cloudstack-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CLOUDSTACK-9287) As an User I want to use Private Gateways with Redundant VPCs
Date Tue, 05 Apr 2016 08:18:25 GMT

    [ https://issues.apache.org/jira/browse/CLOUDSTACK-9287?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15225873#comment-15225873
] 

ASF GitHub Bot commented on CLOUDSTACK-9287:
--------------------------------------------

Github user dsclose commented on the pull request:

    https://github.com/apache/cloudstack/pull/1413#issuecomment-205716220
  
    @wilderrodrigues @ustcweizhou Sorry to arrive late to the party but this appears to break/ignore
some RvR functionality. 4 things in particular stand out:
    
    1. All public interfaces should be down in both redundanant virtual routers. Non-public
interfaces should be up. The master.py script will bring up public interfaces on master routers.
I had been discussing this with @ustcweizhou on the Cloudstack mailing list, Wei had provided
a solution based upon the check_is_up method of the CsIP class (in CsAddress.py) but the commit
at 8bbea5eeb6598b213b78a324c184841dbba69280 in #1413 appears to contradict what we discussed.
    2. Redundant virtual routers can have multiple public interfaces. Presumably, so can VPC
routers - although I've not experimented with that. The source-NAT IP will be assigned to
eth2 - as will any public IP on the same subnet. Public IPs on different subnets will be assigned
to eth3, eth4, eth5 etc. with a new device being created for each separate subnet. The commit
11e61f7054234e17343e9a11948f1804d732ac6c in #1413 does not account for this.
    3. Because of point 2, we know that a new interface will be created on an RvR when an
IP on a new subnet is assigned to it. Because of point 1, we know that that interface will
be down because the master.py script will not have run since it was created. Currently a failover
must be induced before this interface will be brought up - I'm yet to address this issue because
of point 4, next.
    4. Currently static-NATs do not work on RvR setup when they are on a different subnet
to the source-NAT IP. There are two reasons for this; one is missing iptables config allowing
traffic across interfaces other than eth2. The second reason is that connmarks are being assigned
to outbound traffic from eth0 (guest network) which are being used to match traffic to an
interface in the IP rules. Traffic intended for a public network therefore gets routed out
of the default gateway interface (eth2), breaking any static-NAT traffic on public IPs not
assigned to eth2.
    
    I'd like to contribute to points 3 and 4 but issue #1413 appears to have been marked as
closed. To remedy these points I might need to overwrite code committed as part of this issue,
so it seems best to start a conversation about it before rolling the sleeves up and getting
stuck in.
    
    Are these issues being considered else where?
    



> As an User I want to use Private Gateways with Redundant VPCs
> -------------------------------------------------------------
>
>                 Key: CLOUDSTACK-9287
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9287
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the default.) 
>          Components: Virtual Router
>    Affects Versions: 4.6.0, 4.7.0, 4.8.0
>            Reporter: Wilder Rodrigues
>            Assignee: Wilder Rodrigues
>            Priority: Critical
>             Fix For: 4.9.0
>
>
> Currently we cannot:
> 1. Delete the gateway from a rVPC
> 2. Restart a rVPC that has a private gateway configured
> 3. Have redundancy with private gateway on a rVPC: once master dies the pvt gw is not
properly configured in the new master router



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message