You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@cloudstack.apache.org by "ASF subversion and git services (JIRA)" <ji...@apache.org> on 2013/06/03 10:54:20 UTC

[jira] [Commented] (CLOUDSTACK-2804) getEthByIp function in vpc_func.sh can return the wrong network interface

    [ https://issues.apache.org/jira/browse/CLOUDSTACK-2804?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13672912#comment-13672912 ] 

ASF subversion and git services commented on CLOUDSTACK-2804:
-------------------------------------------------------------

Commit 5c9828db7dbff5a18913f576c2ede3ea23a0ef4c in branch refs/heads/master from Hugo Trippaers <ht...@schubergphilis.com>
[ https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;h=5c9828d ]

CLOUDSTACK-2804 getEthByIp function in vpc_func.sh can return the wrong
network interface

                
> getEthByIp function in vpc_func.sh can return the wrong network interface
> -------------------------------------------------------------------------
>
>                 Key: CLOUDSTACK-2804
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-2804
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the default.) 
>    Affects Versions: 4.0.2
>            Reporter: Hugo Trippaers
>            Assignee: Hugo Trippaers
>
> Depending on the netmasks used it is possible that the broadcast address of one network matches the ip address of another interface. 
> In the case of adding a loadbalancer configuration this can result in the firewall rules being applied on the wrong network.
> Example Router VM network config
> 4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
>     link/ether 02:00:34:05:00:03 brd ff:ff:ff:ff:ff:ff
>     inet 10.75.2.65/26 brd 10.75.2.127 scope global eth2
> 5: eth3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
>     link/ether 02:00:57:4b:00:04 brd ff:ff:ff:ff:ff:ff
>     inet 10.75.2.1/26 brd 10.75.2.63 scope global eth3
> This is the function:
> getEthByIp (){
>   local ip=$1
>   for dev in `ls -1 /sys/class/net | grep eth`
>   do
>     sudo ip addr show dev $dev | grep $ip > /dev/null
>     if [ $? -eq 0 ]
>     then
>       echo $dev
>       return 0
>     fi
>   done
>   return 1
> }
> Example with the above router VM config:
> root@r-1784-VM:/opt/cloud/bin# sudo ip addr show dev eth2 | grep 10.75.2.1
>     inet 10.75.2.65/26 brd 10.75.2.127 scope global eth2
> root@r-1784-VM:/opt/cloud/bin# sudo ip addr show dev eth3 | grep 10.75.2.1
>     inet 10.75.2.1/26 brd 10.75.2.63 scope global eth3
> root@r-1784-VM:/opt/cloud/bin# 
> In this case we want eth3 as device, but it first matches on eth2, since the broadcast address of eth2 is the first match.
> A possible solution would be to grep for "inet $ip/" instead of just $ip. This has only been tested with the loadbalancer case.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira