[jira] [Commented] (CLOUDSTACK-9317) Disabling static NAT on many IPs can leave wrong IPs on the router

["ASF subversion and git services (JIRA)" <ji...@apache.org>]

    [ https://issues.apache.org/jira/browse/CLOUDSTACK-9317?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16015530#comment-16015530 ] 

ASF subversion and git services commented on CLOUDSTACK-9317:
-------------------------------------------------------------

Commit c20e0ef88f133065cabe7189d787c4d56848abb6 in cloudstack's branch refs/heads/master from Jayapal
[ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=c20e0ef ]

CLOUDSTACK-9317: Fixed disable static nat on leaving ips on interface


> Disabling static NAT on many IPs can leave wrong IPs on the router
> ------------------------------------------------------------------
>
>                 Key: CLOUDSTACK-9317
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9317
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the default.) 
>          Components: Management Server, Virtual Router
>    Affects Versions: 4.7.0, 4.7.1, 4.7.2
>            Reporter: Jeff Hair
>
> The current behavior of enabling or disabling static NAT will call the apply IP associations method in the management server. The method is not thread-safe. If it's called from multiple threads, each thread will load up the list of public IPs in different states (add or revoke)--correct for the thread, but not correct overall. Depending on execution order on the virtual router, the router can end up with public IPs assigned to it that are not supposed to be on it anymore. When another account acquires the same IP, this of course leads to network problems.
> The problem has been in CS since at least 4.2, and likely affects all recently released versions. Affected version is set to 4.7.x because that's what we verified against.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)