incubator-cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chiradeep Vittal <Chiradeep.Vit...@citrix.com>
Subject Re: IPtables deb in source repo
Date Fri, 03 Aug 2012 21:51:29 GMT


On 8/3/12 2:37 PM, "David Nalley" <david@gnsa.us> wrote:

>On Fri, Aug 3, 2012 at 5:21 PM, Edison Su <Edison.su@citrix.com> wrote:
>> We can put the binary into somewhere, but in the source code.
>>
>>> -----Original Message-----
>>> From: Chiradeep Vittal [mailto:Chiradeep.Vittal@citrix.com]
>>> Sent: Friday, August 03, 2012 2:13 PM
>>> To: CloudStack DeveloperList
>>> Subject: Re: IPtables deb in source repo
>>>
>>> However this means that if someone wants to build a system vm
>>> themselves
>>> (to add new packages for example), this fix will not be available.
>>>
>>> On 8/3/12 1:43 PM, "Edison Su" <Edison.su@citrix.com> wrote:
>>>
>>> >From the git log:
>>> >commit aeda3f3a1c64efa1deb34f7fcb280e4155c4fe7d
>>> >Author: Sheng Yang <sheng.yang@cloud.com>
>>> >Date:   Wed Dec 28 17:35:09 2011 -0800
>>> >
>>> >    bug 11056: Add customized iptables and kernel modules to the
>>> system
>>> >template
>>> >
>>> >    The new kernel module xt_CHECKSUM.ko is based on [1], and back
>>> ported
>>> >to 2.6.32
>>> >    kernel. New iptables is based on adding a new extension from [2].
>>> >
>>> >    [1]https://lwn.net/Articles/396466/
>>> >
>>> >[2]https://git.netfilter.org/cgi-
>>> bin/gitweb.cgi?p=iptables.git;a=commit;h=
>>> >9d1b11102b53103c00b7fddf4658a4d2bdee1338
>>> >
>>> >    status 11056: resolved fixed
>>> >
>>> >
>>> >
>>> >It fixes bug http://bugs.cloud.com/show_bug.cgi?id=11056, that
>>> >debina/ubuntu client can't get ip address in some cases.
>>> >It's ok to remove it from source tree, as the patched iptable binary
>>> >itself is already installed in system vm template.
>
>Did we upstream the patch to debian?
>How will people generate new systemVMs without this (or will it just
>be broken for them)
>
>--David

I believe it is already in Debian wheezy, so this is actually a backport.
Debian backports kernel for Squeeze broke something else (will have to dig
it up), so we couldn't use the backports kernel.

What will break for folks is that:
- if they have a Ubuntu/Debian VM co-hosted on the same Xen hypervisor as
the virtual router then DHCP fails.

The workaround is to patch their dhclient from the Centos repository.
 


Mime
View raw message