You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cloudstack.apache.org by "Jayapal Reddy (JIRA)" <ji...@apache.org> on 2013/12/03 05:47:35 UTC
[jira] [Resolved] (CLOUDSTACK-5282) KVM - Advanced zone Isolated
networks - Egress rules are not functional because of router having mutiple
nics for the public ip address.
[ https://issues.apache.org/jira/browse/CLOUDSTACK-5282?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jayapal Reddy resolved CLOUDSTACK-5282.
---------------------------------------
Resolution: Cannot Reproduce
It tested by acquiring ip and deployed VMs in that network. Observed NO issues with egress rules.
> KVM - Advanced zone Isolated networks - Egress rules are not functional because of router having mutiple nics for the public ip address.
> -----------------------------------------------------------------------------------------------------------------------------------------
>
> Key: CLOUDSTACK-5282
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-5282
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the default.)
> Components: Management Server
> Affects Versions: 4.3.0
> Environment: Build from 4.3 using 64 bit system templates.
> Reporter: Sangeetha Hariharan
> Assignee: Jayapal Reddy
> Priority: Critical
> Fix For: 4.3.0
>
> Attachments: management-server.rar
>
>
> KVM - Advanced zone Isolated networks - Egress rules are not functional.
> Steps to reproduce the problem:
> Advanced zone with 2 KVM hosts (rhel6.3), Isolated network with 20 vms.
> Create a egress rule to allow all traffic to all cidrs.
> From Vm , try to ping google.com
> We are not able to ping/ssh outside from the VM.
> Egress rules are programmed in the router.
> But I see that the router has as many NICs as the number of Vms that it services asssigned to the same public Ip address but with 2 different MAC address.
> root@r-10-MyTestVM:~# ip route
> default via 10.223.138.129 dev eth2
> 10.1.1.0/24 dev eth0 proto kernel scope link src 10.1.1.1
> 10.223.138.128/26 dev eth2 proto kernel scope link src 10.223.138.137
> 10.223.138.128/26 dev eth3 proto kernel scope link src 10.223.138.137
> 10.223.138.128/26 dev eth4 proto kernel scope link src 10.223.138.137
> 10.223.138.128/26 dev eth5 proto kernel scope link src 10.223.138.137
> 10.223.138.128/26 dev eth6 proto kernel scope link src 10.223.138.137
> 10.223.138.128/26 dev eth7 proto kernel scope link src 10.223.138.137
> 10.223.138.128/26 dev eth8 proto kernel scope link src 10.223.138.137
> 10.223.138.128/26 dev eth9 proto kernel scope link src 10.223.138.137
> 10.223.138.128/26 dev eth10 proto kernel scope link src 10.223.138.137
> 10.223.138.128/26 dev eth11 proto kernel scope link src 10.223.138.137
> 10.223.138.128/26 dev eth12 proto kernel scope link src 10.223.138.137
> 10.223.138.128/26 dev eth13 proto kernel scope link src 10.223.138.137
> 10.223.138.128/26 dev eth14 proto kernel scope link src 10.223.138.137
> 10.223.138.128/26 dev eth15 proto kernel scope link src 10.223.138.137
> 10.223.138.128/26 dev eth16 proto kernel scope link src 10.223.138.137
> 10.223.138.128/26 dev eth17 proto kernel scope link src 10.223.138.137
> 10.223.138.128/26 dev eth18 proto kernel scope link src 10.223.138.137
> 10.223.138.128/26 dev eth19 proto kernel scope link src 10.223.138.137
> 10.223.138.128/26 dev eth20 proto kernel scope link src 10.223.138.137
> 10.223.138.128/26 dev eth21 proto kernel scope link src 10.223.138.137
> 10.223.138.128/26 dev eth22 proto kernel scope link src 10.223.138.137
> 10.223.138.128/26 dev eth23 proto kernel scope link src 10.223.138.137
> 10.223.138.128/26 dev eth24 proto kernel scope link src 10.223.138.137
> 169.254.0.0/16 dev eth1 proto kernel scope link src 169.254.3.13
> root@r-10-MyTestVM:~# ifconfig
> eth0 Link encap:Ethernet HWaddr 02:00:51:27:00:02
> inet addr:10.1.1.1 Bcast:10.1.1.255 Mask:255.255.255.0
> inet6 addr: fe80::51ff:fe27:2/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:757 errors:0 dropped:0 overruns:0 frame:0
> TX packets:324 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:116494 (113.7 KiB) TX bytes:44376 (43.3 KiB)
> eth1 Link encap:Ethernet HWaddr 0e:00:a9:fe:03:0d
> inet addr:169.254.3.13 Bcast:169.254.255.255 Mask:255.255.0.0
> inet6 addr: fe80::c00:a9ff:fefe:30d/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:14587 errors:0 dropped:0 overruns:0 frame:0
> TX packets:13791 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:2392297 (2.2 MiB) TX bytes:2634222 (2.5 MiB)
