[jira] [Commented] (CLOUDSTACK-1170) Redundant router: MAC addresses are different for additional public nics

Wed, 13 Mar 2013 15:54:13 -0700 

    [ 
https://issues.apache.org/jira/browse/CLOUDSTACK-1170?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13601764#comment-13601764
 ] 

Sheng Yang commented on CLOUDSTACK-1170:
----------------------------------------

It's kind of messed up. 

Since we associate ip addresses when there is a service associate with it, it's 
very hard to get the same mac for additional vlans, even we allocate same MAC 
for the same ip.

Consider following case:
1. Create RvR, acquire following ip in following sequence(in three public 
vlans):

10.223.1.20/24
10.223.1.23/24
10.223.2.23/24
10.223.2.25/24
10.223.2.20/24
10.223.3.23/24
10.223.3.25/24
10.223.3.24/24

2. Enable service on 10.223.2.23/24 and 10.223.3.24/24(e.g. port forwarding or 
firewall)
3. Enable service on 10.223.2.20/24, 10.223.2.25/24 and 10.223.3.25/24, 
10.223.3.23/24.
4. Destroy BACKUP router, recreate it using restartNetwork with cleanup=false.

At step 2, a new nic would be created at both VR, using MAC generated according 
to ip 10.223.2.23/24 and 10.223.3.24/24

At step 4, a new set of command would send to VR to create new nic, and IPs are 
in different sequence compared to step 2, so it would create different MAC for 
them(even the MAC for each IP is determined).

We probably need to send ip in the same sequence everytime to the VR.
                
> Redundant router: MAC addresses are different for additional public nics
> ------------------------------------------------------------------------
>
>                 Key: CLOUDSTACK-1170
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-1170
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the 
> default.) 
>          Components: Network Controller
>            Reporter: Sheng Yang
>            Assignee: Sheng Yang
>             Fix For: 4.1.0
>
>
> We should allocate same MAC addresses for the same public ip(because in 
> VRRP’s RFC, they mentioned the interface should have the same MAC address). 
> We use some random bits in our generated MAC for “security reason”, result in 
> everytime we get these public address we would get a new MAC for it. 
> And all the additional nics are not recorded in the nic table, so there is no 
> way for us to track it.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to