cloudstack-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hugo Trippaers (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (CLOUDSTACK-2804) getEthByIp function in vpc_func.sh can return the wrong network interface
Date Mon, 03 Jun 2013 08:54:21 GMT

     [ https://issues.apache.org/jira/browse/CLOUDSTACK-2804?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Hugo Trippaers updated CLOUDSTACK-2804:
---------------------------------------

    Fix Version/s: 4.2.0
    
> getEthByIp function in vpc_func.sh can return the wrong network interface
> -------------------------------------------------------------------------
>
>                 Key: CLOUDSTACK-2804
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-2804
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the default.) 
>    Affects Versions: 4.0.2
>            Reporter: Hugo Trippaers
>            Assignee: Hugo Trippaers
>             Fix For: 4.2.0
>
>
> Depending on the netmasks used it is possible that the broadcast address of one network
matches the ip address of another interface. 
> In the case of adding a loadbalancer configuration this can result in the firewall rules
being applied on the wrong network.
> Example Router VM network config
> 4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen
1000
>     link/ether 02:00:34:05:00:03 brd ff:ff:ff:ff:ff:ff
>     inet 10.75.2.65/26 brd 10.75.2.127 scope global eth2
> 5: eth3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen
1000
>     link/ether 02:00:57:4b:00:04 brd ff:ff:ff:ff:ff:ff
>     inet 10.75.2.1/26 brd 10.75.2.63 scope global eth3
> This is the function:
> getEthByIp (){
>   local ip=$1
>   for dev in `ls -1 /sys/class/net | grep eth`
>   do
>     sudo ip addr show dev $dev | grep $ip > /dev/null
>     if [ $? -eq 0 ]
>     then
>       echo $dev
>       return 0
>     fi
>   done
>   return 1
> }
> Example with the above router VM config:
> root@r-1784-VM:/opt/cloud/bin# sudo ip addr show dev eth2 | grep 10.75.2.1
>     inet 10.75.2.65/26 brd 10.75.2.127 scope global eth2
> root@r-1784-VM:/opt/cloud/bin# sudo ip addr show dev eth3 | grep 10.75.2.1
>     inet 10.75.2.1/26 brd 10.75.2.63 scope global eth3
> root@r-1784-VM:/opt/cloud/bin# 
> In this case we want eth3 as device, but it first matches on eth2, since the broadcast
address of eth2 is the first match.
> A possible solution would be to grep for "inet $ip/" instead of just $ip. This has only
been tested with the loadbalancer case.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message