> eth2 Link encap:Ethernet HWaddr 06:e5:16:00:00:19
> inet addr:10.223.138.137 Bcast:10.223.138.191 Mask:255.255.255.192
> inet6 addr: fe80::4e5:16ff:fe00:19/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:642 errors:0 dropped:0 overruns:0 frame:0
> TX packets:104 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:31140 (30.4 KiB) TX bytes:8472 (8.2 KiB)
> eth3 Link encap:Ethernet HWaddr 06:20:ce:00:00:19
> inet addr:10.223.138.137 Bcast:10.223.138.191 Mask:255.255.255.192
> inet6 addr: fe80::420:ceff:fe00:19/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:616 errors:0 dropped:0 overruns:0 frame:0
> TX packets:5 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:28826 (28.1 KiB) TX bytes:402 (402.0 B)
> eth4 Link encap:Ethernet HWaddr 06:2c:f0:00:00:19
> inet addr:10.223.138.137 Bcast:10.223.138.191 Mask:255.255.255.192
> inet6 addr: fe80::42c:f0ff:fe00:19/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:598 errors:0 dropped:0 overruns:0 frame:0
> TX packets:7 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:27718 (27.0 KiB) TX bytes:486 (486.0 B)
> eth5 Link encap:Ethernet HWaddr 06:32:ae:00:00:19
> inet addr:10.223.138.137 Bcast:10.223.138.191 Mask:255.255.255.192
> inet6 addr: fe80::432:aeff:fe00:19/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:589 errors:0 dropped:0 overruns:0 frame:0
> TX packets:9 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:27256 (26.6 KiB) TX bytes:570 (570.0 B)
> eth6 Link encap:Ethernet HWaddr 06:5d:66:00:00:19
> inet addr:10.223.138.137 Bcast:10.223.138.191 Mask:255.255.255.192
> inet6 addr: fe80::45d:66ff:fe00:19/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:579 errors:0 dropped:0 overruns:0 frame:0
> TX packets:11 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:26732 (26.1 KiB) TX bytes:654 (654.0 B)
> eth7 Link encap:Ethernet HWaddr 06:3b:46:00:00:19
> inet addr:10.223.138.137 Bcast:10.223.138.191 Mask:255.255.255.192
> inet6 addr: fe80::43b:46ff:fe00:19/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:568 errors:0 dropped:0 overruns:0 frame:0
> TX packets:14 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:26234 (25.6 KiB) TX bytes:808 (808.0 B)
> eth8 Link encap:Ethernet HWaddr 06:50:fe:00:00:19
> inet addr:10.223.138.137 Bcast:10.223.138.191 Mask:255.255.255.192
> inet6 addr: fe80::450:feff:fe00:19/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:553 errors:0 dropped:0 overruns:0 frame:0
> TX packets:15 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:25518 (24.9 KiB) TX bytes:822 (822.0 B)
> eth9 Link encap:Ethernet HWaddr 06:b9:ce:00:00:19
> inet addr:10.223.138.137 Bcast:10.223.138.191 Mask:255.255.255.192
> inet6 addr: fe80::4b9:ceff:fe00:19/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:539 errors:0 dropped:0 overruns:0 frame:0
> TX packets:18 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:24930 (24.3 KiB) TX bytes:976 (976.0 B)
> eth10 Link encap:Ethernet HWaddr 06:9f:ce:00:00:19
> inet addr:10.223.138.137 Bcast:10.223.138.191 Mask:255.255.255.192
> inet6 addr: fe80::49f:ceff:fe00:19/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:522 errors:0 dropped:0 overruns:0 frame:0
> TX packets:19 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:24180 (23.6 KiB) TX bytes:990 (990.0 B)
> eth11 Link encap:Ethernet HWaddr 06:ce:f0:00:00:19
> inet addr:10.223.138.137 Bcast:10.223.138.191 Mask:255.255.255.192
> inet6 addr: fe80::4ce:f0ff:fe00:19/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:501 errors:0 dropped:0 overruns:0 frame:0
> TX packets:21 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:23214 (22.6 KiB) TX bytes:1074 (1.0 KiB)
> eth12 Link encap:Ethernet HWaddr 06:27:08:00:00:19
> inet addr:10.223.138.137 Bcast:10.223.138.191 Mask:255.255.255.192
> inet6 addr: fe80::427:8ff:fe00:19/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:480 errors:0 dropped:0 overruns:0 frame:0
> TX packets:23 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:22296 (21.7 KiB) TX bytes:1158 (1.1 KiB)
> eth13 Link encap:Ethernet HWaddr 06:f1:f6:00:00:19
> inet addr:10.223.138.137 Bcast:10.223.138.191 Mask:255.255.255.192
> inet6 addr: fe80::4f1:f6ff:fe00:19/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:457 errors:0 dropped:0 overruns:0 frame:0
> TX packets:26 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:21294 (20.7 KiB) TX bytes:1312 (1.2 KiB)
> eth14 Link encap:Ethernet HWaddr 06:ae:66:00:00:19
> inet addr:10.223.138.137 Bcast:10.223.138.191 Mask:255.255.255.192
> inet6 addr: fe80::4ae:66ff:fe00:19/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:431 errors:0 dropped:0 overruns:0 frame:0
> TX packets:27 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:20152 (19.6 KiB) TX bytes:1326 (1.2 KiB)
> eth15 Link encap:Ethernet HWaddr 06:e3:52:00:00:19
> inet addr:10.223.138.137 Bcast:10.223.138.191 Mask:255.255.255.192
> inet6 addr: fe80::4e3:52ff:fe00:19/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:404 errors:0 dropped:0 overruns:0 frame:0
> TX packets:29 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:18982 (18.5 KiB) TX bytes:1458 (1.4 KiB)
> eth16 Link encap:Ethernet HWaddr 06:af:18:00:00:19
> inet addr:10.223.138.137 Bcast:10.223.138.191 Mask:255.255.255.192
> inet6 addr: fe80::4af:18ff:fe00:19/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:372 errors:0 dropped:0 overruns:0 frame:0
> TX packets:31 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:17518 (17.1 KiB) TX bytes:1494 (1.4 KiB)
> eth17 Link encap:Ethernet HWaddr 06:0c:7a:00:00:19
> inet addr:10.223.138.137 Bcast:10.223.138.191 Mask:255.255.255.192
> inet6 addr: fe80::40c:7aff:fe00:19/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:342 errors:0 dropped:0 overruns:0 frame:0
> TX packets:33 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:16258 (15.8 KiB) TX bytes:1578 (1.5 KiB)
> eth18 Link encap:Ethernet HWaddr 06:e1:62:00:00:19
> inet addr:10.223.138.137 Bcast:10.223.138.191 Mask:255.255.255.192
> inet6 addr: fe80::4e1:62ff:fe00:19/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:309 errors:0 dropped:0 overruns:0 frame:0
> TX packets:35 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:14836 (14.4 KiB) TX bytes:1710 (1.6 KiB)
> eth19 Link encap:Ethernet HWaddr 06:13:46:00:00:19
> inet addr:10.223.138.137 Bcast:10.223.138.191 Mask:255.255.255.192
> inet6 addr: fe80::413:46ff:fe00:19/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:273 errors:0 dropped:0 overruns:0 frame:0
> TX packets:37 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:13274 (12.9 KiB) TX bytes:1794 (1.7 KiB)
> eth20 Link encap:Ethernet HWaddr 06:bf:20:00:00:19
> inet addr:10.223.138.137 Bcast:10.223.138.191 Mask:255.255.255.192
> inet6 addr: fe80::4bf:20ff:fe00:19/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:236 errors:0 dropped:0 overruns:0 frame:0
> TX packets:39 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:11684 (11.4 KiB) TX bytes:1878 (1.8 KiB)
> eth21 Link encap:Ethernet HWaddr 06:33:58:00:00:19
> inet addr:10.223.138.137 Bcast:10.223.138.191 Mask:255.255.255.192
> inet6 addr: fe80::433:58ff:fe00:19/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:195 errors:0 dropped:0 overruns:0 frame:0
> TX packets:41 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:9878 (9.6 KiB) TX bytes:1962 (1.9 KiB)
> eth22 Link encap:Ethernet HWaddr 06:e8:dc:00:00:19
> inet addr:10.223.138.137 Bcast:10.223.138.191 Mask:255.255.255.192
> inet6 addr: fe80::4e8:dcff:fe00:19/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:152 errors:0 dropped:0 overruns:0 frame:0
> TX packets:43 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:7932 (7.7 KiB) TX bytes:2046 (1.9 KiB)
> eth23 Link encap:Ethernet HWaddr 06:57:32:00:00:19
> inet addr:10.223.138.137 Bcast:10.223.138.191 Mask:255.255.255.192
> inet6 addr: fe80::457:32ff:fe00:19/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:109 errors:0 dropped:0 overruns:0 frame:0
> TX packets:45 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:6112 (5.9 KiB) TX bytes:2130 (2.0 KiB)
> eth24 Link encap:Ethernet HWaddr 06:db:f6:00:00:19
> inet addr:10.223.138.137 Bcast:10.223.138.191 Mask:255.255.255.192
> inet6 addr: fe80::4db:f6ff:fe00:19/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:84 errors:0 dropped:0 overruns:0 frame:0
> TX packets:68 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:5386 (5.2 KiB) TX bytes:3096 (3.0 KiB)
> lo Link encap:Local Loopback
> inet addr:127.0.0.1 Mask:255.0.0.0
> inet6 addr: ::1/128 Scope:Host
> UP LOOPBACK RUNNING MTU:16436 Metric:1
> RX packets:2 errors:0 dropped:0 overruns:0 frame:0
> TX packets:2 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:0
> RX bytes:214 (214.0 B) TX bytes:214 (214.0 B)
> root@r-10-MyTestVM:~#
> This seems to be the reason why egress traffic is not being established.
>
--
This message was sent by Atlassian JIRA
(v6.1#6144)