 26 | 200 | 211 | 200 | 0 | NULL | NULL | > | 17 | 8babc613-dfaf-4644-93fc-3efe01812e4a | 9 | 4 | 10.102.195.36 | 1 | 0 | 2013-04-18 10:58:11 | 3 | 0 | NULL | Allocated | 27 | 200 | 211 | 200 | 0 | NULL | NULL | > | 18 | 316c39cb-97d6-4c14-b766-9bc97a2c0fef | 9 | 4 | 10.102.195.37 | 1 | 0 | 2013-04-18 11:38:17 | 4 | 0 | NULL | Allocated | 28 | 200 | 211 | 200 | 0 | NULL | NULL | > | 19 | 82d0f50f-070f-4313-877d-21edf7f13c26 | 9 | 4 | 10.102.195.38 | 1 | 0 | 2013-04-18 11:43:59 | 4 | 0 | NULL | Allocated | 29 | 200 | 211 | 200 | 0 | NULL | NULL | > +----+--------------------------------------+------------+-----------+-------------------+----------------+------------+---------------------+------------+----------------+-------+-----------+-------------+-------------------+------------+---------------------+-----------+--------+-----------+ > 5 rows in set (0.00 sec) > mysql> SELECT * FROM cloud.account where id=9; > +----+------------------------------+--------------------------------------+------+-----------+---------+---------+----------------+----------------+-----------------+ > | id | account_name | uuid | type | domain_id | state | removed | cleanup_needed | network_domain | default_zone_id | > +----+------------------------------+--------------------------------------+------+-----------+---------+---------+----------------+----------------+-----------------+ > | 9 | PrjAcct-dom11-user-project-4 | 62ce573d-1dae-4ae2-a385-86cc2687efea | 5 | 4 | enabled | NULL | 0 | NULL | NULL | > +----+------------------------------+--------------------------------------+------+-----------+---------+---------+----------------+----------------+-----------------+ > 1 row in set (0.00 sec) -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira